Wednesday, January 12, 2011

Context-Awareness, Data Collection and Privacy

One huge issue in ubiquitous computing is privacy. Envisioned ubicomp applications are context-aware, i.e. they infer what the use context is from collected data. Smarteverythings know what you are doing and can offer services just when you need them. This is all cool but has some serious potential problems. Namely, how do these smart things know the context? They collect data. A lot of web applications are already doing this, as are loyalty systems in grocery store chains. It's actually quite frightening how much people are willing to share.

There are two issues with data collection: misuse and theft. Misuse encompasses cases where data is used for purposes it was not given for. Theft encompasses cases where data is stolen by a third party. Legal agreements and software security are the means deployed against these issues. Guidelines exist for ethic use of data. However, the consequences of agreed upon use of data can also be highly unpredictable. These definitely do not get advertised.

The point is that ubicomp will require us to give up more and more data so that context-aware applications can make our lives better. I will now proceed to argue against heavy data collection for a bit and provide my ideas of how to achieve context-awareness without massive amounts of sensor (etc.) data.

The focus of interactive spaces has been outlined in this blog before, but I'll summarize it briefly so you can all make guesses of where this argument is going. In our work, we seek to create environments that advertise services to users but ultimate selection and use of services is left to their own judgement. We emphasize intelligent user interaction in lieu of system intelligence. While I do believe some applications need to infer context from data using artificial intelligence, I feel it necessary to point out that more often than not it should be quite enough to simply make it known that a service is available. The user is in charge - our job is to make decision making and interaction effortless.

My view is that a lot of context-awareness problems could be also solved by using highly modular applications. Like in the word processor example earlier the user's actions indicate the context. If the user launches a particular application component, this action alone can tell the system a lot without knowing anything about the user. Take one example, mobile applications launched by touching RFID tags in an interactive space. Without identifying the user in any way, a lot can be said of their location and intention nevertheless simply by the fact that they touched the tag.

This does not necessarily lead to simple applications. With a proper framework, switching between different application components (in this example, touching another tag) should be made effortless. To achieve this, one important aspect is ensuring compatibility between applications. Simple example: I can pick up a magazine from an RFID tag to my mobile phone. When I'm taking a coffee break, I can touch a tag on the table to send the magazine into the table's built-in display for reading (also capable of displaying the book I'm currently reading). The applications are simple, but the system can easily expand. Most importantly, at no point is there any need to identify me as the user, or submit any data about me into the system. Unless my phone is stolen, no one knows what magazines I read.

Of course my example is quite ideal. Free magazine, so no payment issues (which are always more complicated). In many applications there will be need to identify users. But the point is to always consider if using data could be avoided by intelligent system design. My other, ongoing, point is that automatic does not equal better. Certainly the coffee table in my example could have recognized me as the sitter and immediately present magazines based on my preferences. Personally I consider this kind of creepy.

Technology should provide us with options. We should be able to use those options as anonymously as possible. Just Sayin'

No comments:

Post a Comment