Outreach and Publicity

Conference Publications

Informing the Design of Privacy-Empowering Tools for the Connected Home

Connected devices in the home represent a potentially grave new privacy threat due to their unfettered access to the most personal spaces in people's lives. Prior work has shown that despite concerns about such devices, people often lack sufficient awareness, understanding, or means of taking effective action. To explore the potential for new tools that support such needs directly we developed Aretha, a privacy assistant technology probe that combines a network disaggregator, personal tutor, and firewall, to empower end-users with both the knowledge and mechanisms to control disclosures from their homes. We deployed Aretha in three households over six weeks, with the aim of understanding how this combination of capabilities might enable users to gain awareness of data disclosures by their devices, form educated privacy preferences, and to block unwanted data flows. The probe, with its novel affordances-and its limitations-prompted users to co-adapt, finding new control mechanisms and suggesting new approaches to address the challenge of regaining privacy in the connected home.

William Seymour, Martin J. Kraemer, Reuben Binns, and Max Van Kleek. 2020. Informing the Design of Privacy-Empowering Tools for the Connected Home. In Proceedings of the 2020 CHI Conference on Human Factors in Computing Systems (CHI ’20). Association for Computing Machinery, New York, NY, USA, 1–14. DOI:https://doi.org/10.1145/3313831.3376264

https://www.youtube.com/embed/wnynhKhIwr4

Beyond the Individual: Exploring Data Protection by Design in Connected Communal Spaces

There's a gap between the personal focus of data protection legislation and practices, and the communal implications of internet-connected technology. Through our research, we've started to explore how existing design tools and methods can help understand and address communal implications. In this talk, I will highlight opportunities for design in such spaces by discussing two case studies from participatory design workshops. These case studies show potential for our method to inform data protection design that is appropriate to social groups and their dynamics, complementing individual perspectives on data protection.

Martin J. Kraemer. 2020. Beyond the Individual: Exploring Data Protection by Design in Connected Communal Spaces. In 2020 USENIX Conference on Privacy Engineering Practice and Respect (PEPR 20) (2020 USENIX Conference on Privacy Engineering Practice and Respect (PEPR 20). Retrieved from https://www.usenix.org/conference/pepr20/presentation/kraemer

Innovation inaction or in action? the role of user experience in the security and privacy design of smart home cameras

Smart homes are under attack. Threats can harm both the security of these homes and the privacy of their inhabitants. As a result, in addition to delivering pleasing and aesthetic devices, smart home product designers need to factor security and privacy into the design of their devices. Further, the need for user-centered security and privacy design is particularly important for such an environment, given that inhabitants are demographically-diverse (eg, age, gender, educational level) and have different skills and (dis)abilities.

Prior work has explored different usable security and privacy solutions for smart homes; however, the applicability of user experience (UX) principles to security and privacy design is under-explored. In this paper, we present a qualitative study to explore the development of smart home cameras manufactured by three companies. We conduct semi-structured interviews with 20 designers and their collaborators, and analyze these interviews using Grounded Theory. We find that UX was seen as helpful by our participants in fostering innovation in the design of privacy solutions. However, UX was not used or considered in the design of security solutions due to an explicit need for established, tried-and-tested solutions (ie, previous traditional security solutions that were seen as effective and reliable to fix certain design problems). Drawing from the findings of our study, we propose a model of UX factors influencing security and privacy design of smart home cameras. We also extract a set of recommendations to improve the security and privacy design of smart cameras. We finally outline several areas for future investigation.

Chalhoub, G., Flechais, I., Nthala, N., & Abu-Salma, R. (2020). Innovation inaction or in action? the role of user experience in the security and privacy design of smart home cameras. In Sixteenth Symposium on Usable Privacy and Security ({SOUPS} 2020) (pp. 185-204).