1 / 43

Privacy in ubicomp

Privacy in ubicomp. Weiser:. Privacy a key challenge. Privacy and technology. Type of information collected? Who has access? Access for what purpose? How long is information stored? In what format is information stored? What levels of accuracy and precision?. IRB release form example.

jenski
Télécharger la présentation

Privacy in ubicomp

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Privacy in ubicomp

  2. Weiser: • Privacy a key challenge

  3. Privacy and technology • Type of information collected? • Who has access? • Access for what purpose? • How long is information stored? • In what format is information stored? • What levels of accuracy and precision?

  4. IRB release form example • Type of information collected: • Speech • Interactions with GUI, devices • Data generated by devices • Physiological measures from on-body sensors (e.g. ECG) • Off-body sensors (e.g. eye tracker) • Video • Questionnaire answers

  5. Who has access? • Andrew Kun, students, staff • Researchers from other institutions • Consumers of printed and online media (scientific publications, blogs, etc.)

  6. Access for what purpose? • Development of user interfaces for cars and handheld devices

  7. How long is information stored? • “The data will be stored for future use in our research.” • = “We have no plans to ever destroy the data.”

  8. In what format is info stored? • Not specified • No link to participant other than in video data

  9. What levels of accuracy, precision? • Not specified = nothing omitted (e.g. face recognizable in video)

  10. Privacy and technology • Internet – no privacy, but… • China: • Filter search engines: if you filter, you may know who submitted the query • Should companies sell equipment or leave China? • Self-censorship: • Individuals • Companies: e.g. Windows Live Spaces • Should companies practice self-censorship or leave China?

  11. Jeremy Bentham’s Panopticon

  12. Privacy and technology • China: • MySpace: can denounce other users

  13. Of course, this is nothing new…

  14. Forbidden topics? • Political: Taiwan independence • Religious: e.g. Falun Gong • Sex: e.g. Muzi Mei blog

  15. Contrast: First Amendment

  16. Need another horror story? • Nazi censuses using IBM technology: • Identified Jews, homosexuals, Jehovah’s Witnesses, etc.

  17. What is privacy? • 1215: Magna Carta • King will bound by law

  18. 1361: Justices of the Peace Act • Sentences for: • Peeping Toms • Eavesdroppers

  19. “My home is my castle” • 1763: William Pitt (later PM)

  20. Warren and Brandeis • 1890: “the right to be let alone”

  21. 1967: Alan Westin • Individuals, groups, institutions • When, how and to what extent information about them communicated to others • = Information privacy

  22. Privacy over the centuries • Focus shift from local to remote: • Local/physical: • Bodily • Territorial • Solitude • Information • Communication

  23. Ubicomp effects? • Local privacy under attack again! • Speech recognition for eavesdropping • Smart shirt: ECG • Smart fridge: what you eat/buy • Robots, cameras: what’s inside your house • Etc.

  24. Gary T. Marx: Personal border crossings • Borders: • Natural • Social • Spatial or temporal • Due to ephemeral or transitory effects

  25. Natural borders • Walls, doors • Clothing • Darkness • Sealed letters • Phone calls

  26. Social borders • Family • Doctor, lawyer

  27. Spatial and temporal borders • Spatial: work vs. private life • Temporal: past transgressions

  28. Ephemeral/transitory effects • Will anybody remember today’s lecture in detail?

  29. The end of the ephemeral? • Lifelogging: Steve Mann • Helping people with amnesia, etc.: Microsoft SenseCam (pdf, video)

  30. Solove’s privacy taxonomy • Tort law = remedies for civil wrongs • Data holders and information: • Collection • Surveillance • Interrogation • Processing • Aggregation, etc. • Dissemination • Breach of confidentiality, etc.

  31. Why do we need privacy? • Privacy = property • Can sell it as a commodity • Trust market forces • But…

  32. Why do we need privacy? • Autonomy of the individual • Experiment • Maintaining different faces • Allow for emotional release functionality

  33. Why do we need privacy? • Social good necessary for functioning of a democracy • Enables citizens to participate

  34. Do people care about location privacy? • John Krumm, "Inference Attacks on Location Tracks", Fifth International Conference on Pervasive Computing (Pervasive 2007), May 13-16, 2007, Toronto, Ontario, Canada. (PDF) (PPT) (PPT 2007)

  35. People Don’t Care About Location Privacy – John Krumm, Pervasive’07 • 74 U. Cambridge CS students • Would accept £10 to reveal 28 days of measured locations (£20 for commercial use) (1) • 226 Microsoft employees • 14 days of GPS tracks in return for 1 in 100 chance for $200 MP3 player • 62 Microsoft employees • Only 21% insisted on not sharing GPS data outside • 11 with location-sensitive message service in Seattle • Privacy concerns fairly light (2) • 55 Finland interviews on location-aware services • “It did not occur to most of the interviewees that they could be located while using the service.” (3) (1)Danezis, G., S. Lewis, and R. Anderson. How Much is Location Privacy Worth? in Fourth Workshop on the Economics of Information Security. 2005. Harvard University. (2) Iachello, G., et al. Control, Deception, and Communication: Evaluating the Deployment of a Location-Enhanced Messaging Service. inUbiComp 2005: Ubiquitous Computing. 2005. Tokyo, Japan. (3) Kaasinen, E., User Needs for Location-Aware Mobile Services. Personal and Ubiquitous Computing, 2003. 7(1): p. 70-79.

  36. Legal background • Established in tort law: • Intrusion upon solitude, private affairs • Public disclosure of embarrassing personal facts • Publicity placing one in false light in public eye • Appropriation of name/likeness • How to hack RFID-enabled credit cards for $8

  37. Privacy/data protection law • Tort law: two individuals • Privacy/data protection law: government or industry and individual • Basis: OECD Fair Information Principles

  38. OECD Fair Information Principles • Collection limitation • Data quality • Purpose specification • Use limitation • Security safeguards • Openness • Individual participation • Accountability

  39. Legislative approaches • US: • Overarching privacy laws for federal government • As-needed for state/local government and private organizations • EU: • Overarching privacy laws for all entities

  40. Interpersonal privacy • Most people won’t sue (tort), they will not use your design • So… • Privacy is not a binary function. • More than yes/no. • Privacy is a social process. • Continually adjusted.

  41. The elderly, ubicomp and privacy • Ethical Technology in the Homes of Seniors at Indiana University (ETHOS): • Ambient Clock (video)

  42. Ubicomp for couples • Empathy Mirror: • Kang-Hao Chang et al. CHI 2008 (pdf, video) • CoupleVibe: • Elizabeth Bales et al. Ubicomp 2009 (pdf)

  43. RFID • The hype: IBM commercial video • The most boring video of all time: RFID parking • The RFID Ecosystem at the University of Washington (video)

More Related