Lorrie Faith Cranor

Orcid: 0000-0003-2125-0124

Affiliations:
  • Carnegie Mellon University, Pittsburgh, USA


According to our database1, Lorrie Faith Cranor authored at least 262 papers between 1994 and 2024.

Collaborative distances:

Awards

ACM Fellow

ACM Fellow 2014, "For contributions to research and education in usable privacy and security.".

IEEE Fellow

IEEE Fellow 2016, "For contributions to privacy engineering".

Timeline

Legend:

Book 
In proceedings 
Article 
PhD thesis 
Dataset
Other 

Links

Online presence:

On csauthors.net:

Bibliography

2024
Matcha: An IDE Plugin for Creating Accurate Privacy Nutrition Labels.
Proc. ACM Interact. Mob. Wearable Ubiquitous Technol., March, 2024

Internet of Things Security and Privacy Labels Should Empower Consumers.
Commun. ACM, March, 2024

What Do Privacy Advertisements Communicate to Consumers?
Proc. Priv. Enhancing Technol., 2024

Data Safety vs. App Privacy: Comparing the Usability of Android and iOS Privacy Labels.
Proc. Priv. Enhancing Technol., 2024

Crumbling Cookie Categories: Deconstructing Common Cookie Categories to Create Categories that People Understand.
Proc. Priv. Enhancing Technol., 2024

Exploring the Privacy Experiences of Closeted Users of Online Dating Services in the US.
Proc. Priv. Enhancing Technol., 2024

Conference Submission and Review Policies to Foster Responsible Computing Research.
CoRR, 2024

Recruiting Teenage Participants for an Online Security Experiment: A Case Study Using Peachjar.
CoRR, 2024

Work-From-Home and Privacy: What Do Workers Face and What are They Doing About it?
CoRR, 2024

The Role of User-Agent Interactions on Mobile Money Practices in Kenya and Tanzania.
Proceedings of the IEEE Symposium on Security and Privacy, 2024

Exploring Expandable-Grid Designs to Make iOS App Privacy Labels More Usable.
Proceedings of the Twentieth Symposium on Usable Privacy and Security, 2024

"It was honestly just gambling": Investigating the Experiences of Teenage Cryptocurrency Users on Reddit.
Proceedings of the Twentieth Symposium on Usable Privacy and Security, 2024

Privacy Perceptions and Behaviors of Google Personal Account Holders in Saudi Arabia.
Proceedings of the HCI for Cybersecurity, Privacy and Trust, 2024

Detection and Impact of Debit/Credit Card Fraud: Victims' Experiences.
Proceedings of the 2024 European Symposium on Usable Security, 2024

Interdisciplinary Approaches to Cybervulnerability Impact Assessment for Energy Critical Infrastructure.
Proceedings of the CHI Conference on Human Factors in Computing Systems, 2024

Is a Trustmark and QR Code Enough? The Effect of IoT Security and Privacy Label Information Complexity on Consumer Comprehension and Behavior.
Proceedings of the CHI Conference on Human Factors in Computing Systems, 2024

2023
Speculative Privacy Concerns about AR Glasses Data Collection.
Proc. Priv. Enhancing Technol., October, 2023

Metrics for Success: Why and How to Evaluate Privacy Choice Usability.
Commun. ACM, March, 2023

Is There a Reverse Privacy Paradox? An Exploratory Analysis of Gaps Between Privacy Perspectives and Privacy-Seeking Behaviors.
Proc. Priv. Enhancing Technol., January, 2023

A 20th Anniversary Episode Chat With S&P Editors George Cybenko, Carl Landwehr, Shari Lawrence Pfleeger, and Sean Peisert.
IEEE Secur. Priv., 2023

Katie Moussouris: Vulnerability Disclosure and Security Workforce Development.
IEEE Secur. Priv., 2023

User Experiences with Third-Party SIM Cards and ID Registration in Kenya and Tanzania.
CoRR, 2023

Are Consumers Willing to Pay for Security and Privacy of IoT Devices?
Proceedings of the 32nd USENIX Security Symposium, 2023

Less is Not More: Improving Findability and Actionability of Privacy Controls for Online Behavioral Advertising.
Proceedings of the 2023 CHI Conference on Human Factors in Computing Systems, 2023

A US-UK Usability Evaluation of Consent Management Platform Cookie Consent Interface Design on Desktop and Mobile.
Proceedings of the 2023 CHI Conference on Human Factors in Computing Systems, 2023

2022
How Do Home Computer Users Browse the Web?
ACM Trans. Web, 2022

How Usable Are iOS App Privacy Labels?
Proc. Priv. Enhancing Technol., 2022

Increasing Adoption of Tor Browser Using Informational and Planning Nudges.
Proc. Priv. Enhancing Technol., 2022

User-friendly yet rarely read: A case study on the redesign of an online HIPAA authorization.
Proc. Priv. Enhancing Technol., 2022

Identifying User Needs for Advertising Controls on Facebook.
Proc. ACM Hum. Comput. Interact., 2022

An Informative Security and Privacy "Nutrition" Label for Internet of Things Devices.
IEEE Secur. Priv., 2022

High Assurance in the Twenty-First Century With Roger Schell.
IEEE Secur. Priv., 2022

Is a privacy crisis experienced, a privacy crisis avoided?
Commun. ACM, 2022

Mobile-app privacy nutrition labels missing key ingredients for success.
Commun. ACM, 2022

Cookie monster.
Commun. ACM, 2022

Evaluating the Usability of Privacy Choice Mechanisms.
Proceedings of the Eighteenth Symposium on Usable Privacy and Security, 2022

Detecting iPhone Security Compromise in Simulated Stalking Scenarios: Strategies and Obstacles.
Proceedings of the Eighteenth Symposium on Usable Privacy and Security, 2022

Is it a concern or a preference? An investigation into the ability of privacy scales to capture and distinguish granular privacy constructs.
Proceedings of the Eighteenth Symposium on Usable Privacy and Security, 2022

Understanding Challenges for Developers to Create Accurate Privacy Nutrition Labels.
Proceedings of the CHI '22: CHI Conference on Human Factors in Computing Systems, New Orleans, LA, USA, 29 April 2022, 2022

Understanding iOS Privacy Nutrition Labels: An Exploratory Large-Scale Analysis of App Store Data.
Proceedings of the CHI '22: CHI Conference on Human Factors in Computing Systems, New Orleans, LA, USA, 29 April 2022, 2022

"Okay, whatever": An Evaluation of Cookie Consent Interfaces.
Proceedings of the CHI '22: CHI Conference on Human Factors in Computing Systems, New Orleans, LA, USA, 29 April 2022, 2022

2021
A Systematic Literature Review of Empirical Methods and Risk Representation in Usable Privacy and Security Research.
ACM Trans. Comput. Hum. Interact., 2021

"Did you know this camera tracks your mood?": Understanding Privacy Expectations and Preferences in the Age of Video Analytics.
Proc. Priv. Enhancing Technol., 2021

Awareness, Adoption, and Misconceptions of Web Privacy Tools.
Proc. Priv. Enhancing Technol., 2021

A Discussion of Election Security, Cryptography, and Exceptional Access With Michael Alan Specter.
IEEE Secur. Priv., 2021

A Discussion of Public Health, Trust, and Privacy With Susan Landau.
IEEE Secur. Priv., 2021

Privacy engineering superheroes.
Commun. ACM, 2021

Lessons from the loo.
Commun. ACM, 2021

Informing California privacy regulations with evidence from research.
Commun. ACM, 2021

Which Privacy and Security Attributes Most Impact Consumers' Risk Perception and Willingness to Purchase IoT Devices?
Proceedings of the 42nd IEEE Symposium on Security and Privacy, 2021

"You Gotta Watch What You Say": Surveillance of Communication with Incarcerated People.
Proceedings of the CHI '21: CHI Conference on Human Factors in Computing Systems, 2021

Toggles, Dollar Signs, and Triangles: How to (In)Effectively Convey Privacy Choices with Icons and Link Texts.
Proceedings of the CHI '21: CHI Conference on Human Factors in Computing Systems, 2021

2020
Digital contact tracing may protect privacy, but it is unlikely to stop the pandemic.
Commun. ACM, 2020

Finding a Choice in a Haystack: Automatic Extraction of Opt-Out Statements from Privacy Policy Text.
Proceedings of the WWW '20: The Web Conference 2020, Taipei, Taiwan, April 20-24, 2020, 2020

Ask the Experts: What Should Be on an IoT Privacy and Security Label?
Proceedings of the 2020 IEEE Symposium on Security and Privacy, 2020

From Intent to Action: Nudging Users Towards Secure Mobile Payments.
Proceedings of the Sixteenth Symposium on Usable Privacy and Security, 2020

HCI Ethics, Privacy, Accessibility, and the Environment: A Town Hall Forum on Global Policy Issues.
Proceedings of the Extended Abstracts of the 2020 CHI Conference on Human Factors in Computing Systems, 2020

"It's a scavenger hunt": Usability of Websites' Opt-Out and Data Deletion Choices.
Proceedings of the CHI '20: CHI Conference on Human Factors in Computing Systems, 2020

Informing the Design of a Personalized Privacy Assistant for the Internet of Things.
Proceedings of the CHI '20: CHI Conference on Human Factors in Computing Systems, 2020

Practical Recommendations for Stronger, More Usable Passwords Combining Minimum-strength, Minimum-length, and Blocklist Requirements.
Proceedings of the CCS '20: 2020 ACM SIGSAC Conference on Computer and Communications Security, 2020

2019
Disposition toward privacy and information disclosure in the context of emerging health technologies.
J. Am. Medical Informatics Assoc., 2019

An Empirical Analysis of Data Deletion and Opt-Out Choices on 150 Websites.
Proceedings of the Fifteenth Symposium on Usable Privacy and Security, 2019

Exploring How Privacy and Security Factor into IoT Device Purchase Behavior.
Proceedings of the 2019 CHI Conference on Human Factors in Computing Systems, 2019

2018
Turtles, Locks, and Bathrooms: Understanding Mental Models of Privacy Through Illustration.
Proc. Priv. Enhancing Technol., 2018

The Influence of Friends and Experts on Privacy Decision Making in IoT Scenarios.
Proc. ACM Hum. Comput. Interact., 2018

User Behaviors and Attitudes Under Password Expiration Policies.
Proceedings of the Fourteenth Symposium on Usable Privacy and Security, 2018

Away From Prying Eyes: Analyzing Usage and Understanding of Private Browsing.
Proceedings of the Fourteenth Symposium on Usable Privacy and Security, 2018

SIGCHI Social Impact Award Talk - Making Privacy and Security More Usable.
Proceedings of the Extended Abstracts of the 2018 CHI Conference on Human Factors in Computing Systems, 2018

"It's not actually that horrible": Exploring Adoption of Two-Factor Authentication at a University.
Proceedings of the 2018 CHI Conference on Human Factors in Computing Systems, 2018

2017
Better Passwords through Science (and Neural Networks).
login Usenix Mag., 2017

Designing Effective Privacy Notices and Controls.
IEEE Internet Comput., 2017

Nudges for Privacy and Security: Understanding and Assisting Users' Choices Online.
ACM Comput. Surv., 2017

Push-Button Verification of File Systems via Crash Refinement.
Proceedings of the 2017 USENIX Annual Technical Conference, 2017

Fast, Lean, and Accurate: Modeling Password Guessability Using Neural Networks.
Proceedings of the 2017 USENIX Annual Technical Conference, 2017

Diversify to Survive: Making Passwords Stronger with Adaptive Policies.
Proceedings of the Thirteenth Symposium on Usable Privacy and Security, 2017

Privacy Expectations and Preferences in an IoT World.
Proceedings of the Thirteenth Symposium on Usable Privacy and Security, 2017

Design and Evaluation of a Data-Driven Password Meter.
Proceedings of the 2017 CHI Conference on Human Factors in Computing Systems, 2017

Can Unicorns Help Users Compare Crypto Key Fingerprints?
Proceedings of the 2017 CHI Conference on Human Factors in Computing Systems, 2017

Exploring Topic-Based Sharing Mechanisms.
Proceedings of the 2017 CHI Conference on Human Factors in Computing Systems, 2017

Let's Go in for a Closer Look: Observing Passwords in Their Natural Habitat.
Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, 2017

2016
Designing Password Policies for Strength and Usability.
ACM Trans. Inf. Syst. Secur., 2016

Human-Computer Interaction and International Public Policymaking: A Framework for Understanding and Taking Future Actions.
Found. Trends Hum. Comput. Interact., 2016

Towards a Privacy Research Roadmap for the Computing Community.
CoRR, 2016

Fast, Lean, and Accurate: Modeling Password Guessability Using Neural Networks.
Proceedings of the 25th USENIX Security Symposium, 2016

How Short Is Too Short? Implications of Length and Framing on the Effectiveness of Privacy Notices.
Proceedings of the Twelfth Symposium on Usable Privacy and Security, 2016

Do or Do Not, There Is No Try: User Engagement May Not Improve Security Outcomes.
Proceedings of the Twelfth Symposium on Usable Privacy and Security, 2016

Do Users' Perceptions of Password Security Match Reality?
Proceedings of the 2016 CHI Conference on Human Factors in Computing Systems, 2016

Sharing Personal Content Online: Exploring Channel Choice and Multi-Channel Behaviors.
Proceedings of the 2016 CHI Conference on Human Factors in Computing Systems, 2016

Usability and Security of Text Passwords on Mobile Devices.
Proceedings of the 2016 CHI Conference on Human Factors in Computing Systems, 2016

Science and Service, Innovation and Inspiration: Celebrating the Life of John Karat.
Proceedings of the 2016 CHI Conference on Human Factors in Computing Systems, 2016

2015
Measuring Real-World Accuracies and Biases in Modeling Password Guessability.
Proceedings of the 24th USENIX Security Symposium, 2015

"I Added '!' at the End to Make It Secure": Observing Password Creation in the Lab.
Proceedings of the Eleventh Symposium On Usable Privacy and Security, 2015

A Design Space for Effective Privacy Notices.
Proceedings of the Eleventh Symposium On Usable Privacy and Security, 2015

Spaced Repetition and Mnemonics Enable Recall of Multiple Strong Passwords.
Proceedings of the 22nd Annual Network and Distributed System Security Symposium, 2015

Computational ontology of network operations.
Proceedings of the 34th IEEE Military Communications Conference, 2015

I Would Like To..., I Shouldn't..., I Wish I...: Exploring Behavior-Change Goals for Social Networking Sites.
Proceedings of the 18th ACM Conference on Computer Supported Cooperative Work & Social Computing, 2015

A Spoonful of Sugar?: The Impact of Guidance and Feedback on Password-Creation Behavior.
Proceedings of the 33rd Annual ACM Conference on Human Factors in Computing Systems, 2015

Your Location has been Shared 5, 398 Times!: A Field Study on Mobile App Privacy Nudging.
Proceedings of the 33rd Annual ACM Conference on Human Factors in Computing Systems, 2015

Supporting Privacy-Conscious App Update Decisions with User Reviews.
Proceedings of the 5th Annual ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices, 2015

The Impact of Timing on the Salience of Smartphone App Privacy Notices.
Proceedings of the 5th Annual ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices, 2015

2014
Better Together: Usability and Security Go Hand in Hand.
IEEE Secur. Priv., 2014

Improving App Privacy: Nudging App Developers to Protect User Privacy.
IEEE Secur. Priv., 2014

Telepathwords: Preventing Weak Passwords by Reading Users' Minds.
Proceedings of the 23rd USENIX Security Symposium, San Diego, CA, USA, August 20-22, 2014., 2014

Building an Ontology of Cyber Security.
Proceedings of the Ninth Conference on Semantic Technology for Intelligence, 2014

Parents' and Teens' Perspectives on Privacy In a Technology-Filled World.
Proceedings of the Tenth Symposium on Usable Privacy and Security, 2014

Harder to Ignore? Revisiting Pop-Up Fatigue and Approaches to Prevent It.
Proceedings of the Tenth Symposium on Usable Privacy and Security, 2014

General Requirements of a Hybrid-Modeling Framework for Cyber Security.
Proceedings of the 2014 IEEE Military Communications Conference, 2014

Building the security behavior observatory: an infrastructure for long-term monitoring of client machines.
Proceedings of the 2014 Symposium and Bootcamp on the Science of Security, 2014

Can long passwords be secure and usable?
Proceedings of the CHI Conference on Human Factors in Computing Systems, 2014

Electronic privacy and surveillance.
Proceedings of the CHI Conference on Human Factors in Computing Systems, 2014

A field trial of privacy nudges for facebook.
Proceedings of the CHI Conference on Human Factors in Computing Systems, 2014

2013
A Shortage of Privacy Engineers.
IEEE Secur. Priv., 2013

Privacy nudges for social media: an exploratory Facebook study.
Proceedings of the 22nd International World Wide Web Conference, 2013

The post anachronism: the temporal dimension of facebook privacy.
Proceedings of the 12th annual ACM Workshop on Privacy in the Electronic Society, 2013

What matters to users?: factors that affect users' willingness to share information with online advertisers.
Proceedings of the Symposium On Usable Privacy and Security, 2013

Your attention please: designing security-decision UIs to make genuine risks harder to ignore.
Proceedings of the Symposium On Usable Privacy and Security, 2013

"Little brothers watching you": raising awareness of data leaks on smartphones.
Proceedings of the Symposium On Usable Privacy and Security, 2013

Is it the Typeset or the Type of Statistics? Disfluent Font does not Reduce Self-disclosure.
Proceedings of the 2013 Workshop on Learning from Authoritative Security Experiment Results, 2013

Privacy manipulation and acclimation in a location sharing application.
Proceedings of the 2013 ACM International Joint Conference on Pervasive and Ubiquitous Computing, 2013

QRishing: The Susceptibility of Smartphone Users to QR Code Phishing Attacks.
Proceedings of the Financial Cryptography and Data Security, 2013

The Impact of Length and Mathematical Operators on the Usability and Security of System-Assigned One-Time PINs.
Proceedings of the Financial Cryptography and Data Security, 2013

The post that wasn't: exploring self-censorship on facebook.
Proceedings of the Computer Supported Cooperative Work, 2013

"i read my Twitter the next morning and was astonished": a conversational perspective on Twitter regrets.
Proceedings of the 2013 ACM SIGCHI Conference on Human Factors in Computing Systems, 2013

Privacy as part of the app decision-making process.
Proceedings of the 2013 ACM SIGCHI Conference on Human Factors in Computing Systems, 2013

Measuring password guessability for an entire university.
Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, 2013

2012
Helping Users Create Better Passwords.
login Usenix Mag., 2012

Personalization and privacy: a survey of privacy risks and remedies in personalization-based systems.
User Model. User Adapt. Interact., 2012

Necessary But Not Sufficient: Standardized Mechanisms for Privacy Notice and Choice.
J. Telecommun. High Technol. Law, 2012

Can Users Control Online Behavioral Advertising Effectively?
IEEE Secur. Priv., 2012

What do online behavioral advertising privacy disclosures communicate to users?
Proceedings of the 11th annual ACM Workshop on Privacy in the Electronic Society, 2012

How Does Your Password Measure Up? The Effect of Strength Meters on Password Creation.
Proceedings of the 21th USENIX Security Symposium, Bellevue, WA, USA, August 8-10, 2012, 2012

Guess Again (and Again and Again): Measuring Password Strength by Simulating Password-Cracking Algorithms.
Proceedings of the IEEE Symposium on Security and Privacy, 2012

Smart, useful, scary, creepy: perceptions of online behavioral advertising.
Proceedings of the Symposium On Usable Privacy and Security, 2012

Correct horse battery staple: exploring the usability of system-assigned passphrases.
Proceedings of the Symposium On Usable Privacy and Security, 2012

Out of sight, out of mind: Effects of displaying access-control information near the item it controls.
Proceedings of the Tenth Annual International Conference on Privacy, Security and Trust, 2012

A Conundrum of Permissions: Installing Applications on an Android Smartphone.
Proceedings of the Financial Cryptography and Data Security, 2012

Why Johnny can't opt out: a usability evaluation of tools to limit online behavioral advertising.
Proceedings of the CHI Conference on Human Factors in Computing Systems, 2012

Tag, you can see it!: using tags for access control in photo sharing.
Proceedings of the CHI Conference on Human Factors in Computing Systems, 2012

Operating system framed in case of mistaken identity: measuring the success of web-based spoofing attacks on OS password-entry dialogs.
Proceedings of the ACM Conference on Computer and Communications Security, 2012

2011
Platform for Privacy Preferences (P3P).
Proceedings of the Encyclopedia of Cryptography and Security, 2nd Ed., 2011

CANTINA+: A Feature-Rich Machine Learning Framework for Detecting Phishing Web Sites.
ACM Trans. Inf. Syst. Secur., 2011

Capturing location-privacy preferences: quantifying accuracy and user-burden tradeoffs.
Pers. Ubiquitous Comput., 2011

The Effect of Online Privacy Information on Purchasing Behavior: An Experimental Study.
Inf. Syst. Res., 2011

Bridging the Gap in Computer Security Warnings: A Mental Model Approach.
IEEE Secur. Priv., 2011

I know where you live: analyzing privacy protection in public databases.
Proceedings of the 10th annual ACM workshop on Privacy in the electronic society, 2011

Who Is Concerned about What? A Study of American, Chinese and Indian Users' Privacy Concerns on Social Network Sites - (Short Paper).
Proceedings of the Trust and Trustworthy Computing - 4th International Conference, 2011

"I regretted the minute I pressed share": a qualitative study of regrets on Facebook.
Proceedings of the Symposium On Usable Privacy and Security, 2011

An Investigation into Facebook Friend Grouping.
Proceedings of the Human-Computer Interaction - INTERACT 2011, 2011

Improving Computer Security Dialogs.
Proceedings of the Human-Computer Interaction - INTERACT 2011, 2011

Usability of Forensics Tools: A User Study.
Proceedings of the Sixth International Conference on IT Security Incident Management and IT Forensics, 2011

Are you close with me? are you nearby?: investigating social groups, closeness, and willingness to share.
Proceedings of the UbiComp 2011: Ubiquitous Computing, 13th International Conference, 2011

Adapt-a-ride: understanding the dynamics of commuting preferences through an experience design framework.
Proceedings of the Designing Pleasurable Products and Interfaces, 2011

More than skin deep: measuring effects of the underlying model on access-control system usability.
Proceedings of the International Conference on Human Factors in Computing Systems, 2011

Exploring reactive access control.
Proceedings of the International Conference on Human Factors in Computing Systems, 2011

Of passwords and people: measuring the effect of password-composition policies.
Proceedings of the International Conference on Human Factors in Computing Systems, 2011

When are users comfortable sharing locations with advertisers?
Proceedings of the International Conference on Human Factors in Computing Systems, 2011

2010
Teaching Johnny not to fall for phish.
ACM Trans. Internet Techn., 2010

Institutional review boards and your research.
Commun. ACM, 2010

Americans' attitudes about internet behavioral advertising practices.
Proceedings of the 2010 ACM Workshop on Privacy in the Electronic Society, 2010

Token attempt: the misrepresentation of website privacy policies through the misuse of p3p compact policy tokens.
Proceedings of the 2010 ACM Workshop on Privacy in the Electronic Society, 2010

Encountering stronger password requirements: user attitudes and behaviors.
Proceedings of the Sixth Symposium on Usable Privacy and Security, 2010

Empirical models of privacy in location sharing.
Proceedings of the UbiComp 2010: Ubiquitous Computing, 12th International Conference, 2010

Locaccino: a privacy-centric location sharing application.
Proceedings of the UbiComp 2010: Ubiquitous Computing, 12th International Conference, 2010

Ethical Concerns in Computer Security and Privacy Research Involving Human Subjects.
Proceedings of the Financial Cryptography and Data Security, 2010

Users Do the Darndest Things: True Stories from the CyLab Usable Privacy and Security Laboratory.
Proceedings of the Financial Cryptography and Data Security, 14th International Conference, 2010

Who falls for phish?: a demographic analysis of phishing susceptibility and effectiveness of interventions.
Proceedings of the 28th International Conference on Human Factors in Computing Systems, 2010

Access control for home data sharing: evaluating social acceptability.
Proceedings of the 28th International Conference on Human Factors in Computing Systems, 2010

Standardizing privacy notices: an online study of the nutrition label approach.
Proceedings of the 28th International Conference on Human Factors in Computing Systems, 2010

Are your participants gaming the system?: screening mechanical turk workers.
Proceedings of the 28th International Conference on Human Factors in Computing Systems, 2010

2009
Perspective: Semantic Data Management for the Home.
login Usenix Mag., 2009

Engineering Privacy.
IEEE Trans. Software Eng., 2009

Understanding and capturing people's privacy policies in a mobile social networking application.
Pers. Ubiquitous Comput., 2009

Policy framework for security and privacy management.
IBM J. Res. Dev., 2009

Analysis of privacy and security policies.
IBM J. Res. Dev., 2009

Crying Wolf: An Empirical Study of SSL Warning Effectiveness.
Proceedings of the 18th USENIX Security Symposium, 2009

Who's viewed you?: the impact of feedback in a mobile location-sharing application.
Proceedings of the 5th Symposium on Usable Privacy and Security, 2009

The impact of privacy indicators on search engine browsing patterns.
Proceedings of the 5th Symposium on Usable Privacy and Security, 2009

Analyzing use of privacy policy attributes in a location sharing application.
Proceedings of the 5th Symposium on Usable Privacy and Security, 2009

A user study of the expandable grid applied to P3P privacy policy visualization.
Proceedings of the 5th Symposium on Usable Privacy and Security, 2009

A comparative study of online privacy policies and formats.
Proceedings of the 5th Symposium on Usable Privacy and Security, 2009

School of phish: a real-word evaluation of anti-phishing training.
Proceedings of the 5th Symposium on Usable Privacy and Security, 2009

A "nutrition label" for privacy.
Proceedings of the 5th Symposium on Usable Privacy and Security, 2009

The impact of expressiveness on the effectiveness of privacy mechanisms for location-sharing.
Proceedings of the 5th Symposium on Usable Privacy and Security, 2009

Improving phishing countermeasures: An analysis of expert interviews.
Proceedings of the 2009 eCrime Researchers Summit, 2009

Timing is everything?: the effects of timing and placement of online privacy indicators.
Proceedings of the 27th International Conference on Human Factors in Computing Systems, 2009

Real life challenges in access-control management.
Proceedings of the 27th International Conference on Human Factors in Computing Systems, 2009

2008
P3P deployment on websites.
Electron. Commer. Res. Appl., 2008

A Framework for Reasoning About the Human in the Loop.
Proceedings of the Usability, Psychology, and Security, 2008

Lessons from a real world evaluation of anti-phishing training.
Proceedings of the 2008 eCrime Researchers Summit, 2008

Expandable grids for visualizing and authoring computer security policies.
Proceedings of the 2008 Conference on Human Factors in Computing Systems, 2008

You've been warned: an empirical study of the effectiveness of web browser phishing warnings.
Proceedings of the 2008 Conference on Human Factors in Computing Systems, 2008

A user study of policy creation in a flexible access-control system.
Proceedings of the 2008 Conference on Human Factors in Computing Systems, 2008

User-controllable learning of security and privacy policies.
Proceedings of the 1st ACM Workshop on Security and Artificial Intelligence, 2008

A Survey to Guide Group Key Protocol Development.
Proceedings of the Twenty-Fourth Annual Computer Security Applications Conference, 2008

2007
Cantina: a content-based approach to detecting phishing web sites.
Proceedings of the 16th International Conference on World Wide Web, 2007

User-Controllable Security and Privacy for Pervasive Computing.
Proceedings of the Eighth IEEE Workshop on Mobile Computing Systems and Applications, 2007

Anti-Phishing Phil: the design and evaluation of a game that teaches people not to fall for phish.
Proceedings of the 3rd Symposium on Usable Privacy and Security, 2007

Lessons learned from the deployment of a smartphone-based access-control system.
Proceedings of the 3rd Symposium on Usable Privacy and Security, 2007

Phinding Phish: An Evaluation of Anti-Phishing Toolbars.
Proceedings of the Network and Distributed System Security Symposium, 2007

Getting users to pay attention to anti-phishing education: evaluation of retention and transfer.
Proceedings of the Anti-Phishing Working Groups 2nd Annual eCrime Researchers Summit 2007, 2007

Behavioral response to phishing risk.
Proceedings of the Anti-Phishing Working Groups 2nd Annual eCrime Researchers Summit 2007, 2007

Protecting people from phishing: the design and evaluation of an embedded training email system.
Proceedings of the 2007 Conference on Human Factors in Computing Systems, 2007

2006
User interfaces for privacy agents.
ACM Trans. Comput. Hum. Interact., 2006

What do they "indicate?": evaluating security and privacy indicators.
Interactions, 2006

Scrubbing Stubborn Data: An Evaluation of Counter-Forensic Privacy Tools.
IEEE Secur. Priv., 2006

Human selection of mnemonic phrase-based passwords.
Proceedings of the 2nd Symposium on Usable Privacy and Security, 2006

Power strips, prophylactics, and privacy, oh my!
Proceedings of the 2nd Symposium on Usable Privacy and Security, 2006

Decision strategies and susceptibility to phishing.
Proceedings of the 2nd Symposium on Usable Privacy and Security, 2006

Trust modelling for online transactions: a phishing scenario.
Proceedings of the 2006 International Conference on Privacy, 2006

Vicarious infringement creates a privacy ceiling.
Proceedings of the Sixth ACM Workshop on Digital Rights Management, 2006

An analysis of P3P-enabled web sites among top-20 search results.
Proceedings of the 8th International Conference on Electronic Commerce: The new e-commerce, 2006

2005
Giving notice: why privacy policies and security breach notifications aren't enough.
IEEE Commun. Mag., 2005

Towards usable Web privacy and security.
Proceedings of the 14th international conference on World Wide Web, 2005

Peripheral privacy notifications for wireless networks.
Proceedings of the 2005 ACM Workshop on Privacy in the Electronic Society, 2005

Hey, That's Personal!
Proceedings of the User Modeling 2005, 2005

Privacy in India: Attitudes and Awareness.
Proceedings of the Privacy Enhancing Technologies, 5th International Workshop, 2005

2004
Guest Editors' Introduction: Secure or Usable?
IEEE Secur. Priv., 2004

Searching for Privacy: Design and Implementation of a P3P-Enabled Search Engine.
Proceedings of the Privacy Enhancing Technologies, 4th International Workshop, 2004

I Didn't buy It for Myself.
Proceedings of the Designing Personalized User Experiences in eCommerce, 2004

2003
In Search of the Perfect Voting Technology: No Easy Answers.
Proceedings of the Secure Electronic Voting, 2003

Communications policy and information technology.
Ubiquity, 2003

P3P: Making Privacy Policies More Useful.
IEEE Secur. Priv., 2003

'I didn't buy it for myself' privacy and ecommerce personalization.
Proceedings of the 2003 ACM Workshop on Privacy in the Electronic Society, 2003

Analysis of security vulnerabilities in the movie production and distribution process.
Proceedings of the 2003 ACM workshop on Digital rights management 2003, Washington, 2003

Automated analysis of P3P-enabled Web sites.
Proceedings of the 5th International Conference on Electronic Commerce, 2003

2002
SPECIAL SECTION: Computers, Freedom and Privacy.
Inf. Soc., 2002

Letter from the Special Section Editors, Ten Years of Computers, Freedom and Privacy.
Inf. Soc., 2002

Use of a P3P user agent by early adopters.
Proceedings of the 2002 ACM Workshop on Privacy in the Electronic Society, 2002

The role of privacy advocates and data protection authorities in the design and deployment of the platform for privacy preferences.
Proceedings of the 12th Annual Conference on Computers, Freedom and Privacy, 2002

Web privacy with P3P - the platform for privacy preferences.
O'Reilly, ISBN: 978-0-596-00371-5, 2002

2001
Voting after Florida: no easy answers.
Ubiquity, 2001

The architecture of robust publishing systems.
ACM Trans. Internet Techn., 2001

Internet voting for public officials: introduction.
Commun. ACM, 2001

2000
Platform for Privacy Preferences - P3P.
Datenschutz und Datensicherheit, 2000

Agents of Choice: Tools that Facilitate Notice and Choice about Web Site Data Practices
CoRR, 2000

Publius: A Robust, Tamper-Evident, Censorship-Resistant, and Source-Anonymous Web Publishing System.
Proceedings of the 9th USENIX Security Symposium, 2000

Influencing software usage.
Proceedings of the Tenth Conference on Computers, 2000

Ten years of computers, freedom and privacy: a personal retrospective.
Proceedings of the Tenth Conference on Computers, 2000

1999
Beyond Concern: Understanding Net Users' Attitudes About Online Privacy
CoRR, 1999

The Platform for Privacy Preferences.
Commun. ACM, 1999

Internet Privacy - Introduction.
Commun. ACM, 1999

Minding Your Own Business: The Platform for Privacy Preferences Project and Privacy Minder.
Proceedings of the FREENIX Track: 1999 USENIX Annual Technical Conference, 1999

Privacy in e-commerce: examining user scenarios and privacy preferences.
Proceedings of the First ACM Conference on Electronic Commerce (EC-99), 1999

Privacy critics: UI components to safeguard users' privacy.
Proceedings of the CHI '99 Extended Abstracts on Human Factors in Computing Systems, 1999

1998
Bias and responsibility in 'neutral' social protocols.
SIGCAS Comput. Soc., 1998

Laws, Self-Regulation, and P3P: Will W3C's Privacy Platform Help Make the Web Safe for Privacy?
Comput. Networks, 1998

Commun. ACM, 1998

Requirements for a P3P Query Language.
Proceedings of the Query Languages Workshop, Boston, 1998

1997
Sensus: A Security-Conscious Electronic Polling System for the Internet.
Proceedings of the 30th Annual Hawaii International Conference on System Sciences (HICSS-30), 1997

1996
Research posters 101.
XRDS, 1996

Electronic voting: computerized polls may save money, protect privacy.
XRDS, 1996

The road less traveled: Internet collaboration: good, bad, and downright ugly.
XRDS, 1996

1995
Conference report: conferences offer insifhts into how computers may affect our future.
XRDS, 1995

Digital liberties: free speech and privacy under attack in cyberspace.
XRDS, 1995

The Road Less Traveled: an alternative review of Doom II.
XRDS, 1995

email.
XRDS, 1995

The Road Less Traveled: it shouldn't be allowed!
XRDS, 1995

Road crew: students at work.
XRDS, 1995

1994
Programs worth one thousand words: visual languages bring programming to the masses.
XRDS, 1994

Book review: email style book jumps on the Internet bandwagon.
XRDS, 1994

Programming Perl: an interview with Larry Wall.
XRDS, 1994

The Road Less Traveled: stop and smell the policy.
XRDS, 1994


  Loading...