ects is called mobile, urban, or participatory sensing.
2–4 Participatory sensing
is meant to enable (and encourage)
anyone to gather and investigate previously invisible data. It tries to avoid
surveillance or coercive sensing by emphasizing individuals’ participation
in the sensing process. Applications
designed to enable participatory sensing range from the very personal and
self-reflective to shareable data meant
to improve an individual’s health or a
community’s experience. This article
examines three applications from
UCLA’s Center for Embedded Networked Sensing (CENS) to illustrate
the diversity of possibilities, as well as
suggest data collection and sharing
concerns.
Personal Environmental Impact
Report (PEIR). Participants in PEIR
( http://peir.cens.ucla.edu/) carry mobile phones throughout their day to
calculate their carbon footprints and
exposure to air pollution—both big
concerns in smoggy Los Angeles, where
the project is based. By referencing
GPS and cell towers, the phones upload participants’ locations every few
seconds. Based on these time-location
traces, the PEIR system can infer participant activities (for example, walking, biking, driving, or riding the bus)
throughout the day. The system maps
the combination of location, time, and
activity to Southern California regional air quality and weather data to estimate individual carbon footprint and
exposure to particulate matter. Sensing a participant’s location throughout the day enables more accurate and
previously unavailable information
about environmental harms people
face, as well as the harms they create.
To participate, individuals need to
record and submit a continuous location trace.
Biketastic. This project (http://biket-
astic.com) was designed to improve
bike commuting in Los Angeles, a city
notoriously unfriendly to cyclists. Bikers carry a GPS-enabled mobile phone
during their commute that automatically uploads their bike routes to a
public Web site. The phone also uses
its accelerometer to document the
roughness of the road, and takes audio samples to analyze volume of noise
along the route. Participants can log in
to see their routes combined with ex-
isting data, including air quality, time-sensitive traffic conditions, and traffic
accidents. They can also use the system to share information about their
routes with other riders. By combining
existing local conditions with biker-contributed data, Biketastic will enable area bikers to plan routes with the
least probability of traffic accidents;
with the best air quality; or according
to personal preferences, such as road-surface quality or connections with
public transportation. While Biketastic
shares location data through a public
map, individuals use pseudonymous
user names.
AndWellness. Currently under development, And Wellness is a personal
monitoring tool designed to encourage
behavioral change. It helps clients work
independently or with a coach to document places and times when they stray
from a healthy eating or exercise plan.
During an initial week of documentation, And Wellness prompts users to input personal assessments throughout
the day. These assessments ask users
when they last ate and whether they
were on plan. After a week of tracking
and data analysis, users can see places
and times where they tend to stray from
their plan, and plan interventions to
combat unwanted variations. And Wellness collects not only location, but also
sensitive data about diet and habits.
Individuals might choose to share this
data with a support group, coach, therapist, doctor, family, or friends.
Taking participatory sensing from
a possibility enabled by the mobile-phone network to a coordinated reality
is rife with challenges. Among these
challenges are the ethics of repurposing phones, now used as communication tools, for data collection and sharing. How can individuals determine
when, where, and how they wish to
participate? How much say do they get
over what they wish to document and
share?
Privacy in Participatory sensing
Privacy—the ability to understand,
choose, and control what personal information you share, with whom, and
for how long—is a huge challenge for
participatory sensing. Privacy decisions have many components, including identity (who is asking for the
data?), granularity (how much does the
data reveal about me?), and time (how
long will the data be retained?).
7, 10, 11
Location traces can document and
quantify habits, routines, and personal
associations. Your location might reveal your child’s school, your regular
trips to a therapist or doctor, and times
when you arrived late or left early from
work. These traces are easy to mine and
difficult or impossible to retract once
shared.
Sharing such granular and revealing digital data could have a number
of risks or negative consequences.
Some safety and security threats, such
as thieves or stalkers, are obvious.
Perhaps less apparent—and probably
more likely—are other social consequences. Think about how frequently
you beg off a social engagement with
a little white lie, or keep your location and activities secret to surprise a
friend. Much like Facebook’s ill-fated
Beacon service, participatory sensing
could disrupt the social boundaries we
have come to expect. What if someone
with authority over you (your employer,
the government) collects or accesses
your location data? It’s easy to imagine
a chilling effect on legal, but stigmatized, activities. Would you be as likely
to attend a political protest, or visit a
plastic surgeon, if you knew your location was visible to others? Large databases of location data accessible by
subpoena also could become evidence
for everything from minor civil disputes to messy divorce cases.
Maybe most importantly, privacy is
a vital part of your identity and self-presentation. Deciding what to reveal to
whom is part of deciding who you are.
I might want to track when and where
I tend to overeat, but I see no reason to
share that information with anyone but
my doctor. Similarly, I might take part
in a political data collection project on
the weekend, but that doesn’t mean my
parents need to know. Respecting the
many gradations between public and
private, and giving people the ability to
negotiate those gradations, are integral
to respecting individual privacy.
In the U.S. and Europe, fair information practices are one standard
for protecting the privacy of personal
data. Originally codified in the 1970s,
the Code of Fair Information Practice
outlines data-management principles
to help organizations protect personal
