how digitised identities connected to hidden homelessness impacts security and privacy risks, goals and practices

This aims to explore:

(1) how people with lived experiences of homelessness self-define their security or privacy goals online and what practices they use to promote security and privacy across physical and digital spaces.
This question will investigate how hidden homelessness shapes security perceptions and/or alters how people manage their own security needs. For instance it may consider how people prioritise offline/online security, are currently responding to online security challenges, and what strategies are used to maintain online security in an insecure offline environment. This may further look into security strategies that promote offline security such as whether technologies are used to promote offline security/physical safety.

(2) What spatial characteristics of hidden homelessness uniquely impact security and privacy needs.
This research question explores responses to question 1 to understand how spatial factors connected to hidden homeless spaces are directly impacting a persons capability for securing online. This therefore considers factors impacting capability such as area connectivity, privacy, access to technologies/space to use technologies, peers/network.

(3) To what extent are local authorities and stakeholders aware of these needs and accommodating them?
This question follows question 1 and 2 to explore how authorities and organisations are supporting those facing hidden homelessness with online security needs.

Approach:

This project will be split into two exploratory studies to answer the above research questions.

Research question 1 will be explored by using a peer-led research methodology to interview people with lived experiences of hidden homelessness to "break down the distinction between the researchers and the researched" (Gaventa, 1988). Using semi-structured interviews, participants will be able to provide accounts of their security experiences. Following this, a participatory workshop will allow people to take part in defining themes from anonymised data themselves so the research analysis directly reflects peoples experiences and what they value. This methodology is designed so that participants have a say in how their stories and experiences are represented in academic research.

The second part of data collection will take another qualitative approach but this will be conducted with professionals working with people who have experienced homelessness. Specifically this research hopes to interview local authorities to explore how they are aware of and responding to the specific digital security needs of people in circumstances of hidden homelessness. These interviews will be transcribed and thematic analysis will be used to analyse the data.

Regarding the novel engineering and/or physical sciences content of the research, this project looks into human-computer interaction and specifically aims to focus on making cyber security accessible and therefore usable. This involves understanding what security needs are significant to people with 'everyday' experiences that are attached to physical insecurities such as economic and spatial. Hidden homelessness will involve financial/housing instability alongside potential mental health/health challenges and fractured support networks. These factors affect how security can be maintained. Therefore, this research hopes to consider how cyber-security can be made more accessible for people managing technology in adverse circumstances. Another aim is to highlight the ethical challenges with how technologies may be making this vulnerable group more insecure through exposure to surveillance. Digitised support means creating digital identities is a requirement of access and often unavoidable. This project hopes to explore how people feel about their data being collected for these purposes, how this data is managed and the ethical implications associated with collecting data from a high-risk group.

People. The most obvious impact of RHUL's cyber security CDT will be its production of 50 PhD-level graduates during its lifetime. CDT graduates will be "industry-ready": through industry placements, they will have exposure to real-world cyber security problems and working environments; because of the breadth of our training programme, they will gain exposure to cyber security in all its forms; through involvement of our external partners at all stages of the CDT, the students will be exposed to the language and culture of industry, government and other sectors. At the same time, they will benefit from generic skills training, equipping them with a broad set of skills that will be of use in their subsequent workplaces. They will also engage in PhD-level research projects that will lead to them developing deep topic-specific knowledge as well as general analytical skills. There is a growing demand for graduates with these skill-sets. While RHUL already has demonstrably close relationships with key external players, our CDT represents an opportunity for us to enhance our existing links and develop new ones. Moreover, our own research will be strengthened by working with the best external researchers.

Economy. The nature of our cyber security research and the planned industrial involvement in influencing the selection of research topics means that there will be significant commercialisation opportunities arising from the research produced by this CDT. RHUL cyber security researchers have more than 80 years of experience working in industry, either in research, development or customer-facing environments, and are named inventors on more than 30 patents. We are closely supported by the Royal Holloway Enterprise Centre, who have expertise in business development, securing venture capital funding, and IPR protection. RHUL's Institute for Cyber Security Innovation provides business research and training support. We also have an on-campus incubation centre which has hosted a number of spin-out companies. We are thus thoroughly prepared to identify and exploit commercialisation opportunities arising from the CDT.

Knowledge. The CDT will make substantial and original contributions to knowledge in cyber security. Following institutional policy, all research is made available to the public for free in some form, either through open access publishing,the institution's research repository or via subject-specific on-line archives. The research will also published in conference venues which, by their nature, are regularly attended by large numbers of delegates from outside of academia. Other impact routes for our knowledge include Industry Fora (RHUL is an active academic member of the I4 and ISF organisations, which are influential industry fora), Business Events (RHUL researchers regularly speak at events such as InfoSec London, RSA Conference), Standards Bodies (several staff are active in international standards bodies), Consulting (staff have consulted for more than 100 organisations in the last 30 years), Industry-focused Events (RHUL hosts several external facing events each year, including the annual CDT Showcase, HP Colloquium, and ISG Open Day).

Society. One of the longer-term impacts of our research is to provide mechanisms that help to enhance confidence and trust in the on-line society for ordinary citizens, leading in turn to quality of life enhancement. Our work on the socio-technical dimensions of security and privacy gives us a means to influence government policy to the betterment of society at large. We work closely with government departments such as the Cabinet Office to provide advice on privacy, security and design issues. We also communicate research findings through more widely accessible media, press engagement, speaking at public events, and working with schools (CDT students will take part in the annual Smallpeice Trust Cyber Security residential for Year 9 students).