Tangible Privacy

Abstract

Sensor-enabled computers in the form of 'IoT' devices such as home security cameras and voice assistants are increasingly becoming pervasive in our environment. With the embedded cameras and microphones in these devices, this 'invasion' of our everyday spaces can pose significant threats to the privacy of bystanders. Because of their complex functionality, even when people attempt privacy measures (such as asking the owner to "turn the camera off"), these devices may still record information because of the lack of a 'real' off button. With the ambiguities of current designs, a bystander's perceived privacy can diverge from their actual privacy. Indeed, being able to assess one's actual privacy is a key aspect in managing one's privacy according to Altman's theory of boundary regulation, and current designs fall short in assuring people of their privacy. To understand how people as bystanders manage their privacy with IoT devices, we conducted an interview study about people's perceptions of and behaviors around current IoT devices. We find that although participants' behaviors line up with Altman's theory of boundary regulation, in the face of uncertainty about their privacy, they desire or engage in various 'tangible' workarounds. Based on our findings, we identify and introduce the concept of 'tangible privacy' as being essential to boundary regulation with IoT devices. We argue that IoT devices should be designed in a way that clearly and unambiguously conveys sensor states to people around them and make actionable design recommendations to provide strong privacy assurances to bystanders.