The Center for Education and Research in Information Assurance and Security (CERIAS)

The Center for Education and Research in
Information Assurance and Security (CERIAS)

Rebecca Herold - Ponemon Institute Distinguished Fellow

Students: Spring 2024, unless noted otherwise, sessions will be virtual on Zoom.

Sorting Surveillance Benefits from Harms

Oct 11, 2023

Download: Video Icon MP4 Video Size: 283.7MB  
Watch on Youtube Watch on YouTube


Tracking technologies are proliferating at an increasingly high rate in apps, IoT devices, websites, and in a wide range of files. They are not only impacting privacy in wider and more harmful ways, but they have also extended far beyond the digital world and are also impacting physical safety. Such tools can certainly be very beneficial, when used responsibly and with informed awareness of the cybersecurity and privacy risks. However, when they are used without establishing technical and non-technical boundaries, and without taking risk mitigation actions, the associated surveillance activities can, and have, brought physical harms. I was an expert witness for a case a couple of years ago involving a stalker's use of his victim's smart car to find and almost fatally assault her. I'm currently an expert witness for two separate cases involving the use of Meta Pixels, Conversion APIs, cookies, and other types of tracking tech for surveillance of online activities. Virtually daily there are news articles reporting privacy invasions by digital trackers, drones, security cameras, and more. I will provide several real-life use cases, and provide discussion for the technical and non-technical capabilities that possibly could have been identified through risk assessment activities prior to making such products publicly available and informed the needed associated security and privacy capabilities, that would have supported privacy and cybersecurity protections and physical safety.

About the Speaker

Rebecca Herold
Rebecca Herold has over 30 years of security, privacy and compliance experience. She is founder of The Privacy Professor Consultancy (2004) and of Privacy & Security Brainiacs SaaS services (2021) and has helped hundreds of clients throughout the years. Rebecca has been a subject matter expert (SME) for the National Institute of Standards and Technology (NIST) on a wide range of projects since 2009, including: 7 ½ years leading the smart grid privacy standards creation initiative, and co-authoring those informative references and standards; 2 years being a co-author of and a SME member of the team that created the Privacy Framework (PF) and associated documents;  and 3 years as a SME team member, and co-author of the internet of things (IoT) technical and non-technical standards and associated informative references; and performing throughout the years proof of concept (PoC) tests for a variety of technologies, such as field electricity solar inverters, PMU reclosers, and associated sensors.  Rebecca has served as an expert witness for cases covering HIPAA, privacy compliance, criminals using IoT devices to track their victims, stolen personal data of retirement housing residents, tracking app and website users via Meta Pixels and other tracking tech, and social engineering using AI. Rebecca has authored 22 books, and was adjunct professor for 9 ½ years for the Norwich University MSISA program. Since early 2018 Rebecca has hosted the Voice America podcast/radio show, Data Security & Privacy with the Privacy Professor. Rebecca is based in Des Moines, Iowa, USA.

Ways to Watch


Watch Now!

Over 500 videos of our weekly seminar and symposia keynotes are available on our YouTube Channel. Also check out Spaf's YouTube Channel. Subscribe today!