Enhancing data transparency and privacy control in smart home and genetic testing

Qian, Jingyu

Permalink

https://hdl.handle.net/2142/125688 Copy

Description

Title

Enhancing data transparency and privacy control in smart home and genetic testing

Author(s)

Qian, Jingyu

Issue Date

2024-07-03

Director of Research (if dissertation) or Advisor (if thesis)

Gunter, Carl A.

Doctoral Committee Chair(s)

Gunter, Carl A.

Committee Member(s)

• Bates, Adam
• Cobb, Camille
• Ayday, Erman

Department of Study

Siebel Computing &DataScience

Discipline

Computer Science

Degree Granting Institution

University of Illinois at Urbana-Champaign

Degree Name

Ph.D.

Degree Level

Dissertation

Keyword(s)

• Smart home privacy
• Genomic security and privacy

Abstract

As people are exposed to more digital products and services in this big data age, the risks of privacy breaches are increasing. Data transparency aims at providing users with meaningful information about data access and sensitive data usage by a system or service for better decision-making. As its importance to the traditional computing domains (e.g., web browsers, online services, and smartphones) has been discovered by previous research, we argue that data transparency is also becoming increasingly critical for users to build trust in more emerging technologies, including smart home and genetic testing. Compared to traditional computing domains, smart home and genetic testing have unique challenges to enhance data transparency. Firstly, the sensitivity of the data is particularly illustrative in smart home and genetic testing domains as the scope of data collection covers not only the data subject. Smart home devices in a multi-user environment can collect the bystander's data together with the primary device owner's data. Genetic testing data leakage can impact not only the data subject but also their relatives. Secondly, it is not trivial for average users to be aware of privacy risks in the first place. Sensors can be embedded into daily smart home appliances, whose data collection behavior is hard to notice, especially for non-device owners. For genetic testing, laypersons without the knowledge of the sensitivity of the requested data and the benefits and risks of the test may not make proper data-sharing decisions and cannot apply corresponding privacy control effectively. For example, our user study on people's attitudes toward conventional genetic testing indicates that they demand more data transparency to apply meaningful privacy control, including the ability to decide how to manage and share their genetic data for their own benefit. In this thesis, we argue that user privacy in emerging privacy-critical computing domains, like smart home and genetic testing, should be considered by careful system designs with the mechanisms to enhance data transparency and provide meaningful and scalable privacy control, which the thesis shows a collection of techniques to make it practical. The thesis introduces the transparency demands in the traditional computing domains and the emerging privacy-critical computing domains (i.e., smart home and genetic testing), identifies the role of data transparency under the bigger scope of transparency, and illustrates the challenges of enhancing data transparency and privacy control in these domains. Then, we present our research around the topic of enhancing data transparency and privacy control, focusing on the domains of smart home and genetic testing. For smart home, we present our research on how to utilize wireless tagging to enhance data awareness of non-device owners or bystanders in a multi-user smart home environment. We also show our research and preliminary findings on the latest unified Internet of Things (i.e., IoT) protocol for smart home (i.e., Matter) and propose a system design for secure Matter device ownership transfer by providing automatic notifications and human-guided privacy protection operations (e.g., sensitive data removal by user instructions). The two research illustrate the practical design of raising awareness of sensitive data exposure and involving users in managing their personal information maintained in smart home devices. For genetic testing, we present our research on building a new genetic testing framework (i.e., genetic home testing) that prioritizes data transparency throughout the life cycle of a genetic test and provides users with scalable privacy controls over their data. The framework allows people to easily access their own genetic data and control data sharing in a scalable and meaningful manner to the desired entity. Built on this, we present our user study with semi-structured interviews to explore user understanding of the genetic home testing concept and the usability of a prototype system that we built for genetic home testing. From the study, we find that the participants understand the typical workflow of genetic home testing and can recognize its difference from conventional genetic testing. We also discover how they appreciate different privacy features in genetic home testing and what factors can affect their adoption of this new genetic testing framework. For example, the participants mentioned that they preferred that the analysis app reveals detailed information on the data to be used but cared about the app's creator, which can affect their trust in the app. Overall, our research illustrates practical system designs to enhance data transparency and privacy control in smart home and genetic testing. The thesis concludes with a discussion of future work, focusing on the remaining challenges and lessons we have learned from building such systems.

Graduation Semester

2024-08

Type of Resource

Thesis

Handle URL

https://hdl.handle.net/2142/125688

Copyright and License Information

Copyright 2024 Jingyu Qian

Owning Collections