SlideShare a Scribd company logo

The CAPrice Initiative: A socio-technical solution to digital privacy

Ioannis Chrysakis
Ioannis Chrysakis

An invited presentation by Ioannis Chrysakis at the 6th Google GDG Dev Fest Greece 2018 in Heraklion

Technology
1 of 21
The CAPrice Initiative: A socio-technical solution to digital privacy Speaker: Ioannis Chrysakis (FORTH-ICS) – www.chrysakis.eu 01/12/2018, 6th Google GDG Dev Fest Greece 2018, Heraklion #devfestgr18
Ioannis Chrysakis – chrysakis.eu What do you think when you hear the word… SMART 2
Ioannis Chrysakis – chrysakis.eu 3
Ioannis Chrysakis – chrysakis.eu The digital age: The SMART present and the future 4 Smartphones and apps Smart home Connected CarsSmart Cities Smart toys
Ioannis Chrysakis – chrysakis.eu The power of data • The “big data” era • Lots of data, and the ability to process them • Machine learning, deep learning, data science • Hidden correlations • Predict epidemics, personalized medicine, … • But also personality identification, identifying habits and personal preferences, vote manipulation, … 5  Bloomberg: smart meters can profile homes and habits, including what you watch on TV (via device profiling of energy consumption).  Personality Identification: online services can analyze your personality based on authored text.  ApplyMagicSauge: can tell your personality from facebook/twitter posts.  Vote Manipulation: allegations that Cambridge Analytica and other big data companies used targeted micro-advertising and personalized emotional triggers to help in the success of the Brexit and Trump campaigns.
Ioannis Chrysakis – chrysakis.eu Smart Devices and Privacy • Smart devices are everywhere… • However, consumers generally unaware of the data being accessed and/or transmitted by their devices1 6 The Wall Street Journal: the examination of 101 popular smartphone apps revealed that:  56 apps transmitted the phone's unique device ID to other companies without users' awareness or consent.  47 apps transmitted the phone's location in some way.  5 sent age, gender and other personal details to outsiders.
Ioannis Chrysakis – chrysakis.eu Terms of Service (ToS) • ToS documents • Lengthy1 • Hard to read/understand • Change often • Real versus digital world • Different behaviour with regards to privacy2,3 7  1. NCC : Reading ToS for an average Norwegian would take 32 hours (250.000 words)  2. Purple: 22.000 users agreed to 1.000 hours of community service (including cleaning animal waste and relieving sewer blockages) in exchange for free wifi  3. Video: If your shop assistant was an app (hidden camera) @ youtube
Ioannis Chrysakis – chrysakis.eu Our Goal • How do we enable users to: • understand and be aware of what they gain and what they lose when they use digital services? • decide collectively and make explicit their privacy preferences. • How can we convince developers that respecting users’ privacy is profit-maximizing? • Create a trusted-market where we can bring together users, hackers and developers. 8
Ioannis Chrysakis – chrysakis.eu Our Plan • 1.Awareness: By this way people could understand the problem and start considering solutions. • 2. Action: Participating in the collaborative process of annotating ToS documents, stating privacy concerns, creating and configuring collective privacy norms etc. • 3. Crowdsourced activities: Tools and services that allow users to finally create more digital more privacy-friendly products and services. 9
Ioannis Chrysakis – chrysakis.eu Our Solution 10
Ioannis Chrysakis – chrysakis.eu Tools and Services (1/2) 11 User’s Privacy Corner Privacy Dashboard: Understanding apps’ behaviour Community Review
Ioannis Chrysakis – chrysakis.eu Tools and Services (2/2) 12 ToS Annotator CAPrice Repository
Ioannis Chrysakis – chrysakis.eu Communication Channels • Our website: • www.caprice-community.net • Social Network (#CapriceCommunity) • Facebook: www.fb.com/CapriceCommunity • Twitter (@CapriceSociety) Youtube (CAPrice Community) • Gamification Activities The CAPrice Game: https://www.caprice-community.net/game 13
Ioannis Chrysakis – chrysakis.eu The CAPrice Game - Level 0 • A mobile game based on famous android apps and their respective permissions as appeared in Google Play Store. • But before start playing let’s talk about apps and permissions… 14
Ioannis Chrysakis – chrysakis.eu 15 access USB storage filesystem read calendar events plus confidential information read call log read phone status and identity (in 2 Groups) read sensitive log data read the contents of your USB storage (in 2 Groups) read your contacts read your own contact card read your text messages (SMS or MMS) read your Web bookmarks and history view Wi-Fi connections retrieve running apps find accounts on the device (in 2 Groups) body sensors (like heart rate monitors) approximate location (network-based) precise location (GPS and network-based) add or modify calendar events and send email to guests without owners' knowledge add or remove accounts modify or delete the contents of your USB storage (in 2 Groups) modify your contacts write call log edit your text messages (SMS or MMS) reroute outgoing calls directly call phone numbers receive text messages (SMS) send SMS messages take pictures and videos record audio VIEW ACTION App Permissions
Ioannis Chrysakis – chrysakis.eu The CAPrice Game • From your mobile device go to kahoot.it • Enter the requested PIN • Enter your alias and get ready! Rules: • Each question has exactly one correct answer • For each question you select a color that corresponds to only one answer. • The fastest and the most correct 3 players will be awarded. • Tip: You get extra points if you give sequential correct answers. 16
Ioannis Chrysakis – chrysakis.eu Time for Discussion • How do you find the results of the CAPrice Game ? 17
Ioannis Chrysakis – chrysakis.eu Android apps and permissions 18 0 5 10 15 20 25 12 21 16 8 16 24 19 14 11 10 1 Basic permissions (Max 28) 12 21 16 8 16 24 19 14 11 10 1 13 22 19 9 20 24 18 18 16 18 4 0 5 10 15 20 25 30 35 40 45 50 Basic + Other permissions Basic Other
Ioannis Chrysakis – chrysakis.eu Time for action • Be part of the solution by joining in the CAPrice Community • Via website [caprice-community.net] • Giving feedback, voting, etc • https://www.caprice-community.net/feedback/ • Learn about actual cases of privacy threats • Discover cutting edge technical solutions • Via e-mail: • https://www.caprice-community.net/get-involved/ • Via social media 19
Ioannis Chrysakis – chrysakis.eu References • The CAPrice promotional video: • https://youtu.be/4L8gOfU9MXg • If your shop assistant was an app (hidden camera): • https://youtu.be/xYZtHIPktQg • The #toyfail case • https://youtu.be/lAOj0H5c6Yc • How long does it take to read Amazon Kindle's terms and conditions? • https://youtu.be/sxygkyskucA • Conference Paper [CoopIS 2018] • Giorgos Flouris, Theodore Patkos, Ioannis Chrysakis, Ioulia Konstantinou, Nikolay Nikolov, Panagiotis Papadakos, Jeremy Pitt, Dumitru Roman, Alexander Stan, Chrysostomos Zeginis: Towards A Collective Awareness Platform for Privacy Concerns and Expectations. 20
Ioannis Chrysakis – chrysakis.eu Thank you for your attention 21 Theodore PatkosGiorgos FlourisDimitris Plexousakis Konstantinos Kreatsoulas Ioannis Chrysakis Panagiotis PapadakosChrysostomos Zeginis

Recommended

Privacy Exposed: Ramifications of Social Media and Mobile Technology
Privacy Exposed: Ramifications of Social Media and Mobile TechnologyPrivacy Exposed: Ramifications of Social Media and Mobile Technology
Privacy Exposed: Ramifications of Social Media and Mobile TechnologyTom Eston
 
Phishing: It’s Not Just for Pentesters Using Phishing to Build a Successful ...
Phishing: It’s Not Just for Pentesters Using Phishing to Build a Successful ...Phishing: It’s Not Just for Pentesters Using Phishing to Build a Successful ...
Phishing: It’s Not Just for Pentesters Using Phishing to Build a Successful ...EC-Council
 
Online Privacy, the next Battleground
Online Privacy, the next BattlegroundOnline Privacy, the next Battleground
Online Privacy, the next BattlegroundSensePost
 
How People Care about their Personal Datatheir Data Released onReleased on So...
How People Care about their Personal Datatheir Data Released onReleased on So...How People Care about their Personal Datatheir Data Released onReleased on So...
How People Care about their Personal Datatheir Data Released onReleased on So...Kellyton Brito
 
Helping Developers with Privacy
Helping Developers with PrivacyHelping Developers with Privacy
Helping Developers with PrivacyJason Hong
 
2021-02-10_CogSecCollab_UBerkeley
2021-02-10_CogSecCollab_UBerkeley2021-02-10_CogSecCollab_UBerkeley
2021-02-10_CogSecCollab_UBerkeleySara-Jayne Terp
 
Distributed defense against disinformation: disinformation risk management an...
Distributed defense against disinformation: disinformation risk management an...Distributed defense against disinformation: disinformation risk management an...
Distributed defense against disinformation: disinformation risk management an...Sara-Jayne Terp
 
Human/User-Centric Security
Human/User-Centric SecurityHuman/User-Centric Security
Human/User-Centric SecurityShujun Li
 

Recommended

Privacy Exposed: Ramifications of Social Media and Mobile Technology
Privacy Exposed: Ramifications of Social Media and Mobile TechnologyPrivacy Exposed: Ramifications of Social Media and Mobile Technology
Privacy Exposed: Ramifications of Social Media and Mobile TechnologyTom Eston
 
Phishing: It’s Not Just for Pentesters Using Phishing to Build a Successful ...
Phishing: It’s Not Just for Pentesters Using Phishing to Build a Successful ...Phishing: It’s Not Just for Pentesters Using Phishing to Build a Successful ...
Phishing: It’s Not Just for Pentesters Using Phishing to Build a Successful ...EC-Council
 
Online Privacy, the next Battleground
Online Privacy, the next BattlegroundOnline Privacy, the next Battleground
Online Privacy, the next BattlegroundSensePost
 
How People Care about their Personal Datatheir Data Released onReleased on So...
How People Care about their Personal Datatheir Data Released onReleased on So...How People Care about their Personal Datatheir Data Released onReleased on So...
How People Care about their Personal Datatheir Data Released onReleased on So...Kellyton Brito
 
Helping Developers with Privacy
Helping Developers with PrivacyHelping Developers with Privacy
Helping Developers with PrivacyJason Hong
 
2021-02-10_CogSecCollab_UBerkeley
2021-02-10_CogSecCollab_UBerkeley2021-02-10_CogSecCollab_UBerkeley
2021-02-10_CogSecCollab_UBerkeleySara-Jayne Terp
 
Distributed defense against disinformation: disinformation risk management an...
Distributed defense against disinformation: disinformation risk management an...Distributed defense against disinformation: disinformation risk management an...
Distributed defense against disinformation: disinformation risk management an...Sara-Jayne Terp
 
Human/User-Centric Security
Human/User-Centric SecurityHuman/User-Centric Security
Human/User-Centric SecurityShujun Li
 
Cyber crime &_info_security
Cyber crime &_info_securityCyber crime &_info_security
Cyber crime &_info_securityEr Mahendra Yadav
 
Privacy UX - UX Scotland 2023
Privacy UX - UX Scotland 2023 Privacy UX - UX Scotland 2023
Privacy UX - UX Scotland 2023 User Vision
 
Multimedia Privacy
Multimedia PrivacyMultimedia Privacy
Multimedia PrivacySymeon Papadopoulos
 
Transforming Big Data into Decisions -- keynote at IBM/s 2014 Big Data Day
Transforming Big Data into Decisions -- keynote at IBM/s 2014 Big Data DayTransforming Big Data into Decisions -- keynote at IBM/s 2014 Big Data Day
Transforming Big Data into Decisions -- keynote at IBM/s 2014 Big Data DayAndreas Weigend
 
Social media sims_sm
Social media sims_smSocial media sims_sm
Social media sims_smUrmila Hajare
 
Judy Taylour's Digital Privacy Day 2014 Presentation
Judy Taylour's Digital Privacy Day 2014 PresentationJudy Taylour's Digital Privacy Day 2014 Presentation
Judy Taylour's Digital Privacy Day 2014 PresentationGreater Cleveland PC Users Group
 
Sourcing lecture 3 ITSM Cloudsourcing and outsourcing
Sourcing lecture 3 ITSM Cloudsourcing and outsourcingSourcing lecture 3 ITSM Cloudsourcing and outsourcing
Sourcing lecture 3 ITSM Cloudsourcing and outsourcingFrank Willems
 
Advanced Research Investigations for SIU Investigators
Advanced Research Investigations for SIU InvestigatorsAdvanced Research Investigations for SIU Investigators
Advanced Research Investigations for SIU InvestigatorsSloan Carne
 
Social Media – a Corporate Love Affair or Just a Nightmare?
Social Media – a Corporate Love Affair or Just a Nightmare?Social Media – a Corporate Love Affair or Just a Nightmare?
Social Media – a Corporate Love Affair or Just a Nightmare?Christian Brosstad
 
2012.10.23 serious game expo - social serious games
2012.10.23 serious game expo - social serious games2012.10.23 serious game expo - social serious games
2012.10.23 serious game expo - social serious gamesSuccub_int
 
Sentiment Analysis and Social Media: How and Why
Sentiment Analysis and Social Media: How and WhySentiment Analysis and Social Media: How and Why
Sentiment Analysis and Social Media: How and WhyDavide Feltoni Gurini
 
Privacy, Ethics, and Future Uses of the Social Web
Privacy, Ethics, and Future Uses of the Social WebPrivacy, Ethics, and Future Uses of the Social Web
Privacy, Ethics, and Future Uses of the Social WebMatthew Russell
 
Rotenberg gfke 2014
Rotenberg gfke 2014Rotenberg gfke 2014
Rotenberg gfke 2014innovationoecd
 
UX Edinburgh Meetup deck - Privacy UX - March 2024.pdf
UX Edinburgh Meetup deck - Privacy UX - March 2024.pdfUX Edinburgh Meetup deck - Privacy UX - March 2024.pdf
UX Edinburgh Meetup deck - Privacy UX - March 2024.pdfinfo948069
 
UX Edinburgh Meetup deck - Privacy UX - March 2024.pdf
UX Edinburgh Meetup deck - Privacy UX - March 2024.pdfUX Edinburgh Meetup deck - Privacy UX - March 2024.pdf
UX Edinburgh Meetup deck - Privacy UX - March 2024.pdfinfo948069
 
The CUTGroup at Open Gov Hack Night
The CUTGroup at Open Gov Hack NightThe CUTGroup at Open Gov Hack Night
The CUTGroup at Open Gov Hack NightSmart Chicago Collaborative
 
Class_onlineprivacy.ppt
Class_onlineprivacy.pptClass_onlineprivacy.ppt
Class_onlineprivacy.pptArvind Bhisikar
 
UX Study on Collective Spatial Intelligence Based Urban App Services
UX Study on Collective Spatial Intelligence Based Urban App ServicesUX Study on Collective Spatial Intelligence Based Urban App Services
UX Study on Collective Spatial Intelligence Based Urban App ServicesJunie Kwon
 
La #blockchain au #CES2018
La #blockchain au #CES2018La #blockchain au #CES2018
La #blockchain au #CES2018Vidal Chriqui
 
CUTGroup Presentation for Social Enterprise Class at Northwestern University
CUTGroup Presentation for Social Enterprise Class at Northwestern UniversityCUTGroup Presentation for Social Enterprise Class at Northwestern University
CUTGroup Presentation for Social Enterprise Class at Northwestern UniversitySmart Chicago Collaborative
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 

More Related Content

Similar to The CAPrice Initiative: A socio-technical solution to digital privacy

Privacy UX - UX Scotland 2023
Privacy UX - UX Scotland 2023 Privacy UX - UX Scotland 2023
Privacy UX - UX Scotland 2023 User Vision
 
Transforming Big Data into Decisions -- keynote at IBM/s 2014 Big Data Day
Transforming Big Data into Decisions -- keynote at IBM/s 2014 Big Data DayTransforming Big Data into Decisions -- keynote at IBM/s 2014 Big Data Day
Transforming Big Data into Decisions -- keynote at IBM/s 2014 Big Data DayAndreas Weigend
 
Social media sims_sm
Social media sims_smSocial media sims_sm
Social media sims_smUrmila Hajare
 
Sourcing lecture 3 ITSM Cloudsourcing and outsourcing
Sourcing lecture 3 ITSM Cloudsourcing and outsourcingSourcing lecture 3 ITSM Cloudsourcing and outsourcing
Sourcing lecture 3 ITSM Cloudsourcing and outsourcingFrank Willems
 
Advanced Research Investigations for SIU Investigators
Advanced Research Investigations for SIU InvestigatorsAdvanced Research Investigations for SIU Investigators
Advanced Research Investigations for SIU InvestigatorsSloan Carne
 
Social Media – a Corporate Love Affair or Just a Nightmare?
Social Media – a Corporate Love Affair or Just a Nightmare?Social Media – a Corporate Love Affair or Just a Nightmare?
Social Media – a Corporate Love Affair or Just a Nightmare?Christian Brosstad
 
2012.10.23 serious game expo - social serious games
2012.10.23 serious game expo - social serious games2012.10.23 serious game expo - social serious games
2012.10.23 serious game expo - social serious gamesSuccub_int
 
Sentiment Analysis and Social Media: How and Why
Sentiment Analysis and Social Media: How and WhySentiment Analysis and Social Media: How and Why
Sentiment Analysis and Social Media: How and WhyDavide Feltoni Gurini
 
Privacy, Ethics, and Future Uses of the Social Web
Privacy, Ethics, and Future Uses of the Social WebPrivacy, Ethics, and Future Uses of the Social Web
Privacy, Ethics, and Future Uses of the Social WebMatthew Russell
 
UX Edinburgh Meetup deck - Privacy UX - March 2024.pdf
UX Edinburgh Meetup deck - Privacy UX - March 2024.pdfUX Edinburgh Meetup deck - Privacy UX - March 2024.pdf
UX Edinburgh Meetup deck - Privacy UX - March 2024.pdfinfo948069
 
UX Edinburgh Meetup deck - Privacy UX - March 2024.pdf
UX Edinburgh Meetup deck - Privacy UX - March 2024.pdfUX Edinburgh Meetup deck - Privacy UX - March 2024.pdf
UX Edinburgh Meetup deck - Privacy UX - March 2024.pdfinfo948069
 
UX Study on Collective Spatial Intelligence Based Urban App Services
UX Study on Collective Spatial Intelligence Based Urban App ServicesUX Study on Collective Spatial Intelligence Based Urban App Services
UX Study on Collective Spatial Intelligence Based Urban App ServicesJunie Kwon
 
La #blockchain au #CES2018
La #blockchain au #CES2018La #blockchain au #CES2018
La #blockchain au #CES2018Vidal Chriqui
 
CUTGroup Presentation for Social Enterprise Class at Northwestern University
CUTGroup Presentation for Social Enterprise Class at Northwestern UniversityCUTGroup Presentation for Social Enterprise Class at Northwestern University
CUTGroup Presentation for Social Enterprise Class at Northwestern UniversitySmart Chicago Collaborative
 

Similar to The CAPrice Initiative: A socio-technical solution to digital privacy (20)

Cyber crime &_info_security
Cyber crime &_info_securityCyber crime &_info_security
Cyber crime &_info_security
 
Privacy UX - UX Scotland 2023
Privacy UX - UX Scotland 2023 Privacy UX - UX Scotland 2023
Privacy UX - UX Scotland 2023
 
Multimedia Privacy
Multimedia PrivacyMultimedia Privacy
Multimedia Privacy
 
Transforming Big Data into Decisions -- keynote at IBM/s 2014 Big Data Day
Transforming Big Data into Decisions -- keynote at IBM/s 2014 Big Data DayTransforming Big Data into Decisions -- keynote at IBM/s 2014 Big Data Day
Transforming Big Data into Decisions -- keynote at IBM/s 2014 Big Data Day
 
Social media sims_sm
Social media sims_smSocial media sims_sm
Social media sims_sm
 
Judy Taylour's Digital Privacy Day 2014 Presentation
Judy Taylour's Digital Privacy Day 2014 PresentationJudy Taylour's Digital Privacy Day 2014 Presentation
Judy Taylour's Digital Privacy Day 2014 Presentation
 
Sourcing lecture 3 ITSM Cloudsourcing and outsourcing
Sourcing lecture 3 ITSM Cloudsourcing and outsourcingSourcing lecture 3 ITSM Cloudsourcing and outsourcing
Sourcing lecture 3 ITSM Cloudsourcing and outsourcing
 
Advanced Research Investigations for SIU Investigators
Advanced Research Investigations for SIU InvestigatorsAdvanced Research Investigations for SIU Investigators
Advanced Research Investigations for SIU Investigators
 
Social Media – a Corporate Love Affair or Just a Nightmare?
Social Media – a Corporate Love Affair or Just a Nightmare?Social Media – a Corporate Love Affair or Just a Nightmare?
Social Media – a Corporate Love Affair or Just a Nightmare?
 
2012.10.23 serious game expo - social serious games
2012.10.23 serious game expo - social serious games2012.10.23 serious game expo - social serious games
2012.10.23 serious game expo - social serious games
 
Sentiment Analysis and Social Media: How and Why
Sentiment Analysis and Social Media: How and WhySentiment Analysis and Social Media: How and Why
Sentiment Analysis and Social Media: How and Why
 
Privacy, Ethics, and Future Uses of the Social Web
Privacy, Ethics, and Future Uses of the Social WebPrivacy, Ethics, and Future Uses of the Social Web
Privacy, Ethics, and Future Uses of the Social Web
 
Rotenberg gfke 2014
Rotenberg gfke 2014Rotenberg gfke 2014
Rotenberg gfke 2014
 
UX Edinburgh Meetup deck - Privacy UX - March 2024.pdf
UX Edinburgh Meetup deck - Privacy UX - March 2024.pdfUX Edinburgh Meetup deck - Privacy UX - March 2024.pdf
UX Edinburgh Meetup deck - Privacy UX - March 2024.pdf
 
UX Edinburgh Meetup deck - Privacy UX - March 2024.pdf
UX Edinburgh Meetup deck - Privacy UX - March 2024.pdfUX Edinburgh Meetup deck - Privacy UX - March 2024.pdf
UX Edinburgh Meetup deck - Privacy UX - March 2024.pdf
 
The CUTGroup at Open Gov Hack Night
The CUTGroup at Open Gov Hack NightThe CUTGroup at Open Gov Hack Night
The CUTGroup at Open Gov Hack Night
 
Class_onlineprivacy.ppt
Class_onlineprivacy.pptClass_onlineprivacy.ppt
Class_onlineprivacy.ppt
 
UX Study on Collective Spatial Intelligence Based Urban App Services
UX Study on Collective Spatial Intelligence Based Urban App ServicesUX Study on Collective Spatial Intelligence Based Urban App Services
UX Study on Collective Spatial Intelligence Based Urban App Services
 
La #blockchain au #CES2018
La #blockchain au #CES2018La #blockchain au #CES2018
La #blockchain au #CES2018
 
CUTGroup Presentation for Social Enterprise Class at Northwestern University
CUTGroup Presentation for Social Enterprise Class at Northwestern UniversityCUTGroup Presentation for Social Enterprise Class at Northwestern University
CUTGroup Presentation for Social Enterprise Class at Northwestern University
 

Recently uploaded

08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsHyundai Motor Group
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 

Recently uploaded (20)

08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
The transition to renewables in India.pdf
The transition to renewables in India.pdfThe transition to renewables in India.pdf
The transition to renewables in India.pdf
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 

The CAPrice Initiative: A socio-technical solution to digital privacy

  • 1. The CAPrice Initiative: A socio-technical solution to digital privacy Speaker: Ioannis Chrysakis (FORTH-ICS) – www.chrysakis.eu 01/12/2018, 6th Google GDG Dev Fest Greece 2018, Heraklion #devfestgr18
  • 2. Ioannis Chrysakis – chrysakis.eu What do you think when you hear the word… SMART 2
  • 3. Ioannis Chrysakis – chrysakis.eu 3
  • 4. Ioannis Chrysakis – chrysakis.eu The digital age: The SMART present and the future 4 Smartphones and apps Smart home Connected CarsSmart Cities Smart toys
  • 5. Ioannis Chrysakis – chrysakis.eu The power of data • The “big data” era • Lots of data, and the ability to process them • Machine learning, deep learning, data science • Hidden correlations • Predict epidemics, personalized medicine, … • But also personality identification, identifying habits and personal preferences, vote manipulation, … 5  Bloomberg: smart meters can profile homes and habits, including what you watch on TV (via device profiling of energy consumption).  Personality Identification: online services can analyze your personality based on authored text.  ApplyMagicSauge: can tell your personality from facebook/twitter posts.  Vote Manipulation: allegations that Cambridge Analytica and other big data companies used targeted micro-advertising and personalized emotional triggers to help in the success of the Brexit and Trump campaigns.
  • 6. Ioannis Chrysakis – chrysakis.eu Smart Devices and Privacy • Smart devices are everywhere… • However, consumers generally unaware of the data being accessed and/or transmitted by their devices1 6 The Wall Street Journal: the examination of 101 popular smartphone apps revealed that:  56 apps transmitted the phone's unique device ID to other companies without users' awareness or consent.  47 apps transmitted the phone's location in some way.  5 sent age, gender and other personal details to outsiders.
  • 7. Ioannis Chrysakis – chrysakis.eu Terms of Service (ToS) • ToS documents • Lengthy1 • Hard to read/understand • Change often • Real versus digital world • Different behaviour with regards to privacy2,3 7  1. NCC : Reading ToS for an average Norwegian would take 32 hours (250.000 words)  2. Purple: 22.000 users agreed to 1.000 hours of community service (including cleaning animal waste and relieving sewer blockages) in exchange for free wifi  3. Video: If your shop assistant was an app (hidden camera) @ youtube
  • 8. Ioannis Chrysakis – chrysakis.eu Our Goal • How do we enable users to: • understand and be aware of what they gain and what they lose when they use digital services? • decide collectively and make explicit their privacy preferences. • How can we convince developers that respecting users’ privacy is profit-maximizing? • Create a trusted-market where we can bring together users, hackers and developers. 8
  • 9. Ioannis Chrysakis – chrysakis.eu Our Plan • 1.Awareness: By this way people could understand the problem and start considering solutions. • 2. Action: Participating in the collaborative process of annotating ToS documents, stating privacy concerns, creating and configuring collective privacy norms etc. • 3. Crowdsourced activities: Tools and services that allow users to finally create more digital more privacy-friendly products and services. 9
  • 10. Ioannis Chrysakis – chrysakis.eu Our Solution 10
  • 11. Ioannis Chrysakis – chrysakis.eu Tools and Services (1/2) 11 User’s Privacy Corner Privacy Dashboard: Understanding apps’ behaviour Community Review
  • 12. Ioannis Chrysakis – chrysakis.eu Tools and Services (2/2) 12 ToS Annotator CAPrice Repository
  • 13. Ioannis Chrysakis – chrysakis.eu Communication Channels • Our website: • www.caprice-community.net • Social Network (#CapriceCommunity) • Facebook: www.fb.com/CapriceCommunity • Twitter (@CapriceSociety) Youtube (CAPrice Community) • Gamification Activities The CAPrice Game: https://www.caprice-community.net/game 13
  • 14. Ioannis Chrysakis – chrysakis.eu The CAPrice Game - Level 0 • A mobile game based on famous android apps and their respective permissions as appeared in Google Play Store. • But before start playing let’s talk about apps and permissions… 14
  • 15. Ioannis Chrysakis – chrysakis.eu 15 access USB storage filesystem read calendar events plus confidential information read call log read phone status and identity (in 2 Groups) read sensitive log data read the contents of your USB storage (in 2 Groups) read your contacts read your own contact card read your text messages (SMS or MMS) read your Web bookmarks and history view Wi-Fi connections retrieve running apps find accounts on the device (in 2 Groups) body sensors (like heart rate monitors) approximate location (network-based) precise location (GPS and network-based) add or modify calendar events and send email to guests without owners' knowledge add or remove accounts modify or delete the contents of your USB storage (in 2 Groups) modify your contacts write call log edit your text messages (SMS or MMS) reroute outgoing calls directly call phone numbers receive text messages (SMS) send SMS messages take pictures and videos record audio VIEW ACTION App Permissions
  • 16. Ioannis Chrysakis – chrysakis.eu The CAPrice Game • From your mobile device go to kahoot.it • Enter the requested PIN • Enter your alias and get ready! Rules: • Each question has exactly one correct answer • For each question you select a color that corresponds to only one answer. • The fastest and the most correct 3 players will be awarded. • Tip: You get extra points if you give sequential correct answers. 16
  • 17. Ioannis Chrysakis – chrysakis.eu Time for Discussion • How do you find the results of the CAPrice Game ? 17
  • 18. Ioannis Chrysakis – chrysakis.eu Android apps and permissions 18 0 5 10 15 20 25 12 21 16 8 16 24 19 14 11 10 1 Basic permissions (Max 28) 12 21 16 8 16 24 19 14 11 10 1 13 22 19 9 20 24 18 18 16 18 4 0 5 10 15 20 25 30 35 40 45 50 Basic + Other permissions Basic Other
  • 19. Ioannis Chrysakis – chrysakis.eu Time for action • Be part of the solution by joining in the CAPrice Community • Via website [caprice-community.net] • Giving feedback, voting, etc • https://www.caprice-community.net/feedback/ • Learn about actual cases of privacy threats • Discover cutting edge technical solutions • Via e-mail: • https://www.caprice-community.net/get-involved/ • Via social media 19
  • 20. Ioannis Chrysakis – chrysakis.eu References • The CAPrice promotional video: • https://youtu.be/4L8gOfU9MXg • If your shop assistant was an app (hidden camera): • https://youtu.be/xYZtHIPktQg • The #toyfail case • https://youtu.be/lAOj0H5c6Yc • How long does it take to read Amazon Kindle's terms and conditions? • https://youtu.be/sxygkyskucA • Conference Paper [CoopIS 2018] • Giorgos Flouris, Theodore Patkos, Ioannis Chrysakis, Ioulia Konstantinou, Nikolay Nikolov, Panagiotis Papadakos, Jeremy Pitt, Dumitru Roman, Alexander Stan, Chrysostomos Zeginis: Towards A Collective Awareness Platform for Privacy Concerns and Expectations. 20
  • 21. Ioannis Chrysakis – chrysakis.eu Thank you for your attention 21 Theodore PatkosGiorgos FlourisDimitris Plexousakis Konstantinos Kreatsoulas Ioannis Chrysakis Panagiotis PapadakosChrysostomos Zeginis

Editor's Notes

  1. CAPrice Repository has crawled > 250K android apps and its permisions Endpoint: http://139.91.183.40:9999/blazegraph/#namespaces Caprice(namespace)