Impact: We developed end to end privacy solutions for the Internet of Things

As more gadgets become “smart” things and the Internet of Things (IoT) expands to tens of billions of connected devices, we want consumers to be aware of what their devices are doing with their personal data. We designed new hardware, a new software stack, and new consumer safety labels to help improve privacy and security.

We designed and implemented many privacy and security solutions for IoT devices with an emphasis on usability, including a consumer privacy and security label.

This work led to... 

  • The IoT Security and Privacy label. Following the style of food nutrition labels, our team designed and evaluated a new IoT Security and Privacy label to standardize information sharing about IoT devices. We designed the label to offer two levels of information about security and data practices – an easy to understand primary layer for a consumer audience and a more detailed secondary layer that includes information important to experts. This is a market-based approach to help everyday consumers understand potential privacy and security aspects of IoT devices, and encourage manufacturers to disclose their privacy and security practices. This work has received tremendous interest from governments, non-profits, and industry both in the US and abroad, and has strongly influenced US Cyber Trust Mark (USCTM).
  • A white paper with New America. “Toward a Safe and Secure Internet of Things”
  • Inventing privacy-sensitive sensors. We invented new techniques for processing sensor data to do human activity recognition in a privacy-sensitive manner, which is important for the deployment of sensors in smart offices and smart homes.
  • A new “Mites” stack. Our team designed and implemented an end-to-end IoT stack with security and privacy as our primary design goal. Our “Mites” stack of over 300 sensors is deployed in offices and common spaces of an 100,000+ sq ft office building, forming the first of its kind IoT testbed with numerous novel privacy features.


Supported by:  The National Science Foundation, Google, Infineon, Cisco, and Intel.

Timing:  2019 - 2025

Related work: 

Researchers:  Jason Hong, Lorrie Cranor, Yuvraj Agarwal and team

Research Area:  Usable Privacy and Security 

 

Looking at Additional HCII Impacts...

Nesra sits at a NoRILLA table and reaches for a tower of blocks

NoRILLA Interactive Mixed-Reality Science for Kids

Our novel, mixed-reality intelligent science stations bridge the physical and virtual worlds. Millions of children and families across the US are learning more science and improving their critical thinking skills after predicting, observing and explaining experiments with our patented system at their schools and museums.

screenshot of the game Anti-Phishing Phil, named after an orange fish in an underwater world that helps players to learn more about phishing

Protecting Millions of People from Phishing Scams

We studied the social aspects of phishing attacks and protected millions of people through education and training. This work led to new educational methods to raise awareness, effective anti-phishing warnings, and algorithmic detection of phishing attacks.

PrivacyGrade

Grading Your Smartphone Apps on Their Privacy Practices

We created a model that analyzed over 1 million smartphone apps on their privacy and data collection practices, and then assigned them a public-facing privacy grade. This easy-to-follow grading system raised public awareness and led to improved privacy practices from several app developers.

hands interacting with a black touch screen with labeled inputs of fingernail, knuckle and pad

TapSense Improved Touch Detection on Millions of Smartphones

We trained smartphones to reliably detect four different touchscreen inputs – for example, a tap by a finger pad as compared to a knuckle – which created opportunities for new interactions and features.

screenshot from PAT, a cognitive tutor for algebra

Millions Learned More Math with Our AI Tutor

Millions of middle school and high school students across the US have learned more math as a result of our decades of work with AI-based cognitive tutoring systems.

proposed data label for IoT devices, modeled after a nutritional label

Human-Centered Privacy for the Internet of Things

As more gadgets become “smart” things and the Internet of Things (IoT) expands to tens of billions of connected devices, we want consumers to be aware of what their devices are doing with their personal data.

decimal point game map

Improved Math Mastery with the Decimal Point Game

We explored the learning analytics behind our digital learning game to see how student learning responds to curriculum changes to the game. Over the past 10 years, over 1,500 students have benefited from the Decimal Point game and curriculum materials.

Zensors airport queue screenshot

Zensors Turns Cameras Into Smart Sensors

In one application installed at the Pittsburgh International Airport in 2019, Zensors use existing cameras as powerful general-purpose sensors to provide wait time estimates for the security line, which benefits almost 10M PIT travelers per year.