Inside the Bitter Campus Privacy Battle Over Smart Building Sensors (technologyreview.com) 50
An anonymous reader quotes a report from MIT Technology Review: When computer science students and faculty at Carnegie Mellon University's Institute for Software Research returned to campus in the summer of 2020, there was a lot to adjust to. Beyond the inevitable strangeness of being around colleagues again after months of social distancing, the department was also moving into a brand-new building: the 90,000-square-foot, state-of-the-art TCS Hall. The hall's futuristic features included carbon dioxide sensors that automatically pipe in fresh air, a rain garden, a yard for robots and drones, and experimental super-sensing devices called Mites. Mounted in more than 300 locations throughout the building, these light-switch-size devices can measure 12 types of data -- including motion and sound. Mites were embedded on the walls and ceilings of hallways, in conference rooms, and in private offices, all as part of a research project on smart buildings led by CMU professor Yuvraj Agarwal and PhD student Sudershan Boovaraghavan and including another professor, Chris Harrison. "The overall goal of this project," Agarwal explained at an April 2021 town hall meeting for students and faculty, is to "build a safe, secure, and easy-to-use IoT [Internet of Things] infrastructure," referring to a network of sensor-equipped physical objects like smart light bulbs, thermostats, and TVs that can connect to the internet and share information wirelessly.
Not everyone was pleased to find the building full of Mites. Some in the department felt that the project violated their privacy rather than protected it. In particular, students and faculty whose research focused more on the social impacts of technology felt that the device's microphone, infrared sensor, thermometer, and six other sensors, which together could at least sense when a space was occupied, would subject them to experimental surveillance without their consent. "It's not okay to install these by default," says David Widder, a final-year PhD candidate in software engineering, who became one of the department's most vocal voices against Mites. "I don't want to live in a world where one's employer installing networked sensors in your office without asking you first is a model for other organizations to follow." All technology users face similar questions about how and where to draw a personal line when it comes to privacy. But outside of our own homes (and sometimes within them), we increasingly lack autonomy over these decisions. Instead, our privacy is determined by the choices of the people around us. Walking into a friend's house, a retail store, or just down a public street leaves us open to many different types of surveillance over which we have little control. Against a backdrop of skyrocketing workplace surveillance, prolific data collection, increasing cybersecurity risks, rising concerns about privacy and smart technologies, and fraught power dynamics around free speech in academic institutions, Mites became a lightning rod within the Institute for Software Research.
Voices on both sides of the issue were aware that the Mites project could have an impact far beyond TCS Hall. After all, Carnegie Mellon is a top-tier research university in science, technology, and engineering, and how it handles this research may influence how sensors will be deployed elsewhere. "When we do something, companies [and] other universities listen," says Widder. Indeed, the Mites researchers hoped that the process they'd gone through "could actually be a blueprint for smaller universities" looking to do similar research, says Agarwal, an associate professor in computer science who has been developing and testing machine learning for IoT devices for a decade. But the crucial question is what happens if -- or when -- the super-sensors graduate from Carnegie Mellon, are commercialized, and make their way into smart buildings the world over. The conflict is, in essence, an attempt by one of the world's top computer science departments to litigate thorny questions around privacy, anonymity, and consent. But it has deteriorated from an academic discussion into a bitter dispute, complete with accusations of bullying, vandalism, misinformation, and workplace retaliation. As in so many conversations about privacy, the two sides have been talking past each other, with seemingly incompatible conceptions of what privacy means and when consent should be required. Ultimately, if the people whose research sets the agenda for technology choices are unable to come to a consensus on privacy, where does that leave the rest of us?
Not everyone was pleased to find the building full of Mites. Some in the department felt that the project violated their privacy rather than protected it. In particular, students and faculty whose research focused more on the social impacts of technology felt that the device's microphone, infrared sensor, thermometer, and six other sensors, which together could at least sense when a space was occupied, would subject them to experimental surveillance without their consent. "It's not okay to install these by default," says David Widder, a final-year PhD candidate in software engineering, who became one of the department's most vocal voices against Mites. "I don't want to live in a world where one's employer installing networked sensors in your office without asking you first is a model for other organizations to follow." All technology users face similar questions about how and where to draw a personal line when it comes to privacy. But outside of our own homes (and sometimes within them), we increasingly lack autonomy over these decisions. Instead, our privacy is determined by the choices of the people around us. Walking into a friend's house, a retail store, or just down a public street leaves us open to many different types of surveillance over which we have little control. Against a backdrop of skyrocketing workplace surveillance, prolific data collection, increasing cybersecurity risks, rising concerns about privacy and smart technologies, and fraught power dynamics around free speech in academic institutions, Mites became a lightning rod within the Institute for Software Research.
Voices on both sides of the issue were aware that the Mites project could have an impact far beyond TCS Hall. After all, Carnegie Mellon is a top-tier research university in science, technology, and engineering, and how it handles this research may influence how sensors will be deployed elsewhere. "When we do something, companies [and] other universities listen," says Widder. Indeed, the Mites researchers hoped that the process they'd gone through "could actually be a blueprint for smaller universities" looking to do similar research, says Agarwal, an associate professor in computer science who has been developing and testing machine learning for IoT devices for a decade. But the crucial question is what happens if -- or when -- the super-sensors graduate from Carnegie Mellon, are commercialized, and make their way into smart buildings the world over. The conflict is, in essence, an attempt by one of the world's top computer science departments to litigate thorny questions around privacy, anonymity, and consent. But it has deteriorated from an academic discussion into a bitter dispute, complete with accusations of bullying, vandalism, misinformation, and workplace retaliation. As in so many conversations about privacy, the two sides have been talking past each other, with seemingly incompatible conceptions of what privacy means and when consent should be required. Ultimately, if the people whose research sets the agenda for technology choices are unable to come to a consensus on privacy, where does that leave the rest of us?
tldr (Score:1)
Re:tldr (Score:5, Insightful)
is that a summary or the whole article
Pretty much. But a slightly longer summary of the summary is: "It's a good idea to talk to people before installing sensors in their offices."
Re:tldr (Score:5, Insightful)
Also, smile nicely before installing the TV screen that can be dimmed but not turned off.
Re: tldr (Score:2)
The hackers and governmental agencies with backdoor access to your sensors agree with your assessment that your privacy is very, very, very important, and that it's beat served by means of tens of microphones spread all around your property. Please make sure to install they all as soon as possible. Only you and them will send what's going on, so you can feel pretty save already, no two ways about that.
Re: (Score:1)
The onus is on YOU to give a damn good reason why I should be deprived of that right.
Sure!
a) It isn't your property. Proof: try not paying the government the rent you owe them for using their land, and see how long "your" property continues being "yours".
b) Since the government owns it, the government defines how it's going to be used.
c) The government is composed of the entirety of the population. Hence, the entirety of the population gets to decide how their property is to be used.
d) In the US, that decision is done via representatives, voted in by the population, who do so by means of so
Re: (Score:2)
Why? (Score:2)
BUT, the idea of
Re: (Score:2)
I have missed breakdown of TCS Hall. It is Tata Consultancy Services Hall.
Re: (Score:2)
Well, here's one of your problems! (Score:5, Informative)
"The Mites team posted signs around the building—in hallways, common areas, stairwells, and some rooms—explaining what the devices were and what they would collect. Eventually, the researchers added a QR code linking to the project’s 20-page FAQ document. The signs were small, laminated letter-size papers that some visitors said were easy to miss and hard to understand."
That's a problem. That's a huge problem for any project.
If you have to take 20 pages to tackle frequently asked questions then you have fucked up. There were lots of fuck ups in that project but that's one worth looking into more. Why the hell would it take 20 pages if this was as the researchers put it, "simple". It wouldn't!
Too many in on this were too concerned with what they could do and didn't give a single thought to what people would perceive it to be doing.
Re: (Score:2)
Flip side, if you found a letter size page hard to read and understand, why are you studying at a University and not at a kindergarten?
The signs were hard to understand because the folks at Uni actually had to do something instead of getting above-average grades for just showing up to protest marches.
Re: (Score:3, Funny)
If you have to take 20 pages to tackle frequently asked questions then you have fucked up. There were lots of fuck ups in that project but that's one worth looking into more. Why the hell would it take 20 pages if this was as the researchers put it, "simple". It wouldn't!
Once something becomes controversial the number of question going around has little to do with the complexity or simplicity of the thing itself. "273. Can the Mites cause cancer? No, they emit no radiation of any kind. 274. Can the Mites spread Covid? No, they don't spread pathogens at all. 275. Can the Mites cause pregnancy? No. How could you even...? 276. ..."
Re: (Score:2)
Re: (Score:2)
Even still they emit radiation of some kind (maybe not much, or dangerous), heat is a form of radiation, if the circuits produce heat and it is emitted the device emits radiation.
Re: (Score:2)
Why the hell would it take 20 pages if this was as the researchers put it, "simple". It wouldn't!
Not really. The concept or project probably is simple. The fact that humans turn anything into a frigging storm in a teacup is what makes something complex.
Re: (Score:2)
Digging the mites out of the walls and crushing them seems like an option ...
- it's broken, again, really perhaps our security is not very good ...
Re: (Score:2)
> The signs were small, laminated letter-size papers
> that some visitors said were easy to miss and hard
> to understand."
I'm not sure about the "hard to understand" bit. One would think that the software research building at an engineering school would be populated by people savvy enough to work out how to use a QR code and understand research abstracts. I know engineers can be notorious for poor documentation. But for researchers, "publish or perish" is usually the rule and most papers I've had
Re: (Score:2)
Sure. But according to TFS, this is a new research facility, not the undergrad instructional building. So we're talking about MS and PhD candidates and post-doc researchers here, not 4-year CS students. Researchers need to be competent communicators in order to apply for and get their grants in the first place. Then they need to be able to publish the results on their research in scientific or academic journals; many of which will reject papers for revision versus editing and correcting them, lest the p
Re: (Score:2)
Who's to say there aren't visitors from "that some visitors said were easy to miss and hard to understand" that aren't research grads, or professors?
Re: (Score:2)
>Why the hell would it take 20 pages if this was as the researchers put it, "simple". It wouldn't!
Exactly.
Instead, the new tracking should have simply been explained at that morning's Two Minute Hate!
hawk, being practical
Common (Score:5, Interesting)
These buildings likely already have security cameras. Worrying about sensors that can detect if someone is in the area, seem silly when there are actual security cameras, and often keycard access.
The only real concern with these is the microphone. If they can pickup voices, that is a major problem.
Most commercial buildings already have security cameras and sensors to detect temperature, humidity, CO2, and motion.
Basically every building that people inhabit has at least temperature sensors.
Any green building is going to need the temperature, CO2/motion, and humidity.
device's microphone, infrared sensor, thermometer, and six other sensors, which together could at least sense when a space was occupied, would subject them to experimental surveillance without their consent
" at least sense when a space was occupied"
code can actually require occupancy sensors. Modern buildings are sealed very tight and need active ventilation. Even ERV/HRV units are not 100% efficient at transferring heat/humidity between the exhaust air to the intake air, so it makes sense to trigger them only when needed. The best way is measuring CO2, but motion sensors can also work.
Re: (Score:1)
>>Most commercial buildings already have security cameras and sensors to detect temperature, humidity, CO2, and motion.
Yes, but we can't prof- I mean, learn off those. They're simple closed-loop just-fucking-works sensors that have existed for decades.
We want probes that phone home and record everything, we want IoT. Cameras are nice but have access controls and legal bounds, we want to skirt that with harvests we can do whatever we want with. Once the previous few words have been proven we'll tell other organizations, they too like the sound of those words and will pay us for the chance to apply them to other sites.
Re:Common (Score:5, Insightful)
Problems occur when you install this in designated offices. If you do this in the personal office of employee X, you have a pretty good idea that employee X is in his office when the sensors sense someone is there. And that is a privacy intrusion.
Re: (Score:3)
Microphones, though, that would be unusual in private o
Re: (Score:2)
....Still, a lot of places, like schools, already have central intercoms, which, of course, necessarily include microphones in the classrooms.
Not necessarily. I work in a high school that has an intercom system that only works one way, there are no microphones in the classrooms much less any wires that could physically carry the signal back to the base unit (which doesn't even have a speaker in it anyway... I know because it's had issues with shorts and has been disassembled/rebuilt more than once). A previous school I worked at did have microphones for two-way communication with the office, but nobody ever found a way to secretly enable a class
Re: (Score:2)
Re: (Score:2)
device's microphone, infrared sensor, thermometer, and six other sensors, which together could at least sense when a space was occupied, would subject them to experimental surveillance without their consent
TIL The Clapper, my security system's motion detector, and my thermostat are "experimental surveillance".
How about we stop sensationalizing common longstanding technology and making it out to be some kind of security or privacy invasion? Unless we know the microphone is recording audio and not just detecting levels periodically as a presence sensor it's not any kind of surveillance. Unless the "infrared sensor" is an actual thermal camera that can identify someone by heat signature and not just a PIR mo
Re: (Score:1)
... ambient temperature, relative atmospheric humidity, pressure, magnetic fields, vibrations, motion, light intensity, light color, WiFi signal strength, thermal temperature, electromagnetic noise, Bluetooth devices nearby, and sound. The raw data obtained from the sensors on each Mites device is processed on the device in a series of steps that essentially convert it into a non-reconstructable featurized representation that consists of basic statistical features (min, max, range, average, sum, standard deviation, and centroid) and aggregated frequency representation values (using a Fast Fourier Transform (FFT)).
So it can't record your conversation but can tell when you fart.
I can see the issue (Score:5, Interesting)
This seems to happen a fair bit in academia nowadays (disclaimer: I'm staff in a university STEM department). The claim is always "we are just doing research", when the real goal is to product-ize and sell it as quickly as possible (our university has a very large team specifically dedicated to helping faculty do this).
The ultra-cynical side of me wouldn't be surprised if even the "research" data that's currently being collected will get floated out there to see if there's a market for it.
Re:I can see the issue (Score:5, Interesting)
Privacy is being eradicated (Score:5, Insightful)
Consistently, people with the lowest privacy standards are allowed serve as useful idiots and make decisions affecting everybody, especially including people who have more reasonable standards. Also consistently, the only people allowed to "opt out" are rich and powerful. People like Zuckerberg should be forced to explain their own carefully-protected privacy by answering the question they so often pose to others: "If you aren't doing anything wrong, why should you care?"
As far as I can tell, the most accessible, "anyone can play" method for thwarting such wholesale assaults on privacy is to find some way to poison the data pool. Specific methods would have to vary from one situation to another, but the aim should always be to undermine the accuracy and integrity of mass surveillance data. If it has no value, there won't be the same incentive to go to the expense of collecting and managing it.
I have some thoughts on aggressively protecting the right to have a reasonable expectation of privacy in public and semi-public spaces, but that's a topic for another time.
Re: (Score:1)
Re: (Score:2)
I'm told there's more than one way to skin that particular cat. It pisses me off that cops routinely get surveillance video from doorbell companies. It's no secret that they're sometimes the biggest, nastiest bunch of gangsters in their jurisdiction. I trust them like I'd trust a starving hyena with a three year old kid.
Academic Call Center (Score:2)
According to TFA, Mites are installed everywhere but the bathrooms. So, every moment of your day could be tracked down to the minute, and just because they supposedly scramble the audio right now does not mean that some malicious actor could not access them directly. This just seems like an academic call center, a dystopian administrator's wet dream to "put those professors to work."
"Smart" is dumb (Score:2)
Given how difficult it is to apply OTA updates to IoT devices, how long until a bright CMU student hacks one and compromises the entire system?
What data do these even collect? (Score:2)
Unless they're scanning for WiFi or Bluetooth to identify specific devices and linking them to users, or using some kind of facial recognition or other biometric data, there's no good argument against these. Having the building know when it can turn lights off or when it needs to turn on ventilation is good. It's not invasive if it has no idea who you are and just knows someone is there.
Without asking you first? (Score:3)
"It's not okay to install these by default," says David Widder, a final-year PhD candidate in software engineering, who became one of the department's most vocal voices against Mites. "I don't want to live in a world where one's employer installing networked sensors in your office without asking you first is a model for other organizations to follow."
Have fun living in another world then. If it's their building, they don't have to "ask you first".
Pro Tip for when you leave grad school and get a real job:
-- Employers can do all kinds of stuff with their company and assets w/o asking their employees first.
I was unaware ... (Score:2)
students and faculty whose research focused more on the social impacts of technology
These sound like occupancy and environment sensors. The sorts of things that turn lights on and off and adjust the HVAC automatically. The sort of technology that we will need to implement smart buildings and grids. And save the planet.
Whole lecture hall found dead... (Score:2)
...after CO_2 sensors fail and students asphyxiate.
Re: (Score:2)
Re: (Score:1)