Table of Contents
Fetching ...

"Privacy across the boundary": Examining Perceived Privacy Risk Across Data Transmission and Sharing Ranges of Smart Home Personal Assistants

Shuning Zhang, Shixuan Li, Haobin Xing, Jiarui Liu, Yan Kong, Xin Yi, Hewu Li

TL;DR

This study extends Privacy Boundary Theory (PBT) to Smart Home Personal Assistants (SPAs) to understand how users perceive privacy risk across boundary crossings. It combines a three-phase preliminary study with a large main study (N=412 survey, N=40 interviews) to show that crossing the home transmission boundary and the provider-to-third-party sharing boundary provokes non-linear increases in perceived privacy risk, largely independent of data type or demographic. It also reveals that data attributes, awareness, and risk-benefit calculations modulate boundary regulation, while encryption and anonymization offer limited protection, especially for third-party sharing due to distrust. The work contributes a boundary-aware design framework for SPAs, emphasizing explicit boundary cues, boundary-based access controls, and topological visualizations to align protections with users’ privacy boundaries, with broad implications for user-centric privacy in AI-enabled smart homes.

Abstract

As Smart Home Personal Assistants (SPAs) evolve into social agents, understanding user privacy necessitates interpersonal communication frameworks, such as Privacy Boundary Theory (PBT). To ground our investigation, our three-phase preliminary study (1) identified transmission and sharing ranges as key boundary-related risk factors, (2) categorized relevant SPA functions and data types, and (3) analyzed commercial practices, revealing widespread data sharing and non-transparent safeguards. A subsequent mixed-methods study (N=412 survey, N=40 interviews among the survey participants) assessed users' perceived privacy risks across data types, transmission ranges and sharing ranges. Results demonstrate a significant, non-linear escalation in perceived risk when data crosses two critical boundaries: the `public network' (transmission) and `third parties' (sharing). This boundary effect holds robustly across data types and demographics. Furthermore, risk perception is modulated by data attributes (e.g., social relational data), and contextual privacy calculus. Conversely, anonymization safeguards show limited efficacy especially for third-party sharing, a finding attributed to user distrust. These findings empirically ground PBT in the SPA context and inform design of boundary-aware privacy protection.

"Privacy across the boundary": Examining Perceived Privacy Risk Across Data Transmission and Sharing Ranges of Smart Home Personal Assistants

TL;DR

This study extends Privacy Boundary Theory (PBT) to Smart Home Personal Assistants (SPAs) to understand how users perceive privacy risk across boundary crossings. It combines a three-phase preliminary study with a large main study (N=412 survey, N=40 interviews) to show that crossing the home transmission boundary and the provider-to-third-party sharing boundary provokes non-linear increases in perceived privacy risk, largely independent of data type or demographic. It also reveals that data attributes, awareness, and risk-benefit calculations modulate boundary regulation, while encryption and anonymization offer limited protection, especially for third-party sharing due to distrust. The work contributes a boundary-aware design framework for SPAs, emphasizing explicit boundary cues, boundary-based access controls, and topological visualizations to align protections with users’ privacy boundaries, with broad implications for user-centric privacy in AI-enabled smart homes.

Abstract

As Smart Home Personal Assistants (SPAs) evolve into social agents, understanding user privacy necessitates interpersonal communication frameworks, such as Privacy Boundary Theory (PBT). To ground our investigation, our three-phase preliminary study (1) identified transmission and sharing ranges as key boundary-related risk factors, (2) categorized relevant SPA functions and data types, and (3) analyzed commercial practices, revealing widespread data sharing and non-transparent safeguards. A subsequent mixed-methods study (N=412 survey, N=40 interviews among the survey participants) assessed users' perceived privacy risks across data types, transmission ranges and sharing ranges. Results demonstrate a significant, non-linear escalation in perceived risk when data crosses two critical boundaries: the `public network' (transmission) and `third parties' (sharing). This boundary effect holds robustly across data types and demographics. Furthermore, risk perception is modulated by data attributes (e.g., social relational data), and contextual privacy calculus. Conversely, anonymization safeguards show limited efficacy especially for third-party sharing, a finding attributed to user distrust. These findings empirically ground PBT in the SPA context and inform design of boundary-aware privacy protection.
Paper Structure (50 sections, 7 figures, 7 tables)

This paper contains 50 sections, 7 figures, 7 tables.

Figures (7)

  • Figure 1: The factors users mentioned (arranged from the most mentioned to the least mentioned). The number indicated the frequency.
  • Figure 2: Different factor levels of transmission and sharing range, where company is usually the service provider.
  • Figure 3: Perceived privacy risks for different transmission ranges and sharing ranges across data categories. 1: lowest risk, 7: highest risk. Errorbar indicated 95% Confidence Intervals (CIs).
  • Figure 4: Perceived privacy risks of the target location information for different functions.
  • Figure 5: (a) Correlation between the importance of the data collected and privacy risk, (b) Correlation between the awareness of the data collected and privacy risk. The analysis was performed on the original 7-point Likert scale ratings.
  • ...and 2 more figures