Quality of Privacy (QoP) for the Design of Ubiquitous Healthcare Applications

Privacy is a complex social process that will persist in one form or another as a fundamental feature of the substrate into which ubiquitous computing (ubicomp) is threaded. Hospitals are natural candidates for the deployment of ubicomp technology while at the same time face significant privacy requirements. To better understand the privacy issues related to the use of ubicomp we place our efforts in understanding the contextual information relevant to privacy and how its interplay shapes the perception of privacy in a hospital. The results indicate that hospital workers tend to manage privacy by assessing the value of the services provided by a ubicomp application and the amount of privacy they are willing to concede. For ubicomp applications to better deal with this issue we introduce the concept of Quality of Privacy (QoP) which allows balancing this trade-off in a similar way as that of Quality of Service (QoS) does for networking applications. We propose an architecture that allows designers to identify different levels of QoP based on the user's context. Finally, we identify the main privacy risks of a location-aware application and we extend its architecture exemplifying the use of QoP to manage those risks.

[1]  Anne Adams,et al.  Multimedia information changes the whole privacy ballgame , 2000, CFP '00.

[2]  Marcela D. Rodríguez,et al.  Context-Aware Mobile Communication in Hospitals , 2003, Computer.

[3]  Desney S. Tan,et al.  Information voyeurism: social impact of physically large displays on information privacy , 2003, CHI Extended Abstracts.

[4]  Marc Langheinrich,et al.  A Privacy Awareness System for Ubiquitous Computing Environments , 2002, UbiComp.

[5]  Yitao Duan,et al.  Designing for Privacy in Ubiquitous Computing Environments , 2004 .

[6]  Nigel Davies,et al.  Preserving Privacy in Environments with Location-Based Applications , 2003, IEEE Pervasive Comput..

[7]  Jon Callas,et al.  OpenPGP Message Format , 1998, RFC.

[8]  Paul Dourish,et al.  Unpacking "privacy" for a networked world , 2003, CHI '03.

[9]  Peter Saint-Andre,et al.  End-to-End Signing and Object Encryption for the Extensible Messaging and Presence Protocol (XMPP) , 2004, RFC.

[10]  James A. Landay,et al.  An architecture for privacy-sensitive ubiquitous computing , 2004, MobiSys '04.

[11]  Mark Weiser,et al.  The future of ubiquitous computing on campus , 1998, CACM.

[12]  Anind K. Dey,et al.  Who wants to know what when? privacy preference determinants in ubiquitous computing , 2003, CHI Extended Abstracts.

[13]  Richard Beckwith,et al.  Designing for Ubiquity: The Perception of Privacy , 2003, IEEE Pervasive Comput..

[14]  Aurora Vizcaíno,et al.  Agent-based ambient intelligence for healthcare , 2005, AI Commun..

[15]  Abigail Sellen,et al.  Design for Privacy in Ubiquitous Computing Environments , 1993, ECSCW.

[16]  Thomas F. Lawrence Quality of service (QoS): a model for information , 1999, 1999 Proceedings. Fourth International Workshop on Object-Oriented Real-Time Dependable Systems.

[17]  Carol A. Curran Nurse Tracking Systems: Do the Benefits to Nurse Managers Outweigh Risks to Nurses’ Privacy?: Writing for the CON Position , 2002 .

[18]  Marc Langheinrich,et al.  Privacy by Design - Principles of Privacy-Aware Ubiquitous Systems , 2001, UbiComp.

[19]  James A. Landay,et al.  Modeling Privacy Control in Context-Aware Systems , 2002, IEEE Pervasive Comput..