Skip to main content
SpringerLink
Log in

Dynamic Consent: Physical Switches and Feedback to Adjust Consent to IoT Data Collection

  • Conference paper
  • First Online:
Distributed, Ambient and Pervasive Interactions (HCII 2020)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 12203))

Included in the following conference series:

Abstract

From smart homes to highly energy-optimized office building and smart city, the adoption of living in smart spaces requires that the inhabitants feel comfortable with the level of data being collected about them in order to provide smartness. However, you usually provide this consent on—or best before—your very first interaction. Thus, firstly your consent might vary over the time of usage. Secondly, it is not always obvious if data is currently collected or not. This paper addresses two missing elements in the interaction with a smart environment: First, the general concept of dynamicity of consent to data collection. Second, provision of a physical interaction to gather and change consent and a physical feedback on the current data collection status. By the feedback being physical we mean being visual, haptic or accoustic, in order to allow natural perception by the users in the physical space. For both components we provide examples which show how one could make both the current status as well as the consent physical and discuss the user perception. We argue that having a physical interaction to start potentially privacy-invasive data collections is a useful enrichment for legal consent, and physically visible status is helpful to make a decision.

Henrich C. Pöhls—Supported by EU H2020 grant \(\text {n}^o\)780315 (SEMIoTICS).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    ict-rerum.eu (accessed 30 Nov 2019).

  2. 2.

    https://www.tvilight.com (accessed 30 Nov 2019).

  3. 3.

    https://www.greenerbuildings.eu (accessed 30 Nov. 2019).

  4. 4.

    These examples emerged from several open discussions with users of IoT enabled spaces we conducted in preparation of this work.

  5. 5.

    Proclaimed by Tony Fadell, the inventor of Nest thermostats.

  6. 6.

    https://www.amazon.com/Alexa-Privacy-Hub (accessed Nov. 2019).

  7. 7.

    Compare the attacks to bypass the indicator of a webcam [14].

  8. 8.

    https://www.amazon.com/Alexa-Privacy-Hub (accessed Nov. 2019).

  9. 9.

    https://www.amazon.com/Alexa-Privacy-Hub (accessed Nov. 2019).

  10. 10.

    https://www.candlesmarthome.com/jesse-howard-innovations (accessed Dec. 2019).

  11. 11.

    See for example Lenovo’s Blog Post from 2010 on the ThinkCentre M90z http://blog.lenovo.com/en/blog/watch-that-webcam (accessed Jan. 2020).

  12. 12.

    See for example the top-listed feature of “a physical shutter to protect from malicious surveillance.” https://www8.hp.com/uk/en/solutions/computer-security.html (accessed Jan. 2020).

  13. 13.

    For example there are third-party vendors selling physical covers, like for the Logitech C920 Webcam https://www.youtube.com/watch?v=2uNMcJXt0fo (accessed Jan. 2020).

  14. 14.

    https://supporters.eff.org/shop/eff-sticker-pack (accessed Dec. 2019).

  15. 15.

    https://www.thingiverse.com/thing:2003903 (accessed Dec. 2019).

  16. 16.

    We note here, that of course the fact that data is not being collected is information that can still be collected.

  17. 17.

    We note here, that of course the fact that data is not being collected is information that can still be collected.

  18. 18.

    We are aware that a non-glowing sensor would not enable the user to distinguish from a malicious or faulty sensor that is plugged-in and collecting data but not glowing; however we wanted to convey to users an example that physically disconnects the data gathering device.

References

  1. European Parliament and the Council of the European Union: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation). Off. J. OJ L, 1–88, May 2016. 119 of 4.5.2016

    Google Scholar 

  2. OECD: The OECD Privacy Framework (2013). http://oecd.org/sti/ieconomy/oecd_privacy_framework.pdf. Accessed Jan 2020

  3. EU Article 29 Data Protection Working Party (WP 223): Opinion 8/2014 on the Recent Developments on the Internet of Things, pp. 1–24, September 2014

    Google Scholar 

  4. Pöhls, H.C., et al.: RERUM: building a reliable IoT upon privacy- and security- enabled smart objects. In: Wireless Communications and Networking Conference Workshop on IoT Communications and Technologies (WCNC 2014), April 2014, pp. 122–127. IEEE (2014)

    Google Scholar 

  5. Tragos, E.Z., et al.: Enabling reliable and secure IoT-based smart city applications. In: Proceedings of the International Conference on Pervasive Computing and Communication Workshops (PERCOM 2014), March 2014, pp. 111–116. IEEE (2014)

    Google Scholar 

  6. Staudemeyer, R.C., Pöhls, H.C., Watson, B.W.: Security and privacy for the Internet of Things communication in the SmartCity. In: Angelakis, V., Tragos, E., Pöhls, H.C., Kapovits, A., Bassi, A. (eds.) Designing, Developing, and Facilitating Smart Cities, pp. 109–137. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-44924-1_7

    Chapter  Google Scholar 

  7. Danezis, G., et al.: Privacy and data protection by design - from policy to engineering. Tech. rep. European Union Agency for Network and Information Security, December 2014

    Google Scholar 

  8. Cavoukian, A.: Privacy by design: the 7 foundational principles. Revised Version. http://www.privacybydesign.ca/content/uploads/2009/08/7foundationalprinciples.pdf. Accessed Nov 2019

  9. Weiser, M.: Some computer science issues in ubiquitous computing. Commun. ACM 36(7), 75–84 (1993)

    Article  Google Scholar 

  10. Frizell, S.: This Startup is Trying to Create - and Control - the Internet of Your Home. Time Mag. 184(1) (2014). https://time.com/magazine/us/2926387/july-7th-2014-vol-184-no-1-u-s/

  11. Allhoff, F., Henschke, A.: The Internet of Things: foundational ethical issues. Internet of Things 1, 55–66 (2018)

    Article  Google Scholar 

  12. Vella, M.: Nest CEO Tony Fadell on the future of the smart home. Time Mag. 184(1) (2014). https://time.com/magazine/us/2926387/july-7th-2014-vol-184-no-1-u-s/

  13. Könings, B., Schaub, F.: Territorial privacy in ubiquitous computing. In: 8th International Conference on Wireless On-Demand Network Systems and Services, pp. 104–108. IEEE (2011)

    Google Scholar 

  14. Brocker, M., Checkoway, S.: iSeeYou: disabling the MacBook webcam indicator LED. In: 23rd USENIX Security Symposium (USENIX Security 14), pp. 337–352 (2014)

    Google Scholar 

  15. Sugawara, T., Cyr, B., Rampazzi, S., Genkin, D., Fu, K.: Light commands: laser-based audio injection on voice-controllable systems (2019). https://lightcommands.com/. Accessed 13 Dec 2019

  16. Zhang, G., Yan, C., Ji, X., Zhang, T., Zhang, T., Xu, W.: Dolphinattack: inaudible voice commands. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pp. 103–117. ACM (2017)

    Google Scholar 

  17. Roy, N., Shen, S., Hassanieh, H., Choudhury, R.R.: Inaudible voice commands: the long-range attack and defense. In: 15th USENIX Symposium on Networked Systems Design and Implementation (NSDI 18), pp. 547–560 (2018)

    Google Scholar 

  18. Karegar, F., Gerber, N., Volkamer, M., Fischer-Hübner, S.: Helping john to make informed decisions on using social login. In: Proceedings of the 33rd Annual ACM Symposium on Applied Computing, SAC 2018, New York, NY, USA, pp. 1165–1174. Association for Computing Machinery (2018). https://doi.org/10.1145/3167132.3167259

  19. Johnson, E.J., Bellman, S., Lohse, G.L.: Defaults, framing and privacy: why opting in-opting out. Mark. Lett. 13, 5–15 (2002)

    Article  Google Scholar 

  20. The Guardian - Alex Hern: Mark Zuckerberg tapes over his webcam. Should you?, June 2016. https://www.theguardian.com/technology/2016/jun/22/mark-zuckerberg-tape-webcam-microphone-facebook. Accessed Dec 2019

  21. Rosner, G., Kenneally, E.: Clearly opaque: privacy risks of the Internet of Things. In: Rosner, G., Erin, K. (eds.) Clearly Opaque: Privacy Risks of the Internet of Things, 1 May 2018. IoT Privacy Forum (2018)

    Google Scholar 

  22. Könings, B., Schaub, F., Weber, M.: Privacy and trust in ambient intelligent environments. In: Ultes, S., Nothdurft, F., Heinroth, T., Minker, W. (eds.) Next Generation Intelligent Environments, pp. 133–164. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-23452-6_4

    Chapter  Google Scholar 

Download references

Acknowledgment

H. C. Pöhls was partially funded by the European Union’s H2020 grant \(\text {n}^o\)780315 (SEMIoTICS). This paper reflects only the authors’ views.

Author information

Authors and Affiliations

  1. Institute of IT-Security and Security Law, University of Passau, Passau, Germany

    Henrich C. Pöhls

  2. Worcester Polytechnic Institute, Worcester, MA, USA

    Noëlle Rakotondravony

Authors
  1. Henrich C. Pöhls
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Noëlle Rakotondravony
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Henrich C. Pöhls .

Editor information

Editors and Affiliations

  1. Smart Future Initiative, Frankfurt/Main, Germany

    Norbert Streitz

  2. Kyushu University, Fukuoka, Japan

    Shin'ichi Konomi

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Pöhls, H.C., Rakotondravony, N. (2020). Dynamic Consent: Physical Switches and Feedback to Adjust Consent to IoT Data Collection. In: Streitz, N., Konomi, S. (eds) Distributed, Ambient and Pervasive Interactions. HCII 2020. Lecture Notes in Computer Science(), vol 12203. Springer, Cham. https://doi.org/10.1007/978-3-030-50344-4_23

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-50344-4_23

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-50343-7

  • Online ISBN: 978-3-030-50344-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation