IoTSec:Privacy Label

From its-wiki.no

Revision as of 10:08, 1 November 2016 by Josef.Noll (Talk | contribs)

Jump to: navigation, search
Security in IoT for Smart Grids
Home Research Security Centre Publications Student corner About
English-Language-icon.png

Towards Measurable Privacy - Privacy Labelling

Privacy Labelling for Apps og Dingser

Objective

This page provides background for the need for a Privacy Label for Apps, Things and Services. The use of energy labels has successfully (i) enhanced the understanding of energy consumption of white goods like washing machines, freezers and others, (ii) promoted the extra costs of energy-effective white goods, and (iii) reduced the energy consumption from white goods.

Privacy labels for applications (Apps), Things and Services similar to the energy labels (A++, A+, A, B,...F) will lead a better understanding of the value of privacy, and will allow for a market introduction of privacy-aware services. Customers in Europe have an understanding of these labels for white goods, and thus will appreciate similar labelling for privacy.

By applying the principles of the energy label to privacy, we can achieve • A set of guidelines for ‘privacy labelling’ (A++, A+, A, B …F) of apps, in agreement with at least one national authority (“Consumer Services”).


Background

Appfail report from the Norwegian Consumer Services

The Consumer Services of Norway (Forbrukerrådet) have established a report on privacy in Apps "App-Fail". In there they have found breach of privacy by apps. They identified a lack of "understandable privacy" as the main challenge. This thesis will

  • analysis of privacy of home IoT devices
  • starting from "privacy by design", and identifying input parameters for "privacy"
  • Adopt the multi-metrics methodology for converting input parameters of privacy into measurable privacy
  • suggestion for privacy classes, following the European energy labelling
  • provide at least two usage scenarios of devices/applications, e.g. sporting device ("speedometer") or child doll
  • criteria and evaluation of privacy labels

This page provides background for Privacy Labelling, Measure, what you can measure - Make measurable, what you can’t measure” - Galileo

Privacy today based on lawyer terminology 250.000 words on app terms
and conditions Privacy tomorrow A++: sharing with no others A: … C: sharing with …. The Privacy label for apps 
and devices

Linn Eirin Paulsen is working on her Master Thesis entitled Privacy_labels_for_IoT_consumer_products to get the rules for privacy classes in place.

Privacy Methodology.jpg

A main goal of the work