DeepAI AI Chat
Log In Sign Up

Ask the Experts: What Should Be on an IoT Privacy and Security Label?

02/11/2020
by   Pardis Emami-Naeini, et al.
0

Information about the privacy and security of Internet of Things (IoT) devices is not readily available to consumers who want to consider it before making purchase decisions. While legislators have proposed adding succinct, consumer accessible, labels, they do not provide guidance on the content of these labels. In this paper, we report on the results of a series of interviews and surveys with privacy and security experts, as well as consumers, where we explore and test the design space of the content to include on an IoT privacy and security label. We conduct an expert elicitation study by following a three-round Delphi process with 22 privacy and security experts to identify the factors that experts believed are important for consumers when comparing the privacy and security of IoT devices to inform their purchase decisions. Based on how critical experts believed each factor is in conveying risk to consumers, we distributed these factors across two layers—a primary layer to display on the product package itself or prominently on a website, and a secondary layer available online through a web link or a QR code. We report on the experts' rationale and arguments used to support their choice of factors. Moreover, to study how consumers would perceive the privacy and security information specified by experts, we conducted a series of semi-structured interviews with 15 participants, who had purchased at least one IoT device (smart home device or wearable). Based on the results of our expert elicitation and consumer studies, we propose a prototype privacy and security label to help consumers make more informed IoT-related purchase decisions.

READ FULL TEXT

page 3

page 4

page 6

page 7

page 8

page 9

page 14

page 15

04/16/2022

A User Study to Evaluate a Web-based Prototype for Smart Home Internet of Things Device Management

With the growing advances in the Internet of Things (IoT) technology, Io...
06/26/2019

Security Update Labels: Establishing Economic Incentives for Security Patching of IoT Consumer Products

With the expansion of the Internet of Things (IoT), the number of securi...
10/06/2022

PrivacyCube: A Tangible Device for Improving Privacy Awareness in IoT

Consumers increasingly bring IoT devices into their living spaces withou...
05/15/2018

Discovering Smart Home Internet of Things Privacy Norms Using Contextual Integrity

The proliferation of Internet of Things (IoT) devices for consumer "smar...
03/16/2020

Towards Automatic Identification and Blocking of Non-Critical IoT Traffic Destinations

The consumer Internet of Things (IoT) space has experienced a significan...
03/16/2022

One Bad Apple Can Spoil Your IPv6 Privacy

IPv6 is being more and more adopted, in part to facilitate the millions ...
03/31/2020

Merkle-CRDTs: Merkle-DAGs meet CRDTs

We study Merkle-DAGs as a transport and persistence layer for Conflict-F...