Presentation is loading. Please wait.

Presentation is loading. Please wait.

Privacy and Sensor Andrew Jason Hong. Characteristics –Real-time, distributed –Invisibility of sensors –Potential scale Questions –What data is collected?

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Privacy and Sensor Andrew Jason Hong. Characteristics –Real-time, distributed –Invisibility of sensors –Potential scale Questions –What data is collected?"— Presentation transcript:

1 Privacy and Sensor Andrew Jason Hong

2 Characteristics –Real-time, distributed –Invisibility of sensors –Potential scale Questions –What data is collected? –Who can see it? –What is it used for? –How long is data kept? Issues –Unease over surveillance –Choice in the matter A Personal Story about Privacy

3 Protection from spam, identity theft, mugging Discomfort over perceived surveillance –Lack of trust in work environments –Might affect performance, mental health –May contribute to feeling of lack of control over life Lack of adoption of tech Why Care About Privacy? End-User Perspective Everyday RisksExtreme Risks Stalkers, Muggers _________________________________ Well-being Personal safety Employers _________________________________ Over-monitoring Discrimination Reputation Friends, Family _________________________________ Over-protection Social obligations Embarrassment Government __________________________ Civil liberties

4 Subtle Control “[The Active Badge] could tell when you were in the bathroom, when you left the unit, and how long and where you ate your lunch. EXACTLY what you are afraid of.” -allnurses.com

5 Hard to define until something bad happens –“Well, of course I didn’t mean to share that” –“I know it when I lose it” –No generally agreed upon definition for privacy Risks not always obvious up front –Burglars went to airports to collect license plates –Credit info used by kidnappers in South America –Humidity sensors used to infer presence (Luk and Perrig) Why is Privacy Hard? Definition problem

6 Cause and effect may be far in time and space –Think politicians and actions they did when young –Video might appear on YouTube years later Privacy is highly malleable depending on situation –Still use credit cards to buy online –Benefit outweighs cost Power or social imbalances –Employees may not have many choices Easy to misinterpret –Went to drug rehabilitation clinic, why? Why is Privacy Hard? Individual perspective

7 Easier to capture data –Video cameras, camera phones, microphones, sensors –Break “natural” boundaries of physics Why is Privacy Hard? Technical Perspective

8 Data getting easier to store and retrieve –LifeLog technologies –Googling a potential date Why is Privacy Hard? Technical Perspective

9 Easier to capture data –Video cameras, camera phones, microphones, sensors –Break “natural” boundaries of physics Easier to store and retrieve data –LifeLog technologies –Googling a potential date Easier to share data –Ubiquitous wireless networking –Blogs, wikis, YouTube, Flickr, FaceBook Inferences and Machine Learning –Humidity to detect presence –Work by Microsoft Research predicting where you’re going Why is Privacy Hard? Technical Perspective

10 Some Useful Ways of Thinking about Privacy “Privacy is the claim of individuals, groups or institutions to determine for themselves when, how, and to what extent information about them is communicated to others” (Westin) Led to Fair Information Practices –Note: many variants of FIPs –Will discuss Organization for Economic Cooperation and Development, one of the strictest sets –Useful for organizations collecting lots of data –Hospitals, financial institutions, etc

11 Fair Information Practices (FIPs) Collection limitation Data quality Purpose specification Use limitation Reasonable security Openness and transparency Individual participation Accountability

12 Some Suggestions for Sensor Andrew Collection limitation Data quality Purpose specification Use limitation Reasonable security Openness and transparency Individual participation Accountability Have clear privacy policies for data collection and retention

13 Some Suggestions for Sensor Andrew Collection limitation Data quality Purpose specification Use limitation Reasonable security Openness and transparency Individual participation Accountability Make it clear what is being deployed and why (both on Sensor Andrew web site and signs) No hidden databases

14 Some Suggestions for Sensor Andrew Collection limitation Data quality Purpose specification Use limitation Reasonable security Openness and transparency Individual participation Accountability Make sure databases and wireless networks use basic encryption and have latest patches (might not be immediate concern though)

15 Some Suggestions for Sensor Andrew Collection limitation Data quality Purpose specification Use limitation Reasonable security Openness and transparency Individual participation Accountability Provide some level of choice (opt-in / opt-out) Value proposition for end-users

16 Some Suggestions for Sensor Andrew Collection limitation Data quality Purpose specification Use limitation Reasonable security Openness and transparency Individual participation Accountability Have someone clearly in charge of privacy (sort of a Chief Privacy Officer)

17 Privacy Policies Evidence strongly suggests people don’t read privacy policies (unless assigned as homework ) –Carlos Jensen et al, CHI 2004 But probably better to have them for Sensor Andrew –Forces us to have thought through issues –Somewhat of a placebo effect

18 Multi-Level Privacy Policies http://www.pg.com/privacy/english/privacy_notice.html

19 Multi-Level Privacy Policies Idea from EU Working group on privacy –Short- Few sentences, for mobile phone or sign –Condensed- Half page summary on web site –Full- Details on web site Overall, privacy policies are a good short-term goal

20 Privacy as Projecting a Desired Persona People see you the way you want them to see you Examples: –Cleaning up your place before visitors –Putting the right books and CDs out –Having “desirable” Facebook groups, hobbies, politics, etc on your profile This is more about interpersonal privacy, versus privacy with respect to organizations

21 Some Sensor Andrew Scenarios Students see when faculty arrive and leave (or vice versa) Spouse checks if really leaving office “right now” Parents try to look up information about children Stalker monitors stalkee “Creepy but cool” How others use Sensor Andrew Want to project a desirable persona, while being protected from intrusive queries

22 Long-Term Research Possibilities Provide multiple layers of protection Sensor Layer Data Layer User Interface Layer Actual sensors and wireless networking Limitations on what is collected Some natural ambiguity Plausible deniability

23 Long-Term Research Possibilities Sensor Layer Data Layer User Interface Layer Storage and access to sensed data Might limit what others can access UW RFID project Might log all queries for potential audits Might have a way of translating privacy policies into something that limits queries Checks that certain info not released

24 Long-Term Research Possibilities Sensor Layer Data Layer User Interface Layer Providing controls and feedback to end-users Makes people feel in control of system Social translucency Awareness PAWS Can at least act right

25 Questions?

26 Contextual Instant Messaging Facilitate coordination and communication by letting people request contextual information via IM –Interruptibility (via SUBTLE toolkit) –Location (via Place Lab WiFi positioning) –Active window Developed a custom client and robot on top of AIM –Client (Trillian plugin) captures and sends context to robot –People can query imbuddy411 robot for info “howbusyis username” –Robot also contains privacy rules governing disclosure

27 Web-based specification of privacy preferences –Users can create groups and put screennames into groups –Users can specify what each group can see Control – Setting Privacy Policies

28 Coarse grain controls plus access to privacy settings Control – System Tray

29 Feedback – Notifications

30 Feedback – Social Translucency

31 Feedback – Offline Notification

32 Feedback – Summaries

33 Feedback – Audit Logs

34 Separate projects into tiers? –High-risk and low-risk ones –Or step-by-step guide for all projects Permission from office owners –Informed opt-in –How long to retain info? –How long is anonymized data kept? –How easy to de-anonymize data? What makes Sensor Andrew different from other systems collecting info that can be inferred? Higher standard for us b/c of possible fusion Use sensors only in public spaces / hallways Don’t store anything until we have figured out better policies? Let individuals see info about themselves Participatory design

Download ppt "Privacy and Sensor Andrew Jason Hong. Characteristics –Real-time, distributed –Invisibility of sensors –Potential scale Questions –What data is collected?"

Similar presentations

Surfing the net: Ways to protect yourself. Internet Safety Look into safeguarding programs or options your online service provider might offer. Look into.

Surfing the net: Ways to protect yourself. Internet Safety Look into safeguarding programs or options your online service provider might offer. Look into.
Protecting children online  How can you protect your child online?  Are you aware of the dangers?  Do you know what you can put in place to protect.

Protecting children online  How can you protect your child online?  Are you aware of the dangers?  Do you know what you can put in place to protect.
Internet Online Safety How to have FUN and Stay in Control.

Internet Online Safety How to have FUN and Stay in Control.
Internet Safety James Fuller Internet Rules To Remember When asked by friends or strangers, online or offline, never share Account IDs and Passwords.

Internet Safety James Fuller Internet Rules To Remember When asked by friends or strangers, online or offline, never share Account IDs and Passwords.
Privacy No matter how exemplary your life is, there are things you want to keep to yourself © 2004, Lawrence Snyder.

Privacy No matter how exemplary your life is, there are things you want to keep to yourself © 2004, Lawrence Snyder.
This week is anti-bullying week.

This week is anti-bullying week.
Students’ online profiles for employability and community Frances Chetwynd, Karen Kear, Helen Jefferis and John Woodthorpe The Open University.

Students’ online profiles for employability and community Frances Chetwynd, Karen Kear, Helen Jefferis and John Woodthorpe The Open University.
 Guarantee that EK is safe  Yes because it is stored in and used by hw only  No because it can be obtained if someone has physical access but this can.

 Guarantee that EK is safe  Yes because it is stored in and used by hw only  No because it can be obtained if someone has physical access but this can.
Privacy Risk Models for Designing Privacy-Sensitive Ubiquitous Computing Systems Jason Hong Carnegie Mellon Jennifer Ng Carnegie Mellon Scott Lederer University.

Privacy Risk Models for Designing Privacy-Sensitive Ubiquitous Computing Systems Jason Hong Carnegie Mellon Jennifer Ng Carnegie Mellon Scott Lederer University.
Privacy and Ubiquitous Computing Jason I. Hong. Ubicomp Privacy is a Serious Concern “[Active Badge] could tell when you were in the bathroom, when you.

Privacy and Ubiquitous Computing Jason I. Hong. Ubicomp Privacy is a Serious Concern “[Active Badge] could tell when you were in the bathroom, when you.
Introduction to Ubicomp Privacy or Is Privacy the Achilles’ Heel of Ubicomp?

Introduction to Ubicomp Privacy or Is Privacy the Achilles’ Heel of Ubicomp?
User- Controllable Privacy and Security for Pervasive Computing Jason I. Hong Carnegie Mellon University.

User- Controllable Privacy and Security for Pervasive Computing Jason I. Hong Carnegie Mellon University.
3 Ethics and Privacy.

3 Ethics and Privacy.
Location Privacy Christopher Pride. Readings Location Disclosure to Social Relations: Why, When, and What People Want to Share Location Disclosure to.

Location Privacy Christopher Pride. Readings Location Disclosure to Social Relations: Why, When, and What People Want to Share Location Disclosure to.
Who’s Viewed You? The Impact of Feedback in a Mobile Location-Sharing Application Date : 2011/09/06 Reporter : Lin Kelly.

Who’s Viewed You? The Impact of Feedback in a Mobile Location-Sharing Application Date : 2011/09/06 Reporter : Lin Kelly.
» Teaching an online class, what takes up most of your time?

» Teaching an online class, what takes up most of your time?
Scams and Schemes. Today’s Objective I can understand what identity theft is and why it is important to guard against it, I can recognize strategies that.

Scams and Schemes. Today’s Objective I can understand what identity theft is and why it is important to guard against it, I can recognize strategies that.
BTT12OI.  Do you know someone who has been scammed? What happened?  Been tricked into sending someone else money (not who they thought they were) 

BTT12OI.  Do you know someone who has been scammed? What happened?  Been tricked into sending someone else money (not who they thought they were) 
INTERNET SAFETY FOR STUDENTS

INTERNET SAFETY FOR STUDENTS
DIGITAL CITIZENSHIP 6 TH – 8 TH UNIT 1 LESSON 3 SCAMS & SCHEMES What is identity theft, and how can you protect yourself from it?

DIGITAL CITIZENSHIP 6 TH – 8 TH UNIT 1 LESSON 3 SCAMS & SCHEMES What is identity theft, and how can you protect yourself from it?

Similar presentations

Ads by Google