Skip to main content
SpringerLink
Log in

A recommendation approach for user privacy preferences in the fitness domain

  • Published:
User Modeling and User-Adapted Interaction Aims and scope Submit manuscript

Abstract

Fitness trackers are undoubtedly gaining in popularity. As fitness-related data are persistently captured, stored, and processed by these devices, the need to ensure users’ privacy is becoming increasingly urgent. In this paper, we apply a data-driven approach to the development of privacy-setting recommendations for fitness devices. We first present a fitness data privacy model that we defined to represent users’ privacy preferences in a way that is unambiguous, compliant with the European Union’s General Data Protection Regulation (GDPR), and able to represent both the user and the third party preferences. Our crowdsourced dataset is collected using current scenarios in the fitness domain and used to identify privacy profiles by applying machine learning techniques. We then examine different personal tracking data and user traits which can potentially drive the recommendation of privacy profiles to the users. Finally, a set of privacy-setting recommendation strategies with different guidance styles are designed based on the resulting profiles. Interestingly, our results show several semantic relationships among users’ traits, characteristics, and attitudes that are useful in providing privacy recommendations. Even though several works exist on privacy preference modeling, this paper makes a contribution in modeling privacy preferences for data sharing and processing in the IoT and fitness domain, with specific attention to GDPR compliance. Moreover, the identification of well-identified clusters of preferences and predictors of such clusters is a relevant contribution for user profiling and for the design of interactive recommendation strategies that aim to balance users’ control over their privacy permissions and the simplicity of setting these permissions.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14

Similar content being viewed by others

Notes

  1. https://support.google.com/googleplay/answer/6014972?co=GENIE.Platform%3DAndroid&hl=en.

  2. https://developer.android.com/about/dashboards/index.html.

  3. https://developer.apple.com/library/content/releasenotes/General/WhatsNewIniOS/Articles/iOS6.html#//apple_ref/doc/uid/TP40011812-SW1.

  4. https://itunes.apple.com/us/app/data-privacy-manager-pro-security-suit-to-lock-my-private/id625761168?mt=8

  5. Platform for Privacy Preferences https://www.w3.org/P3P/.

  6. http://www.pewinternet.org/2015/11/10/apps-permissions-in-the-google-play-store/.

  7. https://blog.globalwebindex.com/chart-of-the-day/digital-consumers-own-3-64-connected-devices/.

  8. http://pdm-aids.dibris.unige.it/PPIoT.

  9. http://vocab.deri.ie/ppo.

  10. https://www.w3.org/ns/ssn/.

  11. The distinction among such subjects in the GDPR, which clarifies the legal obligations of the TP, is not relevant to the aim of a user-side privacy manager.

  12. https://dev.fitbit.com/build/reference/web-api/oauth2/.

  13. https://community.fitbit.com/t5/Flex-2/How-do-I-revoke-access/td-p/2701359.

  14. We restricted our study to Fitbit users rather than users of any fitness trackers to make sure that our sample had a more homogeneous existing experience with fitness permission setting interfaces.

  15. The prototype can be used at http://pdm-aids.dibris.unige.it/simulation.php.

  16. http://pdm-aids.dibris.unige.it/questionnaire.php.

  17. https://www.cs.waikato.ac.nz/ml/weka/.

  18. We obtain similar results using other clustering algorithms, such as hierarchical clustering.

  19. The generally accepted thresholds for odds ratios are 1.68 for a small effect size, 3.47 for a medium effect size, and 6.71 for a large effect size.

  20. The UI design can be found in http://pdm-aids.dibris.unige.it/interface/.

  21. https://github.com/OdnanOriginal/PDM

References

  • Abhigna, B., Soni, N., Dixit, S.: Crowdsourcing—a step towards advanced machine learning. Proc. Comput. Sci. 132, 632–642 (2018)

    Google Scholar 

  • Acquisti, A., Brandimarte, L., Loewenstein, G.: Privacy and human behavior in the age of information. Science 347(6221), 509–514 (2015)

    Google Scholar 

  • Agarwal, Y., Hall, M.: Protectmyprivacy: detecting and mitigating privacy leaks on IOS devices using crowdsourcing. In: Proceeding of the 11th Annual International Conference on Mobile Systems, Applications, and Services, pp. 97–110. ACM (2013)

  • Almuhimedi, H., Schaub, F., Sadeh, N., Adjerid, I., Acquisti, A., Gluck, J., Cranor, L.F., Agarwal, Y.: Your location has been shared 5398 times!: A field study on mobile app privacy nudging. In: Proceedings of the 33rd Annual ACM Conference on Human Factors in Computing Systems, pp. 787–796. ACM (2015)

  • Assad, M., Carmichael, D., Kay, J., Kummerfeld, B.: Giving users control over location privacy. In: Workshop on Ubicomp Privacy (2007)

  • Bahirat, P., He, Y., Menon, A., Knijnenburg, B.: A data-driven approach to developing iot privacy-setting interfaces. In: 23rd International Conference on Intelligent User Interfaces, pp. 165–176. ACM (2018)

  • Bellotti, V., Sellen, A.: Design for privacy in ubiquitous computing environments. In: Proceedings of the Third European Conference on Computer-Supported Cooperative Work, 13–17 September 1993, Milan, Italy ECSCW’93, pp. 77–92. Springer (1993)

  • Beresford, A.R., Rice, A., Skehin, N., Sohan, R.: Mockdroid: trading privacy for application functionality on smartphones. In: Proceedings of the 12th Workshop on Mobile Computing Systems and Applications, pp. 49–54. ACM (2011)

  • Brank, J., Grobelnik, M., Mladenić, D.: A survey of ontology evaluation techniques. In Proceedings of the conference on data mining and data warehouses (SiKDD 2005). Ljubljana, Slovenia, pp. 166–170 (2005)

  • Brar, A., Kay, J.: Privacy and Security in Ubiquitous Personalized Applications. University of Sydney, School of Information Technologies, Sydney (2004)

    Google Scholar 

  • Carmagnola, F., Osborne, F., Torre, I.: Escaping the big brother: an empirical study on factors influencing identification and information leakage on the web. J. Inf. Sci. 40(2), 180–197 (2014)

    Google Scholar 

  • Chakraborty, S., Shen, C., Raghavan, K.R., Shoukry, Y., Millar, M., Srivastava, M.B.: ipshield: A framework for enforcing context-aware privacy. In: NSDI, pp. 143–156 (2014)

  • Chaturvedi, A., Green, P.E., Caroll, J.D.: \(K\)-modes clustering. J. Classif. 18(1), 35–55 (2001)

    MathSciNet  MATH  Google Scholar 

  • Chaudhry, A., Crowcroft, J., Howard, H., Madhavapeddy, A., Mortier, R., Haddadi, H., McAuley, D.: Personal data: thinking inside the box. In: Proceedings of The Fifth Decennial Aarhus Conference on Critical Alternatives, pp. 29–32. Aarhus University Press (2015)

  • Conger, S., Pratt, J.H., Loch, K.D.: Personal information privacy and emerging technologies. Inf. Syst. J. 23(5), 401–417 (2013). https://doi.org/10.1111/j.1365-2575.2012.00402.x

    Article  Google Scholar 

  • Dinev, T., Hart, P.: An extended privacy calculus model for e-commerce transactions. Inf. Syst. Res. 17(1), 61–80 (2006)

    Google Scholar 

  • Egele, M., Kruegel, C., Kirda, E., Vigna, G.: Pios: Detecting privacy leaks in ios applications. In: NDSS, pp. 177–183 (2011)

  • Elluri, L., Joshi, K.P., et al.: A knowledge representation of cloud data controls for EU GDPR compliance. In: 11th IEEE International Conference on Cloud Computing (CLOUD) (2018)

  • Felt, A.P., Ha, E., Egelman, S., Haney, A., Chin, E., Wagner, D.: Android permissions: user attention, comprehension, and behavior. In: Proceedings of the Eighth Symposium on Usable Privacy and Security, pp. 1–14. ACM (2012)

  • Fu, H., Yang, Y., Shingte, N., Lindqvist, J., Gruteser, M.: A field study of run-time location access disclosures on android smartphones. Proc. Usable Secur. 14, 10 (2014)

    Google Scholar 

  • Google/Ipsos, U.: How people discover, use, and stay engaged with apps, pp. 1–15 (2016). https://www.thinkwithgoogle.com/data/smartphone-users-discover-apps-browsing/

  • He, Y., Bahirat, P., Menon, A., Knijnenburg, B.P.: A data driven approach to designing for privacy in household iot. ACM Trans. Interact. Intell. Syst. 10(1) (2019)

  • Hlomani, H., Stacey, D.: Approaches, methods, metrics, measures, and subjectivity in ontology evaluation: a survey. Semant. Web J. 1(5), 1–11 (2014)

    Google Scholar 

  • Johnson, E.J., Bellman, S., Lohse, G.L.: Defaults, framing and privacy: why opting in-opting out. Market. Lett. 13(1), 5–15 (2002)

    Google Scholar 

  • Joosse, M., Lohse, M., Evers, V.: Crowdsourcing culture in HRI: Lessons learned from quantitative and qualitative data collections. In: 3rd International Workshop on Culture Aware Robotics at ICSR, vol. 15 (2015)

  • Kay, J., Kummerfeld, B.: Scrutability, user control and privacy for distributed personalization. In: Proceedings of the CHI2006 Workshop on Privacy-Enhanced Personalization, pp. 21–22 (2006)

  • Kay, J., Kummerfeld, B., Lauder, P.: Personis: a server for user models. In: International Conference on Adaptive Hypermedia and Adaptive Web-Based Systems, pp. 203–212. Springer (2002)

  • Kelley, P., Consolvo, S., Cranor, L., Jung, J., Sadeh, N., Wetherall, D.: A conundrum of permissions: installing applications on an android smartphone. In: International conference on Financial Cryptography and Data Security, Springer, Berlin, Heidelberg, pp. 68–79 (2012)

  • Knijnenburg, B., Raybourn, E., Cherry, D., Wilkinson, D., Sivakumar, S., Sloan, H.: Death to the privacy calculus? (2017). Available at SSRN:http://dx.doi.org/10.2139/ssrn.2923806

  • Knijnenburg, B.P.: Information disclosure profiles for segmentation and recommendation. In: SOUPS2014 Workshop on Privacy Personas and Segmentation (2014)

  • Knijnenburg, B.P.: A user-tailored approach to privacy decision support. Ph.D. Thesis, University of California, Irvine (2015). http://search.proquest.com/docview/1725139739/abstract

  • Knijnenburg, B.P.: Privacy? I can’t even! Making a case for user-tailored privacy. IEEE Secur. Privacy 15(4), 62–67 (2017)

    Google Scholar 

  • Knijnenburg, B.P., Jin, H.: The persuasive effect of privacy recommendations. In: Twelth Annual Workshop on HCI Research in MIS, Milan (2013). http://aisel.aisnet.org/sighci2013/16

  • Knijnenburg, B.P., Kobsa, A.: Helping users with information disclosure decisions: potential for adaptation. In: Proceedings of the 2013 International Conference on Intelligent User Interfaces, pp. 407–416. ACM (2013)

  • Knijnenburg, B.P., Kobsa, A., Jin, H.: Counteracting the negative effect of form auto-completion on the privacy calculus. In: ICIS 2013 Proceedings, Milan (2013)

  • Knijnenburg, B.P., Kobsa, A., Jin, H.: Dimensionality of information disclosure behavior. Int. J. Hum. Comput. Stud. 71(12), 1144–1162 (2013). https://doi.org/10.1016/j.ijhcs.2013.06.003

    Article  Google Scholar 

  • Kobsa, A.: Tailoring privacy to users’ needs. In: International Conference on User Modeling, pp. 301–313. Springer (2001)

  • Kodinariya, T.M., Makwana, P.R.: Review on determining number of cluster in \(k\)-means clustering. Int. J. 1(6), 90–95 (2013)

    Google Scholar 

  • Kurtz, C., Semmann, M., Schulz, W.: Towards a framework for information privacy in complex service ecosystems. In: ICIS 2018 Proceedings (2018). https://aisel.aisnet.org/icis2018/bridging/Presentations/7

  • Lee, H., Kobsa, A.: Understanding user privacy in internet of things environments. In: 2016 IEEE 3rd World Forum on Internet of Things (WF-IoT), pp. 407–412. IEEE (2016)

  • Lee, H., Kobsa, A.: Privacy preference modeling and prediction in a simulated campuswide iot environment. In: IEEE International Conference on Pervasive Computing and Communications (PerCom), pp. 276–285. IEEE (2017)

  • Li, Y., Kobsa, A., Knijnenburg, B.P., Nguyen, M.C.: Cross-cultural privacy prediction. Proc. Privacy Enhanc. Technol. 2017(2), 113–132 (2017)

    Google Scholar 

  • Lin, J., Liu, B., Sadeh, N., Hong, J.I.: Modeling users’ mobile app privacy preferences: restoring usability in a sea of permission settings. In proceedings of the 10th Symposium On Usable Privacy and Security (SOUPS), pp. 199–212 (2014)

  • Liu, B., Andersen, M.S., Schaub, F., Almuhimedi, H., Zhang, S., Sadeh, N., Acquisti, A., Agarwal, Y.: Follow my recommendations: A personalized privacy assistant for mobile app permissions. In: Twelfth Symposium on Usable Privacy and Security, pp. 26–41 (2016)

  • Liu, B., Lin, J., Sadeh, N.: Reconciling mobile app privacy and usability on smartphones: Could user privacy profiles help? In: Proceedings of the 23rd International Conference on World Wide Web, pp. 201–212. ACM (2014b)

  • Madejski, M., Johnson, M., Bellovin, S.: A study of privacy settings errors in an online social network. In: Fourth International Workshop on Security and Social Networking, SECSOC ’12, pp. 340–345. Lugano (2012). https://doi.org/10.1109/PerComW.2012.6197507

  • Malhotra, N.K., Kim, S.S., Agarwal, J.: Internet users’ information privacy concerns (IUIPC): the construct, the scale, and a causal model. Inf. Syst. Res. 15(4), 336–355 (2004)

    Google Scholar 

  • Noy, N.F., McGuinness, D.L., et al.: Ontology development 101: a guide to creating your first ontology. Stanford Knowledge Systems Laboratory Technical Report KSL-01-05 and Stanford Medical Informatics Technical Report SMI-2001-0880, March 2001 (2001) http://www.ksl.stanford.edu/people/dlm/papers/ontology-tutorial-noy-mcguinness.pdf

  • Palmirani, M., Martoni, M., Rossi, A., Bartolini, C., Robaldo, L.: Pronto: privacy ontology for legal reasoning. In: International Conference on Electronic Government and the Information Systems Perspective, pp. 139–152. Springer (2018)

  • Pandit, H., Lewis, D.: Modelling provenance for GDPR compliance using linked open data vocabularies. In: 5th Workshop on Society, Privacy and the Semantic Web - Policy and Technology (PrivOn 2017), CEUR 1951 (2017). http://ceur-ws.org/Vol-1951/#paper-06

  • Pandit, H.J., Fatema, K., O’Sullivan, D., Lewis, D.: Gdprtext-gdpr as a linked data resource. In: European Semantic Web Conference, pp. 481–495. Springer (2018)

  • Patil, T.R., Sherekar, S.: Performance analysis of naive bayes and j48 classification algorithm for data classification. Int. J. Comput. Sci. Appl. 6(2), 256–261 (2013)

    Google Scholar 

  • Perera, C., Liu, C., Ranjan, R., Wang, L., Zomaya, A.Y.: Privacy-knowledge modeling for the internet of things: a look back. Computer 49(12), 60–68 (2016)

    Google Scholar 

  • Raber, F., Krüger, A.: Deriving privacy settings for location sharing: Are context factors always the best choice? In: 2018 IEEE Symposium on Privacy-Aware Computing (PAC), pp. 86–94. IEEE (2018)

  • Rafailidis, D., Nanopoulos, A.: Modeling users preference dynamics and side information in recommender systems. IEEE Trans. Syst. Man Cybern. Syst. 46(6), 782–792 (2016)

    Google Scholar 

  • Sacco, O., Breslin, J.G.: Ppo & ppm 2.0: extending the privacy preference framework to provide finer-grained access control for the web of data. In: Proceedings of the 8th International Conference on Semantic Systems, pp. 80–87 (2012)

  • Sanchez, O., Torre, I., Knijnenburg, B.: Semantic-based privacy settings negotiation and management. In: Future Generation Computer Systems (2019). (Under publication)

  • Schemmann, B., Herrmann, A.M., Chappin, M.M., Heimeriks, G.J.: Crowdsourcing ideas: involving ordinary users in the ideation phase of new product development. Res. Policy 45(6), 1145–1154 (2016)

    Google Scholar 

  • Sharma, S., Chen, K., Sheth, A.: Toward practical privacy-preserving analytics for iot and cloud-based healthcare systems. IEEE Internet Comput. 22(2), 42–51 (2018)

    Google Scholar 

  • Si, C., Jiao, L., Wu, J., Zhao, J.: A group evolving-based framework with perturbations for link prediction. Physica A 475, 117–128 (2017)

    Google Scholar 

  • Smith, H.J., Milberg, S.J., Burke, S.J.: Information privacy: measuring individuals’ concerns about organizational practices. MIS Quarterly: Management Information Systems 20(2), 167–196 (1996)

    Google Scholar 

  • Sutanto, J., Palme, E., Tan, C.H., Phang, C.W.: Addressing the personalization-privacy paradox: an empirical assessment from a field experiment on smartphone users. Mis Quart. 37(4), 1141–1164 (2013)

    Google Scholar 

  • The European Parliament and the Council of the European Union: Regulation (EU) 2016/679 of the European Parliament and of the Council. Official Journal of the European Union, p. 1:88 (2016)

  • Torre, I., Adorni, G., Koceva, F., Sanchez, O.: Preventing disclosure of personal data in iot networks. In: 12th International Conference on Signal-Image Technology & Internet-Based Systems (SITIS), pp. 389–396. IEEE (2016a)

  • Torre, I., Koceva, F., Sanchez, O.R., Adorni, G.: Fitness trackers and wearable devices: How to prevent inference risks? In: Proceedings of the 11th EAI International Conference on Body Area Networks, pp. 125–131. ICST (Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering) (2016b)

  • Torre, I., Koceva, F., Sanchez, O.R., Adorni, G.: A framework for personal data protection in the iot. In: 11th International Conference for Internet Technology and Secured Transactions (ICITST), pp. 384–391. IEEE (2016c)

  • Torre, I., Sanchez, O.R., Koceva, F., Adorni, G.: Supporting users to take informed decisions on privacy settings of personal devices. Pers. Ubiquit. Comput. 22(2), 345–364 (2018)

    Google Scholar 

  • Tsai, L., Wijesekera, P., Reardon, J., Reyes, I., Egelman, S., Wagner, D., Good, N., Chen, J.W.: Turtle guard: helping android users apply contextual privacy preferences. In: Symposium on Usable Privacy and Security (SOUPS) (2017)

  • Vescovi, M., Moiso, C., Pasolli, M., Cordin, L., Antonelli, F.: Building an eco-system of trusted services via user control and transparency on personal data. In: IFIP International Conference on Trust Management, pp. 240–250. Springer (2015)

  • Vicente, C.R., Freni, D., Bettini, C., Jensen, C.S.: Location-related privacy in geo-social networks. IEEE Internet Comput. 15(3), 20–27 (2011)

    Google Scholar 

  • Walters, M.L., Lohse, M., Hanheide, M., Wrede, B., Syrdal, D.S., Koay, K.L., Green, A., Hüttenrauch, H., Dautenhahn, K., Sagerer, G., et al.: Evaluating the robot personality and verbal behavior of domestic robots using video-based studies. Adv. Robot. 25(18), 2233–2254 (2011)

    Google Scholar 

  • Wijesekera, P., Baokar, A., Tsai, L., Reardon, J., Egelman, S., Wagner, D., Beznosov, K.: The feasibility of dynamically granted permissions: aligning mobile privacy with user preferences. In: IEEE Symposium on Security and Privacy (SP), pp. 1077–1093. IEEE (2017)

  • Wisniewski, P., Knijnenburg, B.P., Lipford, H.R.: Profiling facebook users privacy behaviors. In: SOUPS2014 Workshop on Privacy Personas and Segmentation (2014)

  • Woods, S., Walters, M., Koay, K.L., Dautenhahn, K.: Comparing human robot interaction scenarios using live and video based methods: towards a novel methodological approach. In: 9th IEEE International Workshop on Advanced Motion Control, pp. 750–755. IEEE (2006)

  • Wu, L., Ge, Y., Liu, Q., Chen, E., Hong, R., Du, J., Wang, M.: Modeling the evolution of users’ preferences and social links in social networking services. IEEE Trans. Knowl. Data Eng. 29(6), 1240–1253 (2017)

    Google Scholar 

  • Wu, L., Ge, Y., Liu, Q., Chen, E., Long, B., Huang, Z.: Modeling users’ preferences and social links in social networking services: a joint-evolving perspective. In: Thirtieth AAAI Conference on Artificial Intelligence (2016)

  • Xie, J., Knijnenburg, B.P., Jin, H.: Location sharing privacy preference: analysis and personalized recommendation. In: Proceedings of the 19th international conference on Intelligent User Interfaces, pp. 189–198. ACM (2014)

  • Xu, H., Dinev, T., Smith, H.J., Hart, P.: Examining the formation of individual’s privacy concerns: toward an integrative view. In: ICIS 2008 Proceedings, p. 6 (2008)

  • Xu, H., Gupta, S., Rosson, M.B., Carroll, J.M.: Measuring mobile users’ concerns for information privacy, Proc. of the Third International Conference on Information Systems, Orlando, pp. 2278–2293 (2012)

  • Zhao, Y., Zhu, Q.: Evaluation on crowdsourcing research: current status and future direction. Inf. Syst. Front. 16(3), 417–434 (2014)

    Google Scholar 

  • Zhao, Z., Etemad, S.A., Arya, A.: Gamification of exercise and fitness using wearable activity trackers. In: Proceedings of the 10th International Symposium on Computer Science in Sports (ISCSS), pp. 233–240. Springer (2016)

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, Bioengineering, Robotics and Systems Engineering (DIBRIS), University of Genoa, Genoa, Italy

    Odnan Ref Sanchez & Ilaria Torre

  2. School of Computing, Clemson University, Clemson, USA

    Yangyang He & Bart P. Knijnenburg

Authors
  1. Odnan Ref Sanchez
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ilaria Torre
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yangyang He
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Bart P. Knijnenburg
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ilaria Torre.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Appendices

Appendices

Table 4 Study Questionnaire
Full size table
Table 5 Table of accuracies
Full size table

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Sanchez, O.R., Torre, I., He, Y. et al. A recommendation approach for user privacy preferences in the fitness domain. User Model User-Adap Inter 30, 513–565 (2020). https://doi.org/10.1007/s11257-019-09246-3

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11257-019-09246-3

Keywords

Search

Navigation