It is our great pleasure to welcome you to the ninth edition of the ACM Conference on Data and Application Security and Privacy (CODASPY 2019), which follows the successful eight editions held in February/March 2011-2018. This conference series has been founded to foster novel and exciting research in this arena and to help generate new directions for further research and development. The initial concept was established by the two co-founders, Elisa Bertino and Ravi Sandhu, and sharpened by subsequent discussions with a number of fellow data security and privacy researchers. Their enthusiastic encouragement persuaded the co-founders to move ahead with the always daunting task of creating a high-quality conference. Data and applications that manipulate data are crucial assets in today's information age. With the increasing drive towards availability of data and services anytime and anywhere, security and privacy risks have increased. Vast amounts of privacy-sensitive data are being collected today by organizations for a variety of reasons. Unauthorized disclosure, modification, usage or denial of access to these data and corresponding services may result in high human and financial costs. Important applications such as homeland security, social networking and social computing provide value by aggregating input from numerous individual users, and the mobile devices they carry. The emerging area of Internet of Things also poses serious privacy and security challenges. To achieve efficiency and effectiveness in traditional domains such as healthcare, there is a drive to make these records electronic and highly available. The need for organizations to share information effectively is underscored by rapid innovations in the business world that require close collaboration across traditional boundaries. Security and privacy in these and other arenas can be meaningfully achieved only in context of the application domain. Data and applications security and privacy has rapidly expanded as a research field with many important challenges to be addressed. In response to the call for papers of CODASPY 2019, 119 papers were submitted from Africa, Asia, Europe, South America and North America. The program committee selected 28 full-length research papers (23.5% acceptance rate). These papers cover a variety of topics, including security issues in web, cloud, IoT, and mobile devices, privacy, access control, authentication, malware, code analysis, and hardware and system security. The program includes a poster paper session presenting exciting work in progress. The program is complemented by two keynote speeches by Anupam Joshi and Engin Kirda. This year's edition also features three workshops: the ACM International Workshop on Security and Privacy Analytics, the ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization, and the ACM Workshop on Automotive Cybersecurity, and a panel on the research challenges at the intersection on AI, Big Data and CyberSecurity.