The US Federal Trade Commission (FTC) has again cocked an eye toward privacy by appointing Lorrie Cranor as chief technologist. Cranor heads Carnegie Mellon University's CyLab Usable Privacy and Security Laboratory (CUPS), and has written over 150 research papers on the topic. The FTC is set up to prevent "fraudulent, deceptive and unfair business practices," so Cranor will advise it on concerns around technology and policy. For starters, she would like companies to simplify their privacy and security practices so that they're easier for the public to grasp. "Companies add more rules, which does not always make websites more secure," she told TribLive.
Cranor is particularly interested in bad passwords and co-authored a paper on how security professionals can gauge how easy it is to guess one. Amusingly, she even designs fabrics imprinted with notoriously bad examples like "baseball," "iloveyou" and, yes, "password." Cranor is also a self-described "bad-ass cyberfeminist" who features in CMU's #ILookLikeAnEngineer Facebook promotion for female engineers.
Cranor will replace Ashkan Soltani, also a privacy expert, who contributed to the Washington Post's coverage of Edward Snowden. FTC Chairwoman Edith Ramirez said that its consumer protection mandate revolves more and more around tech, thanks to "mobile devices, personal fitness trackers, [and] the increasing array of internet-connected devices we find in our homes and elsewhere." That jibes well with Cranor's academic mission to make tech security and privacy more understandable for the average person. However, "it is a completely different job. There is an opportunity to affect public policy," she said.