Privacy Dynamics: Learning from the Wisdom of Groups

Lead Research Organisation: University of Exeter
Department Name: Psychology


We propose to study privacy management by investigating how individuals learn and benefit from their membership of social or functional groups, and how such learning can be automated and incorporated into modern mobile and ubiquitous technologies that increasingly pervade society. We will focus on the privacy concerns of individuals in the context of their use of pervasive technologies, such as Smartphones and personal sensors which share data in the Cloud.

We aim to contribute to research in three areas:

(1) software engineering of adaptive systems that guide their users to manage their privacy;

(2) development of machine learning techniques to alleviate the cognitive and physical load of eliciting and personalising users' privacy requirements; and

(3) empirical investigation of the privacy behaviour of, and in, groups, in the context of both collaboration and conflict.

The ability to control and maintain privacy is central to the preservation of identity. In recent years, social psychologists have made a core distinction between personal identity (which refers to what makes us unique, as individuals, compared to other individuals) and social identity (which refers to our sense of ourselves as members of a social group and the meaning that group has for us). In the latter case, our sense of who we are can be derived from our membership of social groups. Identity is not fixed, but is rather the outcome of a dynamic process. We can move from a personal to a social identity (and back again) depending on the context. We can move between different social identities (for example, as a male, a father, a worker, a football fan, English, British, etc). Identity matters because it provides a prism through which we perceive the world, experience events, decide how to act, and understand our relationships to other people. It tells who is and who is not of us, who is for us and who is against us. Understanding the identity process is therefore key to assessing the impact that privacy and security policies have on people's behaviours. This is essential in order to be able to deliver systems that can express and analyse users' privacy requirements and, at runtime, self-adapt and guide users as they move from context to context.

Broadly speaking, our proposed project asks the following two questions and attempts to answer them from both a social psychology and a computing perspective:

Can privacy be a distributed quality (across 'the group')?
If so, under what conditions might this be the case?

Can the group protect the privacy of the individual?
If so, how does the group manage the privacy-related behaviour of its members?

The research challenges for the project are to devise non-intrusive yet rigorous ways in which to study privacy, both using pervasive technologies (such as life-logging cameras and biometric sensors) and in order to deliver more effective privacy management. At the heart of the project is a hypothesis that individuals are able to better manage their privacy by adopting or learning from the 'wisdom of groups' - we use this term as an acknowledgement of the crowd sourcing movement, also adapted by others in the catchphrase 'wisdom of friends'. Our novelty is in extending this idea to exploit the wisdom of particular subsets of people - groups whose positions and knowledge are more nuanced than a crowd. Our technical challenge is to investigate what we call the privacy dynamics of individuals as they relate to their membership of social, professional or other groups, to develop computational (machine learning) techniques that support such dynamics, and then to deliver privacy management capabilities interactively, autonomously, and adaptively as individuals' contexts change.


10 25 50
Description Our results show that social identity concerns are at the heart of privacy evaluations. People report being concerned about privacy threats when they might lead to misidentification - or might reveal an aspect of identity that the individual would not be happy to share.

We have integrated social identity ideas into automated systems designed to assess the impact of social identity on the sensitiviety of information sharing, willingness to share with others and the identification of relevant social identities for individuals in context.
Exploitation Route Our work can be used by software engineers and application designers concerned with how social identity and group processes can be harnessed to improve privacy experience and privacy behaviour in digital worlds
Sectors Creative Economy,Digital/Communication/Information Technologies (including Software),Government, Democracy and Justice

Description Milton Keynes University Hospital Collaboration 
Organisation Milton Keynes Hospital NHS Foundation Trust
Country United Kingdom 
Sector Public 
PI Contribution Research staff expertise, and equipment provided to run studies.
Collaborator Contribution Access to participants, hospital research and IT staff, consultant time.
Impact Pain logger Partners in new grant "STRETCH"
Start Year 2014
Description EPSRC CEReS event 16 June 2014, London UK 
Form Of Engagement Activity A talk or presentation
Part Of Official Scheme? Yes
Geographic Reach Regional
Primary Audience Public/other audiences
Results and Impact The Research Councils UK Global Uncertainties Programme held a one-day meeting to highlight research funded through the CEReS (Consortia for Exploratory Research in Security) call. The event was held on 16 June 2014 in London. Representatives from the 'Privacy dynamics: learning from the wisdom of groups' project attended and gave presentations, they included the PI Professor Bashar Nuseibeh (Open University), Dr Avelie Stuart (University of Exeter), Dr Gul Calikli (Open University) and Dr Luke Dickens (Imperial College London). Future collaborations between academics were discussed.

Not aware of any impact at this time.
Year(s) Of Engagement Activity 2014