Volume 2026

Issue 1

• Editors' Introduction
  Gunes Acar (Radboud University), Rob Jansen (U.S. Naval Research Laboratory)
• Gaze3P: Gaze-Based Prediction of User-Perceived Privacy [PDF] Artifact: Available
  Mayar Elfares (University of Stuttgart, Germany), Pascal Reisert (University of Stuttgart, Germany), Ralf Küsters (University of Stuttgart, Germany), Andreas Bulling (University of Stuttgart, Germany)
• PriVA-C: Defending Voice Assistants from Fingerprinting Attacks [PDF] Artifact: Available
  Dilawer Ahmed (North Carolina State University), Aafaq Sabir (North Carolina State University), Ahsan Zafar (North Carolina State University), Anupam Das (North Carolina State University)
• ``We Need a Standard'': Toward an Expert–Informed Privacy Label for Differential Privacy [PDF]
  Onyinye Dibia (University of Vermont), Mengyi Lu (University of Vermont), Prianka Bhattacharjee (University of Vermont), Joseph Near (University of Vermont), Yuanyuan Feng (University of Vermont)
• Privacy Attacks on Matrix Profiles via Reconstruction Techniques [PDF] Artifact: Available, Functional, Reproduced
  Haoying Zhang (INSA CVL, Univ. d'Orléans, Inria), Nicolas Anciaux (Inria, INSA CVL, Univ. Paris Saclay), Benjamin Nguyen (INSA CVL, Univ. d'Orléans, Inria), Fabien Girard (ENSTA), Jose Maria de Fuentes (Univ. Carlos III de Madrid), Adrien Boiret (INSA CVL, Univ. d'Orléans, Inria)
• AI-in-the-Loop: Privacy Preserving Real-Time Scam Detection and Conversational Scam-baiting by Leveraging LLMs and Federated Learning [PDF] Artifact: Available
  Ismail Hossain (University of Texas at El Paso), Sai Puppala (Southern Illinois University Carbondale), Md Jahangir Alam (University of Texas at El Paso), Sajedul Talukder (University of Texas at El Paso)
• User Perceptions and Attitudes Toward Untraceability in Messaging Platforms [PDF]
  Carla F. Griggio (Aalborg University), Boel Nelson (University of Copenhagen), Zefan Sramek (IIS Lab, The University of Tokyo), Aslan Askarov (Aarhus University)
• SPRINT: Scalable Secure & Differentially Private Inference for Transformers [PDF] Artifact: Available, Functional
  Francesco Capano (SAP SE), Jonas Böhler (SAP SE), Benjamin Weggenmann (Technische Hochschule Würzburg-Schweinfurt)
• Sanitization or Deception? Rethinking Privacy Protection in Large Language Models [PDF] Artifact: Available
  Bipin Paudel (Kansas State University), Bishwas Mandal (Kansas State University), George Amariucai (Kansas State University), Shuangqing Wei (Louisiana State University)
• Argmax and XGBoost Training over Fully Homomorphic Encryption [PDF]
  Ramy Masalha (IBM Research and University of Haifa), Adi Akavia (University of Haifa), Allon Adir (IBM Research), Ehud Aharoni (IBM Research), Eyal Kushnir (IBM Research)
• Linguistic Hooks: Investigating The Role of Language Triggers in Phishing Emails Targeting African Refugees and Students [PDF]
  Mythili Menon (Wichita State University), Nisha Vinayaga-Sureshkanth (University of Texas at San Antonio), Alec Schon (Wichita State University), Kaitlyn Hemberger (University of Kansas), Murtuza Jadliwala (University of Texas at San Antonio)
• dX-Privacy for Text and the Curse of Dimensionality [PDF] Artifact: Available, Functional
  Hassan Asghar (Macquarie University), Robin Carpentier (Macquarie University), Benjamin Zhao (Macquarie University), Dali Kaafar (Macquarie University)
• What-App? App Usage Detection Using Encrypted LTE/5G Traffic [PDF] Artifact: Available, Functional
  Jinjin Wang (University of Birmingham), Zishuai Cheng (Beijing University of Posts and Telecommunications), Mihai Ordean (University of Birmingham), Baojiang Cui (Beijing University of Posts and Telecommunications)
• QUICstep: Evaluating connection migration based QUIC censorship circumvention [PDF] Artifact: Available, Functional, Reproduced
  Seungju Lee (Princeton University), Mona Wang (Princeton University), Watson Jia (Princeton University), Qiang Wu (GFW Report), Henry Birge-Lee (Princeton University), Liang Wang (Princeton University), Prateek Mittal (Princeton University)
• Personal Data Flows and Privacy Policy Traceability in Third-party LLM Apps in the GPT Ecosystem [PDF] Artifact: Available, Functional, Reproduced
  Juan-Carlos Carrillo (VRAIN, Universitat Politècnica de València, Spain), Jose Luis Martin-Navarro (Aalto University, Finland; VRAIN, Universitat Politècnica de València, Spain), Rongjun Ma (Aalto University, Finland), Jose Such (INGENIO (CSIC-Universitat Politècnica de València), Spain)
• Bot Among Us: Exploring User Awareness and Privacy Concerns About Chatbots in Group Chats [PDF] Artifact: Available, Functional, Reproduced
  Kai-Hsiang Chou (National Taiwan University), Yi-An Wang (National Taiwan University), Chong Kai Lau (National Taiwan University), Mahmood Sharif (Tel Aviv University), Hsu-Chun Hsiao (National Taiwan University; Academia Sinica)
• How Experts Personalize Privacy & Security Advice for At-Risk Users [PDF] Artifact: Available
  Wentao Guo (University of Maryland), Alexander Yang (University of Maryland), Nathan Malkin (New Jersey Institute of Technology), Michelle Mazurek (University of Maryland)
• Location-Enhanced Information Flow for Home Automations [PDF] Artifact: Available, Functional, Reproduced
  McKenna McCall (Colorado State University), Ben Weinshel (Carnegie Mellon University), Kunlin Cai (University of California, Los Angeles), Ying Li (University of California, Los Angeles), Eric Zeng (Georgetown University), Devika Manohar (Carnegie Mellon University), Lujo Bauer (Carnegie Mellon University), Limin Jia (Carnegie Mellon University), Yuan Tian (University of California, Los Angeles)
• Are Bite-Size Data Safety Details a Healthy Diet for Android Telehealth App Users? Impacts of Privacy Nutrition Labels on Users’ Privacy Perceptions [PDF]
  Alisa Frik (International Computer Science Institute), Subham Mitra (University of California, Berkeley), Priyasha Chatterjee (Max Plank Institute for Security and Privacy), Julia Bernd (International Computer Science Institute)
• ReporTor: Facilitating User Reporting of Issues Encountered in Naturalistic Web Browsing via Tor Browser [PDF] Artifact: Available, Functional
  Nicholas Micallef (Swansea University), Cameron Cartier (Black Hills Information Security, Inc.), Kevin Gallagher (NOVA LINCS, NOVA School of Science and Technology), Lucas Zagal (University of Utah), Sameer Patil (University of Utah)
• SEED: A Minimal‑Footprint TEE Framework for Verifiable, Confidential Microservice Deployment [PDF]
  Omar Jarkas (The University of Queensland), Ryan K L Ko (The University of Queensland), Naipeng Dong (The University of Queensland), Redowan Mahmud (Curtin University)
• Ephemeral Network-Layer Fingerprinting Defenses [PDF] Artifact: Available, Functional, Reproduced
  Tobias Pulls (Karlstad University), Topi Korhonen (Independent), Ethan Witwer (Linköping University), Niklas Carlsson (Linköping University)
• Making Sense of Private Advertising: A Principled Approach to a Complex Ecosystem [PDF] Artifact: Available, Functional, Reproduced
  Kyle Hogan (Massachusetts Institute of Technology), Alishah Chator (Baruch College), Gabriel Kaptchuk (University of Maryland), Mayank Varia (Boston University), Srinivas Devadas (Massachusetts Institute of Technology)
• SilhouetteTell: Practical Video Identification Leveraging Blurred Recordings of Video Subtitles [PDF]
  Guanchong Huang (University of Oklahoma), Song Fang (University of Oklahoma)
• Securing Private Federated Learning in a Malicious Setting: A Scalable TEE-Based Approach with Client Auditing [PDF] Artifact: Available
  Shun Takagi (LY Corporation), Satoshi Hasegawa (LY Corporation)
• Word-level Annotation of GDPR Transparency Compliance in Privacy Policies using Large Language Models [PDF] Artifact: Available
  Thomas Cory (Technische Universität Berlin), Wolf Rieder (Technische Universität Berlin), Julia Krämer (Erasmus University Rotterdam), Philip Raschke (Technische Universität Berlin), Patrick Herbke (Technische Universität Berlin), Axel Küpper (Technische Universität Berlin)
• Privacy vs. Profit: The Impact of Google's Manifest Version 3 (MV3) Update on Ad Blocker Effectiveness [PDF] Artifact: Available, Functional, Reproduced
  Karlo Lukic (Goethe University Frankfurt), Lazaros Papadopoulos (Goethe University Frankfurt)
• How We Define Privacy Literacy: Teaching Experiences & Challenges of Community-Engaged Privacy Educators [PDF]
  Tanisha Afnan (University of Michigan), Sheza Naveed (University of Michigan), Griffin Christie (University of Michigan), Jackie Hu (University of Michigan), Byron M. Lowens (Indiana University at Indianapolis), Allison McDonald (Boston University), Florian Schaub (University of Michigan)
• Are we collaborative yet? A Usability Perspective on Mixnet Latency for Real-Time Applications [PDF] Artifact: Available, Functional
  Killian Davitt (King's College London), Dan Ristea (UCL), Steven J. Murdoch (UCL)
• Obscura: Enabling Ephemeral Proxies for Traffic Encapsulation in WebRTC Media Streams Against Cost-Effective Censors [PDF] Artifact: Available, Functional
  Afonso Vilalonga (Universidade NOVA de Lisboa & NOVA LINCS), Kevin Gallagher (Universidade NOVA de Lisboa & NOVA LINCS), João S. Resende (INESCTEC, Universidade do Porto), Henrique Domingos (Universidade NOVA de Lisboa & NOVA LINCS)
• Ad Personalization and Transparency in Mobile Ecosystems: A Comparative Analysis of Google's and Apple's EU App Stores [PDF] Artifact: Available, Functional, Reproduced
  David Breuer (TU Darmstadt), Lucas Becker (TU Darmstadt), Matthias Hollick (TU Darmstadt)

Issue 2

• Editors' Introduction
  Gunes Acar (Radboud University), Rob Jansen (U.S. Naval Research Laboratory)
• Breaking BAD? Better Call SAUL! - Breaking and Fixing Bloom Filters with Added Diffusion [PDF]
  Frederik Armknecht (University of Mannheim), Jochen Schäfer (University of Mannheim)
• Frequency Estimation of Correlated Multi-attribute Data under Local Differential Privacy [PDF]
  Shafizur Rahman Seeam (Rochester Institute of Technology), Ye Zheng (Rochester Institute of Technology), Yidan Hu (Rochester Institute of Technology)
• Multi-Party Private Join [PDF]
  Anja Lehmann (Hasso Plattner Institute, University of Potsdam), Christian Mouchet (Hasso Plattner Institute, University of Potsdam), Andrey Sidorenko (Hasso Plattner Institute, University of Potsdam)
• HyperVerITAS: Verifying Image Transformations at Scale on Boolean Hypercubes [PDF]
  Garrett Greiner (University of Utah), Toshi Mowery (University of Notre Dame), Pratik Soni (University of Utah)
• GAN-Invert: Unveiling Vulnerabilities in Privacy-Preserving Facial Transformations [PDF]
  Umesh Kashyap (Indian Institute of Technology Bhilai), Sk. Subidh Ali (Indian Institute of Technology Bhilai)
• Clicking into Exposure: Uncovering Privacy Risks of Google Click Identifier in YouTube Ads [PDF]
  Ha Dao (Max Planck Institute for Informatics), Abhishek Shinde (Saarland University), Sana Athar (Max Planck Institute for Informatics), Devashish Gosain (Indian Institute of Technology Bombay)
• The Empire Strikes Back (at Your Privacy): An Archaeology of Tracking on Government Websites [PDF]
  Sachin Kumar Singh (University of Utah), Faisal Mahmud (New York University Abu Dhabi), Robert Ricci (University of Utah), Sandra Siby (New York University Abu Dhabi)
• Secure Change-Point Detection for Time Series under Homomorphic Encryption [PDF]
  Federico Mazzone (University of Twente), Giorgio Micali (University of Twente), Massimiliano Pronesti (IBM Research Europe)
• SentinelTouch: A Lightweight Privacy-Preserving Biometric-Fingerprinting Authentication and Identification System Based on Neural Networks and Homomorphic Encryption [PDF]
  Nges Brian Njungle (STAM Center, Arizona State University), Eric Jahns (STAM Center, Arizona State University), Mishel Jyothis Paul (STAM Center, Arizona State University), Michel A Kinsy (STAM Center, Arizona State University)
• Poisoning-based Link Inference Attacks Against Federated Graph Neural Networks [PDF]
  Guizhen Yang (Deakin University), Yanjun Zhang (University of Technology Sydney), Leo Yu Zhang (Griffith University), Mengmeng Ge (Monash University), Shang Gao (Deakin University)
• ``I Just Press Allow'': Understanding Privacy Practices of New Internet Users in Urban India [PDF]
  Priyanka Popuri (BITS Pilani, Hyderabad), Srishti Sanghi (The University of Sydney), Sri Lekha Mondreti (BITS Pilani, Hyderabad), Dipanjan Chakraborty (BITS Pilani, Hyderabad)
• Gryphes: Hybrid Proofs for Modular SNARKs with Applications to zkRollups [PDF]
  Jiajun Xin (Hong Kong University of Science and Technology), Samuel Cheung On Tin (Hong Kong University of Science and Technology), Christodoulos Pappas (Hong Kong University of Science and Technology), Yongjin Huang (OKG), Dimitrios Papadopoulos (Hong Kong University of Science and Technology)
• Pirouette: Query Efficient Single-Server PIR [PDF]
  Jiayi Kang (COSIC, KU Leuven), Leonard Schild (COSIC, KU Leuven)
• A Risk Assessment Framework for Digital Identification Systems [PDF]
  Allison Woodruff (Google), Dirk Balfanz (Google), Will Drewry (Google), Mariana Raykova (Google)
• CURE: Privacy-Preserving Split Learning Done Right [PDF]
  Halil Ibrahim Kanpak (Koç University), Aqsa Shabbir (Bilkent University), Esra Genç (Bilkent University), Alptekin Küpçü (Koç University), Sinem Sav (Bilkent University)
• Analysis and Attacks on the Reputation System of Nym [PDF]
  Xinmu Alexis Cao (Johns Hopkins University), Matthew Green (Johns Hopkins University)
• Privacy by Voice: Designing Usable Privacy Notices for the Voice Interface [PDF]
  Aafaq Sabir (North Carolina State University), Abhinaya S.B. (North Carolina State University), Dilawer Ahmed (North Carolina State University), Anupam Das (North Carolina State University)
• Unveiling Graph Copycats: Inference Attacks with Student Models [PDF]
  Paul Agbaje (University of Texas at Arlington), Afia Anjum (University of Texas at Arlington), Arkajyoti Mitra (University of Texas at Arlington), Habeeb Olufowobi (University of Texas at Arlington)
• Humanitarian Aid Distribution with Privacy-Preserving Assessment Capabilities [PDF]
  Christian Knabenhans (EPFL), Lucy Qin (Georgetown University), Justinas Sukaitis (International Committee of the Red Cross), Vincent Graf Narbel (International Committee of the Red Cross), Carmela Troncoso (EPFL, MPI-SP)
• tigro: Trust Infrastructure for Grassroots Organizing via Grounded Digital Annotations [PDF]
  Leah Namisa Rosenbloom (Northeastern University), Seny Kamara (Brown University and MongoDB Research), Zachary Espiritu (MongoDB Research), Tarik Moataz (MongoDB Research), Amine Bahi (École Normale Supérieure), John Wilkinson (Brown University)
• Pantomime: Motion Data Anonymization Using Foundation Motion Models [PDF]
  Simon Hanisch (Technical University Dresden), Julian Todt (Karlsruhe Institute of Technology), Thorsten Strufe (Karlsruhe Institute of Technology)
• Analyzing Societal Awareness and Perception of Digital Fingerprinting and Fingerprinting Countermeasures [PDF]
  Pascal Schramm (Technical University of Munich), Emmanuel Syrmoudis (Technical University of Munich), Alexandros Markou (Technical University of Munich), Jens Grossklags (Technical University of Munich)
• Website fingerprinting on Nym: Attacks and Defenses [PDF]
  Eric Jollès (EPFL), Simon Wicky (Nym Technologies), Ania M. Piotrowska (Nym Technologies), Harry Halpin (Nym Technologies), Carmela Troncoso (MPI-SP & EPFL)
• Cryptographically-Secured Domain Validation [PDF]
  Grace Cimaszewski (Princeton University), Henry Birge-Lee (Princeton University), Cyrill Krähenbühl (Princeton University), Liang Wang (Princeton University), Aaron Gable (Let's Encrypt), Prateek Mittal (Princeton University)
• Dropout-Robust Mechanisms for Differentially Private and Fully Decentralized Mean Estimation [PDF]
  César Sabater (CNRS, INSA Lyon), Sonia Ben Mokhtar (CNRS, INSA Lyon), Jan Ramon (INRIA Lille)
• ROTL: Faster Lookup Table Evaluation [PDF]
  Xiaoyang Hou (The State Key Laboratory of Blockchain and Data Security, Zhejiang University.), Jian Liu (The State Key Laboratory of Blockchain and Data Security, Zhejiang University; Hangzhou High-Tech Zone (Binjiang) Blockchain and Data Security Research Institute.), Jingyu Li (The State Key Laboratory of Blockchain and Data Security, Zhejiang University.), Jiawen Zhang (The State Key Laboratory of Blockchain and Data Security, Zhejiang University.), Kui Ren (The State Key Laboratory of Blockchain and Data Security, Zhejiang University; Hangzhou High-Tech Zone (Binjiang) Blockchain and Data Security Research Institute.), Chun Chen (The State Key Laboratory of Blockchain and Data Security, Zhejiang University; Hangzhou High-Tech Zone (Binjiang) Blockchain and Data Security Research Institute.)
• A Year Under the DSA: Ad Transparency's Uneven Landscape [PDF]
  Abir Benzaamia (LIX, CNRS, Inria, École Polytechnique, IP Paris), Asmaa El Fraihi (LIX, CNRS, Inria, École Polytechnique, IP Paris), Ines Abdelaziz (LIX, CNRS, Inria, École Polytechnique, IP Paris), Oana Goga (LIX, CNRS, Inria, École Polytechnique, IP Paris)
• “I don’t think it needs to be political”: Privacy Experiences and Concerns of FemHealth App Users in the United States [PDF]
  Ina Kaleva (King's College London), Alisa Frik (International Computer Science Institute), Lisa Malki (University College London), Mark Warner (University College London), Ruba Abu-Salma (King's College London)
• CoinJoin ecosystem insights for Wasabi 1.x, Wasabi 2.x and Whirlpool coordinator-based privacy mixers [PDF]
  Petr Svenda (Masaryk University), Jiri Gavenda (Masaryk University), Vasilios Mavroudis (The Alan Turing Institute), Chris Hicks (The Alan Turing Institute)
• Privacy Bias in Language Models: A Contextual Integrity-based Auditing Metric [PDF]
  Yan Shvartzshnaider (York University), Vasisht Duddu (Waterloo University)
• Preserving Target Distributions With Differentially Private Count Mechanisms [PDF]
  Nitin Kohli (UC Berkeley Center for Effective Global Action), Paul Laskowski (UC Berkeley School of Information)
• PROVGEN: A Privacy-Preserving Approach for Outcome Validation in Genomic Research [PDF]
  Yuzhou Jiang (Case Western Reserve University), Tianxi Ji (Texas Tech University), Erman Ayday (Case Western Reserve University)
• Exercising the CCPA Opt-out Right on Android: Legally Mandated but Practically Challenging [PDF]
  Sebastian Zimmeck (Wesleyan University), Nishant Aggarwal (Wesleyan University), Zachary Liu (Wesleyan University), Sage Altman (Wesleyan University), Konrad Kollnig (Maastricht University)
• SoK: Can Fully Homomorphic Encryption Support General AI Computation? A Functional and Cost Analysis [PDF]
  Jiaqi Xue (University of Central Florida), Xin Xin (University of Central Florida), Wei Zhang (University of Central Florida), Mengxin Zheng (University of Central Florida), Qianqian Song (University of Florida), Minxuan Zhou (Illinois Institute of Technology), Yushun Dong (Florida State University), Dongjie Wang (The University of Kansas), Xun Chen (Samsung Research America), Jiafeng Xie (Villanova University), Liqiang Wang (University of Central Florida), David Mohaisen (University of Central Florida), Hongyi Wu (University of Arizona), Qian Lou (University of Central Florida)