Norman Sadeh

Professor of Computer Science, Software and Societal Systems Department
Co-Director, Privacy Engineering Program

Norman Sadeh is a Professor in the School of Computer Science at Carnegie Mellon University (CMU). Sadeh has (co-)founded and (co-)directed several groundbreaking graduate programs at CMU. This includes the Privacy Engineering Program (co-founder and co-director,2012-present), the Ph.D. Program in Societal Computing (co-founder and co-director, 2003-2013), and the MBA track in Technology Strategy and Product Management launched jointly by the Tepper School of Business and the School of Computer Science (co-founder and director, 2005-2017). Sadeh's current research interests include cybersecurity, online privacy, Human-AI Interaction, AI governance, mobile computing, the Internet of Things, user-oriented machine learning, language technologies, and semantic web technologies.

Sadeh is well known for his pioneering work on AI-based privacy enhancing technologies, including the development of privacy assistants, the development of automated privacy compliance tools, and the development of NLP-based privacy enhancing technologies. He has also conducted foundational work on modeling people's privacy expectations and preferences and on privacy and security nudging. His work has been credited with influencing the development of privacy-enhancing solutions at companies that include Apple, Google and Facebook/Meta (e.g., more expressive mobile app permissions, background privacy reminders/nudges, privacy dashboards, privacy compliance tools, mobile app privacy labels). Sadeh is the lead designer of CMU's Privacy Infrastructure for the Internet of Things (IoT). Results of his research have also informed privacy policy and activities at regulatory agencies, including the Federal Trade Commission and the California Office of the Attorney General (e.g., mobile app privacy compliance, CCPA privacy opt-out notices, IoT privacy).

Sadeh is also a successful entrepreneur. He was the founding CEO and, until its acquisition, the chairman and chief scientist of Wombat Security Technologies, a company that defined the multi-billion dollar user-oriented cybersecurity market. Wombat was acquired by Proofpoint in February 2018. By that time Wombat had well over 2,000 corporate customers, and had been named a clear leader in the Gartner Group’s Magic Quadrant in Security Awareness Computer-Based Training for four years in a row (since the inception of Gartner’s Quadrant in this sector). It had also been identified as one of the 500 fastest growing technology companies in North America for three consecutive years in Deloitte’s Technology Fast 500. In May 2018, Sadeh was honored with the 2018 Outstanding Entrepreneur of the Year award from the Pittsburgh Venture Capital Association. As of 2024, technologies Norman developed with colleagues at CMU and Wombat are used to protect tens of millions of users around the world against cybersecurity attacks such as phishing, including employees at over 75 percent of the Fortune 100 companies.

Earlier in his career, Sadeh conducted seminal work in AI planning and scheduling, agent-based supply chain management, workflow management, automated trading, including the design and launch of the international supply chain trading agent competition. His work on constrained-based scheduling introduced a probabilistic model of the search space for constraint satisfaction problems and demonstrated how this model could inform the development of particularly effective variable and value ordering search heuristics. His work on agent-based supply chain management was among the very first to demonstrate the importance of modeling the decentralized and competitive nature of supply chains and of offering practical approaches for studying and managing these interactions. Products based on this earlier research were deployed and commercialized by organizations such as IBM, CACI, Raytheon, Mitsubishi, Boeing, Numetrix (eventually acquired by JDEdwards/PeopleSoft/Oracle), ILOG (eventually acquired by IBM), and the U.S. Army.

Sadeh's 2001 best-selling book on M-Commerce provided an overview of emerging trends and anticipated future developments that eventually coalesced into the emergence and broad adoption of smartphones. It highlighted usability, security and privacy challenges mobile commerce ecosystems would have to address, the need for standardized APIs for managing contextual attributes and associated privacy decisions and previewed how smart assistants would eventually usher a new wave of innovation in this space.

Sadeh's work with his collaborators on the livelihoods project, using social media data to interpret the dynamic patterns of cities and help understand their social fabric, was recognized with a test of time award by the AAAI Conference on Web and Social Media (ICWSM). His work on automatically recognizing mobile user activities while minimizing battery life has also influenced technologies found in most modern smartphones.

In the late nineties, Sadeh served as Chief Scientist of the EUR 550 million European Union's e-Commerce initiative, which included all pan-European research in cybersecurity and privacy as well as contributions to several major European public policy initiatives. The initiative resulted in the launch of over 200 multimillion-dollar projects involving over 1,000 European organizations from industry and academia, with half the funding provided by industry and the other half by the European Commission.

Sadeh received his Ph.D. in Computer Science at CMU with a major in Artificial Intelligence and a minor in Operations Research. He holds a MS degree in computer science from the University of Southern California and a BS/MS degree in electrical engineering and applied physics from the Free University of Brussels (Belgium) as “Ingénieur Civil Physicien.”

Sadeh's research as well as his views on cybersecurity, privacy, mobile and IoT technologies are often covered in the press (e.g. "The Wall Street Journal," "Wired," "The New York Times," "The Chronicle of Higher Education," "Pittsburgh Post-Gazette," "Kiplinger," "THe Huffington Post," "Fast Company," "TechCrunch").

Between 2008 and 2019, he was also a visiting professor at Hong Kong University, where he would spend two weeks each year.

Email: sadeh@cs.cmu.edu

Assistant: KC Turner

Google Scholar: Norman Sadeh

Websites: Norman Sadeh’s website

Education

1991 Ph.D., Computer Science, Carnegie Mellon University

1986 M.Sc., Computer Science, Univ. of Southern California

1985 Ingénieur Civil Physicien (5-year BS/MS degree), The Free University of Brussels