Send email Copy Email Address

2024-01-10
Felix Koltermann

Episode 28: Research at the intersection of information security and privacy

A new episode of our CISPA-TL;DR podcast is online! It is again part of our #WomenInCybersecurity series. We talk to Dr. Christine Utz about cybersecurity and data protection. The CISPA researcher has had a remarkable interdisciplinary study career with degrees in law and information security. She tells us what fascinates her about interdisciplinarity, what research topics she is currently working on and what methods she is using to find the answers she is looking for. The interview was conducted in German and is now online wherever podcasts are available.

When it comes to her research goal, CISPA researcher Dr. Christine Utz has a clear idea: "I would like to make it easier for users to assert their right to privacy in the digital world," says Utz in the podcast. She sees the fact that the law often lags behind technical developments as a major hurdle. "It's like a game of cat and mouse. If I develop a counter-measure to a tracking mechanism, the trackers build another mechanism around it," she says. But none of this puts her off, on the contrary: "I want to find ways and means of countering the deficit between legal regulations and reality. Against this backdrop, I want to explore what new threats there are for users."

It is important to her to always keep the user perspective in mind. "It would be helpful if we didn't overwhelm people with consent dialogs or data protection declarations, but instead built devices and services from the ground up in such a way that they respect these rights from the outset," explains Utz. The General Data Protection Regulation plays a decisive role here, the CISPA researcher continues: "The GDPR contains the principle of data protection by design and by default. This means that it should be built into the systems from the outset, rather than simply being slapped on at the end. This requires a major rethink and is subject to economic developments that make the whole thing somewhat more difficult."

Interdisciplinarity as an attitude

The remarkable thing about Utz's biography is that she had to start from scratch in information technology after completing her law degree. Her fascination with IT topics has been with her since her school days: "I wanted a computer when I was still in the 5th grade and taught myself everything with books for computer kids." Not only was her academic career interdisciplinary, with two degrees in completely different subjects, but also her doctorate at Ruhr University Bochum. She worked there on the doctoral program "SecHuman - Security for humans in cyberspace" together with a lawyer. When asked what she herself associates with interdisciplinarity, she replied in the podcast: "This work teaches you to take a step back from your specialist perspective and present things in a way that people with a different background can understand."

More flexible study models and dealing with academic age

Utz sees challenges in the academic system in general and in information security in particular less in terms of gender issues than in relation to dealing with academic and biological age. "It's harder to get started if you've studied something else before," says Utz. That's why she took out a student loan, for example, to finish faster. She would like to see more flexible study models to compensate for the disadvantages of a second degree or to make it easier to study later in life. Something similar should also be considered in recruitment processes, says Utz: "It is important to look at academic age, not biological age."

Even if it is a coincidence, it is remarkable that, after Bochum in the Ruhr region, Utz is now once again working in a region undergoing structural change, in Sankt Ingbert in Saarland. "I find all these relics from times gone by very exciting," says Utz on the subject. "It's great to see how they are being used differently and put to new uses. I found the premises at our "CISPAlovesIGB" event very impressive. That's how you bring the past and the future together." At the end of the interview, she confesses that she takes her work so seriously that she has made her cell phone Google-free. This way, she feels better protected from data queries.

TL;DR, short for "Too Long Didn't Read", is the name of the first CISPA podcast, with "Women in Cybersecurity" as its special edition. We have been on air since 2022 and are available on all popular podcast platforms. Every month, we talk to CISPA researchers about their work on cybersecurity topics and artificial intelligence and try to ask them exactly the questions that listeners are asking themselves. Our aim is to explain complex topics in simple language. Since people from 49 nations work at CISPA, the conversations are alternatingly conducted in German and in English.