Odoo • Bild und Text

Kai Rannenberg

Keynote: Assessing and appraising apps for privacy in mobile devices and app markets

Abstract: Apps for mobile devices are often not up to the privacy requirements that users should be able to expect. Sometimes apps are not even up to the level of privacy that are promised by their providers. At the same time users often know too little about the privacy properties of the apps they are installing and using, and they receive only little support to learn more.

This presentation will analyse opportunities to better inform users about the privacy properties of apps and enable informed decisions. It will therefore consider typical phases and steps of app acquisition, installation and usage. Then it will analyse how privacy awareness and privacy-protecting decisions can be supported in these scenarios. Some relevant tools will be introduced. An analysis of the state of things and further steps will conclude the presentation.

Bio: Prof. Dr. Kai Rannenberg is holder of the Chair of Mobile Business & Multilateral Security (www.m-chair.de) at Goethe University Frankfurt since 2002 and Visiting Professor at the National Institute for Informatics (Tokyo, Japan) since 2012. Since 2003 he is Chair of the CEPIS (www.cepis.org) Legal & Security Issues Special Interest Network, since 2007 Convenor of the ISO/IEC JTC 1/SC 27/WG 5 “Identity management & privacy technologies”, and since 2015 an IFIP (www.ifip.org) Vice President.

While Kai is currently coordinating CyberSec4Europe, a pilot for the European Cybersecurity Competence Network the EU is aiming for, he has been coordinating several other leading EU research projects, e.g. the Network of Excellence “Future of Identity in the Information Society (FIDIS)” and the Integrated Project “Attribute based Credentials for Trust” (ABC4Trust).

Kai's research interests include:

  • Mobile and embedded systems and Multilateral Security in e.g. M-Business, LBS, transport systems, and industrial applications

  • Privacy and identity management, especially attribute-based authorisation

  • Communication infrastructures and devices, e.g. personal security assistants and services;

  • Security and privacy standardisation, evaluation, and certification.

Below you can download the slides from this presentation: