Recent News (Short Selection)
February 2017: What If Computers Understood Privacy Policies? And, What If They Knew What We Care About? is the title of my Cylab Distinguished Seminar on February 20.
February 2017: Just released first version of our Privacy Assistant in Google Play store. For the time being, it’s only available for rooted Android phones. Hoping that over time we can make it available to everyone. The launch is also getting some nice press coverage, including The Verge, PC Magazine and the Boston Globe
February 2017: Christian Science Monitor mentions our research
Jan 2017: Project by Amanda Holt, Thomas Koike and Roykrong Sukkerd to help the visually impaired identify phishing emails featured on CyLab webpage. The project was conducted in my Information Security and Privacy class this past Fall semester
January 2017: Sebastian Zimmeck to present our paper on Automated Analysis of Privacy Requirements for Mobile Apps at the FTC’s PrivacyCon conference
November 2016: CMU press release on our mobile app compliance tool and our work with the California AG
November 2016: Wombat Security Technologies ranked 144th fastest growing company in North America on Deloitte’s 2016 Technology Fast 500 and also fastest growing company in Pennsylvania for second year in a row
September 2016: Our privacy work is featured in CIO Magazine
August 2016: FTC Chairwoman Edith Ramirez mentions our Personalized Privacy Assistant project in her keynote address at the Technology Policy Institute Aspen Forum
August 2016: Recent coverage in Ed Tech article focusing on security and privacy in IoT
June 2016: Our article on Personalized Privacy Assistants for Mobile App Permissions, “Follow My Recommendations: A Personalized Assistant for Mobile App Permissions” received the IAPP SOUPS Privacy Award
June 2016: Expert address at Hong Kong University on Privacy in the Age of IoT: New Technologies to Help Users and Regulators
May 2016: Three articles on our research have been accepted for presentation at the 12th USENIX Symposium on Usable Privacy and Security (SOUPS 2016)
- Follow My Recommendations: A Personalized Assistant for Mobile App Permissions
Bin Liu, Mads Schaarup Andersen, Florian Schaub, Hazim Almuhimedi, Shikun (Aerin) Zhang, Norman Sadeh, Yuvraj Agarwal, and Alessandro Acquisti, Carnegie Mellon University
- How Short Is Too Short? Studying Privacy Notice Design for Wearables
Joshua Gluck, Florian Schaub, Amy Friedman, Hana Habib, Norman Sadeh, Lorrie Faith Cranor, and Yuvraj Agarwal, Carnegie Mellon University
- Expecting the Unexpected: Understanding Mismatched Privacy Expectations Online
Ashwini Rao, Florian Schaub, Norman Sadeh, and Alessandro Acquisti, Carnegie Mellon University; Ruogu Kang, Facebook
April 2016: Our WWW2016 article titled “Crowdsourcing Annotations of Websites’ Privacy Policies: Can It Really Work?“ was nominated for the best paper award
February 1, 2016: Participating in CyBurgh panel on Disruptive Technologies: What is Coming and What Should Be
- To Deny, or Not to Deny: A Personalized Privacy Assistant for Mobile App Permissions
- Towards Usable Privacy Policies: Semi-Automatically Extracting Data Practices from Websites’ Privacy Policies
- Expecting the Unexpected: Understanding Mismatched Privacy Expectations Online
November 2015: Notice and Choice for IoT: Why We Need Personalized Privacy Assistants UC Irvine, Informatics Seminar speaker. See also our project’s website
November 2015: Wombat Security Technologies ranked 104th fastest growing company in North America on Deloitte’s 2015 Technology Fast 500 – and the fastest growing company in Pennsylvania
October 2015: Awarded a DARPA Brandeis grant to work on personalized privacy assistants for the Internet of Things and Big Data – work in collaboration with Alessandro Acquisti, Lujo Bauer, Lorrie Cranor and Anupam Datta at CMU and teams at UC Irvine and Honeywell.
October 2015: Wombat Security Technologies named a clear leader in 2015 Gartner Magic Quadrant for Security Awareness Computer-Based Training Vendors
September 2015: National Science Foundation grant on personalized privacy assistants for smartphone apps with a particular focus on user behavior – work in collaboration with Yuvraj Agarwal and Lorrie Cranor.
September 2015: I’m the lucky recipient of a Summer 2015 Google Research Award for my work on learning people’s mobile app privacy preferences
July 2015: Giving closing keynote at 2nd annual workshop on Privacy Personas and Segmentation at SOUPS 2015
July 2015: We have been selected to lead the development of novel privacy technologies for Google’s new Web of Things initiative – see CMU press release and a few other articles in the press (e.g., Pittsburgh Post Gazette , Campus Technology)
July 2015: Invited to present our research findings to FTC Commissioner Julie Brill and her staff
July 2015: Invited to present our privacy work at event organized by the Future of Privacy Forum
May 2015: Jose M. del Alamo and I are co-chair of the 2015 International Workshop on Privacy Engineering (IWPE’15) (collocated with the 36th IEEE Symposium on Security and Privacy)
March 2015: Nice article in the Wall Street Journal on our mobile app privacy research. The full study will be presented at CHI’2015 next month. Here’s also the CMU press release. Around 50 news articles have been published in the past few days (including articles in the US, UK, Germany, France, India, Brazil, China, Vietnam, Netherlands and more). Here is the one in Wired and here’s a cool blog post in futurity that also talks about our work on personalized privacy assistants. See also project website here
January 2015: My PhD student, Bin Liu, is awarded a Yahoo! InMind fellowship for work to develop a personalized privacy assistant for the InMind Project
December 2014: Our paper on on Mobile App Privacy Nudging has been accepted for publication at CHI2015 – H. Almuhimedi, F. Schaub, N. Sadeh, I. Adjerid, A. Acquisti, J. Gluck, L. Cranor and Y. Agrawal, Your Location has been Shared 5,398 Times! A Field Study on Mobile App Privacy Nudging
November 2014: An app developed over the summer at Microsoft by my PhD student, Justin Cranshaw, is featured on CMU’s homepage. The Microsoft Garage “Journeys & Notes” app connects people with similar commutes. Here’s the Microsoft announcement. Congrats Justin!
October 2014: Anupam Datta and I recently coordinated CMU’s response to the NITRD Request for Information on a National Privacy Research Strategy
October 2014: Our Ubicomp2012 and SOUPS 2014 work on modeling user privacy preferences is the basis for a cool new website grading mobile apps based on their privacy practices:
-J. Lin, B. Liu, N. Sadeh, and J.I. Hong, Modeling Users’ Mobile App Privacy Preferences: Restoring Usability in a Sea of Permission Settings , 2014 – SOUPS 2014
-J. Lin, S. Amini, J. Hong, N. Sadeh, J. Lindqvist, J. Zhang, Expectation and Purpose: Understanding Users’ Mental Models of Mobile App Privacy through Crowdsourcing – Ubicomp2012
August 2014: Partnering with Eric Nyberg and Alan Black to offer a new mobile app development course exploring applications of IBM Watson’s cognitive technology – see press release here (See also CMU Students Get to Work, Play with Computer Jeopardy! Champion Watson in Pittsburgh Tribune or IBM’s Watson is Going to College in Venture Beat)
August 2014: Fei Liu presents:
July 2014: Graduating first cohort of students in our Master’s Program in Privacy Engineering
July 2014: Wombat Security Technologies closes $6.7M series B round of funding to accelerate growth (see Pittsburgh Business Times article)
July 2014: SOUPS 2014:
- Co-organizing SOUPS 2014 workshop on Privacy Personas and Segmentation
- Jialiu Lin presents: J. Lin, B. Liu, N. Sadeh, and J.I. Hong, Modeling Users’ Mobile App Privacy Preferences: Restoring Usability in a Sea of Permission Settings , 2014 ACM Symposium on Usable Security and Privacy (SOUPS 2014), July 2014.
- One of our two posters also wins the best poster award
June 2014: Co-organizing workshop on the Future of Privacy Notice and Choice at CMU
June 2014: Rohan Ramanath presents Unsupervised Alignment of Privacy Policies Using Hidden Markov Models in Proc. of the Annual Meeting of the Association for Computational Linguistics (ACL’14), Baltimore, MD, June 2014
May 2014: Expert address at Hong Kong University: Mobile App Privacy: How Bad Is It & What Can We Do About It?
April 2014: two papers at CHI2014 in Toronto
- Cranshaw, K. Luther, P.G. Kelley, N. Sadeh, The Curated City: Capturing Individual City Guides Through Social Curation , In Proceedings of the 32nd annual SIGCHI Conference on Human Factors in Computing Systems, CHI2014. April 2014
- Y. Wang, P.G. Leon, A. Acquisti, L.F. Cranor, A. Forget, and N. Sadeh, A Field Trial of Privacy Nudges for Facebook , In Proceedings of the 32nd annual SIGCHI Conference on Human Factors in Computing Systems, CHI2014. April 2014
April 2014: WWW2014: Bin Liu presents our paper on Reconciling Mobile App Privacy and Usability on Smartphones: Could User Privacy Profiles Help?
February 2014: Mobile & Pervasive Computing Services Project Fair: 16 projects from my Mobile & Pervasive Computing Services course compete for top prize.
Jan 2014: Co-hosting White House Chief Privacy Officer, Nicole Wong, at CMU as part of Data Privacy Day – see also event webpage and an article in the Pittsburgh Post Gazette, a video of the keynote , and some photos
December 2013: Our WWW2014 article on Reconciling Mobile App Privacy and Usability on Smartphones: Could User Privacy Profiles Help? is now available as a Tech Report (CMU-CS-13-128/CMU-ISR-13-114)
November 2013: CyLab seminar: Mobile App Security and Privacy: An Overview of Recent Research Results and their Implications
October 2013: Jialiu Lin defends her dissertation on “Understanding and Capturing People’s Mobile App Privacy Preferences”. Congrats Jialiu!
September 2013: Shomir Wilson presents our joint paper on Privacy Manipulation and Acclimation in a Location Sharing Application at Ubicomp2013 in Zurich.
September 2013: Our new NSF Frontier project on Usable Privacy Policies is featured in IAPP’s Privacy Advisor
August 2013: First cohort of students enter our new Master’s Program in Privacy Engineering
August 2013: We’ve been awarded one of three large “Frontier” research projects under NSF’s Secure and Trustworthy Computing program – see NSF’s press release
August 2013: Paper at KDD2013:
B. Fu, J. Lin, Lei Li, C. Faloutsos, J. Hong, N. Sadeh. Why People Hate Your App – Making Sense of User Feedback in a Mobile App Store
July 2013: The Mobile Commerce Lab receives $180,000 research gift from Google under its “Privacy and Security Focused Program” for our work on “Smart privacy profiles for mobile apps”.
July 2013: Attending Dagstuhl Seminar on My Life Shared: Trust and Privacy in the Age of Ubiquitous Experience Sharing
May 2013: Expert address on Using Mobile Social Media to Understand the Dynamics of Cities, Hong Kong University
May 2013: Graduating Patrick Gage Kelley (co-advised with Lorrie Cranor): Congrats Patrick!
May 2013: Two papers at CHI’2013 in Paris:
- P. Gage Kelley, L. Cranor, N. Sadeh, Privacy as Part of the App Decision-Making Process
- Sleeper, Manya, Justin Cranshaw, Patrick Gage Kelley, Blase Ur, Alessandro Acquisti, Lorrie Cranor, Norman Sadeh. I read my Twitter the next morning and was astonished: A conversational perspective on Twitter regrets
April 2013: Awarded patent on User-Controllable Learning of Policies
March/April 2013: Our article on the shortage of privacy engineers is featured in IEEE Security and Privacy
Feb. 2013: CSCW2013 presentation by Hazim Almuhimedi of our joint paper Tweets Are Forever: A Large-Scale Quantitative Analysis of Deleted Tweets
January 28, 2013: Moderating Data Privacy Day Panel on Will the Mobile Web and Social Networking Mark the End of Privacy? see here too.
January 2013: CMU press release on our Mobile App Privacy work: Did Your Smartphone Flashlight Rat You Out? Crowdsourcing Privacy Concerns of Mobile Apps . A nice piece in The Red Tape Chronicles and one in the Pittsburgh Tribune Review
October 2012: Participating in CyLab Panel Discussion on Cyber Crime and Security organized in conjunction with screening of CODE 2600 documentary film
October 2012: Launching a new inter-disciplinary master’s program to train future Privacy Engineers and Privacy Technology Managers.
See CMU press release and a nice article in the Pittsburgh Post Gazette
September 2012: Patrick Gage Kelley (COS PhD student) defends his dissertation on Designing Privacy Notices Supporting User Understanding and Control (Thesis Committee: Lorrie Cranor, Norman Sadeh, Alessandro Acquisti and Sunny Consolvo)
September 2012: Ubicomp2012 presentation of our paper on Expectation and Purpose: Understanding Users’ Mental Models of Mobile App Privacy through Crowdsourcing (authors: J. Lin, S. Amini, J. Hong, N. Sadeh, J. Lindqvist, J. Zhang)
August 2012: Jialiu Lin (CSD PhD student) presents her thesis proposal on Understanding and Capturing People’s Mobile App Privacy Preferences (Thesis Committee: Jason Hong, Norman Sadeh, Mahadev Satyanarayanan, Sunny Consolvo)
June 11, 2012: 2012 Personal Democracy Forum , Panel on “the SENSEable City”, New York
June 2012: Our Sixth International AAAI Conference on Weblogs and Social Media article on urban computing wins the best paper award – see also our livehoods website.
May 2012: Can We Reconcile Privacy and Usability? , Computer Science Seminar Series, HKUST.
May 2012: “Mobile Privacy: Technology and Human Considerations”, Expert Address, Hong Kong University
May 2012: Why Phish Should Not Be Treated as Spam article in Dr. Dobbs
May 2012: Our Livehoods project continues to garner media attention – e.g., see Pittsburgh Post Gazette article , CMU press release, CMU homepage , WTAE interview , Wall Street Journal blog and media coverage abroad (e.g. Heise Online , Wired.it and Haaretz)
March 2012: “Smartphone Security and Privacy: What Should We Teach our Users and How?”, FISSEA 2012, NIST
February 21, 2012: Further speculation about the implications of the US Supreme Court’s ruling in US v Jones, including some comments I made on 3rd party doctrine here. See also Wall Street Journal article on FBI turns off thousands of GPS devices after Court ruling
January 23, 2012 – US Supreme Court unanimously agrees with our view that placing a GPS device under someone’s vehicle constitutes a search & that doing so without a warrant violated the defendent’s privacy. At the same time, they do not address more fundamental issues relating to expectations of privacy – See Supreme Court’s Opinion here and CDT’s statement here.
December 2011 – Google Pittsburgh Seminar: ““From Today’s Android Permission System to Intelligent Security and Privacy Agents”. – see also our USEC2012 article on A Conundrum of Permissions: Installing Applications on an Android Smartphone
November 2011 – Panelist APWG’s Annual e-Crime conference, San Diego
October – November 2011 – Joined CDT and EFF in amicus brief on warrantless GPS tracking filed with US Supreme Court (full amicus brief can be read here). See also ComputerWorld article and CMU home page coverage
October 2011 – Keynote at Pitney Bowes Mobile Day Symposium
September 2011 – Panelist at Qualcomm’s Contextual Awareness Symposium, San Diego
July 2011 – “Mobile Location Privacy: Why it is Important & Challenging”, Invited lecture, Beihang University, Beijing.
June 2011 – Mobile Location Privacy: Forces at Play, Attitudes and Challenges, Expert Address, Hong Kong University
April 2011 – EDUCAUSE webinar: Smartphone Privacy and Security: What Should We Teach Users?
March 2011 – Norman asks:’ Can Social Networking and Privacy be Reconciled?', CyLab Seminar
March 2011 – Michael Benisch (COS PhD student) defends his dissertation on Using Expressiveness to Improve the Efficiency of Social and Economic Mechanisms (Thesis Committee: Norman Sadeh, Tuomas Sandholm, Geoff Gordon, Craig Boutilier)
October 2010 – Locaccino featured in MIT Technology Review: Locaccino Shows How Facebook Places Should Work
September 2010 – Michael Benisch, COS Phd student co-advised by Profs. Norman Sadeh and Tuomas Sandholm awarded prestigious Siebel Scholarship
September 2010 – Wombat Security Technologies launches PhishGuru?- using mock phishing attacks to train people to protect themselves from real attacks.
July 2010 – Article by Collins, Ketter and Sadeh in Summer issue of AI Magazine reflects on lessons and accomplishments of the Supply Chain Trading Agent Competition (see CMU Tech Report)
May 2010 – Norman invited to speak at Mobile Social Networking Asia
May 2010 – Norman asks ‘What Will the App Store of the Future Look Like?’ in Expert Address at Hong Kong University
May 2010 – Pittsburgh Post-Gazette Startup Zipano sells privacy software to control who can find you
March 2010 – Wall Street Journal – Locaccino mentioned in ‘As Location Sharing Services Grow, Privacy Concerns Do Too’
March 2010 – “User-Controllable Security and Privacy: Lessons from the Design and Deployment of a Family of Location Sharing Applications”, Google seminar series.
February 2010 – Focused Research Awards grant professors $2 million for study
February 2010 – The New York Times – Cranor, Sadeh and Acquisti receive Google award for privacy research
November 2009 – TechVibe radio interview on combating phishing
June 2009 – Expert Address in Hong Kong
April 2009 – CMU Podcast on Locaccino
December 2008 – Our Anti-Phishing Work featured in Scientific American
Fall 2008 – Q&A with Norman Sadeh – CyLab Chronicles
August 2008 – “Selective Access and Obfuscation of Enterprise Data”,
keynote, SAP Annual North American Academic Symposium, Palo Alto.
June 2008 – “Capturing and Understanding People’s Privacy Preferences in a Friend Finder Application”, Workshop on Opportunistic RF Localization for Next Generation Wireless Devices, Worcester Polytechnic Institute
June 2008 – “M-Commerce: Stripping e-Retailing to its Essence”, 2008 Internet Retailer Conference & Exhibition, June 2008
May 2008 – “Combating Phishing Attacks: A Never-ending Arms Race?”,
Expert Address, Hong Kong University, May 2008
*June 2007 – “Adaptive Supply Chain Trading”, invited speaker, SAP’s Inaugural North American Academic Symposium
*August 2006 – “Mobile and Pervasive Commerce: The New Frontier”, opening keynote, 8th International Conference on Electronic Commerce (ICEC-06), Fredericton, Canada.
*June 2006 – “Ambient Intelligence: The MyCampus Experience”, keynote speaker, 14th IT21 Conference (Theme: “U-Society”), Seoul, Korea, June 2006 – see Korea IT Times article
*May 2006 -“MyCampus: Research Overview”, guest speaker, NTT DoCoMo, Yokosuka Research Park, Japan, May 2006