Our Research at CHI2012 – usable security and public displays

This year we have the chance to share some of our research with the community at CHI2012. The work focuses on usable security ([1] and [2]) and public display systems [3]. Florian got together with the researchers from T-Labs a best paper award for [3].

Please have a look at the papers… I think it is really worthwhile.

Increasing the security of gaze-based graphical passwords [1]
With computers being used ever more ubiquitously in situations where privacy is important, secure user authentication is a central requirement. Gaze-based graphical passwords are a particularly promising means for shoulder-surfing-resistant authentication, but selecting secure passwords remains challenging. In this paper, we present a novel gaze-based authentication scheme that makes use of cued-recall graphical passwords on a single image. In order to increase password essays security, our approach uses a computational model of visual attention to mask those areas of the image that are most likely to attract visual attention. We create a realistic threat model for attacks that may occur in public settings, such as filming the user’s interaction while drawing money from an ATM. Based on a 12-participant user study, we show that our approach is significantly more secure than a standard image-based authentication and gaze-based 4-digit PIN entry.“ [1]

Assessing the vulnerability of magnetic gestural authentication [2]

Secure user authentication on mobile phones is crucial, as they store highly sensitive information. Common approaches to authenticate a user on a mobile phone are based either on entering a PIN, a password, or drawing a pattern. However, these authentication methods are vulnerable to the shoulder surfing attack. The risk of this attack has increased since means for recording high-resolution videos are cheaply and widely accessible. If the attacker can videotape the authentication process, PINs, passwords, and patterns do not even provide the most basic level of security. In this project, we assessed the vulnerability of a magnetic gestural authentication method to the video-based shoulder surfing attack. We chose a scenario that is favourable to the attacker. In a real world environment, we videotaped the interactions of four users performing magnetic signatures on a phone, in the presence of HD cameras from four different angles. We then recruited 22 participants and asked them to watch the videos and try to forge the signatures. The results revealed that with a certain threshold, i.e, th=1.67, none of the forging attacks was successful, whereas at this level all eligible login attempts were successfully recognized. The qualitative feedback also indicated that users found the magnetic gestural signature authentication method to be more secure than PIN-based and 2D signature methods.„[2] There is also a youtube video: http://www.youtube.com/watch?v=vhwURyTp_jY

Looking glass: a field essay study on noticing interactivity of a shop window[3]
In this paper we present our findings from a lab and a field study investigating how passers-by notice the interactivity of public displays. We designed an interactive installation that uses visual feedback to the incidental movements of passers-by to communicate its interactivity. The lab study reveals: (1) Mirrored user silhouettes and images are more effective than avatar-like representations. (2) It takes time to notice the interactivity (approx. 1.2s). In the field study, three displays were installed during three weeks in shop windows, and data about 502 interaction sessions were collected. Our observations show: (1) Significantly more passers-by interact when immediately showing the mirrored user image (+90%) or silhouette (+47%) compared to a traditional attract sequence with call-to-action. (2) Passers-by often notice interactivity late and have to walk back to interact (the landing effect). (3) If somebody is already interacting, others begin interaction behind the ones already interacting, forming multiple rows (the honeypot effect). Our findings can be used to design public display applications and shop windows that more effectively communicate interactivity to passers-by.“ [3]

References
[1] Andreas Bulling, Florian Alt, and Albrecht Schmidt. 2012. Increasing the security of gaze-based cued-recall graphical passwords using saliency masks. In Proceedings of the 2012 ACM annual conference on Human Factors in Computing Systems (CHI ’12). ACM, New York, NY, USA, 3011-3020. DOI=10.1145/2208636.2208712 http://doi.acm.org/10.1145/2208636.2208712
[2] Alireza Sahami Shirazi, Peyman Moghadam, Hamed Ketabdar, and Albrecht Schmidt. 2012. Assessing the vulnerability of magnetic gestural authentication to video-based shoulder surfing attacks. In Proceedings of the 2012 ACM annual conference on Human Factors in Computing Systems (CHI ’12). ACM, New York, NY, USA, 2045-2048. DOI=10.1145/2208276.2208352 http://doi.acm.org/10.1145/2208276.2208352
[3] Jörg Müller, Robert Walter, Gilles Bailly, Michael Nischt, and Florian Alt. 2012. Looking glass: a field study on noticing interactivity of a shop window. In Proceedings of the 2012 ACM annual conference on Human Factors in Computing Systems (CHI ’12). ACM, New York, NY, USA, 297-306. DOI=10.1145/2207676.2207718 http://doi.acm.org/10.1145/2207676.2207718

Introduction to the special issue on interaction beyond the desktop

After coming back from CHI2012 in Austin I found my paper copy of the April 2012 issue of IEEE Computer magazine in my letter box. This is our special issue on interaction beyond the desktop. Having the physical copy is always nice (it is because I probably grew up with paper magazines ;-).

This guest editors’ introduction [1] is an experiment as we include photos from all papers on the theme. The rational is, that probably most people will not have the paper copy in their hand. When having the digital version the overview of the papers is harder to manage, that is why we think including the photos helps to make readers curious to look at the papers in the issue. Please let us know if you think this is a good idea…

[1] Albrecht Schmidt and Elizabeth Churchill. Interaction Beyond the Keyboard. IEEE Computer, April 2012, pp. 21–24. (PDF). Link to the article in Computing Now.

Keynote at Percom 2012: Andy Hopper from Cambridge on Computing for the Future of the Planet

In his Keynote „Computing for the Future of the Planet“ Andy Hopper brought up 4 topics and touched shortly on each of them: (1) Optimal digital infrastructure – green computing, (2) Sense and optimize – computing for green, (3) Predict and react – assured computing, and (4) Digital alternatives to physical activities.

In the beginning of his talk he discussed an interesting (and after he said it very obvious) option of Green Computing: move computing towards the energy source as it is easier to transmit data than to transmit power. Thinking about this I could imagine that Google’s server farms are move to a sunny dessert and then the calculations are done while the sun is shining… and using the cold of night to cool down… This could be extended to storage: storing data is easier than storing energy – this should open some opportunities.

As a sample of an embedded sensing systems Andy Hopper presented a shoe with built-in force sensing (FSR) that allows to measure contact time and this helps to work out speed. There initial research was targeted towards athletes, see Rob Harle’s page for details. It is however easy to imagine the potential this has if regular shoes can sense movement in everyday use. He hinted to think about the options if one could go to doctor and analyze the change in walking pattern over the last year.

In various examples Andy showed how Ubisense is used in commercial applications, production, and training. It seems that medium resolution tracking (e.g. below 1 meter accuracy) can be reliably achieved with such an off the shelf systems, even in harsh environments. He mentioned that the university installations of the system at an early product stage were helpful to improve the product and grow the company. This is interesting advices, and could be a strategy for other pervasive computing products, too. For close observers of the slides there were some interesting inside in the different production methods between BMW and Austin Martin and the required quality 😉

Power usage is a central topic in his labs work and he showed several examples of how to monitor power usage in different scenarios. On example is monitoring power usage on the phone, implemented as an App that looks at how power is consumed and how re-charging is done. This data is then collected and shared – at current over 8000 people are participating. For more details see Daniel T. Wagner’ page. A further example is the global personal energy meter. He envisions that infrastructure, e.g. trains and building, are broadcasting information about the use of energy and that they provide information about one individuals share of this.

With an increasing proliferation of mobile phones the users’ privacy becomes a major issue. He showed in his talk an example, where privacy is provided by faking data. In this approach fake data, e.g. for calendar events, location data, and address book, is provided to apps on the phone. By these means you can alter what an application sees (e.g. location accuracy).

For more details and papers see the website of the digital technology group: http://www.cl.cam.ac.uk/research/dtg/www/

Opening talk at the Social Media for Insurances Symposium

I was invited to Leipzig to talk about social networks and in the context of insurance companies (http://www.versicherungsforen.net/social-media). The main focus of the talk was to show what people currently do in social networks and to speculate why they do it (and  I used a picture of the seven deadly sins as an illustrations…) Additionally I discussed some prototypes of activity recognition and their potential once integrated into social media.

My talk was entitled “500 Freunde (auf Facebook): Wozu noch eine Versicherung?“ – „500 friends (on Facebook) – Is there still need for insurance?“ and discussed how ubiquitous capture and social media may shape the next community [1]. The slides in are in German.

The event was very interesting and I would expect that there is a great potential out there for insurance companies to tap into. Looking back at the original idea of insurance (e.g. old fire insurance communities) or sharing the risk of hail in farming communities can give interesting inspiration for peer-2-peer insurance models. It will be exciting to see if there a new products and services that come out of the “big players” or if new players will come to the game. To me the central issue to address is how to make insurance products more visible – and I think a user centered design approach could be very interesting…

In the future I would expect that finding the right value mix (privacy, price, safety, etc.) will be essential as we argued for other services in [2]. Some years back we wrote in an article about RFID [3] “privacy is sacred but cheap” and the more services we see the more I am convinced that this is more than a slogan. If you can create a service that is of immediate value to the user I would I expect that privacy will be a lesser concern to most? On the other hand if you reduce privacy without any value in exchange there is always an outcry…

[1] “500 Freunde (auf Facebook): Wozu noch eine Versicherung?“ – Ermöglichen allgegenwärtige Aufzeichnungs-technologien und digitale soziale Netze die nächste Solidargemeinschaft? Slides as PDF (in German)
[2] Albrecht Schmidt, Marc Langheinrich, Kristian Kersting, „Perception beyond the Here and Now,“ Computer, vol. 44, no. 2, pp. 86-88, Feb. 2011, doi:10.1109/MC.2011.54 (final version at IEEE, free draft version)
[3] Schmidt, A.; Spiekermann, S.; Gershman, A.; Michahelles, F., „Real-World Challenges of Pervasive Computing„, Pervasive Computing, IEEE , vol.5, no.3pp. 91- 93, c3, July-Sept. 2006. 10.1109/MPRV.2006.57

Facebook – a platform to spot when companies go bankrupt? Real world example.

In the Germany the drug store chain Schlecker announced to be insolvent, see the Reuter news post. If you look at the company’s Facebook page and scan the comments from the last 4 weeks it is apparent that some people in the crowd and employees expected it already last year.
Schlecker is a large drug store chain with probably over 10.000 outlets in Europe and more than 30.000 employees.

The following screen shots show some selected examples I took from the following page: http://www.facebook.com/schlecker.drogerie 
The posts are in German – the minimal summary should give you some idea…

This one the company wishes a happy Christmas and reminds people of a chance to win a car. The first replies echo the holiday greetings but then one complains that they let their shops bleed out (run empty) and that the order good do not arrive (probably posted by an employee). One further speculates that the company is close to bankruptcy. (over 3 weeks before the official note of insolvency)


The company announces a 2 euro discount on a product. Then employees post that they would like to sell the goods to the customers but that they do not get the goods for their shops. Additionally they complain that the goods they get from other closed down shows are not what they need. One says we want to work but we cat (as they are running out of stock). (over 2 weeks before the official note of insolvency)

The company announces price reductions in some goods. Some says that is great – but would be much better if these goods would be in the shops to buy them. (9 days before the official note of insolvency)

Overall I think this is an instructive real world example of the information that can be found in social networks about the health/value of companies. In particular the mix of customers and employees posting makes it a good example to study. I would expect that companies will learn lessons from this with regard to guidelines for the employees… and about transparency / openness…to understand how reliable such posts are we probably need to do some more research? let us know if you are interested in working this with us.

Doktorandenkolleg

Willkommen zum VIS(US) Doktorandenkolleg!

Das Institut für Visualisierung und Interaktive Systeme (VIS) lädt Doktorandinnen und Doktoranden zum wissenschaftlichen Austausch und zur Information über Perspektiven nach der Promotion in Wirtschaft und Wissenschaft im Rahmen des Doktorandenkollegs 2012 ein.

Wann? 06.-08. Februar 2012
Wo? Waldhotel Zollernblick, Freudenstadt
Wer? Doktorandinnen und Doktoranden des VIS(US)
Leitung: Tom Ertl, Martin Fuchs, Albrecht Schmidt, Daniel Weiskopf
Institut für Visualisierung und Interaktive Systeme (VIS)
Visualisierungsinstitut der Universität Stuttgart

 

 

Vorläufiges Programm 

Tag 1 –   6. Februar 2012
Skifahren bei genügend Schnee (=Urlaubstag 😉 )
Anreise nach Freudenstadt (Organisation nach Absprache)
18 Uhr Gemeinsames Abendessen
20 Uhr

20:30

Prof. Dr. Rul Gunzenhäuser:
Thesen und Prognosen aus dem Bereich der Informatik

Albrecht Schmidt: „die Welt in 100 Jahre“
– Rückblick auf ein Buch von Wissenschaftlern von 1910 –
Wir entwickeln von Szenarien für die nächsten 100 Jahre

Tag 2   7. Februar 2012
08:45 Einführung/Eröffnung
09:00 Vortrag: Andrés Bruhn
Vorstellung des Arbeitsgebiets und der neuen Arbeitsgruppe
10:00 „FastForward“ Poster – Session 1
Kurzpräsentation (Elevator-Talk) – 90 Sekunden (strikt!) pro Person
20 Präsentation thematisch bunt gemischt
Ziel: Dissertationsthema und Arbeitsgebiet allgemeinverständlich für Informatiker erklären und auf das eigene Poster neugierig machen
10:30 – 11:30 Kaffeepause, Posterausstellung und Gespräche an den Postern
11:30 – 12:30 Track A: Session 1
3 Vorträge @ 10 Minuten
Track B: Session 1
3 Vorträge @ 10 Minuten
Track C: Session 1
3 Vorträge @ 10 Minuten
12:30 – 14:00 Mittagessen
14:00 – 15:00 Track A: Session 2
3 Vorträge @ 10 Minuten
Track B: Session 2
3 Vorträge @ 10 Minuten
Track C: Session 2
3 Vorträge @ 10 Minuten
15:30 – 16:00 „FastForward“ Poster – Session 2
Kurzpräsentation (Elevator-Talk) – 90 Sekunden (strikt!) pro Person
20 Präsentation thematisch bunt gemischt
Ziel: Dissertationsthema und Arbeitsgebiet allgemeinverständlich für Informatiker erklären und auf das eigene Poster neugierig machen
16:00 – 17:00 Kaffeepause, Posterausstellung und Gespräche an den Postern
17:00 – 18:00 Frei 🙂
18 Uhr Gemeinsames Abendessen
20 Uhr Informatik Studieren – Was macht es attraktiv?
Wie sollten wir unsere Studiengänge gestalten?
Wie gewinnen wir die besten Studierenden?
Diskussion und Gruppenarbeit
Tag 3   8. Februar 2012
08:30 – 10:30 Karrierewege nach der Promotion

  • Profile und Anforderungen
  • Akademische Karriere im Ausland (z.B. USA, UK)
  • Consulting
  • Entwickler (z.B. Google)
  • Management
  • Professor an einer (Fach)-Hochschule
  • Professor an einer Uni
  • Unternehmensgründung
  • Wissenschaftler in einem Forschungslabor

Diskussion ?

10:30 – 11:00 Kaffeepause
11:00 – 12:00 Track A: Session 3
2 Vorträge @ 10 Minuten
Diskussion
Publikationsstrategie
Track B: Session 3
2 Vorträge @ 10 Minuten
Diskussion
Publikationsstrategie
Track C: Session 3
2 Vorträge @ 10 Minuten
Diskussion
Publikationsstrategie
12:00 Mittagessen
Abreise, Rückfahrt nach Stuttgart
Evtl. Skifahren (bei Schnee und Interesse…)

Einreichung von Beiträgen

Ab sofort: Anmeldung per E-Mail an anja.mebus@vis.uni-stuttgart.de (Betreff: „DOKO-2012“, bitte Anschrift, Arbeitstitel des Promotionsvorhabens und Betreuerin oder Betreuer der Promotion angeben)
bis 24.1.2012: Einreichung einer Kurzfassung des Beitrags zum Doktorandenkolleg
(max. 1 Seite, unter Beachtung der folgenden Hinweise)
Hinweis: Für die Teilnahme am Doktorandenkolleg stehen nur begrenzt Plätze zur Verfügung. Sollte die Zahl der Anmeldungen die verfügbaren Kapazitäten überschreiten, entscheiden die Organisatoren über die Annahme von Beiträgen!
bis 2.2.2012: Feedback
bis 5.2.2012: Abgabe der finalen Version des Beitrags

Anmeldung von Beiträgen

Mit dem Doktoranden-Kolloquium möchten wir alle die in VIS und VISUS promovieren motivieren über Ihr Dissertationsthema zu berichten und zu diskutieren. Jede(r) Teilnehmer(in) soll bis zu, 24.1.2012 einen Beitrag im Umfang von ca. 1 Seite (Vorlagen siehe unten) schreiben, der die folgenden Abschnitte enthält:

Problembeschreibung und Forschungsfrage

  • Welches Problem wollt ihr mit euerer Forschung lösen?
  • Warum ist es wichtig dieses Problem zu lösen?
  • Aus welchem Grund sollte jemand für Forschung an dieser Frage bezahlen?
  • Was ist die zentrale Forschungsfrage und was wollt ihr sie konkret herausfinden?
  • Was ist der zu erwartende Wissensgewinn?

Vorgehensweise und Methode

  • Wie führt ihr eure Forschung durch? Ist eure Forschung theoretisch, experimentell oder empirisch?
  • Wie verifizieren oder evaluieren ihr die Ergebnisse?
  • Wie stellt ihr die Richtigkeit und Qualität eurer Ergebnisse sicher?
  • Erkläre kurz die Vorgehensweise und begründe warum diese für deine Forschungsarbeiten angemessen ist. Welche alternativen Vorgehensweisen wären möglich und warum verwendest du diese nicht?
  • Welche Methoden setzt du ein?

Verwandte Arbeiten

  • Was sind die wichtigsten drei Arbeiten anderer Forschungsgruppen auf die sich deine Forschung bezieht?
  • Wie haben diese Arbeiten dich beeinflusst?
  • Was machst du besser als die bisherigen Arbeiten? Wo ergibt sich etwas Neues durch deine Arbeit?

Vorläufige Ergebnisse

  • Was hast du bis jetzt herausgefunden? Beschreibe die vorläufigen Ergebnisse.
  • Aus welchem Grund sollten wir diesen Ergebnissen vertrauen? Wie hast du diese überprüft?
  • Welche weiteren Ergebnisse erwartest du?

Nächste Schritte

  • Was sind die nächsten Schritte in deiner Arbeit? Was fehlt noch damit aus der Arbeit eine Dissertation wird?
  • Wo brauchst du noch weitere (externe) Expertise? An welchen Stellen wären Kooperationen hilfreich?

Formatvorlage und Einreichung
Bitte verwendet die folgende Vorlage für die Einreichung. Bitte schickt den Beitrag als PDF an anja.mebus@vis.uni-stuttgart.de (Betreff: „DOKO-2012-Beitrag“)

Beispiel: PDF
Latex-Vorlage: ZIP-Archiv
MS-Word 97-2003 Vorlage: DOC
MS-Word 2007 Vorlage: DOCX

Auto-UI 2012 in the US, looking for hosts for 2013

The next and 4rd international conference on Automotive User Interfaces and Vehicular Applications (AutoUI 2012) will be in Portsmouth, New Hampshire in the USA. The dates for the conference are 17-19 of October 2012. The first day for workshops and tutorials and 2 days for the main conference. Portsmouth is about an 1 hour drive from Boston and the timing is great (fall foliage – the photos of the colorful forests looked good 😉

The steering committee (sc@auto-ui.org) is inviting proposals for Auto-UI 2013 from the community of researchers in the field. The conference was 2009 in Essen (Germany), 2010 in Pittsburgh (USA), 2011 in Salzburg (Austria), and it will be in 2012 in Portsmouth (USA). Keeping this cycle between Europe and North America 2013 should be in Europe.

Bryan Reimer: Opening keynote at Auto-UI 2011 in Salzburg

Bryan started his keynote talk the automotive user interface conference (auto-ui.org) in Salzburg with reminding us that having controversial discussions about the HMI in the car is not new. Quoting a newspaper article from the 1930s on the introduction of the radio in the car and its impact on the driver he picked an interesting example, that can be seen as the root of many issues we have now with infotainment systems in the car.

The central question he raised is: how to create user interface that fit human users? He made an important point: humans are not “designed” to drive at high speed in complex environments; perception has evolved for walking and running in natural environment. Additionally to the basic limitations of human cognition, there is a great variety of capabilities of drivers, their skills and cognitive ability (e.g. influence of age). A implication of the global change is demographics is that the average capabilities of a drivers will be reduced – basically as many older people will be drivers…

Over the last 100 years cars have changes significantly! Looking more closely Bryan argues that much of the chance happened in the last 10 years. There has been little change from the 1950s to the 1990s with regard to the car user interface.

It is apparent that secondary tasks are becoming more important to the user. Users will interact more while driving because the can. It is however not obvious that they are capable of it.

Even given these developments it is apparent that driving has become safer. Passive safety has been improved massively and this made driving much safer. There seems to be a drawback to this as well, as people may take greater risks as they feel safer. The next step is really to avoid accidence in the first place. Bryan argues that the interaction between driver, environment, and vehicles is very important in that. He suggests that we should make more of an effort to create systems that fit the drivers.

The Yerkes-Dodson Law helps to understand how to design systems that keep peoples attention in the optimal performance. He made an important point: there are certain issues that cannot be solved, e.g. if someone is tired we can do only very little – the driver will need to rest. We should make sure that we take these things into account when designing systems.

Visual distraction is an obvious factor and much discussed in the papers at the conference – but Bryan argued that “eyes on the road” is not equal to “mind on the road”. I think this is really a very important point. Ensuring that people keep their eyes on the road, seeing things is not enough. The big resulting question is how to keep or get people focused on the street and environment. It seems there is some more research to do…

The variety of interfaces and interaction metaphors build into cars opens more choices but at the same time creates problems, as people need to learn and understand them. A simple question such as: How do you switch the car off? may be hard to answer (Bryan had the example of a car with a push button starter, where you cannot remove the key). I think there are simple questions that can be learned from industry and production machines… add an emergency stop button and make it mandatory 😉

If you are interested more about Bryan’s work look at his webpage or his page at the MIT agelab or one of his recent publications [1] in the IEEE Pervasive Computing Magazine’s special issue on automotive computing, see [2] for an introduction to the special issue.

Sorry for the poor quality photos … back row and an iPhone…

[1] Joseph F. Coughlin, Bryan Reimer, and Bruce Mehler. 2011. Monitoring, Managing, and Motivating Driver Safety and Well-Being. IEEE Pervasive Computing 10, 3 (July 2011), 14-21. DOI=10.1109/MPRV.2011.54 http://dx.doi.org/10.1109/MPRV.2011.54

[2] Albrecht Schmidt, Joseph Paradiso, and Brian Noble. 2011. Automotive Pervasive Computing. IEEE Pervasive Computing 10, 3 (July 2011), 12-13. DOI=10.1109/MPRV.2011.45 http://dx.doi.org/10.1109/MPRV.2011.45

Automotive UI in Salzburg

Manfred Tscheligi opend the Automotive UI conference in Salzburg. The conference is now in its 3rd year after 2009 in Essen and 2010 in Pittsburgh. The conference is growing – there were well over 130 people registered 🙂

The proceedings of the conference series are online available at http://auto-ui.org

3rd Auto-UI Proceedings 2011 (soon in the ACM DL)
2nd Auto-UI Proceedings 2010 (ACM DL)
1st Auto-UI Proceedings 2009 (ACM DL)

Guests in my multimodal interaction class

Today I had brought 3 more professors with me to teach the class on multimodal interaction (I learned from Hans). As we have the pd-net project meeting Nigel Davies, Marc Langheirich, and Rui Jose were in Stuttgart and ‘volunteered’ to give a talk.

Nigel talked about the work in Lancaster on the use of mobile computing technology to support sustainable travel. He explained the experiments they conducted for collecting and sharing travel related information. In the 6th Sense Transport project they look beyond looking at understanding the current context into predictions and eventually ‘time travel’ 😉

Marc presented a one hour version of his tutorial on privacy introducing the terminology and explaining the many facets this topic has. We discussed the ‘NTHNTF’ argument (Nothing To Hide Nothing To Fear) and Marc used an example of AOLstalker.com to show the weaknesses of this argument. Marc suggested some reading if you want to dive into the topic, see [1,2,3,4].

Rui focused in his lecture on pervasive public displays. He gave an overview of typical architectures for digital signage systems and the resulting limitation. The pd-net approach aims at creating an open platform that allows many different applications and use cased. He showed once concept of using virtual pin-badges to trigger content and to express interest in a certain topic.

There is more information on the pd-net project on http://pd-net.org

[1] David Brin. The Transparent Society. Perseus Publishing, 1999.
[2] Simson Garfinkel: Database Nation – The Death of Privacy in the 21st Century. O’Reilly, 2001.
[3] Lawrence Lessig: Code and Other Laws of Cyberspace. Basic Books, 2006. http://codev2.cc/
[4] Waldo, Lin, Millett (eds.): Engaging Privacy and Information Technologygy in a Digital Age. National Academies Press, 2007.