Norman M. Sadeh Mobile Commerce Lab. ISR - School of Computer Science Carnegie Mellon University www.cs.cmu.edu/~sadeh User-Controllable Privacy: A Multi-Disciplinary.

Slides:



Advertisements
Similar presentations
Testing Relational Database
Advertisements

Designing for Context: Usability in a Ubiquitous Environment Jenna Burrell, Paul Treadwell, Geri K. Gay Human Computer Interaction Group Cornell University.
Norman M. Sadeh, Ph.D. Smart Phone Security & Privacy: What Should We Teach Our Users …and How? Professor, School of Computer Science Director, Mobile.
CANHEIT | On the EDGE | June 15-18, 2008 | University of Calgary Collaborative Computing on an Institutional Level Steve Breeck, Harold Esche, Bill Richardson.
S3-1 © 2001 Carnegie Mellon University OCTAVE SM Process 3 Identify Staff Knowledge Software Engineering Institute Carnegie Mellon University Pittsburgh,
Some questions o What are the appropriate control philosophies for Complex Manufacturing systems? Why????Holonic Manufacturing system o Is Object -Oriented.
S2-1 © 2001 Carnegie Mellon University OCTAVE SM Process 2 Identify Operational Area Management Knowledge Software Engineering Institute Carnegie Mellon.
Optimal Design Laboratory | University of Michigan, Ann Arbor 2011 Design Preference Elicitation Using Efficient Global Optimization Yi Ren Panos Y. Papalambros.
Open Library Environment Designing technology for the way libraries really work November 19, 2008 ~ ASERL, Atlanta Lynne O’Brien Director, Academic Technology.
Privacy and Ubiquitous Computing Jason I. Hong. Ubicomp Privacy is a Serious Concern “[Active Badge] could tell when you were in the bathroom, when you.
© Tefko Saracevic, Rutgers University1 digital libraries and human information behavior Tefko Saracevic, Ph.D. School of Communication, Information and.
Usable Privacy and Security Carnegie Mellon University Spring 2006 Cranor/Hong/Reiter 1 Course Overview January.
Norman M. Sadeh ISR - School of Computer Science Carnegie Mellon University User-Controllable Security and Privacy.
1RADAR – Scheduling Task © 2003 Carnegie Mellon University RADAR – Scheduling Task May 20, 2003 Manuela Veloso, Stephen Smith, Jaime Carbonell, Brett Browning,
C MU U sable P rivacy and S ecurity Laboratory Making privacy visible Lorrie Faith Cranor October 19, 2007.
Usable Privacy and Security: Trust, Phishing, and Pervasive Computing Jason I. Hong Carnegie Mellon University.
User- Controllable Privacy and Security for Pervasive Computing Jason I. Hong Carnegie Mellon University.
Usable Privacy and Security: Trust, Phishing, and Pervasive Computing Jason I. Hong Carnegie Mellon University.
CMU Usable Privacy and Security Laboratory Power Strips, Prophylactics, and Privacy, Oh My! Julia Gideon, Serge Egelman, Lorrie.
Copyright © Norman Sadeh Semantic Web Technologies to Reconcile Privacy and Context Awareness Norman M. Sadeh ISRI- School of Computer Science.
Who’s Viewed You? The Impact of Feedback in a Mobile Location-Sharing Application Date : 2011/09/06 Reporter : Lin Kelly.
Copyright Shanna Smith & Tom Bohman (2003). This work is the intellectual property of the authors. Permission is granted for this material to be shared.
Perceptions of Behavioral Advertising among CMU Community Ashwini Rao April 21, 2014.
ALBERT PARK EEL 6788: ADVANCED TOPICS IN COMPUTER NETWORKS Energy-Accuracy Trade-off for Continuous Mobile Device Location, In Proc. of the 8th International.
Audumbar Chormale Advisor: Dr. Anupam Joshi M.S. Thesis Defense
A Survey of Mobile Phone Sensing Michael Ruffing CS 495.
Field Learning Through ICT: The CRS/ NetHope/ Intel Collaboration and Great Lakes Cassava Initiative Pilot CRS Program Quality & Support Department 21.
LÊ QU Ố C HUY ID: QLU OUTLINE  What is data mining ?  Major issues in data mining 2.
XACML Gyanasekaran Radhakrishnan. Raviteja Kadiyam.
Norman M. Sadeh Professor, School of Computer Science Director, Mobile Commerce Lab. Carnegie Mellon University Smart Phone Security.
Human-Computer Interaction Breakout Clare-Marie Karat, Charles Wiecha Wanda Dunn, Jason Hong, Bonnie John, Bob Kraut, Brad Myers, Norman Sadeh.
1 Open Library Environment Designing technology for the way libraries really work December 8, 2008 ~ CNI, Washington DC Lynne O’Brien Director, Academic.
P2P Systems Meet Mobile Computing A Community-Oriented Software Infrastructure for Mobile Social Applications Cristian Borcea *, Adriana Iamnitchi + *
Social Networking and On-Line Communities: Classification and Research Trends Maria Ioannidou, Eugenia Raptotasiou, Ioannis Anagnostopoulos.
LibQUAL + ™ Data Summary An overview of the results of the LibQUAL+™ 2003 survey with comparisons to the 2001 survey.
Joint UNECE/Eurostat Meeting on Population and Housing Censuses (28-30 October 2009) Accuracy evaluation of Nuts level 2 hypercubes with the adoption of.
I5310 : Part II Context-Aware Computing [Introduction to the course] Yun-Maw Kevin Cheng 鄭穎懋 Context-Aware Interactive Systems Lab.
University IT Presentation Department Heads Meeting Monday September 24, SecureU and Server Security - Your role as Department Head - Jason Pufahl,
Building Community and Collaboration Madeleine Lefebvre Ryerson University, Toronto Social Computing Tools for Learning and Knowledge Sharing IFLA World.
ISLLC Standard #2 Implementation
Continuing to Discover! Leeds Beckett University Library’s usage of feedback and statistical data to develop EBSCO Discovery Service Libraries and Learning.
An Online Knowledge Base for Sustainable Military Facilities & Infrastructure Dr. Annie R. Pearce, Branch Head Sustainable Facilities & Infrastructure.
Nudging People Janne Lindqvist WINLAB, Dept. of ECE, Rutgers University NSF/DIMACS Workshop for Aspiring PIs in Secure and Trustworthy Cyberspace October.
Mobile Banking Presented by: Corporate Banking Goes Mobile Sarah E. Shatila September 21, 2015 Date:
UMBC iConnect Audumbar Chormale, Dr. A. Joshi, Dr. T. Finin, Dr. Z. Segall.
Identifying Data Needs: Workshop on Household Surveys and Measurement of Labour Force with Focus on Informal Economy Maseru, Lesotho, April 2008.
Wireless Networks Breakout Session Summary September 21, 2012.
SAMANVITHA RAMAYANAM 18 TH FEBRUARY 2010 CPE 691 LAYERED APPLICATION.
Making IT Meaningful Christine Bechtel Vice President National Partnership for Women & Families Making IT Meaningful: How Consumers Value and Trust Health.
Understanding Cross-site Linking in Online Social Networks Yang Chen 1, Chenfan Zhuang 2, Qiang Cao 1, Pan Hui 3 1 Duke University 2 Tsinghua University.
Use of a P3P User Agent by Early Adopters Lorrie Faith Cranor Manjula Arjula Praven Guduru AT&T Labs November 2002.
11th WATCH: Security, Privacy, and Usability: Better Together Lorrie Cranor Computer Science & Engineering Science Policy Carnegie Mellon University THURSDAY.
Semantic Web and Policy Workshop Panel Contribution Norman M. Sadeh School of Computer Science Carnegie Mellon University Director, e-Supply Chain Management.
An Investigation of Facebook Grouping Robin Brewer Yael Mayer Lorrie Cranor Patrick Kelley facebook Home Profile Account Search.
CyLab Usable Privacy and Security Laboratory 1 C yLab U sable P rivacy and S ecurity Laboratory Location-sharing.
Context Awareness: From Dream to Reality Norman M. Sadeh School of Computer Science Carnegie Mellon University Research Sponsors: DARPA/DAML, IBM, Boeing,
Sailesh Chutani Tony Hey Harold Javid Microsoft Research.
Using drug use evaluation (DUE) to optimise analgesic prescribing in emergency departments (EDs) Karen Kaye, Susie Welch. NSW Therapeutic Advisory Group*
Cookies, Lies and Consent Enrico Gerding. What is this talk about? The Biggest Lie.
Bloom Cookies: Web Search Personalization without User Tracking Authors: Nitesh Mor, Oriana Riva, Suman Nath, and John Kubiatowicz Presented by Ben Summers.
Introduction to HCI Lecture #1.
Guidelines Recommandations. Role Ideal mediator for bridging between research findings and actual clinical practice Ideal tool for professionals, managers,
Is Context-Aware Computing Taking Control Away from the User? Three Levels of Interactivity Examined Louise Barkhuus and Anind Dey The IT University of.
Quality Is in the Eye of the Beholder: Meeting Users ’ Requirements for Internet Quality of Service Anna Bouch, Allan Kuchinsky, Nina Bhatti HP Labs Technical.
Dissertation Research: Managing Visual Privacy in Web Browsers Dr. Kirstie Hawkey Dalhousie University.
User-Controllable Privacy: An Oxymoron? Norman Sadeh Director, Mobile Commerce Lab. Professor, School of Computer Science Carnegie Mellon University
Software Project Configuration Management
Advance Software Engineering
University of California, Santa Barbara
Developing a Research Impact Capture System
Presentation transcript:

Norman M. Sadeh Mobile Commerce Lab. ISR - School of Computer Science Carnegie Mellon University User-Controllable Privacy: A Multi-Disciplinary Perspective

Copyright © Norman M. Sadeh

User-Controllable Privacy  Users are increasingly expected to evaluate & set up privacy policies Social networks Mobile Apps (e.g. Android Manifest) Browser  Yet, we know that they have great difficulty doing so Potential vulnerabilities  Can we develop solutions that help them?

Copyright © Norman M. Sadeh Mobile Social Networking Apps As a Case Study  Desire to share data with others  Mitigated by privacy concerns  Location sharing as a “hot” application Tens of apps over the past several years …but adoption has been slow Norman Sadeh, Jason Hong, Lorrie Cranor, Ian Fette, Patrick Kelley, Madhu Prabaker, and Jinghai Rao. Understanding and Capturing People’s Privacy Policies in a Mobile Social Networking Application Journal of Personal and Ubiquitous Computing 2009.Understanding and Capturing People’s Privacy Policies in a Mobile Social Networking Application

Copyright © Norman M. Sadeh Our Own Location Sharing Platform  Gives us access to detailed usage data  Allows us to experiment with different technologies  Over 30,000 downloads over the past year (> 130 countries)  Departs from commercial apps: More expressive privacy settings Auditing functionality New technologies (e.g. UCPL)  Available on Android Market, iPhone App Store, Ovi Store, laptop clients

Copyright © Norman M. Sadeh Some Sub-Questions  How rich are people’s privacy preferences? Determine which settings to expose to users Do people really care about privacy?  How diverse are people’s preferences? Can we identify good defaults policies?  Can we get users to tweak their policies?  Can we get users to adopt safer privacy practices?

How Rich Are People’s Policies? Michael Benisch, Patrick Gage Kelley, Norman Sadeh, Lorrie Faith Cranor. Capturing Location Privacy Preferences: Quantifying Accuracy and User Burden Tradeoffs. Journal of Personal and Ubiquitous Computing, 2011Capturing Location Privacy Preferences: Quantifying Accuracy and User Burden Tradeoffs.

Copyright © Norman M. Sadeh Privacy Mechanism Where are 4pm? Expression Location attribute Time attribute Grant/Deny Mechanism

Copyright © Norman M. Sadeh Expressiveness and Efficiency  Privacy mechanism: f(θ,a) decides on an outcome based on a user’s stated preferences (e.g. set of rules) θ and the context a of a request (e.g requester, time)  Rational user assumption: users define policies that take full advantage of available expressiveness  Efficiency: How well do we capture the ground truth preferences of a user population given an expected distribution of requests

Copyright © Norman M. Sadeh Methodology for Designing Expressive Policy Mechanisms – version 1  Collect ground truth preferences for a representative sample of the user population  For different levels of expressiveness, compute the expected efficiency of the policies users would be able to define Assume rational users Search algorithm to identify optimal policies Select among different levels and types of expressiveness based on the above

Copyright © Norman M. Sadeh Data from 27 users over 3 weeks – cell phones – GPS & WiFi Assumes that an erroneous disclosure is 20x worse than an erroneous non-disclosure & fully “rational” user Value of Richer Privacy Settings

Copyright © Norman M. Sadeh Higher Accuracy Also Means More Sharing People tend to err on the safe side Explains lack of adoption of Loopt & Latitude

Copyright © Norman M. Sadeh Loc/Time+ Loc/Time Time+ Loc Time+ White list Expressiveness Helps More When Data is More Sensitive

Copyright © Norman M. Sadeh Taking Into Account User Burden User burden considerations may lead us to select less expressive mechanisms. How can we guide the design process?

Copyright © Norman M. Sadeh Revised Methodology (“version 2”)  Rational user assumption: users define policies that take full advantage of available expressiveness  Relaxing the Rational User Assumption: A user’s strategy h*(t) is no longer the “optimal” strategy but instead the best strategy the user can define subject to some constraints Example: limit on the number of rules or amount of time  Revised Search Algorithm To be informed by human subject studies

Copyright © Norman M. Sadeh With User Burden Considerations – Number of Rules

Copyright © Norman M. Sadeh Same Analysis for Facebook Friends Only It takes a smaller number of rules to see a difference when the rules are only used for a single group (e.g. Facebook friends)

Copyright © Norman M. Sadeh Do Users Fully Leverage More Expressive Settings?  No: Depends on the user, the user interface, amount of time, tolerance for error, etc.  How can we help users make the most of the settings they are given?

Can We Entice Users to Tweak their Policies? Janice Tsai, Patrick Kelley, Paul Hankes Drielsma, Lorrie Cranor, Jason Hong, and Norman Sadeh. Who’s Viewed You? The Impact of Feedback in a Mobile-location System. CHI ’09. Who’s Viewed You? The Impact of Feedback in a Mobile-location System.

Copyright © Norman M. Sadeh Could Auditing Help?  Users do not always know their own policies  Users do not fully understand how their rules will operate in practice  Auditing (‘feedback’) functionality may help users better understand the behaviors their policies give rise to

Copyright © Norman M. Sadeh CMU – Intelligence Seminar – April 6, Slide 22 Feedback Through Audit Logs

Copyright © Norman M. Sadeh Evaluating the Usefulness of Feedback: Before/After Surveys – Facebook Study 56 Facebook users divided into 2 groups: one w. (“F”) and one w/o (“NF”) access to a history of requests for their location F=w. fdbk NF= w/o fdbk Overall (F & NF)

Copyright © Norman M. Sadeh Evaluating the Usefulness of Feedback: Looking at People’s Privacy Rules – Facebook Study Examining Users’ Privacy Rules at the end of the study Auditing No Auditing Hours viewable per week Average: 122 hr/week Average: 101 hr/week

Copyright © Norman M. Sadeh  76.9% of people who had “feedback” indicated they wanted to keep it  83.3% of those who didn’t have said they would like to have it Evaluating the Usefulness of Feedback: Do People Want it?

Copyright © Norman M. Sadeh Policy Evolution – with feedback Data for 12 most active users across 3 pilots of PeopleFinder Application Norman Sadeh, Jason Hong, Lorrie Cranor, Ian Fette, Patrick Kelley, Madhu Prabaker, and Jinghai Rao. Understanding and Capturing People’s Privacy Policies in a Mobile Social Networking Application Journal of Personal and Ubiquitous Computing 2009.Understanding and Capturing People’s Privacy Policies in a Mobile Social Networking Application

Copyright © Norman M. Sadeh Contrast this with Android or the iPhone Users expected to agree upfront Coarse 24-hour audit

Copyright © Norman M. Sadeh Locaccino Today

Can We Reduce User Burden?

Copyright © Norman M. Sadeh Can You Find a Default Policy?  Location sharing with members of the campus community – 30 different users Green: Share Red: Don’t

Copyright © Norman M. Sadeh Clustering Canonical Policies – Privacy Personas Canonical locations, days of the week and times of the day: Morning, home, work, weekday, lunch time Ramprasad Ravichandran, Michael Benisch, Patrick Gage Kelley, and Norman M. Sadeh. Capturing Social Networking Privacy Preferences: Can Default Policies Help Alleviate Tradeo ff s between Expressiveness and User Burden? PETS ’09.Capturing Social Networking Privacy Preferences: Can Default Policies Help Alleviate Tradeo ff s between Expressiveness and User Burden?

Copyright © Norman M. Sadeh Do Locations Have Intrinsic Privacy Preferences? Location entropy as a possible predictor E. Toch, J. Cranshaw, P.H. Drielsma, J. Y. Tsai, P. G. Kelley, L. Cranor, J. Hong, N. Sadeh, "Empirical Models of Privacy in Location Sharing", in Proceedings of the Twelfth International Conference on Ubiquitous Computing. Ubicomp 2010

Copyright © Norman M. Sadeh Question: Can Machine Learning Help?

Copyright © Norman M. Sadeh User-Controllable Policy Learning (patent pending)  Learning traditionally configured as a “black box” technology  Users are unlikely to understand the policies they end up with Major source of vulnerability  Can we develop technology that incrementally suggests policy changes to users? Tradeoff between rapid convergence and maintaining policies that users can relate to

Copyright © Norman M. Sadeh User-Controlled Policy Learning (patent pending)

Copyright © Norman M. Sadeh Suggesting Rule Modifications based on User Feedback (patent pending) MonTueWedThuFriSatSun Colleagues Spouse Friends John Mike Steve Dave Pat Helen Chuck Mike Sue Possible new group Possible new rule Possible rule modification Legend: Access grantedSuggested Rule Change Audited Request Audit says Deny AccessAudit says Grant Access

Copyright © Norman M. Sadeh Exploring Neighboring Policies: Users Are More Likely to Understand Incremental Changes Rate neighboring policies based on:  Accuracy  Complexity  Distance from current policy Emphasis on keeping changes understandable

Copyright © Norman M. Sadeh With Suggestions for Policy Refinement Patrick Kelley, Paul Hankes Drielsma, Norman Sadeh, Lorrie Cranor. User Controllable Learning of Security and Privacy Policies. AISec 2008.User Controllable Learning of Security and Privacy Policies.

Copyright © Norman M. Sadeh Summary  Users are not very good at specifying policies Vulnerability  Tradeoffs between expressiveness and user burden Quantifying the benefits of additional expressiveness can help  Auditing functionality helps Including Asking questions  Why/Why not? What if?  User-understandable personas/profiles  User-Controllable Learning - Suggestions Moving away from machine learning as a black box

Copyright © Norman M. Sadeh Some Ongoing Work  Evaluating combinations of the solutions presented today  Nudging Users towards safer practices “Soft paternalism” Can we provide users with feedback that nudges them towards safer practices Can we identify default policies that are biased towards safer practices?  Modulate Location Names: More than just privacy Joint work with Jialiu Lin and Jason Hong  Understanding Cultural Differences China-US study

Copyright © Norman M. Sadeh Concluding Remarks  …This talk focused solely on location!  Mobile computing and social networking: a wide range of data sharing scenarios  Vision: Intelligent privacy agents Help scale to interactions with a large number of apps and services Learn user models Can selectively enter in dialogues with users and nudge them towards safer practices

Copyright © Norman M. Sadeh Q&A Funding US National Science Foundation, the US Army Research Office, CMU CyLab, Microsoft, Google, Nokia, FranceTelecom, and ICTI Collaborators Faculty: Lorrie Cranor, Jason Hong, Alessandro Acquisti Post-Docs: Paul Hankes Drielsma, Eran Toch, Jonathan Mugan PhD Students: Patrick Kelley, Jialiu Lin, Janice Tsai, Michael Benisch, Justin Cranshaw, Ram Ravichandran, Tarun Sharma Staff: Jay Springfield (research programmer) and Linda Francona (Lab manager) Spinoff The User-Controllable Privacy Platform on top of which Locaccino is built is now commercialized by Zipano Technologies.

Copyright © Norman M. Sadeh Relevant Publications - I  Norman Sadeh, Jason Hong, Lorrie Cranor, Ian Fette, Patrick Kelley, Madhu Prabaker, and Jinghai Rao. Understanding and Capturing People’s Privacy Policies in a Mobile Social Networking Application Journal of Personal and Ubiquitous Computing 2009.Understanding and Capturing People’s Privacy Policies in a Mobile Social Networking Application  Ramprasad Ravichandran, Michael Benisch, Patrick Gage Kelley, and Norman M. Sadeh. Capturing Social Networking Privacy Preferences: Can Default Policies Help Alleviate Tradeo ff s between Expressiveness and User Burden? PETS ’09.Capturing Social Networking Privacy Preferences: Can Default Policies Help Alleviate Tradeo ff s between Expressiveness and User Burden?  Patrick Kelley, Paul Hankes Drielsma, Norman Sadeh, Lorrie Cranor. User Controllable Learning of Security and Privacy Policies. AISec 2008.User Controllable Learning of Security and Privacy Policies.  Michael Benisch, Patrick Gage Kelley, Norman Sadeh, Lorrie Faith Cranor. Capturing Location Privacy Preferences: Quantifying Accuracy and User Burden Tradeoffs. CMU-ISR Tech Report , March Accepted for publication in Journal of Personal and Ubiquitous ComputingCapturing Location Privacy Preferences: Quantifying Accuracy and User Burden Tradeoffs.  Janice Tsai, Patrick Kelley, Paul Hankes Drielsma, Lorrie Cranor, Jason Hong, and Norman Sadeh. Who’s Viewed You? The Impact of Feedback in a Mobile-location System. CHI ’09. Who’s Viewed You? The Impact of Feedback in a Mobile-location System.  Jason Cornwell, Ian Fette, Gary Hsieh, Madhu Prabaker, Jinghai Rao, Karen Tang, Kami Vaniea, Lujo Bauer, Lorrie Cranor, Jason Hong, Bruce McLaren, Mike Reiter, and Norman Sadeh. User-Controllable Security and Privacy for Pervasive Computing. The 8th IEEE Workshop on Mobile Computing Systems and Applications (HotMobile 2007) User-Controllable Security and Privacy for Pervasive Computing.  Norman Sadeh, Fabien Gandon and Oh Buyng Kwon. Ambient Intelligence: The MyCampus Experience School of Computer Science, Carnegie Mellon University, Technical Report CMU-ISRI , July 2005.Ambient Intelligence: The MyCampus Experience

Copyright © Norman M. Sadeh Relevant Publications - II  P. Gage Kelley, M. Benisch, L. Cranor and N. Sadeh, “When Are Users Comfortable Sharing Locations with Advertisers”, in Proceedings of the 29 th annual SIGCHI Conference on Human Factors in Computing Systems, CHI2011, May Also available as CMU School of Computer Science Technical Report, CMU-ISR and CMU CyLab Tech Report CMU-CyLab  J. Cranshaw, E. Toch, J. Hong, A. Kittur, N. Sadeh, "Bridging the Gap Between Physical Location and Online Social Networks", in Proceedings of the Twelfth International Conference on Ubiquitous Computing. Ubicomp 2010  E. Toch, J. Cranshaw, P.H. Drielsma, J. Y. Tsai, P. G. Kelley, L. Cranor, J. Hong, N. Sadeh, "Empirical Models of Privacy in Location Sharing", in Proceedings of the Twelfth International Conference on Ubiquitous Computing. Ubicomp 2010  Jialiu Lin, Guang Xiang, Jason I. Hong, and Norman Sadeh, "Modeling People’s Place Naming Preferences in Location Sharing", Proc. of the 12th ACM International Conference on Ubiquitous Computing, Copenhagen, Denmark, Sept 26-29,  Karen Tang, Jialiu Lin, Jason Hong, Norman Sadeh, Rethinking Location Sharing: Exploring the Implications of Social-Driven vs. Purpose-Driven Location Sharing. Proc. of the 12th ACM International Conference on Ubiquitous Computing, Copenhagen, Denmark, Sept 26-29, 2010.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.