{"id":6420,"date":"2018-01-04T11:05:23","date_gmt":"2018-01-04T10:05:23","guid":{"rendered":"https:\/\/www.uni.lu\/fr\/events\/research-seminar-engineering-privacy-through-integrated-policy-and-source-code-analysis\/"},"modified":"2018-01-04T11:05:23","modified_gmt":"2018-01-04T10:05:23","slug":"research-seminar-engineering-privacy-through-integrated-policy-and-source-code-analysis","status":"publish","type":"events","link":"https:\/\/www.uni.lu\/fr\/events\/research-seminar-engineering-privacy-through-integrated-policy-and-source-code-analysis\/","title":{"rendered":"Research Seminar: Engineering Privacy through Integrated Policy and Source Code Analysis"},"content":{"rendered":"<section class=\"wp-block-unilux-blocks-free-section section\"><div class=\"container xl:max-w-screen-xl\"><p>While pervasive and ubiquitous computing provides individuals with increased access to information and automated decision making, this access can affect personal privacy through increased collection, sharing and use of personal information. The EU General Data Protection Regulation (GDPR) introduces privacy by design, while recent U.S. government guidance emphasizes responsible use, in which original data collection purposes are preserved and propagated to verify that subsequent uses are consistent with the data subject&rsquo;s original expectations. This emphasis highlights the need for a reliable privacy semantics, which organizations can use to predict how their data collection, use and sharing practices affect personal privacy.<\/p><p>To address this challenge, we designed a domain specific language, called Eddy, that has a formal semantics expressed in Description Logic and enables reasoning over privacy practices commonly found in online privacy policies. This includes checking whether a policy violates the OECD collection or use limitation principles, which have been an international standard for over 35 years. Using Eddy, data users can express their needs in the context of a larger privacy policy framework maintained by their organization. The framework supports sharing information with third parties and allows users to check the OECD properties across third-party data flows and within third-party policies. This research reveals that the semantics of privacy is potentially unbounded, wherein each party uses slightly different terminology to describe and regulate personal data use through policies, which is a potential source of policy ambiguity and inconsistency and which becomes an obstruction to formal analysis. To align policy analysis with system analysis, we extended our framework to check mobile app source code for privacy policy violations using static and dynamic analysis, and to measure privacy risk to individuals as a means to inform developers about how to prioritize privacy controls with increased data sensitivity.<\/p><p><strong>Travis D. Breaux<\/strong> is an Associate Professor of Computer Science, appointed in the Institute for Software Research of the School of Computer Science at Carnegie Mellon University. Dr. Breaux&rsquo;s research program searches for new methods and tools for developing correct software specifications and ensuring that software systems conform to those specifications in a transparent, reliable and trustworthy manner. This includes demonstrating compliance with U.S. and international privacy and security laws, policies and standards. Dr. Breaux is the Director of the Requirements Engineering Laboratory at Carnegie Mellon University. Dr. Breaux has several publications in ACM and IEEE-sponsored journals and conference proceedings, including best paper nominations and an honorable mention for a 10-year most influential paper award. Dr. Breaux is a member of the ACM SIGSOFT, IEEE Computer Society and USACM Public Policy Committee.<\/p><\/div><\/section>","protected":false},"excerpt":{"rendered":"<p>While pervasive and ubiquitous computing provides individuals with increased access to information and automated decision making, this access can affect personal privacy through increased collection, sharing and use of personal information. The EU General Data Protection Regulation (GDPR) introduces privacy by design, while recent U.S. government guidance emphasizes responsible use, in which original data collection purposes are preserved and propagated to verify that subsequent uses are consistent with the data subject&rsquo;s original expectations. This emphasis highlights the need for a reliable privacy semantics, which organizations can use to predict how their data collection, use and sharing practices affect personal privacy.<\/p>\n","protected":false},"author":0,"featured_media":6421,"parent":0,"menu_order":0,"comment_status":"open","ping_status":"closed","template":"","format":"standard","meta":{"featured_image_focal_point":[],"show_featured_caption":false,"ulux_newsletter_groups":"","uluxPostTitle":"","uluxPrePostTitle":"","_trash_the_other_posts":false,"_price":"","_stock":"","_tribe_ticket_header":"","_tribe_default_ticket_provider":"","_tribe_ticket_capacity":"0","_ticket_start_date":"","_ticket_end_date":"","_tribe_ticket_show_description":"","_tribe_ticket_show_not_going":false,"_tribe_ticket_use_global_stock":"","_tribe_ticket_global_stock_level":"","_global_stock_mode":"","_global_stock_cap":"","_tribe_rsvp_for_event":"","_tribe_ticket_going_count":"","_tribe_ticket_not_going_count":"","_tribe_tickets_list":"[]","_tribe_ticket_has_attendee_info_fields":false,"event_start_date":"2018-01-16 14:30:00","event_end_date":"2018-01-16 15:30:00","event_speaker_name":"Prof. Travis D. Breaux (Carnegie Mellon University)","event_speaker_link":"","event_is_online":false,"event_location":"Room E004, JFK Building","event_street":"29 Avenue J.F. Kennedy","event_location_link":"","event_zip_code":" L-1855","event_city":"Kirchberg","event_country":"LU"},"events-topic":[],"events-type":[],"organisation":[25,184,226],"authorship":[],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v22.3 (Yoast SEO v22.3) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Research Seminar: Engineering Privacy through Integrated Policy and Source Code Analysis - Universit\u00e9 du Luxembourg<\/title>\n<meta name=\"description\" content=\"While pervasive and ubiquitous computing provides individuals with increased access to information and automated decision making, this access can affect personal privacy through increased collection, sharing and use of personal information. The EU General Data Protection Regulation (GDPR) introduces privacy by design, while recent U.S. government guidance emphasizes responsible use, in which original data collection purposes are preserved and propagated to verify that subsequent uses are consistent with the data subject&#039;s original expectations. This emphasis highlights the need for a reliable privacy semantics, which organizations can use to predict how their data collection, use and sharing practices affect personal privacy.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.uni.lu\/fr\/events\/research-seminar-engineering-privacy-through-integrated-policy-and-source-code-analysis\/\" \/>\n<meta property=\"og:locale\" content=\"fr_FR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Research Seminar: Engineering Privacy through Integrated Policy and Source Code Analysis\" \/>\n<meta property=\"og:description\" content=\"While pervasive and ubiquitous computing provides individuals with increased access to information and automated decision making, this access can affect personal privacy through increased collection, sharing and use of personal information. The EU General Data Protection Regulation (GDPR) introduces privacy by design, while recent U.S. government guidance emphasizes responsible use, in which original data collection purposes are preserved and propagated to verify that subsequent uses are consistent with the data subject&#039;s original expectations. This emphasis highlights the need for a reliable privacy semantics, which organizations can use to predict how their data collection, use and sharing practices affect personal privacy.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.uni.lu\/fr\/events\/research-seminar-engineering-privacy-through-integrated-policy-and-source-code-analysis\/\" \/>\n<meta property=\"og:site_name\" content=\"UNI FR\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/uni.lu\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.uni.lu\/wp-content\/uploads\/sites\/11\/2026\/03\/03120045\/UNIV_SM-Profile_1600x1600px-scaled.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"2560\" \/>\n\t<meta property=\"og:image:height\" content=\"2560\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Dur\u00e9e de lecture estim\u00e9e\" \/>\n\t<meta name=\"twitter:data1\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.uni.lu\/fr\/events\/research-seminar-engineering-privacy-through-integrated-policy-and-source-code-analysis\/\",\"url\":\"https:\/\/www.uni.lu\/fr\/events\/research-seminar-engineering-privacy-through-integrated-policy-and-source-code-analysis\/\",\"name\":\"Research Seminar: Engineering Privacy through Integrated Policy and Source Code Analysis - Universit\u00e9 du Luxembourg\",\"isPartOf\":{\"@id\":\"https:\/\/www.uni.lu\/fr\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.uni.lu\/fr\/events\/research-seminar-engineering-privacy-through-integrated-policy-and-source-code-analysis\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.uni.lu\/fr\/events\/research-seminar-engineering-privacy-through-integrated-policy-and-source-code-analysis\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.uni.lu\/wp-content\/uploads\/sites\/11\/2018\/01\/research_seminar_engineering_privacy_through_integrated_policy_and_source_code_analysis.jpg\",\"datePublished\":\"2018-01-04T10:05:23+00:00\",\"dateModified\":\"2018-01-04T10:05:23+00:00\",\"description\":\"While pervasive and ubiquitous computing provides individuals with increased access to information and automated decision making, this access can affect personal privacy through increased collection, sharing and use of personal information. The EU General Data Protection Regulation (GDPR) introduces privacy by design, while recent U.S. government guidance emphasizes responsible use, in which original data collection purposes are preserved and propagated to verify that subsequent uses are consistent with the data subject's original expectations. This emphasis highlights the need for a reliable privacy semantics, which organizations can use to predict how their data collection, use and sharing practices affect personal privacy.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.uni.lu\/fr\/events\/research-seminar-engineering-privacy-through-integrated-policy-and-source-code-analysis\/#breadcrumb\"},\"inLanguage\":\"fr-FR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.uni.lu\/fr\/events\/research-seminar-engineering-privacy-through-integrated-policy-and-source-code-analysis\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\/\/www.uni.lu\/fr\/events\/research-seminar-engineering-privacy-through-integrated-policy-and-source-code-analysis\/#primaryimage\",\"url\":\"https:\/\/www.uni.lu\/wp-content\/uploads\/sites\/11\/2018\/01\/research_seminar_engineering_privacy_through_integrated_policy_and_source_code_analysis.jpg\",\"contentUrl\":\"https:\/\/www.uni.lu\/wp-content\/uploads\/sites\/11\/2018\/01\/research_seminar_engineering_privacy_through_integrated_policy_and_source_code_analysis.jpg\",\"width\":800,\"height\":600},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.uni.lu\/fr\/events\/research-seminar-engineering-privacy-through-integrated-policy-and-source-code-analysis\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.uni.lu\/fr\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Events\",\"item\":\"https:\/\/www.uni.lu\/fr\/events\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Research Seminar: Engineering Privacy through Integrated Policy and Source Code Analysis\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.uni.lu\/fr\/#website\",\"url\":\"https:\/\/www.uni.lu\/fr\/\",\"name\":\"Uni.lu\",\"description\":\"Universit\u00e9 du Luxembourg\",\"publisher\":{\"@id\":\"https:\/\/www.uni.lu\/fr\/#organization\"},\"alternateName\":\"Universit\u00e9 du Luxembourg\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.uni.lu\/fr\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"fr-FR\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.uni.lu\/fr\/#organization\",\"name\":\"Universit\u00e9 du Luxembourg\",\"alternateName\":\"Uni.lu\",\"url\":\"https:\/\/www.uni.lu\/fr\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\/\/www.uni.lu\/fr\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.uni.lu\/wp-content\/uploads\/sites\/11\/2026\/03\/03120045\/UNIV_SM-Profile_1600x1600px-scaled.jpg\",\"contentUrl\":\"https:\/\/www.uni.lu\/wp-content\/uploads\/sites\/11\/2026\/03\/03120045\/UNIV_SM-Profile_1600x1600px-scaled.jpg\",\"width\":2560,\"height\":2560,\"caption\":\"Universit\u00e9 du Luxembourg\"},\"image\":{\"@id\":\"https:\/\/www.uni.lu\/fr\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/uni.lu\",\"https:\/\/www.linkedin.com\/school\/university-of-luxembourg\/\",\"https:\/\/www.instagram.com\/uni.lu\",\"https:\/\/www.youtube.com\/@uni_lu\",\"https:\/\/en.wikipedia.org\/wiki\/University_of_Luxembourg\"]}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Research Seminar: Engineering Privacy through Integrated Policy and Source Code Analysis - Universit\u00e9 du Luxembourg","description":"While pervasive and ubiquitous computing provides individuals with increased access to information and automated decision making, this access can affect personal privacy through increased collection, sharing and use of personal information. The EU General Data Protection Regulation (GDPR) introduces privacy by design, while recent U.S. government guidance emphasizes responsible use, in which original data collection purposes are preserved and propagated to verify that subsequent uses are consistent with the data subject's original expectations. This emphasis highlights the need for a reliable privacy semantics, which organizations can use to predict how their data collection, use and sharing practices affect personal privacy.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.uni.lu\/fr\/events\/research-seminar-engineering-privacy-through-integrated-policy-and-source-code-analysis\/","og_locale":"fr_FR","og_type":"article","og_title":"Research Seminar: Engineering Privacy through Integrated Policy and Source Code Analysis","og_description":"While pervasive and ubiquitous computing provides individuals with increased access to information and automated decision making, this access can affect personal privacy through increased collection, sharing and use of personal information. The EU General Data Protection Regulation (GDPR) introduces privacy by design, while recent U.S. government guidance emphasizes responsible use, in which original data collection purposes are preserved and propagated to verify that subsequent uses are consistent with the data subject's original expectations. This emphasis highlights the need for a reliable privacy semantics, which organizations can use to predict how their data collection, use and sharing practices affect personal privacy.","og_url":"https:\/\/www.uni.lu\/fr\/events\/research-seminar-engineering-privacy-through-integrated-policy-and-source-code-analysis\/","og_site_name":"UNI FR","article_publisher":"https:\/\/www.facebook.com\/uni.lu","og_image":[{"width":2560,"height":2560,"url":"https:\/\/www.uni.lu\/wp-content\/uploads\/sites\/11\/2026\/03\/03120045\/UNIV_SM-Profile_1600x1600px-scaled.jpg","type":"image\/jpeg"}],"twitter_card":"summary_large_image","twitter_misc":{"Dur\u00e9e de lecture estim\u00e9e":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.uni.lu\/fr\/events\/research-seminar-engineering-privacy-through-integrated-policy-and-source-code-analysis\/","url":"https:\/\/www.uni.lu\/fr\/events\/research-seminar-engineering-privacy-through-integrated-policy-and-source-code-analysis\/","name":"Research Seminar: Engineering Privacy through Integrated Policy and Source Code Analysis - Universit\u00e9 du Luxembourg","isPartOf":{"@id":"https:\/\/www.uni.lu\/fr\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.uni.lu\/fr\/events\/research-seminar-engineering-privacy-through-integrated-policy-and-source-code-analysis\/#primaryimage"},"image":{"@id":"https:\/\/www.uni.lu\/fr\/events\/research-seminar-engineering-privacy-through-integrated-policy-and-source-code-analysis\/#primaryimage"},"thumbnailUrl":"https:\/\/www.uni.lu\/wp-content\/uploads\/sites\/11\/2018\/01\/research_seminar_engineering_privacy_through_integrated_policy_and_source_code_analysis.jpg","datePublished":"2018-01-04T10:05:23+00:00","dateModified":"2018-01-04T10:05:23+00:00","description":"While pervasive and ubiquitous computing provides individuals with increased access to information and automated decision making, this access can affect personal privacy through increased collection, sharing and use of personal information. The EU General Data Protection Regulation (GDPR) introduces privacy by design, while recent U.S. government guidance emphasizes responsible use, in which original data collection purposes are preserved and propagated to verify that subsequent uses are consistent with the data subject's original expectations. This emphasis highlights the need for a reliable privacy semantics, which organizations can use to predict how their data collection, use and sharing practices affect personal privacy.","breadcrumb":{"@id":"https:\/\/www.uni.lu\/fr\/events\/research-seminar-engineering-privacy-through-integrated-policy-and-source-code-analysis\/#breadcrumb"},"inLanguage":"fr-FR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.uni.lu\/fr\/events\/research-seminar-engineering-privacy-through-integrated-policy-and-source-code-analysis\/"]}]},{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/www.uni.lu\/fr\/events\/research-seminar-engineering-privacy-through-integrated-policy-and-source-code-analysis\/#primaryimage","url":"https:\/\/www.uni.lu\/wp-content\/uploads\/sites\/11\/2018\/01\/research_seminar_engineering_privacy_through_integrated_policy_and_source_code_analysis.jpg","contentUrl":"https:\/\/www.uni.lu\/wp-content\/uploads\/sites\/11\/2018\/01\/research_seminar_engineering_privacy_through_integrated_policy_and_source_code_analysis.jpg","width":800,"height":600},{"@type":"BreadcrumbList","@id":"https:\/\/www.uni.lu\/fr\/events\/research-seminar-engineering-privacy-through-integrated-policy-and-source-code-analysis\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.uni.lu\/fr\/"},{"@type":"ListItem","position":2,"name":"Events","item":"https:\/\/www.uni.lu\/fr\/events\/"},{"@type":"ListItem","position":3,"name":"Research Seminar: Engineering Privacy through Integrated Policy and Source Code Analysis"}]},{"@type":"WebSite","@id":"https:\/\/www.uni.lu\/fr\/#website","url":"https:\/\/www.uni.lu\/fr\/","name":"Uni.lu","description":"Universit\u00e9 du Luxembourg","publisher":{"@id":"https:\/\/www.uni.lu\/fr\/#organization"},"alternateName":"Universit\u00e9 du Luxembourg","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.uni.lu\/fr\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"fr-FR"},{"@type":"Organization","@id":"https:\/\/www.uni.lu\/fr\/#organization","name":"Universit\u00e9 du Luxembourg","alternateName":"Uni.lu","url":"https:\/\/www.uni.lu\/fr\/","logo":{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/www.uni.lu\/fr\/#\/schema\/logo\/image\/","url":"https:\/\/www.uni.lu\/wp-content\/uploads\/sites\/11\/2026\/03\/03120045\/UNIV_SM-Profile_1600x1600px-scaled.jpg","contentUrl":"https:\/\/www.uni.lu\/wp-content\/uploads\/sites\/11\/2026\/03\/03120045\/UNIV_SM-Profile_1600x1600px-scaled.jpg","width":2560,"height":2560,"caption":"Universit\u00e9 du Luxembourg"},"image":{"@id":"https:\/\/www.uni.lu\/fr\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/uni.lu","https:\/\/www.linkedin.com\/school\/university-of-luxembourg\/","https:\/\/www.instagram.com\/uni.lu","https:\/\/www.youtube.com\/@uni_lu","https:\/\/en.wikipedia.org\/wiki\/University_of_Luxembourg"]}]}},"_links":{"self":[{"href":"https:\/\/www.uni.lu\/fr\/wp-json\/wp\/v2\/events\/6420"}],"collection":[{"href":"https:\/\/www.uni.lu\/fr\/wp-json\/wp\/v2\/events"}],"about":[{"href":"https:\/\/www.uni.lu\/fr\/wp-json\/wp\/v2\/types\/events"}],"replies":[{"embeddable":true,"href":"https:\/\/www.uni.lu\/fr\/wp-json\/wp\/v2\/comments?post=6420"}],"version-history":[{"count":0,"href":"https:\/\/www.uni.lu\/fr\/wp-json\/wp\/v2\/events\/6420\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.uni.lu\/fr\/wp-json\/wp\/v2\/media\/6421"}],"wp:attachment":[{"href":"https:\/\/www.uni.lu\/fr\/wp-json\/wp\/v2\/media?parent=6420"}],"wp:term":[{"taxonomy":"events-topic","embeddable":true,"href":"https:\/\/www.uni.lu\/fr\/wp-json\/wp\/v2\/events-topic?post=6420"},{"taxonomy":"events-type","embeddable":true,"href":"https:\/\/www.uni.lu\/fr\/wp-json\/wp\/v2\/events-type?post=6420"},{"taxonomy":"organisation","embeddable":true,"href":"https:\/\/www.uni.lu\/fr\/wp-json\/wp\/v2\/organisation?post=6420"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}