Development guidelines for increased consumer privacy - Privacy in Home Assistants
2023 (English)Independent thesis Basic level (degree of Bachelor), 10 credits / 15 HE credits
Student thesis
Abstract [en]
Research has shown that people are generally unaware of what information manufacturers gather and store about them via their IoT-devices. All they know is that there may be some collection of information. Herein lies an issue; although people may agree to the terms of service of these products, they are doing so without proper information, leading to a lack on informed consent.
To solve this one can go multiple routes; either find some way of properly informing the user about what data is being gathered, or design devices so that no data is gathered that can be exploited. This thesis focuses on the second route, finding out what data is needed for the functional requirements of a home assistant based on the Terms of Service and other publicly accessible information, and then using this to produce a list of privacy guidelines to be used in the design and implementation of IoT-devices, with a focus on home assistants.
To do so this thesis compares the information gathered by the commercial home assistants Amazon Echo and Google Home with the information gathered by the open-source home assistant Mycroft, and from that extrapolates what information might be necessary to gather for the function of the device and what information might be superfluous. The results show that the commercial devices gather a lot of information on the user that may not be completely necessary for its functions.
To create the guidelines, a literature review was conducted. Previous solutions to privacy issues were investigated, and the solutions that were found were summarized. From this summary, categories of solutions were extrapolated, investigated if they were within the scope of the guidelines, and then the formulated guidelines were given to software engineers via interview to check for potential usefulness. The results from the interviews were then used to reformulate the guidelines to increase understandability and usefulness.
Place, publisher, year, edition, pages
2023. , p. 47
Keywords [en]
IoT, home assistant, privacy, Alexa, Google Home
National Category
Software Engineering
Identifiers
URN: urn:nbn:se:bth-24322OAI: oai:DiVA.org:bth-24322DiVA, id: diva2:1740729
Subject / course
PA1445 Kandidatkurs i Programvaruteknik
Supervisors
Examiners
2023-03-022023-03-012023-03-02Bibliographically approved