tools and policy that empower sensing participants to control their own data

Mobile sensing presents significant challenges to privacy and ethics. Never before has sensing been so close to individuals, and so intermixed in their daily lives. Participatory privacy regulation (PPR) is a developing approach to system design that incorporates both group and individual decision-making about disclosure boundaries, in order to negotiate an acceptable commitment between participants and urban sensing technologies.

PPR recognizes that privacy acquires specific, variable, and highly individual meaning in specific circumstances and settings. To respect individual and community privacy requirements and preferences, urban sensing systems should enable people to negotiate social sharing and discretion much as they do in non-instrumented settings. By making decisions throughout the sensing process, users can understand a sensing system’s information flow, weigh the costs and benefits of sharing information, and make informed, context-specific decisions to disclose or withhold data.

PPR relies on both policy and technology to enable users to negotiate sharing and discretion. Participants and organizers can decide on policies such as what data will be collected or how long it will be retained by using tools such as the Campaign Framework, which helps organizers set policy and enables potential participants to select campaigns that meet their interests and needs. PPR also influences CENS’ technology design process. We are developing a range of participatory privacy tools, including: new techniques to allow participants to mask location data; local processing on phones to avoid upload of sensitive information; and unique interfaces that encourage selective sharing.