Maaz | معاذ

PhD Candidate in Computer Science

University of Iowa

Profile

My name is Maaz Bin Musa and I am an outgoing Computer Science PhD student at The University of Iowa. I am being advised by Dr. Rishab Nithyanand who also runs the SPARTA lab. Currently, I am interning at AccuCode AI, where I work on developing ML solutions for health care providers.

My research is best described as developing privacy and compliance auditing tools. More concretely I leverage scalable automation and NLP toolkits to develop tools that facilitate regulatory authorities in monitoring privacy enforcement. These tools also facilitate quantifying compliance of data brokers.

maazbin-musa@uiowa.edu

MaazBinMusa

GoogleScholar

Latest Updates

Presenting @ EMNLP 2024

Nov 13, 2024

Paper Accepted at EMNLP 2024

My work on a regulation aware expert annotated dataset has been accepted.

Oct 15, 2024

Internship at AccuCode

Extended internship as a ML / Privacy engineer at AccuCode

Aug 2024

Internship at AccuCode

Landed a summer intern position working on autoamted health care solutions

Jun 2024

PhD Proposal submitted

Feb 2024

3MT Peoples choice award Link

Nov 2023

Presented at Graduate Research Symposium

Nov 2023

Artifact reviewer PETS

Jun 2023

Paper accepted at Harvard JOLT 2023

Forms of disclosure:

Jun 2023

Guest lecturer in Privacy Law and Technology

(Privacy starter kit).

May 2023

Attended PETS 22

presentend at PETS and won award

Jul 2022

Started internship at ICSI Berkeley 2022

Summer intern

May 2022

Paper accepted at PETS 2022

ATOM:

May 2022

Paper accepted at ICWSM 2022

Act or React:

Nov 2021

Paper accepted at PETS 2020

CanaryTrap:

Jun 2020

Started PhD @ UIowa

Aug 2019

Left TPI Lab @ LUMS

May 2019

Research Projects

Project 1

C3PA: An Open Dataset of Expert-Annotated and Regulation-Aware Privacy Policies

Status: Accepted | EMNLP 24 | [Dataset Link] | [Paper]

Authors: Maaz Bin Musa , Steven M. Winston, Garrison Allen, Jacob Schiller, Kevin Moore, Sean Quick, Johnathan Melvin, Padmini Srinivasan, Mihailis E. Diamantis, Rishab Nithyanand

Overview: Effective tools for analyzing organizations' data practices from privacy policies are essential for scalable compliance audits, but many existing tools struggle to identify issues and remedies due to their reliance on outdated, regulation-agnostic datasets. This paper introduces C3PA, the first open, regulation-aware dataset of expert-annotated privacy policies tailored for CCPA compliance, containing over 48K labeled text segments from 411 organizations to support automated audits of CCPA-specific disclosure requirements.

Project 2

Forms of Disclosure: The Path to Automated Data Privacy Audits

Status: Completed | Harvard JOLT 23 | [Paper]

Authors: Mihailis Diamantis, Maaz Bin Musa,, Lucas Ausberger, Rishab Nithyanand

Overview: Auditing online privacy has become critical to ensure compliance with the upcoming data privacy laws. However, this work highlights the variability in the forms of disclosures. We propose a uniform machine readable disclosure form that can be used to automate the auditing process. This would allow authorities to match the disclosures with the actual data practices of the company on a scale without the need for manual intervention.

Project 2

ATOM: Ad-network Tomography

Status: Completed | PETS 22 | [Paper]

Authors: Maaz Bin Musa, Rishab Nithyanand

Overview: A users' data is often propagated to multiple third-party services through ad-networks. This work uses the ad content served to a user, to identify the ad-networks that are responsible for the data propagation. Unlike previous works in this space, it does not depend on any artifact that is ephemeral in nature. Our results indicate the feasibility of this approach and its potential to be used as a tool for privacy audits.

Project 2

To Act or React: Investigating Proactive Strategies For Online Community Moderation

Status: Completed | ICWSM 22 | [paper]

Authors: Hussam Habib, Maaz Bin Musa, Fareed Zaffar, Rishab Nithyanand

Overview: Community-level moderation for Reddit and similar platforms is a complex task. Our analysis show that subreddits are constantly changing and therefore timely interventions are prohibitively expesnsive because of the scale. To address this issue, we propose a flagging tool which aids administrators by flagging subreddits that exhibit similarly problematic behavior as seen in previously banned communities.

Project 2

CanaryTrap: Detecting Data Misuse by Third-Party Apps on Online Social Networks

Status: Completed | PETS 20 | [paper]

Authors: Shehroze Farooqi, Maaz Bin Musa, Fareed Zaffar, Zubair Shafique

Overview: The driving force behind all activity on the Internet is user data. This work proposes a novel matrix approach to set up traps using email addresses, to detect the misuse of user data once it has been shared with third-party apps. We find several apps share data with malicious entities which consequently use it for phishing or ransomware attacks.

Personal Endevours