IoT Privacy: Can We Regain Control?

Proceedings of the 3rd ACM Workshop on Information Hiding and Multimedia Security Pub Date : 2015-06-17 DOI:10.1145/2756601.2756623

Richard Chow

{"title":"IoT Privacy: Can We Regain Control?","authors":"Richard Chow","doi":"10.1145/2756601.2756623","DOIUrl":null,"url":null,"abstract":"Privacy is part of the Internet of Things (IoT) discussion because of the increased potential for sensitive data collection. In the vision for IoT, sensors penetrate ubiquitously into our physical lives and are funneled into big data systems for analysis. IoT data allows new benefits to end users - but also allows new inferences that erode privacy. The usual privacy mechanisms employed by users no longer work in the context of IoT. Users can no longer turn off a service (e.g., GPS), nor can they even turn off a device and expect to be safe from tracking. IoT means the monitoring and data collection is continuing even in the physical world. On a computer, we have at least a semblance of control and can in principle determine what applications are running and what data they are collecting. For example, on a traditional computer, we do have malware defenses - even if imperfect. Such defenses are strikingly absent for IoT, and it is unclear how traditional defenses can be applied to IoT. The issue of control is the main privacy problem in the context of IoT. Users generally don't know about all the sensors in the environment (with the potential exception of sensors in the user's own home). Present-day examples are WiFi MAC trackers and Google Glass, of course, but systems in the future will become even less discernible. In one sense, this is a security problem - detecting malicious devices or \"environmental malware.\" But it is also a privacy problem - many sensor devices in fact want to be transparent to users (for instance, by adopting a traditional notice-and-consent model), but are blocked by the lack of a natural communication channel to the user. Even assuming communication mechanisms, we have complex usability problems. For instance, we need to understand what sensors a person might be worried about and in what contexts. Audio capture at home is different from audio capture in a lecture hall. What processing is done on the sensor data may also be important. A camera capturing video for purposes of gesture recognition may be less worrisome than for purposes of facial recognition (and, of course, the user needs assurance on the proclaimed processing). Finally, given the large number of \"things\", the problem of notice fatigue must be dealt with, or notifications will become no more useful than browser security warnings. In this talk, we discuss all these problems in detail, together with potential solutions.","PeriodicalId":153680,"journal":{"name":"Proceedings of the 3rd ACM Workshop on Information Hiding and Multimedia Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-06-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 3rd ACM Workshop on Information Hiding and Multimedia Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2756601.2756623","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 3

Abstract

Privacy is part of the Internet of Things (IoT) discussion because of the increased potential for sensitive data collection. In the vision for IoT, sensors penetrate ubiquitously into our physical lives and are funneled into big data systems for analysis. IoT data allows new benefits to end users - but also allows new inferences that erode privacy. The usual privacy mechanisms employed by users no longer work in the context of IoT. Users can no longer turn off a service (e.g., GPS), nor can they even turn off a device and expect to be safe from tracking. IoT means the monitoring and data collection is continuing even in the physical world. On a computer, we have at least a semblance of control and can in principle determine what applications are running and what data they are collecting. For example, on a traditional computer, we do have malware defenses - even if imperfect. Such defenses are strikingly absent for IoT, and it is unclear how traditional defenses can be applied to IoT. The issue of control is the main privacy problem in the context of IoT. Users generally don't know about all the sensors in the environment (with the potential exception of sensors in the user's own home). Present-day examples are WiFi MAC trackers and Google Glass, of course, but systems in the future will become even less discernible. In one sense, this is a security problem - detecting malicious devices or "environmental malware." But it is also a privacy problem - many sensor devices in fact want to be transparent to users (for instance, by adopting a traditional notice-and-consent model), but are blocked by the lack of a natural communication channel to the user. Even assuming communication mechanisms, we have complex usability problems. For instance, we need to understand what sensors a person might be worried about and in what contexts. Audio capture at home is different from audio capture in a lecture hall. What processing is done on the sensor data may also be important. A camera capturing video for purposes of gesture recognition may be less worrisome than for purposes of facial recognition (and, of course, the user needs assurance on the proclaimed processing). Finally, given the large number of "things", the problem of notice fatigue must be dealt with, or notifications will become no more useful than browser security warnings. In this talk, we discuss all these problems in detail, together with potential solutions.

查看原文本刊更多论文

物联网隐私:我们能重新获得控制权吗?

由于敏感数据收集的可能性增加，隐私成为物联网(IoT)讨论的一部分。在物联网的愿景中，传感器无处不在地渗透到我们的物理生活中，并汇集到大数据系统中进行分析。物联网数据为最终用户带来了新的好处，但也带来了新的推断，损害了隐私。用户通常使用的隐私机制在物联网环境中不再起作用。用户再也不能关闭一项服务(例如GPS)，他们甚至不能关闭一个设备，并期望安全不被跟踪。物联网意味着即使在物理世界中，监控和数据收集也在继续。在计算机上，我们至少有一个表面上的控制，并且原则上可以确定哪些应用程序正在运行以及它们正在收集哪些数据。例如，在传统计算机上，我们确实有恶意软件防御——即使不完美。对于物联网来说，这种防御措施明显不存在，而且目前还不清楚传统的防御措施如何应用于物联网。控制问题是物联网环境下的主要隐私问题。用户通常不知道环境中的所有传感器(除了用户自己家中的传感器)。现在的例子当然是WiFi MAC追踪器和谷歌Glass，但未来的系统将变得更加难以识别。从某种意义上说，这是一个安全问题——检测恶意设备或“环境恶意软件”。但这也是一个隐私问题——许多传感器设备实际上希望对用户透明(例如，通过采用传统的通知和同意模式)，但由于缺乏与用户的自然通信渠道而受阻。即使假设通信机制，我们也有复杂的可用性问题。例如，我们需要了解一个人可能担心的传感器是什么，以及在什么情况下。家里的音频采集不同于演讲厅的音频采集。如何处理传感器数据也很重要。为了手势识别目的而拍摄视频的摄像头可能比为了面部识别目的而拍摄视频的摄像头更令人担忧(当然，用户需要确保所宣布的处理)。最后，考虑到大量的“事物”，必须处理通知疲劳的问题，否则通知将变得和浏览器安全警告一样无用。在这次演讲中，我们将详细讨论所有这些问题，以及可能的解决方案。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings of the 3rd ACM Workshop on Information Hiding and Multimedia Security

自引率

0.00%

发文量