Expertise

Topics:  Engineering and Policy, Privacy, Cybersecurity and Privacy, Computer Science, Usable Security

Industries: Writing and Editing, Education/Learning, Security, Research

Lorrie Faith Cranor is a Professor of Computer Science and of Engineering and Public Policy at Carnegie Mellon University where she is director of the CyLab Usable Privacy and Security Laboratory (CUPS) and co-director of the MSIT-Privacy Engineering masters program. In 2016 she served as Chief Technologist at the US Federal Trade Commission, working in the office of Chairwoman Ramirez. She is also a co-founder of Wombat Security Technologies, Inc, a security awareness training company. She has authored over 150 research papers on online privacy, usable security, and other topics. She has played a key role in building the usable privacy and security research community, having co-edited the seminal book Security and Usability (O'Reilly 2005) and founded the Symposium On Usable Privacy and Security (SOUPS). She also chaired the Platform for Privacy Preferences Project (P3P) Specification Working Group at the W3C and authored the book Web Privacy with P3P (O'Reilly 2002). She has served on a number of boards, including the Electronic Frontier FoundationBoard of Directors, and on the editorial boards of several journals. In her younger days she was honored as one of the top 100 innovators 35 or younger by Technology Review magazine. More recently she was named an ACM Fellow for her contributions to usable privacy and security research and education, and an IEEE Fellow for her contributions to privacy engineering. She was previously a researcher at AT&T-Labs Research and taught in the Stern School of Business at New York University. She holds a doctorate in Engineering and Policy from Washington University in St. Louis. In 2012-13 she spent her sabbatical as a fellow in the Frank-Ratchye STUDIO for Creative Inquiry at Carnegie Mellon University where she worked on fiber arts projects that combined her interests in privacy and security, quilting, computers, and technology. She practices yoga, plays soccer, and runs after her three children.

Media Experience

Thieves took their iPhones. Apple won’t give their digital lives back.  — Washington Post
Iphone theft victims are taking Apple to court to reclaim their personal data. “I find it odd that Apple is fighting this without explaining their rationale," said Lorrie Cranor (CyLab).

New password guidelines: What to know  — WBUR
“Some people are concerned about them because they say, ‘What if my password manager gets hacked?’ Or every now and then you'll read a news report that a big password manager has had a security problem. “The reality is that that doesn't happen very often. And when it does happen, usually you're informed right away. And so, as a result of these occasional breaches, there hasn't been a lot of damage, relatively speaking."

Annoying Password Rules Actually Make Us Less Secure  — The Wall Street Journal
Does your company network or a frequently visited website force you to come up with a new password because it has declared your old one is past its expiration date?

How to tell if a gadget is secure? Look for this new government seal.  — The Washington Post
Professor Lorrie Cranor of Carnegie Mellon University, whose research includes ways to make better security and privacy disclosures to users, said she hopes the final standard doesn’t gloss over privacy.

Mandatory password updates are passe  — The Washington Post
“Most people, if they know they're going to have to change their password on a regular basis, they will pick a relatively weaker password and use a pattern for how they change it,” Lorrie Cranor, director of CyLab Security and Privacy Institute at Carnegie Mellon University, told me. And weaker passwords that are easy to predict are catnip for malicious hackers.

Google Settings Still Confusing After $85 Million Lawsuit Over How Confusing They Were  — Gizmodo
“There’s a lot of fine print when you pause location history. Most people aren’t going to read it, and even if you do, it is confusing,” says Lorrie Cranor, a professor at Carnegie Mellon University whose research includes privacy settings and interfaces. “I’m a privacy expert and I still find it difficult to understand exactly what is getting turned off.”

Personalities of Pittsburgh: Lorrie Cranor is securing privacy in the digital age  — Pittsburgh Business Times
Lorrie Cranor has dedicated her career to cybersecurity and protecting personal information.