12. privacy
the right to know what data is being collected
about you and why.
protect your confidentiality and privacy
explicit permission granted if a third party
receives requests to de-anonymize your data
set.
15. publishing
You should be granted license to data that is
created, collected or otherwise generated
about you.
If that’s from public space, you should have a
role in decision-making and governance.
19. publishing
You should have the right to remain
anonymous, or the ability to license data on an
anonymous basis and/or at a different
granularity/resolution.
Gestures chanes thought by grounding it in action, goldin-meadow
Let’s start with an example: a Wi-Fi-enabled scale. You would weigh yourself with it and it posts your weight to a Twitter feed of your choice (private or public). We’re assuming there’s a Wi-Fi chip, a pressure sensor, maybe other sensors included in the scale for future use. There’s also software and firmware updates. There’s a cloud service where the data is stored. There’s an app that helps you keep track, maybe that app has an API so you can get recommendations about dieting.
So in service design terms, the scale and resulting services have lots of potential “touch points.” But what happens when insurance companies start to follow the hashtag on Twitter and send you messages hoping you’ll sign up to their health insurance if your thin. Or conversely remind you that you are too fat for their current policy?
What if the Wi-Fi packets can be sniffed so someone can ascertain if you weigh too little to be dangerous against a really bulky robber? What if brands start to sell you healthy salads, shakes, and more based on your trend of weight loss on your tweets? Say a hacker sniffs the data packets sent by your scale and it turns out there are more sensors which produce data that aren’t used currently (like a tiny speaker/mic) and those sensors can tell when you’re around your home.
What if there’s a database issue and you get shown data online that doesn’t add up to what your product tells you. Who do you believe? Even though some of these scenarios are a little extreme, it paints a useful picture for a conversation about what can be done about data rights and who should do it. There are some ideas:
None of this exists right now, if I buy the scale, it’s pretty opaque why data is being gathered apart from whatever mobile experience I may have. I don’t know what other sensors are there, pushing out data, but I should know..
For me this goes back to the Fitbit sex scandal where, when given the opportunity, users were very happy tagging their physical activity with a little too much information.
Fitbit (see disclosure) had assumed that transparency about one’s own data would make people responsible for it. No such luck, so they had to impose a “private by default” setting overnight. Knowing and understanding the landscape around the privacy and security issues we will encounter in the world of connected devices means that we have to rethink our policies around the data and the objects. Only then can we design interactions that make sense and tools people can use.
This means we might end up with short URLs printed at the bottom of every connected object that points to the data being gathered by that particular object. A Data Collection Act. Something akin to the provenance and recycling signs on most plastic goods. This is also data someone might be able to “claim” the way someone can claim a Twitter account if they are the owner
This is very much part of the conversation about the value of data. Like selling your home-generated energy back to the grid. If my scale is helping a company understand weight fluctuations across the year and inform the sizes that should be stocked in stores, it should be both transparent but also possibly remunerative to the original producer of the data.
These points are also about engaging in a conversation about the public/private nature of data. If I take my weight data to the gym, can the gym use it for its own analytics about how much progress people make at this gym? If my city scale can weigh me and connect to the same data, can it send me Foursquare recommendations via Twitter because it knows which restaurants have more salads around me now that it knows where I am?