Posts

Showing posts from 2024

Summary of My Past Research

Image
When doing reappointment and promotion packages for faculty, you're expected to submit a summary of your research and accomplishments. Since I'm a full professor, I'm not required to do this anymore, but I thought it would still be a useful exercise, partly to help me reflect on my work but also to share with the world what I felt were some of my key accomplishments. So here are some highlights of my research and teaching over the past twenty years. ____________________ Pioneered research on protecting people from phishing scams . This research combined ideas from machine learning, decision sciences, learning science, and game design, and greatly expanded the field of usable privacy and security in its early days. The browser warnings in Microsoft Internet Explorer 8 were re-designed based on our research, and key ideas from our work are still present in all web browser warnings today. Our work detecting phishing web pages is one of the earliest and perhaps most cited pap...

Questions for Privacy Risk Modeling

In 2004, my colleagues and I published a paper called  Privacy risk models for designing privacy-sensitive ubiquitous computing systems . This paper posed a series of questions about user interface design, system design, and organizational issues that one should consider with respect to privacy when designing new ubicomp systems. In a recently published chapter in the book  Mobile Sensing in Psychology: Methods and Applications , I offer an updated version of these questions, shared below. Design Issues  • What kinds of personal information are sensed or gathered (e.g., name, email)? • How sensitive is the data? If leaked, can the data be easily linked to a specific individual? • Is there a clear value proposition for end users for sharing their personal data? Is this value proposition clear to end users? • Does this data collection match people’s expectations about the app? For example, it makes sense for a sleep monitor to use a microphone but perhaps not for a f...