Is Privacy Regulation Slowing Down or Enablingthe Wide Adoption of Pervasive Systems?

Panel SummaryClaudio Bettini

Universita degli Studi di MilanoComputer Science Department, EveryWare Lab

Milan, Italy

PANEL TOPIC

In the last years we have witnessed large scale data privacyviolations mostly due to security issues or to unauthorised useand communication of personal data. Among many events,millions of Yahoo e-mail accounts and Facebook privateprofiles were violated. Mobile and pervasive technology andservices have a role in this scenario, since they introducenew devices with possible hardware and software securityholes, new communication protocols, new types of personaldata, and a new scale for the amount of data being collected.Location data of individuals collected through mobile devicesis a natural example, and video imaging and speech collectedin our homes by smart appliances and toys is another.

Solicited by large scale privacy violations and public con-cern amplified by the news, regulators in most countrieshave taken action in revising legal obligations related to dataprivacy. The EU has approved in 2016 the new General DataProtection Regulation (GDPR) that is being enforced sinceMay 2018, Japan has taken similar steps with the amendedAct on the Protection of Personal Information, the US hasa regulation fragmented by sector and state, but for exampleCalifornia passed in June 2018 a new data privacy law thathas a very GDPR feel.

As a consequence, industry has been forced to invest asignificant amount of money and resources in making theirsystems and products compliant to the regulation and inchanging the design, production and test processes of theirproducts. This will inevitably have an impact on the type ofservices that will be offered, on their cost, and on the timing oftheir appearance on the market. While the value of investingin security is usually well understood, investing in privacy isoften seen only as a cost, specially by small and medium sizecompanies.

Considering user needs, sociological studies report thatusers are indeed very concerned about their digital personaldata being misused. On the other hand economic studiesshow that users are ready to provide consent without lookingclosely at the terms, based on minimal reward in terms ofmoney or service. Leveraging on this fact, on the challengeof implementing effective privacy protection techniques, andon the argument that the massive exchange and use of digital

personal data is a natural evolution of our social norms, thereis a shared opinion against a strict privacy regulation in favorof a more rapid evolution and time to market of pervasivesystems.

There are of course different opinions in favor of theregulation. Among them a) the role of institutions in protectingindividuals, especially when they are unaware of potentialthreats to their basic rights; b) the availability of privacyenhancing technology resulting from decades of research; andc) the fact that the compliance of the products should convincea large number of potential users that are now worried abouttheir privacy to adopt the technology and use the services.

The panel at PerCom is the opportunity to discuss theseissues among researchers that design the mobile and pervasivesystems possibly going to the market in the near future. Thepanelists include experts in privacy enhancing technologiesapplied to mobile and pervasive systems as well as researcherswith experience in designing and deploying pervasive systems.

MODERATOR

Claudio Bettini is full professor in theComputer Science department at Uni-versita degli Studi di Milano, wherehe leads the EveryWare laboratory. Hereceived his PhD in Computer Sciencefrom the University of Milan in 1993.He has been for more than a decade,an affiliate research professor at theCenter for Secure Information Systemsat George Mason University, VA. His

research interests cover the areas of data management inmobile and pervasive computing, data privacy and security,context-awareness and context reasoning, temporal and spatio-temporal data management. He acted as PI and co-PI ofresearch projects on data privacy both in the US and in theEU. He is a member of the steering committee of IEEEPerCom and he has been associate editor of the Pervasiveand Mobile Computing Journal, The VLDB Journal, and theIEEE Transactions on Knowledge and Data Engineering. He isa co-editor of the Springer Handbook of Mobile Data Privacy.

2019 IEEE International Conference on Pervasive Computing and Communications (PerCom)

978-1-5386-9148-9/19/$31.00 ©2019 IEEE 220

PANELISTS

Salil Kanhere received his M.S.and Ph.D. degrees, both in ElectricalEngineering from Drexel University,Philadelphia, USA. He is currently aProfessor in the School of ComputerScience and Engineering at UNSWSydney, Australia. He is also a conjointresearcher at CSIRO Data61 andserves on the advisory board for twotechnology start-ups. His research

interests include Internet of Things, pervasive computing,blockchain, crowdsourcing, data analytics, privacy andsecurity. He has published over 200 peer-reviewed articlesand delivered over 30 tutorials and keynote talks on thesetopics. His research has been featured on ABC NewsAustralia, Forbes, IEEE Spectrum, Wired, ZDNET, ComputerWorld, Medium, MIT Technology Review and other mediaoutlets. Salil regularly serves on the organizing committee ofa number of IEEE and ACM international conferences. Heis on the Editorial Board of Elsevier’s Pervasive and MobileComputing and Computer Communications. Salil is a SeniorMember of both the IEEE and the ACM. He is a recipient ofthe Alexander von Humboldt Research Fellowship.

Marc Langheinrich is full professor inthe Faculty of Informatics at the Uni-versita della Svizzera Italiana (USI) inLugano, Switzerland. His research fo-cuses on privacy in mobile and pervasivecomputing systems, in particular with aview towards social compatibility. Marcis a member of the Steering Committeeof the UbiComp conference series, andchairs the IoT conference Steering Com-

mittee. He has been a General Chair or Program Chair of mostmajor conferences in the field, including Ubicomp, PerCom,Pervasive, and the IoT conference, and currently serves as theEditor-in-Chief for IEEE Pervasive Magazine. Marc holds aPh.D. from ETH Zurich, Switzerland. He can be reached atlangheinrich@ieee.org.

Archan Misra is Professor, and the As-sociate Dean of Research, in the Schoolof Information Systems at SingaporeManagement University (SMU). Archanholds a Ph.D. in Electrical and Com-puter Engineering from the Universityof Maryland at College Park in May2000. Over a 20-year research careerspanning both academics and industry

(at IBM Research and Bellcore), Archan has worked exten-sively on problems spanning wireless networking, mobile &pervasive computing and urban sensing. He currently directsSMU’s Center for Applied Smart-Nation Analytics (CASA),which cooperates with public agencies in implementing ad-vanced Smart Nation services in Singapore. Through hisleadership of SMU’s LiveLabs testbed platform, Archan hasdeveloped and deployed multiple pervasive computing applica-tions, such as campus & city-scale mobile crowdsourcing andindoor location analytics. His current research interests lie insystems-oriented research in the areas of low-power wearable& IoT sensing, real-time socio-physical urban analytics andmobile crowdsourcing. Archan chaired the IEEE ComputerSociety’s Technical Committee on Computer Communications(TCCC) from 2005-2007.

Delphine Reinhardt is a full profes-sor and head of the Computer Securityand Privacy group at the University ofGottingen. Before moving to Gottingenin January 2018, she was an assis-tant professor at Rheinische Friedrich-Wilhelms-Universitat Bonn in Germanyfrom 2014 to 2017, leading the “Privacyand Security in Ubiquitous Computing”group at the Institute of Computer Sci-ence. She was also associated to the

Fraunhofer Institute for Communication, Information Pro-cessing and Ergonomics (FKIE) during that time. Delphinecompleted her doctoral degree in computer science (withdistinction) on privacy in participatory sensing in 2013 atTechnische Universitat Darmstadt and the Center for AdvancedSecurity Research Darmstadt (CASED). Since 2009, she holdsa double-degree in electrical engineering from TU Darmstadtand Ecole Nationale Superieure de l’Electronique et ses Ap-plications (ENSEA), France.

2019 IEEE International Conference on Pervasive Computing and Communications (PerCom)

221