Contact Tracing Apps: Engineering Privacy in Quicksand

Note: Presentation times are in Pacific Standard Time (PST).

Wednesday, February 03, 2021 - 8:05 am8:35 am

Carmela Troncoso, EPFL


When talking about Contact Tracing Mobile apps, most of the discussion centers on the protocol and its properties. While this is indeed central to the security and privacy of the system, once the protocol is integrated in an app, and in a larger ecosystem including server and health services, more privacy mechanisms are needed to ensure that the privacy properties are kept end to end. When performing this integration, however, the privacy engineer has little control over many of the pieces that are key for operation. In this talk, I will describe how this lack of control results in increasing hurdles for privacy and how we overcame these obstacles in the case of contact tracing apps.

Carmela Troncoso, EPFL

Carmela Troncoso is an assistant professor at EPFL (Switzerland) where she heads the SPRING Lab. Her research focuses on security and privacy. Carmela holds a Master's degree in Telecommunication Engineering from the University of Vigo (2006) and a Ph.D. in Engineering from the KU Leuven in 2011. Before arriving at EPFL, she was a faculty member at the IMDEA Software Institute in Spain for two years; the Security and Privacy Technical Lead at Gradiant, working closely with industry to deliver secure and privacy-friendly solutions to the market for four years. Her thesis, Design and Analysis Methods for Privacy Technologies, received the European Research Consortium for Informatics and Mathematics Security and Trust Management Best Ph.D. Thesis Award, and her work on Privacy Engineering received the CNIL-INRIA Privacy Protection Award in 2017. In 2020, she leads the DP3T effort towards designing and deploying privacy-preserving contact tracing applications. The design principles from DP3T are the basis of dozens of contact tracing apps deployed around the world and led Fortune Magazine to include Carmela in the 40 under 40 list of 2020.

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

@conference {264130,
author = {Carmela Troncoso},
title = {Contact Tracing Apps: Engineering Privacy in Quicksand},
year = {2021},
publisher = {USENIX Association},
month = feb

Presentation Video