This article has multiple issues. Please helpimprove it or discuss these issues on thetalk page.(Learn how and when to remove these messages) This articledoes notcite anysources. Please helpimprove this article byadding citations to reliable sources. Unsourced material may be challenged andremoved. Find sources: "Carnegie Mellon University Usable Privacy and Security Laboratory" – news ·newspapers ·books ·scholar ·JSTOR(November 2022) (Learn how and when to remove this message) This article needs to beupdated. Please help update this article to reflect recent events or newly available information.(November 2022) (Learn how and when to remove this message)

TheCarnegie Mellon University Usable Privacy and Security Laboratory (CUPS) was established in the Spring of 2004 to bring togetherCarnegie Mellon University researchers working on a diverse set of projects related to understanding and improving the usability ofprivacy andsecurity software and systems. The privacy and security research community has become increasingly aware thatusability problems severely impact the effectiveness of mechanisms designed to provide security and privacy in software systems. Indeed, one of the four grand research challenges ininformation security and assurance identified by theComputing Research Association in 2003 is: "Give end-users security controls they can understand and privacy they can control for the dynamic, pervasive computing environments of the future." This is the challenge that CUPS strives to address. CUPS is affiliated with Carnegie MellonCyLab and has members from theEngineering and Public Policy Department, the School of Computer Science, the Electrical and Computer Engineering Department, theHeinz College, and theDepartment of Social and Decision Sciences. It is directed byLorrie Cranor.

• P3P and computer-readable privacy policies
  • Two members of the CUPS Lab are members of theW3CP3P Working Group, working on developing theP3P 1.1 specification.
  • In the fall of 2005,AT&T gave the rights to the source code and trademarks surroundingPrivacy Bird, theirP3P user-agent. Privacy Bird is currently maintained and distributed by the lab.
  • In the summer of 2005, the lab made available to the public a "P3P-enabled search engine", known as Privacy Finder. It allowed a user to reorder search results based on whether each site complied with his or her privacy preferences. This information was gleaned fromP3P policies found on the web sites. Since 2012, Privacy Finder has been "temporarily out of service", with no indication of when service would be restored.
  • Additionally, the lab archives web sites privacy policies and has been creating a toolkit to aid in the automated analysis of bothP3P policies as well as natural language privacy policies.
• Supporting trust decisions
  • More recently^[when?], the lab is examining trends in phishing attacks as well as users' perceptions of these attacks to develop better methods of detecting and reporting phishing messages.

• The official CUPS Lab web site
• Privacy Bird
• Privacy Finder

40°26′40″N79°56′35″W / 40.444423°N 79.942984°W /40.444423; -79.942984

• 2004 establishments in Pennsylvania
• Privacy software
• Schools and departments of Carnegie Mellon

• Pages using gadget WikiMiniAtlas
• Articles lacking sources from November 2022
• All articles lacking sources
• Wikipedia articles in need of updating from November 2022
• All Wikipedia articles in need of updating
• Articles with multiple maintenance issues
• All articles with vague or ambiguous time
• Vague or ambiguous time from November 2022
• Coordinates on Wikidata