Search RESCUE:

 

RESCUE Login:
User Name:
Password:

 

 

ITR-RESCUE is part of the California Institute for Telecommunications and Information Technology (Calit2) and its IT infrastructure is provided by Responsphere

Privacy Implications of Technology

Project Lead: S. Mehrotra (UCI)
Project Participants: UCI – C. Butts, P. Dourish, R. Matthews, N. Venkatasubramanian,  UCSD – S. Pasco UC-B – K. Tierney, UIUC – M. Winslett (UIUC)
Other Project Members:  3.5 Students (1.5 student for conducting user studies,  2 students to explore privacy technologies),  25% Programmer.

Project Summary:

Privacy concerns in infusing technology into real-world processes and activities arise for a variety of reasons, including unexpected usage and/or misuse for purposes for which the technology was not originally intended. These concerns are further exacerbated by the natural ability of modern information technology to record and make persistent information about entities (individuals, organizations, groups) and their interactions with technologies – information that can be exploited in the future against the interests of those entities. Such concerns, if unaddressed, constitute barriers to technology adoption or worse, result in adopted technology being misused to the detriment of the society. Our objective is to understand privacy concerns in adopting technology from the social and cultural perspective, and design socio-technological solutions to alleviate such concerns.

Grand Challenge:

The grand challenge guiding our research is whether Information Technologies can be designed with “knobs” that can be used to control disclosure of information amongst entities (individuals, organizations, government) with the objective of empowering technology adopters to fit the technology into existing  (and possibly dynamically evolving) societal and cultural expectations with respect to privacy. Given that diverse technologies can be used (or misused) in different, as-yet unimagined ways, leading to a multitude of privacy issues, it is unlikely that there is a single prescriptive technological solution or approach that will fully solve all privacy concerns. However, there may be a set of “best practices” – including minimal data collection; limiting and, if possible, eliminating the opportunity for information disclosure and inference from use of technology;   establishing clear policies about information collection/use/sharing; dynamically adaptive information collection and sharing that can be tuned based on specific situations and functionalities required; collecting data in such a way that it is useful only for purposes explicitly specified thereby eliminating the need for  individuals to trust organizations with their data – that can provide benefits to a range of circumstances.  Our goal is to explore such practices over a chosen set of technology usage scenarios and address technological challenges in realizing and implementing such practices:  policy languages that support privacy policies and data sharing/collection policies to be specified.

Project Focus:

The project focuses on understanding privacy concerns for a set of chosen technologies we are developing in RESCUE and their usage scenarios (described below). From studies of such scenario, we will gain insight into the nature of privacy concerns that arise, and explore privacy preserving technologies that can be used to alleviate privacy concerns. Another outcome of such studies might be a shared, common, privacy vocabulary/framework to talk about privacy issues in technology adoption and usage.

• Observation systems for situation monitoring: we will consider privacy concerns in using the multimodal pervasive infrastructure (consisting of video, audio, motion tracking, RFID, etc.) deployed at UCI. The infrastructure is being developed for variety of purposes including monitoring and recording emergency drills to building surveillance application.
• Customizable information dissemination technologies: We will consider privacy concerns in usage scenarios such as real-time seismic alerts to schools and organizations in California, and hurricane warning systems to provide customized warning to a large population. Above scenarios are being studied in the context of Information Dissemination project of RESCUE and we will leverage such studies to understand privacy challenges that arise.
• Technologies for inter-organizational data sharing: We will explore privacy concerns in two usage scenarios: a study of information exchange and interactions amongst various organizations at Champaign in case of a derailment with a chemical spill (described as part of PISA project) and a study of (government. & non-government.) inter-organization information exchange at Orange County. We have established ties with the Center of Unconventional Security Affairs (CUSA) at UCI whose members include all local law enforcement agencies and a representative selection of large and medium businesses in the areas of health services, financial services, retail, entertainment, IT and real estate. CUSA also is linked to the Homeland Security Advisory Council Region 1 and the Terrorism Early Warning Groups for Los Angeles and Orange Counties, both of which are interested in research on this issue. The proposed study will build on research on business continuity planning and emergency response already underway at CUSA. 

The approach to research in each of these studies would be to understand privacy concerns (through interactions, roundtable discussions, end-user participation, and workshops), determining “best practices” (minimal data collection, limiting information disclosure/inference, establishing clear policies for information collection/use/sharing,  etc.), exploring how such practices can be realized technologically (policy languages, enforcement mechanisms, information hiding techniques such as data perturbation, anonymization, etc.), and studying how technological innovation influences technology adoption.

Expected Results and Artifacts:

We expect to gain deep insight into privacy concerns in infusing technologies into real-world activities in general. Furthermore, we expect to very significantly advance state-of-the-art in privacy technologies. Based on these advances, we expect to design at least one information technology solution (viz. multimodal observation systems) with appropriate privacy “knobs” to control the amount of information collected disclosure and to explore the resulting privacy versus utility tradeoffs. Additional expected result is a shared common vocabulary to express privacy concerns, and a set of “best practices” that can be adopted to limit or eliminate a broad range of privacy concerns in technology usage.

Plans for Broader Impact and Outreach:

The above studies will provide insight into challenges in developing socially conscious technologies. Lessons learnt could influence scientific community exploring such technologies. Privacy technologies developed if transferred to commercial products could significantly influence adoption of technologies for crisis response.