research-article

SaferHome: Interactive Physical and Digital Smart Home Dashboards for Communicating Privacy Assessments to Owners and Bystanders

Authors:

Maximiliane Windl,

Alexander Hiesinger,

Albrecht Schmidt,

Sebastian S. FegerAuthors Info & Claims

Proceedings of the ACM on Human-Computer Interaction, Volume 6, Issue ISS

Article No.: 586, Pages 680 - 699

https://doi.org/10.1145/3567739

Published: 14 November 2022 Publication History

Abstract

Private homes are increasingly becoming smart spaces. While smart homes promise comfort, they expose most intimate spaces to security and privacy risks. Unfortunately, most users today are not equipped with the right tools to assess the vulnerabilities or privacy practices of smart devices. Further, users might lose track of the devices installed in their homes or are unaware of devices placed by a partner or host. We developed SaferHome, an interactive digital-physical privacy framework, to provide smart home users with security and privacy assessments and a sense of device location. SaferHome includes a digital list view and physical and digital dashboards that map real floor plans. We evaluated SaferHome with eight households in the wild. We find that users adopted various strategies to integrate the dashboards into their understanding and interpretation of smart home privacy. We present implications for the design of future smart home privacy frameworks that are impacted by technical affinity, device types, device ownership, and tangibility of assessments.

References

[1]

Noura Abdi, Kopo M. Ramokapane, and Jose M. Such. 2019. More than Smart Speakers: Security and Privacy Perceptions of Smart Home Personal Assistants. In Fifteenth Symposium on Usable Privacy and Security (SOUPS 2019). USENIX Association, Santa Clara, CA. 451–466. isbn:978-1-939133-05-2 https://www.usenix.org/conference/soups2019/presentation/abdi

[2]

Abdulaziz Abdugani. 2020. Privacy Analysis of Smart TV Communication: A case study of privacy threats in Smart TVs.

[3]

Maggie Astor. 2017. Your Roomba may be mapping your home, collecting data that could be shared. The New York Times, 25 (2017).

[4]

Aaron Bangor, Philip T Kortum, and James T Miller. 2008. An empirical evaluation of the system usability scale. Intl. Journal of Human–Computer Interaction, 24, 6 (2008), 574–594.

[5]

The BBC. 2019. Smart speaker recordings reviewed by humans. https://www.bbc.com/news/technology-47893082

[6]

France Bélanger and Robert E Crossler. 2011. Privacy in the digital age: a review of information privacy research in information systems. MIS quarterly, 1017–1041.

[7]

Giampaolo Bella and Lizzie Coles-Kemp. 2012. Layered analysis of security ceremonies. In IFIP International Information Security Conference. 273–286.

[8]

Ann Blandford, Dominic Furniss, and Stephann Makri. 2016. Qualitative HCI Research: Going Behind the Scenes. Morgan & Claypool Publishers, 51–60. isbn:9781627057608 https://doi.org/10.2200/S00706ED1V01Y201602HCI034

[9]

John Brooke. 1996. SUS-A quick and dirty usability scale. Usability evaluation in industry, 189, 194 (1996), 4–7.

[10]

George Chalhoub, Martin J Kraemer, Norbert Nthala, and Ivan Flechais. 2021. “It Did Not Give Me an Option to Decline”: A Longitudinal Analysis of the User Experience of Security and Privacy in Smart Home Products. Association for Computing Machinery, New York, NY, USA. isbn:9781450380966 https://doi.org/10.1145/3411764.3445691

Digital Library

[11]

Jessica Colnago, Yuanyuan Feng, Tharangini Palanivel, Sarah Pearman, Megan Ung, Alessandro Acquisti, Lorrie Faith Cranor, and Norman Sadeh. 2020. Informing the Design of a Personalized Privacy Assistant for the Internet of Things. Association for Computing Machinery, New York, NY, USA. 1–13. isbn:9781450367080 https://doi.org/10.1145/3313831.3376389

Digital Library

[12]

Pardis Emami-Naeini, Yuvraj Agarwal, Lorrie Faith Cranor, and Hanan Hibshi. 2020. Ask the experts: What should be on an IoT privacy and security label? In 2020 IEEE Symposium on Security and Privacy (SP). 447–464.

[13]

Pardis Emami-Naeini, Henry Dixon, Yuvraj Agarwal, and Lorrie Faith Cranor. 2019. Exploring How Privacy and Security Factor into IoT Device Purchase Behavior. In Proceedings of the 2019 CHI Conference on Human Factors in Computing Systems (CHI ’19). Association for Computing Machinery, New York, NY, USA. 1–12. isbn:9781450359702 https://doi.org/10.1145/3290605.3300764

Digital Library

[14]

ENISA. 2017. ENISA Baseline Security Recommendations for IoT. https://www.enisa.europa.eu/publications/baseline-security-recommendations-for-iot

[15]

ENISA. 2019. ENISA IoT Security Standards Gap Analysis. https://www.enisa.europa.eu/publications/iot-security-standards-gap-analysis

[16]

Marcia Ford and William Palmer. 2019. Alexa, are you listening to me? An analysis of Alexa voice service network traffic. Personal and Ubiquitous Computing, 23, 1 (2019), 67–79.

Digital Library

[17]

Thomas Franke, Christiane Attig, and Daniel Wessel. 2019. A personal resource for technology interaction: development and validation of the affinity for technology interaction (ATI) scale. International Journal of Human–Computer Interaction, 35, 6 (2019), 456–467.

[18]

Ester Fritsch, Irina Shklovski, and Rachel Douglas-Jones. 2018. Calling for a Revolution: An Analysis of IoT Manifestos. In Proceedings of the 2018 CHI Conference on Human Factors in Computing Systems (CHI ’18). ACM, New York, NY, USA. Article 302, 13 pages. isbn:978-1-4503-5620-6 https://doi.org/10.1145/3173574.3173876

Digital Library

[19]

Gartner. 2019. Gartner Says 5.8 Billion Enterprise and Automotive IoT Endpoints Will Be in Use in 2020. https://www.gartner.com/en/newsroom/press-releases/2019-08-29-gartner-says-5-8-billion-enterprise-and-automotive-io

[20]

Christine Geeng and Franziska Roesner. 2019. Who’s In Control? Interactions In Multi-User Smart Homes. Association for Computing Machinery, New York, NY, USA. 1–13. isbn:9781450359702 https://doi.org/10.1145/3290605.3300498

Digital Library

[21]

Marco Ghiglieri and Erik Tews. 2014. A privacy protection system for hbbtv in smart tvs. In 2014 IEEE 11th Consumer Communications and Networking Conference (CCNC). 357–362.

[22]

Richard Harper. 2011. The connected home: The future of domestic life. Springer.

[23]

Xin Huang, Paul Craig, Hangyu Lin, and Zheng Yan. 2016. SecIoT: a security framework for the Internet of Things. Security and communication networks, 9, 16 (2016), 3083–3094.

[24]

Vinay Koshy, Joon Sung Sung Park, Ti-Chung Cheng, and Karrie Karahalios. 2021. “We Just Use What They Give Us”: Understanding Passenger User Perspectives in Smart Homes. Association for Computing Machinery, New York, NY, USA. isbn:9781450380966 https://doi.org/10.1145/3411764.3445598

Digital Library

[25]

Hyosun Kwon, Joel E. Fischer, Martin Flintham, and James Colley. 2018. The Connected Shower: Studying Intimate Data in Everyday Life. Proc. ACM Interact. Mob. Wearable Ubiquitous Technol., 2, 4 (2018), Article 176, dec, 22 pages. https://doi.org/10.1145/3287054

Digital Library

[26]

Bettina Laugwitz, Theo Held, and Martin Schrepp. 2008. Construction and evaluation of a user experience questionnaire. In Symposium of the Austrian HCI and usability engineering group. 63–76.

Digital Library

[27]

Roxanne Leitão. 2019. Proceedings of the 2019 on Designing Interactive Systems Conference (DIS ’19). Association for Computing Machinery, New York, NY, USA. 527–539. isbn:9781450358507 https://doi.org/10.1145/3322276.3322366

Digital Library

[28]

Franco Loi, Arunan Sivanathan, Hassan Habibi Gharakheili, Adam Radford, and Vijay Sivaraman. 2017. Systematically Evaluating Security and Privacy for Consumer IoT Devices. In Proceedings of the 2017 Workshop on Internet of Things Security and Privacy (IoTS&P ’17). ACM, New York, NY, USA. 1–6. isbn:978-1-4503-5396-0 https://doi.org/10.1145/3139937.3139938

Digital Library

[29]

Shrirang Mare, Franziska Roesner, and Tadayoshi Kohno. 2020. Smart Devices in Airbnbs: Considering Privacy and Security for both Guests and Hosts. Proceedings on Privacy Enhancing Technologies, 2020, 2 (2020), 436–458. https://doi.org/10.2478/popets-2020-0035

[30]

Karola Marky, Sarah Prange, Florian Krell, Max Mühlhäuser, and Florian Alt. 2020. “You Just Can’t Know about Everything”: Privacy Perceptions of Smart Home Visitors. In 19th International Conference on Mobile and Ubiquitous Multimedia (MUM 2020). Association for Computing Machinery, New York, NY, USA. 83–95. isbn:9781450388702 https://doi.org/10.1145/3428361.3428464

Digital Library

[31]

Karola Marky, Alexandra Voit, Alina Stöver, Kai Kunze, Svenja Schröder, and Max Mühlhäuser. 2020. ”I Don’t Know How to Protect Myself”: Understanding Privacy Perceptions Resulting from the Presence of Bystanders in Smart Environments. In Proceedings of the 11th Nordic Conference on Human-Computer Interaction: Shaping Experiences, Shaping Society (NordiCHI ’20). Association for Computing Machinery, New York, NY, USA. Article 4, 11 pages. isbn:9781450375795 https://doi.org/10.1145/3419249.3420164

Digital Library

[32]

D Harrison Mcknight, Michelle Carter, Jason Bennett Thatcher, and Paul F Clay. 2011. Trust in a specific technology: An investigation of its components and measures. ACM Transactions on Management Information Systems (TMIS), 2, 2 (2011), 12.

Digital Library

[33]

David H. Nguyen, Alfred Kobsa, and Gillian R. Hayes. 2008. An Empirical Investigation of Concerns of Everyday Tracking and Recording Technologies. In Proceedings of the 10th International Conference on Ubiquitous Computing (UbiComp ’08). Association for Computing Machinery, New York, NY, USA. 182–191. isbn:9781605581361 https://doi.org/10.1145/1409635.1409661

Digital Library

[34]

Pascal Oser, Sebastian Feger, Paweł W. Woundefinedniak, Jakob Karolus, Dayana Spagnuelo, Akash Gupta, Stefan Lüders, Albrecht Schmidt, and Frank Kargl. 2020. SAFER: Development and Evaluation of an IoT Device Risk Assessment Framework in a Multinational Organization. Proc. ACM Interact. Mob. Wearable Ubiquitous Technol., 4, 3 (2020), Article 114, Sept., 22 pages. https://doi.org/10.1145/3414173

Digital Library

[35]

Pascal Oser, Frank Kargl, and Stefan Lüders. 2018. Identifying Devices of the Internet of Things Using Machine Learning on Clock Characteristics. In International Conference on Security, Privacy and Anonymity in Computation, Communication and Storage. 417–427.

[36]

Sameer Patil, Roberto Hoyle, Roman Schlegel, Apu Kapadia, and Adam J. Lee. 2015. Interrupt Now or Inform Later? Comparing Immediate and Delayed Privacy Feedback. In Proceedings of the 33rd Annual ACM Conference on Human Factors in Computing Systems (CHI ’15). Association for Computing Machinery, New York, NY, USA. 1415–1418. isbn:9781450331456 https://doi.org/10.1145/2702123.2702165

Digital Library

[37]

Edoardo Pignotti and Peter Edwards. 2013. Trusted Tiny Things: Making the Internet of Things More Transparent to Users. In Proceedings of the International Workshop on Adaptive Security (ASPI ’13). ACM, New York, NY, USA. Article 2, 4 pages. isbn:978-1-4503-2543-1 https://doi.org/10.1145/2523501.2523503

Digital Library

[38]

Daniel Schatz, Rabih Bashroush, and Julie Wall. 2017. Towards a more representative definition of cyber security. Journal of Digital Forensics, Security and Law, 12, 2 (2017), 8.

[39]

Martin Schrepp, Andreas Hinderks, and Jörg Thomaschewski. 2017. Construction of a Benchmark for the User Experience Questionnaire (UEQ). Int. J. Interact. Multim. Artif. Intell., 4, 4 (2017), 40–44.

[40]

Los Angeles Times. 2016. Our privacy is losing out to Internet-connected household devices. https://www.latimes.com/business/la-fi-lazarus-20160115-column.html

[41]

Rick Wash and Emilee Rader. 2015. Too Much Knowledge? Security Beliefs and Protective Behaviors Among United States Internet Users. In Eleventh Symposium On Usable Privacy and Security (SOUPS 2015). USENIX Association, Ottawa. 309–325. isbn:978-1-931971-249 https://www.usenix.org/conference/soups2015/proceedings/presentation/wash

[42]

Maximiliane Windl and Sven Mayer. 2022. The Skewed Privacy Concerns of Bystanders in Smart Environments. Proc. ACM Hum.-Comput. Interact., 6, MHCI (2022), Article 184, sep, 21 pages. https://doi.org/10.1145/3546719

Digital Library

[43]

WIRED. 2019. Don’t Get Your Valentine an Internet-Connected Sex Toy. https://www.wired.com/story/internet-connected-sex-toys-security/

[44]

Yaxing Yao, Justin Reed Basdeo, Oriana Rosata Mcdonough, and Yang Wang. 2019. Privacy Perceptions and Designs of Bystanders in Smart Homes. Proc. ACM Hum.-Comput. Interact., 3, CSCW (2019), Article 59, Nov., 24 pages. https://doi.org/10.1145/3359161

Digital Library

[45]

Eric Zeng and Franziska Roesner. 2019. Understanding and Improving Security and Privacy in Multi-User Smart Homes: A Design Exploration and In-Home User Study. In 28th USENIX Security Symposium (USENIX Security 19). USENIX Association, Santa Clara, CA. 159–176. isbn:978-1-939133-06-9 https://www.usenix.org/conference/usenixsecurity19/presentation/zeng

Cited By

Von Terzi PDiefenbach S(2023)The Attendant Perspective: Present Others in Public Technology InteractionsProceedings of the 2023 CHI Conference on Human Factors in Computing Systems10.1145/3544548.3581231(1-18)Online publication date: 19-Apr-2023
https://dl.acm.org/doi/10.1145/3544548.3581231

Index Terms

SaferHome: Interactive Physical and Digital Smart Home Dashboards for Communicating Privacy Assessments to Owners and Bystanders
1. Human-centered computing
  1. Human computer interaction (HCI)
    1. Empirical studies in HCI
2. Security and privacy
  1. Human and societal aspects of security and privacy
    1. Usability in security and privacy

Recommendations

The Skewed Privacy Concerns of Bystanders in Smart Environments
MHCI

As ubiquitous computing brings sensors and actuators directly into our homes, they introduce privacy concerns for the owners and bystanders. However, privacy concerns may vary among devices and depend on the bystanders' social relation to the owner. In ...
Privacy Perceptions and Designs of Bystanders in Smart Homes

As the Internet of Things (IoT) devices make their ways into people's homes, traditional dwellings are turning into smart homes. While prior empirical studies have examined people's privacy concerns of smart homes and their desired ways of mitigating ...
User Perceptions of Smart Home IoT Privacy

Smart home Internet of Things (IoT) devices are rapidly increasing in popularity, with more households including Internet-connected devices that continuously monitor user activities. In this study, we conduct eleven semi-structured interviews with smart ...

Comments

Information & Contributors

Information

Published In

cover image Proceedings of the ACM on Human-Computer Interaction

Proceedings of the ACM on Human-Computer Interaction Volume 6, Issue ISS

December 2022

746 pages

EISSN:2573-0142

DOI:10.1145/3554337

Editor:
Jeffrey Nichols
Apple, USA

Issue’s Table of Contents

Copyright © 2022 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 14 November 2022

Published in PACMHCI Volume 6, Issue ISS

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

1
Total Citations
View Citations
394
Total Downloads

Downloads (Last 12 months)149
Downloads (Last 6 weeks)6

Reflects downloads up to 03 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

Von Terzi PDiefenbach S(2023)The Attendant Perspective: Present Others in Public Technology InteractionsProceedings of the 2023 CHI Conference on Human Factors in Computing Systems10.1145/3544548.3581231(1-18)Online publication date: 19-Apr-2023
https://dl.acm.org/doi/10.1145/3544548.3581231

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Issue’s Table of Contents