Privacy risks emerging from the adoption of innocuous wearable sensors in the mobile environment

Wearable sensors are revolutionizing healthcare and science by enabling capture of physiological, psychological, and behavioral measurements in natural environments. However, these seemingly innocuous measurements can be used to infer potentially private behaviors such as stress, conversation, smoking, drinking, illicit drug usage, and others. We conducted a study to assess how concerned people are about disclosure of a variety of behaviors and contexts that are embedded in wearable sensor data. Our results show participants are most concerned about disclosures of conversation episodes and stress - inferences that are not yet widely publicized. These concerns are mediated by temporal and physical context associated with the data and the participant's personal stake in the data. Our results provide key guidance on the extent to which people understand the potential for harm and data characteristics researchers should focus on to reduce the perceived harm from such datasets.

[1]  Sameer Patil,et al.  Who gets to know what when: configuring privacy permissions in an awareness application , 2005, CHI.

[2]  Norman M. Sadeh,et al.  Generating default privacy policies for online social networks , 2010, CHI Extended Abstracts.

[3]  Shyamal Patel,et al.  Mercury: a wearable sensor network platform for high-fidelity motion analysis , 2009, SenSys '09.

[4]  ASHWIN MACHANAVAJJHALA,et al.  L-diversity: privacy beyond k-anonymity , 2006, 22nd International Conference on Data Engineering (ICDE'06).

[5]  Predrag V. Klasnja,et al.  Exploring Privacy Concerns about Personal Sensing , 2009, Pervasive.

[6]  Deborah Estrin,et al.  PEIR, the personal environmental impact report, as a platform for participatory sensing systems research , 2009, MobiSys '09.

[7]  P. Cochat,et al.  Et al , 2008, Archives de pediatrie : organe officiel de la Societe francaise de pediatrie.

[8]  Predrag V. Klasnja,et al.  "When I am on Wi-Fi, I am fearless": privacy concerns & practices in eeryday Wi-Fi use , 2009, CHI.

[9]  Tara Matthews,et al.  Location disclosure to social relations: why, when, & what people want to share , 2005, CHI.

[10]  Tarek F. Abdelzaher,et al.  PoolView: stream privacy for grassroots participatory sensing , 2008, SenSys '08.

[11]  David W. McDonald,et al.  Activity sensing in the wild: a field trial of ubifit garden , 2008, CHI.

[12]  Lorrie Faith Cranor,et al.  Empirical models of privacy in location sharing , 2010, UbiComp.

[13]  D. McFarland Respiratory markers of conversational interaction. , 2001, Journal of speech, language, and hearing research : JSLHR.

[14]  John Krumm,et al.  Exploring end user preferences for location obfuscation, location-based services, and the value of location , 2010, UbiComp.

[15]  Sunny Consolvo,et al.  The Wi-Fi privacy ticker: improving awareness & control of personal information exposure on Wi-Fi , 2010, UbiComp.

[16]  Waseem A. Karim The Privacy Implications of Personal Locators: Why You Should Think Twice Before Voluntarily Availing Yourself to GPS Monitoring , 2004 .

[17]  Anind K. Dey,et al.  Location-Based Services for Mobile Telephony: a Study of Users' Privacy Concerns , 2003, INTERACT.

[18]  Vitaly Shmatikov,et al.  De-anonymizing Social Networks , 2009, 2009 30th IEEE Symposium on Security and Privacy.

[19]  Gregory D. Abowd,et al.  Prototyping and sampling experience to evaluate ubiquitous computing privacy in the real world , 2006, CHI.

[20]  Osmar R. Zaïane,et al.  Privacy Preserving Clustering by Data Transformation , 2010, J. Inf. Data Manag..

[21]  Gregory D. Abowd,et al.  Towards a Better Understanding of Context and Context-Awareness , 1999, HUC.

[22]  Massimo Barbaro,et al.  A Face Is Exposed for AOL Searcher No , 2006 .

[23]  Gregory D. Abowd,et al.  Privacy and proportionality: adapting legal evaluation techniques to inform design in ubiquitous computing , 2005, CHI.

[24]  Richard S. Lazanis Stress and emotion, a new synthesis , 1999 .

[25]  Ninghui Li,et al.  t-Closeness: Privacy Beyond k-Anonymity and l-Diversity , 2007, 2007 IEEE 23rd International Conference on Data Engineering.

[26]  Prabal Dutta,et al.  AutoWitness: locating and tracking stolen property while tolerating GPS and radio outages , 2010, SenSys '10.

[27]  Latanya Sweeney,et al.  Achieving k-Anonymity Privacy Protection Using Generalization and Suppression , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[28]  John Krumm,et al.  Inference Attacks on Location Tracks , 2007, Pervasive.

[29]  Lorrie Faith Cranor,et al.  Who's viewed you?: the impact of feedback in a mobile location-sharing application , 2009, CHI.

[30]  Paul Dourish,et al.  Unpacking "privacy" for a networked world , 2003, CHI '03.

[31]  Yvonne Rogers,et al.  From spaces to places: emerging contexts in mobile privacy , 2009, UbiComp.

[32]  Vitaly Shmatikov,et al.  Robust De-anonymization of Large Sparse Datasets , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).