Directory

Norman Sadeh is a professor in the School of Computer Science at Carnegie Mellon University (CMU). He is director of CMU’s Mobile Commerce Laboratory and its e-Supply Chain Management Laboratory, co-Founder of the School’s Ph.D. Program in Societal Computing and co-Director of the MSIT program in Privacy Engineering. He also co-founded and for 12 years co-directed the MBA track in Technology Leadership launched jointly by the Tepper School of Business and the School of Computer Science in 2005. Sadeh’s current research interests include cybersecurity, online privacy, mobile computing, the Internet of Things, artificial intelligence, user-oriented machine learning, human computer interaction, language technologies, and semantic web technologies.

Sadeh is also well known for his seminal work in AI planning and scheduling, agent-based supply chain management, workflow management, automated trading, including the design and launch of the international supply chain trading agent competition. Products based on his research have been deployed and commercialized by organizations such as IBM, Raytheon, Mitsubishi, Boeing, Numetrix (eventually acquired by JD Edwards/PeopleSoft/Oracle), ILOG (eventually acquired by IBM), and the US Army. His privacy research has been credited with influencing the design of products at companies such as Facebook and Google as well as activities at the US Federal Trade Commission and the California Office of the Attorney General. His work on automatically recognizing mobile user activities while minimizing battery life has influenced technologies found in most modern smartphones.

Sadeh is also a successful entrepreneur, having served as founding CEO and, until its acquisition, as chairman and chief scientist of Wombat Security Technologies, a company he co-founded to commercialize anti-phishing technologies he developed as part of research with several of his colleagues at CMU. Together with his collaborators, he grew Wombat Security Technologies into a leading provider of anti-phishing and cybersecurity awareness training technologies. The company was acquired for $225M by Proofpoint (NASDAQ: PFPT) in February 2018. By that time Wombat had well over 2,000 corporate customers, and had been named a clear leader in the Gartner Group’s Magic Quadrant in Security Awareness Computer-Based Training for four years in a row (since the inception of Gartner’s Quadrant in this sector). It had also been identified as one of the 500 fastest growing technology companies in North America for three consecutive years in Deloitte’s Technology Fast 500. In May 2018, Norman was honored with the 2018 Outstanding Entrepreneur of the Year award from the Pittsburgh Venture Capital Association.

In the late nineties, Sadeh was program manager with the European Commission’s ESPRIT research program, prior to serving for two years as chief scientist of the EU’s EUR 550M (US$650M) initiative in “New Methods of Work and eCommerce,” which included all pan-European research in cybersecurity and privacy. As such, he was responsible for shaping European research priorities in collaboration with industry and universities across Europe. These activities eventually resulted in the launch of over 200 R&D projects involving over 1,000 European organizations from industry and research. While at the Commission, he also contributed to a number of EU policy initiatives related to eCommerce, the Internet, cybersecurity, privacy, and entrepreneurship.

Sadeh received his Ph.D. in Computer Science at CMU with a major in Artificial Intelligence and a minor in Operations Research. He holds a MS degree in computer science from the University of Southern California and a BS/MS degree in electrical engineering and applied physics from the Free University of Brussels (Belgium) as “Ingénieur Civil Physicien.”

Sadeh has authored or co-authored around 300 scientific publications. He is also the author of m-Commerce: Technologies, Services and Business Models, a best-selling book published by Wiley in April 2002. He served as general chair of the 2003 International Conference on Electronic Commerce and as editor-in-chief of Electronic Commerce Research Applications (ECRA). He has served on the editorial board of several other journals and is currently on the board of I/S: A Journal of Law and Policy for the Information Society. Norman also sits on the advisory board of the Future of Privacy Forum.

Sadeh’s research, as well as his views on cybersecurity, privacy, mobile, and IoT technologies are often covered in the press (e.g. Wall Street Journal, Wired, New York Times, Chronicle of Higher Education, Pittsburgh Post Gazette, Kiplinger, Huffington Post, Fast Company, Tech Crunch).

Between 2008 and 2019, he was also a visiting professor at Hong Kong University, where he would spend two weeks each year.

Office
5303 Wean Hall
Email
sadeh@cs.cmu.edu
Assistant
Linda Moreci
Google Scholar
Norman Sadeh
Websites
Norman Sadeh’s website

Education

1991 Ph.D., Computer Science, Carnegie Mellon University

1986 M.Sc., Computer Science, Univ. of Southern California

1985 Ingénieur Civil Physicien (5-year BS/MS degree), The Free University of Brussels

Affiliations

Media mentions


CyLab Security and Privacy Institute

One size does not fit all when managing data practices on the web

A new study by Carnegie Mellon University CyLab researchers aimed to learn about users' awareness of data practices, how they felt about them, and how much control they perceived to have over them.

CyLab Security and Privacy Institute

Misconceptions plague security and privacy tools

According to a new study out of CyLab, people hold a myriad of misconceptions about the security and privacy tools out there meant to help protect our privacy and online security.

CyLab Security and Privacy Institute

CyLab researchers develop new guidance for designing privacy choices

In a new study presented at this week’s ACM CHI conference, CyLab researchers outlined a set of standards and taxonomy to help alleviate the void in guidance that still leaves privacy choices muddied for users.

Dark Reading

Sadeh quoted on privacy tool

CyLab’s Norman Sadeh was quoted on Dark Reading about a privacy tool, Opt-Out Easy, that was created by CyLab researchers.

CyLab Security and Privacy Institute

What if opting out of data collection were easy?

Recent work by researchers in Carnegie Mellon University CyLab has shown that it is possible to use machine learning techniques to automatically extract and classify some of these opt-out choices, and introduces a new, handy browser extension.

Security Maganize

Sadeh quoted on privacy

CyLab’s Norman Sadeh was quoted in Security Magazine on CyLab’s IoT Privacy Assistant.

CyLab Security and Privacy Institute

CyLab researchers design privacy icon to be used by California law

The state of California has proposed an official icon to include next to opt-out text—a blue stylized toggle icon developed by researchers from Carnegie Mellon University’s CyLab and the University of Michigan’s School of Information. Users may begin seeing the new stylized icon at the bottom of websites’ footers early next year.

CyLab Security and Privacy Institute

App and infrastructure alert users about data collection around them

The IoT Assistant app and digital infrastructure, developed by researchers in Carnegie Mellon University’s CyLab, paves the way for people to take control of their privacy amid the booming Internet of Things.

CyLab Security and Privacy Institute

CMU launches new privacy engineering options

CMU is offering two flexible options for privacy engineering education and training: a part-time privacy engineering master's degree, and a privacy engineering certificate.

CyLab Security and Privacy Institute

What if you could better control what mobile apps do with your data?

Researchers in CyLab are working to create digital “privacy assistants” that can recommend phone app privacy settings to users based on their preferences.

CyLab Security and Privacy Institute

Three CyLab papers presented at the FTC’s PrivacyCon 2020

Three CyLab papers were presented at this year's PrivacyCon, focusing on privacy and security nutrition labels, making privacy choices easier, and perceptions of advanced video analytics.

CyLab Security and Privacy Institute

How much control are people willing to grant to a personal privacy assistant?

In a new study presented at the CHI 2020 conference, CyLab researchers sought to find out how much autonomy people would feel comfortable giving to a personalized privacy assistant.