Home Publications CV Talks FAQ Bio
Research Overview
Note: I am currently working on a new startup and am scaling back all academic and research commitments for the foreseeable future.

My primary field is human-computer interaction. My areas of work are in usable privacy and security, mobile computing, Internet of Things, and AI fairness and bias. I draw on ideas from systems, behavioral sciences, and machine learning. Here is a long description of my research accomplishments, below are some highlights:

  • Pioneered research on protecting people from phishing scams. Our work on anti-phishing was adopted by industry groups, and inspired the design of anti-phishing browser warnings. Our work was also commercialized as Wombat Security, which was acquired by Proofpoint in 2018.
  • Deployed Livehoods, which was the first paper to use geotagged social media to understand the dynamics of cities. Won ICWSM test of time award in 2022.
  • Investigated Social Cybersecurity, which looked at how to adopt ideas from social psychology to positively influence people’s privacy and security behaviors. Won Honorable Mention for NSA Competition for Best Scientific Cybersecurity Paper.
  • Pioneered new system architectures and developer tools for smartphone privacy, which has had positive impact on consumer privacy and on industry
  • Deployed PrivacyGrade.org, a web site where we analyzed the privacy of over a million Android apps based on a model of people’s expectations of privacy
  • Wrote The Design of Sites, one of the earliest books on user interface design patterns
  • Developed WeAudit, a suite of tools for helping everyday people collectively audit AI systems for bias and fairness
  • Co-founded the Master’s of Product Management (MSPM), a joint program between HCII and Tepper School of Business
  • Supervised 21 Postdocs and PhD students, and taught hundreds of undergrads and master’s students in classes, independent studies, and research projects

Our work has been featured in CNN, New York Times, BBC, CBS News, MIT Tech Review, World Economic Forum, and more. Our team has been generously funded by DARPA, National Science Foundation, Army Research Office, Amazon, IBM, Google, Intel, Microsoft, Nokia, NQ Mobile, Pitney Bowes, Portugal Telecom, Samsung, Yahoo, CMU Cylab, Alfred P. Sloan Foundation, Cisco, and more.

What's New?
Feb 27, 2024
I gave a talk entitled An Overview of Privacy for Mobile Sensing Systems for the mDOT NIH Center.

Feb 8, 2024
Along with several of my colleagues at CMU, I was named a 2024 Microsoft Research AI & Society fellow to do work on to do work on “Regulating AI in Light of the Challenges of Doing Responsible AI in Practice”.

Dec 13, 2023
I gave a distinguished lecture at Univ Wisconsin-Madison entitled Helping Developers with Privacy.

Nov 20, 2023
New book chapter, Designing for Privacy in Mobile Sensing Systems, book chapter in Mobile Sensing in Psychology: Methods and Applications. I tried to summarize everything I know about legal, philosophical, design, and technical issues about privacy in this chapter.

July 25, 2023
My blog post What Can the FATE Community Learn from the Successes and Failures in Privacy? was published in CACM August 2023 issue.

May 27, 2023
I had the honor of being the 2023 commencement speaker at the South Carolina Governor's School for Science and Math, my alma mater. See the text of the speech or video here.

Apr 20, 2023
Our paper What makes people install a COVID-19 contact-tracing app? Understanding the influence of app design and individual difference on contact-tracing app adoption intention won Best Research Paper 2019-2021 in Pervasive and Mobile Computing.

Apr 4, 2023
Our paper Understanding Frontline Workers’ and Unhoused Individuals’ Perspectives on AI Used in Homeless Services won a best paper award at CHI 2023.

Jan 19, 2023
I was named an ACM Fellow!

Jun 7, 2022
Our work on Livehoods won ICWSM Test of Time award! See the press release and livehoods.org web site.

Nov 23, 2021
Our paper on Software-Defined Cooking Using a Microwave Oven is a Research Highlight in the Dec 2021 issue of CACM.

Nov 23, 2021
ClearTerms data set is available here. This is a spreadsheet containing the results of several thousand crowdsourced judgements comparing different statements in Terms and Conditions for about a dozen ecommerce web sites.

Nov 7, 2021
We made EMA data publicly available from our study on social interactions, social support, mood, and well-being during 2020 COVID.

Apr 27, 2021
New paper on arxiv summarizing our work on DARPA Brandeis project for smartphone privacy: The Design of the User Interfaces for Privacy Enhancements for Android

Apr 24, 2021
Use our SA-6 and SA-13 survey instrument to assess people's security attitudes. You can also take the SA-6 quiz online here.

Feb 10, 2021
We just received $1M in new funding from NSF and Amazon to investigate Fairness in AI!

Oct 21, 2020
I did a keynote talk for CHIuXiD entitled Privacy for Mobile Sensing Systems.

May 1, 2020
Our web site showcasing our work on the user interfaces for DARPA Brandeis smartphone privacy is now up

Feb 14, 2020
I'm now a member of CHI Academy!

Mar 13, 2019
I wrote a blog entry on CACM entitled Why is Privacy So Hard?

Mar 5, 2019
My wife and I helped found two junior faculty chairs in the Human-Computer Interaction Institute at CMU.

Nov 30, 2018
Our team has released the MobiPurpose data set. It contains over 2 million unique intercepted traffic requests from 15k+ smartphone apps, gathered from our array of smartphones.

Mar 1, 2018
Wombat Security, which I co-founded in 2008, was acquired by Proofpoint for $225m!

Sep 1, 2017
I wrote a roadmap for privacy research entitled The Privacy Landscape for Pervasive and Ubiquitous Computing.

May 29, 2017
I was recently honored with Alumni of the Year from my old high school, South Carolina Governor's School for Science and Math. Here is a link to my speech at the commencement.

May 16, 2017
The HCII and the Tepper School of Business are offering a new Master's Degree of Product Management. I'm helping to run the HCII side.

Jun 7, 2016
White paper with New America entitled Toward a Safe and Secure Internet of Things.

Sep 9, 2015
Presented some of our team's work on using smartphones for healthcare at the World Economic Forum at Dalian.

Aug 13, 2015
Our CCS 2014 paper Increasing Security Sensitivity with Social Proof: A Large-Scale Experimental Confirmation won Honorable Mention at NSA's Best Scientific Cybersecurity Paper Competition.

Dec 26, 2014
PrivacyGrade.org presents our privacy analysis of 1 million Android apps. Our work has appeared on CNN, US News and World Report, New York Times, CNBC, IEEE Spectrum, Forbes, and more.

Sep 17, 2014
My brother and I have created the Frances and Chou-Chu Hong graduate fellowship at the Veterinary and Animal Sciences Department at the University of Massachusetts.

Oct 25, 2013
Gave a talk at PopTech 2013 on sensing and privacy. See slides and video here.

Apr 9, 2012
Livehoods.org re-imagines how cities work in the age of social media. Livehoods has been featured in The Atlantic Cities, Wired Insider, MIT Technology Review, Fast Company Co.Design, New York Post, Wall Street Journal, and Haaretz.

Some Past Research

Personal Behavioral Data
How can we make better use of all of the wealth of personal behavioral data (smartphones, web usage, social networking) to develop a better computational model of people, places, activities, and things?

UniAuth: Streamlining Authentication for Ubiquitous Computing
What kinds of protocols, APIs, and user interfaces are needed for our smartphones to manage all of our authentication needs, both for the web and Internet of Things? See our set of papers on authentication for ubicomp here.

Urban Analytics
How can we use location data from smartphones and social media to understand cities? See our papers on urban analytics here.

User-Controllable Security & Privacy for Pervasive Computing
How can we combine machine learning, dialog, and better user interfaces to empower people to manage their privacy? See our papers on ubicomp privacy here.

Why do people fall for phishing scams? Can we train people not to fall for scams? Can we also develop techniques to detect phishing emails? See our large set of papers on anti-phishing here.

Rapid Prototyping and UX Design Tools
How can we help people design interactive systems faster and better? My past work in this area include sketching interfaces, design patterns, and tools for rapid prototyping. See our set of papers on design tools here.

The CHIMPS Research Team
Some alums of the CHIMPS group (postdocs, PhD, and some MS), in somewhat chronological order:
  • Karen Tang
  • Jeff Wong, now at Apple
  • Bryan Pendleton, now at a startup (previously GOogle)
  • Janne Lindqvist, now an Assoc Prof at Aalto (previously Rutgers)
  • Polo Chau (with Christos Faloutsos and Niki Kittur), now an assoc prof at Georgia Tech
  • Guang Xiang (with Carolyn Rose), now doing an AI startup in China
  • Jialiu Lin (with Norman Sadeh), now at Waymo (previously was a privacy engineer at Google)
  • Shah Amini, now at Facebook (previously Appthority and Google)
  • Jun Ki Min, now at Motorola
  • Mike Villena, now at Appthority
  • Afsaneh Doryab, now an Asst Prof at UVa (previously CMU)
  • Alex Sciuto, now at Maven Machines
  • Song Luan, now at YouTube (previously Uber)
  • Jason Wiese (with John Zimmerman), now an Assoc Prof at University of Utah
  • Eiji Hayashi, now at Facebook
  • Sauvik Das, now an Asst Prof at CMU
  • Dan Tasse, now a data scientist at StitchFix
  • Siyan Zhao, now a UX designer at Google
  • Mike Czapik, now at TikTok
  • Hong Shen, now an asst research prof at CMU
  • Cori Faklaris (with Laura Dabbish), now an asst prof at UNC-Charlotte
  • Haojian Jin, now an asst prof at UCSD
  • George Hope Chidziwisano, now an Asst Prof at UTenn
  • Tianshi Li, now an asst prof at Northeastern University
  • Alex Cabrera (with Adam Perer), now at an AI startup
  • Isadora Krsek, now a PhD student at CMU HCII
Some of My Writings and Other Stuff I Helped Create
Running Program Committees My Cybersecurity Advice (for general audiences) Research Tools, Software, and Web Sites Research Data Sets Instructor Guides and Reading Seminars Advice for PhD students and Grad School Applicants Odds and Ends The Design of Sites
I co-authored a book on web site design, which uses the notion of web design patterns as a way for facilitating the design of customer-centered web sites. Check out the web site for our book The Design of Sites. Our book has been translated into Polish, Chinese, Korean (and possibly other languages as well).
Current Service Some Past Service