It was hard to find the words: Using an Autoethnographic Diary Study to Understand the Difficulties of Smart Home Cyber Security Practices

Abstract: This study considers how well an autoethnographic diary study helps as a method to explore why families might struggle in the application of strong and cohesive cyber security measures within the smart home. Combining two human-computer interaction (HCI) research methods - the relatively unstructured process of autoethnography and the more structured diary study - allowed the first author to reflect on the differences between researchers or experts, and everyday users. Having a physical set of structured diary prompts allowed for a period of 'thinking as writing', enabling reflection upon how having expert knowledge may or may not translate into useful knowledge when dealing with everyday life. This is particularly beneficial in the context of home cyber security use, where first-person narratives have not made up part of the research corpus to date, despite a consistent recognition that users struggle to apply strong cyber security methods in personal contexts. The framing of the autoethnographic diary study contributes a very simple, but extremely powerful, tool for anyone with more knowledge than the average user of any technology, enabling the expert to reflect upon how they themselves have fared when using, understanding and discussing the technology in daily life.

• The paper reveals that integrating autoethnography with diary studies uncovers the complexity of managing smart home cyber security.
• It shows that even experts face significant challenges due to intricate device setups and family dynamics.
• Findings stress the need for intuitive design and enhanced policies to bridge the gap between theory and practice.

Understanding Smart Home Cyber Security Practices through Autoethnographic Diary Studies

Introduction

The paper "It was hard to find the words: Using an Autoethnographic Diary Study to Understand the Difficulties of Smart Home Cyber Security Practices" (2112.09035) presents an exploration of challenges faced by families in implementing robust cyber security measures within smart homes. The authors employ an innovative research approach by integrating two human-computer interaction (HCI) methodologies—autoethnography and diary studies—to access the nuanced understanding of cyber security difficulties faced by users of smart home technologies. The study leverages first-person narratives and reflexivity to draw comparisons between expert and non-expert users by documenting real-world experiences in managing cyber security.

Methodological Approach

The research utilizes a distinctive combination of autoethnographic and diary study methods. The autoethnographic approach allows the researcher to explore personal narratives by reflecting on their familial interactions surrounding cyber security practices. The diary study component provides structured prompts over an 80-day period, enabling the researcher to capture daily cyber security-related interactions. This methodological synthesis captures both the subjective experiential insights and the objective occurrences of cyber security management within smart homes.

Autoethnography offers an introspective view into the researcher's personal cyber security challenges and insights, while the diary study supplies structured prompts to gather objective occurrences and responses to cyber security interactions within a household. This hybrid approach provides a comprehensive examination of how expert knowledge transfers—or fails to transfer—into effective home cyber security practices.

Findings

The study reveals two primary themes: the practical challenges of cyber security ("housework") within the home regarding device setup and management, and the external cyber security "wider universe," encompassing broader societal and technological risks. This bifurcation allows the researcher to pinpoint issues where an average user might lack engagement due to complexity or abstract nature of cyber security concepts.

Despite the first author's advanced understanding of cyber security, the diary entries frequently capture frustrations and challenges in applying this knowledge effectively in a family setting. Common expressions of discomfort and difficulty, such as "infuriating" and "frustrating," highlight the intrinsic challenges in making intricate cyber security practices accessible and manageable for everyday users. Moreover, the study reveals that significant emotional or educational discussions around cyber security were sparse, emphasizing the limited engagement from non-expert household members.

Implications for Design and Policy

The insights derived from this autoethnographic diary study have considerable implications for designers and policy makers. Designers of smart home devices can benefit from understanding the practical difficulties experienced by even knowledgeable users, prompting a shift towards more intuitive security features and user interfaces. The study highlights the need for designing products that facilitate easy comprehension and management of cyber security settings.

For policy makers, the study underscores the necessity of greater educational initiatives and policy frameworks that consider the limited cyber security literacy among consumers. Reinforcing cyber security education, particularly in family contexts, is crucial, given the pervasive nature of smart technologies and their data privacy implications.

Conclusion

This paper contributes significantly to understanding the complex domain of smart home cyber security through an autoethnographic lens. It provides valuable insights into the challenges of applying expert cyber security knowledge in real-world contexts, highlighting the gap between theoretical understanding and practical application within family environments. This research advocates for empathetic consideration in device design and policy development to address these persistent challenges, ultimately enabling users to navigate the digital landscape securely and effectively.