The growing ubiquity of “smart” devices in our everyday lives makes it increasingly more difficult for users to retain control over their own data. Especially with Internet of Things (IoT) devices having independent network connections, or with companion apps of smart devices requiring user accounts and sensitive permissions on the smartphone, there is a risk of personally identifiable information (PII) being transmitted to manufacturers and third parties in addition to telemetry and functional data. Particularly when smart devices have their own network connection or the associated companion apps require a user account or sensitive permissions on the smartphone, there is a risk that, in addition to telemetry or functional data, personal or personally identifiable data can be leaked by the app or the device to manufacturers and third parties unnoticed via network traffic.
In our project, we investigate the level of data protection in smart environments systematically based on exploratory studies of modern app-assisted devices. Our focus is on the analysis of data flows which have received only sporadic attention yet, and for which new types of tools need to be developed. Regarding the human factors in everyday technology use, we want to conduct qualitative and quantitative studies on users’ security and privacy perception in smart environments. Our focus here is on the visualization and analysis of data flows that have received only sporadic attention from a data protection perspective to date and for which new types of tools need to be developed. With regard to the human factor in everyday digitization, our subproject also wants to conduct qualitative and quantitative studies on users’ security and data protection awareness.