Subscribe to our mailing list to receive news and updates on the project!


2021

California Office of the Attorney General Press Release | Mar 2021

The California Office of the Attorney General issues a press release acknowledging our contribution to the design and evaluation of the opt-out icon. You can now also download our icons directly from their website.


Opt-Out Easy | Jan 2021

Our project just released a browser extension that automatically identifies opt-out links buried deep in the text of privacy policies as users browse from one site to another. The extension, called "Opt-Out Easy," is available for Google Chrome users, and is based on machine learning techniques. A paper on this work was presented at the 2020 Web Conference. Watch a short video about Opt-Out Easy here.


2020

Our Privacy Icon To Be Used By CCPA | Dec 2020

The California Office of the Attorney General (“Cal AG”) just announced they would rely on the icon we designed for the new California Consumer Privacy Act (CCPA). CyLab’s press release summarizes the work we conducted to inform and refine the design.


New IoT Privacy Infrastructure and IoT Assistant App | Dec 2020

We have released a new version of our IoT Privacy Infrastructure and IoT Assistant app. The infrastructure enables people to publicize the presence of IoT data collection processes at different locations and the IoT Assistant app enables people to discover them. Check it out!


New options in Privacy Engineering Program | Nov 2020

Just announced two new options in Carnegie Mellon University's privacy engineering program. Both options are designed for working professionals interested in getting privacy engineering training without having to leave their existing jobs.


2020 USENIX Conference on Privacy Engineering Practice and Respect | Oct 2020

Norman Sadeh gave a presentation on the "Design of a Privacy Infrastructure for the Internet of Things" at the PEPR'20 conference.


SOUPS 2020 | Aug 2020

Peter Story presents our work, From Intent to Action: Nudging Users Towards Secure Mobile Payments at the 2020 Symposium on Usable Privacy and Security. Read more in CyLab's press release.


FTC PrivacyCon 2020 | Jul 2020

Our group presents three articles at the annual Federal Trade Commission’s PrivacyCon conference (see also CyLab press release): “Understanding People’s Privacy Attitudes Towards Video Analytics”, “An Empirical Analysis of Data Deletion and Opt-Out Choices on 150 Websites”, and “‘It’s a Scavenger Hunt’: Usability of Websites’ Opt-Out and Data Deletion Choices”.


PETS 2020 | Jul 2020

Daniel Smullen presents our work on The Best of Both Worlds: Mitigating Accuracy and User Burden in Capturing People’s Mobile App Privacy Preferences at the 20th Privacy Enhancing Technologies Symposium. Here’s the CyLab press release.


PLSC 2020 | Jun 2020

Tom Norton is representing our paper "Evaluating How Global Privacy Principles Answer Consumers’ Questions About Mobile App Privacy" at the 2020 Privacy Law Scholars Conference (PLSC 2020) in Washington, DC. Co-authors of the paper are Joel Reidenberg, Norman Sadeh, and Abhilasha Ravichander.


Apple Introduces App Nutrition Labels | Jun 2020

Apple's iOS 14 introduces mobile app privacy nutrition labels similar to those proposed in our CHI’2013 “Privacy as Part of the App Decision Making Process” paper. Apple informed us a little before the announcement.


Privacy+Security Forum Spring Academy | May 2020

Norman Sadeh to present at the Privacy + Security Forum, as part of the panel on "IoT Privacy in the Age of CCPA & GDPR".


Joel Reidenberg | Apr 2020

We are sad to announce the passing of our friend and collaborator Joel Reidenberg. Prof. Reidenberg was the Stanley D. and Nikki Waxberg Chair in Law and the founder of the Center on Law and Information Policy (CLIP). His contributions to the Usable Privacy Policy Project over the past seven years were invaluable. We will sorely miss him both as a friend and a collaborator. Two articles celebrating Joel's life, as a mensch and a scholar, can also be found here and here.


2019

Op-ed in The Conversation | Oct 2019

Hana Habib and Lorrie Cranor published an op-ed on our study of website privacy opt-outs in The Conversation: "Website privacy options aren’t much of a choice since they’re hard to find and use."


ACM Symposium on CS and Law | Oct 2019

Peter Story presented his poster, "Government Use of AI: Costs and Benefits of Transparency," at the inaugural ACM Symposium on Computer Science and Law.


PLSC-Europe 2019 | Oct 2019

Tom Norton is representing our paper "Evaluating How Global Privacy Principles Answer Consumers’ Questions About Mobile App Privacy" at the 2019 European Privacy Law Scholars Conference (PLSC-Europe) in Amsterdam. Co-authors of the paper are Joel Reidenberg, Norman Sadeh, and Abhilasha Ravichander.


Founded PEPR | Aug 2019

Lorrie Cranor co-founded the USENIX Conference on Privacy Engineering Practice and Respect (PEPR).


Tutorial at SOUPS 2019 | Aug 2019

Norman Sadeh, Helen Nissenbaum, and Serge Egelman led a half-day tutorial at SOUPS 2019: Contextual Integrity: From Theory to Practice. SOUPS was collocated with USENIX 2019 in Santa Clara, CA.


Expert Address at Hong Kong University | May 2019

Norman Sadeh gives expert address at Hong Kong University, "What if Computers Understood Privacy Policies? A Look at Advanced in Natural Language Processing through the Lens of Privacy".


IAPP Summit | May 2019

Norman Sadeh was invited to present our privacy research at the IAPP Global Privacy Summit in Washington D.C. Lorrie Cranor also discussed "Designing Notice and Consent for the Internet of Things".


Lorrie Cranor named Andrew Carnegie Fellow | Apr 2019

Lorrie Cranor was named an Andrew Carnegie Fellow.


FTC Hearing #12 | Apr 2019

Lorrie Cranor spoke at the "Consumer Demand and Expectations of Privacy" panel discussion at the 12th FTC Hearing on Competition and Consumer Protection in the 21st Century. The hearing's theme was "The FTC’s Approach to Consumer Privacy".


Presenting at PAL 2019 | Mar 2019

Our project will be presenting 3 papers at the AAAI Spring Symposium on Privacy Enhancing AI and Language Technologies (PAL 2019) at Stanford on March 25-27, 2019.


Berkeley Center for Law and Technology Privacy Award | Mar 2019

Congratulations to PI Joel Reidenberg on being awarded the 2019 Berkeley Center for Law and Technology Privacy Award "in recognition of his seminal scholarship, innovative policy entrepreneurship and tireless support of the privacy community."


Op-ed in The Hill | Feb 2019

Norman Sadeh and Lorrie Cranor wrote an op-ed in The Hill: "Congress, make privacy the rule — not the exception."


2018

Debating Ethics: Dignity and Respect in Data-Driven Life | Oct 2018

Norman Sadeh participated in the plenary panel on Debating Ethics: Dignity and Respect in Data-Driven Life, 40th International Conference of Data Protection and Privacy Commissioners, European Parliament, Brussels. Watch the video.


Michigan Radio Stateside Interview | Oct 2018

Florian Schaub discussed issues with privacy notices, opportunities for better informing consumers and the Usable Privacy Policy Project in an interview for Michigan Radio's Stateside.


IPEN Privacy Engineering Workshop 2018 | Jun 2018

Peter Story presented our work on The Mobile App Privacy Compliance System at the IPEN Privacy Engineering Workshop in Barcelona, Spain.


SAC-PA2 Workshop | Jun 2018

Dr. Norman Sadeh gave a keynote presentation on "Privacy in the Age of the Internet of Things" at the SAC-PA2 Workshop.


Annual Privacy Forum 2018 | Jun 2018

Peter Story presented our study of Google Play Store metadata, "Which Apps have Privacy Policies?", at the Annual Privacy Forum in Barcelona, Spain.


PLSC 2018 | May 2018

Hana Habib is presenting our study "An Empirical Analysis of Website Data Deletion and Opt-Out Choices" at the 2018 Privacy Law Scholars Conference. Co-authors of the paper are Yixin Zou, Aditi Jannu, Chelse Swoopes, Alessandro Acquisti, Lorrie Faith Cranor, Norman Sadeh, and Florian Schaub. Previously, Hana Habib presented preliminary findings from this study at the CHI Workshop "General Data Protection Regulation: An Opportunity for the HCI Community?"


IAPP Privacy Engineering Section Forum | Mar 2018

Lorrie Cranor, Norman Sadeh and Florian Schaub are panelists at IAPP’s Inaugural Privacy Engineering Section Forum at the IAPP Global Summit, in Washington DC.


NSF News From the Field | Mar 2018

NSF's News From the Field recently featured our research on automatically interpreting statements found in privacy policies. The article is based on the new release of our explore.usableprivacy.org website.


FTC PrivacyCon | Feb 2018

Several project members will be presenting at the upcoming Federal Trade Commission's PrivacyCon conference on Feb 28, 2018. Jaspreet Bhatia will present our work on "Empirical Measurement of Perceived Privacy Risk." Norman Sadeh will present our work on "Assisting Users in a World Full of Cameras: A Privacy-aware Infrastructure for Computer Vision Applications." Peter Story will present a poster, titled "Which Apps have Privacy Policies?"


UPPP featured in Wired | Feb 2018

A Wired article on automated analysis of privacy policies features the Usable Privacy Policy Project and Polisis, an automated privacy policy analysis tool developed by researchers from EPFL and the University of Michigan based on our OPP-115 corpus of annotated privacy policies.


Computers, Privacy & Data Protection Conference | Jan 2018

N. Cameron Russell presented the Usable Privacy Policy Project at the Computers, Privacy & Data Protection (CPDP) conference on January 26, 2018 in Brussels, Belgium. The project was featured on the panel entitled "User Empowerment Technologies for Privacy, Regulation and Compliance."


2017

Keynote at 'GDPR and Privacy Engineering Research' Workshop | Nov 2017

Norman Sadeh to keynote workshop on "Privacy Engineering Research and the GDPR" along with EU Data Protection Supervisor, Leuven, Belgium.


Article in The Conversation | Oct 2017

Florian Schaub wrote an article for The Conversation: "Nobody reads privacy policies – here’s how to fix that." The article discusses how to design effective privacy notices and references other research by the Usable Privacy Policy Project.


Privacy + Security Forum | Oct 2017

Joel Reidenberg and Norman Sadeh presented work from the Usable Privacy Project respectively on the panels “The GDPR and Technology” and “From Big Data to Machine Learning to AI” at the Privacy + Security Forum in Washington, DC.


Privacy Bridges at 39th ICDPPC | Sep 2017

The Privacy Bridges Implementation Project report “A Roadmap to Enhancing User Control via Privacy Dashboards” presented at the 39th International Conference of Data Protection and Privacy Commissioners highlighted our work on vagueness and mobile app compliance.


Law + Design = Summit | Sep 2017

Florian Schaub talked about our research on designing effective privacy notices at the Law + Design = Summit at the Stanford d.school.


CDT on Connected Cars | Aug 2017

The Center for Democracy and Technology (CDT) relies on results from our Mobile App Privacy Compliance tool in a study conducted to provide follow-up comments to the FTC/NHTSA workshop on Connected Cars.


SOUPS 2017 | Jul 2017

Consider registering for our SOUPS tutorial. We will cover new technologies, tools and findings coming out of our Usable Privacy Policy and Privacy Assistant projects. Slides for our 3 tutorial sessions are available here: Session I, Session II, Session III.


PLSC 2017 | Jun 2017

Our work on "Mobile App Privacy Compliance: Automated Technology to Help Regulators, App Stores and Developers" will be presented at the Privacy Law Scholar Conference (PLSC) by Sebastian Zimmeck. The co-authors are Ziqi Wang, Lieyong Zou, Roger Iyengar, Bin Liu, Florian Schaub, Shomir Wilson, Norman Sadeh, Steven M. Bellovin, and Joel Reidenberg.


ConPro ’17 | May 2017

Invited presentation by Norman Sadeh on our research at FTC Technology and Consumer Protection Workshop (ConPro ’17) in San Jose (co-located with 38th IEEE Symposium on Security & Privacy Conference).


ICSE 2017 | May 2017

Jaspreet Bhatia presented a talk based on her paper, "Mining Privacy Goals from Privacy Policies Using Hybridized Task Recomposition." The talk was on May 24th 2017, in Buenos Aires.


US Patent and Trademark Office | Apr 2017

Lorrie Cranor spoke about design and evaluation of notices at the USPTO on April 18th.


IAPP Global Privacy Summit | Apr 2017

Lorrie Cranor ran an active learning session on Designing Notice and Consent for the Internet of Things at the IAPP Global Privacy Summit on April 18th.


Legal IT Conference | Mar 2017

N. Cameron Russell presented the Usable Privacy Policy Project at the Young Bar of Montreal's Legal IT Conference on March 23, 2017 in Montreal, Canada.


NDSS 2017 | Feb 2017

Sebastian Zimmeck presents our paper Automated Analysis of Privacy Requirements for Mobile Apps at the Network and Distributed System Security Symposium (NDSS) at the end of February in San Diego.


CyLab Distinguished Seminar | Feb 2017

"What if Computers Understood Privacy Policies? And, What if They Knew What We Care About?" Norman Sadeh is the speaker at CyLab’s Distinguished Seminar on February 20.


World Federation of Advertisers' Digital Governance Exchange | Feb 2017

N. Cameron Russell presented the Usable Privacy Policy Project at the World Federation of Advertisers' Digital Governance Exchange on February 9, 2017 in London, U.K.


FTC PrivacyCon | Jan 2017

Sebastian Zimmeck to present our paper on "Automated Analysis of Privacy Requirements for Mobile Apps" as part of session on mobile privacy at the FTC's PrivacyCon. Co-authors include Ziqi Wang, Lieyong Zou, Roger Iyengar, Bin Liu, Florian Schaub, Shomir Wilson, Norman Sadeh, Steven M. Bellovin, and Joel Reidenberg.


7th Annual Privacy Papers for Policymakers | Jan 2017

Joel Reidenberg, Jaspreet Bhatia, Travis Breaux, and Thomas B. Norton receive an honorable mention for their paper, "Ambiguity in Privacy Policies and the Impact of Regulation" at the 7th Annual Privacy Papers for Policymakers event. Alessandro Acquisti to give meeting keynote.


NSF's Secure and Trustworthy Cyberspace (SaTC) PIs’ Meeting | Jan 2017

Norman Sadeh to present our Frontier project on Usable Privacy Policies and also participate in panel on “Conceiving and Running Center-Scale Frontier Projects” at the NSF's Secure and Trustworthy Cyberspace (SaTC) Principal Investigators’ Meeting. Alessandro Acquisti to give closing keynote on January 11.


2016

Privacy and Language Technologies Symposium | Nov 2016

Usable Privacy Policy Project members Shomir Wilson, Alessandro Oltramari and Fei Liu are organizing an AAAI Fall Symposium titled "Privacy and Language Technologies" in November 2016 in Arlington, Virginia. At the symposium we will present four papers, and the keynote will be held by Norman Sadeh, the lead PI of our project.

Lexical Similarity of Information Type Hypernyms, Meronyms and Synonyms in Privacy Policies
M. Bokaei Hosseini, S. Wadkar, T.D. Breaux, J. Niu

Analyzing Vocabulary Intersections of Expert Annotations and Topic Models for Data Practices in Privacy Policies

F. Liu, S. Wilson, F. Schaub, N. Sadeh

Automatic Extraction of Opt-Out Choices from Privacy Policies
K.M. Sathyendra, F. Schaub, S. Wilson, N. Sadeh

Automated Analysis of Privacy Requirements for Mobile Apps
S. Zimmeck, Z. Wang, L. Zou, R. Iyengar, B. Liu, F. Schaub, S. Wilson, N. Sadeh, S.M. Bellovin, J.R. Reidenberg


CMU Press Release About Mobile App Compliance | Nov 2016

CMU press release on our mobile app compliance tool and our work with the California Office of the Attorney General features Sebastian Zimmeck and Norman Sadeh.


Computational Methods in Law | Nov 2016

Florian Schaub presents our research as an invited speaker at the Symposium Computational Methods in Law: A European Perspective on Nov. 10 in Ulm, Germany. The symposium provides a multi-disciplinary perspective on the application of computational methods in the legal domain and is jointly hosted by the University of Heidelberg and Ulm University.


HCOMP 2016 | Oct 2016

Shomir Wilson presents our paper Crowdsourcing Annotations for Websites' Privacy Policies: Can It Really Work? (pdf) as part of the Encore Track at the Fourth AAAI Conference on Human Computation and Crowdsourcing, in Austin, Texas. This track will consist of presentations for three top papers on human computation and crowdsourcing from peer venues. Our paper was a Best Paper Finalist at the 25th International World Wide Web Conference in April.


Collaboration with California AG | Oct 2016

The California Attorney General’s Office has been piloting our Mobile App Privacy Compliance tool for the past several months. See recent press release from the California AG’s Office. This is work funded under our NSF Frontier project on Usable Privacy Policies and our DARPA Brandeis Personalized Privacy Assistant Project.


Privacy+Security Forum | Oct 2016

Joel Reidenberg presents our research at the 2016 Privacy+Security Forum in Washington, D.C., as an invited speaker on a panel on Notice, Choice and Design.


Project in the News | Sep 2016

Our project was recently featured in CIO Magazine. Joel Reidenberg and Florian Schaub's presentations at the FTC Workshop "Putting Disclosures to the Test" were further mentioned in articles from National Law Review, AdExchanger, and Lexology.


FTC Workshop: Putting Disclosures to the Test | Sep 2016

Joel Reidenberg and Florian Schaub present our research at the Federal Trade Commission's public workshop Putting Disclosures to the Test on Sept. 15, 2016. Joel Reidenberg talks about ambiguity in privacy policies. Florian Schaub talks about contextualizing and personalizing privacy notices and controls. Lorrie Cranor co-organizes the workshop in her role as the FTC's Chief Technologist.

More information about the Putting Disclosures to the Test workshop and a live webcast are available on the event page.


RE 2016 | Sep 2016

Jaspreet Bhatia presents the paper "A Theory of Vagueness and Privacy Risk Perception" at the IEEE 24th International Requirements Engineering Conference (RE'16) in Beijing, China.

Jaspreet will also present a paper at the co-located Workshop on Artificial Intelligence for Requirements Engineering (AIRE) titled "Automated Extraction of Information Type Hyponymy from Privacy Policies."


ACL 2016 | Aug 2016

Shomir Wilson presents our paper "The Creation and Analysis of a Website Privacy Policy Corpus" at the Annual Meeting of the Association for Computational Linguistics (ACL) in August in Berlin, Germany. The paper introduces a corpus of 115 privacy policies with annotated data practices. The corpus' annotations can be explored at explore.usableprivacy.org


OPP-115 Corpus Release | Jul 2016

We are pleased to announce that the OPP-115 Corpus of annotated privacy policies is now available for download on our data page. This unique resource consists of 115 privacy policies with a total of 23K annotations for data practices in privacy policy text.

For further details on the corpus, please read our ACL'16 paper introducing the corpus:

S. Wilson, F. Schaub, A. Dara, F. Liu, S. Cherivirala, P.G. Leon, M.S. Andersen, S. Zimmeck, K. Sathyendra, N.C. Russell, T.B. Norton, E. Hovy, J.R. Reidenberg, N. Sadeh, "The Creation and Analysis of a Website Privacy Policy Corpus." ACL '16: Annual Meeting of the Association for Computational Linguistics, Aug 2016 [pdf]


Privacy and Language Technologies Symposium | Jul 2016

Shomir Wilson, Alessandro Oltramari and Fei Liu are organizing a AAAI Fall Symposium titled "Privacy and Language Technologies." It will be held on November 17-19 in Arlington, Virginia. The submission deadline for short and long papers is July 22. See the symposium website for more details.


SOUPS '16 | Jun 2016

The Usable Privacy Policy Project has a considerable presence at the Symposium on Usable Privacy and Security (SOUPS) this year. Multiple project members are presenting full papers, workshop papers and posters in Denver at the end of June:

Expecting the Unexpected: Understanding Mismatched Privacy Expectations Online
A. Rao, F. Schaub, N. Sadeh, A. Acquisti, R. Kang
Full paper

How Short is Too Short? Implications of Length and Framing on the Effectiveness of Privacy Notices

J. Gluck, F. Schaub, A. Friedman, H. Habib, N. Sadeh, L. F. Cranor, Y. Agarwal
Full paper

Follow My Recommendations: A Personalized Privacy Assistant for Mobile App Permissions
B. Liu, M. S. Andersen, F. Schaub, H. Almuhimedi, S. Zhang, N. Sadeh, Y. Agarwal, A. Acquisti
Full paper

Rating Indicator Criteria for Privacy Policies
J.R. Reidenberg, N.C. Russell, T.B. Norton
Workshop paper

Visualization and Interactive Exploration of Data Practices in Privacy Policies
S.K. Cherivirala, F. Schaub, M.S. Andersen, S. Wilson, N. Sadeh, J.R. Reidenberg
Poster

Crowdsourcing Annotations for Websites' Privacy Policies: Can It Really Work?
S. Wilson, F. Schaub, R. Ramanath, N. Sadeh, F. Liu, N.A. Smith, F. Liu
Poster


Project newsletter | Jun 2016

With the project now in its third year, we published a newsletter which is intended to highlight some of our progress and activities over the past year. Our goal is to grow our project into a broader community of organizations and individuals interested in collaborating in this area.
uppp-newsletter-june2016.pdf


Expert address at Hong Kong University | Jun 2016

Norman Sadeh delivers expert address on “Privacy in the Age of IoT: New Technologies for Users and Regulators” at Hong Kong University.


Privacy Risk Summit 2016 | Jun 2016

Florian Schaub speaks on "Designing Notice and Consent for the Internet of Things" at the Privacy Risk Summit 2016 in San Francisco.


Privacy Indicator Workshops at SOUPS | Jun 2016

Florian Schaub is co-organizing two workshops at the 2016 Symposium on Usable Privacy and Security (SOUPS) on June 22, 2016, in Denver, CO.

Workshop on Privacy Indicators
This workshop focuses on the current state of privacy indicators, such as privacy policies, privacy seals, icons, notices, tones, strobe lights, scents, vibrations, or other perceptual means.

Will Drones Deliver My Privacy Policy? Workshop on the Future of Privacy Indicators
This workshop provides an opportunity for those engaged in researching privacy policies, notices, indicators, and other related topics to think creatively about the next evolution of notice and consent.

The deadline for submitting contributions to both workshops is May 16, 2016.


TOSEM article | May 2016

The article Mining Privacy Goals from Privacy Policies Using Hybridized Task Recomposition by Jaspreet Bhatia, Travis Breaux and Florian Schaub has been published in the ACM Transactions on Software Engineering and Methodology (TOSEM).


TA-COS '16 | May 2016

Shomir Wilson presents our paper "Demystifying Privacy Policies Using Language Technologies: Progress and Challenges" at the LREC Workshop on Text Analytics for Cybersecurity and Online Safety (TA-COS 2016).


Kiplinger interview | May 2016

Kiplinger recently conducted an interview with Norman Sadeh on the Usable Privacy Policy Project and the recently launched Privacy Policy Exploration Website. The interview is available online on the Kiplinger website.


ICSE '16 | May 2016

The paper "Toward a Framework for Detecting Privacy Policy Violation in Android Application Code," co-authored by Jaspreet Bhatia and Travis Breaux, has been accepted at ICSE '16, the ACM/IEEE 38th International Software Engineering Conference.


WWW '16 | Apr 2016

Shomir Wilson presents our paper "Crowdsourcing Annotations for Websites' Privacy Policies: Can It Really Work?" at the 25th International World Wide Web Conference in Montréal, Canada. The paper has been selected as one of five nominees for WWW's Best Paper Award.


Data exploration site in the news | Mar 2016

Our recently launched privacy policy data exploration site explore.usableprivacy.org received considerable media attention, including articles on lifehacker.com, the Consumerist, and SC Magazine. See the CMU press release.


Presentation at FPF Education Working Group | Mar 2016

Joel Reidenberg presented the Usable Privacy Project and the explore.usableprivacy.org website to the Future of Privacy Forum’s industry working group on education. The group focuses on privacy issues in the education sector.


USEC '16 | Feb 2016

Pranshu Kalvani, a graduate of CMU's MSIT Privacy Engineering program, presents our paper "Watching Them Watching Me: Browser Extensions’ Impact on User Privacy Awareness and Concern" at the NDSS Workshop on Usable Security (USEC) in San Diego, CA.


explore.usableprivacy.org | Feb 2016

We launched a dedicated website to enable the exploration of some of the project’s data and analysis results. The website explore.usableprivacy.org allows to see different types of data practices highlighted in privacy policies of different websites.


CMU Privacy Day 2016 | Jan 2016

On Jan. 28, CMU celebrates the International Data Privacy Day with an exciting schedule of privacy-related events. Norman Sadeh and Lorrie Cranor host Ed Felten, Deputy US Chief Technology Officer who will give the event's keynote address.

Join us at CMU on January 28, 2016! Find more information and the schedule of events at the Privacy Day website.


FTC PrivacyCon | Jan 2016

Multiple project members are presenting papers at the Federal Trade Commission's PrivacyCon on Jan. 14, 2016. Florian Schaub presents the Usable Privacy Policy Project. Ashwini Rao presents our research on mismatched privacy expectations online. Norman Sadeh presents our research on personalized privacy assistants. Alessandro Acquisti presents research on targeted advertising. Lorrie Cranor speaks in her new role as the FTC's Chief Technologist.

More information about PrivacyCon and a live webcast are available on the event page.


Privacy Papers for Policymakers | Jan 2016

The paper "A Design Space for Effective Privacy Notices" (pdf) by Florian Schaub, Rebecca Balebako, Adam Durity and Lorrie Cranor has been selected by the Future of Privacy Forum as one of five Privacy Papers for Policymakers 2015. Joel Reidenberg's paper "The Transparent Citizen" received an honorable mention. The authors will present their work at an FPF event on January 13 in Washington, D.C. Lorrie Cranor will further give the opening remarks at the event in her new role as the FTC's Chief Technologist.


2015

FTC Chief Technologist | Dec 2015

Lorrie Cranor has been appointed by the Federal Trade Commission as the agency's new Chief Technologist starting in January 2016. FTC Press Release


European PLSC '15 | Oct 2015

Tom Norton's paper "Crowdsourcing Privacy Policy Interpretation" will be workshopped at the inaugural European PLSC held in Amsterdam in October 2015.


Privacy + Security Forum | Oct 2015

Lorrie Cranor, Alessandro Acquisti, Joel Reidenberg and Florian Schaub will speak at the first Privacy + Security Forum in Washington, D.C. The event is organized by Professors Daniel Solove and Paul Schwartz.


Univ. of Chicago Coase-Sandor Conference | Oct 2015

Joel Reidenberg and Jaspreet Bhatia presented “Automated Comparison of Privacy Policy Ambiguity and the Impact of Regulation” co-authored with Travis Breaux and Tom Norton to the University of Chicago Coase-Sandor Conference on Contracting over Privacy.


SPSM'15 Workshop | Oct 2015

Rebecca Balebako presents our paper "The Impact of Timing on the Salience of Smartphone App Privacy Notices" at SPSM '15, the 5th Annual Workshop on Security and Privacy in Smartphones and Mobile Devices, which is associated with the ACM Conference on Computer and Communications Security (CCS).


TPRC '15 | Sep 2015

At TPRC43, Tom Norton presents the paper "Crowdsourcing Privacy Policy Interpretation" and Amanda Grannis presents the paper "Elements of Effective Notice in the Online Age."


CCC Privacy by Design Workshop on Privacy Engineering | Aug 2015

Travis Breaux organizes the Privacy Engineering workshop of the CCC Privacy by Design workshop series in Pittsburgh on Aug. 31 & Sept. 1.
Lorrie Cranor participates in a Privacy Standards panel, speaking about the original design of P3P, its implementation in IE5, and adoption by websites.


RE '15 | Aug 2015

Travis Breaux presents the paper "Detecting Repurposing and Over-collection in Multi-Party Privacy Requirements Specifications." at the IEEE 23rd International Requirements Engineering Conference (RE'15) in Ottawa, Canada.


RELAW '15 | Aug 2015

Jaspreet Bhatia presents the paper the paper "Towards an Information Type Lexicon for Privacy Policies” at the 8th IEEE International Workshop on Requirements Engineering and Law (RELAW) in Ottawa, Canada.


CLIP-NY AG Briefing | Jul 2015

On July 22, Joel Reidenberg, Cameron Russell, Thomas Norton, Antoine Bon, Timothy Carter and Stephanie Tallering present the Usable Privacy Policy Project and related privacy research to the legal staff and chief of the Internet Bureau in the NY Attorney General’s Office.


SOUPS '15 | Jul 2015

Florian Schaub presents our paper titled "A Design Space for Effective Privacy Notices" at SOUPS '15 the Eleventh Symposium on Usable Privacy and Security in Ottawa, Canada.


PPS workshop @ SOUPS | Jul 2015

Alessandro Acquisti and Norman Sadeh co-organize the Second Annual Privacy Personas and Segmentation Workshop (PPS) at SOUPS.
Pedro Leon presents our paper on users' willingness to share information for online-behavioral advertising. A longer version of the paper is available as a technical report.


FPF/CMU Research Showcase | Jul 2015

On July 9, Norman Sadeh, Lorrie Cranor and Travis Breaux present the Usable Privacy Policy Project and related privacy research at the Carnegie Mellon Privacy Research Showcase hosted by the Future of Privacy Forum.


Ono Academic College | Jul 2015

Joel Reidenberg presents the Usable Privacy Policy Project and our paper, "Automated Measurement of Privacy Policy Ambiguity” at the Faculty Workshop of the Ono Academic College in Kiryat Ono, Israel.


PLSC '15 | Jun 2015

Joel R. Reidenberg, Jaspreet Bhatia and Travis D. Breaux present the paper "Automated Measurement of Privacy Policy Ambiguity” at the 8th Privacy Law Scholars Conference in Berkeley, California.


Visiting researcher | Jun 2015

Sebastian Zimmeck (Columbia University) joins the project as a visiting researcher over the summer.


Experts Address at University of Hong Kong | May 2015

Norman Sadeh gives a presentation titled Scaling Privacy in the Age of the Internet of Things: Could Artificial Intelligence Hold the Solution? as part of the Experts Address Series in the University of Hong Kong's Electronic Commerce and Internet Computing Master program.


CLIP Privacy Symposium | May 2015

The Fordham University Center on Law and Information Policy (CLIP) organizes the Ninth Law and Information Society Symposium titled Solving Privacy Around the World. Project members participate in the panel titled "Consent Models and Technological Complexity."


NAACL '15 | May 2015

Fei Liu presents our paper titled "Toward Abstractive Summarization Using Semantic Representations" at the 2015 Conference of the North American Chapter of the Association for Computational Linguistics – Human Language Technologies (NAACL '15) in Denver, CO.


2015 Consumer Assembly | Mar 2015

Pedro Leon is a speaker on the panel “Consumer Information Disclosures: When Are They Useful?” at the 2015 Consumer Assembly organized by the Consumer Federation of America.


White House Cybersecurity Summit | Feb 2015

Lorrie Cranor participated in the White House Cybersecurity Summit on February 13, 2015. See press coverage by Peninsula Press and San Jose Mercury News.


CMU Privacy Day 2015 | Jan 2015

Lorrie Cranor, Norman Sadeh and Florian Schaub organize the CMU Privacy Day 2015 to celebrate the international data privacy day on January 28. FTC Commissioner Julie Brill is the keynote speaker.


CPDP '15 | Jan 2015

Joel Reidenberg organizes a panel on "Can automated processing make privacy notice/choice more effective for users and DPAs?" at the 8th International Conference on Computers, Privacy & Data Protection (CPDP) in Brussels. Panelists are project members Joel Reidenberg, N. Cameron Russell, and Florian Schaub, as well as Aaron Burstein (FTC), Alexander Dix (data protection commissioner of Berlin), and Gwendal Le Grand (CNIL).

A video recording of the panel is available online.


2014

PASSAT '14 | Dec 2014

Ashwini Rao presents our paper on contents and concerns of online behavioral profiles at the International Conference on Privacy, Security, Risk and Trust (PASSAT) in Cambridge, MA.


T-Labs Privacy workshop | Nov 2014

Florian Schaub presents the usable privacy policy project at the Workshop on End-User Privacy at T-Labs / TU Berlin.


HCOMP '14 | Nov 2014

Florian Schaub and Rohan Ramanath present two posters on crowdsourcing annotations of privacy policies (poster 1, poster 2) at the Conference on Human Computation & Crowdsourcing (HCOMP) in Pittsburgh, PA.


CyLab Partners Conference | Oct 2014

Multiple project members give presentations and present projected-related posters at the CMU CyLab Partners Conference.


TPRC '14 | Sep 2014

Joel Reidenberg, N. Cameron Russell, and Pedro Leon present three project papers at the 42nd Research Conference on Communication, Information and Internet Policy (TPRC) in Arlington, VA.


Article in Privacy Engineering Journal | Sep 2014

The article Eddy, A Formal Language for Specifying and Analyzing Data Flow Specifications for Conflicting Privacy Requirements authored by Travis D. Breaux, Hanan Hibshi and Ashwini Rao appears in the Requirements Engineering Journal (vol. 19. no. 3, pp. 281–307).


RE '14 | Sep 2014

Travis Breaux presents our paper titled Scaling requirements extraction to the crowd at the 22nd IEEE International Requirements Engineering Conference (RE) in Karlskrona, Sweden.


COLING '14 | Aug 2014

Fei Liu presents our paper on automatic alignment of privacy statements at the 25th International Conference on Computational Linguistics (COLING) in Dublin, Ireland.


SOUPS '14 | Jul 2014

Alessandro Acquisti and Norman Sadeh co-organize the Workshop on Privacy Personas and Segmentation at the Symposium on Usable Privacy and Security (SOUPS 2014) at Facebook headquarters in Menlo Park, CA.

Project members also present a full paper on modeling users' mobile privacy preferences and two posters at SOUPS.


Workshop on the Future of Privacy Notice and Choice | Jun 2014

Lorrie Faith Cranor and Norman Sadeh organize the Workshop on the Future of Privacy Notice and Choice held on June 27 at Carnegie Mellon University. The workshop will include invited speakers; panels focussing on users, technology, and public policy; and a research poster session. Participation is free of charge, but registration is required.


ACL '14 | Jun 2014

Rohan Ramanath presents our paper on unsupervised alignment of privacy policies at the Annual Meeting of the Association for Computational Linguistics (ACL) in Baltimore, MD.


PLSC '14 | Jun 2014

Pedro Leon presents our work on understanding users' attitudes towards Online Behavioral Advertising (OBA) at the Privacy Law Scholars Conference (PLSC) in Washington, DC.


Bank Privacy | Jun 2014

Pedro Leon, Lorrie Cranor and Blase Ur launch the Bank Privacy website. It hosts information about the data practices of more than 6,000 U.S. financial institutions, which were obtained by automatically retrieving and analyzing the institutions' standardized privacy notices. Consumers can learn how their financial institutions handle their personal information and compare data practices of different institutions. A paper detailing the work is currently under review.


Technology Review op-ed | Apr 2014

Lorrie Cranor’s op-ed It is difficult to protect your privacy even if you know how was featured in the April 23, 2014 issue of MIT Technology Review.


WWW '14 | Apr 2014

Our paper on creating privacy preference profiles for smartphone users is presented at the 23rd International World Wide Web Conference (WWW) in Seoul, Korea. The paper is titled Reconciling mobile app privacy and usability on smartphones: could user privacy profiles help?


2013

Tech report published | Dec 2013

Our tech report The Usable Privacy Policy Project: Combining Crowdsourcing, Machine Learning and Natural Language Processing to Semi-Automatically Answer Those Privacy Questions Users Care About is now available. The tech report provides an overview of the project, its objectives, and our approach.


Project proposal accepted by NSF | Aug 2013

NSF announces the selection of our project as one of three Frontier research projects under the Secure and Trustworthy Computing program: NSF invests $20 million in large projects to keep our nation's cyberspace secure and trustworthy.

See also press releases from CMU, Fordham and Stanford.

Additional press coverage: Pittsburgh Post Gazette (Aug 21, 2013) and Pittsburgh Business Times (Aug 21, 2013).