Marc Langheinrich — Privacy Pioneer In UbiComp
Marc Langheinrich was born on February 25, 1971. Langheinrich is a professor in the computer science department at the Università della Svizzera Italiana (USI) in Lugano, Switzerland. In USI, he is also the head of the research group of Ubiquitous Computing since September 2008. In 1997, he received a masters degree in computer science from the University of Bielefeld, Germany. In 2005, he received his Ph.D. in the area of privacy and ubiquitous computing from ETH Zurich, Switzerland. For his Ph.D., he worked on a topic called “Personal Privacy in Ubiquitous Computing”. Other than the research, Langheinrich is also active in the UbiComp community. He has been General Co-Chair for PerCom 2012, Ubicomp 2010, and UbiComp 2015. He has also been Program Co-Chair for UbiComp 2013.
Field of Interest
Marc Langheinrich’s main filed of interest has been privacy in the field of Ubiquitous computing. Although his main interest is privacy, he also conducts researches in the field of security, and user usability issues in the area of ubiquitous computing and pervasive computing. His other interest in research includes usable security and pervasive displays.
Contribution to the UbiComp
On September 30th, 2001, Langheinrich published a paper titled “Privacy by design — Principles of Privacy-Aware Ubiquitous Systems”. It was published in the international conference on Ubiquitous Computing and the official publishers were Springer, Berlin, and Heidelberg. The primary purpose of the paper is to provide the introductory reading/guidance to the privacy issues in the field of ubiquitous computing. He developed six principles to provide guidance to the system design process based on the information of the most common practice in most of the privacy legislation that was in use at the time of the paper published (2001).
The Six Principles
- Notice — This principle is about the hidden data collection in any of the ubicomp systems and how to prevent them. UbiComp system has to collect data on a regular basis to provide satisfactory services to the end-user. This principle talks about how to publish policies in the UbiComp system.
- Choice and Consent — In general, the law requires explicit consent by the end-user. Declaring the data collection as a disclaimer does not allow any system to collect the data. The user’s permission is also an integral part of it. This principle talks about the importance of the choice and the consent of the user over their private data and how much they are willing to give away the data. This principle also talks about how to ask the user for their consentient on the devices without the screen.
- Anonymity and Pseudonymity — This principle is an alternative way of collecting data without requiring consent by the end-user. In this technique, the system will collect the data without requiring the user to revealing the identity of the user. The advantage of anonymity is to collect some of the useful data without any charge. This principle also talks more in detail about the consequences of the pseudonyms and how it can reveal the true identity of the user.
- Proximity and Locality — The main concept of this rule is a device only records information when the owner is around, and the local information should stay local. This is a solution if the notice and consent are harder to deliver in the system.
- Adequate Security — All the privacy talks eventually led to the talk of the security of the system. This rule talks about how the importance of the security should be divided on the base of the battery status, type of data and its transmission, the function of the system. It also talks about how the real-world has complex solution-dependent requirements of the security.
- Access and Recourse — This rule fall under the realm of legal practice. The main concept of the rule is that all identifiable data should be accessible by the end-user to review, to make changes, or to delete it. The data collection system should be accountable for the privacy of personal data.
The era of ubiquitous computing began in the late ’90s. This research paper was published almost a decade after the ubiquitous computing era began. At the time of the release of the paper, some work had already been done in the security of computing but there was very minimal work done in the world of ubiquitous computing with the aspect of privacy. This paper gave a lot of legal and technical information regarding the privacy and the system development of the ubicomp system.
Other research work and projects
Other than the privacy in ubiquitous systems, Marc Langheinrich and his research group work on many different projects involving ubiquitous computing and pervasive computing. One of their main purpose of the research has always been to provide usable and secure ubiquitous systems that provide the benefit of easy to use and the increase the engagement if the system.
Some of their recent project work related to ubiquitous computing and privacy are listed below:
- SHARING21 — Future Digital Sharing Interfaces (October 2014 — September 2018)
The goal of this project was to understand the current practices of sharing personal content and to uncover corresponding the user’s concern. This aims to solve this issue by designing a user interface that empowers end-user to keep control of their shared data in a world full of autonomous IoT devices.
2. PALS — Privacy-Aware Location Sharing (April 2010 — August 2013)
A lot of people give away their current location info just to get the benefit of location-based services such as Yelp, Google search of a specific type of place. The goal of this project was to design and implement novel methods and tools to facilitate the privacy-aware sharing of location data with friends, strangers, and operators.
3. SAPIENT — Supporting Fundamental Rights, Privacy and Ethics in Surveillance Technologies (March 2011 — June 2014)
The aim of this project was to specify how and when smart surveillance should be used or not used. They developed the set of criteria for data protection and integrity that could be used to verify that the data sharing and the data usage by the stakeholders are done with respect of the privacy of the citizen.
Resources
Langheinrich, M. (2001). Privacy by Design — Principles of Privacy-Aware Ubiquitous Systems. Ubicomp 2001: Ubiquitous Computing Lecture Notes in Computer Science, 273–291. doi: 10.1007/3–540–45427–6_23
Langheinrich, M. (2009). Privacy in Ubiquitous Computing. Ubiquitous Computing Fundamentals, 95–159. doi: 10.1201/9781420093612.ch3
Elhart, I. (2018, February 19). UbiComp @ USI Lugano. Retrieved April 17, 2020, from https://uc.inf.usi.ch/team/langheinrich/
Marc Langheinrich. (2020). Retrieved April 17, 2020, from https://pd-net.org/consortium/university-of-lugano/marc-langheinrich/
