I am Nick Merrill, a research scientist at the U.C. Berkeley Center for Long-Term Cybersecurity (CLTC).
My work
I’ve had a long and varied career
College
I attended Northwestern University, where I majored in cognitive science with a concentration in AI.
Generative art (2012-2014). I did a lot of art with Processing. (After college, I almost took a job at Sosolimited, but I decided to go to grad school at Berkeley instead.). My favorite project from this period is probably Lykkemat. Runners up: mind-controlled Reddit reader, neural network diffusion visualizer called nasty. (Scaleable neural networks, a la Geoff Hinton, were brand new then).
Ph.D.
I attended the U.C. Berkeley School of Information for my PhD.
Brain-computer interface (2013-2018). High off the Lykkemat project, I spent a lot of time building brain-computer interfaces, often with surprisingly cheap components. I worked on the Passthought project during my Ph.D. under John Chuang. Our crowning achievement was probably three-factor, single-step authentication using in-ear EEG.
Mind stuff (2014-2018). Since I was building stuff that could scan the brain, I started wondering: could machines ever read the mind? This was the subject of my dissertation, and roughly, I decided that the answer is yes, of course they can. But (1) engineers will have to decide what they think the “mind” is first, and (2) whatever they decide, the things they build will go on to shape social narratives, which will then feed back into future engineers’ beliefs, and so on. So, our notion of what the mind is shapes our notion of what technology can read it, and vice versa, and likely always has been. See a high-level explainer here.
Postdoc
In 2018, I became the inaugural postdoctoral fellow at the U.C. Berkeley Center for Long-Term Cybersecurity. After my postdoc, I stayed on as a research scientist, where I ran the Daylight Lab.
Security games (2018-2020). I developed easy-to-learn games as a security tool. From that work, I developed a game called Adversary Personas, which is now used by the U.S. Cybersecurity and Infrastructure Security Agency, Taiwan’s Ministry of Digital Affairs, and Meta. You can read some (independly authored) research on this technique here.
MLFailures (2019-). I noticed that students were graduating from Berkeley, going on to build AI models at some of the biggest companies in the world, but never got any hands-on experience with assuring the models they built are safe or fair! With Sam Greenberg and Inderpal Kaur, I developed the MLFailures Mini-Bootcamp—a series of lectures and Python labs designed to train the next generation of students to identify, discuss, and address the risks posed by machine learning algorithms. I taught this bootcamp yearly in Josh Blumenstock’s INFO 251 class. I also teach it three or four times a year to a mix of mid-to-senior-level U.S. congressional aides and Executive Branch officials (previously through the Wilson Center, now through SeedAI).
Research Scientist
Internet Atlas (2020-). In 2018, Steve Weber, my postdoc advisor came to me with something like, “Hey, people are talking about internet fragmentation—what’s going on?” The answer turned out to be very interesting and complicated. Geopolitical dynamics shape the internet and vice versa. Also, due to weak antitrust enforcement in the U.S., the whole internet is run by, like, five companies (including ones you’ve never heard of), and an outage in any one would probably turn the whole internet off. This work took me to Taiwan, where I studied the dynamics of Taiwan’s internet during an invasion. Data from this project hydrates the Internet Society’s Pulse dashboard. My favourite project so far is probably Inside the Internet, co-authored with Tejas Narechania.
Secure Clean Energy (2024-). Ann Cleaveland, the executive director of CLTC, asked, “What does the clean energy transition mean for cybersecurity?” (She actually asked *several* times, but I always thought I was so busy... Eventually, something flipped, and I knew I had to work on the question). With a grant from OpenPhilanthropy, the Secure Clean Energy project was born. Small but mighty, this substack is (as far as I know) the premier resource on the intersection between cybersecurity and the clean energy transition.
Extracurriculars
I’ve always had an entrepreneurial streak, even during my days in academia.
PeakRider (2017). With some friends, I built an algorithmic trading system. I’m not, like, morally proud of this accomplishment, but it taught me a lot about entrepreneurship (and finance), and, you know, they don’t pay you overly well in Ph.D., so I was motivated, and the income was helpful.
DAO DAO (2021-). Along with some friends, I built DAO DAO, the premier decentralized autonomous organization (DAO) tooling in the Cosmos ecosystem. We envision this tooling as a way to ameliorate some of the fundamental issues associated with building and scaling co-operatives.
WAVS (2025-). Along with—you guessed it—some friends, I’ve been working on WAVS, a better way to build verifiable applications (i.e., applications that can be proven to work the way you think they work, even if they don’t run on your computer).
Personal life
I live in Vancouver, Canada, the unceded territory of the xʷməθkʷəy̓əm (Musqueam), Sḵwx̱wú7mesh (Squamish), and səlilwətaɬ (Tsleil-Waututh) Nations.
For years, I lived in the traditional territory of the Ohlone people, who have still not been recognized by the U.S. federal government. If you do too, check out ‘oṭṭoytak/Cafe Ohlone and consider giving shuumi.
ewweh ṭuuxi huyyuwiš (brighter days lie ahead)
