Internet-connected devices are increasingly deployed in highly private spaces. These include sensors, smart voice assistants and other devices in living rooms, bedrooms, bathrooms, and private offices; as well as wearables and implantables worn on or inside the human body. While the privacy implications of personal computers, smartphones have been much-studied, the very personal nature of the data collected by such devices raises novel challenges.
Just as digital advertising technology has evolved to track users of the web and smartphone ecosystems, it is also increasingly embedded within Internet of Things (IoT) devices. Most consumers lack any awareness of who their devices may be talking to, and what kind of data they might be sharing.
This project looks at empowering end-users with smart tools that will help them to understand, make informed decisions about, and exert effective control over, the data collection activities of such devices. It will also identify methods to enable more ethical and preference-respecting data processing. It aims to empower people, not by making choices for them, but by helping them to make sense of the flow of their data, the entities who collect it and giving them meaningful controls. Inspired by different theories of privacy, we hope to give end-users new ways to think about their concerns and the choices available to them.
Target Outcomes:
- Tools for privacy and cybersecurity researchers to automatically uncover, model, and visualise data flows from smart home and wearable IoT devices.
- An online registry of “ethical” smart home and wearable devices whose data handling practices conform to norms of responsible sharing, storage, and use.
- An examination of whether different privacy framings, conceptualisations, and theories influence the ways people think about privacy tradeoffs in these private spaces, and an identification of those that most effectively reflect and resonate with end-users’ concerns.
- A set of prototype decision support tools for helping people to make more informed decisions; and situational awareness tools, to help people monitor and intervene in the face of new Internet-of-Things devices present in their private spaces.
- An overview of the legal and policy implications arising from the empirical research.