The project investigated privacy requirements, developing a variety of novel techniques to capture and elicit user activity as part of field studies that involved real mobile applications. These techniques were used in conjunction with traditional methods such as focus group studies, interviewing and online questionnaires. We tracked user behavior to see how people interacted particularly with social networks, but also with monitoring location information relating to friends and family. These requirements were used to produce a privacy management framework that enables users to specify privacy preferences, to help visualize them, to learn from the user’s behaviour what their likely preferences are, and to enforce privacy policies. From the perspective of the Imperial research team, the emphasis of the work was on learning privacy policies which can automate the privacy related actions taken by users, by monitoring their past behavior. This was complemented by the work of the OU research team, who focussed on developing techniques for eliciting and analysing privacy requirements for mobile applications; conducting field studies to gain an in-depth understanding of users’ privacy concerns and to evaluate technologies for enhancing end-user privacy management.
This work addressed a number of research issues:
- how do people perceive privacy in ubiquitous systems – what information will they release and how does current context influence their perception of privacy?
- what types of privacy controls would people like to have when using ubiquitous systems?
- how to develop privacy control tools that are easy to use via simple interfaces (e.g. mobile phones) as well as large screen devices?
- how to detect and resolve inconsistencies in users’ privacy requirements?
- what mechanisms can be used to automate privacy control in ubiquitous systems?
The framework we produced to address these issues will integrate users’ privacy policies with their personal information to control how information is used. By providing an analysis and learning system within the framework, we believe that we can produce a usable system that does not burden users with complex privacy rule sets and provides adaptive, unobtrusive privacy management capabilities.
The project was in collaboration with the Open University, Dr. A Russo, Dr. N. Dulay and Prof. Morris Sloman at Imperial College