VVZ API is not affiliated with ETH Zurich. Data might be outdated or incorrect. Please view the official ETHZ Vorlesungsverzeichnis for binding information.

851-0392-00L 3 Credits DS , DR , MSC D-GESS

Privacy Quantification and Usable Protection Mechanisms

Lecturers & Examiners: Dr. Noé Zufferey, Adrienn Toth

VVZ CR 3.8

Last Updated: 2026-06-01 11:30:55

Abstract

Students will gain an overview of the main privacy metrics that are used to evaluate privacy risks related to the use of a given technology. They will also be introduced to the concepts of privacy/utility balance and usable security. Practical exercises and reading of recently published scientific articles will be used to present practical cases of the theoretical tools presented in class.

Objective

This course aims to provide the students with a global knowledge of the concepts related to privacy, and the methodology and tools to identify, analyze, and address threats while taking the user into account in the process. They will adopt a “privacy mindset”, thus enabling them to automatically take privacy into account, in a usable way, when designing or analyzing a system.

Content

First, the course will introduce the different definitions and approaches of privacy (e.g., privacy by control, privacy by design) as well as the ethical concerns and considerations related to information security and privacy research (e.g., responsible disclosure, full disclosure). Second, the students will be introduced to the different methods, properties, and metrics to assess and/or guarantee a certain level of privacy. They will be introduced to the properties and metrics related to anonymization (e.g., k-anonymity, l-diversity), data aggregation (e.g., randomized responses, ε-differential privacy), as well as other privacy assessment methodologies (e.g., inferential privacy). Third, the course will address usability issues and the role of individuals (i.e., users) in privacy management (i.e., usable security and privacy) and the design of privacy-enhancing technologies. In this context, we will analyze the main concepts seen during the course and discuss their advantages and disadvantages in terms of usability, as well as their implementation for mass-market and large-scale technologies. Across all three parts of the course, practical exercises, as well as recent research articles reading, and presentations will be used as a complement to support the concepts seen in class, as well as to provide concrete examples of methodologies related to the assessment of privacy in general.

Resources

Literature

N. Gerber, A. Stöver, and K. Marky, Eds., Human Factors in Privacy Research. Cham: Springer International Publishing, 2023. doi: 10.1007/978-3-031-28643-8. T. Carvalho, N. Moniz, P. Faria, and L. Antunes, “Survey on Privacy-Preserving Techniques for Microdata Publication,” ACM Comput. Surv., vol. 55, no. 14s, pp. 1–42, Dec. 2023, doi: 10.1145/3588765. A. Y. Ding, G. L. De Jesus, and M. Janssen, “Ethical hacking for boosting IoT vulnerability management: a first look into bug bounty programs and responsible disclosure,” in Proceedings of the Eighth International Conference on Telecommunications and Remote Sensing, in ICTRS ’19. New York, NY, USA: Association for Computing Machinery, Sep. 2019, pp. 49–55. doi: 10.1145/3357767.3357774. N. Gerber, P. Gerber, and M. Volkamer, “Explaining the privacy paradox: A systematic review of literature investigating privacy attitude and behavior,” Computers & Security, vol. 77, pp. 226–261, Aug. 2018, doi: 10.1016/j.cose.2018.04.002. A. Moallem, Ed., HCI for Cybersecurity, Privacy and Trust: 4th International Conference, HCI-CPT 2022, Held as Part of the 24th HCI International Conference, HCII 2022, Virtual Event, June 26 – July 1, 2022, Proceedings, vol. 13333. in Lecture Notes in Computer Science, vol. 13333. Cham: Springer International Publishing, 2022. doi: 10.1007/978-3-031-05563-8. M. Weulen Kranenbarg, T. J. Holt, and J. van der Ham, “Don’t shoot the messenger! A criminological and computer science perspective on coordinated vulnerability disclosure,” Crime Science, vol. 7, no. 1, p. 16, Nov. 2018, doi: 10.1186/s40163-018-0090-8.

General Information

Language: English
Levels: DS , DR , MSC

Examination

Type: graded semester performance

50% of the final grade is based on a final written exam at the end of the semester, 50% of the final grade will be about presentations (personal project / scientific publication) during the class as well as a written report will.However, a grade of strictly less than 3.5 in the final written exam will lead to failure, regardless of the other grades.

Registration & Places

Max Places: 20

Course Components

Type	Title	Time & Place	Hours
seminar	Privacy Quantification and Usable Protection Mechanisms	Wed 10:15-12:00 (HG E 22)	2 h weekly

Offered In

Wissenschaft im Kontext (Science in Perspective) (In Kursen aus dem Programm “Wissenschaft im Kontext” lernen Studierende, die MINT Fächer der ETH aus der Perspektive der Geistes-, Sozial- und Staatswissenschaften zu reflektieren. Nur die in diesem Abschnitt aufgelisteten Fächer können als "Wissenschaft im Kontext" angerechnet werden.)
- Typ A: Förderung allgemeiner Reflexionskompetenz (WiK-Kurse werden für Bachelorstudierende nach dem ersten Studienjahr sowie für alle Masterstudierende und Doktorierende empfohlen. Alle WiK-Kurse sind in Typ A gelistet. Bei den unter Typ B aufgeführten Kursen handelt es sich lediglich um Belegungsempfehlungen für bestimmte Departemente.)
  - Psychologie, Pädagogik
- Typ B: Reflexion über fachspezifische Methoden und Inhalte (Fachspezifische Lerneinheiten. Relevant für alle Studierenden, die sich für diese Kurse interessieren. Diese Lerneinheiten sind alle auch unter "Typ A" aufgelistet, d.h. die Einschreibung ist allen Studierenden möglich.)
  - D-INFK
  - D-ITET
  - D-MTEC
  - D-HEST
  - D-MAVT
Doktorat Geistes-, Sozial- und Staatswissenschaften (Mehr Informationen unter: )
- Vertiefung Fachwissen
Science, Technology, and Policy Master
- Wahlfächer