Privacy’s Past & Future: Discussion with Chris Hoofnagle

12:30-1:20 pm.
William H. Gates Hall Room 117 (room changed).
Lunch provided.
Please RSVP to

Toys That Listen – CHI 2017

What do teddy bears, My Friend Cayla and Barbie have in common? They are all toys connected to the internet that can listen, overhearing what goes on in the home. Security breaches and the privacy challenges of these devices are regularly in the news. During the holiday season of 2015 Hello Barbie faced significant pushback from privacy advocates and the companies involved, Mattel and ToyTalk, were responsive to concerns. This past holiday season a complaint was filed with the Federal Trade Commission over My Friend Cayla’s privacy failures and recently the doll was banned in Germany. Just this week it was revealed that the CloudPets’ teddy bears millions of recordings of parents’ and children’s conversations had been easily accessible online.

Describing them as Toys That Listen, our team at the Tech Policy Lab sought to better understand their privacy and security implications. We began with a hackathon investigating the security of toys like My Friend Cayla, Hello Barbie, Cognitoys Dino and others. We also sought to understand how parents and children viewed their privacy around these toys. We conducted interviews with parent-child pairs in which they interacted with Hello Barbie and CogniToys Dino, shedding light on children’s expectations of the toys’ “intelligence” and parents’ privacy concerns and expectations for parental controls. We found that children were often unaware that others might be able to hear what was said to the toy, and that some parents draw connections between the toys and similar tools not intended as toys (e.g., Siri, Alexa) with which their children already interact. Our findings illuminate people’s mental models and experiences with these emerging technologies and provide a foundation for recommendations to toy designers and policy makers. Read the paper (forthcoming in CHI 2017).

More information about our work is available through conferences we have participated in. In February we led a discussion on privacy and and the connected home at Start With Privacy, a conference organized by the Washington State Office of Privacy and Data Protection. We also joined a panel hosted by the Future of Privacy Forum and Family Online Safety Institute on Kids & the Connected Home and highlighted the portability of toys leading to children bringing new privacy concerns to their friend’s houses.

For questions about this project email


Modern Surveillance Discussion with Author Jennifer Granick

12:30-1:20 pm.
William H. Gates Hall Room 119.
Lunch provided.

Join the Tech Policy Lab for a discussion on modern surveillance with author Jennifer Granick. She recently won the 2016 IIT Chicago-Kent College of Law/Roy C. Palmer Civil Liberties Prize for her book American Spies: Modern Surveillance, Why You Should Care, And What to Do About It. She is the Director of Civil Liberties at the Stanford Center for Internet and Soci­ety. From 2007 to 2010 she served as the Civil Liberties Director at the Electronic Frontier Foundation. (more…)

Knight Foundation Demo Day – Peter Ney

This past July, Lab member Peter Ney presented his work on SeaGlass, a cell-site simulator detection system, at the Knight Foundation Prototype Demo Day in Miami. In the below post, Peter discusses his experience at the event.

In February, the Knight Foundation awarded the Prototype Grant to the SeaGlass team (colead by Ian Smith and me). This grant is designed to fund early-stage projects over a 6 month sprint, and the Demo Day was a chance to showcase our work to the Knight Foundation and the other grantees.

Cell phone surveillance became a hot topic after it was reported that law enforcement has been using cell phone tracking devices, called cell-site simulators, to locate suspects for years with little judicial oversight. To provide independent information on when, where, and how often cell-site simulators are used, we wanted to develop a measurement system that could detect them. We used the grant from Knight to build a monitoring system called SeaGlass that can detect cell-site simulators across a city and be run for long periods of time. After it was built, we tested SeaGlass by deploying it for two months in Seattle and Milwaukee. More details on SeaGlass will be coming in a future write up where we will also cover the technical details cell-site simulators and legal their legal implications. The talk received lots of great questions and feedback on future work.

In addition to presenting, it was also fun to see the progress that the other teams made in just six months. There were lots of exciting projects, all under the broad theme of data. Here are a few of my favorite talks.

Michael Skirpan, of the University of Colorado, designed an immersive theater performance on the future of technology and the ethics of personal data collection called Quantified Self. He described the technical details and lessons learned from the show. Before the performance, attendees give Quantified Self access to data stored in their online profiles. Attendees to the show wear RFID bracelets, so that their data can follow them as they participate in the show. The performance consists of many exhibits that showcase how their data can be used. One fun example was a mock job interview, where the interviewer researches you on social media. By using the real data of attendees, the show was able to make something as abstract as “data” into something that was more personally understood and salient.

Another exciting project was lead by Surya Mattu from ProPublica. Surya has been doing a lot of work reporting on the impacts of machine bias and how black-box algorithms are impacting our lives. He demoed a tool that his team has been developing to help people learn about data discrimination and data bias. The tool let people analyze their own data to determine if it is biased in sensitive ways, like race or gender. Surya hoped that by using the tool, people could gain a better understanding of their data and learn how to avoid using it in harmful or discriminatory ways.

Personalized data has also been used by political campaigns to create targeted political ads. To better understand this targeting, Young Mie Kim, a professor in the School of Journalism at the University of Wisconsin, discussed Project DATA. This is an effort to collect and analyze advertising data sent to real voters. To collect this data, Professor Kim worked with volunteers to record which political ads are displayed to them as they surf the web. Using this ad data, she hopes we can better understand how campaigns disseminate information and why particular voters are targeted.

Fall Distinguished Lecture with Prof. Latanya Sweeney: How Technology Impacts Humans

Join us December 1 for our Fall Distinguished Lecture with renowned technologist and former Chief Technologist for the Federal Trade Commission, Professor Latanya Sweeney.