conferences presentations publication

User Perceptions of Smart Home Internet of Things (IoT) Privacy

Posted on behalf of Serena Zheng, Noah Apthorpe, Marshini Chetty, and Nick Feamster.

Our work on “User Perceptions of Smart Home Internet of Things (IoT) Privacy” will be presented at the ACM Conference on Computer-Supported Cooperative Work and Social Computing (CSCW) on November 6th, 2018. We briefly summarize our findings below.

What did we do? Smart home Internet of Things (IoT) devices are rapidly increasing in popularity, with more households including Internet-connected appliances that continuously monitor user activities. We wanted to investigate how users perceive the privacy implications of smart home technology and what role privacy considerations play in device purchasing and use decisions.

How did we do it? We conducted 11 interviews of early adopters of smart home technology in the United States, investigating their reasons for purchasing IoT devices, perceptions of smart home privacy risks, and actions taken to protect their privacy from entities external to the home who create, manage, track, or regulate IoT devices and/or their data.

What did we find? We identified four common themes across interview responses:

  1. Convenience and connectedness are priorities for smart home device users. These values often outweigh other concerns about IoT devices, including obsolescence, security, and privacy.
  2. User opinions about who should have access to their smart home data (e.g., manufacturers, Internet service providers, and governments) depend on perceived benefit to the user.  
  3. User assumptions about privacy protections are contingent on their trust of IoT device manufacturers, although they do not know whether these companies actually perform data encryption or anonymization.
  4. Users are less concerned about privacy risks from devices, such as lightbulbs and thermostats, that do not record audio or video, despite research showing that metadata from such devices can be used to infer home occupancy, work routines, sleeping patterns, and other user activities.

What are the implications of this work? These themes motivate recommendations for smart home device designers, researchers, regulators, and industry standards bodies. Participants’ desires for convenience and trust in IoT device manufacturers limit their willingness to take action to verify or enforce smart home data privacy. This means that privacy notifications and settings must be exceptionally clear and convenient, especially for smart home devices without screens. Improved cybersecurity and privacy regulation, combined with industry standards outlining best privacy practices, would also reduce the burden on users to manage their own privacy. We encourage follow-up studies examining the effects of smart home devices on privacy between individuals within a household and comparing perceptions of smart home privacy in different countries.

For more details about our interview findings and corresponding recommendations, please read this related blog post or the full paper.


Use of Blocking Extensions at SOUPS 2018

We describe a few highlights from our recent paper on studying peoples’ use of browser-based blocking extensions that will be presented at the 2018 Usenix Symposium on Usable Privacy and Security (SOUPS).

What did we do?: One of the ways in which people can block online tracking on the Internet is using browser-based blocking extensions such as Ad blockers, Content blockers and Tracker blockers. In our study, we asked why people use these extensions, what their knowledge of online tracking is, and what users do when these extensions fail to function correctly.

How did we do it?: We conducted two surveys using Amazon Mechanical Turk and measured what extensions survey-takers were using, if any. In the first survey, participants reported details about the extensions they used and how they thought online tracking worked. We then asked them why they used the extensions they reported, how they learned about them, and how long they had been using these blocking extensions. We also conducted measurements to check whether participants were using the extensions they mentioned. In the second survey, which we administered only to the subset of participants who reported using these extensions, we asked participants about their experiences when their extensions “break” websites they are trying to access.

What did we find?: We have three main findings. First, our results show that blocking extension usage only weakly relates with an advanced understanding of online tracking in the real world. Second, we find that each extension type has a primary reason behind adoption that is in line with expectations: users adopt Ad blockers and Content blockers primarily for user experience gains and rarely take full advantage of the privacy benefits of these blockers, other users adopt Tracker blockers for privacy reasons. Finally, our results show that current users report that they rarely experience website breakages because of their blocking extensions. However, when users are poised with a choice to disable their extensions to access the content they are trying to reach, they base their decisions on how much they trust the website and how much they value the content they desire to access.

What are the implications of the work?: Based on our findings, we make two suggestions. First, given that both blocking extension users and non-users do not fully understand the landscape of online tracking, we suggest that system designers should focus their efforts on building systems that automatically enforce tracking protection as opposed to having users take action to protect themselves (such as by installing an extension). We argue that browser vendors can play an important role in facilitating this type of default privacy protection. Second, we suggest that blocking extensions can be further improved by better understanding how website developers embed third-party trackers and deliver content through their websites so that non-use (disabling) is not forced upon users.

Read the SOUPS 2018 paper for more details, and also follow related coverage on the Princeton Engineering website!


Understanding How Zero-Rated Internet Platforms Shape Usage at CHI 2018

Posted on behalf of Julie Romanosky.

In this post, we summarize the findings of our upcoming CHI 2018 paper.

What is Zero-Rating? Zero-rating is the process of providing subsidized digital content or access to the Internet for `free’. Usually sponsored by service providers or online content producers, one goal of zero-rating mobile data, in particular, is to improve the affordability of the Internet for resource-constrained populations. However, recently zero-rating has been hotly debated as it is unclear if these services violate net-neutrality principles by creating a tiered Internet, or if they are improving the accessibility of the Internet and creating a more connected world.

What is Free Basics?: Free Basics was founded in 2013 by Facebook with the goal of connecting rural and low-income populations to the Internet for the first time. While Free Basics appears as a single app, it is actually a platform for hosting a variety of zero-rated applications and the available content changes depending on the country and unpaid partnerships with local service providers, i.e., no two Free Basics offerings are the same. However, all versions provide access to a lite version of Facebook and select other third party apps such as Bing and Wikipedia. Educational materials, news, weather reports dominate the application topics in Free Basics across countries. Other apps cover health care, job listings, search engines, and classifieds.

What did we do?:To investigate the influence of zero-rated services, we conducted a two part study using interviews with resource-constrained zero-rating users in South Africa. In Study One, we interviewed current low-income Free Basics users to see whether the platform is connecting the unconnected and the impact of the service on users who have little means for getting online otherwise. In Study Two, we recruited users who were non-regular Free Basics users to understand why non-use of the platform occurs with individuals who have more means to get online.

We chose to conduct our study in Cape Town, South Africa because several zero-rated services have been offered there since 2010 and there is no current net-neutrality legislation in place and in addition Free Basics has been offered there on the Cell C network since 2015. We opted to study Free Basics since it is a platform rather than a single service and therefore more likely to shape Internet use. We chose South Africa because it is a middle-income nation with a significant number of individuals who have never been online and where Internet access is relatively expensive.

How did we do it?: We interviewed 35 Free Basics users in South Africa, a combination of current low-income users and non-regular student users. We chose to interview college students since they are resource-constrained, likely to be connected users, and have a high need for remaining connected for their studies. Including both groups in our study allowed us to form a more comprehensive understanding of the impact of zero-rated services, the factors that affect the adoption of these services, and the possible use of these services in more developed countries than if we studied users or non-users alone or those who were unconnected and low-income only. Both groups were asked to talk about their online habits (i.e. time spent online, what websites or apps they used etc), how much money they typically spent on Internet access, and how, if at all, they worked to keep their mobile Internet costs down.

What did we find?: Our findings suggest that:

  1. Free Basics does shape users’ Internet use and their choices of which online services to use. Users can get online more frequently and are driven to use ‘free’ services especially when they have fewer resources to get online.
  2. The impact of zero-rated services is highest on the lowest income users but can be a supplemental help to more well resourced users who need to get online.
  3. Users find the concept of zero-rating confusing which complicates the process of managing mobile Internet costs.

We suggest that zero-rated platforms give users agency to influence what is included in these platforms and a voice about the impact of these services on them. We also suggest that alternative models of zero-rating be examined for comparative impact assessment. Lastly, we suggest more interface design work is needed to help users form an improved mental model of zero-rated services.

Read the full paper to find out more!



Kids and Privacy Online at CSCW 2018

Posted on behalf of Priya Kumar

Below we share findings and recommendations from our paper on elementary school-aged children and privacy online that will be presented at the 2018 ACM Conference on Computer Supported Cooperative Work and Social Computing (CSCW).

What did we do? Children under age 12 increasingly go online, but few studies examine how children perceive and address privacy and security concerns. Using a privacy framework known as contextual integrity to guide our analysis, we interviewed children and their parents to understand how children conceptualize privacy and security online, what strategies they use to address any risks they perceive, and how their parents support them when it comes to privacy and security online.

How did we do it? We interviewed 26 children ages 5-11 and 23 parents from 18 families in the Washington, DC metropolitan area. We also walked through a series of hypothetical scenarios with children, which we framed as a game. For example, we asked children how they imagined another child would respond when receiving a message from an unknown person online.

What did we find? Children recognized how some components of privacy and security play out online, but those ages 5-7 had gaps in their knowledge. For example, younger children did not seem to recognize that sharing information online makes it visible in ways that differ from sharing information face-to-face. Children largely relied on their parents for support, but parents generally did not feel their children were exposed to privacy and security concerns. They felt such concerns would arise when children were older, had their own smartphones, and spent more time on social media.

What are the implications of this work? As the lines between offline and online increasingly blur, it is important for everyone, including children, to recognize (and remember) that use of smartphones, tablets, laptops, and in-home digital assistants can raise privacy and security concerns. Children absorb some lessons through everyday use of these devices, but parents have an opportunity to scaffold their children’s learning. Younger children may also be more willing to accept advice from their parents compared to teenagers. Parents would benefit from the creation of educational resources or apps that focus on teaching these concepts to younger children. The paper explains how the contextual integrity framework can inform the development of such resources.

Read our CSCW 2018 paper for more details or about how we used contextual integrity here!


Uncovering tensions in personal data management

At a time when the line between our online and offline lives becomes increasingly blurred, it is important to examine how people deal with the overwhelming amount of digital data they interact with on a daily basis. This paper report is posted on behalf of Samantha Jaroszewski revisiting one of the lab’s CSCW papers from last year on data management practices.

 What did we do?: We identified and explored the qualitative, affective, morally inflected narratives that surround people’s data management practices in the US and Korea.

How did we do it?: We conducted semi-structured interviews with 34 participants in the United States and Korea. During the interviews, we asked our participants to physically map out – using paper and pens, markers and/or colored pencils – their digital ecosystem. In particular, we probed respondents to walk us through the networked devices they use. This yielded insights about unique configurations of phones, computers, sound systems, fitness trackers, cameras, and file sorting.

What did we find?: Our findings point to the complex, heterogeneous and highly customized ways in which people assemble, navigate, and conceptualize their use of digital products and services. In particular, we identified morally inflected narratives surrounding data management practices. Our participants spoke of how their choices were informed by a particular sense of self, such as being a responsible consumer, or a set of values, such as being a good mother. However, the same value (take being a good mother for example) could be approached with mutually exclusive practices: one mother could engage heavily in photo sharing practices to be a good mother by sharing photos with family across the globe, while other mothers enacted “good” mothering practices by protecting their children, meaning they took great care to prevent sharing a child’s likeness. These complex negations are meaningful to our participants’ sense of self, participation in networks, and use of product and corporate ecosystems.  

What are the implications of the work?: Our findings emphasize the important relational work and tensions that lie at the intersection of people’s social lives and their needs around organizing their digital lives. Understanding broad data narratives rather than focusing on specific, isolated nodes in people’s ecosystem facilitates conversations about motivations, tensions, concerns, and tradeoffs made about technology adoption, use, and satisfaction.  

Read the full paper here.

publication usable security

Software Updates at SOUPS 2017

We describe a few highlights from our recent paper on mobile software updating that will be presented at the 2017 Usenix Symposium on Usable Privacy and Security (SOUPS).

What did we do?: Software updates are essential to maintain the security of devices and software, and therefore it’s important that users install them at the earliest. In our study, we investigated Android users’ attitudes and preferences towards automatic application updates—updates that are installed without users’ consent—using a survey.

How did we do it?: We conducted the survey on the Amazon Mechanical Turk platform. The survey contained three parts. In the first part, participants filled out several psychometric scales, which captured their risk taking propensity, consideration for future consequences, curiosity, and their security awareness. In the second part, participants self-reported their Android update settings, and their preferences towards auto-updating their applications. Finally, in the third part, participants reported past negative experiences with software updating.

What did we find?: Our findings reveal that Android users who avoid application auto-updates are more likely to have had past negative experiences with software updating, tend to take fewer risks, and display greater proactive security awareness. Users’ perceived level of trust with mobile applications also determined how comfortable they are auto-updating these applications.

What are the implications of the work?: Based on our findings, we make four primary recommendations to improve the design of mobile application updates on Android to encourage users to auto-update. First, we suggest that an improvement to the current Android OS would be to provide users with a more accessible mechanism to rollback application updates to a prior point in time to encourage users to be more risk taking with respect to turning on auto-updates. Second, we suggest leveraging the characteristics we identified of users who avoid auto-updating, including their risk averse nature, to design nudges and messages to encourage users into auto-updating security updates. Third, we suggest that the security community study the practices of software developers, how they develop and build updates, and how these practices lead to negative experiences for end-users. Finally, we suggest that an improved Android application interface for updates could be personalized by inferring users’ attitudes towards their Android applications and preferences for auto-updating those applications using our work as a starting point. Doing so may encourage more users to auto-update their mobile applications, which will ultimately affect the security of their devices.

Read the SOUPS 2017 paper for more details!