Supporting Location Privacy Management through Feedback and Control

Participation in modern, socially-focused digital systems involves a large degree of privacy management, i.e. controlling who may access what information under what circumstances. Effective privacy management (control) requires that mobile systems’ users be able to make informed privacy decisions as their experience and knowledge of a system progresses. By informed, we mean users be aware of the actual information flow. Moreover, privacy preferences vary across the context and it is hard to define privacy policy that reflects the dynamic nature of our lives. This research explores the problem of supporting awareness of information flow and designing usable interfaces for maintaining privacy policies ad-hoc. We borrow from the world of Computer Supported Collaborative Work (CSCW) and propose to incorporate social translucence, a design approach that “supports coherent behaviour by making participants and their activities visible to one another”. We use the characteristics of social translucence, namely visibility, awareness and accountability in order to introduce social norms in spatially dispersed systems. Our research is driven by two questions: (1) how can artifacts from real world social interaction, such as responsibility, be embedded into mobile interaction; and (2) can systems be designed in which both privacy violations and the burden of privacy management is minimized. The contributions of our work are: (1) an implementation of Buddy Tracker, privacy-aware location-sharing application based on the social translucence; (2) the design and evaluation of the concept of real-time feedback as a means of incorporating social translucence in location-sharing scenarios; and finally (3) a novel interface for ad-hoc privacy management called Privacy-Shake. We explore the role of real-time feedback for privacy management in the context of Buddy Tracker. Informed by focus group discussions, interviews, surveys and two field trials of Buddy Tracker we found that when using a system that provided real-time feedback, people were more accountable for their actions and reduced the number of unreasonable location requests. From our observations we develop concrete design guidelines for incorporating real-time feedback into information sharing applications in a manner that ensures social acceptance of the technology

Too much information: visual research ethics in the age of wearable cameras

When everything you see is data, what ethical principles apply? This paper argues that first-person digital recording technologies challenge traditional institutional approaches to research ethics, but that this makes ethics governance more important, not less so. We review evolving ethical concerns across four fields: Visual ethics; ubiquitous computing; mobile health; and grey literature from applied or market research. Collectively, these bodies of literature identify new challenges to traditional notions of informed consent, anonymity, confidentiality, privacy, beneficence and maleficence. Challenges come from the ever-increasing power, breadth and multi-functional integration of recording technologies, and the ubiquity and normalization of their use by participants. Some authors argue that these evolving relationships mean that institutional ethics governance procedures are irrelevant or no longer apply. By contrast, we argue that the fundamental principles of research ethics frameworks have become even more important for the protection of research participants, and that institutional frameworks need to adapt to keep pace with the ever-increasing power of recording technologies and the consequent risks to privacy. We conclude with four recommendations for efforts to ensure that contemporary visual recording research is held appropriately accountable to ethical standards: (i) minimizing the detail, scope, integration and retention of captured data, and limiting its accessibility; (ii) formulating an approach to ethics that takes in both the ‘common rule’ approaches privileging anonymity and confidentiality together with principles of contextual judgement and consent as an ongoing process; (iii) developing stronger ethical regulation of research outside academia; (iv) engaging the public and research participants in the development of ethical guidelines

When Things Matter: A Data-Centric View of the Internet of Things

With the recent advances in radio-frequency identification (RFID), low-cost wireless sensor devices, and Web technologies, the Internet of Things (IoT) approach has gained momentum in connecting everyday objects to the Internet and facilitating machine-to-human and machine-to-machine communication with the physical world. While IoT offers the capability to connect and integrate both digital and physical entities, enabling a whole new class of applications and services, several significant challenges need to be addressed before these applications and services can be fully realized. A fundamental challenge centers around managing IoT data, typically produced in dynamic and volatile environments, which is not only extremely large in scale and volume, but also noisy, and continuous. This article surveys the main techniques and state-of-the-art research efforts in IoT from data-centric perspectives, including data stream processing, data storage models, complex event processing, and searching in IoT. Open research issues for IoT data management are also discussed

Privacy mediators:helping IoT cross the chasm

Unease over data privacy will retard consumer acceptance of IoT deployments. The primary source of discomfort is a lack of user control over raw data that is streamed directly from sensors to the cloud. This is a direct consequence of the over-centralization of today’s cloud-based IoT hub designs. We propose a solution that interposes a locally-controlled software component called a privacy mediator on every raw sensor stream. Each mediator is in the same administrative domain as the sensors whose data is being collected, and dynamically enforces the current privacy policies of the owners of the sensors or mobile users within the domain. This solution necessitates a logical point of presence for mediators within the administrative boundaries of each organization. Such points of presence are provided by cloudlets, which are small locally-administered data centers at the edge of the Internet that can support code mobility. The use of cloudlet-based mediators aligns well with natural personal and organizational boundaries of trust and responsibility

Information Producers, Information Consumers : Location Data Privacy in Institutional Settings

Peer reviewedPreprin

Security and online social networks

In the last few years we have witnessed a sustained rise in the popularity of online Social Network Sites (SNSs) such as Twitter, Facebook, Myspace, Flickr, LinkedIn, FriendFeed, Google Friend Con- nect, Yahoo! Groups, etc., which are some of the most visited websites worldwide. However, since they are are easy to use and the users are often not aware of the nature of the access of their profiles, they often reveal information which should be kept away from the public eyes. As a result, these social sites may originate security related threats for their members. This paper highlights the benefits of safe use of SNSs and emphasizes the most important threats to members of SNSs. Moreover, we will show the main factors behind these threats. Finally we present policy and technical recommendations in order to improve security without compromising the benefits of information sharing through SNSs.IV Workshop Arquitectura, Redes y Sistemas Operativos (WARSO)Red de Universidades con Carreras en Informática (RedUNCI