User-centered awareness and control of privacy in Ubiquitous Computing

Abstract

The vision of Ubiquitous Computing (UbiComp) foresees a future of context-aware smart systems which unobtrusively and invisibly support users in their daily activities. Those smart systems pose several risks to users´ privacy. Users might lack awareness about a system´s capabilities to gather data or to intervene in user activities. Furthermore, controlling systems according to privacy preferences constitutes another critical challenge. This work addresses these privacy issues by proposing a user-centered framework to for privacy awareness and control. The concept of territorial privacy is defined, which enriches the dominant information-centric view of most privacy research with physical aspects. Based on this concept, a territorial privacy model for UbiComp is proposed. The graph-based approach of the model allows the identification of dependencies and consequences of control decisions. Channel policies are proposed to allow the instantiation of the model. The policies provide information on an entity´s privacy implications and provide references to available control points for privacy enforcement. Different mechanisms to support the discovery of channel policies and the control of privacy implications have been developed in five discovery and enforcement modules. The modules have been implemented and evaluated for their technical feasibility and effectiveness. To complement these modules, a user interface for user-centered privacy management has been developed. This interface maps an instantiation of the territorial privacy model onto the user level and supports users in controlling systems according to their privacy needs. The user interface was evaluated in a comprehensive scenario-driven user study with several functional prototypes of typical UbiComp systems. The results show that the territorial privacy concept is accepted and that the developed user interface can effectively support users with privacy awareness and control in UbiComp.