I’m an Assistant Professor at the Department of Cognitive Science and Artificial Intelligence of Tilburg University. I am part of the Tilburg Algorithm Observatory, and interested in the (harmful) effects of intelligent systems on our lives; systems that uncover our personal information, monitor and change our behavior, subtly restrict our exposure to information, and treat us unfairly.

I recently defended my dissertation “User-centered Security in Natural Language Processing” under the supervision of Grzegorz ChrupałaEric Postma, and Walter Daelemans.


I have a multidisciplinary background in humanities and computer science. My primary area of expertise is identifying and attempting to subvert (harmful) inferences made through Machine Learning (ML). I have mainly worked on adversarial attacks on Deep Learning algorithms trained on language data (Natural Language Processing or NLP), with a focus on privacy and security. My work critically analyzes the current, and more distant impact such algorithms have on society. I'm a strong advocate of a user-centered, open-source approach to ML, and the automation of society in general.

Within NLP, I have worked on various topics such as (adversarial) stylometry (or author profiling), cyberbullying/toxicity detection, data augmentation through lexical substitution, language generation, machine translation, and more generally scientific development of reproducible research pipelines.


I’m currently the course coordinator for both Data Processing (Python course) in context of our Data Science master, and Language & AI (NLP for Data Science course) for our joint Data Science bachelor with TU/e (JADS). Previously, I taught Text Mining and Spatiotemporal Data Analysis (both one semester), and Data Mining (five years). I focus on innovating the courses I am involved in, primarily by connecting theory to practical use cases. I believe this makes the lectures more fun, and easier to conceptualize the utility of the material. It also provides a soft introduction to applications students might see in their future careers. A recent example is my EDUiLAB project to familiarize Data Processing students with code versioning, repositories, and build servers using GitHub.


Top publications

  1. User-Centered Security in Natural Language Processing

    Emmery, C. (2023). User-Centered Security in Natural Language Processing. [Doctoral Thesis, Tilburg University]. Ridderprint.
  2. Adversarial Stylometry in the Wild - Transferable Lexical Substitutio…

    Emmery, C., Kádár, Á., & Chrupała, G. (2021). Adversarial Stylometry in the Wild: Transferable Lexical Substitution Attacks on Author Profiling. In Proceedings of the 16th Conference of the European Chapter of the Association for Computational Linguistics: Volume 1, Long Papers (pp. 2388-2402). Association for Computational Linguistics. Advance online publication.
  3. Cyberbullying Classifiers are Sensitive to Model-Agnostic Perturbatio…

    Emmery, C., Kádár, A., Chrupała, G., & Daelemans, W. M. P. (2022). Cyberbullying Classifiers are Sensitive to Model-Agnostic Perturbations. Paper presented at Language Resources and Evaluation Conference, Marseille, France.
  4. Style Obfuscation by Invariance

    Emmery, C., Manjavacas, E., & Chrupala, G. (2018). Style Obfuscation by Invariance. In COLING 2018 Association for Computational Linguistics.
  5. Current Limitations in Cyberbullying Detection - on Evaluation Criter…

    Emmery, C., Verhoeven, B., De Pauw, G., Jacobs, G., Van Hee, C., Lefever, E., Desmet, B., Hoste, V., & Daelemans, W. (2020). Current Limitations in Cyberbullying Detection: on Evaluation Criteria, Reproducibility, and Data Scarcity. Language Resources and Evaluation, 55, 597-633. Advance online publication.

Find an expert or expertise