Top Carnegie Mellon privacy researchers preview new work




On July 9th,2015, FPF will be hosting an in-person discussion with privacy researchers from Carnegie Mellon University to discuss some of their current privacy projects. Topics to be presented and discussed include:


  • The Usable Privacy Policy Project: is developing approaches to extracting useful information from natural-language privacy policies and displaying that information in useful ways for users.
  • Privacy Grade: Researchers have assigned privacy grades to Android apps based on some techniques developed to analyze their privacy-related behaviors. The privacy model built by the researchers measures the gap between people’s expectations of an app’s behavior and the app’s actual behavior. For example, most people do not expect games app to use location data, but many of them actually do. This would be represented in the model as a penalty to an app’s grade.
  • Bank Privacy: is a project that consists in automatically collecting and analyzing standardized privacy notices financial Institutions send to their customers. Researchers wrote computer programs that automatically search the web for privacy notices that follow the standardized format released by eight federal agencies jointly in 2009 and extract the information that is most relevant for consumers.
  • Privacy Illustrated: gathers numerous images and drawings from participants ranging in age from 5 to 91 who were asked “What does privacy mean to you?”
  • The CMU Privacy Engineering master program (Master of Science in Information Technology – Privacy Engineering): this first-of-its kind one-year program is designed for computer scientists and engineers who wish to pursue careers as privacy engineers or technical privacy managers. Over the past several years, both industry and government organizations have created positions for people responsible for ensuring that privacy is an integral part of the design process for new products, services, infrastructures and business processes that facilitate the collection and management of an ever-wider range of customer data. The program includes two semesters of courses and concludes with a summer-long learning-by-doing capstone project where students are brought in as privacy consultant to work on client projects.


Carnegie Mellon University researchers presenting will include:

Lujo Bauer, Associate Research Professor CyLab and ECE. Professor Bauer teaches classes on Secure Software Systems and Information Security and Privacy. His research focuses on different aspects of computer security, particularly in building usable access-control systems with sound theoretical underpinning and in narrowing the gap between a formal model and a usable system.

Travis Breaux, Assistant Professor of Computer Science. Professor Breaux’s research consists in addressing how to ensure that information systems comply with policies, law and social norms. To improve software quality and reliability, he tackles the challenges to aligning regulations and policies with software specifications. Professor Breaux has also taught several courses: Software Engineering and Engineering Privacy among others.

Lorrie Cranor, Professor, Computer science and Engineering & Public policy; Director, CyLab Usable Privacy and Security Laboratory and Co-director, MSIT-Privacy Engineering masters program. Professor Cranor focuses her research on usable privacy and security, technology and public policy. She also authored several books and many publications.

Jason Hong, Associate Professor, School of Computer Science, Human Computer Interaction Institute. Professor Hong’s research lies at the intersection of human-computer interaction, security and privacy, and systems. More specifically, how rich sensor data can be used to improve lives; how to improve everyday privacy for smart environments and how crowdsourcing can be used to improve privacy and security. In addition, Professor Hong published several papers – his last one addresses The Role of Social Influence in Security Feature Adoption.

Norman Sadeh, Professor in the School of Computer Science. He is director of CMU’s Mobile Commerce Laboratory and its e-Supply Chain Management Laboratory, co-Founder of the School’s PhD Program in Computation, Organizations and Society and co-Director of the MSIT Program in Privacy Engineering. He also co-founded and directs the MBA track in Technology Leadership launched jointly by the Tepper School of Business and the School of Computer Science in 2005. Over the past dozen years, Norman’s primary research focus has been in the area of mobile and pervasive computing, cybersecurity, online privacy, user-oriented machine learning, and semantic web technologies with a particular focus on mobile and social networking.


The conversation will run from 9:00 am to 10:30 am (with a light breakfast beginning at 8:30 am) at Comcast NBC Universal, 300 New Jersey Avenue NW, 7th floor, Washington, D.C. 20001.

You can find the invitation and registration details here. Seats are limited, do not miss out!