Data portability as a tool for audit
Abstract
Pervasive systems are almost omnipresent in their collection andprocessing of personal data. Understanding what these systems ar edoing is essential for trust, and to ensure that data being collected are accurate. Auditing these systems can help to determine the accuracy of these data. Such audit may take place internally by systems designers, but external audit is important for accountability. In this paper we explore whether users can conduct their own external audit of the systems with which they interact. In particular, we use the Right to Data Portability afforded to data subjects through the General Data Protection Regulation. Using fitness trackers, we collect and upload running data to a set of data controllers. By using data portability to then obtain a copy of our data, we compare the data held by the controllers with our ground-truth data. We find some inaccuracies in the data, but also that audit can be impeded by insufficient explanations from data controllers.
Citation
Zwiebelmann , Z & Henderson , T 2021 , Data portability as a tool for audit . in UbiComp '21: Adjunct Proceedings of the 2021 ACM International Joint Conference on Pervasive and Ubiquitous Computing and Proceedings of the 2021 ACM International Symposium on Wearable Computers . ACM , pp. 276–280 , Workshop on Reviewable and Auditable Pervasive Systems (WRAPS) , 25/09/21 . https://doi.org/10.1145/3460418.3479343 workshop
Publication
UbiComp '21: Adjunct Proceedings of the 2021 ACM International Joint Conference on Pervasive and Ubiquitous Computing and Proceedings of the 2021 ACM International Symposium on Wearable Computers
Type
Conference item
Collections
Items in the St Andrews Research Repository are protected by copyright, with all rights reserved, unless otherwise indicated.