Project: Privacy Policy for Medicine

Name: Privacy Policy for Medicine

TItle: Fine Grained User Control and Enforcement of Privacy Policies in Medical Studies

Description: Pervasive Sensing has made it possible to conduct large scale user studies with continuous monitoring of digital biomarkers - measurable indicators of a user's physiological state. There is a significant body of work proving the significance of studies enabled by pervasive sensing and IoT. Through sensing enabled mobile devices such as smartphones and wearables, these studies have become easier to conduct and are less disruptive of user habit, with the benefit of having multiple modalities for streaming user data. But despite studies showing that users are willing to participate in these studies to benefit science, users also express serious concern over the access and usage of their data. Unfortunately, the current consent model used in these scientific studies have not yet addressed this problem - it does not grant users the freedom to choose what data and how their data is used, instead opting for the "take-it-or-leave-it" model. In this model, participants must consent to usage of all the requested data, or not consent at all. This consent model is not only detrimental to study participants, leaving them no room to express the privacy policies on their data, it also harms the study, turning away participants with diverse biomarkers who do not agree with all data usage policies outlined by the study. This work focuses on providing a privacy policy language that can express the fine-grained requirements of user privacy policies and a system for granting users agency in enforcing their policies.

Status: Active Project

Main Research Area: Privacy, Security, and Integrity