Thanks to everyone for their comments so far. Here is a second version of the article that sounds a little less, uh, paranoid. As usual, I'm trying to fit too much in too little space, but this verison is a little cleaner. See what y'all think. Thad ------ Wearable Computers and Body Privacy About 10 years ago, I made a bet with a colleague that the first large wearable computing market would evolve from portable consumer electronics like MP3 players instead of growing out of the mobile phone market. Apparently I am in the process of losing that bet. Today's mobile phones are integrating wireless messaging, video and audio recording, web browsing, e-mail, and many computing applications. Previously, these features could only be found on prototype wearable computers. With the addition of a high resolution screen, such as MicroOptical's SV-6 head-up display, and a fast mobile text entry method, such as Handykey's Twiddler one-handed keyboard, these mobile phones will be very similar to our current research prototypes, at least in hardware specifications. With such additions, much of Vernor Vinge's vision with respect to wearable computers in his story ``Synthetic Serendipity'' will be possible for a large consumer base. In fact, many of wearable computing's early demonstrations should be possible with this current generation of mobile phones with embedded cameras: augmented realities where computer graphics are overlaid on the physical world; sharing points of view in real-time; ad hoc collaborations with remote colleagues; and access to web search engines to provide assistance during a conversation, for example. However, I'd like to discuss a major feature and challenge to these devices: privacy. Wearable computing may provide some privacy-protections for the field of ubiquitous computing. Many instantiations of ubiquitous computing place cameras, microphones, and other sensors in the environment around us. Yet, who receives this information or provides controls against logging it? Who provides the money for installing and maintaining the infrastructure and ensures that the infrastructure is not perverted for improper use? By concentrating sensing and data storage on the body, a wearable computer allows its user to ``control his own bits.'' The user determines when and where his data is released and how much to trust the infrastructure around him. For example, when a wearable user enters work in the morning, he may instruct his wearable to inform his office of his arrival so that his office unlocks his door or starts a pot of coffee. However, the user would probably tell his wearable not to share his identity with billboards he walks past to avoid the sort of targeted advertising portrayed in the film ``Minority Report.'' Of course, some bargain hunters may choose to share their identity with advertisers to obtain better deals, much like membership cards in today's grocery stores. While wearable computers provide the user a sense of physical security and control over his private data, many people express concern over potential violations of privacy for others who happen to be near the wearable user. In fact, wearable computers provide little new recording capability. Hidden cameras have been commonly available for over two decades, and hidden body-worn microphones have been used for over half a century. In truth, much of the populace in developed countries already carry a hidden microphone in their pockets - the mobile phone. While mobile phone users believe that their phones are ``off'' when not in use, most modern phones actually use a ``soft'' power switch which only turns off parts of the phone. In theory, a service provider, government agency, or technically savvy cracker could reprogram a mobile phone to record or transmit the user's audio without their knowledge! Perhaps what we need is a legal concept of ``body privacy.'' Misuse of information sensed or stored on a user's body should carry the same penalties as theft of personal items carried on the body. Similarly, the same burden of proving sufficient cause should be required of law enforcement agencies when searching body-worn devices as when searching the user's body. Given today's technology, a mobile phone user might record all his conversations himself. While this possibility certainly exists, as a society in general, we do not worry about our colleagues recording confidential conversations and using the information against us. Such an action would be a violation of the implicit social contracts we have already evolved for everyday life. In some sense, our colleagues are accountable in that, if the information is used inappropriately, we know who to blame. In my research group, we avoid even this possibility by using noise canceling microphones with our wearable computers. While these microphones can hear the user's side of the conversation, the microphone's physical characteristics are designed to avoid capturing environmental noises such as the other person's speech. My conversational partner may choose to make his speech available to my wearable through the use of his own noise-cancelling microphone, but, again, he controls his own data. By using a combination of physical sensor limitations, legal recourse, and social conventions, I believe that wearable computers can improve our lives while protecting our privacy. However, in order to determine the issues involved, we need communities of early adopters to experiment with the use of these devices and encourage meaningful discussion on the topic. --- end forwarded text -- ----------------- R. A. Hettinga <mailto: rah@ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'