Ask the Experts: What Should Be on an IoT Privacy and Security Label?

by   Pardis Emami-Naeini, et al.

Information about the privacy and security of Internet of Things (IoT) devices is not readily available to consumers who want to consider it before making purchase decisions. While legislators have proposed adding succinct, consumer accessible, labels, they do not provide guidance on the content of these labels. In this paper, we report on the results of a series of interviews and surveys with privacy and security experts, as well as consumers, where we explore and test the design space of the content to include on an IoT privacy and security label. We conduct an expert elicitation study by following a three-round Delphi process with 22 privacy and security experts to identify the factors that experts believed are important for consumers when comparing the privacy and security of IoT devices to inform their purchase decisions. Based on how critical experts believed each factor is in conveying risk to consumers, we distributed these factors across two layers—a primary layer to display on the product package itself or prominently on a website, and a secondary layer available online through a web link or a QR code. We report on the experts' rationale and arguments used to support their choice of factors. Moreover, to study how consumers would perceive the privacy and security information specified by experts, we conducted a series of semi-structured interviews with 15 participants, who had purchased at least one IoT device (smart home device or wearable). Based on the results of our expert elicitation and consumer studies, we propose a prototype privacy and security label to help consumers make more informed IoT-related purchase decisions.



There are no comments yet.


page 3

page 4

page 6

page 7

page 8

page 9

page 14

page 15


Security Update Labels: Establishing Economic Incentives for Security Patching of IoT Consumer Products

With the expansion of the Internet of Things (IoT), the number of securi...

Rapid IoT Device Identification at the Edge

Consumer Internet of Things (IoT) devices are increasingly common in eve...

Discovering Smart Home Internet of Things Privacy Norms Using Contextual Integrity

The proliferation of Internet of Things (IoT) devices for consumer "smar...

An Analysis of Home IoT Network Traffic and Behaviour

Internet-connected devices are increasingly present in our homes, and pr...

Towards Automatic Identification and Blocking of Non-Critical IoT Traffic Destinations

The consumer Internet of Things (IoT) space has experienced a significan...

Safety, Security, and Privacy Threats Posed by Accelerating Trends in the Internet of Things

The Internet of Things (IoT) is already transforming industries, cities,...

Portable Tor Router: Easily Enabling Web Privacy for Consumers

On-line privacy is of major public concern. Unfortunately, for the avera...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.