Alternative Approaches to Privacy for IoT from Socio-Technical Perspective
Research Through Design | Pilot Study | Carnegie Mellon School of Design
Introduction
Privacy is not a new concept born in the digital era, but one that is exacerbated by it. The inherent tradeoff between the value proposition of using data and the privacy of the individuals whose data is collected, processed, and disseminated, is often tipped in favor of extensive amounts of data collection. While there have been disjointed efforts at different scales ranging from policy and regulation, to organizational strategy to empowering individuals with digital tools (products or services) for circumventing privacy risks, these have proven to be insufficient. For example, the current regulatory landscape in the United States follows the Fair Information Practice Principles from 1973 which mandates two key things: users must be given a ‘meaningful Notice’ of data collection, use and sharing practices of the organization; and that the users have a means to ‘Consent’ to these. It states “In the Internet context, notice can be accomplished easily by the posting of an information practice disclosure describing an entity’s information practices on a company’s site on the Web” (Federal Trade Commission). This is certainly not enough as it does not give any real agency to the users who just…
