Current Researchers:
David Nguyen and Gillian Hayes

Past Collaborators:
Aurora Bedford, Alex Bretana, Yann Jouitteau, Gabriela Marcu, Brian Sone,
Marc Langheinrich (USI), James Scott (Microsoft Research), and Khai Truong (University of Toronto)

In this project, we apply a commonly used model for understanding information privacy – the Concern for Information Privacy (CFIP) model – and present the ways that this model and its associated questionnaire can shed light on information privacy concerns towards pervasive and ubiquitous tracking and recording technologies. Specifically, the CFIP model encourages analysis of data across four facets of experience: the collection of personal data, the risk of improper access, the potential for unauthorized secondary use, and the challenge of preventing or correcting errors in the data. Through multiple studies, we apply this model to tracking and recording technology used and appropriated in everyday life – both novel technologies (e.g., SenseCam, RFID) and more common technologies (e.g., CCTV, credit cards, rewards cards). We investigate people’s concerns for information privacy in the context of everyday life about recording technologies based in both technical and social influences. Furthermore, we identify areas not well handled by this model of information privacy and suggest avenues for future work, including research on how and when to notify people about recording technologies, awareness of data provenance and leakage, and understanding of and access to the data assemblage being created about individuals.

This work is supported in part by an NSF CAREER grant #0846063 and through a collaboration with Microsoft Research Cambridge.

Publications:
Nguyen, D. H., & Hayes, G. R. (2010). Information Privacy in Institutional and End-user Tracking and Recording Technologies. Personal and Ubiquitous Computing, 14(1), 53-72. [pdf]

Nguyen, D. H., Marcu, G., Hayes, G. R., Truong, K. N., Scott, J., Langheinrich, M., and Roduner, C. (2009). Encountering SenseCam:  Personal Recording Technologies in Everyday Life. Paper presented at the 11th International Conference on Ubiquitous Computing (UbiComp 2009). [pdf]

Nguyen, D. H., Kobsa, A., & Hayes, G. R. (2008). An Empirical Investigation of Concerns of Everyday Tracking and Recording Technologies. Paper presented at the 10th International Conference on Ubiquitous Computing. [pdf]

Gillian had the privilege of joining Gary McGraw, Kim DeVries, Jim Routh, and Avi Ruben in a great panel at RSA.  The panel was largely about how to negotiate Acceptable Use Policies and technical infrastructure for security given the mounting pressure for people in the workplace–especially those who are on the younger side of things–to make use of these tools, as part of their work and as part of multi-tasking.  Gillian also talked a bit about the challenges of and opportunities for educating people about these issues, especially when they are really young.  Meg’s great work on both Acceptable Use Policies in schools and teaching kids about identity, security, and privacy is highly related to these issues as well.

This panel has generated some online chatter:

The Computer World article did a great job of describing some of the generation gap issues in the workplace today and how these manifest in policies around technology and security.  They also translated it into Portuguese (at least we think they did, we can’t read that article.  InfoSecurity also provided some interesting commentary on the panel.  Finally, the CyLab blog from CMU gave probably the most detailed reporting on the event, even going so far as to describe our skits.  For those of you who weren’t there, yes, thats right, there were two skits…. thankfully, they were authored by Gary’s brother Walt McGraw, with help from Gary and Jim.  So, they turned out to be pretty funny, despite the limited acting experience of Gillian and the rest of the panel.