Presence, Privacy and Service Personalization CFP PrivSec WG Launch – August 19, 2005
-
Upload
francesca-lucas -
Category
Documents
-
view
25 -
download
1
description
Transcript of Presence, Privacy and Service Personalization CFP PrivSec WG Launch – August 19, 2005
D1 - 19/04/23
The present document contains information that remains the property of France Telecom. The recipient’s acceptance of this document implies his or her acknowledgement of the confidential nature of its contents and his or her obligation not to reproduce, transmit to a third party, disclose or use for commercial purposes any of its contents whatsoever without France Telecom’s prior written agreement.
France TelecomR&D Division
Presence, Privacy and Service Personalization
CFP PrivSec WG Launch – August 19,
2005
Edward Mitukiewicz
France Telecom (RD/ILAB/BOS)
Distribution of this document is subject to France Telecom’s authorization D2 - 19/04/23
France TelecomR&D Division
Outline
s Assorted musings to facilitate future CFP PrivSec WG discussions
QFocused on the complexities of managing privacy-aware presence
QLimited to a few illustrative examples based on some lessons from a particular prototyping project and ideas from recently published research papers
s …NOT an attempt to
QDevelop a general problem statement and/or comprehensive issue list (albeit doing this and/or describing the current landscape seems to be a good idea!)
QConsider broader topics of trust/identity management – e.g., in the context of collecting, mining, distributing and protecting sensitive personal data
Distribution of this document is subject to France Telecom’s authorization D3 - 19/04/23
France TelecomR&D Division
Privacy Management: Current Practicess Multiple, uncoordinated control points – difficult to manage
QCall handling preferences – call waiting: divert or accept
QMessaging specific options – IM
QDevice controls – on/off, sounds/alerts
QControl settings – preferences, cookies, tokens
s Integrated policy-based solutions – too complex for the userQWho do you want to communicate with and under what circumstances
QHow do you want to communicate when and where
QWhat information should be shared with whom under what circumstances
QWhich policy should be activated when …
Distribution of this document is subject to France Telecom’s authorization D4 - 19/04/23
France TelecomR&D Division
Personalization: Opportunities & Riskss Users like service personalization, but want control over
QWhat, how and when relevant data is collected, processed and published
QHow such data is used – e.g., ONLY to provide a better service
s Service providers recognize the “added value” potential of personalization – enabled by the availability of data on user interactions with services QConversion of such data into usable information is difficult – e.g., integration of bits and pieces of data from multiple sources
QUsing that info to provide a better user experience usually requiresCompliance with the applicable regulations
User consent – often limited to a specific and context dependent purpose
Distribution of this document is subject to France Telecom’s authorization D5 - 19/04/23
France TelecomR&D Division
Presence and Privacy: See What?
s Value of presence grows with the richness and reliability of the available data (“see/be seen before you communicate” )Qe.g., location, availability and communication preferences
s Information disclosure restrictions and preferences (e.g., “only to authorized parties and only the minimum required”) – considering QGranularity of the available data – access to all vs. certain subsets
QExact vs. “blurred” responses
QRequestor specific vs. ”one-size-fits-all” responses
s Personalization requirements add more complexities …
Distribution of this document is subject to France Telecom’s authorization D6 - 19/04/23
France TelecomR&D Division
User Location: Intel Study (CHI2005)s Users tend to share their location info
selectivelyQUsers decisions depended on who was requesting the location info, why the requester wanted it, and what level of detail would be most useful
QStudy participants were typically willing to disclose either the most useful detail or nothing about their location
s Privacy control becomes a critical issue in the development of location-aware communications
QUsers want to stay in control of their location information – the challenge is to enable them to do this effectively
QPrivacy management has to help users to disclose location in order to facilitate interpersonal interactions – without raising any fears of being monitored
Source: Intel Research – Consolvo et al.
http://guir.berkeley.edu/pubs/chi2005/p486-consolvo.pdf
Distribution of this document is subject to France Telecom’s authorization D7 - 19/04/23
France TelecomR&D Division
Privacy Preferences: More Studies
s Peoples’ willingness to share information seems to depend primarily on who they are sharing it with
QSame privacy preferences are more likely to be applied to the same inquirer in different situations than to different inquirers in the same situation – this could help to reduce the underlying complexities and simplify the UI
s Clustering might help to specify and refine over time what users wish to share with whom in what situation
QInformation items AND peoples’ views of others they wish to share certain types of information with tend to cluster into a manageable set of categories
Sources: UCalBerkely and UofMich/Microsoft Research
http://guir.berkeley.edu/pubs/chi2003/lederer-chi03.pdf
http://research.microsoft.com/~horvitz/privacy_CHI2005.pdf
Distribution of this document is subject to France Telecom’s authorization D8 - 19/04/23
France TelecomR&D Division
Presence and Privacy: Illustrative Examples Combining address book info with
inferences – based on user’s location, calendar and “context aware” privacy policies – could allow for some see before you communicate and be seen enhancements
s Although such presence-aware privacy controls might help users to decide if, when and how others can see their location and/or communicate, user interface complexity becomes a problem…
Your friends are there
You are here
Source: “Friend Tracker”
Distribution of this document is subject to France Telecom’s authorization D9 - 19/04/23
France TelecomR&D Division
Privacy Management: Design Pitfallss Obscuring potential or actual information flow
QUsers should understand the extent of a system’s potential for disclosure – e.g., privacy implication of Low vs. High settings? – AND
Qwhat information is actually being disclosed to whom – e.g., browser cookies?
s Emphasizing configuration over action QDesigns should not require excessive configuration to manage privacy!
s Lacking coarse-grained controlQDesigns should not forgo a top-level mechanism for halting/resuming disclosure – e.g., simple mechanism for excluding the current purchase from a shopping profile
s Inhibiting existing practiceQDesigns should not inhibit users from transferring established social practice to emerging technologies – e.g., support for a social nuance: there could be value in keeping the caller ignorant of the reason for not answering the phoneSource: UCB – Scott Lederer et al.
http://www.cs.cmu.edu/~jasonh/publications/puc2004-five-pitfalls.pdf
Distribution of this document is subject to France Telecom’s authorization D10 - 19/04/23
France TelecomR&D Division
thanks!