The opaque data practices in smart home devices have raised significant privacy concerns for smart home users and bystanders. One way to learn about the data practices is through privacy-related notifications. However, how to deliver these notifications to users and bystanders and increase their awareness of data practices is not clear. We surveyed with 136 users and 123 bystanders to understand their preferences of receiving privacy-related notifications in smart homes. We further collected their responses to four mechanisms that improve privacy awareness (e.g., Data Dashboard) as well as their selections of mechanisms in four different scenarios (e.g., friend visiting ). Our results showed the pros and cons of each privacy awareness mechanism, e.g., Data Dashboard can help reduce bystanders' dependence on users. We also found some unique benefits of each mechanism (e.g., Ambient Light could provide unobtrusive privacy awareness). We summarized four key design dimensions for future privacy awareness mechanisms design.
Home energy management systems (HEMS) offer control and the ability to manage energy, generating and collecting energy consumption data at the most detailed level. However, data at this level poses various privacy concerns, including, for instance, profiling consumer behaviors and large-scale surveillance. The question of how utility providers can get value from such data without infringing consumers' privacy has remained under-investigated. We address this gap by exploring the pro-sharing attitudes and privacy perceptions of 30 HEMS users and non-users through an interview study. While participants are concerned about data misuse and stigmatization, our analysis also reveals that incentives, altruism, trust, security and privacy, transparency and accountability encourage data sharing. From this analysis, we derive privacy design strategies for HEMS that can both improve privacy and engender adoption.
We conducted a user study with 380 Android users, profiling them according to two key privacy behaviors: the number of apps installed and the Dangerous permissions granted to those apps. We identified four unique privacy profiles: 1) Privacy Balancers (49.74% of participants), 2) Permission Limiters (28.68% ), 3) App Limiters (14.74%), and 4) the Privacy Unconcerned (6.84%). App and Permission Limiters were significantly more concerned about perceived surveillance than Privacy Balancers and the Privacy Unconcerned. App Limiters had the lowest number of apps installed on their devices with the lowest intention of using apps and sharing information with them, compared to Permission Limiters who had the highest number of apps installed and reported higher intention to share information with apps. The four profiles reflect the differing privacy management strategies, perceptions, and intentions of Android users that go beyond the binary decision to share or withhold information via mobile apps.
With the growing smartphone penetration rate, smartphone settings remain one of the main models for information privacy and security controls. Yet, their usability is largely understudied, especially with respect to the usability impact on underrepresented socio-economic and low-tech groups. In an online survey with 178 users, we find that many people are not aware of smartphone privacy and security settings, their defaults, and have not configured them in the past, but are willing to do it in the future. Some participants perceive low self-efficacy and expect difficulties and usability issues with configuring those settings. Finally, we find that certain socio-demographic groups are more vulnerable to risks and feel less prepared to use smartphone settings to protect their online privacy and security.