clauwa.info

I just bumped into IYOUIT, a context-aware application for mobile phones (at the moment only for S60 nokia phones). It sounds really interesting and I like the idea of making the Social Web more social by exploiting the user’s context (that means tracking the positions of users, the whereabouts and proximity of their buddies, scanned Bluetooth and WLAN beacons, local weather, photos, sounds, observed products, messages and more). But such developments also make privacy questions more important. User must be able to control to whom and to which degree their data (such as personal data, personal context information, social networking data, and generated content) are disclosed.

So I started reading about IYOUIT in order to find out how the deal with the privacy issues. The only paper I found in which the privacy mechanism are explained in detail, is this one (https://www.iyouit.eu/portal/help/ShareWhateverYouLike.pdf ) and I try to briefly summarize the characteristics:
•    access control is based on personal directives –> each user defines directives for his information
•    directives can be access rules for applications or  for user or for a combination of both (e.g. “application XY is never allowed to access anything” or “user xy is always allowed to access everything” or “user xy is allowed to access these sub-graph of my data via application xy”)
•    applications and user always must authenticate in order to be allowed to access content protected by directives
•    authentication is based on a pre-registering –> users and applications get tokens to authenticate when they register
•    directives are applied after processing the query of a client –> query results are filtered in order to respect the defined user’s directives