LLM-based Conversational Agents and Risks for Individuals’ Privacy, Society, and Democracy
Within this project, we study the risks related to the use of LLM-based conversational agents (CAs) as well as people’s concerns toward such technology. We apply multidisciplinary methods, to quantify the threats related to privacy attacks, disinformation, and manipulation based on LLM-based conversational agent technology and related user data.
Based on HCI approaches, such as user surveys, we answer questions related to people’s data-sharing behavior and the usage purpose of LLM systems. [PETS 2025]
Furthermore, applying more technical approaches, we identify what type of personal information can be available to a conversational agent from their interaction with end-users, for example, using diverse inferential methods. Finally, we study the potential use of personal data and LLM-based power as a leverage to widespread disinformative content, and what the related risks are for democracy and society in general. This project is partially supported by the Hasler Foundation with grant #2024-04-29-51.
Large-scale data collection of wearable activity trackers to assess utility and privacy
This contribution is about understanding wearable activity tracker (WAT) users, privacy and utility perceptions,impact of usage, and privacy threats through alarge-scale WAT user data collection and analysis (e.g., heart rate and step-count time series), supported by surveys and interviews. In total, three articles were published based on a massive in-situ experiment and data collection I designed and led during summer 2020. To this aim, I recruited 230 participants and provided them with a new Fitbit Inspire HR device. For four months, all the data collected by their device was collected using a third-party application that I developed. This was mainly supported by the Swiss National Science Foundation with Grant #200021_178978 (PrivateLife), and by armasuisse S+T with Grant #CYD-C-2020007.
This dataset and the related articles help to better understand privacy concerns of WAT users, their mental model of the WAT general ecosystem, as well as their daily usage of their device [IMWUT 2021]. It was also used to describe (quantitatively and qualitatively) the impact of WAT usage on the users’ perception of their body. [CHB 2024]
Finally, I used those data to evaluate the extent to which WAT users’ data, such as heart rate and step count data series, can be used to infer the user’s personality traits and why it can pose a major threat to privacy, and defined data obfuscation techniques that consist of effective mitigation methods to counter the inference attack. [Usenix Security 2023]
Understanding wearable activity tracker users’ personal-data sharing behavior and developing privacy-enhancing technologies
This work first consists of a user-survey study describing wearable activity tracker (WAT) users’ personal-data sharing behavior, their understanding (including mental models) of the WAT data-sharing ecosystem, as well as the potential for the adoption of privacy-enhancing technologies, with a focus on third-party applications (TPAs). [PETS 2023]
Based on the outcome of this study, I conducted a participatory design study with WAT users to design user-centered privacy-enhancing technologies related to WAT data-sharing with third-party apps. The outcome of this study, supported by a user survey evaluating the potential for adoption of co-designed privacy-enhancing technologies, was used to develop a design-based framework aiming to provide insight to help developers and service providers implement WAT functionalities that maximize privacy while keeping a decent level of utility. [PETS 2024]
