About

Masooda Bashir is an Associate Professor at the School of Information Sciences and the Director of the Security and Privacy in Cyber Environments Lab at iSchool (iSPICE) at the University of Illinois Urbana-Champaign. Her research focuses on the interface of information technology, human psychology, and society, with a particular emphasis on how privacy, security, and trust intersect from a psychological perspective with information systems. As the faculty director of iSPICE, she leads an interdisciplinary team of scholars working at the intersection of privacy, security, technology governance, and human-centered computing, spanning fields such as Information Sciences, Informatics, and Computer Science. Her work reflects a commitment to technically grounded and socially informed research in cyber environments.

Research topics

• Computer Security
• Computer Science
• Political Science
• World Wide Web
• Internet privacy
• Business
• Virology
• Human–computer interaction
• Medicine
• Law

Selected publications

• Using a Language Model to Map Syllabi to Core Competencies

  2026-02-13

  articleOpen accessSenior author

  This poster presents a methodology for evaluating course syllabi using large language models and semantic embeddings. We demonstrate this approach by analyzing 141 cybersecurity syllabi from top-ranked American institutions. Using the intfloat/e5-base-v2 embedding model, syllabus text was mapped to competencies in the National Institute of Standards and Technology's (NIST) National Initiative for Cybersecurity Education Framework (NICE Framework). Cybersecurity was chosen as the domain due to the field's workforce shortage and the existence of the NICE Framework as a standardized taxonomy. This research illustrates how large language models can support curriculum analysis by automating the alignment of educational materials to competency frameworks, offering a scalable approach for other disciplines.

  PublisherDOI

• Unveiling Privacy and Security Gaps in Female Health Apps

  ArXiv.org · 2025-02-04 · 2 citations

  preprintOpen accessSenior author

  Female Health Applications (FHA), a growing segment of FemTech, aim to provide affordable and accessible healthcare solutions for women globally. These applications gather and monitor health and reproductive data from millions of users. With ongoing debates on women's reproductive rights and privacy, it's crucial to assess how these apps protect users' privacy. In this paper, we undertake a security and data protection assessment of 45 popular FHAs. Our investigation uncovers harmful permissions, extensive collection of sensitive personal and medical data, and the presence of numerous third-party tracking libraries. Furthermore, our examination of their privacy policies reveals deviations from fundamental data privacy principles. These findings highlight a significant lack of privacy and security measures for FemTech apps, especially as women's reproductive rights face growing political challenges. The results and recommendations provide valuable insights for users, app developers, and policymakers, paving the way for better privacy and security in Female Health Applications.

  PublisherOA PDFDOI

• The Impact of Perceived Risk on Trust in Human-Robot Interaction

  Lecture notes in computer science · 2025-01-01

  book-chapterSenior author
  PublisherDOI

• When Robots Say Sorry in High-Stake Environment: Emotional Connection Might Matter More Than Explanations

  2025-05-26

  articleSenior author

  Robotic systems are rapidly expanding their operational domains, venturing into scenarios where they collaborate with humans to accomplish a diverse range of tasks from routine functions to high-risk undertakings. As HumanRobot Interaction (HRI) researchers strive to enhance the autonomous capabilities of robots in assisting humans with risky missions, fostering trust in these advanced systems becomes an indispensable prerequisite. Investigating the conditions that shape an individual's decision to trust or distrust a robot in high-risk, time-critical situations is a crucial step toward developing reliable and acceptable robotic assistants for emergency response. In this study, we explored the role of different types of apologies (explanatory, emotional, and no apology) in trust repair within high-risk environments. Our results indicate that emotional apologies demonstrate significant effects in restoring trust after violations, particularly in terms of trust propensity and trust repair. Lastly, we identify research implications and future directions for developing more effective apology structures in human-robot teaming.

  PublisherDOI

• Designing for Transparency: An Analysis of Multilingual Privacy Policies in Chinese, Japanese, and Korean Contexts

  Communications in computer and information science · 2025-01-01

  book-chapter
  PublisherDOI

• Decoding User Concerns in AI Health Chatbots: An Exploration of Security and Privacy in App Reviews

  ArXiv.org · 2025-01-31

  preprintOpen accessSenior author

  AI powered health chatbot applications are increasingly utilized for personalized healthcare services, yet they pose significant challenges related to user data security and privacy. This study evaluates the effectiveness of automated methods, specifically BART and Gemini GenAI, in identifying security privacy related (SPR) concerns within these applications' user reviews, benchmarking their performance against manual qualitative analysis. Our results indicate that while Gemini's performance in SPR classification is comparable to manual labeling, both automated methods have limitations, including the misclassification of unrelated issues. Qualitative analysis revealed critical user concerns, such as data collection practices, data misuse, and insufficient transparency and consent mechanisms. This research enhances the understanding of the relationship between user trust, privacy, and emerging mobile AI health chatbot technologies, offering actionable insights for improving security and privacy practices in AI driven health chatbots. Although exploratory, our findings highlight the necessity for rigorous audits and transparent communication strategies, providing valuable guidance for app developers and vendors in addressing user security and privacy concerns.

  PublisherOA PDFDOI

• Can I Trust This Chatbot? Assessing User Privacy in <scp>AI</scp> ‐Healthcare Chatbot Applications

  Proceedings of the Association for Information Science and Technology · 2025-10-01 · 2 citations

  articleOpen accessSenior author

  ABSTRACT As Conversational Artificial Intelligence (AI) becomes more integrated into everyday life, AI‐powered chatbot mobile applications are becoming increasingly adopted across industries, particularly in healthcare domain. These chatbots offer accessible and 24/7 support, yet their collection and processing of sensitive health data present critical privacy concerns. While prior research has examined chatbot security, privacy issues specific to AI healthcare chatbots have received limited attention. Our study evaluates the privacy practices of 12 widely downloaded AI healthcare chatbot apps available on the App Store and Google Play in the United States. We conducted a three‐step assessment analyzing: (1) privacy settings during sign‐up, (2) in‐app privacy controls, and (3) the content of privacy policies. The analysis identified significant gaps in user data protection. Our findings reveal that half of the examined apps did not present a privacy policy during sign up, and only two provided an option to disable data sharing at that stage. The majority of apps' privacy policies failed to address data protection measures. Moreover, users had minimal control over their personal data. The study provides key insights for information science researchers, developers and policymakers to improve privacy protections in AI healthcare chatbot apps.

  PublisherOA PDFDOI

• Deepfakes and Data Protection: Evaluating the Effectiveness of African Privacy Laws in the Age of AI

  SSRN Electronic Journal · 2025-01-01 · 1 citations

  articleOpen accessSenior author
  PublisherDOI

• Listening to Users: Privacy and Security in Mobile Health Apps

  Lecture notes in computer science · 2025-01-01 · 1 citations

  book-chapter
  PublisherDOI

• Can I Trust This Chatbot? Assessing User Privacy in AI-Healthcare Chatbot Applications

  ArXiv.org · 2025-09-18

  preprintOpen accessSenior author

  As Conversational Artificial Intelligence (AI) becomes more integrated into everyday life, AI-powered chatbot mobile applications are increasingly adopted across industries, particularly in the healthcare domain. These chatbots offer accessible and 24/7 support, yet their collection and processing of sensitive health data present critical privacy concerns. While prior research has examined chatbot security, privacy issues specific to AI healthcare chatbots have received limited attention. Our study evaluates the privacy practices of 12 widely downloaded AI healthcare chatbot apps available on the App Store and Google Play in the United States. We conducted a three-step assessment analyzing: (1) privacy settings during sign-up, (2) in-app privacy controls, and (3) the content of privacy policies. The analysis identified significant gaps in user data protection. Our findings reveal that half of the examined apps did not present a privacy policy during sign up, and only two provided an option to disable data sharing at that stage. The majority of apps' privacy policies failed to address data protection measures. Moreover, users had minimal control over their personal data. The study provides key insights for information science researchers, developers, and policymakers to improve privacy protections in AI healthcare chatbot apps.

  PublisherOA PDFDOI

Recent grants

• Collaborative Research: EAGER: Enhancing the Cyber Security Workforce - The Human Angle

  NSF · $162k · 2013–2016

Frequent coauthors

• Jay P. Kesan

  University of Illinois System

  13 shared

• Carol Mullins Hayes

  Seattle University

  13 shared

• Hsiao‐Ying Huang

  University of Illinois Urbana-Champaign

  12 shared

• Tian Wang

  Beijing Normal University

  12 shared

• Tanusree Sharma

  University of Illinois Urbana-Champaign

  11 shared

• Roy H. Campbell

  9 shared

• Liang Tang

  University of Illinois Urbana-Champaign

  8 shared

• Nasir Memon

  New York University

  5 shared

Labs

• Security and Privacy in Cyber Environments Lab at iSchool (iSPICE)PI

Education

• Ph.D., Psychology

  Purdue University

Awards & honors

• Distinguished Paper Award (2026)
• NSF CAREER Award (2018)