University of Iowa
My name is Maaz Bin Musa and I am an outgoing Computer Science PhD student at The University of Iowa.
I am being advised by Dr. Rishab Nithyanand who also runs the SPARTA lab.
Currently, I am interning at AccuCode AI, where I work on developing ML solutions for health care providers.
My research is best described as developing privacy and compliance auditing tools. More concretely I leverage scalable automation and NLP toolkits
to develop tools that facilitate regulatory authorities in monitoring privacy enforcement. These tools also facilitate quantifying
compliance of data brokers.
My work on a regulation aware expert annotated dataset has been accepted.
Oct 15, 2024Extended internship as a ML / Privacy engineer at AccuCode
Aug 2024Landed a summer intern position working on autoamted health care solutions
Jun 2024Forms of disclosure:
Jun 2023(Privacy starter kit).
May 2023presentend at PETS and won award
Jul 2022Summer intern
May 2022ATOM:
May 2022Act or React:
Nov 2021CanaryTrap:
Jun 2020Status: Accepted | EMNLP 24 | [Dataset Link] | [Paper]
Authors: Maaz Bin Musa , Steven M. Winston, Garrison Allen, Jacob Schiller, Kevin Moore, Sean Quick, Johnathan Melvin, Padmini Srinivasan, Mihailis E. Diamantis, Rishab Nithyanand
Overview: Effective tools for analyzing organizations' data practices from privacy policies are essential for scalable compliance audits, but many existing tools struggle to identify issues and remedies due to their reliance on outdated, regulation-agnostic datasets. This paper introduces C3PA, the first open, regulation-aware dataset of expert-annotated privacy policies tailored for CCPA compliance, containing over 48K labeled text segments from 411 organizations to support automated audits of CCPA-specific disclosure requirements.
Status: Completed | Harvard JOLT 23 | [Paper]
Authors: Mihailis Diamantis, Maaz Bin Musa,, Lucas Ausberger, Rishab Nithyanand
Overview: Auditing online privacy has become critical to ensure compliance with the upcoming data privacy laws. However, this work highlights the variability in the forms of disclosures. We propose a uniform machine readable disclosure form that can be used to automate the auditing process. This would allow authorities to match the disclosures with the actual data practices of the company on a scale without the need for manual intervention.
Status: Completed | PETS 22 | [Paper]
Authors: Maaz Bin Musa, Rishab Nithyanand
Overview: A users' data is often propagated to multiple third-party services through ad-networks. This work uses the ad content served to a user, to identify the ad-networks that are responsible for the data propagation. Unlike previous works in this space, it does not depend on any artifact that is ephemeral in nature. Our results indicate the feasibility of this approach and its potential to be used as a tool for privacy audits.
Status: Completed | ICWSM 22 | [paper]
Authors: Hussam Habib, Maaz Bin Musa, Fareed Zaffar, Rishab Nithyanand
Overview: Community-level moderation for Reddit and similar platforms is a complex task. Our analysis show that subreddits are constantly changing and therefore timely interventions are prohibitively expesnsive because of the scale. To address this issue, we propose a flagging tool which aids administrators by flagging subreddits that exhibit similarly problematic behavior as seen in previously banned communities.
Status: Completed | PETS 20 | [paper]
Authors: Shehroze Farooqi, Maaz Bin Musa, Fareed Zaffar, Zubair Shafique
Overview: The driving force behind all activity on the Internet is user data. This work proposes a novel matrix approach to set up traps using email addresses, to detect the misuse of user data once it has been shared with third-party apps. We find several apps share data with malicious entities which consequently use it for phishing or ransomware attacks.