Background

Personalized support and services, based on data analytics, have been on the rise the last decade. The scale and dimensions of data gathering and shared in smart information environment (SIE) is sometimes hard for users (data subjects) to fathom and leaves them wondering when, why and how data was collected, or information generated. Much of this is due to the combined power of an abundance of data, data analytics methods and machine learning. Machine learning may, for example, be used to support (or automate) repetitive work, warnings of potential errors, and sense non-compliant behavior.

Despite the many advantages that such smart information environments offer, there are concerns about the responsible use of the data collected. Specifically, the new European regulations on data protection and privacy, GDPR, have raised awareness on privacy issues and causes concerns for designers and developers of smart information systems. In the age of information and digital technology, the focus of privacy has been on the protection of data directly or indirectly pertaining to a person; i.e. protection of personal information and reduction of risks for data subjects. Emphasis has been on data security and several methods, frameworks and techniques have been developed for ensuring appropriate data security. However, in the age of big data, machine learning, ubiquitous computing and social networks, such a data-centric view is inadequate and the need for a more user-centric view of privacy and protection of user data are required. In fact, with increasing availability of data, technology to aggregate and the possibility to conduct sophisticated analyses, the need to protect data and informational privacy is more important than ever before. This is also critical to build smart information environments that users can trust.

For a user-centric view, research has shown that there is a mismatch between legitimate concerns about privacy and actual behavior when it comes to sharing personal information (the "Privacy Paradox"). For those building systems it is necessary to navigate the (users) needs for personalization and wishes to remain anonymous ("Personalization Paradox"). It is indeed this paradox that SIE designers and organizations are faced with when designing services to support people in the various arenas in their personal or work lives and to enhance and foster knowledge sharing among people. Many appreciate the personalized recommendations on websites or personalized messages and notifications received through social media and other online services but oppose the invasion of their privacy. This in turn requires IT designers and developers of SIE to practice privacy-by-design or privacy-by-architecture within the design of SIE and calls for anonymization and cryptographical data protection techniques for log files.
Goals

The need to discuss issues related to privacy and trust in smart information environments is an important and highly relevant topic. This workshop's main objective is to start a dialogue and bring together a multi-disciplinary group of researchers, industry and practitioners to share their research, ideas, experiences and concerns in area of organizational and technology privacy and trust in smart information environments. The topics of interest for this workshop, but not limited to, are provided below.
Topics

Privacy and trust by design in SIE
Privacy and trust in SIE
System design for privacy awareness
Privacy and trust in (big) data analytics
Privacy-preserving data / process mining
Privacy engineering for (event) logs
Privacy and trust in machine learning
Privacy and trust in data aggregation
Privacy and trust in personalized services
Privacy and trust at the workplace
Privacy and trust and human factors
Privacy and trust in organizational data collection
Empirical analysis of GDPR compliance in service repositories
End-user privacy and trust control/management in SIE
Techniques for GDPR compliant modeling
Methods and techniques for privacy and trust management in SIE