Privacy Tech, InfoSec & IP



  1. Compliance Traceability: Privacy Policies as Software Development Artifacts (Extended Abstract)
    Sebastian Zimmeck, Peter Story, Rafael Goldstein, David Baraka, Shaoyan Li, Yuanyuan Feng, and Norman Sadeh
    Open Day for Privacy, Usability, and Transparency (PUT), Stockholm, Sweden, July 2019
    Paper   BibTeX   Bluebook  

  3. MAPS: Scaling Privacy Compliance Analysis to a Million Apps
    Sebastian Zimmeck, Peter Story, Abhilasha Ravichander, Daniel Smullen, Ziqi Wang, Joel Reidenberg, N. Cameron Russell, and Norman Sadeh
    19th Privacy Enhancing Technologies Symposium (PETS), Stockholm, Sweden, July 2019 (also presented at the New England Security Day 2019)
    Paper   BibTeX   Bluebook   Data   Slides  

  5. Natural Language Processing for Mobile App Privacy Compliance
    Peter Story, Sebastian Zimmeck, Abhilasha Ravichander, Daniel Smullen, Ziqi Wang, Joel Reidenberg, N. Cameron Russell, and Norman Sadeh
    AAAI 2019 Spring Symposium on Privacy-Enhancing Artificial Intelligence and Language Technologies (PAL), Palo Alto, CA, USA, March 2019
    Paper   BibTeX   Bluebook  

  7. Analyzing Privacy Policies at Scale: From Crowdsourcing to Automated Annotations
    Shomir Wilson, Florian Schaub, Frederick Liu, Kanthashree Mysore Sathyendra, Daniel Smullen, Sebastian Zimmeck, Rohan Ramanath, Peter Story, Fei Liu, Norman Sadeh, and Noah A. Smith
    ACM Transactions on the Web (TWEB), August 2018 (preprint)
    Paper   BibTeX   Bluebook  

  9. Which Apps have Privacy Policies?
    Peter Story, Sebastian Zimmeck, and Norman Sadeh
    6th Annual Privacy Forum (APF), Barcelona, Spain, June 2018 (also presented at PrivacyCon 2018 and published as Tech Report, CMU-ISR-18-100R)
    Paper   BibTeX   Bluebook   Poster

  11. Towards Automatic Classification of Privacy Policy Text (Short Paper)
    Frederick Liu, Shomir Wilson, Peter Story, Sebastian Zimmeck, and Norman Sadeh
    Tech Report, CMU-ISR-17-118R, CMU-LTI-17-010, Pittsburgh, PA, USA, June 2018
    Paper   BibTeX   Bluebook

  13. Identifying the Provision of Choices in Privacy Policy Text (Short Paper)
    Kanthashree Mysore Sathyendra, Shomir Wilson, Florian Schaub, Sebastian Zimmeck, and Norman Sadeh
    Conference on Empirical Methods in Natural Language Processing (EMNLP), Copenhagen, Denmark, September 2017
    Paper   BibTeX   Bluebook

  15. A Privacy Analysis of Cross-device Tracking
    Sebastian Zimmeck, Jie S. Li, Hyungtae Kim, Steven M. Bellovin, and Tony Jebara
    26th USENIX Security Symposium (USENIX Security), Vancouver, BC, CA, August 2017
    Paper   BibTeX   Talk   Bluebook   Slides   Software and Data  

  17. Using Machine Learning to Improve Internet Privacy
    Sebastian Zimmeck
    Columbia University Academic Commons, New York, NY, USA, March 2017
    Dissertation  BibTeX   Bluebook

  19. Automated Analysis of Privacy Requirements for Mobile Apps
    Sebastian Zimmeck, Ziqi Wang, Lieyong Zou, Roger Iyengar, Bin Liu, Florian Schaub, Shomir Wilson, Norman Sadeh, Steven M. Bellovin, and Joel Reidenberg
    24th Network & Distributed System Security Symposium (NDSS), San Diego, CA, USA, February 2017 (also presented at SOUPS 2017, PLSC 2017, PrivacyCon 2017, and PLT 2016)
    Paper  BibTeX   Bluebook Short Paper (PLT 2016)  Talk   Poster   Extended Poster (SOUPS 2017)   Slides   Press Release (Cal AG)

  21. The Creation and Analysis of a Website Privacy Policy Corpus
    Shomir Wilson, Florian Schaub, Aswarth Abhilash Dara, Frederick Liu, Sushain Cherivirala, Pedro Giovanni Leon, Mads Schaarup Andersen, Sebastian Zimmeck, Kanthashree Mysore Sathyendra, N. Cameron Russell, Thomas B. Norton, Eduard Hovy, Joel Reidenberg, and Norman Sadeh
    54th Annual Meeting of the Association for Computational Linguistics (ACL), Berlin, Germany, August 2016
    Paper  BibTeX   Bluebook

  23. Demystifying Privacy Policies with Language Technologies: Progress and Challenges
    Shomir Wilson, Florian Schaub, Aswarth Dara, Sushain K. Cherivirala, Sebastian Zimmeck, Mads Schaarup Andersen, Pedro Giovanni Leon, Eduard Hovy, Norman Sadeh
    LREC 1st Workshop on Text Analytics for Cybersecurity and Online Safety (TA-COS 2016), Portorož, Slovenia, May 2016
    Paper  BibTeX   Bluebook

  25. “I don’t have a photograph, but you can have my footprints.” – Revealing the Demographics of Location Data
    Chris Riederer, Sebastian Zimmeck , Coralie Phanord, Augustin Chaintreau, and Steven M. Bellovin
    3rd ACM Conference on Online Social Networks (COSN), Palo Alto, CA, USA, November 2015 (also presented at ICWSM 2015, PLSC 2015, NetMob 20015, and COSN 2014)
    Paper  BibTeX   Bluebook   Short Paper (ICWSM 2015)  BibTeX (ICWSM 2015)   Bluebook (ICWSM 2015)   Poster (COSN 2014)

  27. Privee: An Architecture for Automatically Analyzing Web Privacy Policies
    Sebastian Zimmeck and Steven M. Bellovin
    23rd USENIX Security Symposium (USENIX Security), San Diego, CA, USA, August 2014 (also presented at PLSC 2014 and FoPNaC 2014)
    Paper   BibTeX   Bluebook   Talk (USENIX 2014)   Talk (FoPNaC 2014)   Poster   Slides   Software (GitHub)   Software (chrome web store)

  29. When Enough is Enough: Location Tracking, Mosaic Theory, and Machine Learning
    Steven M. Bellovin, Renée M. Hutchins, Tony Jebara, and Sebastian Zimmeck
    8 N.Y.U. J.L. Liberty, 556 (2014) (also presented at PLSC 2013)
    Paper   BibTeX   Bluebook   Slides   Blog (NY Times Bits)

  31. The Information Privacy Law of Web Applications and Cloud Computing
    Sebastian Zimmeck
    29 Santa Clara Computer & High Tech. L.J. 451 (2013)
    Paper   BibTeX   Bluebook

  33. A Game-theoretic Model for Reasonable Royalty Calculation
    Sebastian Zimmeck
    22 Alb. L.J. Sci. & Tech. 357 (2012)
    Paper   BibTeX   Bluebook

  35. Use of Functional Claim Elements for Patenting Computer Programs
    Sebastian Zimmeck
    12 J. High Tech. L. 168 (2011)
    Paper   BibTeX   Bluebook

  37. Patent Eligibility of Programming Languages and Tools
    Sebastian Zimmeck
    13 Tul. J. Tech. & Intell. Prop. 133 (2010)
    Paper   BibTeX   Bluebook

  39. Grundlagen der Nutzungsrechtsübertragung an Urheberrechtlich Geschützten Computerprogrammen durch den Lizenznehmer
    Sebastian Zimmeck
    1 ZGE 324 (2009)
    Paper   BibTeX   Bluebook

Blog Posts


  1. The Privacy of COVID-19 Apps -- Reopening Alphaville
    Medium (The Startup), May 18, 2020

  3. The CCPA is here! Now what? and Medium (The Startup), January 8, 2020

  5. How Mobile App Permissions (Don't) Protect Privacy
    Medium (The Startup), June 6, 2019

  7. Social Debt: Why Software Developers Should Think Beyond Tech
    Medium, January 20, 2019

  9. The Galaxy Nexus: Still Around After All These Years
    Medium, May 27, 2018

Research Team


  1. Kuba Alicki '22, Spring 2020 - present

  3. Phil Kaelbling '22, Spring 2020

  5. Sarah Jin '21, Fall 2019

  7. David Baraka '21, Spring 2019 - present

  9. Rafael Goldstein '21, Fall 2018 - present



  1. Fall 2020
    COMP 114: How to Talk to Machines
    COMP 423: Advanced Information Security and Privacy Research Seminar, Undergraduate
    COMP 411: Software Design and Engineering Group Tutorial, Undergraduate

  3. Spring 2020
    COMP 360: Information Security and Privacy
    COMP 424: Advanced Information Security and Privacy Research Seminar, Undergraduate

  5. Fall 2019
    COMP 114: How to Talk to Machines
    COMP 423: Advanced Information Security and Privacy Research Seminar, Undergraduate

  7. Spring 2019
    COMP 114: How to Talk to Machines
    COMP 424: Advanced Information Security and Privacy Research Seminar, Undergraduate

  9. Fall 2018
    COMP 360: Information Security and Privacy
    COMP 411: Advanced Information Security and Privacy Group Tutorial, Undergraduate


I am a computer scientist and lawyer. My research interests are privacy tech, infosec, and intellectual property.

With my students, I design and develop privacy tech for mobile and web apps. I lead the privacy-tech-lab at Wesleyan.