Detecting and Visualizing Privacy Issues of Self-Tracking using Provenance Comics

Kurzfassung

Analyzing and processing of data often happens using process chains or workflows, which use heterogeneous data sources such as sensors or cloud services, different analysis tools or apps, and sometimes many people. Data, tools, and involved people could belong to different organizational domains such private belongings, companies, or governmental organizations. To understand and trace how and where data has been stored and processed in such workflows, the provenance of that data can be recorded and evaluated. State-of-the-art for handling provenance, is to define a provenance model based on the W3C standard PROV and to store provenance information in graph databases. Based on the stored provenance, many questions about the data and the workflows can be answered. For example, regarding quality of the data or regarding data privacy. In this talk, we show how to apply this techniques for health and self tracking data. First, we describe an approach for recording provenance of health-related and "Quantified Self" workflows involving multiple sensors and wearables, smartphone apps, and third-party services. We present a provenance data model and describe how to gather and store provenance information from real-world self-tracking use cases. Based on the stored provenance, which are directed acyclic graphs, we demonstrate how to query for privacy issues using graph database queries. Second, we present a visualization technique based on automatically generated comics strips to understand the recorded provenance information. For each of the workflow actions (e.g., getting data from a wearable device or synchronizing data with a commercial cloud), a single comic strip is generated. The whole sequence of comic strips allow everybody who don't have any knowledge about "IT" (software, data flows, graphs etc.) to understand where the data has been generated and stored. Especially, this allows to graphically point to privacy-related issues (e.g., when personal data is stored at a commercial company or accessed by anyone who should not be allowed to see the data).