The advent of the smartphone has heralded in an era of unprecedented access to rich user data. This has allowed third-party applications to innovate by supporting new interaction modalities, better integrating with users’ lifestyles, and making relevant information more accessible. At the same time, the abundance of personal data presents very real privacy risks. In this talk, I discuss previous and ongoing research to help users make more informed choices about how their personal data is accessed. I present previous work on smartphone platforms that has provided insights into users’ behaviors and preferences, as well as how to design systems that empower users to make better privacy decisions. Because wearable and continuous sensing devices are becoming more prevalent, I show how we are applying this work to ubiquitous computing environments.About the Experts
Serge Egelman is a senior researcher in the International Computer Science Institute (ICSI) and also holds an appointment in the Department of Electrical Engineering and Computer Sciences (EECS) at the University of California, Berkeley. He is director of the Berkeley Laboratory for Usable and Experimental Security (BLUES). Serge’s research focuses on the intersection of privacy, computer security, and human behavior, with the specific aim of better understanding how people make decisions surrounding their privacy and security, and then creating data-driven improvements to systems and interfaces. This has included human subjects research on social networking privacy, access controls, authentication mechanisms, web browser security warnings, and privacy-enhancing technologies. His work has received multiple best paper awards, including the 2012 Symposium on Usable Privacy and Security (SOUPS) Distinguished Paper Award for his work on smartphone application permissions, and the 2012 Information Systems Research Best Published Paper Award for his work on consumers’ willingness to pay for online privacy. Based on this expertise, he routinely is asked to consult as an expert witness on matters relating to consumer privacy and online security. He received his PhD from Carnegie Mellon University and prior to that was an undergraduate at the University of Virginia. He has also performed research at NIST, Brown University, Microsoft Research, and Xerox PARC.