Skip to main content

Institute for Cyber Security and Privacy (ICSP)

20210218_fbinf_jan_tolsdorf_img_privat-portrait.jpg (DE)

Dr Jan Tolsdorf

Third-party funded project "MedISA"


Department of Computer Science

Research fields

  • Usable Privacy, Information Privacy


Sankt Augustin




Grantham-Allee 20

53757, Sankt Augustin


+49 2241 865 9568


Jan Tolsdorf studied Media Technology at the TH Köln, where he received his B.Sc. and M.Sc. degrees. After working as a software developer for web, audio and video technologies, he joined the Data and Application Security Group of Prof. Dr.-Ing. Luigi Lo Iacono at the TH Köln as a research assistant in 2018. There, his work focused on topics in the area of Usable Security & Privacy. In June 2020, he then moved together with the research group to H-BRS, where he has since continued his work.

Next to his activities as a research assistant, he joined the Computer Security and Privacy Research Group of Prof. Dr.-Ing. Delphine Reinhardt at the University of Göttingen as an external PhD student in July 2019. There, he completed the PhD Programme in Computer Science and graduated with distinction in August 2022.

Curriculum vitae

Research Projects


Medical Centre Employee Centered Information Security Awareness

Project management at the H-BRS

Prof. Dr Luigi Lo Iacono

More and more companies are shifting their business models to the Internet and using digital ecosystems as platforms. The COVID 19 pandemic has further strengthened this trend. However, data protection is perceived by many companies as a brake on innovation because there is a lack of knowledge and tools to implement the legal requirements correctly. The D'accord research project is therefore developing a so-called data protection cockpit.

Project management at the H-BRS

Prof. Dr Luigi Lo Iacono


  • S. Wiefling, J. Tolsdorf, L. Lo Iacono. Data Protection Officers' Perspectives on Privacy Challenges in Digital Ecosystems. Proceedings of the 4th Workshop on Security, Privacy, Organizations, and Systems Engineering (SPOSE), 2022. Accepted for publication.
  • J. Tolsdorf, F. Dehling, and L. Lo Iacono. Data Cart – Designing a Tool for the GDPR-compliant Handling of Personal Data by Employees. Behaviour & Information Technology (BIT), p. 1–36, 2022.
  • J. Tolsdorf, D. Reinhardt, L. Lo Iacono. Employees’ Privacy Perceptions: Exploring the Dimensionality and Antecedents of Personal Data Sensitivity and Willingness to Disclose. Proceedings on Privacy Enhancing Technologies (PoPETs), 2022(2):68–94, 2022. Acceptance rate for full papers: 26%.
  • F. Dehling, D. Feth, S. Polst, B. Steffes, and J. Tolsdorf. Components and Architecture for the Implementation of Technology-driven Employee Data Protection. Proceedings of the 18th International Conference on Trust, Privacy and Security in Digital Business (TrustBus), 2021. Acceptance rate for full papers: 37%.
  • S. Wiefling, J. Tolsdorf, and L. Lo Iacono. Privacy Considerations for Risk-based Authentication Systems. Proceedings of the 7th IEEE International Workshop on Privacy Engineering (IWPE), 2021.
  • J. Tolsdorf, M. Fischer, and L. Lo Iacono. A Case Study on the Implementation of the Right of Access in Privacy Dashboards. Proceedings of the 9th Annual Privacy Forum (APF), 2021. Acceptance rate for full papers: 21%.
  • J. Tolsdorf, F. Dehling, D. Reinhardt, and L. Lo Iacono. Exploring Mental Models of the Right to Informational Self-Determination of Office Workers in Germany. Proceedings on Privacy Enhancing Technologies (PoPETs), 2021(3):5–27, 2021. Acceptance rate for full papers: 17%.
  • J. Tolsdorf, F. Dehling, und D. Feth. Benutzerfreundlicher Datenschutz in Cloud-basierten Office-Paketen. Datenschutz und Datensicherheit (DuD), 45(1):33–39, 2021.
  • S. Polst, J. Tolsdorf, F. Dehling, und D. Feth. Verarbeitung von Beschäftigtendaten. Datenschutz und Datensicherheit (DuD), 45(1):19–22, 2021.
  • J. Tolsdorf, F. Dehling, and L. Lo Iacono. Take Back Control! The Use of Mental Models to Develop Privacy Dashboards. ITG News, 8(3):15–20, 2020.
  • J. Tolsdorf and L. Lo Iacono. Vision: Shred If Insecure – Persuasive Message Design as a Lesson and Alternative to Previous Approaches to Usable Secure Email Interfaces. Proceedings of the 5th IEEE European Workshop on Usable Security (EuroUSEC, EuroSPW), 2020.
  • J. Tolsdorf, C. K. Bosse, A. Dietrich, D. Feth, H. Schmitt, Privatheit Am Arbeitsplatz - Transparenz Und Selbstbestimmung Bei Arbeit 4.0. Datenschutz und Datensicherheit (DuD), 44(3):176-181, 2020.
  • J. Tolsdorf, F. Dehling. In Our Employer We Trust: Mental Models of Office Workers' Privacy Perceptions. Proceedings of the 1st Asian Workshop on Usable Security (AsiaUSEC, FC workshop), 2020.
  • N. Gruschka, L. Lo Iacono, J. Tolsdorf. Classification of Android App Permissions: Tell Me What App You Are and I Tell You What You Are Allowed to Do. Proceedings of the 17th European Conference on Information Warfare and Security (ECCWS), 2018.
  • H.V. Nguyen, J. Tolsdorf, L. Lo Iacono. On the Security Expressiveness of REST-based API Definition Languages. Proceedings of the 14th International Conference On Trust, Privacy and Security In Digital Business (TrustBus), 2017. Acceptance rate for full papers: 38%.