Informing the Design of a Personalized Privacy Assistant for the Internet of Things

Privacy and Security, Artificial Intelligence, Networks, the Internet, and Cloud Computing and Internet

Article Snapshot


Alessandro Acquisti, Jessica Colnago, Lorrie Faith Cranor, Yuanyuan Feng, Tharangini Palanivel, Sarah Pearman, Norman Sadeh and Megan Ung


CHI '20: Proceedings of the 2020 CHI Conference on Human Factors in Computing Systems, Paper No. 262, April, 2020


Personalized Privacy Assistant (PPAs) will help users manage Internet of Things (IoT) device data collection. The best PPAs will learn from users and offer suggestions from unbiased sources.

Policy Relevance

Most users will react positively to suggestions from PPAs.

Main Points

  • PPAS can help users manage large numbers of privacy decisions; in evaluating PPAs, users weigh their desire for control of their personal information against fear of cognitive overload.
  • Interviews with 17 participants revealed users’ views on different PPA designs.
    • “Notification PPAs” notify users when a nearby device is collecting data, and give the user control over nearby data collection.
    • “Recommendation PPAs” notify users when a nearby device is collecting data, and suggest whether the user should allow or disallow collection.
    • “Auto PPAs” make decisions for the user based on user preferences.
  • Participant reactions to “recommendation PPAs” were mostly positive.
    • Participants thought this type of PPA could serve an educational purpose.
    • Participants wanted recommendations from unbiased, knowledgeable sources.
  • About two thirds of participants reacted positively to the idea of “auto PPAs;” many reacted negatively to “notification PPAs,” fearing they would be overwhelmed by choices.
  • Good PPA designs would include the following features:
    • Allow users to choose from crowd-sourced recommendations, manufacturer recommendations, and recommendations from independent nonprofit organizations.
    • Include a "trusted location" feature where notifications would be turned off.
    • Allow users to specify situations in which users are always for or against sharing.
    • Explain the risks and benefits of data collection to users.
    • Record and learn from users' decisions.
    • Provide an audit mechanism so users' can verify and adjust decisions made on their behalf.
  • Some participants thought that the benefits of IoT (such as traffic control) would be reduced if people could opt out; policymakers should consider how to reduce the chance that people will opt out of public data collection and bypass safety and security devices.

Get The Article

Find the full article online

Search for Full Article