This document summarizes research into privacy concerns in ubiquitous computing. It discusses how ubiquitous computing could enable both great benefits and harms to privacy if not designed carefully. The researchers developed the Context Fabric architecture to better support privacy-sensitive applications. This includes keeping personal data local, interfaces for control and feedback, and tools to detect privacy issues. They applied this through applications like a location-sharing messenger and emergency response system, and evaluated the privacy protections.
For FRIT 7739, I created this collaborative unit on digital citizenship. This unit focuses on digital communication and etiquette. It was presented to sixth graders.
In this Slide we are Covering a Meaning of Computer Ethics and and Common Issues of Computer ethics.
Ethics is a set of moral principles that govern the behavior of an individual or group of people.
Meaning-:
Computer ethics is the application of moral principles to the use of computers and the Internet. Examples include intellectual property rights, privacy policies, and online etiquette, or "netiquette
Legal Research in the Age of Cloud ComputingNeal Axton
This presentation discusses the impact of the mass communication technologies including the Internet and Cloud Computing on the practice of law and legal research. This presentation was given the Advanced Legal Research class at William Mitchell College of Law in St. Paul, Minnesota of August 23, 2013 by Neal R. Axton, JD, MLIS.
History of computer ethics
What is computer ethics
Computer ethics topics
Computers in the Workplace
Computer Crime
Privacy and Anonymity
Intellectual Property
Professional Responsibility
Globalization
Evolution of computer ethics
Metaethics of computer ethics
Computer Ethics: Ethics is a set of moral principles that govern the behavior of a group or individual. Therefore, computer ethics is set of moral principles that regulate the use of computers. Some common issues of computer ethics include intellectual property rights (such as copyrighted electronic content), privacy concerns, and how ...
An Architecture for Privacy-Sensitive Ubiquitous Computing at Mobisys 2004Jason Hong
Some older research I did looking at one way of building privacy-sensitive apps for ubiquitous computing environments. The core idea is to focus on locality, where all of the data is sensed and processed locally as much as possible.
Privacy is the most often-cited criticism of ubiquitous computing, and may be the greatest barrier to its long-term success. However, developers currently have little support in designing software architectures and in creating interactions that are effective in helping end-users manage their privacy. To address this problem, we present Confab, a toolkit for facilitating the development of privacy-sensitive ubiquitous computing applications. The requirements for Confab were gathered through an analysis of privacy needs for both end-users and application developers. Confab provides basic support for building ubiquitous computing applications, providing a framework as well as several customizable privacy mechanisms. Confab also comes with extensions for managing location privacy. Combined, these features allow application developers and end-users to support a spectrum of trust levels and privacy needs.
Authors are Jason Hong and James Landay
Fostering an Ecosystem for Smartphone PrivacyJason Hong
An overview of our research group's work on smartphone privacy, looking at helping developers, helping app stores, and some research issues.
Presented Nov 2018 at Eller College of Management, at University of Arizona
For FRIT 7739, I created this collaborative unit on digital citizenship. This unit focuses on digital communication and etiquette. It was presented to sixth graders.
In this Slide we are Covering a Meaning of Computer Ethics and and Common Issues of Computer ethics.
Ethics is a set of moral principles that govern the behavior of an individual or group of people.
Meaning-:
Computer ethics is the application of moral principles to the use of computers and the Internet. Examples include intellectual property rights, privacy policies, and online etiquette, or "netiquette
Legal Research in the Age of Cloud ComputingNeal Axton
This presentation discusses the impact of the mass communication technologies including the Internet and Cloud Computing on the practice of law and legal research. This presentation was given the Advanced Legal Research class at William Mitchell College of Law in St. Paul, Minnesota of August 23, 2013 by Neal R. Axton, JD, MLIS.
History of computer ethics
What is computer ethics
Computer ethics topics
Computers in the Workplace
Computer Crime
Privacy and Anonymity
Intellectual Property
Professional Responsibility
Globalization
Evolution of computer ethics
Metaethics of computer ethics
Computer Ethics: Ethics is a set of moral principles that govern the behavior of a group or individual. Therefore, computer ethics is set of moral principles that regulate the use of computers. Some common issues of computer ethics include intellectual property rights (such as copyrighted electronic content), privacy concerns, and how ...
An Architecture for Privacy-Sensitive Ubiquitous Computing at Mobisys 2004Jason Hong
Some older research I did looking at one way of building privacy-sensitive apps for ubiquitous computing environments. The core idea is to focus on locality, where all of the data is sensed and processed locally as much as possible.
Privacy is the most often-cited criticism of ubiquitous computing, and may be the greatest barrier to its long-term success. However, developers currently have little support in designing software architectures and in creating interactions that are effective in helping end-users manage their privacy. To address this problem, we present Confab, a toolkit for facilitating the development of privacy-sensitive ubiquitous computing applications. The requirements for Confab were gathered through an analysis of privacy needs for both end-users and application developers. Confab provides basic support for building ubiquitous computing applications, providing a framework as well as several customizable privacy mechanisms. Confab also comes with extensions for managing location privacy. Combined, these features allow application developers and end-users to support a spectrum of trust levels and privacy needs.
Authors are Jason Hong and James Landay
Fostering an Ecosystem for Smartphone PrivacyJason Hong
An overview of our research group's work on smartphone privacy, looking at helping developers, helping app stores, and some research issues.
Presented Nov 2018 at Eller College of Management, at University of Arizona
Keynote talk for VL/HCC 2018. I talk about why developers should care about privacy, what privacy is and why it is hard, some of our group's research in building better tools to help developers (in particular, Coconut IDE Plug-in and PrivacyStreams), and lastly some frameworks for thinking about privacy and developers.
Tutorial for ACM Multimedia 2016, given together with Gerald Friedland, with contributions from Julia Bernd and Yiannis Kompatsiaris. The presentation covered an introduction to the problem of disclosing personal information through multimedia sharing, the associated security risks, methods for conducting multimodla inferences and technical frameworks that could help alleviate such risks.
Ethical And Social Issues in MIS - Management Information SystemFaHaD .H. NooR
Information ethics has been defined as "the branch of ethics that focuses on the relationship between the creation, organization, dissemination, and use of information, and the ethical standards and moral codes governing human conduct in society".[1] The term information ethics was first coined by Robert Hauptman and used in the book Ethical challenges in librarianship. It examines the morality that comes from information as a resource, a product, or as a target.[2] It provides a critical framework for considering moral issues concerning informational privacy, moral agency (e.g. whether artificial agents may be moral), new environmental issues (especially how agents should behave in the infosphere), problems arising from the life-cycle (creation, collection, recording, distribution, processing, etc.) of information (especially ownership and copyright, digital divide, and digital rights). It is very vital to understand that librarians, archivists, information professionals among others, really understand the importance of knowing how to disseminate proper information as well as being responsible with their actions when addressing information.[3]
Information ethics has evolved to relate to a range of fields such as computer ethics,[4] medical ethics, journalism[5] and the philosophy of information.
Dilemmas regarding the life of information are becoming increasingly important in a society that is defined as "the information society". The explosion of so much technology has brought information ethics to a forefront in ethical considerations. Information transmission and literacy are essential concerns in establishing an ethical foundation that promotes fair, equitable, and responsible practices. Information ethics broadly examines issues related to ownership, access, privacy, security, and community. It is also concerned with relational issues such as "the relationship between information and the good of society, the relationship between information providers and the consumers of information".[6]
Information technology affects common issues such as copyright protection, intellectual freedom, accountability, privacy, and security. Many of these issues are difficult or impossible to resolve due to fundamental tensions between Western moral philosophies (based on rules, democracy, individual rights, and personal freedoms) and the traditional Eastern cultures (based on relationships, hierarchy, collective responsibilities, and social harmony).[7] The multi-faceted dispute between Google and the government of the People's Republic of China reflects some of these fundamental tensions.
CBSE open book exam plan evokes mixed reactions.
Students will be forced to think beyond narrow definitions of what they learn from books, making learning more experiential.
Rote learning a closed chapter, CBSE to begin open book era.
Teachers brace for open book challenge.
Open Book Exam System by CBSE
Sometime back there was a news that CBSE is planning to introduce Open Book Exam system for the current session "CBSE is all set to introduce the “OPEN BOOK EXAM “ for classes IX, X, XI in 2013 -2014 session and in Class XII from next academic session, reports some section of the media"
The Video and the Post here explains what exactly is an Open Book Exam
Some Facts about the Open Book Exam System
Open book tests are not easy tests.
Open book tests teach you how to find information when you need it.
The questions are designed to teach you how to use your brain
The CBSE open book system will be for 15-20% of the marks. The schools will be supplied with the text material in few months before the commencement of Summative Assessment – 2. (It will start from 2014).
Continuing legal education class offered at Orange County Bar Association meeting of the Small Firm and Solo Practice Committee on April 25, 2010. Covers all aspects of attorney and client electronic communication and documents and related e-discovery implications.
data mining privacy concerns ppt presentationiWriteEssays
Data Mining and privacy Presentation
This is a sample presentation on data mining. The presetation looks at the critical Issues In Data Mining: Privacy, National Security And Personal Liberty Implications Of Data Mining
In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject.
We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup.
Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved.
The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring.
The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise.
By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIVladimir Iglovikov, Ph.D.
Presented by Vladimir Iglovikov:
- https://www.linkedin.com/in/iglovikov/
- https://x.com/viglovikov
- https://www.instagram.com/ternaus/
This presentation delves into the journey of Albumentations.ai, a highly successful open-source library for data augmentation.
Created out of a necessity for superior performance in Kaggle competitions, Albumentations has grown to become a widely used tool among data scientists and machine learning practitioners.
This case study covers various aspects, including:
People: The contributors and community that have supported Albumentations.
Metrics: The success indicators such as downloads, daily active users, GitHub stars, and financial contributions.
Challenges: The hurdles in monetizing open-source projects and measuring user engagement.
Development Practices: Best practices for creating, maintaining, and scaling open-source libraries, including code hygiene, CI/CD, and fast iteration.
Community Building: Strategies for making adoption easy, iterating quickly, and fostering a vibrant, engaged community.
Marketing: Both online and offline marketing tactics, focusing on real, impactful interactions and collaborations.
Mental Health: Maintaining balance and not feeling pressured by user demands.
Key insights include the importance of automation, making the adoption process seamless, and leveraging offline interactions for marketing. The presentation also emphasizes the need for continuous small improvements and building a friendly, inclusive community that contributes to the project's growth.
Vladimir Iglovikov brings his extensive experience as a Kaggle Grandmaster, ex-Staff ML Engineer at Lyft, sharing valuable lessons and practical advice for anyone looking to enhance the adoption of their open-source projects.
Explore more about Albumentations and join the community at:
GitHub: https://github.com/albumentations-team/albumentations
Website: https://albumentations.ai/
LinkedIn: https://www.linkedin.com/company/100504475
Twitter: https://x.com/albumentations
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
GridMate - End to end testing is a critical piece to ensure quality and avoid...ThomasParaiso2
End to end testing is a critical piece to ensure quality and avoid regressions. In this session, we share our journey building an E2E testing pipeline for GridMate components (LWC and Aura) using Cypress, JSForce, FakerJS…
Maruthi Prithivirajan, Head of ASEAN & IN Solution Architecture, Neo4j
Get an inside look at the latest Neo4j innovations that enable relationship-driven intelligence at scale. Learn more about the newest cloud integrations and product enhancements that make Neo4j an essential choice for developers building apps with interconnected data and generative AI.
How to Get CNIC Information System with Paksim Ga.pptxdanishmna97
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...Neo4j
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Privacy in the Age of Ubiquitous Computing, Stanford PCD seminar March 2004
1. Privacy in the Age of
Ubiquitous Computing
Jason I. Hong
Scott Lederer
Jennifer Ng
Anind K. Dey
James A. Landay
Group for
UserInterface
Research
University of
California
Berkeley
2. Mar 05 2004 2
The Origins of Ubiquitous
Computing
What’s wrong with Personal Computers?
– Too complex and hard to use
– Too demanding of attention
– Too isolating from other people
– Too dominating of our desktops and our lives
Ubiquitous Computing Project at Xerox PARC
– Advances in wireless networking, sensors, devices
– Observations of how people use tools in practice
– Make computers a natural part of everyday interactions
3. Mar 05 2004 3
The Origins of Ubiquitous
Computing
4. Mar 05 2004 4
Emerging Examples of Ubicomp
Never Get Lost
Find Friends
Emergency Response
5. Mar 05 2004 5
“But What About My Privacy?”
Never Get Lost
– You walk past a restaurant and your cellphone rings with the
specials of the day
Find Friends
– “Family is already very close to you, so if they’re checking up on
you…sort of already smothering and this is one step further.”
– “[It] could tell when you were in the bathroom, when you left the
unit, and how long and where you ate your lunch. EXACTLY
what you are afraid of.”
Emergency Response
– “I don’t see how a government or an organization will not come
up with an excuse to use [location info] for another purpose.”
Flood of Location-Based Spam
Never Hide From Friends and Co-Workers
Constant Surveillance
6. Mar 05 2004 6
Our Research in Ubicomp Privacy
Fundamental Tension
– Ubiquitous Computing can be used for great benefit
– Ubiquitous Computing can be used for great harm
– Privacy may be greatest barrier to long-term success
Our approach
– What are the privacy concerns in ubicomp?
– How can we design better user interfaces?
– Are there better ways of building privacy-sensitive apps?
Privacy is an area easy to make mistakes in
– Will discuss lessons learned throughout
7. Mar 05 2004 7
What is Privacy?
Lots of perspectives on privacy
– US Constitution, UN Decl. Human Rights, Hippocratic Oath
– Influenced by Legal, Market, Social, and Technical forces
Privacy is not just Orwell
– From “Big Brother” to “Little Sisters”
– Media sensationalization of worst-case scenarios
Privacy is not just computer security
– Adversaries? Friends, family, co-workers, acquaintances
– Anonymity? Friends already know your identity
– Secrecy? We share personal info with friends all the time
– Damage? Risk may be undesired social obligations
We are approaching privacy from an HCI perspective
8. Mar 05 2004 8
An HCI Perspective on Privacy
“The problem, while often couched in terms of privacy,
is really one of control. If the computational system is
invisible as well as extensive, it becomes hard to know:
– what is controlling what
– what is connected to what
– where information is flowing
– how it is being used
– what is broken (vs what is working correctly)”
The O rig ins o f Ubiq uito us Co m puting Re se arch at PARC in the Late
1 9 8 0 s
We ise r, Go ld, Bro wn
Make it easy to share:
• the right information
• with the right people (orservice)
• at the right time
9. Mar 05 2004 9
What are End-User Privacy Needs?
Lots of speculation about privacy, little data out there
Analyzed survey of 130 people on ubicomp privacy prefs
Analyzed nurse message board on locator systems
– http://allnurses.com
Examined papers describing usage of ubicomp systems
Examined existing and proposed privacy protection laws
– EU Directive, Location Privacy Act 2001, Wireless Privacy Act
2004
Interviewed 20 people on various location-based services
– Did not mention the word “privacy” unless they did first
10. Mar 05 2004 10
End-User Privacy Needs
Value proposition
Simple and appropriate
control and feedback
Plausible deniability
Limited retention of data
Decentralized architectures
Special exceptions for
emergencies
Alice’s
Location
Bob’s
Location
11. Mar 05 2004 11
How to Design for Privacy?
What are good privacy-sensitive user interfaces?
– Knowing what is needed does not say how to do it well
12. Mar 05 2004 12
Five Pitfalls for Designers
Understanding
Obscuring potential information flow
Obscuring actual information flow
Action
Configuration over action
Lacking coarse-grained control
Inhibiting established practices
13. Mar 05 2004 13
#1 – Obscuring Potential Flow
Users can make informed use of a system only when
they understand the scope of its privacy implications
14. Mar 05 2004 14
#2 – Obscuring Actual Flow
Users should understand what information is being
disclosed to whom
Who is querying my location?
How often?
Requestor informed of disclosure
Requestee sees each request
15. Mar 05 2004 15
#3 – Configuration Over Action
Designs should not require excessive configuration to
manage privacy
– “Right” configuration hard to predict in advance
– Make privacy a natural part of the interaction flow
16. Mar 05 2004 16
#4 – Lacking Coarse-Grain Control
Designs should not forego an obvious, top-level
mechanism for halting and resuming disclosure
“[T]raveling employees may want their bosses to be able
to locate them during the day but not after 5 p.m. Others
may want to receive coupons from coffee shops before 9
a.m. on weekdays but not on weekends when they sleep
in. Some may want their friends alerted only when they
are within one mile, but not 10 miles.”
Protecting the Cellphone User's Right to Hide
NYTimes Feb 5 2004
Did I set it right?
How do I know?
17. Mar 05 2004 17
#5 – Inhibiting Established
Practices
Designs should not inhibit users from transferring
established social practices to emerging technologies
Rather than getting an
immediate ring, an
answering machine comes
on the line and says, "Lee
has been motionless in a
dim place with high ambient
sound for the last 45
minutes. Continue with call
or leave a message."
1. University and Ramona
2. Palo Alto
3. Custom…
9. Ignore fornow
18. Mar 05 2004 18
How to Build Applications Better?
Develop a toolkit to make it easier to build privacy-
sensitive ubicomp apps
– Prevent – Strong guarantees on your personal data
– Avoid – Better user interfaces for managing privacy
– Detect – Finding over-monitoring or accidental disclosures
– Need all three for effective systems
Key architectural points of Context Fabric
– Locality
– InfoSpace Diary
– Access Descriptions
– Privacy Tags
19. Mar 05 2004 19
Locality
Keep personal data “close” to end-users
– Move from centralized systems to decentralized ones
– Capture, store, and process personal data on my computer
PlaceLab
A
B
C
–Works indoors and
in urban canyons
–No special
equipment
–Privacy-sensitive
22. Mar 05 2004 22
Locality
MiniGis Server for processing location locally
Country Name = United States
Region Name = California
City Name = Berkeley
ZIPCode = 94709
Place Name = Soda Hall
Lat Lon = 37.8756, -122.25711
23. Mar 05 2004 23
Locality
MiniGis Server data sources
USGS State Gazetteer
– Names in USA
– 2m records ~650 megs
– States, Cities, Places
“Places” hardest to get
– Airports & schools useful, “hammocks”, “lava”, “quicksand” less so
– 2 undergrads scouring Berkeley
– Research opportunity here in open, distributed naming of places
GEOnet Names Server
– Names outside USA
– 5.5m records ~700megs
– Regions, Cities, Places
24. Mar 05 2004 24
InfoSpace Diary
InfoSpace stores your personal information
– Static info, like name and phone#
– Dynamic info, like current location and activity
Runs on your personal device or on a trusted service
– Local sources (ex. PlaceLab) can update dynamic info
– Can choose to expose different parts to different people & services
– Can also see who can see what about you
25. Mar 05 2004 25
Confab Architecture
InfoSpace
Diary
InfoSpace
Diary
LocName
PlaceLab
Tourguide
Find Friend
MiniGis
How to control when and how
much personal info is disclosed?
Request
26. Mar 05 2004 26
Access Notifications
One possibility:
“[T]raveling employees may want their bosses to be able to locate
them during the day but not after 5 p.m. Others may want to receive
coupons from coffee shops before 9 a.m. on weekdays but not on
weekends when they sleep in. Some may want their friends alerted
only when they are within one mile, but not 10 miles.”
Problems:
– People are not good at defining rules beforehand
– Tradeoff between fine-grained control and understandability
27. Mar 05 2004 27
Observations on Setting
Preferences
Who is requesting information is most important factor
– “Either I trust someone with my information or I don't –
it doesn't depend on where I am.”
Time is an essential aspect for maintaining control
– Access described in terms of “always”, “never”, or “work hours”
– “Work people can know my information during work hours.
Home/SO people can know my information always.”
Can set prefs before, during, or after a request
– Before case can lead to configuration pitfall
– During case easier to understand, but can overwhelm
– After case easy to setup, but can lead to accidental disclosures
28. Mar 05 2004 28
Access Notifications
Explain d
Time cam
What are
My origin
IP
Lo
Ti
Pr
“I
So
Se
Two diffe
Persons
Push and
Push not
Pull hard
29. Mar 05 2004 29
Access Notifications
Initial Evaluations
– Tested with 4 people for understandability and reactions
– Location-enhanced messenger, tourguide, emergency response
30. Mar 05 2004 30
Access Notifications
Initial Evaluations
– Tested with 4 people for understandability and reactions
– Location-enhanced messenger, tourguide, emergency response
Results
– Distinction between Push vs Pull, Continuous vs Discrete
“Giving a GPS location once or twice does not provide
enough information for an invasion of privacy… [but] if
GPS location is shared every 2 seconds, there is a
potential for an invasion of privacy.”
“No need for continuous update of location. Only in a
race or a marathon (where staying on track is essential)
would continuous update be helpful.”
32. Mar 05 2004 32
Confab Architecture
InfoSpace
Diary
InfoSpace
Diary
LocName
PlaceLab
Tourguide
Find Friend
MiniGis
How to control what
happens to yourinfo once
it leaves yourInfoSpace?
Access
Access
Pull
Push
33. Mar 05 2004 33
Privacy Tags
Digital Rights Management for Privacy
– Like adding note to email, “Please don’t forward”
– Notify address - notify-abc@cs.berkeley.edu
– Time to live - 5 days
– Max number of sightings - last 5 sightings of my location
Libraries for making it easy for app developers
34. Mar 05 2004 34
Analysis
Prevent
– Capture and process personal information locally
– PlaceLab, MiniGis
– Minimizes risk of mission creep (ex. SSNs)
Avoid
– Interfaces for helping people make good decisions
– Access Notifications / PlaceBar
Detect
– Finding cases of over-monitoring
– Access Notifications
– Privacy Tags (processed on requestor’s side)
35. Mar 05 2004 35
Implementation
Confab, PlaceLab, MiniGis
– Java 1.5, Tomcat Web Server, MySql, Jaxen XPath
Data
– WiFi from wigle.net and undergrads
– MiniGis from USGS, GeoNET, and undergrads
– ~35 megs of data (30 megs of place data)
#Classes Lines of code
Confab 320 17000
PlaceLab 10 800
MiniGis 15 3000
Shared Libs 230 12000
36. Mar 05 2004 36
Putting it Together
Lemming Location-enhanced Messenger
37. Mar 05 2004 37
Putting it Together
BEARS Emergency Response Server
Field studies and interviews with firefighters [CHI2004]
Finding victims in a building
– “You bet we’d definitely want that.”
– “It would help to know what floor they are on.”
But emergencies are rare
– How to balance privacy constraints with utility when needed?
38. Mar 05 2004 38
Putting it Together
BEARS Emergency Response Server
Trusted third party (MedicAlert++)
Medic
Alert++
Medic
Alert++
Loc
“ABC”
“ABC”
On
Emergency
39. Mar 05 2004 39
Requirements Check
Value proposition
Simple and appropriate control and feedback
– Access Notifications (pull) and PlaceBar (push)
Plausible deniability
– No action, “Ignore for now”, and “Never Allow” appear same
Limited retention of data
– Privacy Tags
Decentralized architectures
– Capture and process information locally
Special exceptions for emergencies
40. Mar 05 2004 40
Contributions
Investigated ubicomp privacy from many perspectives
– What are end-user needs? How to design? How to build?
Context Fabric architecture for privacy-aware apps
– Prevent / Avoid / Detect
– Suggests a way of architecting privacy-sensitive ubicomp
Services on devices, local processing, presentation to end-users
– Evaluation with two applications
– Starting deployment of Lemming instant messenger
“Use technology correctly to enhance life. It is important that
people have a choice in how much information can be
disclosed. Then the technology is useful.”
Not impressive by modern standards, but have to keep in mind that this was in the late 1980s!
Emergency Response E911, also see SIREN paper Safety – firefighters, personal location, Alzheimer’s patients, children, public health (ex. SARS) Efficiency – traffic routing, traffic fleet allocation, supply chain management Fairness – better allocation of resources, better environmental monitoring, better information gathering and transparency Convenience – Micro-coordination, useful reminders
Cute “ I would use [friend finder] for spy work and find out if my brother was up to no good. Then I would track him down.” Family [interview] “For a parent, this would be a great spying tool. I just don’t like it at all.” Workplace Abuse / Lack of Respect [survey] “ I don‘t want to be under direct surveillance of my husband or boss no matter what i am doing ” [survey] “this scheme could be used by a boss to constantly track an employee's location without the employee knowing“ [nurses] “These things give me the creeps. George Orwell never thought of this but he should have.” [nurses] “So---are these devices going to be used to track how much time nurses spend in the bathroom during their shift???” [nurses] “The stupid monitoring could tell when you where in the bathroom, when you left the unit, and how long and where you ate your lunch. EXACTLY what you are afraid of. Nurses are not prisoners of the state who need to be monitored every second of every day. ” Tradeoffs CYA (liability, garbage collectors, nurses) Efficiency
On one hand, ubicomp can be used for great benefit, in terms of safety, efficiency, quality of life On the other hand, ubicomp can also be used for constant surveillance, loss of control over personal life First two, privacy concerns and better design, informed the third, the toolkit
We all have intuitive notions of what privacy is My focus is on information privacy Privacy is a very difficult topic b/c it is such a pervasive part of our lives Privacy is a very difficult topic b/c it cuts across so many different areas, does not fit nicely in these boundaries we call academic departments Point is that, while security is useful and an integral part of privacy, we need new ways of thinking here UN Universal Declaration of Human Rights http://www.unhchr.ch/udhr/lang/eng.htm “ No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks. ” Setup rules? Geopriv mailing list, Bell Labs, Faces UI
Lots of speculation, lots of worst-case scenarios, but what are real needs? Survey done by Scott Lederer, I did further analysis on freeform comments Active Badge, PARCTab “ I would use it for spy work and find out if my brother was up to no good. Then I would track him down.” “ Family is already very close to you, so if they’re checking up on you…sort of already smothering, and this is one step further” Find Friend, Active Map, Find Place, Mobile Commerce, Emergency Theoretical work on Designing for Privacy Adams, Bellotti & Sellen, Jiang et al, Palen & Dourish
Concerns were wide-ranged. Very little voiced concerns about government, more about over-monitoring by boss, friends, family (if young), spouses, and intrusion by advertisers Interesting thing here is that people didn’t seem to have concerns about the telecom or service providing location, more about who was using the information In other words, people cared about the endpoint, not the intermediaries Want control and feedback to prevent over-monitoring
Faces work based on Erving Goffman’s notion of how we present ourselves in everyday life This interface didn’t work. Why? And did we make mistakes that others have made as well?
Common traps to fall into
One concerned nurse wrote, erroneously, “They've placed it in the nurses' lounge and kitchen. Somebody can click it on and listen to the conversation. You don't need a Big Brother overlooking your shoulder”
This one is especially important for computer scientists and software developers Pre-configuration is a “design pattern” that in many cases is an “anti-design pattern” b/c it doesn’t work that well
Some systems make it hard to do white lies, hard for plausible deniability Err on the side of safety (less info usually better), ie be conservative wrt privacy and automatically disclosing information
Observation: Majority of past work has focused on preventing privacy problems Ex. anonymity, encryption, access control, rule-based systems
Wifi wave = sales + #wardrivers
Image from MapPoint, perhaps the coolest piece of Microsoft software ever written (though they did buy it from someone else, so…)
Telling your friends your GPS location is not useful
Whittled down data to about 30 megs, 25 megs of which are “places” local to the bay area Undergrads working with me are like the Verizon wireless guy, “Can you hear me now?” Research opportunity would be great in bootstrapping location-based services, in terms of making this kind of info widely available for anyone to build services on top of
Protecting the Cellphone User's Right to Hide NYTimes Feb 5 2004 One possibility is lots of fine-grained rules. Problem is: Time, hard to define rules beforehand Fine-grained controls aren’t always good (can be confusing)
Quotes on Who is Requesting Info See Lederer 2003 in CHI Shorts [survey] Who receives my info is the more important one. My significant others can know where I am at any time, but for my boss, a random person on the street, and a vendor, tis none of their business [ survey ] Context isn't that important, because I trust the person to know how to exercise discretion. [ survey ] Either I trust someone with my information or I don't--it doesn't depend on where I am. [survey] I didn't want people in either a position of power over me (the boss) or with the ability to annoy me (marketers) to access my info. [survey] 1 is more important that 2. Family comes first, followed by business, then potential business. Lastly strangers are greeted if the situation permits. [survey] some people have priority, either because of a trust relationship (family & friends) or an economic one (boss). [ survey ] For me, "who" is all that matters. If I don't trust the person with personal information, I wouldn't want to give them any information at any time. If I do trust the person, I'm willing to give out information freely. [survey] If my spouse were looking, I have nothing to hide from them, my privacy is not an issue. However, a friend or boss does not need to know "everything" about me, and I would likely use a "vague" face. [ ed. ie less information - jih ] [survey] I wouldn't want to give them any information at any time. If I do trust the person, I'm willing to give out information freely. [ survey ] The relationships that I establish with individuals (or companies, in the examples above) tend to transcend the activities in which I am engaged; once I choose to trust someone with my information, it's less important to me to be able to change it moment to moment than to maintain and protect that information consistently. [survey] Who the person is defines my relationship with them. The level of trust is determined by the relationship, the possible motives they have for finding me etc... [interview] Close friends. I don’t want professor or TAs to know. No coworkers/bosses. They will know if you’re goofing off. [interview] [interview] [interview] Quotes on using Time [survey] during the work day, or after-hours during crunch time, I'd want my boss/coworkers to find my - after hours I'd rather be more anonymous [survey] most employer-employee relationships end at 5PM, hence the blank face [ ed – ie anonymous - jih ] to the boss after hours [survey] It depends: for my signicant other, I would always allow any information to be accessible. For my boss, I would allow him/her to know where I am, but only during work related situations (work hours). [survey] I would, of course, only be OK with this if his queries were during business hours and relevant to a work related issue) [survey] for example I would not have a problem with a boss seeing my "truefaceface" face during working hours but during my lunch and on the weekends, a boss has no right to this information. [interview] Temporary access to people: “If friends are in town…if there is a researcher I want to know…if there is a conference in town…” only people see from time to time [interview] If had the device, would be useful to locate family. It would be easier to locate them in a larger area.” Same group of people. Relatives of friends. Wouldn’t want to share with coworkers/bosses. “If it’s during a work day and we are trying to get something done, then it’s useful.” When I leave for the day, that the device is off. Groups. Turn on and off based on time and date. “I like to know exactly [where they are located].” An exact location. Quotes on set and forget [survey] Work people can know my information during work hours. Home/SO people can know my information always, though not to the point of keeping tabs. [survey] My signifcant other should see my truefacefaceface always. The evil national chains should see my blank face always. The people between these two extremes will see different faces depending on the situation. [survey] I would never want a retailer to contact me unasked, but always want my spouse to find me. Business contacts might be an exception - during the work day, or after-hours during crunch time, I'd want my boss/coworkers to find my - after hours I'd rather be more anonymous [survey] I would always allow any information to be accessible for my boss, I would allow him/her to know where I am, but only during work related situations (work hours). for other, unknown random people/business, in general, I would not let them know anything [survey] Home/SO people can know my information always, though not to the point of keeping tabs. Random people might have access to enough information to help start up a conversation, but nothing beyond that. Random businesses should never get any personal-indentifying information (vague might be ok if the business can't figure out who I am - though I'd be skeptical).
Set-and-forget In-situ Configuration of time based on interviews and surveys Common theme was that people said they wanted only at workplace Another one was just temporary access, b/c acquaintances or tax attorney (temporary) Next “14” days useful for temporary access Can set prefs in situ and then can forget about it, don’t have to constantly check
giving a GPS location once or twice does not provide enough information for an invasion of privacy – why would someone stay in the same place for a long time. if GPS location is shared every 2 seconds, there is a potential for an invasion of privacy
Describe push / pull here What am I disclosing? What am I getting in return? Discrete push, on each transaction
Why location-instant messenger? Already a set of trusted friends / co-workers Most common question on SMS is “where are you?” [survey] For example, my friends should always be able to see my truefacefacename and primary email address because they already know that, but depending on what I am doing, I may or may not want them to know what I'm doing or where I am. If I am not available, I would want to be able to leave an away message as in IM.
An example setup of the BEARS emergency response service. A data sharer obtains their location (1) and shares it with a trusted third-party (2). The end-user gets a link (3) that can be sent to others, in this case to a building (4). If there is an emergency, responders can traverse all known links, getting up-to-date information about who is in the building (with the trusted third-party notifying data sharers what has happened).
An example setup of the BEARS emergency response service. A data sharer obtains their location (1) and shares it with a trusted third-party (2). The end-user gets a link (3) that can be sent to others, in this case to a building (4). If there is an emergency, responders can traverse all known links, getting up-to-date information about who is in the building (with the trusted third-party notifying data sharers what has happened).