Lorrie Faith Cranor is the Director and Bosch Distinguished Professor in Security and Privacy Technologies of CyLab and the FORE Systems Professor of Computer Science and of Engineering and Public Policy at Carnegie Mellon University. She also directs the CyLab Usable Privacy and Security Laboratory (CUPS) and co-directs the MSIT-Privacy Engineering masters program. In 2016 she served as Chief Technologist at the US Federal Trade Commission, working in the office of Chairwoman Ramirez. She is also a co-founder of Wombat Security Technologies, Inc, a security awareness training company that was acquired by Proofpoint.

She has authored more than 200 research papers on online privacy, usable security, and other topics. She has played a key role in building the usable privacy and security research community, having co-edited the seminal book Security and Usability (O'Reilly 2005) and founded the Symposium On Usable Privacy and Security (SOUPS). She also chaired the Platform for Privacy Preferences Project (P3P) Specification Working Group at the W3C and authored the book Web Privacy with P3P (O’Reilly 2002). She has served on a number of boards and working groups, including the Electronic Frontier Foundation Board of Directors, the Computing Research Association Board of Directors, the Aspen Institute Cybersecurity Group, and on the editorial boards of several journals.

In her younger days she was honored as one of the top 100 innovators 35 or younger by Technology Review magazine. More recently she was elected to the ACM CHI Academy, named an ACM Fellow for her contributions to usable privacy and security research and education, and named an IEEE Fellow for her contributions to privacy engineering. She has also received an Alumni Achievement Award from the McKelvey School of Engineering at Washington University in St. Louis, the 2018 ACM CHI Social Impact Award, the 2018 International Association of Privacy Professionals Privacy Leadership Award, and (with colleagues) the 2018 IEEE Cybersecurity Award for Practice.

She was previously a researcher at AT&T-Labs Research and taught in the Stern School of Business at New York University. She holds a doctorate in Engineering and Policy from Washington University in St. Louis. In 2012-13 she spent her sabbatical as a fellow in the Frank-Ratchye STUDIO for Creative Inquiry at Carnegie Mellon University where she worked on fiber arts projects that combined her interests in privacy and security, quilting, computers, and technology. She practices yoga, plays soccer, walks to work, and runs after her three children.

2107 Collaborative Innovation Center
Google Scholar
Lorrie Cranor
Lorrie Cranor's website

Online Security and Privacy


1996 Doctor of Science, Engineering and Policy, Washington University

1996 MS, Computer Science, Washington University

1993 MS, Technology and Human Affairs, Washington University

1992 BS, Engineering and Public Policy, Washington University


Media mentions

Wall Street Journal

Cranor’s article on online privacy published in the WSJ

CyLab Director Lorrie Cranor published an op-ed in The Wall Street Journal titled, “How Everyone Can Get the Online Privacy They Want.”

Washington Post

Cranor discusses issues behind privacy policies

CyLab Director Lorrie Cranor was quoted in The Washington Post about lengthy privacy policies and replacing them with privacy “nutrition labels.”

Yahoo Life

Cranor quoted on online shopping security tips

CyLab Director Lorrie Cranor spoke with Yahoo Life about protecting your sensitive information when online shopping.

CyLab Security and Privacy Institute

Cookie consent notices are actually unusable, according to science

A new study by CyLab researchers shows just how truly unusable cookie consent interfaces are.

Washington Post

Cranor weighs in on privacy labels

Roughly a year after Apple began requiring privacy labels for new apps in its app store, Google just announced that it will begin doing the same for Android apps. CyLab Director Lorrie Cranor spent the past year studying Apple’s privacy labels and tells The Washington Post that she’d “hoped that we could do better.”

CyLab Security and Privacy Institute

Lorrie Cranor receives honorary doctorate

Cranor received the honorary degree "for her relentless pursuit of making privacy and security usable..."

CyLab Security and Privacy Institute

CyLab researchers investigate Apple’s privacy labels

Roughly a year after Apple rolled out its privacy label requirements, CyLab researchers have gained a comprehensive look at the state of iOS privacy labels.

Consumer Reports

Cranor weighs in on Google’s new privacy labels

CyLab Director Lorrie Cranor commented on Google adding privacy “nutrition labels” for apps in the Android app store.

Diverse Education

Cranor quoted on cybersecurity workforce

CyLab Director Lorrie Cranor was quoted by Diverse Education on the shortage of workers in cybersecurity, which she attributes to a lack of American students and support.


Cranor quoted on online accounts

CyLab Director Lorrie Cranor was quoted in AOL on account safety when using the internet.

CyLab Security and Privacy Institute

“Adulting” for cybersecurity, GANs, and more: CyLab’s 2022 seed funding awardees

Over $400K in seed funding has been awarded to 18 different faculty and staff across seven departments at Carnegie Mellon to support security and privacy research.

CyLab Security and Privacy Institute

The (un)importance of online interview modes for security and privacy studies

In a rigorous new study just published in the journal PLOS ONE, a team of CyLab researchers show that that there is little evidence to suggest that interviews with crowd workers about sensitive topics are significantly impacted by the chosen online interview mode.