A Bystander\u27s Dilemma: Participatory Design Study of Privacy Expectations for Smart Home Devices

Traditional homes have become increasingly filled with Internet-connected devices, turning them into “smart homes.” Currently, research around privacy concerns with smart home devices has focused on the end users. The goal for our research is to understand the perceptions and desired privacy mechanisms from the perspective of a different stakeholder, i.e., the bystanders. Bystanders in this context are individuals who are not the owner or primary user of smart home devices but are potentially affected by the device usage, such as house guests or family members. In order to understand this, we conducted a focus group study with co-design activities to discover bystanders’ perceptions of smart home devices as well as their desired protections and privacy designs. Through seven focus groups with 18 participants, we revealed different bystanders’ concerns (e.g. data sharing) and the factors that affected the bystanders’ perceptions (e.g. device company trust). Using the participants’ desires for the privacy mechanism designs (e.g. awareness of device), we created our own design based on what we learned. Our designs considered the participants’ perceptions and summarized what one should consider when creating privacy mechanisms for bystanders of smart home devices

Privacy For Whom? A Multi-Stakeholder Exploration of Privacy Designs

Privacy is considered one of the fundamental human rights. Researchers have been investigating privacy issues in various domains, such as our physical privacy, data privacy, privacy as a legal right, and privacy designs. In the Human-Computer Interaction field, privacy researchers have been focusing on understanding people\u27s privacy concerns when they interact with computing systems, designing and building privacy-enhancing technologies to help people mitigate these concerns, and investigating how people\u27s privacy perceptions and the privacy designs influence people\u27s behaviors. Existing privacy research has been overwhelmingly focusing on the privacy needs of end-users, i.e., people who use a system or a product, such as Internet users and smartphone users. However, as our computing systems are becoming more and more complex, privacy issues within these systems have started to impact not only the end-users but also other stakeholders, and privacy-enhancing mechanisms designed for the end-users can also affect multiple stakeholders beyond the users. In this dissertation, I examine how different stakeholders perceive privacy-related issues and expect privacy designs to function across three application domains: online behavioral advertising, drones, and smart homes. I choose these three domains because they represent different multi-stakeholder environments with varying nature of complexity. In particular, these environments present the opportunities to study technology-mediated interpersonal relationships, i.e., the relationship between primary users (owners, end-users) and secondary users (bystanders), and to investigate how these relationships influence people\u27s privacy perceptions and their desired ways of privacy protection. Through a combination of qualitative, quantitative, and design methods, including interviews, surveys, participatory designs, and speculative designs, I present how multi-stakeholder considerations change our understandings of privacy and influence privacy designs. I draw design implications from the study results and guide future privacy designs to consider the needs of different stakeholders, e.g., cooperative mechanisms that aim to enhance the communication between primary and secondary users. In addition, this methodological approach allows researchers to directly and proactively engage with multiple stakeholders and explore their privacy perceptions and expected privacy designs. This is different from what has been commonly used in privacy literature and as such, points to a methodological contribution. Finally, this dissertation shows that when applying the theory of Contextual Integrity in a multi-stakeholder environment, there are hidden contextual factors that may alter the contextual informational norms. I present three examples from the study results and argue that it is necessary to carefully examine such factors in order to clearly identify the contextual norms. I propose a research agenda to explore best practices of applying the theory of Contextual Integrity in a multi-stakeholder environment

Useful shortcuts: Using design heuristics for consent and permission in smart home devices

Prior research in smart home privacy highlights significant issues with how users understand, permit, and consent to data use. Some of the underlying issues point to unclear data protection regulations, lack of design principles, and dark patterns. In this paper, we explore heuristics (also called “mental shortcuts” or “rules of thumb”) as a means to address security and privacy design challenges in smart homes. First, we systematically analyze an existing body of data on smart homes to derive a set of heuristics for the design of consent and permission. Second, we apply these heuristics in four participatory co-design workshops (n = 14) and report on their use. Third, we analyze the use of the heuristics through thematic analysis highlighting heuristic application, purpose, and effectiveness in successful and unsuccessful design outcomes. We conclude with a discussion of the wider challenges, opportunities, and future work for improving design practices for consent in smart homes

Usable privacy and security in smart homes

Ubiquitous computing devices increasingly dominate our everyday lives, including our most private places: our homes. Homes that are equipped with interconnected, context-aware computing devices, are considered “smart” homes. To provide their functionality and features, these devices are typically equipped with sensors and, thus, are capable of collecting, storing, and processing sensitive user data, such as presence in the home. At the same time, these devices are prone to novel threats, making our homes vulnerable by opening them for attackers from outside, but also from within the home. For instance, remote attackers who digitally gain access to presence data can plan for physical burglary. Attackers who are physically present with access to devices could access associated (sensitive) user data and exploit it for further cyberattacks. As such, users’ privacy and security are at risk in their homes. Even worse, many users are unaware of this and/or have limited means to take action. This raises the need to think about usable mechanisms that can support users in protecting their smart home setups. The design of such mechanisms, however, is challenging due to the variety and heterogeneity of devices available on the consumer market and the complex interplay of user roles within this context. This thesis contributes to usable privacy and security research in the context of smart homes by a) understanding users’ privacy perceptions and requirements for usable mechanisms and b) investigating concepts and prototypes for privacy and security mechanisms. Hereby, the focus is on two specific target groups, that are inhabitants and guests of smart homes. In particular, this thesis targets their awareness of potential privacy and security risks, enables them to take control over their personal privacy and security, and illustrates considerations for usable authentication mechanisms. This thesis provides valuable insights to help researchers and practitioners in designing and evaluating privacy and security mechanisms for future smart devices and homes, particularly targeting awareness, control, and authentication, as well as various roles.Computer und andere „intelligente“, vernetzte Geräte sind allgegenwärtig und machen auch vor unserem privatesten Zufluchtsort keinen Halt: unserem Zuhause. Ein „intelligentes Heim“ verspricht viele Vorteile und nützliche Funktionen. Um diese zu erfüllen, sind die Geräte mit diversen Sensoren ausgestattet – sie können also in unserem Zuhause sensitive Daten sammeln, speichern und verarbeiten (bspw. Anwesenheit). Gleichzeitig sind die Geräte anfällig für (neuartige) Cyberangriffe, gefährden somit unser Zuhause und öffnen es für potenzielle – interne sowie externe – Angreifer. Beispielsweise könnten Angreifer, die digital Zugriff auf sensitive Daten wie Präsenz erhalten, einen physischen Überfall in Abwesenheit der Hausbewohner planen. Angreifer, die physischen Zugriff auf ein Gerät erhalten, könnten auf assoziierte Daten und Accounts zugreifen und diese für weitere Cyberangriffe ausnutzen. Damit werden die Privatsphäre und Sicherheit der Nutzenden in deren eigenem Zuhause gefährdet. Erschwerend kommt hinzu, dass viele Nutzenden sich dessen nicht bewusst sind und/oder nur limitierte Möglichkeiten haben, effiziente Gegenmaßnahmen zu ergreifen. Dies macht es unabdingbar, über benutzbare Mechanismen nachzudenken, die Nutzende beim Schutz ihres intelligenten Zuhauses unterstützen. Die Umsetzung solcher Mechanismen ist allerdings eine große Herausforderung. Das liegt unter anderem an der großen Vielfalt erhältlicher Geräte von verschiedensten Herstellern, was das Finden einer einheitlichen Lösung erschwert. Darüber hinaus interagieren im Heimkontext meist mehrere Nutzende in verschieden Rollen (bspw. Bewohner und Gäste), was die Gestaltung von Mechanismen zusätzlich erschwert. Diese Doktorarbeit trägt dazu bei, benutzbare Privatsphäre- und Sicherheitsmechanismen im Kontext des „intelligenten Zuhauses“ zu entwickeln. Insbesondere werden a) die Wahrnehmung von Privatsphäre sowie Anforderungen an potenzielle Mechanismen untersucht, sowie b) Konzepte und Prototypen für Privatsphäre- und Sicherheitsmechanismen vorgestellt. Der Fokus liegt hierbei auf zwei Zielgruppen, den Bewohnern sowie den Gästen eines intelligenten Zuhauses. Insbesondere werden in dieser Arbeit deren Bewusstsein für potenzielle Privatsphäre- und Sicherheits-Risiken adressiert, ihnen Kontrolle über ihre persönliche Privatsphäre und Sicherheit ermöglicht, sowie Möglichkeiten für benutzbare Authentifizierungsmechanismen für beide Zielgruppen aufgezeigt. Die Ergebnisse dieser Doktorarbeit legen den Grundstein für zukünftige Entwicklung und Evaluierung von benutzbaren Privatsphäre und Sicherheitsmechanismen im intelligenten Zuhause

Acceptance and Privacy Perceptions Toward Video-based Active and Assisted Living Technologies: Scoping Review

Background: The aging society posits new socioeconomic challenges to which a potential solution is active and assisted living (AAL) technologies. Visual-based sensing systems are technologically among the most advantageous forms of AAL technologies in providing health and social care; however, they come at the risk of violating rights to privacy. With the immersion of video-based technologies, privacy-preserving smart solutions are being developed; however, the user acceptance research about these developments is not yet being systematized. Objective: With this scoping review, we aimed to gain an overview of existing studies examining the viewpoints of older adults and/or their caregivers on technology acceptance and privacy perceptions, specifically toward video-based AAL technology. Methods: A total of 22 studies were identified with a primary focus on user acceptance and privacy attitudes during a literature search of major databases. Methodological quality assessment and thematic analysis of the selected studies were executed and principal findings are summarized. The PRISMA-ScR (Preferred Reporting Items for Systematic Reviews and Meta-Analyses Extension for Scoping Reviews) guidelines were followed at every step of this scoping review. Results: Acceptance attitudes toward video-based AAL technologies are rather conditional, and are summarized into five main themes seen from the two end-user perspectives: caregiver and care receiver. With privacy being a major barrier to video-based AAL technologies, security and medical safety were identified as the major benefits across the studies. Conclusions: This review reveals a very low methodological quality of the empirical studies assessing user acceptance of video-based AAL technologies. We propose that more specific and more end user– and real life–targeting research is needed to assess the acceptance of proposed solutions.This work is funded by the European Union’s Horizon 2020 research and innovation programme under the Marie Sklodowska-Curie grant agreement number 861091 for the visuAAL project

The UX of things: exploring UX principles to inform security and privacy design in the smart home

Smart homes are under attack. Threats can harm both the security of these homes and the privacy of their inhabitants. As a result, in addition to delivering pleasant and aesthetic experiences, smart devices need to protect households from vulnerabilities and attacks. Further, the need for user-centered security and privacy design is particularly important for such an environment, given that inhabitants are demographically-diverse (e.g., age, gender, educational level) and have different skills and (dis)abilities. Prior work has explored different usable security and privacy solutions for smart homes; however, the applicability of user eXperience (UX) principles to security and privacy design is under-explored. This research project aims to address the on-going challenge of security and privacy in the smart home through the lens of UX design. The objective of this thesis is two-fold. First, to investigate how UX factors and principles affect the security and privacy of smart home users. Secondly, to inform product design through the development of an empirically-tested framework for UX design of security and privacy in smart home products. In the first step, we explored the relationship between UX, security, and privacy in smart homes from user and designer perspectives: through (i) conducting a qualitative interview study with smart home users (n=13) and (ii) analyzing an ethnomethodologically informed study of six UK households living in smart homes (n=6); and, we then explored the role of UX in the design of security, privacy and data protection in smart homes through qualitative semi-structured interviews with smart home users, designers and business leaders through two rounds of interviews (n=20, n=20). In the second step, using conceptual framework analysis, we systematically analyzed our previously collected data and the literature to construct a framework of design heuristics for consent and permission in smart homes. We applied these heuristics in four participatory co-design workshops and reported on their use. We further analyzed the use of the heuristics through thematic analysis highlighting how the heuristics were used, their purpose, and their effectiveness. By bringing UX design to the smart home security and privacy table, we believe that this research project will have a significant impact on academia, industry, and government organizations. Our thesis will improve design practices for security and privacy in domestic smart devices while addressing wider challenges, opportunities, and future work

Further Exploring Communal Technology Use in Smart Homes: Social Expectations

Device use in smart homes is becoming increasingly communal, requiring cohabitants to navigate a complex social and technological context. In this paper, we report findings from an exploratory survey grounded in our prior work on communal technology use in the home [4]. The findings highlight the importance of considering qualities of social relationships and technology in understanding expectations and intentions of communal technology use. We propose a design perspective of social expectations, and we suggest existing designs can be expanded using already available information such as location, and considering additional information, such as levels of trust and reliability.Comment: to appear in CHI '20 Extended Abstracts, April 25--30, 2020, Honolulu, HI, US

Pervasive Technologies and Support for Independent Living

A broad range of pervasive technologies are used in many domains, including healthcare: however, there appears to be little work examining the role of such technologies in the home, or the different wants and needs of elderly users. Additionally, there exist ethical issues surrounding the use of highly personal healthcare-related data, and interface issues centred on the novelty of the technologies and the disabilities experienced by the users. This report examines these areas, before considering the ways in which they might come together to help support independent-living users with disabilities which may be age-related