Norman Sadeh is a professor in the School of Computer Science at Carnegie Mellon University (CMU). He is director of CMU’s Mobile Commerce Laboratory and its e-Supply Chain Management Laboratory, co-Founder of the School’s Ph.D. Program in Societal Computing and co-Director of the MSIT program in Privacy Engineering. He also co-founded and for 12 years co-directed the MBA track in Technology Leadership launched jointly by the Tepper School of Business and the School of Computer Science in 2005. Sadeh’s current research interests include cybersecurity, online privacy, mobile computing, the Internet of Things, artificial intelligence, user-oriented machine learning, human computer interaction, language technologies, and semantic web technologies.

Sadeh is also well known for his seminal work in AI planning and scheduling, agent-based supply chain management, workflow management, automated trading, including the design and launch of the international supply chain trading agent competition. Products based on his research have been deployed and commercialized by organizations such as IBM, Raytheon, Mitsubishi, Boeing, Numetrix (eventually acquired by JD Edwards/PeopleSoft/Oracle), ILOG (eventually acquired by IBM), and the US Army. His privacy research has been credited with influencing the design of products at companies such as Facebook and Google as well as activities at the US Federal Trade Commission and the California Office of the Attorney General. His work on automatically recognizing mobile user activities while minimizing battery life has influenced technologies found in most modern smartphones.

Sadeh is also a successful entrepreneur, having served as founding CEO and, until its acquisition, as chairman and chief scientist of Wombat Security Technologies, a company he co-founded to commercialize anti-phishing technologies he developed as part of research with several of his colleagues at CMU. Together with his collaborators, he grew Wombat Security Technologies into a leading provider of anti-phishing and cybersecurity awareness training technologies. The company was acquired for $225M by Proofpoint (NASDAQ: PFPT) in February 2018. By that time Wombat had well over 2,000 corporate customers, and had been named a clear leader in the Gartner Group’s Magic Quadrant in Security Awareness Computer-Based Training for four years in a row (since the inception of Gartner’s Quadrant in this sector). It had also been identified as one of the 500 fastest growing technology companies in North America for three consecutive years in Deloitte’s Technology Fast 500. In May 2018, Norman was honored with the 2018 Outstanding Entrepreneur of the Year award from the Pittsburgh Venture Capital Association.

In the late nineties, Sadeh was program manager with the European Commission’s ESPRIT research program, prior to serving for two years as chief scientist of the EU’s EUR 550M (US$650M) initiative in “New Methods of Work and eCommerce,” which included all pan-European research in cybersecurity and privacy. As such, he was responsible for shaping European research priorities in collaboration with industry and universities across Europe. These activities eventually resulted in the launch of over 200 R&D projects involving over 1,000 European organizations from industry and research. While at the Commission, he also contributed to a number of EU policy initiatives related to eCommerce, the Internet, cybersecurity, privacy, and entrepreneurship.

Sadeh received his Ph.D. in Computer Science at CMU with a major in Artificial Intelligence and a minor in Operations Research. He holds a MS degree in computer science from the University of Southern California and a BS/MS degree in electrical engineering and applied physics from the Free University of Brussels (Belgium) as “Ingénieur Civil Physicien.”

Sadeh has authored or co-authored around 300 scientific publications. He is also the author of m-Commerce: Technologies, Services and Business Models, a best-selling book published by Wiley in April 2002. He served as general chair of the 2003 International Conference on Electronic Commerce and as editor-in-chief of Electronic Commerce Research Applications (ECRA). He has served on the editorial board of several other journals and is currently on the board of I/S: A Journal of Law and Policy for the Information Society. Norman also sits on the advisory board of the Future of Privacy Forum.

Sadeh’s research, as well as his views on cybersecurity, privacy, mobile, and IoT technologies are often covered in the press (e.g. Wall Street Journal, Wired, New York Times, Chronicle of Higher Education, Pittsburgh Post Gazette, Kiplinger, Huffington Post, Fast Company, Tech Crunch).

Between 2008 and 2019, he was also a visiting professor at Hong Kong University, where he would spend two weeks each year.

5303 Wean Hall
Linda Moreci
Google Scholar
Norman Sadeh
Norman Sadeh’s website


1991 Ph.D., Computer Science, Carnegie Mellon University

1986 M.Sc., Computer Science, Univ. of Southern California

1985 Ingénieur Civil Physicien (5-year BS/MS degree), The Free University of Brussels

Media mentions

CyLab Security and Privacy Institute

New tool helps mobile app developers create more accurate iOS privacy labels

Created by researchers at Carnegie Mellon University, Privacy Label Wiz is an easy-to-use, step-by-step resource to help developers create accurate mobile app privacy labels

Seattle Times

Sadeh quoted by the Seattle Times

SCS Professor Norman Sadeh explains why privacy should be top of mind for technology companies and shares his thoughts on the regulatory environment around artificial intelligence.

CyLab Security and Privacy Institute

CyLab icon connects users with online privacy choices

Have you noticed the new icon popping up on websites across the Internet? Thanks to researchers at Carnegie Mellon’s CyLab Security and Privacy Institute, the University of Michigan, and Fordham University, users can now easily make choices about how websites use their personal information, all in one convenient spot.

CyLab Security and Privacy Institute

CyLab names 2022 Presidential Fellows

Each year, CyLab recognizes high-achieving Ph.D. students pursuing security and/or privacy-related research with a CyLab Presidential Fellowship that covers one year of tuition.

CyLab Security and Privacy Institute

CyLab well represented at SOUPS 2022

There is no shortage of Carnegie Mellon (CMU) students and faculty participating in this year's Symposium on Usable Privacy and Security (SOUPS).

CyLab Security and Privacy Institute

Study reveals iOS privacy labels miss the mark

A new study from researchers at Carnegie Mellon’s Security and Privacy Institute shows users find Apple’s iOS privacy labels confusing, difficult to find.

CyLab Security and Privacy Institute

CyLab paper receives Privacy Papers for Policymakers Award

The paper captured people’s privacy expectations and preferences in the age of video analytics.

CyLab Security and Privacy Institute

Protect your security and privacy with these tips from CyLab faculty

In celebration of Cybersecurity Awareness Month, a collection of CyLab faculty have shared some tips they recommend following to stay safe online.

CyLab Security and Privacy Institute

Study further explores perceptions of video analytics

In general, people are somewhat aware of facial recognition technologies and tend to have mixed feelings about them, according to new research out of Carnegie Mellon University’s CyLab.

CyLab Security and Privacy Institute

Two CyLab papers presented at the FTC’s PrivacyCon 2021

The FTC selected fewer than 20 papers to be presented at this year’s PrivacyCon, and two of them were written by CyLab researchers.

CyLab Security and Privacy Institute

One size does not fit all when managing data practices on the web

A new study by Carnegie Mellon University CyLab researchers aimed to learn about users' awareness of data practices, how they felt about them, and how much control they perceived to have over them.

CyLab Security and Privacy Institute

Misconceptions plague security and privacy tools

According to a new study out of CyLab, people hold a myriad of misconceptions about the security and privacy tools out there meant to help protect our privacy and online security.