Skip to main content
SpringerLink
Log in
Book cover

International Conference on Ubiquitous Computing

UbiComp 2006: UbiComp 2006: Ubiquitous Computing pp 194–211Cite as

Development of a Privacy Addendum for Open Source Licenses: Value Sensitive Design in Industry

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 4206))

Abstract

Drawing on Value Sensitive Design, we developed a workable privacy addendum for an open source software license that not only covers intellectual property rights while allowing software developers to modify the software (the usual scope of an open source license), but also addresses end-user privacy. One central innovation of our work entails the integration of an informed consent model and a threat model for developing privacy protections for ubiquitous location aware systems. We utilized technology that provided a device’s location information in real-time: Intel’s POLS, a “sister” system to Intel’s Place Lab. In January 2006, POLS was released under a license combining the substantive terms of the Eclipse Public License together with this privacy addendum. In this paper, we describe how we developed the privacy addendum, present legal terms, and discuss characteristics of our design methods and results that have implications for protecting privacy in ubiquitous information systems released in open source.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Ackerman, M., Darrell, T., Weitzner, D.J.: Privacy in context. Human-Computer Interaction 16, 167–176 (2001)

    Article  Google Scholar 

  2. Atkins, D., Austein, R.: Threat Analysis of the Domain Name System (retrieved March 30, 2006) (2004), from: http://www.ietf.org/rfc/rfc3833.txt?number=3833

  3. Boyle, M., Edwards, C., Greenberg, S.: The effects of filtered video on awareness and privacy. In: Proceedings of CSCW 2000, pp. 1–10. ACM Press, New York (2000)

    Chapter  Google Scholar 

  4. Borriello, G., Brunette, W., Hall, M., Hartung, C., Tangney, C.: Reminding about tagged objects using passive rFIDs. In: Davies, N., Mynatt, E.D., Siio, I. (eds.) UbiComp 2004. LNCS, vol. 3205, pp. 36–53. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  5. Consolvo, S., Roessler, P., Shelton, B.E.: The careNet display: Lessons learned from an in home evaluation of an ambient display. In: Davies, N., Mynatt, E.D., Siio, I. (eds.) UbiComp 2004. LNCS, vol. 3205, pp. 1–17. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  6. Consolvo, S., Smith, I.E., Matthews, T., LaMarca, A., Tabert, J., Powledge, P.: Location Disclosure to Social Relations: Why, When, & What People Want to Share. In: Proceedings of CHI 2005, pp. 81–90. ACM Press, New York (2005)

    Google Scholar 

  7. Cranor, L.F., Garfinkel, S.: Security and usability: Designing secure systems that people can use. O’Reilly, Cambridge (2005)

    Google Scholar 

  8. Felten, E.: DRM, and the First Rule of Security Analysis. Freedom to Tinker (retrieved March 30, 2006) (2003), from: http://www.freedom-to-tinker.com/index.php?p=317

  9. Friedman, B. (ed.): Human Values and the Design of Computer Technology. Cambridge University Press and CSLI New York Stanford University (1997)

    Google Scholar 

  10. Friedman, B., Felten, E., Millett, L.I.: Informed Consent Online: A Conceptual Model and Design Principles. CSE Technical Report 00-12-02. Department of Computer Science and Engineering, University of Washington, Seattle, Washington (2000)

    Google Scholar 

  11. Friedman, B., Howe, D.C., Felten, E.: Informed consent in the Mozilla browser: Implementing value-sensitive design. In: Proc of HICSS 2002 Abstract, CD-ROM of full-paper, OSPE101, p. 247. IEEE Computer Society, Los Alamitos (2002)

    Google Scholar 

  12. Friedman, B., Kahn Jr, P.H.: Human values, ethics, & design. In: Jacko, J., Sears, A. (eds.) Handbook of human-computer interaction, pp. 1177–1201. Lawrence Erlbaum Associates, Mahwah (2003)

    Google Scholar 

  13. Friedman, B., Kahn Jr, P.H., Borning, A.: Value Sensitive Design & information systems. In: Zhang, P., Galletta, D. (eds.) Human-computer interaction in management information systems: Foundations. M. E. Sharpe, Armonk (in press)

    Google Scholar 

  14. Friedman, B., Kahn Jr, P.H., Hagman, J., Severson, R.L., Gill, B.: The Watcher and The Watched: Social Judgements about Privacy in a Public Place. Human-Computer Interaction (in press)

    Google Scholar 

  15. Friedman, B., Lin, P., Miller, J.: Informed Consent by Design. In: Cranor, L., Garfinkel, S. (eds.) Designing Secure Systems that People Can Use, pp. 495–521. O’Reilly & Associates, Cambridge (2005)

    Google Scholar 

  16. Goecks, J., Mynatt, E.D.: Leveraging Social Networks for Information Sharing. In: Proceedings of CSCW 2004, pp. 328–331 (2004)

    Google Scholar 

  17. Goldberg, Y.: Practical Threat Analysis for the Software Industry. SecurityDocs.com (retrieved March 30, 2006) (2005), from: http://www.securitydocs.com/library/2848

  18. Grinter, R.E., Smetters, D.K.: Three Challenges for Embedding Security into Applications HCISEC Workshop at CHI 2003, Fort Lauderdale, Florida (2003) (retrieved March 30, 2006) (2003), from: http://www.andrewpatrick.ca/CHI2003/HCISEC/hcisec-workshop-grinter.pdf

  19. Hill, R., Myagmar, S., Campbell, R.: Threat Analysis of GNU Software Radio. In: Proc. of WWC 2005, Palo Alto, CA (2005)

    Google Scholar 

  20. Hudson, S.E., Smith, I.: Techniques for addressing fundamental privacy & disruption tradeoffs in awareness support systems. In: Proceedings of CSCW 1996, pp. 248–257 (1996)

    Google Scholar 

  21. Hull, R., Kumar, B., Lieuwen, D., Patel-Schneider, P.F., Sahuguet, A., Varadarajan, S., Vyas, A.: Enabling Context-Aware and Privacy-Conscious User Data Sharing. In: Proceedings of MDM 2004, pp. 187–198 (2004)

    Google Scholar 

  22. Iachello, G., Smith, I., Consolvo, S., Abowd, G.D., Hughes, J., Howard, J., Potter, F., Scott, J., Sohn, T., Hightower, J., LaMarca, A.: Control, deception, and communication: Evaluating the deployment of a location-enhanced messaging service. In: Beigl, M., Intille, S.S., Rekimoto, J., Tokuda, H. (eds.) UbiComp 2005. LNCS, vol. 3660, pp. 213–231. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  23. Iachello, G., Smith, I.E., Consolvo, S., Chen, M., Abowd, G.D.: Developing Privacy Guidelines for Social Location Disclosure Applications and Services. In: Proceedings of SOUPS 2005, pp. 65–76. ACM Press, New York (2005)

    Chapter  Google Scholar 

  24. Jancke, G., Venolia, G.D., Grudin, J., Cadiz, J.J., Gupta, A.: Linking Public Spaces: Technical & Social Issues. In: Proceedings of CHI 2001, Seattle, WA, pp. 530–537 (2001)

    Google Scholar 

  25. Jiang, X., Hong, J.I., Landay, J.A.: Approximate information flows: Socially-based modeling of privacy in ubiquitous computing. In: Borriello, G., Holmquist, L.E. (eds.) UbiComp 2002. LNCS, vol. 2498, pp. 176–193. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  26. LaMarca, A., Chawathe, Y., Consolvo, S., Hightower, J., Smith, I., Scott, J., Sohn, T., Howard, J., Hughes, J., Potter, F., Tabert, J., Powledge, P.S., Borriello, G., Schilit, B.N.: Place lab: Device positioning using radio beacons in the wild. In: Gellersen, H.-W., Want, R., Schmidt, A. (eds.) PERVASIVE 2005. LNCS, vol. 3468, pp. 116–133. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  27. Langheinrich, M.: Privacy by design–Principles of privacy-aware ubiquitous systems. In: Abowd, G.D., Brumitt, B., Shafer, S. (eds.) UbiComp 2001. LNCS, vol. 2201, pp. 273–291. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  28. Lederer, S., Hong, J.I., Dey, A.K., Landay, J.A.: Personal Privacy through Understanding & Action: 5 Pitfalls for Designers. Personal & Ubiquitous Computing 8(6), 440–454 (2004)

    Article  Google Scholar 

  29. Meler, J.D., Mackman, A., Dunner, N., Vasireddy, S., Escamilla, R., Murukan, A.: Threat modeling. In: Improving Web Application Security: Threats and Countermeasures (2003)

    Google Scholar 

  30. Palen, L., Dourish, P.: Unpacking “privacy” for a networked world. In: Proceedings of CHI 2003, pp. 129–136 (2003)

    Google Scholar 

  31. Patil, S., Lai, J.: Who gets to know what when: configuring privacy permissions in an awareness application. In: Proceedings CHI 2005, Portland, OR, USA, pp. 101–110 (2005)

    Google Scholar 

  32. Schoeman, F. (ed.): Philosophical Dimensions of Privacy: An Anthology. Cambridge University Press, Cambridge (1984)

    Google Scholar 

  33. Warren, S.D., Brandeis, L.D.: The Right to Privacy. Harvard Law Review 4(5) (1890)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Information School, University of Washington, Seattle, WA, USA

    Batya Friedman

  2. Intel Research, Seattle, WA, USA

    Ian Smith & Sunny Consolvo

  3. Department Of Psychology, University of Washington, Seattle, WA, USA

    Peter H. Kahn Jr.

  4. Intel Corporation, Santa Clara, CA, USA

    Jaina Selawski

Authors
  1. Batya Friedman
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ian Smith
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Peter H. Kahn Jr.
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Sunny Consolvo
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Jaina Selawski
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Donald Bren School of Information and Computer Sciences, University of California, Irvine, 92697-3440, Irvine, CA, USA

    Paul Dourish

  2. Computing Department, Lancaster University, InfoLab 2, South Drive, LA1 4WA, Lancaster, UK

    Adrian Friday

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Friedman, B., Smith, I., H. Kahn, P., Consolvo, S., Selawski, J. (2006). Development of a Privacy Addendum for Open Source Licenses: Value Sensitive Design in Industry. In: Dourish, P., Friday, A. (eds) UbiComp 2006: Ubiquitous Computing. UbiComp 2006. Lecture Notes in Computer Science, vol 4206. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11853565_12

Download citation

  • DOI: https://doi.org/10.1007/11853565_12

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-39634-5

  • Online ISBN: 978-3-540-39635-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation