Privacy Expectations and Preferences in an IoT World
Transcript of Privacy Expectations and Preferences in an IoT World
![Page 1: Privacy Expectations and Preferences in an IoT World](https://reader030.fdocuments.net/reader030/viewer/2022012513/618ced64c69fdc7f254e0b65/html5/thumbnails/1.jpg)
Carnegie Mellon University
Privacy Expectations and Preferences in an IoT World Pardis Emami-Naeini, Sruti Bhagavatula, Martin Degeling, Hana Habib, Lujo Bauer, Lorrie Faith Cranor, Norman Sadeh
![Page 2: Privacy Expectations and Preferences in an IoT World](https://reader030.fdocuments.net/reader030/viewer/2022012513/618ced64c69fdc7f254e0b65/html5/thumbnails/2.jpg)
Internet of Things (IoT):
![Page 3: Privacy Expectations and Preferences in an IoT World](https://reader030.fdocuments.net/reader030/viewer/2022012513/618ced64c69fdc7f254e0b65/html5/thumbnails/3.jpg)
• • • • • • • • • • • • • • •
The future privacy assistant: What are they collecting?
![Page 4: Privacy Expectations and Preferences in an IoT World](https://reader030.fdocuments.net/reader030/viewer/2022012513/618ced64c69fdc7f254e0b65/html5/thumbnails/4.jpg)
• • • • • • • • • • • • • • •
The future privacy assistant:
With whom are they sharing my data?
![Page 5: Privacy Expectations and Preferences in an IoT World](https://reader030.fdocuments.net/reader030/viewer/2022012513/618ced64c69fdc7f254e0b65/html5/thumbnails/5.jpg)
• • • • • • • • • • • • • • •
The future privacy assistant:
How long are they keeping my data?
![Page 6: Privacy Expectations and Preferences in an IoT World](https://reader030.fdocuments.net/reader030/viewer/2022012513/618ced64c69fdc7f254e0b65/html5/thumbnails/6.jpg)
Privacy assistant’s design goals Inform people about data collection
– What should we notify people about? Enable privacy choices
– What factors influence privacy decisions? Automate privacy decision making
– Can we predict privacy preferences accurately?
![Page 7: Privacy Expectations and Preferences in an IoT World](https://reader030.fdocuments.net/reader030/viewer/2022012513/618ced64c69fdc7f254e0b65/html5/thumbnails/7.jpg)
Vignette study Asked participants to imagine themselves in hypothetical data collection scenarios
![Page 8: Privacy Expectations and Preferences in an IoT World](https://reader030.fdocuments.net/reader030/viewer/2022012513/618ced64c69fdc7f254e0b65/html5/thumbnails/8.jpg)
Example scenario
You are at [work]. This building has [cameras] that are recording [video of the entire building]. The video is [shared with law enforcement] to [improve public safety] and they [will not delete it].
![Page 9: Privacy Expectations and Preferences in an IoT World](https://reader030.fdocuments.net/reader030/viewer/2022012513/618ced64c69fdc7f254e0b65/html5/thumbnails/9.jpg)
15-minute survey Recruited 1007 US participants on Mechanical Turk Each participant shown 14 scenarios + asked questions
– How often would you want your phone to notify you of this data collection?
– How comfortable are you with this data collection? – Would you allow or deny this data collection? – …
![Page 10: Privacy Expectations and Preferences in an IoT World](https://reader030.fdocuments.net/reader030/viewer/2022012513/618ced64c69fdc7f254e0b65/html5/thumbnails/10.jpg)
Interpreting the results
Statistical models that explain relationship between factors explored in vignettes and …
– Users’ desire to be notified of data collection – Users’ comfort with data collection – Users’ willingness to allow data collection
![Page 11: Privacy Expectations and Preferences in an IoT World](https://reader030.fdocuments.net/reader030/viewer/2022012513/618ced64c69fdc7f254e0b65/html5/thumbnails/11.jpg)
~ [ ____ ] .,
~[ ]
Sample of results What affects preferences to be notified?
Data being shared Biometrics data
Beneficial purpose more likely want to be notified
less likely want to be notified
![Page 12: Privacy Expectations and Preferences in an IoT World](https://reader030.fdocuments.net/reader030/viewer/2022012513/618ced64c69fdc7f254e0b65/html5/thumbnails/12.jpg)
__ _____,]
* ~ (---__ _____,]
Sample of results
When are users (un)comfortable with data collection? Public location Environmental data Private location more comfortable
Biometrics data
less comfortable
![Page 13: Privacy Expectations and Preferences in an IoT World](https://reader030.fdocuments.net/reader030/viewer/2022012513/618ced64c69fdc7f254e0b65/html5/thumbnails/13.jpg)
++
~1 --+ [ ______ ]
•.• ~ [ _____ ]
Sample of results
Beneficial purpose Data being shared
When are users willing to allow data collection? more likely want to allow
less likely want to allow
![Page 14: Privacy Expectations and Preferences in an IoT World](https://reader030.fdocuments.net/reader030/viewer/2022012513/618ced64c69fdc7f254e0b65/html5/thumbnails/14.jpg)
What factors matter most to explain privacy preferences? – Type of data? – Location of data collection? – Purpose of data collection? – Retention time? – …
![Page 15: Privacy Expectations and Preferences in an IoT World](https://reader030.fdocuments.net/reader030/viewer/2022012513/618ced64c69fdc7f254e0b65/html5/thumbnails/15.jpg)
What factors matter most to explain privacy preferences? – Type of data? – Location of data collection? – Purpose of data collection? – Retention time? – …
![Page 16: Privacy Expectations and Preferences in an IoT World](https://reader030.fdocuments.net/reader030/viewer/2022012513/618ced64c69fdc7f254e0b65/html5/thumbnails/16.jpg)
What factors matter most to explain privacy preferences?
Combination of factors matters most!
![Page 17: Privacy Expectations and Preferences in an IoT World](https://reader030.fdocuments.net/reader030/viewer/2022012513/618ced64c69fdc7f254e0b65/html5/thumbnails/17.jpg)
X
X
What factors matter most?
Notification: Type of data × user-perceived benefit
× purpose they don’t see as beneficial = more notification
![Page 18: Privacy Expectations and Preferences in an IoT World](https://reader030.fdocuments.net/reader030/viewer/2022012513/618ced64c69fdc7f254e0b65/html5/thumbnails/18.jpg)
X
~ x
What factors matter most? Comfort level: Type of data × happening today
× happening today = comfort
![Page 19: Privacy Expectations and Preferences in an IoT World](https://reader030.fdocuments.net/reader030/viewer/2022012513/618ced64c69fdc7f254e0b65/html5/thumbnails/19.jpg)
X
)( SHOP
i • 1
What factors matter most? Allow/deny:
deny
Type of data × location
× =
![Page 20: Privacy Expectations and Preferences in an IoT World](https://reader030.fdocuments.net/reader030/viewer/2022012513/618ced64c69fdc7f254e0b65/html5/thumbnails/20.jpg)
Built models to understand people’s privacy preferences
Carnegie Mellon University
CMU Location Tr~k!1g
llnda, · h'.l1'.3tk 111 lrH·:kllg 11 f;i:ledOO
bJUng-conCUUeomp..1s u~lr~ blL":::ooth be~ns ari(I v1il1 aOCe&S p,r.,int$.
C:a,~ I! ccllc:ct-!:d ·,1r1rth ..,,-~c.Jt:o-,_U?>:;.-er r.:m l~collecledi!l!!rttifJ.'llJl'
'fOUrCiolees
Coeoe gr~ir d ,~eking( ...
Fi'l t! ljr..li·n 11, tr.-1t':tillJ (h ..
Our results design
Long-term goal: design privacy assistant
P. Emami-Naeini, S. Bhagavatula, H. Habib, M. Degeling, L. Bauer, L. Cranor, N. Sadeh. Privacy expectations and preferences in an IoT World. In Proceedings of the 13th Symposium on Usable Privacy and Security (SOUPS’17)