Dr. Daniel Smullen 

Date: Tuesday, Janaury 20
Time: 12:30-1:50 PM. 
All seminars will be held in Hamburg Hall, 1002 and will be available via Zoom.

TItle
How Privacy Engineering Scales: From Professional Practice to Privacy Infrastructure

Abstract
Privacy engineering is steadily maturing as a profession, yet the field still lacks shared, standardized technical building blocks. As a result, even highly skilled privacy engineers often rely on one-off, organization-specific mechanisms. Although these solutions may work in the moment, they also create infrastructure that can be difficult to generalize, reuse, or sustain over time. In this talk, I proffer that standards are how professions scale. Drawing on work across academia, industry, and standards bodies, I first summarize findings from recent empirical research that defines privacy engineering as a profession and examines what privacy engineers actually do in practice. This research shows that much of privacy engineering revolves around translating human expectations, regulatory requirements, and organizational risk into concrete system behavior—often without common protocols, representations, or system-level abstractions designed to support that translation. I then pivot to ongoing work on Privacy Preference Declarations (PPDs), which enable users to express persistent, personalized, machine-readable privacy preferences that systems can act on directly with minimal user intervention. I conclude by discussing why advancing this work through standards bodies such as IEEE and IETF is key to moving privacy engineering beyond ad hoc solutions and toward durable, interoperable privacy infrastructure.

Bio
Dr. Daniel Smullen is Principal Privacy Research Engineer at CableLabs, where he directs privacy and trust research for a global cable market worth more than $500 billion USD and serves as a strategic adviser to senior executives across 2,000 vendor partners. Before joining CableLabs, he spent four years at Amazon Lab126, creating large-language-model pipelines that distilled customer feedback and predicted emerging risks for Alexa and Devices & Services. Earlier in his career, Dr. Smullen engineered high-performance radar-image processing systems at NASA’s Jet Propulsion Laboratory, cutting analysis times from weeks to minutes for the UAVSAR program. He holds a Ph.D. in Software Engineering from Carnegie Mellon University’s CyLab Security and Privacy Institute, where he partnered with the founders of the world’s first Privacy Engineering program and authored patents and publications spanning privacy-enhancing technologies, artificial intelligence, natural-language processing, and human–computer interaction.

Dr. Smullen’s specialty in usable privacy and security has influenced policy on Capitol Hill, guided defense sponsors on AI-enabled mission technology, and helped Fortune 500 firms embed privacy at launch. A contributing member of the Connectivity Standards Alliance, he shapes Matter’s Data Privacy Working Group and earned the 2024 Outstanding Contributor Award for his leadership. Through the Institute for Operational Privacy Design he co-authored the Design Assurance Standard, translating abstract principles into auditable engineering controls. At CableLabs he alternates among consultant, scientist, and engineer, conducting ethnographic studies, turning behavioral-economics insights into seamless security workflows, drafting network-protocol requirements that embed privacy by default, and prototyping PET-driven machine-learning systems that neutralize data risks in real time. Comfortable working in English, with working proficiency in German and French, he rallies interdisciplinary teams around a single vision: software that is universally usable, fiercely secure, and profoundly respectful of human privacy.