Search for: All records

Current privacy protections for smart home devices rarely consider bystanders' privacy, whose preferences are varied and may differ from primary users. We use Contextual Integrity theory to explore context-dependent variation in privacy norms regarding smart home bystanders’ data. We conducted a vignette-based survey with 761 participants in the US, varying parameter values to capture acceptability judgments regarding bystander information flows in certain situations: domestic work, shared housing, visiting a friend overnight, and Airbnb. We found that recipients and purposes of sharing impact acceptance the most. Sharing interaction logs was more acceptable than audio or video. Sharing smart speaker data was less acceptable than smart camera or smart door lock data. We found nuanced interaction effects between factors in different smart home situations, and differences between protections most favored by participants playing bystander vs. owner roles. We provide design and policy recommendations for smart home privacy protections that consider bystanders' needs. 

Smart home devices raise privacy concerns among not only primary users but also bystanders like domestic workers. We conducted 25 qualitative interviews with nannies and 16 with parents who employed nannies, in the U.S., to explore and compare their views on and privacy threat models for smart home devices. We found device-specific purposes of use inspired different perspectives among nanny participants. Most were comfortable with employers’ smart speakers and smart TVs, whose purpose had nothing to do with them. However, with indoor smart cameras, nanny participants were often not just bystanders but targets of monitoring; in such situations, they had a wider range of attitudes. In contrast, parent participants tended to have more similar views across devices. We found notable disconnects regarding disclosure, where nanny participants often hesitated to ask about cameras, but parent participants assumed nannies just didn’t care. We recommend prioritizing interventions supporting disclosure, discussion, and sharing control. 

As smart home devices proliferate, protecting the privacy of those who encounter the devices is of the utmost importance both within their own home and in other people's homes. In this study, we conducted a large-scale survey (N=1459) with primary users of and bystanders to smart home devices. While previous work has studied people's privacy experiences and preferences either as smart home primary users or as bystanders, there is a need for a deeper understanding of privacy experiences and preferences in different contexts and across different countries. Instead of classifying people as either primary users or bystanders, we surveyed the same participants across different contexts. We deployed our survey in four countries (Germany, Mexico, the United Kingdom, and the United States) and in two languages (English and Spanish). We found that participants were generally more concerned about devices in their own homes, but perceived video cameras—especially unknown ones—and usability as more concerning in other people's homes. Compared to male participants, female and non-binary participants had less control over configuration of devices and privacy settings—regardless of whether they were the most frequent user. Comparing countries, participants in Mexico were more likely to be comfortable with devices, but also more likely to take privacy precautions around them. We also make cross-contextual recommendations for device designers and policymakers, such as nudges to facilitate social interactions. 

Abstract: Health data is considered to be sensitive and personal; both governments and software platforms have enacted specific measures to protect it. Consumer apps that collect health data are becoming more popular, but raise new privacy concerns as they collect unnecessary data, share it with third parties, and track users. However, developers of these apps are not necessarily knowingly endangering users’ privacy; some may simply face challenges working with health features. To scope these challenges, we qualitatively analyzed 269 privacy-related posts on Stack Overflow by developers of health apps for Android- and iOS-based systems. We found that health-specific access control structures (e.g., enhanced requirements for permissions and authentication) underlie several privacy-related challenges developers face. The specific nature of problems often differed between the platforms, for example additional verification steps for Android developers, or confusing feedback about incorrectly formulated permission scopes for iOS. Developers also face problems introduced by third-party libraries. Official documentation plays a key part in understanding privacy requirements, but in some cases, may itself cause confusion. We discuss implications of our findings and propose ways to improve developers’ experience of working with health-related features -- and consequently to improve the privacy of their apps’ end users. 

Smart home cameras raise privacy concerns in part because they frequently collect data not only about the primary users who deployed them but also other parties -- who may be targets of intentional surveillance or incidental bystanders. Domestic employees working in smart homes must navigate a complex situation that blends privacy and social norms for homes, workplaces, and caregiving. This paper presents findings from 25 semi-structured interviews with domestic childcare workers in the U.S. about smart home cameras, focusing on how privacy considerations interact with the dynamics of their employer-employee relationships. We show how participants’ views on camera data collection, and their desire and ability to set conditions on data use and sharing, were affected by power differentials and norms about who should control information flows in a given context. Participants’ attitudes about employers’ cameras often hinged on how employers used the data; whether participants viewed camera use as likely to reinforce negative tendencies in the employer-employee relationship; and how camera use and disclosure might reflect existing relationship tendencies. We also suggest technical and social interventions to mitigate the adverse effects of power imbalances on domestic employees’ privacy and individual agency.