Results

The results can also be found on the PETS 2026 proceedings.

2026.1

Title	Artifact URL
Gaze3P: Gaze-Based Prediction of Perceived Privacy	Artifact: Available
Ad Personalization and Transparency in Mobile Ecosystems: A Comparative Analysis of Google’s and Apple’s EU App Stores	Artifact: Available, Functional, Reproduced
dX-Privacy for Text and the Curse of Dimensionality	Artifact: Available, Functional
Location-Enhanced Information Flow for Home Automations	Artifact: Available, Functional, Reproduced
PriVA-C: Defending Voice Assistants from Fingerprinting Attacks	Artifact: Available
Bot Among Us: Exploring User Awareness and Privacy Concerns About Chatbots in Group Chats	Artifact: Available, Functional, Reproduced
SPRINT: Scalable Secure & Differentially Private Inference for Transformers	Artifact: Available, Functional
Ephemeral Network-Layer Fingerprinting Defenses	Artifact: Available, Functional, Reproduced
Evaluating connection migration based QUIC censorship circumvention	Artifact: Available, Functional, Reproduced
Privacy Attacks on Matrix Profiles based on Reconstruction Techniques	Artifact: Available, Functional, Reproduced
Making Sense of Private Advertising: A Principled Approach to a Complex Ecosystem	Artifact: Available, Functional, Reproduced
Personal Data Flows and Privacy Policy Traceability in Third-party LLM Apps in the GPT Ecosystem	Artifact: Available, Functional, Reproduced
Sanitization or Deception? Rethinking Privacy Protection in Large Language Models	Artifact: Available
Word-level Annotation of GDPR Transparency Compliance in Privacy Policies using Large Language Models	Artifact: Available
ReporTor: Facilitating User Reporting of Issues Encountered in Naturalistic Web Browsing via Tor Browser	Artifact: Available, Functional
Securing Private Federated Learning in a Malicious Setting: A Scalable TEE-Based Approach with Client Auditing	Artifact: Available
How Experts Personalize Privacy & Security Advice for At-Risk Users	Artifact: Available

2026.2

Title	Artifact URL
Breaking BAD? Better Call SAUL! -- Breaking and Fixing Bloom Filters with Added Diffusion	Artifact: Available
Frequency Estimation of Correlated Multi-attribute Data under Local Differential Privacy	Artifact: Available, Functional, Reproduced
Preserving Target Distributions With Differentially Private Count Mechanisms	Artifact: Available, Functional, Reproduced
Analyzing Societal Awareness and Perception of Digital Fingerprinting and Fingerprinting Countermeasures	Artifact: Available, Functional
Privacy Bias in LLMs: A Contextual Integrity-based Auditing Metric	Artifact: Available, Functional, Reproduced
Clicking into Exposure: Uncovering Privacy Risks of Google Click Identifier in YouTube Ads	Artifact: Available, Functional, Reproduced
CoinJoin ecosystem insights for Wasabi 1.x, Wasabi 2.x and Whirlpool coordinator-based privacy mixers	Artifact: Available, Functional, Reproduced
Secure Change-Point Detection for Time Series under Homomorphic Encryption	Artifact: Available, Functional, Reproduced
Exercising the CCPA Opt-out Right on Android: Legally Mandated but Practically Challenging	Artifact: Available, Functional
AI-in-the-Loop: Privacy Preserving Real-Time Scam Detection and Conversational Scambaiting by Leveraging LLMs and Federated Learning	Artifact: Available
Cryptographically-Secured Domain Validation	Artifact: Available, Functional, Reproduced
Obscura: Enabling Ephemeral Proxies for Traffic Encapsulation in WebRTC Media Streams Against Cost-Effective Censors	Artifact: Available, Functional
Are we collaborative yet? A Usability Perspective on Mixnet Latency for Real-Time Applications	Artifact: Available, Functional
What-App? App usage detection using encrypted LTE/5G traffic	Artifact: Available, Functional
CURE: Privacy-Preserving Split Learning Done Right	Artifact: Available, Functional
Analysis and Attacks on the Reputation System of Nym	Artifact: Available, Functional, Reproduced
SentinelTouch: A Lightweight Privacy-Preserving Biometric-Fingerprinting Authentication and Identification System Based on Neural Networks and Homomorphic Encryption	Artifact: Available, Functional, Reproduced
Humanitarian Aid Distribution with Privacy-Preserving Assessment Capabilities	Artifact: Available, Functional, Reproduced
Gryphes: Hybrid Proofs for Modular SNARKs with Applications to zkRollups	Artifact: Available, Functional, Reproduced
Pantomime: Motion Data Anonymization Using Foundation Motion Models	Artifact: Available
Privacy by Voice: Designing Usable Privacy Notices for the Voice Interface	Artifact: Available
tigro: Trust Infrastructure for Grassroots Organizing via Grounded Digital Annotations	Artifact: Available
Multi-Party Private Join	Artifact: Available, Functional, Reproduced
Privacy vs. Profit: The Impact of Google's Manifest Version 3 (MV3) Update on Ad Blocker Effectiveness	Artifact: Available, Functional, Reproduced
“I Just Press Allow”: Understanding Privacy Practices of New Internet Users in Urban India	Artifact: Available
Website fingerprinting on Nym: Attacks and Defenses	Artifact: Available, Functional, Reproduced
HyperVerITAS: Verifying Image Transformations at Scale on Boolean Hypercubes	Artifact: Available, Functional
SoK: Can Fully Homomorphic Encryption Support General AI Computation? A Functional and Cost Analysis	Artifact: Available, Functional

2026.3

Title	Artifact URL
Dodge: A Client-Side Framework for Application-Layer Video Fingerprinting Defenses	Artifact: Available
Weight Initialization based on Gradient Similarity for Versatile Machine Unlearning	Artifact: Available
Chatbot Confessions: Large-Scale Analysis of Private Data Disclosure in Shared AI Chatbot Conversations	Artifact: Available, Functional
AudAgent: Automated Auditing of Privacy Policy Compliance in AI Agents	Artifact: Available, Functional
Understanding Privacy and Quality Tradeoffs in Synthetic Network Data	Artifact: Available
An Improved Entropy Measure for Web Browser Fingerprinting Risk	Artifact: Available, Functional, Reproduced
Quantifying Classifier Utility under Local Differential Privacy	Artifact: Available, Functional, Reproduced
Redefining Website Fingerprinting Attacks with Multi-Agent LLMs	Artifact: Available
Pseudonymity at Risk: Linkage Attacks on Blockchain Users with Off-Chain Cues	Artifact: Available
Privacy in Theory, Bugs in Practice: Grey-Box Auditing of Differential Privacy Libraries	Artifact: Available, Functional, Reproduced
PROVGEN: A Privacy-Preserving Approach for Outcome Validation in Genomic Research	Artifact: Available, Functional
DP-Hype: Distributed Differentially Private Hyperparameter Search	Artifact: Available, Functional, Reproduced
CensorLess: Cost-Efficient Censorship Circumvention Through Serverless Cloud Functions	Artifact: Available, Functional
Dynamic Probabilistic Noise Injection for Membership Inference Defense	Artifact: Available, Functional, Reproduced
Access Granted, Privacy Lost: Formalizing & Quantifying the Hidden Anonymity Risks of Exclusive-Use Systems	Artifact: Available, Functional, Reproduced
OAuthHub: Mitigating OAuth Data Overaccess through a Local Data Hub	Artifact: Available, Functional
Banned Books: Analysis of Censorship on Amazon.com	Artifact: Available
Practical Semi-Open Chat Groups for Secure Messaging Applications	Artifact: Available, Functional, Reproduced
zkRevoke: Configurable Untraceability for Verifiable Credentials using ZKPs	Artifact: Available, Functional, Reproduced
EXADPrinter: Semi-Exhaustive Permissionless Device Fingerprinting Within the Android Ecosystem	Artifact: Available, Functional
The Masks We (Think We) Wear: Privacy Threats of Browser-Extension Wallets in the Web3 Ecosystem	Artifact: Available, Functional, Reproduced
TraCS: Trajectory Collection in Continuous Space under Local Differential Privacy	Artifact: Available, Functional
Revisiting the LiRA Membership Inference Attack Under Realistic Assumptions	Artifact: Available, Functional, Reproduced