An update on privacy in ubiquitous computing

Abstract

One of the editors of this special issue recently conducted an analysis of all major applications presented in the IEEE Pervasive Computing Magazine from 2003 to 2005. More than two-thirds of them had people as their main object of observation (rather than, say, ducks, bridges, or glaciers). In 90% of these human-focused applications, the observing person was not necessarily identical with the observed. Only about half of these applications allowed the people observed to even get feedback about (or insights into) their own behavior. In all other cases, third parties or machines were observing them without notice. These numbers illustrate why Ubicomp scholars regularly echo privacy as a key challenge for the adoption and ethical acceptability of smart environments. The unprecedented collection coverage, the invisibility of the collection process, the amount of data collected, and the envisioned system interconnectivity should motivate the community to consider ‘built-in’ privacy to a much larger extent than this may have been the case in earlier computing eras. It is for this reason that Personal and Ubiquitous Computing pays attention to the subject of privacy at regular intervals. The last special issue on privacy was published in May 2005 (Vol. 9, No. 3). The goal of this issue is to update the community with respect to the latest findings and developments surrounding privacy in Ubiquitous Computing. Unlike a normal call for papers, this special issue builds on the results of the 5th International Workshop on Ubicomp Privacy at the 9th International Conference on Ubiquitous Computing (UbiComp 2007) in Innsbruck in September 2007. The workshop brought together a diversity of research angles, grouped around five distinct themes: location privacy, RFID and sensor related privacy issues, consumer acceptance of RFID, and legal aspects of smart environments. This special issue presents the five original articles from the invited experts at the workshop (including ourselves). The first article by John Krumm offers a comprehensive but concise overview of location privacy: What is location privacy and how do people relate to it? How can location privacy be undermined? And what technical proposals exist to ensure ‘computational location privacy’? Krumm cites studies that show how people are generally not concerned about location privacy, and demonstrates how researchers have been able to link anonymized and obfuscated location tracks to the correct identity. While proposals exist to improve existing anonymization and obfuscation mechanisms, the article notes the still open issue of measuring the level of protection any such algorithms can offer. Norman Sadeh and his colleagues then illustrate the intricate usability issues inherent in providing location privacy in smart environments. An actual location tracking application developed and trialed at Carnegie Mellon University (Pittsburgh, USA) was used as an example. The application, called PeopleFinder, allows users to share their current location with friends and colleagues, based on a set of location disclosure rules, e.g., ‘‘Jennifer can see my location with high accuracy only on weekdays.’’ The authors were particularly concerned with the usability S. Spiekermann (&) Institute of Information Systems, Humboldt University Berlin, Berlin, Germany e-mail: sspiek@wiwi.hu-berlin.de