Go to PoPETs PETS

Accepted papers for PETS 2026

Issue 1

  • How We Define Privacy Literacy: Teaching Experiences & Challenges of Community-Engaged Privacy Educators
    Tanisha Afnan (University of Michigan), Sheza Naveed (University of Michigan), Griffin Christie (University of Michigan), Jackie Hu (University of Michigan), Byron Lowens (Indiana University at Indianapolis), Allison McDonald (Boston University), and Florian Schaub (University of Michigan)
  • Obscura: Enabling Ephemeral Proxies for Traffic Encapsulation in WebRTC Media Streams Against Cost-Effective Censors
    Afonso Vilalonga (NOVA LINCS, NOVA School of Science and Technology), Kevin Gallagher (NOVA LINCS, NOVA School of Science and Technology), João S. Resende (Universidade do Porto), and Henrique Domingos (NOVA LINCS, NOVA School of Science and Technology)
  • Ad Personalization and Transparency in Mobile Ecosystems: A Comparative Analysis of Google’s and Apple’s EU App Stores Artifact: Available, Functional, Reproduced
    David Breuer (Technical University Darmstadt), Lucas Becker (Technical University Darmstadt), and Matthias Hollick (Technical University Darmstadt)
  • Making Sense of Private Advertising: A Principled Approach to a Complex Ecosystem Artifact: Available, Functional, Reproduced
    Kyle Hogan (MIT), Alishah Chator (Boston University), Gabriel Kaptchuk (University of Maryland), Mayank Varia (Boston University), and Srinivas Devadas (MIT)
  • SilhouetteTell: Practical Video Identification Leveraging Blurred Recordings of Video Subtitles
    Guanchong Huang (University of Oklahoma) and Song Fang (University of Oklahoma)
  • Securing Private Federated Learning in a Malicious Setting: A Scalable TEE-Based Approach with Client Auditing Artifact: Available
    Shun Takagi (LY Corporation) and Satoshi Hasegawa (LY Corporation)
  • Word-level Annotation of GDPR Transparency Compliance in Privacy Policies using Large Language Models Artifact: Available
    Thomas Cory (Technische Universität Berlin), Wolf Rieder (Technische Universität Berlin), Julia Krämer (Erasmus University Rotterdam), Philip Raschke (Technische Universität Berlin), Patrick Herbke (Technische Universität Berlin), and Axel Küpper (Technische Universität Berlin)
  • Privacy vs. Profit: The Impact of Google's Manifest Version 3 (MV3) Update on Ad Blocker Effectiveness
    Karlo Lukic (Goethe University Frankfurt) and Lazaros Papadopoulos (Goethe University Frankfurt)
  • Linguistic Hooks: Investigating The Role of Language Triggers in Phishing Emails Targeting African Refugees and Students
    Mythili Menon (Wichita State University), Nisha Vinayaga-Sureshkanth (University of Texas at San Antonio), Alec Schon (Wichita State University), Kaitlyn Hemberger (University of Kansas), and Murtuza Jadliwala (University of Texas at San Antonio)
  • Gaze3P: Gaze-Based Prediction of Perceived Privacy
    Mayar Elfares (University of Stuttgart), Pascal Reisert (University of Stuttgart), Ralf Küsters (University of Stuttgart), and Andreas Bulling (University of Stuttgart)
  • Sanitization or Deception? Rethinking Privacy Protection in Large Language Models Artifact: Available
    Bipin Paudel (Kansas State University), Bishwas Mandal (Kansas State University), George Amariucai (Kansas State University), and Shuangqing Wei (Louisiana State University)
  • Argmax and XGBoost Training over Fully Homomorphic Encryption
    Ramy Masalha (IBM Research and University of Haifa), Adi Akavia (University of Haifa), Allon Adir (IBM Research), Ehud Aharoni (IBM Research), and Eyal Kushnir (IBM Research)
  • dX-Privacy for Text and the Curse of Dimensionality Artifact: Available, Functional
    Hassan Asghar (Macquarie University), Robin Carpentier (Macquarie University), Benjamin Zi Hao Zhao (Macquarie University), and Dali Kaafar (Macquarie University)
  • What-App? App usage detection using encrypted LTE/5G traffic
    Jinjin WANG (University of Birmingham), Zishuai Cheng (Beijing University of Posts and Telecommunications), Mihai Ordean (University of Birmingham), and Baojiang Cui (Beijing University of Posts and Telecommunications)
  • Evaluating connection migration based QUIC censorship circumvention Artifact: Available
    Seungju Lee (Princeton University), Mona Wang (Princeton University), Watson Jia (Princeton University), Qiang Wu (GFW Report), Henry Birge-Lee (Princeton University), Liang Wang (Princeton University), and Prateek Mittal (Princeton University)
  • Personal Data Flows and Privacy Policy Traceability in Third-party GPT Integrations Artifact: Available, Functional, Reproduced
    Juan Carlos Carrillo (VRAIN, Universitat Politècnica de València), Jose Luis Martin Navarro (Aalto University & VRAIN, Universitat Politècnica de València), Rongjun Ma (Aalto University), and Jose Such (King’s College London & VRAIN, Universitat Politècnica de València)
  • Bot Among Us: Exploring User Awareness and Privacy Concerns About Chatbots in Group Chats Artifact: Available, Functional, Reproduced
    Kai-Hsiang Chou (National Taiwan University), Yi-An Wang (National Taiwan University), Chong Kai Lau (National Taiwan University), Mahmood Sharif (Tel Aviv University), and Hsu-Chun Hsiao (National Taiwan University)
  • How Experts Personalize Privacy & Security Advice for At-Risk Users Artifact: Available
    Wentao Guo (University of Maryland), Alexander Yang (University of Maryland), Nathan Malkin (New Jersey Institute of Technology), and Michelle L. Mazurek (University of Maryland)
  • Location-Enhanced Information Flow for Home Automations Artifact: Available, Functional, Reproduced
    McKenna McCall (Colorado State University), Ben Weinshel (Carnegie Mellon University), Kunlin Cai (University of California, Los Angeles), Ying Li (University of California, Los Angeles), Eric Zeng (Georgetown University), Devika Manohar (Carnegie Mellon University), Lujo Bauer (Carnegie Mellon University), Limin Jia (Carnegie Mellon University), and Yuan Tian (University of California, Los Angeles)
  • Are Bite-Size Data Safety Details a Healthy Diet for Android Telehealth App Users? Impacts of Privacy Nutrition Labels on Users' Privacy Perceptions
    Alisa Frik (International Computer Science Institute), Subham Mitra (University of California, Berkeley), Priyasha Chatterjee (Max Planck Institute for Security and Privacy), and Julia Bernd (International Computer Science Institute)
  • ReporTor: Facilitating User Reporting of Issues Encountered in Naturalistic Web Browsing via the Tor Browser Artifact: Available, Functional
    Nicholas Micallef (Swansea University), Cameron Cartier (Black Hills Information Security), Kevin Gallagher (NOVA LINCS, NOVA School of Science and Technology), Lucas Zagal (University of Utah), and Sameer Patil (University of Utah)
  • SEED: Streamlined End-to-End Data Processing in Cloud Environments
    Omar Jarkas (The University of Queensland), Ryan Ko (The University of Queensland), Naipeng Dong (The University of Queensland), and MD Redowan Mahmud (Curtin University)
  • Ephemeral Network-Layer Fingerprinting Defenses Artifact: Available, Functional, Reproduced
    Tobias Pulls (Karlstad University), Topi Korhonen (Independent), Ethan Witwer (Linköping University), and Niklas Carlsson (Linköping University)
  • Are we collaborative yet? A Usability Perspective on Mixnet Latency for Real-Time Applications
    Killian Davitt (King's College London), Dan Ristea (UCL), and Steve. J Murdoch (UCL)
  • PriVA-C: Defending Voice Assistants from Fingerprinting Attacks Artifact: Available, Functional, Reproduced
    Dilawer Ahmed (North Carolina State University), Aafaq Sabir (North Carolina State University), Ahsan Zafar (North Carolina State University), and Anupam Das (North Carolina State University)
  • “We Need a Standard”:Toward an Expert–Informed Privacy Label for Differential Privacy
    Onyinye Dibia (University of Vermont), Mengyi Lu (University of Vermont), Prianka Bhattacharjee (University of Vermont), Joseph P Near (University of Vermont), and Yuanyuan Feng (University of Vermont)
  • Privacy Attacks on Matrix Profiles based on Reconstruction Techniques Artifact: Available, Functional, Reproduced
    Haoying Zhang (Insa-CVL), Nicolas Anciaux (Inria), Benjamin Nguyen (Insa-CVL), Fabien GIRARD (ENSTA Paris), Jose Maria de Fuentes (UC3M), and Adrien Boiret (Insa-CVL)
  • AI-in-the-Loop: Privacy Preserving Real-Time Scam Detection and Conversational Scambaiting by Leveraging LLMs and Federated Learning
    Ismail Hossain (University of Texas at El Paso), Sai Puppala (Southern Illinois University Carbondale), Md Jahangir Alam (University of Texas at El Paso), and Sajedul Talukder (University of Texas at El Paso)
  • User Perceptions and Attitudes Toward Untraceability in Messaging Platforms
    Carla Florencia Griggio (Department of Computer Science, Aalborg University), Boel Nelson (Department of Computer Science, University of Copenhagen), Zefan Sramek (IIS Lab, The University of Tokyo), and Aslan Askarov (Department of Computer Science, Aarhus University)
  • SPRINT: Scalable Secure & Differentially Private Inference for Transformers Artifact: Available, Functional
    Francesco Capano (SAP SE), Jonas Boehler (SAP SE), and Benjamin Weggenmann (Technische Hochschule Würzburg Schweinfurt)
  • tigro: Trust Infrastructure for Grassroots Organizing via Grounded Digital Annotations
    Leah Namisa Rosenbloom (Northeastern University), Seny Kamara (Brown University and MongoDB Research), Zachary Espiritu (MongoDB Research), Tarik Moataz (MongoDB Research), Amine Bahi (École Normale Supérieure), and John Wilkinson (Brown University)
  • Cryptographically-Secured Domain Validation
    Henry Birge-Lee (Princeton University), Grace H. Cimaszewski (Princeton University), Cyrill Krähenbühl (Princeton University), Liang Wang (Princeton University), Aaron Gable (Lets Encrypt), and Prateek Mittal (Princeton University)
  • ROTL: Faster Lookup Table Evaluation
    Xiaoyang Hou (Zhejiang University), Jian Liu (Zhejiang University), Jingyu Li (Zhejiang University), Jiawen Zhang (Zhejiang University), Kui Ren (Zhejiang University), and Chun Chen (Zhejiang University)
  • Preserving Target Distributions With Differentially Private Count Mechanisms
    Nitin Kohli (UC Berkeley) and Paul Laskowski (UC Berkeley)
  • Pirouette: Query Efficient Single-Server PIR
    Jiayi Kang (COSIC, KU Leuven) and Leonard Schild (COSIC, KU Leuven)
  • A Risk Assessment Framework for Digital Identification Systems
    Allison Woodruff (Google), Dirk Balfanz (Google), Will Drewry (Google), and Mariana Raykova (Google)
  • Privacy by Voice: Designing Usable Privacy Notices for the Voice Interface
    Aafaq Sabir (North Carolina State University), Abhinaya S.B. (North Carolina State University), Dilawer Ahmed (North Carolina State University), and Anupam Das (North Carolina State University)
  • Analyzing Societal Awareness and Perception of Digital Fingerprinting and Fingerprinting Countermeasures
    Pascal Schramm (Technical University of Munich), Emmanuel Syrmoudis (Technical University of Munich), Alexandros Markou (Technical University of Munich), and Jens Grossklags (Technical University of Munich)
  • Website fingerprinting on Nym: Attacks and Defenses
    Eric Jollès (EPFL), Simon Wicky (Nym Technologies), Ania M. Piotrowska (Nym Technologies), Harry Halpin (Nym Technologies), and Carmela Troncoso (EPFL & MPI-SP)
  • Dropout-Robust Mechanisms for Differentially Private and Fully Decentralized Mean Estimation
    César Sabater (INSA Lyon), Sonia Ben Mokhtar (INSA Lyon, CNRS), and Jan Ramon (INRIA Lille)
  • “I don’t think it needs to be political”: Privacy Experiences and Concerns of FemHealth App Users in the United States
    Ina Kaleva (King's College London), Alisa Frik (International Computer Science Institute), Lisa Malki (University College London), Mark Warner (University College London), and Ruba Abu-Salma (King's College London)
  • PROVGEN: A Privacy-Preserving Approach for Outcome Validation in Genomic Research
    Yuzhou Jiang (Case Western Reserve University), Tianxi Ji (Texas Tech University), and Erman Ayday (Case Western Reserve University)
  • HyperVerITAS: Verifying Image Transformations at Scale on Boolean Hypercubes
    Garrett Greiner (University of Utah), Toshi Mowery (University of Utah), and Pratik Soni (University of Utah)

Issue 2

  • The Empire Strikes Back (at Your Privacy): An Archaeology of Tracking on Government Websites
    Sachin Kumar Singh (University of Utah), Faisal Mahmud (New York University Abu Dhabi), Robert Ricci (University of Utah), and Sandra Siby (New York University Abu Dhabi)
  • CURE: Privacy-Preserving Split Learning Done Right
    Halil Ibrahim Kanpak (Koç University), Aqsa Shabbir (Bilkent University), Esra Genç (Bilkent University), Alptekin Küpçü (Koç University), and Sinem Sav (Bilkent University)
  • Analysis and Attacks on the Reputation System of Nym
    Xinmu Alexis Cao (Johns Hopkins University) and Matthew Green (Johns Hopkins University)
  • Unveiling Graph Copycats: Inference Attacks with Student Models
    Paul Agbaje (University Of Texas At Arlington), Afia Anjum (University Of Texas At Arlington), Arkajyoti Mitra (University Of Texas At Arlington), and Habeeb Olufowobi (University Of Texas At Arlington)
  • Humanitarian Aid Distribution with Privacy-Preserving Assessment Capabilities
    Christian Knabenhans (EPFL), Lucy Qin (Georgetown), Justinas Sukaitis (ICRC), Vincent Graf Narbel (ICRC), and Carmela Troncoso (MPI-SP,EPFL)
  • Pantomime: Motion Data Anonymization Using Foundation Motion Models
    Simon Hanisch (Technical University Dresden), Julian Todt (Karlsruhe Institute of Technology), and Thorsten Strufe (Karlsruhe Institute of Technology)
  • SoK: Can Fully Homomorphic Encryption Support General AI Computation? A Functional and Cost Analysis
    Jiaqi Xue (University of Central Florida), Xin Xin (University of Central Florida), Wei Zhang (University of Central Florida), Mengxin Zheng (University of Central Florida), Qianqian Song (University of Florida), Minxuan Zhou (Illinois Institute of Technology), Yushun Dong (Florida State University), Dongjie Wang (The University of Kansas), Xun Chen (Samsung Research America), Jiafeng Xie (Villanova University), Liqiang Wang (University of Central Florida), David Mohaisen (University of Central Florida), Hongyi Wu (University of Arizona), and Qian Lou (University of Central Florida)
  • A Year Under the DSA: Ad Transparency’s Uneven Landscape
    Abir Benzaamia (LIX, CNRS, Inria, École Polytechnique, IP Paris), Asmaa El fraihi (LIX, CNRS, Inria, École Polytechnique, IP Paris), Ines Abdelaziz (LIX, CNRS, Inria, École Polytechnique, IP Paris), and Oana Goga (LIX, CNRS, Inria, École Polytechnique, IP Paris)
  • CoinJoin ecosystem insights for Wasabi 1.x, Wasabi 2.x and Whirlpool coordinator-based privacy mixers
    Petr Svenda (Masaryk University, CZ), Jiří Gavenda (Masaryk University, CZ), Vasilios Mavroudis (Turing Institute, UK), and Chris Hicks (Turing Institute, UK)
  • Privacy Bias in Language Models: A Contextual Integrity-based Auditing Metric
    Yan Shvartzshnaider (York University) and Vasisht Duddu (University of Waterloo)
  • Exercising the CCPA Opt-out Right on Android: Legally Mandated but Practically Challenging
    Sebastian Zimmeck (Wesleyan University), Nishant Aggarwal (Wesleyan University), Zachary Liu (Wesleyan University), Sage Altman (Wesleyan University), and Konrad Kollnig (Law & Tech Lab, Maastricht University)
  • Breaking BAD? Better Call SAUL! -- Breaking and Fixing Bloom Filters with Added Diffusion
    Frederik Armknecht (University of Mannheim) and Jochen Schäfer (University of Mannheim)
  • Frequency Estimation of Correlated Multi-attribute Data under Local Differential Privacy
    Shafizur Rahman Seeam (Rochester Institute of Technology), Ye Zheng (Rochester Institute of Technology), and Yidan Hu (Rochester Institute of Technology)
  • Multi-Party Private Join
    Anja Lehmann (Hasso-Plattner-Institute, University of Potsdam), Christian Mouchet (Hasso-Plattner-Institute, University of Potsdam), and Andrey Sidorenko (Hasso-Plattner-Institute, University of Potsdam)
  • GAN-Invert: Unveiling Vulnerabilities in Privacy-Preserving Facial Transformations
    Umesh Kashyap (Indian Institute of Technology Bhilai) and Sk. Subidh Ali (Indian Institute of Technology Bhilai)
  • Clicking into Exposure: Uncovering Privacy Risks of Google Click Identifier in YouTube Ads
    Ha Dao (MPI-INF), Abhishek Shinde (Saarland University), Sana Athar (MPI-INF), and Devashish Gosain (IIT Bombay)
  • Secure Change-Point Detection for Time Series under Homomorphic Encryption
    Federico Mazzone (University of Twente), Giorgio Micali (University of Twente), and Massimiliano Pronesti (IBM Research Europe)
  • SentinelTouch: A Lightweight Privacy-Preserving Biometric-Fingerprinting Authentication and Identification System Based on Neural Networks and Homomorphic Encryption
    Nges Brian Njungle (Arizona State University), Eric Jahns (Arizona State University), Mishel Jyothis Paul (Arizona State University), and Michel Kinsy (Arizona State University)
  • Poisoning-based Link Inference Attacks Against Federated Graph Neural Networks
    GUIZHEN YANG (Deakin University), Yanjun Zhang (University of Technology Sydney), Leo Yu Zhang (Griffith University), Mengmeng Ge (Monash University), and Shang Gao (Deakin University)
  • “I Just Press Allow”: Understanding Privacy Practices of New Internet Users in Urban India
    Priyanka Chowdary Popuri (BITS Pilani, Hyderabad), Srishti Sanghi (The University of Sydney), Sri Lekha Mondreti (BITS Pilani, Hyderabad), and Dipanjan Chakraborty (BITS Pilani, Hyderabad)
  • Gryphes: Hybrid Proofs for Modular SNARKs with Applications to zkRollups
    Jiajun Xin (The Hong Kong University of Science and Technology), Samuel Cheung On Tin (The Hong Kong University of Science and Technology), Christodoulos Pappas (The Hong Kong University of Science and Technology), Yongjin Huang (OKG), and Dimitrios Papadopoulos (The Hong Kong University of Science and Technology)
Contact Us