Understanding identity exposure in pervasive computing environments

Various miniaturized computing devices that store our identity information are emerging rapidly and are likely to become ubiquitous in the future. They allow private information to be exposed and accessed easily via wireless networks. When identity and context information is gathered by pervasive computing devices, personal privacy might be sacrificed to a greater extent than ever before. People whose information is targeted may have different privacy protection skills, awareness, and privacy preferences. In this research, we studied the following issues and their relations: (a) identity information that people think is important to keep private; (b) actions that people claim to take to protect their identities and privacy; (c) privacy concerns; (d) how people expose their identity information in pervasive computing environments; and (e) how our RationalExposure model can help minimize unnecessary identity exposure. We conducted the research in three stages, a comprehensive survey and two in-lab experiments. We built a simulated pervasive computing shopping system, called InfoSource. It consisted of two applications and our RationalExposure model. Our data show that identity exposure decisions depended on participants' attitudes about maintaining privacy, but did not depend on participants' concerns or security actions that they claimed to have taken. Our RationalExposure model did help the participants reduce unnecessary disclosures. (C) 2011 Elsevier B.V. All rights reserved.