Although many smart devices are capable of advanced audio capture, there are few protections to support users’ awareness of what if recorded and when. We conducted interviews, focus groups, and participatory design sessions to understand users’ attitudes toward audio capture and to explore design solutions. Based on participant perspectives and design ideas, we make recommendations for software, hardware, and policy solutions that can support people’s audio data privacy goals.
Understanding user attitudes towards malicious audio recording on smart devices
Undergraduate Research Assistant
Design and conduct interviews with the general population as well as blind and low-vision participants
Design participatory design sessions with special care to make the sessions accessible to all participants
Qualitative analysis of interview data and presentation of findings
Graduate research at the User Empowerment Lab
Undergraduate Research Assistant
Principal Investigator of the User Empowerment Lab
We recruited participants from three population sets:
We wanted to understand the perception and attitudes of participants from the general population
Blind or low-vision
Designers often cater products to blind and low-vision users by developing voice driven features, but relying on audio increases the likelihood that sensitive data is collected from these participants.
Affiliated with Undocumented Communities
We took special care to include participants affiliated with undocumented communities because these participants face significant risk if their audio data is leaked, hacked, or otherwise compromised.
We developed an interview protocol for each participant group, making small changes or additions as needed. The interview protocol was designed to get an in depth understanding of particular participants attitudes towards audio capture and microphone security.
Focus groups were conducted only with general population participants. The protocol was very similar to the interview protocol with small changes made to encourage group discussion among the participants.
Design Sessions were conducted with general population and blind or low-vision participants. Participants in design sessions were asked to solve one of eight concerns brought up by interview and focus group participants using one of eight possible modalities (sound, light, pop-up message, legislation).
Participants responses fall into two categories: concerned and unconcerned. The concerned and unconcerned users can be described by their attitudes towards five factors described below: trust, recording, control, consequences, and reactions.
Students had previously been offered two resources to help with academic planning at the UW.
Trust: Express incomplete or tentative trust in companies
Recording: Feel recording is innately creepy or invasive
Control: Wants to maintain control over personal data
Consequences: Predict significant consequences to audio capture or express frustration over the uncertainty of potential consequences
Reactions: Take steps to manage how and when audio is recorded on their smart devices
Trust: Trust that companies will do what is best for their customers
Recording: Are not bothered by audio recording
Control: Do not need to maintain control over data and trust companies to responsibly steward their information
Consequences: Do not see foresee grave consequences of audio capture
Reactions: Do not invest time or energy in protecting their audio data
Notifying users of audio recording
Visual or tactile cues that change to reflect the status of device microphone
Surfacing usage data so participants can track how and when audio is collected
Improving end-user agreements
Improving readability of terms and conditions
Repeatedly asking for permission
Surfacing downstream effects
Targeted advertisements indicate when they are selected based on audio data
Emphasize potential consequences when the user agrees to audio capture
Based on these findings we recommend "A La Carte Design" which combats the all-or-nothing decisions many users are forced to make when making decisions about their privacy.
The "A la Carte" approach decouples invasive features and allows users to make informed decisions about their privacy and helps accommodate users who see value overall in a platform or service but may be uncomfortable with some aspects of the data collection.
There are two main principles of this approach:
1. Scoping data collection down to the minimum needed for a service
2. Allow users to remove aspects they find invasive while continuing to engage with as much of the service as possible.
We believe that these guidelines can help lead the industry to a more sensitive and inclusive design of microphone access on smart devices.