2025

• David Rodriguez, Joseph Calandrino, Jose M. Del Alamo, Norman Sadeh, "Privacy Settings in Third-Party Libraries in Android Applications: A Study of Facebook SDKs", Privacy Enhancing Technologies Symposium (PETS 2025), 2, Jul 2025 [pdf]

2024

• Abhilasha Ravichander, Ian Yang, Rex Chen, Shomir Wilson, Thomas Norton, Norman Sadeh, "Incorporating Taxonomic Reasoning and Regulatory Knowledge into Automated Privacy Question Answering", International Web Information Systems Engineering Conference, Dec 2024 [pdf]

• Ananya Balaji, Lea Duesterwald, Ian Yang, Aman Priyanshu, Costanza Alfieri, Norman Sadeh, "Generating Effective Answers to People’s Everyday Cybersecurity Questions: An Initial Study", International Web Information Systems Engineering Conference (WISE 2024), Dec 2024 [pdf]

• Yuanyuan Feng, Abhilasha Ravichander, Yaxing Yao, Shikun Zhang, Rex Chen, Shomir Wilson, Norman Sadeh, "Understanding How to Inform Blind and Low-Vision Users about Data Privacy through Privacy Question Answering Assistants", USENIX Security Symposium, Aug 2024 [pdf]

• Shikun Zhang, Lily Klucinec, Kyerra Norton, Norman Sadeh, Lorrie Faith Cranor, "Exploring Expandable-Grid Designs to Make iOS App Privacy Labels More Usable", Symposium on Usable Privacy and Security (SOUPS 2024), Aug 2024 [pdf]

• Sonu Gupta, Geetika Gopi, Harish Balaji, Ellen Poplavska, Nora O'Toole, Siddhant Arora, Thomas Norton, Norman Sadeh, Shomir Wilson, "Creation and Analysis of an International Corpus of Privacy Laws", Joint International Conference on Computational Linguistics, Language Resources and Evaluation (LREC-COLING 2024), May 2024 [pdf]

2023

• Akshath Jain, David Rodriguez, Jose M. del Alamo, Norman Sadeh, "ATLAS: Automatically Detecting Discrepancies Between Privacy Policies and Privacy Labels", International Workshop on Privacy Engineering (IWPE 2023), Jul 2023 [pdf]

• David Rodriguez, Akshath Jain, Jose M. del Alamo, Norman Sadeh, "Comparing Privacy Label Disclosures of Apps Published in both the App Store and Google Play Stores", International Workshop on Privacy Engineering (IWPE 2023), Jul 2023 [pdf]

• Shikun Zhang, Norman Sadeh, "Do Privacy Labels Answer Users' Privacy Questions?", Workshop on Usable Security and Privacy (USEC 2023), Feb 2023 [pdf]

2022

• Shikun Zhang, Yuanyuan Feng, Yaxing Yao, Lorrie Faith Cranor, Norman Sadeh, "How Usable Are iOS Privacy Labels?", Privacy Enhancing Technologies Symposium (PETS 2022), 4, Jul 2022 [pdf]

• Siddhant Arora, Henry Hosseini, Christine Utz, Vinayshekhar Bannihatti Kumar, Tristan Dhellemmes, Abhilasha Ravichander, Peter Story, Jasmine Mangat, Rex Chen, Martin Degeling, Tom Norton, Thomas Hupperich, Shomir Wilson, Norman Sadeh, "A Tale of Two Regulatory Regimes: Creation and Analysis of a Bilingual Privacy Policy Corpus", Language Resources and Evaluation Conference (LREC 2022), Jun 2022 [pdf]

• Jack Gardner, Yuanyuan Feng, Kayla Reiman, Zhi Lin, Akshath Jain, Norman Sadeh, "Helping Mobile Application Developers Create Accurate Privacy Labels", International Workshop on Privacy Engineering (IWPE 2022), May 2022 [pdf]

2021

• Rex Chen, Fei Fang, Thomas Norton, Aleecia M. McDonald, Norman Sadeh, "Fighting the Fog: Evaluating the Clarity of Privacy Disclosures in the Age of CCPA", Workshop on Privacy in the Electronic Society (WPES 2021), Sep 2021 [pdf]

• Abhilasha Ravichander, Alan W Black, Thomas Norton, Shomir Wilson, Norman Sadeh, "Breaking Down Walls of Text: How Can NLP Benefit Consumer Privacy?", Annual Meeting of the Association for Computational Linguistics (ACL 2021), Aug 2021 [pdf]

• Yuanyuan Feng, Yaxing Yao, Norman Sadeh, "A Design Space for Privacy Choices: Towards Meaningful Privacy Control in the Internet of Things", Conference on Human Factors in Computing Systems (CHI 2021), May 2021 [pdf]

• Hana Habib, Yixin Zou, Yaxing Yao, Alessandro Acquisti, Lorrie Faith Cranor, Joel Reidenberg, Norman Sadeh, Florian Schaub, "Toggles, Dollar Signs, and Triangles: How to (In)Effectively Convey Privacy Choices with Icons and Link Texts", Conference on Human Factors in Computing Systems (CHI 2021), May 2021 [pdf]

2020

• Ellen Poplavska, Thomas B. Norton, Shomir Wilson, Norman Sadeh, "From Prescription to Description: Mapping the GDPR to a Privacy Policy Corpus Annotation Scheme", International Conference on Legal Knowledge and Information Systems (JURIX 2020), Dec 2020 [pdf]

• Peter Story, Daniel Smullen, Yaxing Yao, Alessandro Acquisti, Lorrie Faith Cranor, Norman Sadeh, Florian Schaub, "Awareness, Adoption, and Misconceptions of Web Privacy Tools", Privacy Enhancing Technologies Symposium (PETS 2021), 3, Nov 2020 [pdf]

• Peter Story, Daniel Smullen, Alessandro Acquisti, Lorrie Faith Cranor, Norman Sadeh, Florian Schaub, "From Intent to Action: Nudging Users Towards Secure Mobile Payments", Symposium on Usable Privacy and Security (SOUPS 2020), Aug 2020 [pdf]

• Hana Habib, Sarah Pearman, Jiamin Wang, Yixin Zou, Alessandro Acquisti, Lorrie Faith Cranor, Norman Sadeh, Florian Schaub, "“It’s a scavenger hunt”: Usability of Websites’ Opt-Out and Data Deletion Choices", Conference on Human Factors in Computing Systems (CHI 2020), Apr 2020 [pdf]

• Vinayshekhar Bannihatti Kumar, Roger Iyengar, Namita Nisal, Yuanyuan Feng, Hana Habib, Peter Story, Sushain Cherivirala, Margaret Hagan, Lorrie Faith Cranor, Shomir Wilson, Florian Schaub, Norman Sadeh, "Finding a Choice in a Haystack: Automatic Extraction of Opt-Out Statements from Privacy Policy Text", International World Wide Web Conference (WWW 2020), Apr 2020 [pdf]

2019

• Abhilasha Ravichander, Alan W Black, Shomir Wilson, Thomas Norton, Norman Sadeh, "Question Answering for Privacy Policies: Combining Computational and Legal Perspectives", Conference on Empirical Methods in Natural Language Processing (EMNLP 2019), Nov 2019 [pdf]

• Joel R. Reidenberg, N. Cameron Russell, Vlad Herta, William Sierra-Rocafort, Thomas Norton, "Trustworthy Privacy Indicators: Grades, Labels, Certifications and Dashboards", Washington University Law Review, 96, 6, Nov 2019 [link]

• Hana Habib, Yixin Zou, Aditi Jannu, Neha Sridhar, Chelse Swoopes, Alessandro Acquisti, Lorrie Faith Cranor, Norman Sadeh, Florian Schaub, "An Empirical Analysis of Data Deletion and Opt-Out Choices on 150 Websites", Symposium on Usable Privacy and Security (SOUPS 2019), Aug 2019 [link]

• Sebastian Zimmeck, Peter Story, Daniel Smullen, Abhilasha Ravichander, Ziqi Wang, Joel Reidenberg, N. Cameron Russell, Norman Sadeh, "MAPS: Scaling Privacy Compliance Analysis to a Million Apps", Privacy Enhancing Technologies Symposium (PETS 2019), 3, Jul 2019 [pdf]

• Peter Story, Sebastian Zimmeck, Abhilasha Ravichander, Daniel Smullen, Ziqi Wang, Joel Reidenberg, N. Cameron Russell, Norman Sadeh, "Natural Language Processing for Mobile App Privacy Compliance", AAAI Spring Symposium on Privacy Enhancing AI and Language Technologies (PAL 2019), Mar 2019 [pdf]

• Vinayshekhar Bannihatti Kumar, Abhilasha Ravichander, Peter Story, Norman Sadeh, "Quantifying the Effect of In-Domain Distributed Word Representations: A Study of Privacy Policies", AAAI Spring Symposium on Privacy Enhancing AI and Language Technologies (PAL 2019), Mar 2019 [pdf]

• Abhilasha Ravichander, Alan Black, Eduard Hovy, Joel Reidenberg, N. Cameron Russell, Norman Sadeh, "Challenges in Automated Question Answering for Privacy Policies", AAAI Spring Symposium on Privacy Enhancing AI and Language Technologies (PAL 2019), Mar 2019 [pdf]

• N. Cameron Russell, Florian Schaub, Allison McDonald, William Sierra-Rocafort, "APIs and Your Privacy", Jan 2019 [pdf]

2018

• Shomir Wilson, Florian Schaub, Frederick Liu, Kanthashree Mysore Sathyendra, Daniel Smullen, Sebastian Zimmeck, Rohan Ramanath, Peter Story, Fei Liu, Norman Sadeh, Noah A. Smith, "Analyzing Privacy Policies at Scale: From Crowdsourcing to Automated Annotations", ACM Transactions on the Web, 13, 1, Dec 2018 [pdf]

• Jaspreet Bhatia, Travis Breaux, "Empirical Measurement of Perceived Privacy Risk", ACM Transactions on Human Computer Interaction (TOCHI), Dec 2018

• Abhijith Athreya Mysore Gopinath, Shomir Wilson, Norman Sadeh, "Supervised and Unsupervised Methods for Robust Separation of Section Titles and Prose Text in Web Documents", Conference on Empirical Methods in Natural Language Processing (EMNLP 2018), Nov 2018 [pdf] [website]

• J. Bhatia, T. D. Breaux, "Semantic Incompleteness in Privacy Policy Goals", IEEE International Requirements Engineering Conference (RE 2018), Aug 2018 [pdf]

• Hamza Harkous, Kassem Fawaz, Rémi Lebret, Florian Schaub, Kang G. Shin, Karl Aberer, "Polisis: Automated Analysis and Presentation of Privacy Policies Using Deep Learning", USENIX Security Symposium 2018, Aug 2018

• Peter Story, Sebastian Zimmeck, Norman Sadeh, "Which Apps have Privacy Policies?", Annual Privacy Forum, Jun 2018 [pdf]

• Frederick Liu, Shomir Wilson, Peter Story, Sebastian Zimmeck, Norman Sadeh, "Towards Automatic Classification of Privacy Policy Text", Carnegie Mellon University Technical Report CMU‐ISR‐17‐118R and CMU‐LTI‐17‐010, Institute for Software Research and Language Technologies Institute, School of Computer Science, Jun 2018 [pdf]

• H. Habib, Y. Zou, C. Swoopes, A. Jannu, L.F. Cranor, F. Schaub, "An Empirical Analysis of Online Consent and Opt-Out Experience", Privacy Law Scholars Conference (PLSC 2018), May 2018

• H. Habib, Y. Zou, A. Jannu, C. Swoopes, A. Acquisti, L.F. Cranor, N. Sadeh, F. Schaub, "An Empirical Analysis of Website Data Deletion and Opt-Out Choices", CHI 2018 Workshop on General Data Protection Regulation: An Opportunity for the HCI Community?, Apr 2018 [pdf]

• Peter Story, Sebastian Zimmeck, Norman Sadeh, "Which Apps have Privacy Policies?", Carnegie Mellon University Technical Report CMU-ISR-18-100R, Institute for Software Research, School of Computer Science, Feb 2018 [pdf]

• Peter Story, Sebastian Zimmeck, Norman Sadeh, "Which Apps have Privacy Policies?", Presentation at FTC PrivacyCon, Feb 2018 Poster [pdf]

• A. Oltramari, D. Piraviperumal, F. Schaub, S. Wilson, S. Cherivirala, T.B. Norton, N.C. Russell, P. Story, J. Reidenberg, N. Sadeh, "PrivOnto: A Semantic Framework for the Analysis of Privacy Policies", Semantic Web, 9, 2, Jan 2018 [link]

2017

• Kanthashree Mysore Sathyendra, Abhilasha Ravichander, Peter Garth Story, Alan W Black, Norman Sadeh, "Helping Users Understand Privacy Notices with Automated Question Answering Functionality: An Exploratory Study", Carnegie Mellon University Technical Report CMU-ISR-17-114R and CMU-LTI-17-005, Institute for Software Research and Language Technologies Institute, School of Computer Science, Dec 2017 [pdf]

• A. Acquisti, M. Sleeper, Y. Wang, S. Wilson, I. Adjerid, R. Balebako, L. Brandimarte, L. F. Cranor, S. Komanduri, P. G. Leon, N. Sadeh, F. Schaub, "Nudges for Privacy and Security", ACM Computing Surveys (CSUR), 50, 3, Oct 2017 [link]

• Kanthashree Mysore Sathyendra, Shomir Wilson, Florian Schaub, Sebastian Zimmeck, Norman Sadeh, "Identifying the Provision of Choices in Privacy Policy Text", Conference on Empirical Methods in Natural Language Processing (EMNLP 2017), Sep 2017 [pdf]

• N. Nisal, S.K. Cherivirala, K.M. Sathyendra, M. Hagan, F. Schaub, S. Wilson, L.F. Cranor, N. Sadeh, "Increasing the Salience of Data Use Opt-Outs Online", Symposium on Usable Privacy and Security (SOUPS 2017), Jul 2017 [pdf]

• S. Zimmeck, Z. Wang, L. Zou, R. Iyengar, B. Liu, F. Schaub, S. Wilson, N. Sadeh, S.M. Bellovin, J.R. Reidenberg, "Mobile App Privacy Compliance: Automated Technology to Help Regulators, App Stores and Developers", Symposium on Usable Privacy and Security (SOUPS 2017), Jul 2017 [pdf]

• Jaspreet Bhatia, Travis D. Breaux, "A Data Purpose Case Study of Privacy Policies", IEEE International Requirements Engineering Conference (RE 2017), RE:Next! Track, Jun 2017

• M. C. Evans, J. Bhatia, S. Wadkar, T. D. Breaux, "An Evaluation of Constituency-based Hyponymy Extraction from Privacy Policies", IEEE International Requirements Engineering Conference (RE 2017), Jun 2017

• H. Harkous, K. Fawaz, R. Lebret, F. Schaub, K.G. Shin, K. Aberer, "Pribot: A Chatbot for Privacy Policies", Swiss Text Analytics Conference (SwissText 2017), Jun 2017 Demo [slides] [video]

• F. Schaub, R. Balebako, L.F. Cranor, "Designing Effective Privacy Notices and Controls", IEEE Internet Computing, 21, 3, May 2017 [doi]

• S. Zimmeck, Z. Wang, L. Zou, R. Iyengar, B. Liu, F. Schaub, S. Wilson, N. Sadeh, S.M. Bellovin, J.R. Reidenberg, "Automated Analysis of Privacy Requirements for Mobile Apps", Network and Distributed System Security Symposium (NDSS 2017), Feb 2017 [pdf]

2016

• M. Bokaei Hosseini, S. Wadkar, T.D. Breaux, J. Niu, "Lexical Similarity of Information Type Hypernyms, Meronyms and Synonyms in Privacy Policies", AAAI Fall Symposium on Privacy and Language Technologies, Nov 2016 [pdf]

• F. Liu, S. Wilson, F. Schaub, N. Sadeh, "Analyzing Vocabulary Intersections of Expert Annotations and Topic Models for Data Practices in Privacy Policies", AAAI Fall Symposium on Privacy and Language Technologies, Nov 2016 [pdf]

• K.M. Sathyendra, F. Schaub, S. Wilson, N. Sadeh, "Automatic Extraction of Opt-Out Choices from Privacy Policies", AAAI Fall Symposium on Privacy and Language Technologies, Nov 2016 [pdf]

• S. Zimmeck, Z. Wang, L. Zou, R. Iyengar, B. Liu, F. Schaub, S. Wilson, N. Sadeh, S.M. Bellovin, J.R. Reidenberg, "Automated Analysis of Privacy Requirements for Mobile Apps", AAAI Fall Symposium on Privacy and Language Technologies, Nov 2016 [pdf]

• J. Bhatia, T. D. Breaux, J. R. Reidenberg, T. B. Norton, "A Theory of Vagueness and Privacy Risk Perception", IEEE International Requirements Engineering Conference (RE 2016), Sep 2016 [pdf]

• J. Bhatia, M.C. Evans, S. Wadkar, T.D. Breaux, "Automated Extraction of Regulated Information Types using Hyponymy Relations", International Workshop on Artificial Intelligence for Requirements Engineering (AIRE 2016), Sep 2016 [pdf]

• L. F. Cranor, P. G. Leon, B. Ur, "A Large-Scale Evaluation of U.S. Financial Institutions Standardized Privacy Notices", ACM Transactions on the Web (TWEB), Aug 2016 [pdf] [website]

• S. Wilson, F. Schaub, A. Dara, F. Liu, S. Cherivirala, P.G. Leon, M.S. Andersen, S. Zimmeck, K. Sathyendra, N.C. Russell, T.B. Norton, E. Hovy, J.R. Reidenberg, N. Sadeh, "The Creation and Analysis of a Website Privacy Policy Corpus", Annual Meeting of the Association for Computational Linguistics (ACL 2016), Aug 2016 [pdf]

• F. Schaub, T.D. Breaux, N. Sadeh, "Crowdsourcing Privacy Policy Analysis: Potential, Challenges and Best Practices", it – Information Technology, Jun 2016 [doi]

• A. Rao, F. Schaub, N. Sadeh, A. Acquisti, R. Kang, "Expecting the Unexpected: Understanding Mismatched Privacy Expectations Online", Symposium on Usable Privacy and Security (SOUPS 2016), Jun 2016 [doi] [pdf]

• J. Gluck, F. Schaub, A. Friedman, H. Habib, N. Sadeh, L.F. Cranor, Y. Agarwal, "How Short is Too Short? Implications of Length and Framing on the Effectiveness of Privacy Notices", Symposium on Usable Privacy and Security (SOUPS 2016), Jun 2016 [doi] [pdf]

• B. Liu, M.S. Andersen, F. Schaub, H. Almuhimedi, S. Zhang, N. Sadeh, A. Acquisti, Y. Agarwal, "Follow My Recommendations: A Personalized Assistant for Mobile App Permissions", Symposium on Usable Privacy and Security (SOUPS 2016), Jun 2016 [doi] [pdf]

• S.K. Cherivirala, F. Schaub, M.S. Andersen, S. Wilson, N. Sadeh, J.R. Reidenberg, "Visualization and Interactive Exploration of Data Practices in Privacy Policies", Symposium on Usable Privacy and Security (SOUPS 2016), Jun 2016 [pdf]

• J.R. Reidenberg, N.C. Russell, T.B. Norton, "Rating Indicator Criteria for Privacy Policies", SOUPS 2016 Workshop on Privacy Indicators, Jun 2016 [doi] [pdf]

• J. Bhatia, T.D. Breaux, F. Schaub, "Mining Privacy Goals from Privacy Policies using Hybridized Task Recomposition", ACM Transactions on Software Engineering and Methodology (TOSEM), 25, 1, May 2016 [doi]

• S. Wilson, F. Schaub, A. Dara, S.K. Cherivirala, S. Zimmeck, M.S. Andersen, P.G. Leon, E. Hovy, N. Sadeh, "Demystifying Privacy Policies Using Language Technologies: Progress and Challenges", LREC Workshop on Text Analytics for Cybersecurity and Online Safety (TA-COS 2016), May 2016 [pdf]

• R. Slavin, X. Wang, M.B. Hosseini, W. Hester, R. Krishnan, J. Bhatia, T.D. Breaux, J. Niu, "Toward a Framework for Detecting Privacy Policy Violation in Android Application Code", ACM/IEEE International Software Engineering Conference (ICSE 2016), May 2016 [doi]

• S. Wilson, F. Schaub, R. Ramanath, N. Sadeh, F. Liu, N.A. Smith, F. Liu, "Crowdsourcing Annotations for Websites' Privacy Policies: Can It Really Work?", International World Wide Web Conference (WWW 2016), Apr 2016 Best Paper Finalist [pdf] [doi] [corrigendum]

• J.R. Reidenberg, J. Bhatia, T.D. Breaux, T.B. Norton, "Automated Comparisons of Ambiguity in Privacy Policies and the Impact of Regulation", Journal of Legal Studies, 45, 2, part 2, Mar 2016 (forthcoming). [doi]

• F. Schaub, A. Marella, P. Kalvani, B. Ur, C. Pan, E. Forney, L.F. Cranor, "Watching Them Watching Me: Browser Extensions’ Impact on User Privacy Awareness and Concern", NDSS Workshop on Usable Security (USEC 2016), Feb 2016 [pdf]

• N. Sadeh, "Personalized Privacy Assistants: From Android to the Internet of Things", Presentation at FTC PrivacyCon, Jan 2016 [link]

• N. Sadeh, A. Acquisti, T.D. Breaux, L.F. Cranor, A.M. McDonald, J. Reidenberg, N.A. Smith, F. Liu, N.C. Russell, F. Schaub, S. Wilson, J.T. Graves, P.G. Leon, R. Ramanath, A. Rao, "Towards Usable Privacy Policies: Semi-automatically Extracting Data Practices From Websites’ Privacy Policies", Presentation at FTC PrivacyCon, Jan 2016

• A. Rao, F. Schaub, N. Sadeh, A. Acquisti, R. Kang, "Expecting the Unexpected: Understanding Mismatched Privacy Expectations Online", Presentation at FTC PrivacyCon, Jan 2016 [link]

2015

• R. Balebako, F. Schaub, I. Adjerid, A. Acquisti, L.F. Cranor, "The Impact of Timing on the Salience of Smartphone App Privacy Notices", ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM 2015), Oct 2015 [doi]

• A. Grannis, "Elements of Effective Notice in the Online Age", Research Conference on Communications, Information and Internet Policy (TPRC 2015), Sep 2015 (to be published in Fordham Urban Law Journal)

• T.B. Norton, "Crowdsourcing Privacy Policy Interpretation", Research Conference on Communications, Information and Internet Policy (TPRC 2015), Sep 2015 Also workshopped at the October 2015 Privacy Law Scholars Conference, Amsterdam. [doi]

• J.R. Reidenberg, N.C. Russell, A.J. Callen, S. Qasir, T.B. Norton, "Privacy Harms and the Effectiveness of the Notice and Choice Framework", I/S Journal of Law & Policy for the Information Society, vol. 11, issue, 2, pp. 485, Aug 2015 Also presented at TPRC 2014, September 2014. [pdf]

• J. Bhatia, T.D. Breaux, "Towards an Information Type Lexicon for Privacy Policies", IEEE International Workshop on Requirements Engineering and Law (RELAW 2015), Aug 2015 [doi] [pdf]

• T.D. Breaux, D. Smullen, H. Hibshi, "Detecting Repurposing and Over-collection in Multi-Party Privacy Requirements Specifications", IEEE International Requirements Engineering Conference (RE 2015), Aug 2015 [doi] [pdf]

• L. F. Cranor, C. Hoke, P. G. Leon and A. Au, "Are They Worth Reading? An In-Depth Analysis of Online Advertising Companies' Privacy Policies", I/S: A Journal of Law and Policy for the Information Society, vol. 11, issue 2, Aug 2015 Also presented at TPRC 2014, September 2014. [pdf]

• F. Schaub, R. Balebako, A. Durity, L.F. Cranor, "A Design Space for Effective Privacy Notices", Symposium on Usable Privacy and Security (SOUPS 2015), Jul 2015 [link] [pdf]

• P.G. Leon, A. Rao, F. Schaub, A. Marsh, L.F. Cranor, N. Sadeh, "Privacy and Behavioral Advertising: Towards Meeting Users' Preferences", SOUPS Workshop on Privacy Personas and Segmentation (PPS 2015), Jul 2015 [pdf]

• J. Reidenberg, J. Bhatia, T.D. Breaux, "Automated Measurement of Privacy Policy Ambiguity", Privacy Law Scholars Conference (PLSC 2015), Jun 2015

• F. Liu, J. Flanigan, S. Thomson, N. Sadeh, N. A. Smith, "Toward Abstractive Summarization Using Semantic Representations", North American Chapter of the Association for Computational Linguistics: Human Language Technologies (NAACL 2015), May 2015 [pdf]

• J.R. Reidenberg, T.D. Breaux, L.F. Cranor, B. French, A. Grannis, J.T. Graves, F. Liu, A.M. McDonald, T.B. Norton, R. Ramanath, N.C. Russell, N. Sadeh, F. Schaub, "Disagreeable Privacy Policies: Mismatches between Meaning and Users’ Understanding", Berkeley Technology Law Journal, vol. 30, 1, pp.39-88, May 2015 Also presented at TPRC 2014, September 2014. [link]

• P.G. Leon, A. Rao, F. Schaub, A. Marsh, L.F. Cranor, N. Sadeh, "Why People are (Un)willing to Share Information with Online Advertisers", Carnegie Mellon University Technical Report CMU-ISR-15-106, Institute for Software Research, School of Computer Science, May 2015 [link] [pdf]

• H. Almuhimedi, F. Schaub, N. Sadeh, I. Adjerid, A. Acquisti, J. Gluck, L.F. Cranor, Y. Agarwal, "Your Location has been Shared 5,398 Times!: A Field Study on Mobile App Privacy Nudging", Conference on Human Factors in Computing Systems (CHI 2015), Apr 2015 [link] [doi]

2014

• A. Rao, F. Schaub, N. Sadeh, "What do they know about me? Contents and Concerns of Online Behavioral Profiles", ASE International Conference on Privacy, Security, Risk and Trust (PASSAT 2014), Dec 2014 Also published as Carnegie Mellon University Technical Report CMU-CyLab-14-011, July 2014. [link] [pdf]

• R. Ramanath, F. Schaub, S. Wilson, F. Liu, N. Sadeh, N. A. Smith, "Identifying Relevant Text Fragments to Help Crowdsource Privacy Policy Annotations", Conference on Human Computation & Crowdsourcing (HCOMP 2014), work in progress session, Pittsburgh, PA, Nov 2014 [link]

• F. Schaub, T. D. Breaux, N. Sadeh, "Crowdsourcing the Extraction of Data Practices from Privacy Policies", Conference on Human Computation & Crowdsourcing (HCOMP 2014), work in progress session, Pittsburgh, PA, Nov 2014 [link]

• T.D. Breaux, H. Hibshi, A. Rao, "Eddy, A Formal Language for Specifying and Analyzing Data Flow Specifications for Conflicting Privacy Requirements", Requirements Engineering Journal, 19, 3, Sep 2014 [doi]

• F. Liu, R. Ramanath, N. Sadeh, N. A. Smith, "A Step Towards Usable Privacy Policy: Automatic Alignment of Privacy Statements", International Conference on Computational Linguistics (COLING 2014), Aug 2014 [pdf]

• T.D. Breaux, F. Schaub, "Scaling Requirements Extraction to the Crowd: Experiments on Privacy Policies", IEEE International Requirements Engineering Conference (RE 2014), Aug 2014 [doi] [pdf]

• N. Sadeh, A. Acquisti, T. D. Breaux, L. F. Cranor, A. M. McDonald, J. Reidenberg, N. A. Smith, F. Liu, N. C. Russell, F. Schaub, S. Wilson, J. T. Graves, P. G. Leon, R. Ramanath, A. Rao, "Towards Usable Privacy Policies: Semi-automatically Extracting Data Practices From Websites' Privacy Policies", Symposium on Usable Security and Privacy (SOUPS 2014), Jul 2014 [pdf] [link]

• A. Marella, C. Pan, Z. Hu, F. Schaub, B. Ur, L. F. Cranor, "Assessing Privacy Awareness from Browser Plugins", Symposium on Usable Security and Privacy (SOUPS 2014), Jul 2014 [pdf]

• J.Lin, B. Liu, N. Sadeh, J.I. Hong, "Modeling Users’ Mobile App Privacy Preferences: Restoring Usability in a Sea of Permission Settings", Symposium on Usable Security and Privacy (SOUPS 2014), Jul 2014 [link]

• J. Reidenberg, N.C. Russell, A. Callen, S. Qasir, "Privacy Enforcement Actions", Jun 2014 [pdf]

• R. Ramanath, F. Liu, N. Sadeh, N.A. Smith, "Unsupervised Alignment of Privacy Policies using Hidden Markov Models", Annual Meeting of the Association for Computational Linguistics (ACL 2014), Jun 2014 [doi] [pdf]

• B. Liu, J. Lin, N. Sadeh, "Reconciling Mobile App Privacy and Usability on Smartphones: Could User Privacy Profiles Help?", International World Wide Web Conference (WWW 2014), Apr 2014 [doi]

2013

• N. Sadeh, A. Acquisti, T.D. Breaux, L.F. Cranor, A.M. McDonald, J. Reidenberg, N.A. Smith, F. Liu, N.C. Russell, F. Schaub, S. Wilson, "The Usable Privacy Policy Project: Combining Crowdsourcing, Machine Learning and Natural Language Processing to Semi-Automatically Answer Those Privacy Questions Users Care About", Carnegie Mellon University Technical Report CMU-ISR-13-119, Institute for Software Research, School of Computer Science, Dec 2013 [link] [pdf]