Digital Product ResearchWe’re a team at Co-op Digital and this is the archive of our experiments… Read more

Everything is connected

Many of the things in our homes connect to the internet, allowing us to control them with our phones via an app, to be part of an online community or to access content online.

LG’s announcemnet at CES that all of their devices will now be connected to the internet
LG’s announcement at CES, photo by Karissa Bell

Everything’s sharing everything

Many of these devices have cameras and microphones, capturing highly personal information inside the home.

It’s not always clear that data is being captured, how that information is used, or who has access to it. This is often hidden inside complicated terms and conditions.

For some devices, the manufacturer’s business model is selling personal information on to others “If you’re not the customer, you’re the product”

Finally, many of these devices have security vulnerabilities, opening them up to attackers on the internet.

We showed people problems in their home

We prototyped Scout, a service that monitors devices connected to a home wifi network, and showed it to four people who use these kinds of devices in their homes.

A fridge magnet that we imagined could alert the homeowner to new vulnerabilities on their network
A fridge magnet could alert the homeowner to new vulnerabilities on their network

We showed them some potential vulnerabilities in a home network that was similar to their own. They saw how personal information was transferred to a third party company, allowed via a clause buried deep within a product’s terms and conditions.

How much do people understand about the risks of connected devices?

Most of our participants had not thought about how secure or private the connection between their devices and the internet was.

No I didn’t realise. It’s quite scary actually.

- M, male, 26-35 year old, owns Samsung smart tv, Tenvis security cameras, PlayStation

Some knew there were risks, but not the specifics.

More things are becoming connected to the internet. You hear more stories of people hacking into things, the more secure you can be the better.

- D, male, 26-35 year old, owns LG Smart TV, Playstation 3, Hive 2
The digital product research team reviewing the research observations
The team reviewing the research findings

Can we make security exploits visible and understandable?

When we showed them the Scout prototype, our participants immediately understood the implications for their individual situation.

It sounds like, when you’re sitting in a room with a smart TV, it could potentially be sent to a third party.

- M, male, 26-35 year old, owns Samsung smart tv, Tenvis security cameras, PlayStation

You could be buying something over the phone, doing your insurance, giving your credit card information to pay for your insurance. If someone has intercepted that, they could commit fraud on my account.

- M, male, 26-35 year old, owns Samsung smart tv, Tenvis security cameras, PlayStation

Would people “downgrade” their devices to make them more private?

Despite our participants obvious discomfort at learning about the flaws in devices they had bought, they weighed up their options and broadly decided to take no action.

Cost was a factor; smart devices had been a significant outlay, and the idea of reducing their functionality was not appealling.

…they weighed up their options and broadly decided to take no action

But again, if I’ve spent a lot of money on it. I don’t know if I would. I don’t know. Just stick to it and take the risk, potentially.

- M, male, 26-35 year old, owns Samsung smart tv, Tenvis security cameras, PlayStation

Once informed, people were very good at balancing the risks against the benefits they get from their devices.

I wouldn’t take it back for a refund because he likes it too much. It’s like big brother. He feels safer with it.

- W, female, 26-36 year old, owns Samsung smart TV, Playstation 4, Hikvision security camera

Can we help people work together to influence manufacturers?

People were interested in the idea of lobbying manufacturers to change their practices through the service. We thought this might be a good way to link in with membership and the wider Co-op campaigning work.

I would assume that the team behind Scout would contact British Gas that people aren’t happy about them sharing their data. I’d click on the join option.

- D, male, 26-35 year old, owns LG Smart TV, Playstation 3, Hive 2

I would join 3865 people asking Samsung to change this.

- M, male, 26-35 year old, owns Samsung smart tv, Tenvis security cameras, PlayStation

There was a mistrust of companies

You don’t know who to believe. Samsung are saying they’re not breaking laws, this article is saying that it is.

- M, male, 26-35 year old, owns Samsung smart tv, Tenvis security cameras, PlayStation

But deep down they would probably do that [share data with third parties] anyway without asking permission.

- D, male, 26-35 year old, owns LG Smart TV, Playstation 3, Hive 2

There was a clear difference between inside and outside the home

My sister doesn’t use it all, she doesn’t like the idea of having cameras in the house.

- M, male, 26-35 year old, owns Samsung smart tv, Tenvis security cameras, PlayStation

If it’s purely that they can look at what’s on the CCTV, that’s only outside the house so that’s OK.

- W, female, 26-36 year old, owns Samsung smart TV, Playstation 4, Hikvision security camera

People have a very individual view of what is private

If you read out credit card details it would be a problem but normal conversations, not that bothered.

- D, male, 26-35 year old, owns LG Smart TV, Playstation 3, Hive 2

I did hear about this, smart TVs recording private conversations. It’s a bit Orwellian.

In principle I don’t think this is OK, even if they don’t do anything with it.

It doesn’t matter that much if people can see my photos.

If the government wanted to use it for a purpose that might make me think it’s OK but not just corporates.

How we ran this experiment

Talking to experts

We talk to experts in the areas we’ve been looking to find out what they think the big challenges are. We then turn these challenges into positive “how might we?” questions which we try to answer as we carry out the experiment.

We’re lucky enough to work for a large organsiation with a lot of expertise in-house - we’re grateful to our colleagues who have given us their time and their knowledge. We’ve found that the Co-op name has opened doors for us, and external experts have also let us interview them.

From idea to software in 5 days

We tested this idea by building and testing a prototype in 5 working days. Our goal was not to test the effectiveness of the prototype, but to use it as a starting point for a conversation. Using the GV product design sprint framework, we were able to quickly test our assumptions and make something that felt real enough to try out on some potential users. The conversations we have with users as they interact with our prototype tell us if an idea is worth persuing or not.

One-to-one interviews with potential users

We only have a few days to organise interviews, which means we have to use the quickest way to find relevant people to talk to. We use social media and our professional and social networks to carry out highly targeted recruitment to find people who closely represent our target audience.

We observe and record our interviews, taking care to remove any details that would identify the participants. Everyone involved signs a participant agreement and we give vouchers to the people who take part as a thank-you for their time.

We use active listening techniques to get deeper insights into the reasons behind comments that people make. We have learnt a lot from experts in Co-op Digital such as Andrew Travers and James Boardwell that have helped us get the most from these interviews, thank you.

Open experiment in a new window

Further reading

This is a work in progress: Give feedback