"I don't own the data": End User Perceptions of Smart Home Device Data Practices and Risks
Paper in proceedings, 2019

Smart homes are more connected than ever before, with a variety of commercial devices available. The use of these devices introduces new security and privacy risks in the home, and needs for helping users to understand and mitigate those risks. However, we still know little about how everyday users understand the data practices of smart home devices, and their concerns and behaviors regarding those practices. To bridge this gap, we conducted a semi-structured interview study with 23 smart home users to explore what people think about smart home device data collection, sharing, and usage practices; how that knowledge affects their perceived risks of security and privacy; and the actions they take to resolve those risks. Our results reveal that while people are uncertain about manufacturers' data practices, users' knowledge of their smart home does not strongly influence their threat models and protection behaviors. Instead, users' perceptions and concerns are largely shaped by their experiences in other computing contexts and with organizations. Based on our findings, we provide several recommendations for policymakers, researchers and designers to contribute to users' risk awareness and security and privacy practices in the smart home.


Madiha Tabassum

The University of North Carolina at Charlotte

Tomasz Kosinski

Chalmers, Computer Science and Engineering (Chalmers), Interaction Design (Chalmers)

Heather Richter Lipford

The University of North Carolina at Charlotte

Symposium on Usable Privacy and Security (SOUPS)


Fifteenth Symposium on Usable Privacy and Security (SOUPS 2019)
Santa Clara, CA, USA,

WASP - Security for Autonomous Systems

Knut and Alice Wallenberg Foundation, 2016-03-01 -- 2021-02-28.

Areas of Advance

Information and Communication Technology

Driving Forces

Sustainable development

Subject Categories

Human Computer Interaction



More information

Latest update