An informed consent model for managing the privacy paradox in smart buildings

Chehara Pathmabandu, John Grundy, Mohan Baruwal Chhetri, Zubair Baig

Research output: Chapter in Book/Report/Conference proceedingConference PaperResearchpeer-review

2 Citations (Scopus)


Smart Buildings are defined as the 'buildings of the future' and use the latest Internet of Things (IoT) technologies to automate building operations and services. This is to both increase operational efficiency as well as maximize occupant comfort and environmental impact. However, these 'smart devices'-typically used with default settings-also enable the capture and sharing of a variety of sensitive and personal data about the occupants. Given the non-intrusive nature of most IoT devices, individuals have little awareness of what data is being collected about them and what happens to it downstream. Even if they are aware, convenience overrides any privacy concerns, and they do not take sufficient steps to control the data collection, thereby exacerbating the privacy paradox. At the same time, IoT-based building automation systems are revealing highly sensitive insights about the building occupants by synthesizing data from multiple sources and this can be exploited by the device vendors and unauthorised third parties. To address the tension between privacy and convenience in an increasingly connected world, we propose a user-centric informed consent model to foster an accurate user discretion process for privacy choice in IoT-enabled smart buildings the proposed model aims to (a) inform and increase user awareness about how their data is being collected and used, (b) provide fine-grained visibility into privacy compliance and infringement by IoT devices, and (c) recommend corrective actions through nudges (or soft notifications). We illustrate how our proposed consent model works through a use case scenario of a voice-Activated smart office.

Original languageEnglish
Title of host publicationProceedings - 2020 35th IEEE/ACM International Conference on Automated Software Engineering Workshops, ASEW 2020
EditorsClaire Le Goues, David Lo
Place of PublicationNew York NY USA
PublisherIEEE, Institute of Electrical and Electronics Engineers
Number of pages8
ISBN (Electronic)9781450381284
Publication statusPublished - 2020
EventWorkshop on Human Centric Software Engineering & Cyber Security 2020 - Virtual, Melbourne, Australia
Duration: 22 Sep 202025 Sep 2020 (Proceedings) (Website)


ConferenceWorkshop on Human Centric Software Engineering & Cyber Security 2020
Abbreviated titleHCSE&CS 2020
Internet address


  • Informed consent
  • IoT
  • Privacy policies
  • Privacy Preservation
  • Privacy threats
  • Smart Buildings
  • Smart Homes
  • Voice-Assistants

Cite this