Privacy Seminar
— 1:30pm
Location:
In Person and Virtual - ET
-
Group Viewing Hamburg Hall 1002 and Zoom
Speaker:
ELIJAH BOUMA-SIMS and CLAIRE CHEN
,
Carnegie Mellon University
Two Talks
► ELIJAH BOUMNA-SIMS
— Exploring the Privacy Experiences of Closeted Users of Online Dating Services in the US
Online dating services present significant privacy risks, especially for LGBTQ+ people who are "in the closet" and have not shared their LGBTQ+ identity with others. We conducted a survey (n = 114) and nine follow-up interviews with US-based, closeted users of online dating services focused on their privacy experience. We found that participants in the study were strongly concerned about the risk of being seen by social relations and institutional data sharing practices like targeted advertising. Participants experienced a range of privacy and safety harms, including inadvertent outing, unauthorized saving and sharing of photos, extortion, and harassment. To protect their privacy, participants typically limited the amount of information and the photos they included in their profile. In order to improve their privacy experience, participants requested better profile visibility controls, limits on the ability of others to download or screenshot their photos, better user verification, and making premium privacy features available for free.
Paper to appear at PETS 2024
—
Elijah Bouma-Sims is a PhD student in Societal Computing at Carnegie Mellon University who focuses on Usable Privacy and Security. His research focuses on at-risk or marginalized groups, such as the LGBTQ+ community and children.
► CLAIRE CHEN
— Is a Trustmark and QR Code Enough? The Effect of IoT Security and Privacy Label Information Complexity on Consumer Comprehension and Behavior
The U.S. Government is developing a package label to help consumers access reliable security and privacy information about Internet of Things (IoT) devices when making purchase decisions. The label will include the U.S. Cyber Trust Mark, a QR code to scan for more details, and potentially additional information. To examine how label information complexity and educational interventions affect comprehension of security and privacy attributes and label QR code use, we conducted an online survey with 518 IoT purchasers. We examined participants' comprehension and preferences for three labels of varying complexities, with and without an educational intervention. Participants favored and correctly utilized the two higher-complexity labels, showing a special interest in the privacy-relevant content. Furthermore, while the educational intervention improved understanding of the QR code’s purpose, it had a modest effect on QR scanning behavior. We highlight clear design and policy directions for creating and deploying IoT security and privacy labels.
—
Claire Chen is a third-year computer science undergraduate at CMU with concentrations in Security & Privacy and Machine Learning. She has served as a Research Assistant at CyLab (CMU's Security and Privacy Institute) and a Teaching Assistant for Introduction to Computer Security (15-330/18-330). Previously, she interned at Splunk and Stryker on their Performance Engineering and AI Systems teams respectively. With a track record of securing first place at three CMU hackathons alongside her teams, Claire is passionate about tackling pressing technological challenges at scale and creating a positive social impact.
In Person and Zoom Participation. See announcement.
Event Website:
https://privacy.cs.cmu.edu/masters/seminar/index.html