Date of Award
Doctor of Philosophy (PhD)
Human Centered Computing
Dr. Kelly Caine
Dr. Julian Brinkley
Dr. Bart Knijnenberg
Dr. Eileen Kraemer
Dr. Jacob Sorber
Wearable technologies provide users with actionable insights regarding personal health information because of their ability to capture and analyze data continuously and in-the-moment through their rich set of sensors. While these technologies offer the advantages of conveniently capturing personal health data and behaviors outside of a clinical setting, they pose significant privacy challenges. Wearables continuously collect and store sensitive personal information about the wearer. In some instances, personal information amassed by a wearable may be shared without user awareness. In addition to the privacy-invasive risks posed by wearable technologies, executing usable privacy control directly on wearables poses an even greater challenge due to lack of input space and constrained interaction. Most privacy controls options for wearables are separate from the device itself, which prevents the user from having integrated and in-the-moment control over the data they are producing.
In light of the privacy risks and challenges for usable privacy-enhanced design for wearables, this dissertation uses a human-centered approach to advance the design space for usable and effective privacy control mechanisms. In particular, this research focuses on understanding how to develop privacy control mechanisms that provide adopters and potential adopters of wearables with integrated, in-the-moment control over personal information collected by wearables. This is accomplished through four user studies.
In the first study, I investigate the preferences of adopters and potential adopters of wearable health technologies as they relate to privacy and sharing of extra-clinical health information generated from a wearable. This study also examines whether individual preferences vary based on the recipient, type, and valence (e.g., positive or negative rating) of health information. I found that the recipient and valence of data predicted privacy and sharing preferences for extra-clinical datagenerated by wearables. Participants were more willing to share extra-clinical data with healthcare providers, family, and friends compared to their employer or broader social network. Participants were also less willing to share negatively valenced data.
Applying the knowledge that users have granular preferences for sharing data from wearables, the second study evaluates the impact of the location of privacy control and decision timing for privacy control on wearables. I designed four privacy interfaces that provide different combinations of location (e.g., integrated versus decoupled) and decision timing (e.g., in-the-moment/synchronousversus a priori/asynchronous) of privacy control. To evaluate the interfaces, I conducted a 2x2 between-subjects experiment where different groups of participants interacted with each interface and assessed the ease of use, perceived privacy control, and perceived oversharing threat for the assigned interface. The results show that only the location of control significantly influences the overall ease of use of the privacy interface. In further exploratory analyses, I find that intentions to adopt a settings interface are influenced by the timing of when privacy decisions can be executed, if it is easy to manage those decisions, and if the privacy settings interface reduces the threat of oversharing personal information.
Adding more detail to understanding user preferences for privacy controls for wearables, the third study is an interaction elicitation study that identifies a set of device-independent interactions that allow integrated and in-the-moment privacy control over data from a wearable. I found differences in the types of interactions people produced for situations requiring more versus less subtlety. In this study, I also establish a taxonomy that organizes interactions based on interaction mapping and physical characteristics of the interaction.
In the final study, I extend the findings of the interaction-elicitation study by further exploring the identified interactions in terms of their noticeability. This is done to determine a set of additional interactions wearers could adopt when they need to provide input to their device privately without being noticed. The results from this study produce a set of interactions(e.g., teeth click, single head nod) that are subtle enough to be used with any existing or emerging invisible wearable device.
The overall findings of this dissertation offer privacy researchers and designers of wearable technologies insight into the future development of wearables. The findings of this dissertation also present hardware and software considerations to designers as they design interfaces that provide a usable and effective means for adopters and potential adopters to maintain their privacy over data produced by wearables.
Lowens, Byron M., "Interaction Techniques for In-the-Moment Privacy Control Over Data Generated by Wearable Technologies" (2021). All Dissertations. 2894.