1.(Personal data)(Big Data)Privacy who cares?- 1

2. Outline From Personal Data to Big Data Demystify Privacy ? Privacy issues around smartphone sensing UX for privacy: data and context Privacy rethink 2 3. CACM, May 2010 3 4. Big Data AnalysisPrivacy4 5. What will you buy next?5 6. What is your risk of getting x?6 7. Why should we care? Healthy ecosystem for mobile apps, personal dataand third parties 7 8. Most personal device with rich data8 9. Companies are making inferences from that personal information9 10. Companies are making inferences from that personal information10 11. Companies are making inferences from that personal information11 12. Companies are making inferences from that personal information12 13. Companies are making inferences from that personal information13 14. So What Happened in that Scenario? Inferences made from both data instancesand pattern Inferences might be incorrect Data used for one purpose might also be usedfor another purpose Inferences might be harmful 14 15. Inappropriate Data UseLess trustLess useful dataLess monetization 15 16. Challenges What if my data in Big Data is incomplete? Do I have control to what parts of their dataget involved in any Big Data analysis? What could be the harms? social groups insurance work16 17. Privacy is complicated 17 18. Privacy is not security18 19. Privacy is not anonymity 19 20. Privacy is not access control list 20 21. Privacy ?FTC (Fair Trade Commission)Why?21 22. Privacy Inform and consent Self-determination (access control) Personal identifiable information regulation de-identification22 23. Inform and consent Cancel? 23 24. Inform 24 25. First Step to Improve Privacy onSmartphone Transparency What kinds of data are collected by the apps? Where are they sent to? How will the data be used?25 26. 1: AppWindowAPP? 26 27. Users feel thatthe apps are intrusivewhen the appsdo not respect datausage contexts ? 28. Usage Context Data OK, () User *Data* Boundary management Google + LinkedIn Facebook28 29. Big Failure of Google Buzz!data context 29 30. Loss & Collapse of Contexts 31. Loss & Collapse of Contextreasoning B IF (B ^ C) THEN ..A schooldrinkingC 32. Story about my Google MapGoogle map collects data when the phone is off Moving: sampling rate goes up 33. ? Why apps are reading my location when thephone is off? 34. AppWindow Architecture 35. Generate Privacy Fingerprint 36. Privacy Fingerprint (Angrybird) 37. E.g. Privacy-impacting Behavior Revealing Privacy-Impacting Behavior Patterns of Smartphone Applications, Gokhan Bal, 2012 38 38. 2: UX for Privacy Self-determination (control) Do we feel some places are more private thenothers? Privacy in public place? Not dichotomy but involves various factors Depends on situations 39. Research problems How do we design fine-grained control forpeople to disclose their data to applications? 40 40. Research problems Could we give more fine-grained control forpeople to disclose their data to applications? How do people create a policy? what are the factors that affect their decisions?41 41. Research problems Could we give more fine-grained control forpeople to disclose their data to applications? How do people create a policy? what are the factors that affect their decisions? Control of what? what should be the appropriate data abstractionsfor control? e.g. Google circle, a better abstraction for sharingin social network? 42 42. Study Flow Logs various types of sensors Prompts the user with a notification1. annotations (location, situation, timestamp)2. sensor data (ambient sound, accelerometer, Bluetooth, GPS, Wi-Fi, gyroscope, cellular info..etc ) generatesurveyDatabases 43 43. Survey3 different types of data consumers (apps)(academic, local stores, online companies) are selected randomly for each question)Local store labelis customized foreach user 44 44. Recall context then respond Without interrupting the user to think about*privacy* questions at the moment, we helpthe user to reconstruct his situation contextlater So I was talking to my colleagues thismorning in myoffice, this app asked for my location Yes No[*policy*] I dont want my locationsin work be disclosed to any app45 45. We found that context does affect peoplesdecisions for data disclosure People actually made non-reasonable decisionwhen they are ignorant of the privacyimplications I am willing to give my situation to Googlebecause I figure that they might already knoweverything about me46 46. Data Networked, inferredand public by default47 47. Privacy Practice Norm (information flow + expectation ofprivacy) User trust Regulation48 48. Where are we heading? Big Data Analysis + Smart City Privacy security/anonymity* user experience access control audit logs49 49. Privacy-Aware Smartphone Embedded Privacy into OS level Privacy-impacting factors of smartphonesensing50 50. 51 51. 30 seconds takeaway Big Data is not necessary good data (privacy) for issuesaround personal data in Big Data Platform designer needs to think about usageof data, not applications Think context and data together wheneverdesign UX for privacy 52 52. 30 seconds takeaway Big Data is not necessary good data (privacy) forissues around personal data in Big Data Platform designer needs to think about usageof data, not applications Think context and data together wheneverdesign UX for privacy 53 53. 30 seconds takeaway Big Data is not necessary good data (privacy) for issuesaround personal data in Big Data Platform designer needs to also think aboutusage of data and its impact on privacy, notjust application features Think context and data together wheneverdesign UX for privacy 54 54. 30 seconds takeaway Big Data is not necessary good data (privacy) for issuesaround personal data in Big Data Platform designer needs to also think aboutusage of data and its impact on privacy, notjust application features Think context and data together wheneverdesign UX for privacy 55 55. Appendix 56