Human-Centered Privacy for the Internet of Things
Impact: We developed end to end privacy solutions for the Internet of Things
As more gadgets become “smart” things and the Internet of Things (IoT) expands to tens of billions of connected devices, we want consumers to be aware of what their devices are doing with their personal data. We designed new hardware, a new software stack, and new consumer safety labels to help improve privacy and security.
We designed and implemented many privacy and security solutions for IoT devices with an emphasis on usability, including a consumer privacy and security label.
This work led to...
- The IoT Security and Privacy label. Following the style of food nutrition labels, our team designed and evaluated a new IoT Security and Privacy label to standardize information sharing about IoT devices. We designed the label to offer two levels of information about security and data practices – an easy to understand primary layer for a consumer audience and a more detailed secondary layer that includes information important to experts. This is a market-based approach to help everyday consumers understand potential privacy and security aspects of IoT devices, and encourage manufacturers to disclose their privacy and security practices. This work has received tremendous interest from governments, non-profits, and industry both in the US and abroad, and has strongly influenced US Cyber Trust Mark (USCTM).
- A white paper with New America. “Toward a Safe and Secure Internet of Things”
- Inventing privacy-sensitive sensors. We invented new techniques for processing sensor data to do human activity recognition in a privacy-sensitive manner, which is important for the deployment of sensors in smart offices and smart homes.
- A new “Mites” stack. Our team designed and implemented an end-to-end IoT stack with security and privacy as our primary design goal. Our “Mites” stack of over 300 sensors is deployed in offices and common spaces of an 100,000+ sq ft office building, forming the first of its kind IoT testbed with numerous novel privacy features.
Supported by: The National Science Foundation, Google, Infineon, Cisco, and Intel.
Timing: 2019 - 2025
Related work:
- One page handout about the Security and Privacy Labels (pdf)
- See www.iotsecurityprivacy.org for more information
- See https://www.synergylabs.org/research for more information
Researchers: Jason Hong, Lorrie Cranor, Yuvraj Agarwal and team
Research Area: Usable Privacy and Security
Looking at Additional HCII Impacts...
NoRILLA Interactive Mixed-Reality Science for Kids
Our novel, mixed-reality intelligent science stations bridge the physical and virtual worlds. Millions of children and families across the US are learning more science and improving their critical thinking skills after predicting, observing and explaining experiments with our patented system at their schools and museums.
Protecting Millions of People from Phishing Scams
We studied the social aspects of phishing attacks and protected millions of people through education and training. This work led to new educational methods to raise awareness, effective anti-phishing warnings, and algorithmic detection of phishing attacks.
Grading Your Smartphone Apps on Their Privacy Practices
We created a model that analyzed over 1 million smartphone apps on their privacy and data collection practices, and then assigned them a public-facing privacy grade. This easy-to-follow grading system raised public awareness and led to improved privacy practices from several app developers.
TapSense Improved Touch Detection on Millions of Smartphones
We trained smartphones to reliably detect four different touchscreen inputs – for example, a tap by a finger pad as compared to a knuckle – which created opportunities for new interactions and features.
Millions Learned More Math with Our AI Tutor
Millions of middle school and high school students across the US have learned more math as a result of our decades of work with AI-based cognitive tutoring systems.
Human-Centered Privacy for the Internet of Things
As more gadgets become “smart” things and the Internet of Things (IoT) expands to tens of billions of connected devices, we want consumers to be aware of what their devices are doing with their personal data.
Improved Math Mastery with the Decimal Point Game
We explored the learning analytics behind our digital learning game to see how student learning responds to curriculum changes to the game. Over the past 10 years, over 1,500 students have benefited from the Decimal Point game and curriculum materials.
Zensors Turns Cameras Into Smart Sensors
In one application installed at the Pittsburgh International Airport in 2019, Zensors use existing cameras as powerful general-purpose sensors to provide wait time estimates for the security line, which benefits almost 10M PIT travelers per year.