The 2021 European Symposium on Usable Security

The European Symposium on Usable Security (EuroUSEC) serves as a European forum for research and discussion in the area of human factors in security and privacy. EuroUSEC solicits previously unpublished work offering novel research contributions or clearly articulated research visions in any aspect of human-centered security and privacy. The aim of EuroUSEC is to bring together an interdisciplinary group of researchers and practitioners in human-computer interaction, security, and privacy. Participants are researchers, practitioners, and students from domains including computer science, engineering, psychology, the social sciences, and economics.

Given the pandemic-struck world we currently live in, EuroUSEC 2021 will be a virtual-only event. It will take a slightly different shape than last year's virtual-only edition, in order to address points raised during the discussions after last year’s EuroUSEC and in reflection of the virtual academic events held last year:

  1. Most importantly, EuroUSEC will be an independent event, not associated to any conference. This is motivated by the benefits of revision options in the review process and allowing a deadline after the SOUPS and NSPW notifications. Moreover, due to the (Asia)USEC and SOUPS deadlines in February, we felt that a third deadline for the usable security and privacy community in March would have been excessive and a later submission option, in the summer, would be better for everyone involved. Unfortunately, neither is feasible while maintaining a continued association to Euro S&P.
  2. The technology will basically be the same we used last year. We will hold the event using Zoom for the talks and Slack for the discussions. However, differently than last year, as an independent event, this allows us to make attendance free, enhancing EuroUSEC’s accessibility.
  3. On the same note, we have secured funding to pay for the proceedings to be published in the ACM ICPS. The funding will also allow us to pay for the open access options of ICPS, meaning the the proceedings will be open access through the EuroUSEC 2021 website.
  4. We want to accommodate as many time zones as possible, but also allow for breaks so as to reduce Zoom-overload and fatigue. Therefore, EuroUSEC will potentially be a 2-day event. This is of course dependent on the submission numbers.
  5. In light of the changes listed above, it was decided by the Steering Committee to pick up one additional aspect mentioned by participants during the discussion after the last EuroUSEC and enact a small name change: EuroUSEC 2021’s official long name will be 2021 European Symposium on Usable Security.

We want EuroUSEC to be a community-driven event and would love to hear any questions, comments, or concerns you might have regarding these changes from last year. Therefore we want to encourage everyone to join the EuroUSEC Slack . You can also send us an email at


George Finney is a Chief Information Security Officer that believes that people are the key to solving our cybersecurity challenges. George is the bestselling author of several cybersecurity books, including the award-winning book, Well Aware: Master the Nine Cybersecurity Habits to Protect Your Future. George has worked in Cybersecurity for over 20 years and has helped startups, global telecommunications firms, and nonprofits improve their security posture.

More to come...

Call for Papers

We invite you to submit a paper and join us at EuroUSEC 2021, which will be held on October 11 & 12, 2021 online. EuroUSEC 2021 will be an independent event with proceedings published by ACM.

We are excited to welcome original work describing research, visions, or experiences in all areas of usable security and privacy. We welcome a variety of research methods, including both qualitative and quantitative approaches.

We accept both longer papers on mature/completed work in a research track, as well as shorter papers on work in progress or work that has yet to begin in a vision track. This decision to accept both types of submissions, which started with EuroUSEC 2019, aims to include researchers at all stages of their career and at all stages of their projects.

Topics include, but are not limited to:

  • innovative security or privacy functionality and design
  • accessible cyber privacy and security
  • new applications of existing models or technology
  • field studies of security or privacy technology
  • usability evaluations of new or existing security or privacy features
  • security testing of new or existing usability features
  • longitudinal studies of deployed security or privacy features
  • studies of administrators or developers and support for security and privacy
  • psychological, sociological, and economic aspects of security and privacy
  • the impact of organizational policy or procurement decisions
  • methodologies for usable security and privacy research
  • lessons learned from the deployment and use of usable privacy and security features
  • reports of replicating previously published studies and experiments
  • reports of failed usable privacy/security studies or experiments, with the focus on the lessons learned from such experience

We have observed that the most effective workshops are those that encourage discussion between attendees. Each paper presentation will be followed by about 15 minutes of discussion to promote engagement and helpful feedback.

For accepted papers, at least one author must attend the workshop.

Important Dates

Paper registration deadline (mandatory):       Monday, 7th June, 2021 (Anywhere on Earth)                
Paper submission deadline: Friday, 11th June, 2021(Anywhere on Earth)
Notification: Friday, 2nd July, 2021
Revision decision re-submission deadline: Friday, 22nd July, 2021 (Anywhere on Earth)
Revision notification: Friday, 6th August, 2021
Camera ready: 10th August, 2021
EuroUSEC: 11th & 12th October, 2021

Submission Instructions

Papers must be written in English and must be anonymized for review. EuroUSEC 2021 will use a double-blind review process such that reviewers are not revealed to the authors and authors are not revealed to reviewers. Please refer to your own related work in the third person, as though someone else had written it. This requirement also applies to data sets and artifacts. (For example, "We received data from the authors of Smith et al. [31] that we reused for this experiment.") Do not blind citations except in extraordinary circumstances.

All submissions must be original work. Authors must clearly document any overlap with previously published or simultaneously submitted papers from any of the authors. Simultaneous submission of the same paper to another venue with proceedings or a journal is not allowed. Serious infringements of these policies may cause the paper to be rejected from publication and the authors put on a warning list, even if the paper is initially accepted by the program committee. Contact the EuroUSEC chairs if there are questions about this policy.

All submissions must be use the ACM Word or LaTeX templates and the sigconf style. These templates can be obtained on the ACM author submission information website. Contact the EuroUSEC chairs if there are any questions.

Research Track: The research track is intended to report on more mature work that has been completed. The goal of the EuroUSEC's research track is to disseminate results of interest to the broader usable security and privacy community. Papers must not be more than 10 pages in length excluding the bibliography. Try to scale the length of the paper according to the contributions you describe. therein. Authors have the option to attach to their paper supplementary appendices containing study materials (e.g., survey instruments, interview guides, etc.) that would not otherwise fit within the body of the paper. Reviewers are not required to read any appendices, so your paper should be self-contained without them. ACM also allows publication of additional supplemental materials and we want to encourage all authors to use this option to provide research artifacts if applicable (e.g., builds of own software used in the study).

Vision Track: The vision track is intended to report on work in progress or concrete ideas for work that has yet to begin. The focus in the vision track is to spark discussion with the goal to provide the authors helpful feedback, pointers to potentially related investigations, and new ideas to explore. Suitable submissions to the vision track include traditional work-in-progress pieces such as preliminary results of pre-studies, but also research proposals and position papers outlining future research. Papers must be up to 6 pages in length including the bibliography, and with no appendices. Submissions to the vision track should have a title beginning with the prefix "Vision: ".

Submission Site

Please upload your submission to our HotCRP instance, which will open for paper registration and submissions in April. The link to the submission system will be placed here, once available.


The EuroUSEC 2021 proceedings will be published through ACM as part of their International Conference Proceedings Series (ICPS). ACM will put the full-text of the proceedings papers into the ACM Digital Library. There will be no hard copies.

Program Committee Chairs

The chairs can be contacted at

Publicity Chairs

  • Sanchari Das, Indiana University (USA)
  • Anne Hennig, Karlsruhe Institute of Technology (Germany)
  • Theodor Schnitzler, Ruhr University Bochum (Germany)

Program Committee

  • Ali Farooq, University of Turku (Finland)
  • Christian Stransky, Leibniz University Hannover (Germany)
  • Daniel Thomas, Strathclyde University (UK)
  • Daricia Wilson, Clemson University (US)
  • Florian Alt, Bundeswehr University Munich (Germany)
  • Ganna Pogrebna, The Alan Turing Institute (UK)
  • Heinrich Hußmann, Ludwig-Maximilians-Universität München (Germany)
  • Ingolf Becker, University College London (UK)
  • Ivano Bongiovanni, University of Queensland (Australia)
  • James Nicholson, Northumbria University (UK)
  • Jan-Willem Bullee, University of Twente (Netherlands)
  • Jeremiah Onaolapo, University of Vermont (USA)
  • Karl van der Schyff, Rhodes University (South Africa)
  • Kévin Huguenin, University of Lausanne (Switzerland)
  • Kevin Roundy, NortonLifeLock Research Group (USA)
  • Lydia Kraus, Masaryk University (Czech Republic)
  • Lisa Short, University of Johannesburg (South Africa)
  • Nora Abdullah, King Saud University (Saudi Arabia)
  • Oliver Wiese, FU Berlin (Germany)
  • Oksana Kulyk, IT University Copenhagen (Denmark)
  • Oshrat Ayalon, Max Planck Institute for Software Systems (Germany)
  • Patricia Aria-Cabarcos, Karlsruhe Institute of Technology (Germany)
  • Peter Gorski, INFODAS GmbH (Germany)
  • Paul Van Schaik, Teesside University (UK)
  • Rahul Chatterjee, University of Wisconsin Madison (USA)
  • Reinhardt Botha, Nelson Mandela University (South Africa)
  • Richard Shay, MIT Lincoln Laboratory (USA)
  • Sana Maqsood, Carleton University (USA)
  • Sanchari Das, University of Denver (USA)
  • Scott Ruoti, The University of Tennessee (USA)
  • Simon Parkin, TU Delft (Netherlands)
  • Tatsuya Mori, Waseda University (Japan)
  • Thomas Gross, Newcastle University (UK)
  • Verena Distler, University of Luxembourg (Luxembourg)

Steering Committee

  • Angela Sasse, Ruhr University Bochum / Ruhr-Universität Bochum (Germany)
  • Matthew Smith, University of Bonn / Rheinische Friedrich-Wilhelms-Universität Bonn (Germany)
  • Melanie Volkamer, Karlsruhe Institute of Technology (Germany)
  • Charles Weir, Lancaster University (UK)