![©2020CarnegieMellonUniversity:20
Some Design Challenges for Privacy
Very Strong Incentives to Keep Collecting More Data
• “[An analyst at Target] was able to identify about
25 products that… allowed him to assign each
shopper a ‘pregnancy prediction’ score. [H]e
could also estimate her due date to within a small
window, so Target could send coupons timed to
very specific stages of her pregnancy.” (NYTimes)
• Companies: More data -> Better ads and services
• Government: More data -> More national security](https://image.slidesharecdn.com/privacy-for-mobile-sensing-systems-oct2020-201021025354/75/privacy-for-mobile-sensing-systems-20-2048.jpg?cb=1668500686)
Privacy for Mobile Sensing Systems
•0 likes•205 views
Report
Share
Download to read offline
CHIuXiD (Indonesia) keynote about privacy and security. Includes why care about privacy, design challenges, design opportunities, and brief discussion of some of my team's research on mobile sensing.
Recommended
More Related Content
What's hot
What's hot(20)
Similar to Privacy for Mobile Sensing Systems
Similar to Privacy for Mobile Sensing Systems(20)
![[SLIDES] Internet of Things presentation at AEI (Sept 2014)](https://cdn.slidesharecdn.com/ss_thumbnails/c85cf877-6b22-4a36-889c-bb860c9c2472-141211134657-conversion-gate02-thumbnail.jpg?width=768&fit=bounds)
Recently uploaded
Recently uploaded(20)
Privacy for Mobile Sensing Systems
- 1. ©2018CarnegieMellonUniversity:1 Privacy for Mobile Sensing Systems October 21 2020 Jason Hong @jas0nh0ng jasonh@cs.cmu.edu Computer Human Interaction: Mobility Privacy Security
- 2. ©2020CarnegieMellonUniversity:2 In the near future, our smart devices will know everything about us
- 5. ©2020CarnegieMellonUniversity:5 We Are Just Starting to Enter the Third Wave of Computing • First Wave: Computation – Making the basics of computers work • Second Wave: Networking – Connecting computers around the world • Third Wave: Ubiquitous Computing – Also called Internet of Things (IoT) – Computation, communication, sensing, and actuation woven into our everyday physical world – Possible because of fast wireless networking, small sensors, better CPUs, vastly decreasing costs
- 6. ©2020CarnegieMellonUniversity:6 Smartphones Give Us a Glimpse of this Coming World • Over 1B smartphones sold every year • Penetration rate in Indonesia ~70% (and 90% by 2025) – Statista 2020 • Incredibly intimate devices
- 7. ©2020CarnegieMellonUniversity:7 Smartphones are Intimate Fun Facts about Millennials • 83% sleep with phones
- 8. ©2020CarnegieMellonUniversity:8 Smartphones are Intimate Fun Facts about Millennials • 83% sleep with phones • 90% check first thing in morning
- 9. ©2020CarnegieMellonUniversity:9 Smartphones are Intimate Fun Facts about Millennials • 83% sleep with phones • 90% check first thing in morning • 1 in 3 use in bathroom
- 10. ©2020CarnegieMellonUniversity:10 Smartphone Data is Intimate Who we know (contacts + call log) Sensors (accel, sound, light) Where we go (gps, photos)
- 11. ©2020CarnegieMellonUniversity:11 Using Call Log, SMS, Contacts
- 12. ©2020CarnegieMellonUniversity:12 Using Call Log, SMS, Contacts See our CSCW 2015 paper
- 13. ©2020CarnegieMellonUniversity:13 Sleep Monitor Using Smartphone Data See our CHI 2014 paper
- 14. ©2020CarnegieMellonUniversity:14 These Technologies Offer Many Benefits to Society • These devices + artificial intelligence technologies will allow us to build amazing things… • But only if we can legitimately address the privacy concerns
- 17. ©2020CarnegieMellonUniversity:17 Why Care About Privacy? People Less Likely to Adopt What We Create • Pew Research Center survey (2015) – 60% of people chose not to install an app when they discovered how much personal info it required – 43% uninstalled app after downloading it for same reason – http://www.pewinternet.org/2015/11/10/apps-permissions-in-the- google-play-store/ • GSMA study of privacy in Indonesia (2013) – 80% concerned about apps collecting info w/o consent – 78% want to know what data will be collected
- 18. ©2020CarnegieMellonUniversity:18 Why Care About Privacy? We May Cause Harms to People • Undesired social obligations • Spam, identity theft • Accidentally sharing sensitive information • Government mass surveillance • Abusive partners or stalkers Everyday Risks Extreme Risks Strangers _________________________________ Stalking Personal safety Employers _________________________________ Over-monitoring Discrimination Reputation Friends, Family _________________________________ Over-protection Social obligations Embarrassment Government __________________________ Civil liberties
- 19. ©2020CarnegieMellonUniversity:19 Some Design Challenges for Privacy A Fundamental Tension • The same data can help as well as harm (or creep people out) depending on use
- 20. ©2020CarnegieMellonUniversity:20 Some Design Challenges for Privacy Very Strong Incentives to Keep Collecting More Data • “[An analyst at Target] was able to identify about 25 products that… allowed him to assign each shopper a ‘pregnancy prediction’ score. [H]e could also estimate her due date to within a small window, so Target could send coupons timed to very specific stages of her pregnancy.” (NYTimes) • Companies: More data -> Better ads and services • Government: More data -> More national security
- 21. ©2020CarnegieMellonUniversity:21 Some Design Challenges for Privacy Physical Safety and Security • Today’s Ransomware – Several hospitals in USA have already been locked out of their computers unless pay a ransom – As information tech increasingly adopted (and more kinds of devices), these attacks will expand • Future: Pay ransom or we will… – …share all your intimate photos to the world – …remotely trip circuit breakers at office (lose power) – …hold citizens of your country virtually hostage
- 22. ©2020CarnegieMellonUniversity:22 Some Design Challenges for Privacy Physical Safety and Security • Nightmare scenarios – Ex. Crashing autonomous vehicles – Ex. Injecting fake data into medical devices
- 23. ©2020CarnegieMellonUniversity:23 Some Design Challenges for Privacy Scalability • Billions of devices will need to be secured • Scale turns easy problems into hard problems – Ex. Unique passwords for dozens of devices? – Ex. Security policies, each device having different user interface (most not having a display and keyboard)? – Ex. Physically locking down dozens of devices? – Ex. Installing software updates?
- 24. ©2020CarnegieMellonUniversity:24 Some Design Challenges for Privacy Emergent Behaviors
- 25. ©2020CarnegieMellonUniversity:25 • A six-year-old asked her family’s Echo “can you play dollhouse with me and get me a dollhouse?” • The device complied, ordering a KidKraft Sparkle mansion dollhouse, in addition to “four pounds of sugar cookies.”
- 26. ©2020CarnegieMellonUniversity:26 • The story ended up on a local morning show, where the anchor remarked “I love the little girl, saying ‘Alexa ordered me a dollhouse.’”
- 27. ©2020CarnegieMellonUniversity:27 Some Design Challenges for Privacy Internationalization • The vast majority of research and UX design for privacy is focused on US and Western Europe – There is relatively little knowledge about how privacy is the same and how it differs in other contexts • Examples – Strong emphasis on individual privacy in the West (vs family or group) – Strong emphasis on individual choice – Strong emphasis on privacy procedures and rules to comply with regulation
- 28. ©2020CarnegieMellonUniversity:28 Some Opportunities What People View as (In)Appropriate • Especially how it differs from the West • Specific kinds of data – Ex. Social media sharing – Ex. Video and audio recordings in public places – Ex. Sharing of health and fitness data • Specific kinds of cases – Ex. Sharing of COVID contact tracing data – Ex. Mobile payments (see our CSCW 2020 paper) – Ex. Behavioral advertising (and ad tracking)
- 29. ©2020CarnegieMellonUniversity:29 Some Opportunities Examining Adoption of Technologies • What influences adoption of tech? • How can we design systems better so that they are more likely to be adopted? • Example systems – Two factor authentication, password managers • Example influences – Romantic partners (see SOUPS 2018 and CSCW 2020) – Social proof (see our CCS 2014 paper)
- 30. ©2020CarnegieMellonUniversity:30 Some Opportunities New Kinds of User Interfaces • The West has primarily adopted a framework of notice and consent. – However, it leads to interfaces like these…
- 31. ©2020CarnegieMellonUniversity:31 New York Times Privacy Policy • Still state of the art for privacy notices • But no one reads these
- 32. ©2020CarnegieMellonUniversity:32 Some Opportunities New Kinds of User Interfaces • The highlighted area on the top-right is how you can control ad tracking – Studies suggest vast majority of people unaware, and have never noticed or clicked
- 33. ©2020CarnegieMellonUniversity:33 Some Opportunities New Kinds of User Interfaces • Addressing scalability – What devices are in a room? Where are they? – What can my family / friends see about me (across all devices and services)? – Help me manage privacy preferences across all devices / services
- 35. ©2020CarnegieMellonUniversity:35 https://www.flickr.com/photos/johnivara/536856713 How can we create a connected world we would all want to live in?
Editor's Notes
- I’ve been working on sensor-based systems for about 20 years now I believe in the near future, our smart devices will know pretty much everything about us They are going to know how well we are sleeping, whether we are depressed or not, and how sustainable or green we are You probably have many questions about this simple statement: How did we get here? How do these technologies work? What will this all mean for you and for society? And given the title of my talk, what will this all mean for privacy? Let’s start with the first question, how did we get here?
- https://commons.wikimedia.org/wiki/File:Dell_Desktop_Computer_in_school_classroom.jpg About 30 years ago, computers were primarily large boxes that came with a monitor, keyboard, and mouse Emphasis is on large here, really takes up the entire desk You could also only get computers in one color:ugly
- Today, computers come in all kinds of form factors Smartphones, tablets, glasses, cars, watches, clothes, fitness trackers, health monitoring devices, parking meters, electronic locks, smart mirrors, drones, and yes, even smart toilets.
- All of these smart devices are part of the third big wave of computing. The first wave focused on computation, making the basics of computing work. The second wave centered on networking, connecting all of these computers together in a global network. The third wave, of which we are in the early stages, looks at making computers part of the physical world in which we live. Computation and communication are being embedded into everyday objects. All of this is possible because of shifts in the costs and capabilities of technology.
- What will this world be like? Will just focus on smartphones for now, since they are the most pervasive devices we have today Representative of many of the problems and opportunities we will be grappling with in the future Smartphones are everywhere http://marketingland.com/report-us-smartphone-penetration-now-75-percent-117746 http://www.pewinternet.org/fact-sheets/mobile-technology-fact-sheet/ http://www.androidauthority.com/google-play-store-vs-the-apple-app-store-601836/
- These devices are also incredibly intimate, perhaps the most intimate computing devices we’ve ever created. From Pew Internet and Cisco 2012 study Main stats on this page are from: http://www.cisco.com/c/en/us/solutions/enterprise/connected-world-technology-report/index.html#~2012 https://www.cisco.com/c/dam/en/us/solutions/enterprise/connected-world-technology-report/2012-CCWTR-Chapter1-Global-Results.pdf Additional stats about mobile phones: http://www.pewinternet.org/fact-sheets/mobile-technology-fact-sheet/ ----------------------- What’s also interesting are trends in how people use these smartphones http://blog.sciencecreative.com/2011/03/16/the-authentic-online-marketer/ http://www.generationalinsights.com/millennials-addicted-to-their-smartphones-some-suffer-nomophobia/ In fact, Millennials don’t just sleep with their smartphones. 75% use them in bed before going to sleep and 90% check them again first thing in the morning. Half use them while eating and third use them in the bathroom. A third check them every half hour. Another fifth check them every ten minutes. A quarter of them check them so frequently that they lose count. http://www.androidtapp.com/how-simple-is-your-smartphone-to-use-funny-videos/ Pew Research Center Around 83 percent of those 18- to 29-year-olds sleep with their cell phones within reach. http://persquaremile.com/category/suburbia/
- From Cisco report
- Also from Cisco report
- But it’s not just the devices that are intimate, the data is also intimate. Location, call logs, SMS, pics, more
- Sleep monitor example
- A grand challenge for computer science http://www.flickr.com/photos/robby_van_moor/478725670/
- Every week, we’re seeing more and more news articles like these
- http://www.pewinternet.org/2015/11/10/apps-permissions-in-the-google-play-store/ https://www.gsma.com/publicpolicy/wp-content/uploads/2013/08/Research_into_mobile_users_privacy_attitudes-Key_findings_from_Malaysia_and_Indonesia-FINAL.pdf
- Girls Around Me used foursquare checkin data and profile data to see who (women) was nearby Same data, different context, very different reactions
- What kinds of safeguards for physical safety? Can we build models of normal vs abnormal behaviors for devices and apps, and enforce?
- What kinds of network protocols, APIs, and middleware to help manage IoT devices at scale? The sheer number of these devices will make what would ordinarily be trivial tasks into significant challenges. For example, configuring a security policy for a single device is tractable. Configuring a security policy for hundreds of devices, each of which has a different user interface, is not. Similarly, it is easy to have unique passwords for a few devices, but less so for a house or building full of devices, many of which do not even have keyboard input or displays. It is also easy to physically lock down a few computers to prevent them from being stolen, but it is very difficult to do the same for large numbers of IoT devices. Even worse, many of these IoT devices can be easily lost or stolen due to their small size, or even tampered with to send back fake data.
- Image from wired.com A friend told me that a person once annoyed a bunch of people wearing Google Glass by shouting out “Ok Glass, take a picture,” causing everyone’s wearable to take a picture.
- What kinds of network protocols, APIs, and middleware to help manage IoT devices at scale? The sheer number of these devices will make what would ordinarily be trivial tasks into significant challenges. For example, configuring a security policy for a single device is tractable. Configuring a security policy for hundreds of devices, each of which has a different user interface, is not. Similarly, it is easy to have unique passwords for a few devices, but less so for a house or building full of devices, many of which do not even have keyboard input or displays. It is also easy to physically lock down a few computers to prevent them from being stolen, but it is very difficult to do the same for large numbers of IoT devices. Even worse, many of these IoT devices can be easily lost or stolen due to their small size, or even tampered with to send back fake data.
- Grade 12.5 About 10 min to read So based on Lorrie and Aleecia’s work, it will take 25 full days to read all privacy policies of all web sites But this assumes people read it Rationale behavior not to read privacy policies: we want to use the service, painful to read, clear cost but unclear benefit
- https://www.flickr.com/photos/johnivara/536856713 https://creativecommons.org/licenses/by-nc-nd/2.0/ I want to wrap up by taking a big step back and looking at the big picture. Today, we are at a crossroads. There is only one time in human history when a global network of computers is created, and that time is now. And there is only one time in human history when computation, communication, and sensing is woven into our everyday world, and that time is now. We’re already in the early stages of IoT. And it will offer tremendous benefits to society in terms of safety, sustainability, transportation, health care, and more, but only if we can address the real privacy problems that these same technologies pose. So I’ll end with a question for you to consider:
- https://www.flickr.com/photos/johnivara/536856713 https://creativecommons.org/licenses/by-nc-nd/2.0/ Today, we are at a crossroads. There is only one time in human history when a global network of computers is created, and that time is now. And there is only one time in human history when computation, communication, and sensing is woven into our everyday world, and that time is now. Now, I’ve avoided using the term Internet of Things because as you may remember from yesterday, I don’t really like the term. But regardless of what it’s called, it’s coming, and coming soon. And it will offer tremendous benefits to society in terms of safety, sustainability, transportation, health care, and more, but only if we can address the real privacy problems that these same technologies pose. So I’ll end with a question for you to consider: