Privacy in the Digital Age: Expert Interview with Dr. Maryam Mehrnezhad
In today’s data-driven world, the conversation around digital privacy is more urgent than ever. To explore this complex and evolving topic, we draw insights from Dr. Maryam Mehrnezhad, a leading researcher in security and privacy engineering, who shares her extensive work on emerging technologies, usability, and privacy risks—particularly those affecting marginalized groups.
Real-World Research into Privacy and Security
Dr. Mehrnezhad’s research spans mobile platforms, IoT devices, and browser-based technologies. Her work focuses on how seemingly innocuous sensors—like GPS, motion detectors, NFC, Bluetooth, and ambient sensors—can expose users to side-channel, tracking, and fingerprinting attacks. These attacks threaten users’ privacy without their knowledge, especially in everyday environments like smart buildings, websites, and mobile apps.
She emphasizes the importance of user-centric and inclusive privacy engineering, where solutions are designed with a deep understanding of both technical vulnerabilities and social contexts.
Related Reading: Introduction to Data Privacy
Privacy Perceptions Vary by Context and Demographics
One significant insight from Dr. Mehrnezhad’s work is the privacy perception gap among users. Studies reveal that:
- Most users feel they have little control over the data collected by modern technologies.
- Women express higher concern about privacy and feel less confident in protecting themselves online—highlighting a gender privacy gap.
- Privacy attitudes differ geographically. For example, UK citizens tend to be more relaxed about online privacy compared to their German and French counterparts.
These findings call for privacy-enhancing technologies that consider cultural and demographic nuances.
Privacy Risks in FemTech and Digital Health
A cornerstone of Dr. Mehrnezhad’s recent work involves FemTech—technologies focused on female health such as fertility apps, menstrual trackers, and menopause management tools. These platforms often collect highly sensitive data, including:
- Reproductive and sexual health information
- Data about partners and children
- Family medical history
She identifies a wide range of threat actors interested in this data: from intimate partners and employers to advertisers and even governments. Despite the sensitive nature of the information, many FemTech solutions lack adequate privacy controls and often bypass medical device regulations by branding themselves as general wellness tools.
See Also: GDPR and Your Health Data
Consent Fatigue and Non-Compliant Practices
Consent mechanisms—especially cookie notices—are another focus of Dr. Mehrnezhad’s research. Her studies show that:
- Most apps and websites fail to obtain valid consent under GDPR.
- Design tricks like highlighting “accept” buttons in green nudge users toward agreeing without fully informed choices.
- Withdrawing consent is often six times harder than giving it.
This highlights a critical flaw: users are blamed for “choosing” to share their data, when in reality, systems are designed to coerce consent.
The Business Model Barrier and Regulatory Gaps
According to Dr. Mehrnezhad, a fundamental challenge in achieving privacy is that online business models are rooted in data monetization. This creates a conflict between user protection and profit.
Other barriers include:
- Lack of domain-specific regulations: General privacy laws like GDPR don’t address the nuances of niche technologies (e.g., smart pet devices or FemTech).
- Complex and emerging risks: New technologies introduce harms like tech-enabled abuse or differential risks across populations, which are hard to predict and legislate for.
Inclusive Privacy: A Holistic Framework
Dr. Mehrnezhad advocates for inclusive privacy, which recognizes that:
- Collective privacy means one person’s data can expose others (e.g., genetic tests).
- Reverse privacy occurs when companies know more about you than you do about yourself.
- Unraveling privacy happens when users are coerced into sharing data due to social or institutional pressures.
- Differential vulnerabilities mean the same breach can have radically different consequences depending on gender, nationality, or religion.
This framework encourages researchers and developers to adopt feminist and participatory approaches to security design and policy development, ensuring that no group is disproportionately harmed by technological progress.
Recommended Reading: Cybersecurity Fundamentals: Threats and Countermeasures
Final Takeaway: Privacy Is Not One-Size-Fits-All
As a closing message, Dr. Mehrnezhad reminds us that privacy is multifaceted. It must be approached with technical rigor, social awareness, and inclusive design. Emerging technologies offer immense value, but they also carry hidden risks—especially for vulnerable users.
Inclusive privacy engineering, participatory threat modeling, and interdisciplinary collaboration are key to ensuring a digital future where everyone can use technology without fear or exploitation.
We love to share our knowledge on current technologies. Our motto is ‘Do our best so that we can’t blame ourselves for anything“.