PerCol 2012 - Presentation


Published on

Understanding the Privacy Implications of Using Context-based Awareness Cues in Social Networks, Ville Antila & Jussi Polet, PerCol 2012 presentation

Published in: Technology, Education
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

PerCol 2012 - Presentation

  1. 1. Understanding the Privacy Implications ofUsing Context-based Awareness Cues inSocial NetworksVille Antila*^, Jussi Polet**VTT Technical Research Centre of Finland, Oulu, Finland^Philips Research, Eindhoven, The Netherlands
  2. 2. Background – Smarcos project• Smarcos creates solutions to allow devices and services to exchange context information, user actions, and semantic data• One important part of the work has been to investigate the practical usage of context information and to develop models that can be dynamic and adaptive as well as applicable to different applications•
  3. 3. Outline of the talk• Introduction and challenges• ContextCapture -application• User study• Results• Discussion and lessons learned• Conclusions
  4. 4. Introduction Information from the physical world is increasingly “digitalized” and sharedSmartphones can be used to provide a wide range of awareness and presence information
  5. 5. Challenges (privacy implications of context-awareness in social networks) Context (“anything that can Privacy characterize the situation of an entity”) • The level of information disclosure can be difficult to manage• The notion of ‘context’ can not be (awareness of consequences might objectively defined (a prior) by not be clear) settings, actions and actors • People can end-up disclosing more• Rather, context is the meaning that information than they meant to the actions and actors acquire at (unwillingly) any given time from the subjective perspective [Mancini et al., 2009] • “Privacy is a dynamic and continuously negotiated• Awareness of ‘consequences’ is process” [Palen & Dourish, 2003] important for grasping the effect of actions determining the level of • People tend to appropriate the information disclosure usage of a service to their own needs [Barkhuus et al, 2008]
  6. 6. Context-based awareness cues• Sharing context information can create awareness about the user’s situation and thus enhance or make communication more efficient [Oulasvirta, 2008]• Creating awareness can have multiple purposes... • “Declaring one’s position is perhaps as much about deixis (pointing at and referencing features of the environment) as it is about telling someone exactly where you are” [Benford et al., 2004]• Our hypothesis is that in many cases, rather than using exact parameters provided by sensors, people would like to add semantic meaning by using more abstract terms• Also we claim that people prefer abstraction to ensure a certain level of privacy • The challenge is to give means for the dynamic abstraction while keeping as brief as possible (cf. interactions in “4-second bursts”)
  7. 7. Research approach• We developed an experimental • Conducted a two-week user trial mobile application, which allows exploring the usage of different users to add different types of abstraction levels on different contextual information to their context types (and their privacy Facebook status updates in a implications) format of a “story” or a narrative of the situation• We developed a semantic database which links the abstract, user-defined context labels to the low-level sensor data
  8. 8. ContextCapture -application (1/4)• Architecture: A mobile application and a backend service integrated with Facebook and Twitter• Android and Symbian mobile applications• Backend using Jena Semantic Web toolkit and a domain context model (using RDF)
  9. 9. ContextCapture -application (2/4)• Context recognition is based • for example: on different sensors • based on the accelerometer • accelerometer, ambient light data, a decision is made detector, GPS data, open whether the user is moving or applications on the device, the still by using movement device system information and detection algorithm nearby Wifi access points and • nearby Facebook friends can Bluetooth devices be detected using Bluetooth scanning
  10. 10. ContextCapture -application (3/4)• Context items in ContextCapture -application • Activity – physical activity of the user • Applications – currently open applications • Device – device information, such as the device type • Friends – nearby Facebook friends using ContextCapture • Location – abstrations using GPS, network and Wifi scan data, current street address, cell ID • Surroundings – abstractions of physical surroundings using ambient light detector, weather etc
  11. 11. (Example)• Creating a message: “[User-defined message] Sent from [Location] while [Activity] [Description] [Topic] and [Applications Activity] with [Friends].”As an example, a status update message generated with the previous rule could be: “I think this is the killer app for Pervasive Computing! Sent from Conference Room 1 at PerCom 2012, Lugano, Switzerland while listening to an interesting presentation by Dr. Firstname Lastname and using Notepad with 4 conference buddies nearby.”
  12. 12. ContextCapture -application (4/4)• “Collective” context is gathered from nearby devices (running ContextCapture) • If lacking, the mobile client can ask nearby devices for additional context information, such as GPS coordinates, address, weather etc. • Bluetooth communication is used with a simple protocol over RFCOMM • Request: • CCRAControlProtocol:Client:ClientBluetoothName: WTHR:Request • Response: • CCRAControlProtocol:Server:ServerBluetoothName:WTHR:-3 degrees Celsius,Sunny
  13. 13. User study• 12 participants used ContextCapture for two weeks using their own mobile phones in their everyday lives
  14. 14. Participants• …were between 30-46 years, 37.25 years on average, six males and six females• …used their own mobile devices and personal Facebook accounts during the trial• …were experienced Facebook users as 25% of them had used the service 1-2 years and the rest for over two years
  15. 15. The study setup•The participants… 1.…were emailed a short description of the study • Purpose, a short manual, a link with installation instructions and a link to the initial Web questionnaire 2.…used the application for two (2) weeks • During that time, they could tell their experiences through a Web diary (we asked them to fill in the diary at least five times) 3.…were interviewed at the end of the trial • The interviews were semi-structured, including questions about the users’ expectations, attitudes, privacy and the most pleasing and unpleasing experiences related to the usage • The participants also filled a Web questionnaire about their experiences
  16. 16. Findings (1/3)• Status updates with Location information were seen most informative as people often use location to give further context for their activities• Weather information, which was related to Surroundings field, was also seen highly interesting• Application and Device were considered as the least useful fields (average: 2.3/5.0 and 2.4/5.0) • It seemed that many participants did not want to “advertise” the device they were using; and open applications were often unrelated or uninteresting (with regards of the current situation)
  17. 17. Findings (2/3)• The participants were clearly aware of their privacy and had thought about it while using the application • E.g. the participants did not use the addresses of their homes or the kindergarten their children were, even though the audience consisted of Facebook friends • The accurate location of places was too sensitive to be shared, many of the participants stated that the semantic meaning of the place is enough • E.g. stating “I’m at home” is adequate enough for the people the message is meant for • In many participants’ opinion sharing friends’ location without permission is not acceptable, participants preferred to use more abstract words, like “group of friends”, instead of giving the exact names
  18. 18. Findings (3/3)• One key finding was that people were clearly interested about “context” as a form of communication enabler, especially while communicating to their friends (i.e. social network)• Context information was seen to add value, but users wanted to have full control in the level of abstraction (and each subsequent time they used the system)• Abstract labels (with a semantic meaning), such as “home”, “work” and “kindergarten” were seen more useful than more exact terms• Abstract labels were also considered more privacy preserving in many situations• Moreover the usage of different abstractions were observed to be dynamic rather than static, therefore users did change the usage of different labels in different situations
  19. 19. Implications for design of context-aware socialapplications• With applications dealing with privacy sensitive information, the information disclosure and privacy should be fully controlled by the user• By giving freedom for users to control the disclosure and abstraction level of contextual information, it creates: • meaningfulness and motivation for the users • and in the same time allows the system to gather a set of user-defined context labels with different abstraction levels (which can be associated with the gathered low-level sensor data)• Privacy is indeed a dynamic and continuously negotiated process in which a rigorous set of prior rules can render the application useless • People often appropriate the shared information level according to the needs of the moment
  20. 20. Discussion• Through the analysis of contextual information derived from mobile device usage patterns it is possible to infer a lot of potentially privacy-sensitive information • There has been research in extracting these patterns from large datasets [Eagle & Pentland, 2006; Farrahi & Gatica-Perez, 2008 and 2010] • In addition there has been an increasing interest of exploring the social-side of context-awareness in pervasive computing [Endler et al., 2011, Hosio et al., 2010]• We argue that the increased context-awareness is an inevitable step in pervasive computing but the privacy implications of this progress are largely not tested in the “real-world” yet• Novel approaches for capturing and storing context “labels” are called for..
  21. 21. Conclusions• We have presented a work investigating the practical use of labeling context information in social computing..• The main findings include: • Current location, activity and surroundings were the most relevant context types (in this study) • Disclosing the nearby friends or colleagues in the status updates was seen as relevant but problematic due to privacy issues • The context types were seen as most meaningful when the used abstraction level was high • Participants felt that exact information, such as street address or coordinates, conveyed a too matter-of-fact type description • Whereas more abstract descriptions, such as “at the movie theatre” or “at the botanical garden” were seen as more illustrative, interesting and meaningful
  22. 22. Something to take away from the talk...• Avoid using “hard to define” rules for setting privacy preferences for different situations• Instead, a programming-by-example -approach to let user to label situations with the intended abstraction level “on-the-go” (along with ensuring the privacy)• Allow to change these settings/labels dynamically, preferably with least effort possible (e.g. one-click selection from a set of recommendations)• Make the system learnable (learning the contexts and their associated labels/ privacy rules while the user defines and refines these)
  23. 23. Understanding the Privacy Implications of Using Context-basedAwareness Cues in Social NetworksThank you!Questions? Ville Antila Jussi Polet