Sebastian Zimmeck

Information Privacy & Security

Department of Mathematics and Computer Science, Wesleyan University
Science Tower 655, 265 Church Street, Middletown, CT 06459-0128

privacy-tech-lab
Google Scholar

Work

2018+ Department of Mathematics and Computer Science, Wesleyan University
Assistant Professor of Computer Science

2016-2018 Institute for Software Research, School of Computer Science, Carnegie Mellon University
Postdoctoral Associate

2012-2016 Department of Computer Science, Columbia University
Research Assistant

2011-2013 Berkeley Center for Law & Technology, University of California
Google Research Fellow

2006-2009 Freshfields Bruckhaus Deringer LLP
Attorney at Law

Education

2012-2016 Graduate School of Arts & Sciences, Columbia University
PhD (Computer Science)
Doctoral thesis advisor: Steven M. Bellovin

2009-2011 Fu Foundation School of Engineering & Applied Science, Columbia University
MS (Computer Science)

2005-2006 Berkeley School of Law, University of California
LLM (Master of Laws)

2003-2008 University of Kiel School of Law, Germany
PhD (Law)
Doctoral thesis advisor: Andreas Hoyer

2003 University of Kiel School of Law, Germany
JD (First State Examination)

Papers

All Peer-reviewed, ◊ Wesleyan Student, ‡ Equal Contributor, ∥ Poster or Short Paper

P23

Website Data Transparency in the Browser
Sebastian Zimmeck, Daniel Goldelman ◊, Owen Kaplan ◊, Logan Brown ◊, Justin Casler ◊, Judeley Jean-Charles ◊, Joe Champeau ◊ and Hamza Harkous
24th Privacy Enhancing Technologies Symposium (PETS)
Bristol, UK and Online Event, July 2024

BibTeX, Code

P22

Generalizable Active Privacy Choice: Designing a Graphical User Interface for Global Privacy Control
Sebastian Zimmeck, Eliza Kuller ◊, Chunyue Ma ◊, Bella Tassone ◊ and Joe Champeau ◊
24th Privacy Enhancing Technologies Symposium (PETS)
Bristol, UK and Online Event, July 2024

BibTeX, Code

P21

Usability and Enforceability of Global Privacy Control
Sebastian Zimmeck, Oliver Wang ◊, Kuba Alicki ◊, Jocelyn Wang ◊ and Sophie Eng ◊
23rd Privacy Enhancing Technologies Symposium (PETS)
Lausanne, Switzerland and Online Event, July 2023

BibTeX, Talk, Slides, Code The Wesleyan Connection

P20

PrivacyFlash Pro: Automating Privacy Policy Generation for Mobile Apps
Sebastian Zimmeck, Rafael Goldstein ◊ and David Baraka ◊
28th Network & Distributed System Security Symposium (NDSS)
Online Event, February 2021

BibTeX, Talk, Slides, Code

P19

Standardizing and Implementing Do Not Sell ∥
Sebastian Zimmeck and Kuba Alicki ◊
19th ACM Workshop on Privacy in the Electronic Society (WPES)
Online Event, November 2020

BibTeX, Code

P18

MAPS: Scaling Privacy Compliance Analysis to a Million Apps
Sebastian Zimmeck ‡, Peter Story ‡, Abhilasha Ravichander, Daniel Smullen, Ziqi Wang, Joel Reidenberg, N. Cameron Russell and Norman Sadeh
19th Privacy Enhancing Technologies Symposium (PETS)
Stockholm, Sweden, July 2019

BibTeX, Slides, Data

P17

Natural Language Processing for Mobile App Privacy Compliance
Peter Story ‡, Sebastian Zimmeck ‡, Abhilasha Ravichander, Daniel Smullen, Ziqi Wang, Joel Reidenberg, N. Cameron Russell and Norman Sadeh
AAAI 2019 Spring Symposium on Privacy-Enhancing Artificial Intelligence and Language Technologies (PAL)
Palo Alto, CA, March 2019

BibTeX

P16

Analyzing Privacy Policies at Scale: From Crowdsourcing to Automated Annotations
Shomir Wilson, Florian Schaub, Frederick Liu, Kanthashree Mysore Sathyendra, Daniel Smullen, Sebastian Zimmeck, Rohan Ramanath, Peter Story, Fei Liu, Norman Sadeh and Noah A. Smith
ACM Transactions on the Web (TWEB), August 2018

BibTeX

P15

Which Apps have Privacy Policies?
Peter Story, Sebastian Zimmeck and Norman Sadeh
6th Annual Privacy Forum (APF)
Barcelona, Spain, June 2018
Also Published at:
Tech Report, CMU-ISR-18-100
Pittsburgh, PA, June 2018

BibTeX, Poster

P14

Identifying the Provision of Choices in Privacy Policy Text ∥
Kanthashree Mysore Sathyendra, Shomir Wilson, Florian Schaub, Sebastian Zimmeck and Norman Sadeh
Conference on Empirical Methods in Natural Language Processing (EMNLP)
Copenhagen, Denmark, September 2017

BibTeX

P13

A Privacy Analysis of Cross-device Tracking
Sebastian Zimmeck, Jie S. Li, Hyungtae Kim, Steven M. Bellovin and Tony Jebara
26th USENIX Security Symposium (USENIX Security)
Vancouver, Canada, August 2017

BibTeX, Talk, Slides, Code, Data

P12

Mobile App Privacy Compliance: Automated Technology to Help Regulators, App Stores and Developers ∥
Sebastian Zimmeck, Ziqi Wang, Lieyong Zou, Roger Iyengar, Bin Liu, Florian Schaub, Shomir Wilson, Norman Sadeh, Steven M. Bellovin and Joel Reidenberg
13th Symposium on Usable Privacy and Security (SOUPS)
Santa Clara, CA, July 2017

P11

Automated Analysis of Privacy Requirements for Mobile Apps
Sebastian Zimmeck, Ziqi Wang, Lieyong Zou, Roger Iyengar, Bin Liu, Florian Schaub, Shomir Wilson, Norman Sadeh, Steven M. Bellovin and Joel Reidenberg
24th Network & Distributed System Security Symposium (NDSS)
San Diego, CA, February 2017
Also Published at:
AAAI 2016 Fall Symposium on Privacy and Language Technologies (PLT)
Arlington, VA, November 2016

BibTeX, Talk, Poster, Slides, Paper (AAAI) ∥

P10

The Creation and Analysis of a Website Privacy Policy Corpus
Shomir Wilson, Florian Schaub, Aswarth Abhilash Dara, Frederick Liu, Sushain Cherivirala, Pedro Giovanni Leon, Mads Schaarup Andersen, Sebastian Zimmeck, Kanthashree Mysore Sathyendra, N. Cameron Russell, Thomas B. Norton, Eduard Hovy, Joel Reidenberg and Norman Sadeh
54th Annual Meeting of the Association for Computational Linguistics (ACL)
Berlin, Germany, August 2016

BibTeX

P09

Demystifying Privacy Policies with Language Technologies: Progress and Challenges
Shomir Wilson, Florian Schaub, Aswarth Dara, Sushain K. Cherivirala, Sebastian Zimmeck, Mads Schaarup Andersen, Pedro Giovanni Leon, Eduard Hovy and Norman Sadeh
LREC 1st Workshop on Text Analytics for Cybersecurity and Online Safety 2016 (TA-COS)
Portorož, Slovenia, May 2016

BibTeX

P08

“I don’t have a photograph, but you can have my footprints.” - Revealing the Demographics of Location Data
Chris Riederer, Sebastian Zimmeck, Coralie Phanord, Augustin Chaintreau and Steven M. Bellovin
3rd ACM Conference on Online Social Networks (COSN)
Palo Alto, CA, November 2015
Also Published at:
9th International AAAI Conference on Web and Social Media (ICWSM)
Palo Alto, CA, July 2015

BibTeX, Paper (ICWSM) ∥, BibTeX (ICWSM)

P07

Privee: An Architecture for Automatically Analyzing Web Privacy Policies
Sebastian Zimmeck and Steven M. Bellovin
23rd USENIX Security Symposium (USENIX Security)
San Diego, CA, August 2014

BibTeX, Talk, Poster, Slides, Code

P06

When Enough is Enough: Location Tracking, Mosaic Theory, and Machine Learning
Steven M. Bellovin, Renée M. Hutchins, Tony Jebara and Sebastian Zimmeck
8 N.Y.U. J.L. Liberty, 556 (2014)

BibTeX, Slides, NY Times

P05

The Information Privacy Law of Web Applications and Cloud Computing
Sebastian Zimmeck
29 Santa Clara Computer & High Tech. L.J. 451 (2013)

BibTeX

P04

A Game-theoretic Model for Reasonable Royalty Calculation
Sebastian Zimmeck
22 Alb. L.J. Sci. & Tech. 357 (2012)

BibTeX

P03

Use of Functional Claim Elements for Patenting Computer Programs
Sebastian Zimmeck
12 J. High Tech. L. 168 (2011)

BibTeX

P02

Patent Eligibility of Programming Languages and Tools
Sebastian Zimmeck
13 Tul. J. Tech. & Intell. Prop. 133 (2010)

BibTeX

P01

Grundlagen der Nutzungsrechtsübertragung an Urheberrechtlich Geschützten Computerprogrammen durch den Lizenznehmer
Sebastian Zimmeck
1 ZGE 324 (2009)

BibTex

Under Review

UR04

Websites’ Global Privacy Control Compliance at Scale and over Time
Kate Hausladen ◊, Oliver Wang ◊, Sophie Eng ◊, Jocelyn Wang ◊, Francisca Wijaya ◊, Matt May ◊ and Sebastian Zimmeck
Under Review at 34th USENIX Security Symposium (USENIX Security - Advanced to Second Round of Review)

UR03

From Ad Identifiers to Global Privacy Control: The Status Quo and Future of Opting Out of Ad Tracking on Android
Sebastian Zimmeck, Nishant Aggarwal ◊, Zachary Liu ◊ and Konrad Kollnig
Under Review at 34th USENIX Security Symposium (USENIX Security - Advanced to Second Round of Review)

UR02

Analyzing the Goals of US Election Ads on Social Networks
Markus Neumann, Sebastian Zimmeck, Jielu Yao, Erika Franklin Fowler, Michael Franz, Breeze Floyd and Travis Nelson Ridout
Under Review at The Web Conference 2025 (WWW - Under Review)

UR01

Comparable 2022 General Election Advertising Datasets from Meta and Google
Meiqing Zhang, Furkan Cakmak, Markus Neumann, Sebastian Zimmeck, Pavel Oleinikov, Jielu Yao, Harry Yu ◊, Aleks Jacewicz ◊, Isabella Tassone ◊, Breeze Floyd, Laura Baum, Mike Franz, Travis Ridout and Erika Franklin Fowler
Nature Scientific Data (Under Review)

Web Posts

WP23

Letter to CA Governor Gavin Newsom in Support of CA A.B. 3048
Sebastian Zimmeck
September 19, 2024

WP22

Coalition Letter in Support of CA A.B. 3048
Accountable Tech, Brave Software, California Public Interest Research Group, Center for Democracy & Technology, Center for Digital Democracy, Consumer Federation of America, Consumer Reports, Digital Content Next, Electronic Privacy Information Center, Privacy Rights Clearinghouse, Don Marti, Robin Berjon and Sebastian Zimmeck
March 26, 2024

WP21

Global Privacy Control (GPC) Explainer
Aram Zucker-Scharff, Justin Brookman and Sebastian Zimmeck
January 25, 2024

WP20

Global Privacy Control application for inclusion in Colorado’s UOOM registry
Consumer Reports, DuckDuckGo, Robin Berjon, Raptive, Digital Content Next and Sebastian Zimmeck
November 6, 2023

WP19

Op-ed: We need a federal privacy law. Here’s why.
Sebastian Zimmeck
Hartford Courant
May 21, 2023

WP18

Global Privacy Control (GPC) Draft W3C Specification
Sebastian Zimmeck, Peter Snyder, Justin Brookman and Aram Zucker-Scharff
World Wide Web Consortium
April 20, 2023

WP17

Pre-Rulemaking Considerations for the Colorado Privacy Act, Part 2
Sebastian Zimmeck
January 7, 2023

WP16

How to Implement Global Privacy Control (GPC) for Publishers
Aram Zucker-Scharff and Sebastian Zimmeck
September 14, 2022

WP15

Comment on the Proposed Regulations under the California Consumer Privacy Act of 2020
Sebastian Zimmeck
August 21, 2022

WP14

Pre-Rulemaking Considerations for the Colorado Privacy Act
Sebastian Zimmeck
July 4, 2022

WP13

Improving Internet Privacy with Global Privacy Control (GPC)
5th NSF Secure and Trustworthy Cyberspace Principal Investigator Meeting (2022 SaTC PI Meeting), Arlington, VA
Sebastian Zimmeck
June 1-2, 2022

WP12

The Data Rights Protocol: Threading Privacy Rights into the Internet
Sebastian Zimmeck
MIT Computational Law Report
January 18, 2022

WP11

Data Rights Protocol and Global Privacy Control
Sebastian Zimmeck
Consumer Reports Digital Lab Blog
January 13, 2022

WP10

Comment on the Proposed Rulemaking under the California Consumer Privacy Act of 2020 (Proceeding No. 01-21)
Sebastian Zimmeck
November 8, 2021

WP09

Opting Out May Not Prevent Websites From Collecting Your Data
Sebastian Zimmeck
Medium
July 17, 2021

WP08

Protect Your Online Privacy with Global Privacy Control (GPC)
Sebastian Zimmeck
Medium
October 24, 2020

WP07

The Privacy of COVID-19 Apps - Reopening Alphaville
Sebastian Zimmeck
The Startup (Medium)
May 18, 2020

WP06

The CCPA is here! Now what?
Sebastian Zimmeck
Dev.to and The Startup (Medium)
January 8, 2020

WP05

Compliance Traceability: Privacy Policies as Software Development Artifacts
Open Day for Privacy, Usability, and Transparency (PUT), Stockholm, Sweden
Sebastian Zimmeck, Peter Story, Rafael Goldstein, David Baraka, Shaoyan Li, Yuanyuan Feng and Norman Sadeh
July 15, 2019

WP04

How Mobile App Permissions (Don’t) Protect Privacy
Sebastian Zimmeck
The Startup (Medium)
June 6, 2019

WP03

Social Debt: Why Software Developers Should Think Beyond Tech
Sebastian Zimmeck
Medium
January 20, 2019

WP02

Towards Automatic Classification of Privacy Policy Text
Frederick Liu, Shomir Wilson, Peter Story, Sebastian Zimmeck and Norman Sadeh
Tech Report, CMU-ISR-17-118R, CMU-LTI-17-010, Pittsburgh, PA
June 2018

WP01

The Galaxy Nexus: Still Around After All These Years
Sebastian Zimmeck
Medium
May 27, 2018

Doctoral Theses

DT02

Using Machine Learning to Improve Internet Privacy
Sebastian Zimmeck
Columbia University Academic Commons
New York, NY, March 2017

BibTeX

DT01

Die Reichweite des Lebensrechts im technologischen Zeitalter
Sebastian Zimmeck
Nomos, Kieler Rechtswissenschaftliche Abhandlungen (NF) 57
Baden-Baden, 2009

BibTeX

Talks

T55 Privacy Preference Signals and Global Privacy Control

December 3, 2024, Guest Lecture in Sepideh Ghanavati’s COS 435/535 - Information Privacy Engineering, University of Maine, Online

T54 How General Should Privacy Assistants Be?

November 7, 2024, Workshop: Unblocking the Path Forward to Offer Automated Privacy Assistance to Users, Google, Mountain View

T53 Virtual Roundtable with the Federal Trade Commission

October 9, 2024, Northeastern Cybersecurity and Privacy Institute, Online (Panel Discussion)

T52 Website Data Transparency in the Browser

July 18, 2024, 24th Privacy Enhancing Technologies Symposium, University of Bristol, Bristol, UK

T51 Birds of a Feather Session: Are you not entertained? How to make privacy more fun!

July 17, 2024, 24th Privacy Enhancing Technologies Symposium, University of Bristol, Bristol, UK

T50 Generalizable Active Privacy Choice: Designing a Graphical User Interface for Global Privacy Control

September 5, 2024, Future of Privacy Forum Ad Practices Working Group call, Future of Privacy Forum, Online
July 16, 2024, 24th Privacy Enhancing Technologies Symposium, University of Bristol, Bristol, UK

T49 An Introduction to Global Privacy Control: Best Practices for Implementers

June 27, 2024, Comcast Monthly Cybersecurity and Privacy Presentation Series, Comcast, Online

T48 From Sci-Fi to Reality: Demystifying AI

April 18, 2024, WesFest Master Class, Wesleyan University

T47 Privacy Enhancing Technologies and Design Analysis

March 6, 2024, FTC PrivacyCon 2024, Federal Trade Commission, Online (Panel Discussion)

T46 Colorado Attorney General GPC Fireside Chat

March 5, 2024, Office of the Colorado Attorney General, Online (Panel Discussion)

T45 Global Privacy Control: Current Challenges and Future Plans

October 31, 2023, Current Topics in Privacy Seminar, Carnegie Mellon University, Software and Societal Systems Department, Online

T44 AI 101: The Myths, the Legends, and the Everyday

October 30, 2023, Community Foundation of Middlesex County, Online

T43 Leveraging Global Privacy Control to Honor Do Not Sell and Share Requests

August 16, 2023, IAPP Pune, India, Chapter KnowledgeNet Session, Online

T42 Usability and Enforceability of Global Privacy Control

July 13, 2023, 23rd Privacy Enhancing Technologies Symposium, Université de Lausanne and École Polytechnique Fédérale de Lausanne, Lausanne, Switzerland

T41 Birds of a Feather Session: Privacy Preference Signals

July 13, 2023, 23rd Privacy Enhancing Technologies Symposium, Université de Lausanne and École Polytechnique Fédérale de Lausanne, Lausanne, Switzerland

T40 Global Privacy Control: Opting out from Web Tracking with One Click

May 5, 2023, Natural Sciences and Mathematics (NSM) Luncheon, Wesleyan University

T39 TikTok goes to Washington

April 4, 2023, Where We Live, WNPR Connecticut Public Radio (Panel Discussion)

T38 Privacy through Cryptography: Some Good News

April 1, 2023, Shasha Seminar for Human Concerns - A Roadmap for Internet Privacy, Wesleyan University

T37 Privacy Preference Signals and Global Privacy Control

March 27, 2023, Guest Lecture in Areins Pelayo’s PHIL 271 - Data, Privacy, and Ethics, Wesleyan University

T36 How we work @ privacytechlab.org

October 21, 2022, Privacy Enhancing Technologies for the Public Interest Workshop, Rafik B. Hariri Institute for Computing and Computational Science and Engineering, Boston University

T35 Privacy Pioneer: Automating the Creation of Privacy Labels for Websites

October 3, 2022, Google, Online

T34 Global Privacy Control: CCPA Enforcement of GPC Opt-Out Signals

September 13, 2022, OneTrust, Online (Panel Discussion)

T33 Improving Internet Privacy with Global Privacy Control (GPC)

June 1-2, 2022, 5th NSF Secure and Trustworthy Cyberspace Principal Investigator Meeting, Arlington, VA (Poster Presentation)

T32 Comments on Global Privacy Control (GPC)

May 5, 2022, California Privacy Protection Agency Stakeholder Meeting, Online

T31 Emerging State Privacy Laws: Are They Working for Consumers and Businesses?

March 24, 2022, Privacy + Security Forum, Online (Panel Discussion)

T30 Cryptography for Cryptocurrencies: The Technologies Behind the Blockchain

February 23, 2022, Guest Lecture in Student Forum ECON 420 - Crypto & Digital Currency: The Future of the Financial Services Industry?, Wesleyan University

T29 Data Rights Summit

October 19, 2021, Consumer Reports Digital Lab and MIT Media Lab, Online (Panel Discussion)

T28 Deep Fakes in the Age of Misinformation

March 12, 2021, Shasha Seminar for Human Concerns - Truth (and Lies) in Our Time, Wesleyan University, Online (Panel Discussion Moderator)

T27 ADPC & GPC - User Privacy Signals, Consent Management, and Data-Driven Everything

March 2, 2022, AdTech & Privacy Forum, Online (Panel Discussion)

T26 Global Opt Out, Right to Cure, Extending Rights to Data that has been Collected or Inferred

December 20, 2021, Connecticut State Senate, Consumer Data Privacy Working Group, Online

T25 A Primer on Global Privacy Control (GPC)

February 4, 2021, National Association of Attorneys General (NAAG), Technology Platform Call
December 8, 2020, Northeastern University, Khoury College of Computer Science Talk, Online
December 3, 2020, UC Davis, Computer Science Colloquium Series, Online

T24 Privacy Law & Innovation Collide: Global Privacy Consent

January 27, 2021, The Rise of Privacy Tech’s Data Privacy Day 2021, Online (Panel Discussion)

T23 Standardizing and Implementing Do Not Sell

November 9, 2020, 19th ACM Workshop on Privacy in the Electronic Society, Online

T22 “Getting Hacked is Contagious” - National Cybersecurity Awareness Month

October 8, 2020, SUNY Canton, Online (Panel Discussion)

T21 Data Privacy & Contact Tracing

July 22, 2020, CT Education Network, Online (Panel Discussion)

T20 Feature Discussion Series on Privacy for iOS with iOS YouTuber Brian Advent

June 22, 2020, Q&A: Privacy & iOS Development
June 4, 2020, Why Privacy Matters, How Data Shapes Our Lives & What Developers Can Do
May 24, 2020, Privacy and Software Development - How to create a Privacy Policy

T19 PrivacyFlash Pro: Generating Privacy Policies from App Code

March 12, 2021, School Computing and Information Science, University of Maine, Online
February 24, 2021, 28th Network & Distributed System Security Symposium (NDSS), Online

T18 Developing Privacy Policies for iOS Apps

February 24, 2020, iOSoho - New York City’s largest iOS Engineer Meetup, New York, NY

T17 Cryptography Essentials

February 4, 2020, Guest Lecture in Jim Lipton’s COMP 412 - Blockchain Tutorial, Wesleyan University

T16 What Are You Consenting To? A Panel on Data Privacy and Consent

November 19, 2019, American Civil Liberties Union of Connecticut, Wesleyan Chapter, Wesleyan University (Panel Discussion)

T15 Mobile App Tracking: Technologies and Privacy Challenges

October 31, 2019, Guest Lecture in Paul Schwartz’s 276.32 - Topics in Privacy and Security Law, University of California, Berkeley

T14 Transparency & Notice: Third Parties and Cross-Device Ad Targeting in the Context of the CCPA

October 30, 2019, Data Protection in the 2020s: Industry Symposium on the CCPA, Samba TV, San Francisco, CA (Panel Discussion)

T13 On Big Data

October 3, 2019, Financial Economics Study Group, Wesleyan University

T12 MAPS: Scaling Privacy Compliance Analysis to a Million Apps

July 18, 2019, 19th Privacy Enhancing Technologies Symposium, Royal Institute of Technology, Stockholm, Sweden
July 9, 2019, Financial Economics Study Group, Wesleyan University
March 22, 2019, New England Security Day (NESD) 2019, UMass Amherst

T11 Compliance Traceability: Privacy Policies as Software Development Artifacts (Lightning Talk)

July 15, 2019, Open Day for Privacy, Usability, and Transparency (PUT), Royal Institute of Technology, Stockholm, Sweden

T10 Alternative Data

April 2, 2019, Financial Economics Study Group, Wesleyan University

T09 Social Debt: Why Software Developers Need to Go Beyond Tech

February 8, 2019, Natural Sciences and Mathematics (NSM) Luncheon, Wesleyan University

T08 A Random Walk Down Silicon Alley

November 15, 2018, Financial Economics Study Group, Wesleyan University

T07 A Privacy Analysis of Cross-device Tracking

August 18, 2017, 26th USENIX Security Symposium (USENIX Security), Vancouver, Canada
February 2, 2017, Current Topics in Privacy Seminar, Carnegie Mellon University

T06 Mobile App Privacy Compliance: Automated Technology to Help Regulators, App Stores and Developers

July 12, 2017, 13th Symposium on Usable Privacy and Security (SOUPS), Santa Clara, CA (Tutorial and Poster Session)
June 1, 2017, Privacy Law Scholars Conference 2017, University of California, Berkeley

T05 Automated Privacy Requirement Analysis for Mobile Apps

February 28, 2017, 24th Network & Distributed System Security Symposium (NDSS), San Diego, CA
January 12, 2017, FTC PrivacyCon 2017, Washington, DC
November 17, 2016, AAAI 2016 Fall Symposium on Privacy and Language Technologies (PLT), Arlington, VA
November 16, 2016, Societal Computing Practicum, Carnegie Mellon University
October 27, 2016, Current Topics in Privacy Seminar, Carnegie Mellon University

T04 Privacy Implications of Machine Learning

February 24, 2016, Guest Lecture in Steven Bellovin’s COMS W3410 - Computers and Society, Columbia University

T03 Privee: An Architecture for Automatically Analyzing Web Privacy Policies

August 6, 2015, CUPS Lunchtime Seminar, Carnegie Mellon University
February 13, 2015, Google PhD Summit, Google, New York, NY (Poster Session Talk)
December 3, 2014, Department of Computer Science, Stony Brook University
September 17, 2014, Privacy Research Group, New York University
August 20, 2014, 23rd USENIX Security Symposium (USENIX Security), San Diego, CA
June 6, 2014, Privacy Law Scholars Conference 2014, University of California, Berkeley

T02 Leveraging Technology to Improve Notice and Choice

June 27, 2014, Future of Privacy Notice and Choice (FoPNaC), Carnegie Mellon University (Panel Discussion)

T01 When Enough is Enough: Location Tracking, the Fourth Amendment, and Machine Learning

March 28, 2014, Integrative Graduate Education and Research Traineeship (IGERT) Distinguished Speaker Series, Columbia University

Research Team

F24+ 36. Ebuka Akubilo ‘25
F24+ 35. Anan Afrida ‘26
F24+ 34. Patton Yin ‘25
S24+ 33. Kelleigh Entrekin ‘25
S24+ 32. Francisca Wijaya ‘27
F23+ 31. Nate Levinson ‘25
F23+ 30. Matt May ‘25
F23+ 29. Zachary Liu ‘26
F23-S24 28. Dominik Dadak ‘26
F23+ 27. Aleks Jacewicz ‘25
S23+ 26. Nishant Aggarwal ‘26
S23 25. Candace Walker ‘26
S23+ 24. Harry Yu ‘25
S23 23. Wesley Tan ‘26
F22-S24 22. Kate Hausladen BA/MA ‘24
S22-F23 21. Judeley Jean-Charles ‘24
S22-S24 20. Joe Champeau ‘24
S22-F23 19. Jocelyn Wang ‘24
S22-F23 18. Justin Casler ‘24
S22-S24 17. Sophie Eng ‘25
S21-S24 16. Oliver Wang ‘24
S21-S22 15. Chunyue Ma ‘22
S21-F21 14. Stanley Markman ‘23,
S21 13. Kiryl Beliauski, ‘23
S21-S23 12. Logan Brown ‘23
S21-S24 11. Daniel Goldelman BA/MA ‘24
S21+ 10. Bella Tassone BA/MA ‘25
S21-S23 09. Eliza Kuller ‘23
F20-S22 08. Owen Kaplan ‘22
F20 07. Abdallah Salia ‘22
F20-S21 06. Daniel Knopf ‘22
S20-S22 05. Kuba Alicki ‘22
S20 04. Phil Kaelbling ‘22
F19 03. Sarah Jin ‘21
S19-S21 02. David Baraka ‘21
F18-S21 01. Rafael Goldstein ‘21

Thesis Advisor

TA09 Title TBD
Bella Tassone BA/MA ‘25
Spring 2025

TA08 Title TBD
Kelleigh Entrekin ‘25
Spring 2025

TA07 Title TBD
Patton Yin ‘25
Spring 2025

TA06 Title TBD
Harry Yu ‘25
Spring 2025

TA05 Investigating the Current State of CCPA Compliance on the Internet
Kate Hausladen BA/MA ‘24
Spring 2024

TA04 Global Adaptation of Privacy Pioneer: Recommendations for Conducting Cross-Regional Web Privacy Studies
Daniel Goldelman BA/MA ‘24
Spring 2024

TA03 Privacy Choice Mechanisms and the Online Advertising Ecosystem: Can Generalizable Active Privacy Choices and Online Advertising Coexist?
Eliza Kuller ‘23
Spring 2023

TA02 Privacy Pioneer: Creating an Automated Data-Privacy UI for Web Browsers
Owen Kaplan ‘22
Spring 2022

TA01 Don’t Sell Our Data: Exploring CCPA Compliance via Automated Privacy Signal Detection
Kuba Alicki ‘22
Spring 2022

Thesis Reader

TR03 A Comparative Study on Analyses of Browser Fingerprinting
Timothy Stephenson ‘23
Spring 2023

TR02 Fairness & Social Influence Maximization
Schuyler Sloman ‘22
Spring 2022

TR01 All My Friends Are Fake: A Node-By-Node Approach to Social Network Classification
Isaac Jacobs ‘20
Spring 2020

Awards

A13 Google Cloud Research Credits Award - $5,000
Google
2024-2025

A12 Grants in Support of Scholarship - $25,976
Wesleyan University
2023-2024

A11 Collaborative Research: EAGER: Cross-platform Election Advertising Transparency Initiative - $260,201
National Science Foundation
With Erika Franklin-Fowler
2022-2024

A10 Google Research Scholar Award - $60,000
Google
2022-2025

A09 Design, Development, and Testing of a Generalizable Active Privacy Choice Mechanism - $34,856
Alfred P. Sloan Foundation
2021-2023

A08 SaTC: CORE: Small: Improving Internet Privacy with Global Privacy Control - $265,614
National Science Foundation
2020-2025

A07 Anil Fernando Grant - $7,250
Anil Fernando Endowment, Wesleyan University
2019-2024

A06 Allbritton Grant for Support of a Faculty Study Group - $1,000
Allbritton Center for the Study of Public Life, Wesleyan University
With Abigail Hornstein and Karl Boulware
2018

A05 Research Grant - $5,000
Comcast
2015

A04 Community Service Award
Computer Science Department, Columbia University
2014

A03 Graduate Research Assistant Fellowship
Computer Science Department, Columbia University
2012-2016

A02 Research Fellowship
Google and University of California Berkeley, Berkeley Center for Law & Technology
2011-2013

A01 Student Fellowship
University of California Berkeley and German Academic Exchange Service (DAAD)
2005-2006

Teaching

TE04 COMP 334: Information Security and Privacy
Fall 2024, Spring 2023, Spring 2020, Fall 2018
This course explores principles and practical applications of computer security and privacy. Some of the topics covered include static and dynamic code analysis, secure authentication, privacy enhancing technologies, usable privacy and security, and web tracking. It will also touch upon theoretical areas, such as basic cryptographic concepts as well as differential privacy. The course has the objective to provide students with the conceptual knowledge and technical skills to identify and resolve privacy and security issues in the design, development, and evaluation of information systems.

TE03 COMP 333: Software Engineering
Spring 2025, Fall 2023, Spring 2022, Spring 2021
Software engineering is the application of engineering principles to the software development process. Eliciting requirements from stakeholders, designing the architecture of a program, performing usability studies, and testing a codebase are some of the aspects that elevate program development to software engineering. Focusing on web and mobile apps, students in this course will gain expertise in state-of-the-art frontend, backend, and mobile technologies, as well as related tooling. We will also cover the collaborative organization of software projects, software licensing, software business models, and ethical considerations for professional software engineers.

TE02 COMP 114: How to Talk to Machines
Spring 2024, Fall 2022, Fall 2020, Fall 2019, Spring 2019
How do we tell robots and computers how to do what they do? Getting a handle on this question is the goal of this course. Since telling a device how to do something depends a lot on what that device can do, along the way we will learn a bit about what is “in the box.” We will start with the kind of programming one might use to instruct a robot how to interact with the world around it. That will lead us to the Turing machine, a beautiful mathematical model of a computer. We will adapt that model to something that is closer to how most computer systems today are designed. We will end with an introduction to high-level programming, learning the fundamentals of programming in a language such as Python or Java. The goal of the course is to understand not just programming, but how computers are designed, and how those designs are reflected in the way we program them.

TE01 COMP 4xx/5xx: Advanced Information Security and Privacy Research Seminar
Spring 2025, Fall 2024, Spring 2024, Fall 2023, Spring 2023, Fall 2022, Spring 2022, Fall 2021, Spring 2021, Fall 2020, Spring 2020, Fall 2019, Spring 2019, Fall 2018
In this research seminar students will work together on a research project that is advancing knowledge in information security and privacy. During their work they will not only gain experience in security and privacy, but in web and mobile app engineering as well. Students will also have the opportunity to co-author a paper to be submitted at a top-tier academic security and privacy venue.

Review Service

2024 Communications of the ACM (CACM)
2022 NSF Review Panel Computer Science and Engineering (October) (CISE)
2022 NSF Review Panel Computer Science and Engineering (April/May) (CISE)
2022 NSF Review Panel and Ad Hoc Review Computer Science and Engineering (CISE)
2021 NSF Review Panel Computer Science and Engineering (CISE)
2019 AAAI 2019 Spring Symposium on Privacy-Enhancing Artificial Intelligence and Language Technologies (PAL)
2018 International World Wide Web Conference (WWW)
2016 Privacy Enhancing Technologies Symposium (PETS)
2015 ACM Transactions on Information and System Security (TISSEC)
2013 IEEE Security & Privacy (S&P)
2013 20th ACM Conference on Computer and Communications Security (CCS)
2013 1st ACM Conference on Online Social Networks (COSN)

Wesleyan Service

F23-S24 Admissions Liaison for Division III (Natural Science and Mathematics)
F23-S24 AI Speaker Series Co-organizer
F23 Generative AI Faculty Ambassador
S23 Shasha Seminar for Human Concerns “A Roadmap for Internet Privacy” Organizer
F22-S23 Mathematics & Computer Science Faculty Search Committee Co-chair
F22+ Mathematics & Computer Science Website Coordinator
S22+ Computer Science Undergraduate Club Code_Wes Liaison
F19-S21 Computer Science Advisory Committee (CADCOM) Co-chair
F18+ Computer Science Lecture Series Organizer
F18-S20 Security Advisory Group Member
F18-S20 Library Committee and Science Library Faculty Committee Chair
F18-S20 Financial Economics Faculty Study Group Co-chair

Associations

2024+ Invited Expert
World Wide Web Consortium (W3C)

2021+ Fellow in Applied Computational Data Analysis
Wesleyan University

2021-2022 Data Rights Protocol Technical Advisors Board Member
Consumer Reports

2020+ Global Privacy Control Group Co-chair and Founder
Global Privacy Control Group

2019-2021 Governance Research in Artificial Intelligence Leadership (GRAIL) Network Member
Center for Democracy and Technology and R Street Institute

2010+ The State Bar of California Member
Inactive Status