About

I am Shidong Pan :)

I am a postdoctoral researcher at the Courant Institute at New York University and the Law School at Columbia University (jointly-affiliated).

I completed my Ph.D. at Australian National University and CSIRO’s Data61, supervised by Zhenchang Xing. I was also co-supervised by Sherry Xu and Mark Staples. I was a visiting PhD student of Prof. David Lo in Singapore Management University. I earned Master of Machine Learning and Computer Vision at Australian National University, advised by Zhenchang Xing and Hongdong Li. Before my graduate education, I earned the Bachelor of Advanced Computing (Honours) at Australian National University, advised by Dongwoo Kim, and the Bachelor of Computer Science and Technology at Shandong University (Weihai).

Email: Shidong[dot]Pan[at]nyu[dot]edu OR sp4471[at]columbia[dot]edu

Research

My research focuses on Usable Privacy Engineering and Privacy-as-Code, situated at the intersection of $\color{Orange}{\text{Usable Privacy and Security}}$, $\color{Purple}{\text{Empirical Software Engineering}}$, $\color{Pink}{\text{Human-Computer Interaction}}$, and $\color{Brown}{\text{Law}}$.

[Usable Privacy Engineering] Recognizing the inevitable utility-privacy trade-offs in software engineering, I aim to develop empirical methodologies and engineering tools that make AIware/software systems both usable and privacy-compliant. My work aims to integrate privacy requirements into development workflows in ways that support both productivity and regulatory alignment.

[Privacy-as-Code] My research also focuses on “Codifying” various modalities related to privacy, such as textual privacy regulations, documented developer practices (e.g., code of conduct), observed developer practices (e.g., code pattern), software artifacts (e.g., source code, privacy policies, privacy labels), and end-user behavior (habits, perceptions, and interactions). The goal is to bridge the gaps between these heterogeneous elements to create cohesive and actionable privacy mechanisms.

Collectively, my goal is to deliver technical innovations that serve developers, end-users, and regulators, making privacy not only a legal obligation but an integral part of software engineering practice. Specifically,

1) Privacy Documentation in Software Developement Process $\color{Orange}{\text{[UPS]}}$ $\color{Purple}{\text{[ESE]}}$

Engineering-based Process-aware Privacy Policy Generation [SEC’24 (a)][PETS’25]
Software and Document Analysis-based Privacy Policy/Privacy Labels Generation [arXiv (a)][arXiv (b)]

2) Privacy Measurement of AIware/Software and Its Engineering $\color{Orange}{\text{[UPS]}}$ $\color{Purple}{\text{[ESE]}}$ $\color{Brown}{\text{[Law]}}$

Compliance of Privacy Policies against Privacy Laws and Regulations [SEC’24 (a)][IST’25]
The Longtitude Measurement between Software Practices and Privacy Policies
Large Language Models: Right to be Forgotten [AI&E’24 (a)]

3) Usability of Privacy Documentation $\color{Orange}{\text{[UPS]}}$ $\color{Purple}{\text{[ESE]}}$ $\color{Pink}{\text{[HCI]}}$

New Approaches/Solutions of Usable Privacy Notices [SEC’24 (b)] [CHI’25]
Usability Measurement and Evaluation of Existing Approaches [S&P’25]

While my core focus lies in Usable Privacy Engineering and Privacy-as-Code, I also actively contribute to related fields, especially Software Engineering and Responsible AI, through student mentorship and interdisciplinary collaborations.

Large Language Models for Software Engineering Tasks: LLMs for Context-aware Code Generation [TSE’24], LLMs for Secure Program Generation [ICSE’ 26], Vulnerability Textual Description Augmentation and Utilization [TSE’25][ASEJ’25], and Program Analysis for Android Applications [TOSEM’25][arXiv].
Algorithmic Fairness especially in Large Language Models: LLM Generation Diversity [EMNLP’25] and Machine Unlearning and Algorithmic Fairness of LLMs [AI&E’24 (b)].

More broadly, in the whole landscape of computer science, my work is driven by the need to translate high-level Responsible AI principles (e.g., privacy) into actionable and practical implementations that work across diverse system contexts.

I am also personally interested in research about Computer Science Education in the AI Era and Online Video Games.

News

[Sep 2025] Our paper "Towards Context-aware Mobile Privacy Notice: Implementation of A Deployable Contextual Privacy Policies Generator" has been accepted by ASE 2025 Tool Demonstrations Track. Congrats to Haochen and Zhen!
[Aug 2025] Our paper "Multilingual Prompting for Improving LLM Generation Diversity" has been accepted by EMNLP 2025! Congrats to Qihan. The pre-print is available at arXiv.
[July 2025] I will be attending The 25th Privacy Enhancing Technologies Symposium in Washington DC, USA July 14-19, 2025!
[June 2025] I will be serving as the Asscociate Chair (AC) of CHI'26 (CHI Conference on Human Factors in Computing Systems 2026). Welcome submissions to the Privacy & Security Subcommittee!
[May 2025] Our paper "Privacy Bills of Materials (PriBOM): A Transparent Privacy Information Inventory for Collaborative Privacy Notice Generation in Mobile App Development" has been accepted by PoPETs/PETS 2025! Thanks Zhen and all collaborators!
[May 2025] Our paper "Multilingual Prompting for Improving LLM Generation Diversity" is now available on arXiv. TL;DR: We propose that language and other cultural cues can be a powerful lever for enhancing diversity in LLM outputs, and thus point to a way to mitigate these problems.
[May 2025] I will be attending the IEEE Symposium on Security and Privacy (Oakland) in San Francisco CA, USA May 12-14, 2025.
[Apr 2025] Our paper "An Analysis of Privacy Regulations and User Concerns of Finance Mobile Applications" has been accepted by Information and Software Technology! Congrats to Alessandro and thanks Omar and Prof. John Grundy!
[Mar 2025] Our paper "A Big Step Forward? A User-Centric Examination of iOS App Privacy Report and Enhancements" has been accepted by S&P 2025! Congrats to Liu Wang! The pre-print is coming soon!
[Feb 2025] Our paper "Privacy Meets Explainability: Managing Confidential Data and Transparency Policies in LLM-Empowered Science" has been accepted by CHI 2025 Late-Breaking Work! Congrats to Yasho! The pre-print is coming soon!
[Feb 2025] I am serving on the Program Committee of 40th IEEE/ACM International Conference on Automated Software Engineering (ASE 2025). Welcome submissions!
[Feb 2025] I delivered a talk to Detail Lab at the New York University. Thanks for the invitation, Dr. Sunoo Park!
[Jan 2025] I will be visiting and delivering a seminar at the Department of Computer Science, Technical University of Munich (TUM). Thanks for the invitation, Prof. Chunyang Chen!
[Jan 2025] I will be attending the Dagstuhl Seminar 25021 - Grand Challenges for Research on Privacy Documents in Dagsthul, Germany, 05-10 January
[Dec 2024] Our paper "Do Chase Your Tail! Missing Key Aspects Augmentation in Textual Vulnerability Descriptions of Long-tail Software through Feature Inference" has been accepted by Transactions on Software Engineering (TSE)! Congrats to Linyi Han! The pre-print is available on arXiv.
[Oct 2024] I'm excited to announce that our team, comprising researchers from CSIRO's Data61 and Singapore Management University, has secured approximately AUD 700k in funding for our project, ESG-based Responsible AI: Toward Green, Secure, and Compliant LLM Utilisation for Digital Service Development Process. This project is funded under the CSIRO & A*STAR Research-Industry 2+2 Partnership Program. Thanks to other PIs Prof. David Lo and Sherry Xu! Looking forward to advancing this important work!
[Oct 2024] I'm delightful to share that I have been invited to the Dagstuhl Seminar 25021 - Grand Challenges for Research on Privacy Documents. Thanks for the invitation!
[Oct 2024] Our paper " $A^3$ -CodGen : A Repository-Level Code Generation Framework for Code Reuse with Local-Aware, Global-Aware, and Third-Party-Library-Aware" has been accepted by Transactions on Software Engineering (TSE)! Congrats to Dianshu Liao! The pre-print is available on arXiv.
[August 2024] I visited the CyLab at Carnegie Mellon University (CMU). Thank you, Prof. Cranor!
[August 2024] I will be attending the USENIX Security Symposium in Phialadelphia PA, USA 14-16 August.
[July 2024] I was invited to be a guest speaker for the HumaniSE Lab seminar series at Monash University. Thank you, Prof. Grundy!
[May 2024] Our paper "Don't Chase Your Tail! Missing Key Aspects Augmentation in Textual Vulnerability Descriptions of Long-tail Software through Feature Inference" is now available on arXiv.
[May 2024] I delivered the Software Engineering course at Shandong University (Weihai)! Thanks to ANU and SDUW for offering me this opportunity!
[Apr 2024] I am delightful to share that I have received the Google Conference Travel Grant! Thanks Google Australia Research!
[Mar 2024] I was invited to be the guest lecturer for the Usable Security and Privacy course at the University of Edinburgh. Thanks Jingjie!
[Feb 2024] Our paper " {A New Hope}: Contextual Privacy Policies for Mobile Applications And an Approach Toward Automated Generation" has been accepted by USENIX Security 2024! Big thanks to all collaborators from four institutions across three continents!
[Jan 2024] I attended Australasian Commputer Science Week at UNSW (Sydney).
[Dec 2023] Our paper "Context-Aware Code Generation Framework for Code Repositories: Local, Global, and Third-Party Library Awareness" is now available on arXiv.
[Nov 2023] I attended Workshop on 'AI governance and standards: comparative approaches’ at Monash University.
[Sep 2023] Our paper "Is It a Trap? A Large-scale Empirical Study And Comprehensive Assessment of Online Automated Privacy Policy Generators for Mobile Apps" has been accepted by USENIX Security 2024!
[Aug 2023] Our paper "SeePrivacy: Automated Contextual Privacy Policy Generation for Mobile Applications" is now available on arXiv.
[May 2023] Our paper "A Large-scale Empirical Study of Online Automated Privacy Policy Generators for Mobile Apps" is now available on arXiv.
[Mar 2023] I will start my academic visit at Singapore Management University with Prof. David Lo!
[Feb 2023] Our paper "To Be Forgotten or To Be Fair: Unveiling Fairness Implications of Machine Unlearning Methods" has been accepted on AITA: AI Trustworthiness Assessment, AAAI, 2023!
[Oct 2021] I will start my Ph.D. with Prof. Zhenchang Xing in 2021 Fall!
[June 2021] I've earned my Master of Machine Learning and Computer Vision at Australian National University!