Publications

This page lists my publications.

Essays and opinion pieces
Reports
Artificial Intelligence
Privacy and anti-surveillance
Academic publications
Other publications

You can find my earlier writings on the blog of TU Delft.

Essays and opinion pieces

Tech Policy Press, The EU AI Continent Action Plan: Hype, Burn, Rinse, and Repeat, 10 April 2025. [Archive]
EUoberver, Why is EU Parliament using a ‘bullshit generator’ AI for archive access?, 7 April 2025. [Archive]
Communications of the ACM, Privacy Washing through PETs: the Case of Worldcoin, 28 March 2025. [Archive]
Tech Policy Press, Will Ireland be Big Tech’s Lapdog Yet Again?, 26 March 2025. [Archive]
Tech Policy Press, EU’s AI Act: Tread the Guidelines Lightly, 21 February 2025. [Archive]
Euractiv, A false start is not an option for the EU AI Office, 10 July 2024. [Archive]
Tech Policy Press, Hope: The AI Act’s Approach to Address the Environmental Impact of AI, 21 May 2024. With Zuzanna Warso. [Archive]
Mediapart, IA : l’autorégulation des modèles de fondation mettrait en danger les droits humains, 4 December 2023. With Xavier Brandao. [Archive]
Euronews, Regression to self-regulation means the EU AI Act will fail to plug the harms, 22 November 2023. [Archive]
Euronews, Not regulating AI should be out of the question, 15 November 2023. [Archive]
Euractiv, Will the AI Act clip the wings of regulators?, 19 October 2023. [Archive]
Nikkei Asia, Japan should seize chance to get generative AI rules right, 19 June 2023. [Archive]
Euronews, What can the EU learn from China’s generative AI regulation before it adopts its AI Act?, 23 May 2023. [Archive]
Bulletin of the Atomic Scientists, How to deal with an AI near-miss: Look to the skies, 9 May 2023. [Archive] [Journal version]
Euractiv, Prevent, rather than only report, serious AI incidents, 7 July 2022. [Archive]
- German translation, 8 July 2022.
Euractiv, The EU AI law will not be future-proof unless it regulates general purpose AI systems, 30 May 2022. With Risto Uuk. [Archive]
- German translation, 30 May 2022.
- Greek translation on Euractiv, 31 May 2022.
- Simplified Chinese translation, 31 May 2022.
- Danish translation on DataTech, 21 June 2022.

Reports

Bias evaluation. 23 January 2025 (Written in March 2024). Available at EDPB and BfDI
Effective implementation of data subjects’ rights. 23 January 2025 (Written in March 2024). Available at EDPB and BfDI
How to deal with an AI near-miss: Look to the skies. Bulletin of the Atomic Scientists, Volume 79, 2023 - Issue 3: Special issue: Early warnings and near misses: Lessons we still haven’t learned. Available at Taylor & Francis. [Archive]
The role of the trust category for the development of new data protection approaches. With Markus Uhlmann and Michael Weiler. Amsterdam Privacy Conference, October 2018. Available at ResearchGate.

Artificial Intelligence

How not to deploy generative AI: the Story of the European Parliament, 3 April 2025. Available at ICCL.
AI system definition guidelines fail to provide clarity, 7 February 2025. Available at ICCL.
Submission on the Prohibitions under the EU AI Act, 9 December 2024. Available at ICCL.
Submission to the European Commission on the establishment of the Scientific Panel under the EU AI Act, 8 November 2024. Available at ICCL.
The hazard of industry influence on the independent scientific panel, 24 September 2024. Available at ICCL. [PDF]
Submission to the Irish Government on AI Act Implementation, 16 July 2024. Available at ICCL. [PDF]
The UK Competition Authority Should Investigate the AI Partnerships now, 13 May 2024. Available at ICCL. [PDF]
Submission to European Commission on dual-use R&D funding, 30 April 2024. Available at ICCL. [PDF]
ICCL Enforce Urges European Commission to Address Concentration in AI, 11 March 2024. Available at ICCL.
Submission to European Commission on Microsoft-OpenAI “partnership” merger inquiry, 30 January 2024. Available at ICCL. [PDF] [Financial Times] [Politico-1] [Politico-2]
Submission on Microsoft-OpenAI “partnership” merger inquiry, 9 January 2024. Available at ICCL. [PDF] [Politico] [Euractiv] [TechCrunch] [Financial Times]
Product Liability Directive: A lost opportunity for the EU, 14 December 2023. Available at ICCL.
ICCL submission on G7 generative AI consultation, 25 October 2023. Available at ICCL.
ICCL recommendations in European Commission’s AI standardisation request, 12 June 2023. Available at ICCL.
ICCL recommendations in important European Parliament text on the AI Act, 10 May 2023. Available at ICCL.
EUs AI Liability regime should apply strict liability, 28 November 2022. Available at ICCL. [PDF]
New liability rules on product and AI are encouraging but need improvement, 4 October 2022. Available at ICCL.
European Parliament embraces ICCL recommendations on the Artificial Intelligence Act, 5 May 2022. Available at ICCL.
Technical errors in the AI Act, 8 March 2022. Available at ICCL. [PDF] [Politico]
Flaws in ex-post enforcement in the AI Act, 15 February 2022. With Johnny Ryan. Available at ICCL. [PDF] [Politico]
- Update on 1 April 2022: Three column document with amendments to strengthen the enforcement powers of market surveillance authorities and to monitors providers. [PDF]
- Update on 29 April 2022: Many of these amendments have been included in the IMCO-LIBE joint report from the European Parliament. See especially Amendments 172, 219, 258-270.
Submission to the consultation on adapting the liability rules to the digital age and artificial intelligence, 7 January 2022. Available at ICCL. [PDF]
A serious loophole in Europe’s draft AI Regulation?, 27 October 2021. With Johnny Ryan. Available at ICCL. [PDF]
- Update on 11 November 2021: Two column document with amendments to fix the AI Regulation’s scope errors. [PDF]
- Update on 15 February 2022: Three column document that describes how Council’s partial compromise text does not address the scope errors to protect rights. [PDF]

Privacy and anti-surveillance

ICCL recommendations in European Parliament text on the Health Data Space, 29 November 2023. Available at ICCL.
Ombudsman: European Commission’s concealment of secret ‘expert list’ on CSAM regulation constitutes ‘maladministration’, 6 November 2023. Available at ICCL. [Euractiv] [Politico] [Silicon Republic] [Netzpolitik.org] [The Register] [Techdirt]
Problems with the secondary use of health data in the European Health Data Space, 22 March 2023. With Johnny Ryan. Available at ICCL. [PDF]
ICCL calls for immediate removal of Hikvision cameras from Oireachtas, 12 February 2023. Available at ICCL. [PDF] [The Sunday Times] [Irish Independent] [Irish Examiner] [Business Post] [The Irish News] [Raidió Teilifís Éireann (RTÉ)] [The Journal (Irish)] [The Irish Sun] [The Independent (British)] [Silicon Republic] [Politico]
- Update on 13 February 2023:
  - Opposition leaders back ICCLs call to remove Hikvision CCTV cameras. [The Irish Times] [Business Post]
  - Office of Public Works, responsible for procurement of CCTVs at the Oireachtas, commits to review best practice. [Raidió Teilifís Éireann (RTÉ)] [Irish Examiner]
- Update on 15 February 2023:
  - ICCL writes to the Office of Public Works and Oireachtas seeking details of CCTV review. Available at ICCL. [PDF] [The Irish Times]
  - National Cyber Security Centre of Ireland says it is drafting IT infrastructure procurement guidelines amid CCTV concerns. [The Journal (Irish)]
Does the European Parliament use Facial Recognition Technology?, 16 January 2023. Available at ICCL. [PDF] [Politico] [Euractiv] [Dziennik Gazeta Prawna]
- Update on 8 February 2023: 38 Ministers of European Parliament wrote to the President of European Parliament citing concerns raised in ICCL letter. [PDF] [Politico]

Academic Publications

Manuscripts

Kris Shrishak. Practical Secure Computation for Internet Infrastructure, April 2021. Ph.D. thesis. [Cite] [PDF]
Kris Shrishak. Incorporating Leveled Homomorphic Encryption-based Private Information Retrieval in Federated eID Schemes to Enhance User Privacy, May 2016. M.Sc. Thesis. [PDF]

Peer-reviewed publications

Author names are listed alphabetically in most of my publications (exceptions: 1-2).

Kris Shrishak, Haya Shulman. Negotiating PQC for DNSSEC. DSN, June 2021. [Cite]
Kris Shrishak, Haya Shulman. Privacy Preserving and Resilient RPKI. INFOCOM, May 2021. [Cite] [ePrint] [arXiv]
Anders Dalskov, Marcel Keller, Claudio Orlandi, Kris Shrishak, Haya Shulman. Securing DNSSEC Keys via Threshold ECDSA From Generic MPC. ESORICS, September 2020. [Cite] [ePrint] [Youtube]
Kris Shrishak, Haya Shulman. Limiting the Power of RPKI Authorities. ANRW, July 2020. [Cite] [Youtube] [APNIC Blog] [RIPE Labs] [Rule11 Tech]
Markus Brandt, Claudio Orlandi, Kris Shrishak, Haya Shulman. Optimal Transport Layer for Secure Computation. SECRYPT, July 2020. [Cite] [ePrint]
Kris Shrishak, Haya Shulman. MPC for Securing Internet Infrastructure. DSN, July 2020. [Cite] [Youtube]
Michael Kreutzer, Ruben Niederhagen, Kris Shrishak, Hervais Simo Fhom. Quotable Signatures using Merkle Trees. GI-Jahrestagung 2019, September 2019. [Cite]
Kris Shrishak, Haya Shulman, Michael Waidner. Removing the Bottleneck for Practical 2PC. ACM CCS, October 2018. [Cite]
Kris Shrishak, Zekeriya Erkin, Remco Schaar. Enhancing User Privacy in Federated eID Schemes NTMS, November 2016. [Cite]
Kris Shrishak, Zekeriya Erkin, Remco Schaar. Enhancing privacy of users in eID schemes. 37th WIC Symposium on Information Theory in the Benelux, May 2016. [PDF]

Other publications

Sustainable Internet governance (contributor) in Recommendations for a sustainable digital future; Youth4DigitalSustainability, November 2020. Available at German Informatics Society.
Kris Shrishak. Limiting the Power of RPKI Authorities, 27 August 2020. Available at APNIC Blog and RIPE Labs.
Kris Shrishak. How ‘human chipping’ influences who we are and who we think we are, Lesezeichen “Technik”, August 2020. Available at Asta Darmstadt.
Kris Shrishak. (Almost) Predictable beings in a Techno-social World, Lesezeichen “Technik”, August 2020. Available at Asta Darmstadt.
Data protection and children’s safety (contributor) in YOUthDIG 2020 messages, May 2020. Available at EuroDIG.