The development of ambient and pervasive devices and systems is gathering momentumrecent examples include the Whereabouts Clock  and digital jewelry . These types of technologies provide new contexts for communication between users. The eSense project  is developing a systems approach for large-scale deployment of ambient technologies, based on the concept of motestiny "disposable" wireless devicesfor a range of application areas, including personal use (e.g., mood-based services), the wireless hospital concept, and the tracking of food processing. General concerns about the risks that large-scale deployment of these technologies will present to the users have also been raised .
The goal of these developments is to capture ambient intelligence, going beyond the functionality of current 3G mobile communications systems, through the use of Wireless Sensor Networks (WSN). Large-scale deployment will mean that people will be surrounded by "sensorized environments" . Novel applications and services to enrich daily life and increase productivity at work will emerge.
The Communications Architecture of New Ambient Systems. Ambient devices and systems are a new form of communication. Users of ambient systems will be able to share feelings and moods using wearable devices, track each other's movements, and capture medical and environmental data remotely. WSN will create a new communications architecture within the socio-technical system we call human society. It is an axiom of systems science that the communications architecture of a system is one of the main defining characteristics of the system. If the communications architecture changes, then the character of the system changes. The social consequences of large-scale deployment of ambient and pervasive technologies are as yet completely unknown.
The Potential for Misuse of Ambient Technologies. People will use this technology in many different ways. It has always been the case that users will find new and creative uses for any technology, which were unimagined by the original developers. The creative misuse of technology systems is an innate part of our culture as humans. Some such misuse can lead to successful and useful innovation. Misuse by others, however, benefits only the malign interests of those dysfunctional people within our society who seek to prey on their fellow humans. Those who seek to prey sexually on young children are a particularly worrying example of this.
ETSIs Work on Young Child Issues. ETSI (European Telecommunications Standards Institute) has worked for 10 years on the issues of the use of ICT products and services by young children. Much of this work has addressed the design deficit, in security and safeguarding features, inherent in the current range of communications technologies, when considering its use by young children. ETSI started this work with a study to identify the main issues in relation to young children's use of ICT products and services . This work focused on young children between four and 12 years of age, who are probably the most vulnerable group of ICT users. Most ICT products and services that young children in this age group use were originally designed for use by adults. New guidelines were produced for the designers of ICT products and services that young children will use . The dangers and risks that current and future ICT products and services present to young users were publicized widely in an ETSI white paper . Many other organizations, including the European Commission, have also become concerned about adequately safeguarding young users of ICT. ETSI is currently producing guidelines for providers whose services are used by children ; the guidelines will seek to create a more secure environment for those young children who use current and future technologies, including ad hoc networking and ambient devices.
Adding Safeguards for Vulnerable Users. The architecture of new ambient and pervasive systems and services is at an early design stage. It is essential to learn from the difficulties previous generations of communication technologies have presented to naïve and vulnerable users. Vulnerable users, especially young children, must be protected by safeguards such as additional security features in the application layer, and the secure transfer of data between the devices, and between the devices and the systems databases. Protection for young child users also requires designing a new set of features into the technology to prevent tunneling through insecure communications layers below the application layer. Both of these requirements may require strong encryption of data flows.
The RisksAn Example. One of the target applications for ambient technology is new digital jewelry , which will permit users to exchange data between two devices worn by different people. Between two cooperating adults, such applications present new and interesting ways to interact, with the possibility of transmitting a sense of mood. Now imagine the same technology in use by a young child and a parent. The opportunity to fraudulently intercept the data flow between these two users, who each trust that the other is who they say they are, could present enormous difficulties. We already observe this behavior with existing technologies such as social networking and chat rooms. New ambient systems will offer irresistible challenges to hackers, implying new risks for child users of these technologies.
Children today are an integral part of the information society. They have inculcated the current generation of technologies into their lives in a way that mystifies many adults, including their parents . They are highly skilled and very creative in their use of ICT products and services. Children, perhaps disproportionately, can be innocent victims of technology misuse . They are also capable of misusing technology to abuse otherspeers and older people (see, for example, "rate my teacher"-type Web services).
Designing SafeguardsThe Opportunity. Too often in the past, in the rush to deploy and recover the costs of development, technologists have rushed into large-scale deployment of technologies at the prototype stage. In many cases, the technology is functioning only at the most basic level. The intention is to add other required features later. This frequently means the requirements not central to the application are relegated to the "nice to have" category. Strong safeguards for ambient and pervasive technologies must not be relegated to this category.
We need to take the opportunity to design strong security features into ambient devices and systems and wireless sensor networks. The social consequences of large-scale deployment of extremely cheap but highly functional new technologies without strong security features cannot be foreseen. The key to strong security is strong encryption of the transmitted data. If this increases the complexity of the motes, and of the communications system architecture, then it is a price that must be paid in order to limit the opportunity for misuse and consequent abuse.
ETSI, as an example, is currently calling on all industry stakeholders to cooperate to create a ChildAware Chartera set of self-regulatory guidelinesin order to better safeguard child users of current ICT products and services . What is needed now is for developers of ambient systems to cooperate to create a common, standard approach to the inclusion of the additional safeguards needed to protect naïve and vulnerable users, especially young children. It should also be a requirement that before the technology is deployed on any scale above simple laboratory testing, the designers must undertake a social impact assessment.
1. Clarke, A. M. "Young Children and ICT - current issues in the provision of ICT technologies and services for young children." ETSI White Paper No 2, 2006. http://www.etsi.org/etsi_radar/whitepaper/home.htm
8. Sellen, A., R. Eardley, S. Izadi, and R. Harper. "The Whereabouts Clock, early testing of a situated awareness device." Extended abstracts of conference on human factors and computing systems, CHI '06, Montreal, Canada, 2006, 1307-1312.
9. STF 323 is an ETSI Specialist Task Force on "Specification and guidelines for service providers on the provision of information services to young children." For more information see http://portal.etsi.org/stfs/STF_HomePages/STF323/STF323.asp
10. Wallace, J. "Digital Jewellery and family relationships." Paper presented at the Family and Communications Technologies Workshop, Northumbria University, May 2007. http://www.rca.ac.uk/images/lib/Wallace_9201.pdf
Anne M. Clarke
About the author
For the past six years, Anne Clarke has been leading ETSI's program of work with the Human Factors Technical Committee defining the issues in this important area and developing guidelines for the industry. As a result of this work, young children are now seen as a significant sector of the European Information Society. Other standards organizations are now also adopting this approach. After earning a bachelor's degree in ergonomics, and completing post graduate research for a number of public utilities, she joined the research staff of the Human Factors Department of Loughborough University. As a researcher and project manager with HUSAT, the Human Factors Institute, she led a number of international human factors research programs funded by the European Commission. She is also a member of the permanent steering committee of the Human Factors in Telecommunications biennial series of conferences. She now acts as an independent consultant to the telecommunications sector on human factors issues. She currently leads ETSI Project STF323the Childaware Project, which aims to encourage ICT product and service providers to be aware of young child users. This project will define new guidelines for service providers whose services are used by young children.
©2007 ACM 1072-5220/07/0900 $5.00
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. To copy otherwise, to republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee.
The Digital Library is published by the Association for Computing Machinery. Copyright © 2007 ACM, Inc.