A 2017-18 Social Science Plus Pilot Project
- Research Question
An increasing number of
household devices are now "smart" in that they contain sensors, record activity,
and share and store data - from teddy bears, door locks to smart TVs. However,
little research exists on the gender-based implications such devices have in
the context of the domestic household and, specifically, intimate controlling
behaviour like gender-based violence and abuse. We therefore address the
following research question: How will IoT impact on gender-based domestic violence and abuse and
what socio-technical measures will
need to be implemented in order to mitigate against those risks?
In the course of the project we
aim to understand: (1) the role and impact "Internet of Things" (IoT) technologies have on victims of
domestic violence and abuse; (2) the potential risk trajectories that may arise from those devices
and services; and (3) the awareness victims and corresponding services (such as women's' shelters, police)
exhibit, and strategies
they apply to
mitigate those risks.
- Focus, rationale and societal relevance
Domestic violence and abuse continues to affect primarily women and girls, with more than 1.2 million females in England and Wales having reported domestic abuse cases ending March 2017. In recent years, forms of online harassment and sexual abuse facilitated through information and communication technologies (ICT) emerged. These ICT-supported assaults range from cyber stalking to online behavioural control. The UK domestic violence charity, Refuge, has warned about the rise of "tech abuse" and women-centred organisations have recently begun to provide guidance and training on the safe use of digital technologies.
While many of these efforts are concerned with 'conventional' cyber risks such as abuses on social media platforms and restrictions to devices such as laptops and phones, emerging "Internet of Things" technologies such as 'smart' meters, locks, and cameras expand domestic violence victim's risk trajectories further. Deployed in the household and often disguised in terms of their ability to sense, accentuate, and collect private data, IoT creates novel cyber-physical attack vectors. These technologies offer unique and potentially unforeseen means to exacerbate perpetrators ability to manipulate and dominate (e.g., remote control of heating), and have so far been left unexplored in both the academic and practitioner literature.
The proposed study therefore aims to analyse these
evolving IoT privacy and security risks in the context of domestic violence and
abuse and will provide guidance for services that engage and help victims
(e.g., women's shelters, police) as well as IoT developers that have to
consider the potential misuse of their devices and services.
- Research design and methodology
Subject to successful ethical approval, the research will use the following methods:
Data Collection Approaches
Interviews (n=7) and focus groups (n=24) with women-centred charities, subject-experts including academics, and representatives of services such as regional police forces.
Out of consideration for the victims and in order to minimise distress to them, we will not conduct interviews with affected parties themselves; The analysis of data flows and the configuration and settings of selected IoT devices.
Thematic Analysis is a social science method which involves the extraction of key insights from datasets such as interviews. The method will allow us to identify:
Which strategies stakeholders are currently deploying to mitigate against tech abuse;
What developments stakeholder have observed with regards to risk deriving from IoT technologies
Which devices are most likely to be used (or are already being used) in cases of domestic violence and abuse.
Usable Security Analysis techniques provide insight into how humans interact with technologies. These techniques will be employed to identify from the analysis of IoT data flows, configuration, and settings:
- Emerging IoT privacy and security risk trajectories which may be exploited by a perpetrator;
- The usability of IoT devices which may impact on victims' ability to control these technologies;
- The efficacy of existing strategies promoted by stakeholders to mitigate against IoT risks;
- The combination of these methods will allow us to structure the engagement with participants, and relate current understanding to existing measures to enhance socio-technical guidance on mitigating emerging IoT risks.