Carnegie Mellon University Internet of Things Privacy Infrastructure Website
The Internet of Things Privacy Infrastructure Website is a website under which Carnegie Mellon University (”CMU”) provides part of the Internet of Things privacy infrastructure (“IoT privacy infrastructure” or “IoT PI”) created under a research project directed by Prof. Norman Sadeh. The IoT PI enables people and organizations to inform the public about the presence of IoT devices, IoT services, and IoT apps (collectively referred to as “IoT Resources”) deployed in a given area, such as a university campus, a building, a shopping mall, a room, a stadium, a city block, an entire neighborhood, or a larger geographical area. The Internet of Things Privacy Infrastructure Project has two components:
1) The Internet of Things Assistant (“IoTA”) mobile app (“IoTA Mobile App”), which helps users discover IoT Resources deployed in their vicinity by identifying and querying registries of IoT Resources that pertain to the user’s current location (“IoT Resource Registries” or “IRRs”). The IoTA Mobile App informs the user about the data collection and use practices associated with the IoT Resources it discovers. The IoTA Mobile App also enables users to discover and configure privacy settings that may be offered by IoT Resources (i.e. data deletion, opting in or out of some data collection or sharing practices, or data access requests), and users may receive notifications from the IoTA Mobile App about nearby IoT Resources.
2) The IoT PI website (currently available at https://www.iotprivacy.io as IoT Portal) which enables people and organizations to inform the public about the presence of IoT Resources deployed in different areas. Using the IoT PI website, individuals and organizations can request the creation of IRRs. Individuals and organizations can also use the IoT PI website to create descriptions of IoT Resources (“IoT Resource Listings”) and to publish them, enabling mobile users to discover published IoT Resource Listings using their IoTA Mobile App. The IoT PI website also enables users to create partial descriptions of IoT Resources that others could use as a starting point to create IoT Resource Listings (“IoT Resource Templates”). These IoT Resource Templates can be shared with, re-used and edited by others to publicize the presence of identical or similar IoT Resources.
Each IoT Resource Listing includes a description of the data collection and use practices associated with a given IoT Resource, which may include, among other things, what data the Resource collects, how it is used, who it is shared with, for how long the data is retained, etc. More generally, IoT Resource Listings are a way of advertising the presence of IoT Resources in a given area (e.g., advertising the existence of a mobile app that people can download to help them navigate a building, a neighborhood, or a mall; or advertising the presence of a network of surveillance cameras with facial recognition).
IF THESE TOU ARE NOT ACCEPTABLE TO YOU AND YOUR ORGANIZATION, YOU MUST CLICK "Disagree" AND YOU, YOUR ORGANIZATION AND ITS USERS MAY NOT ACCESS OR USE THE IOT PI.
Additional Terms. Certain features of the IoT PI may be subject to additional terms (“Additional Terms”) presented in conjunction with the features. Regardless of how they are presented to you, you must agree to these Additional Terms before using the features of the IoT PI to which they apply. Unless otherwise specified in these Additional Terms, all Additional Terms are incorporated into this Agreement. If you do not agree to these Additional Terms, then you may not use the features to which they relate. This Agreement and Additional Terms apply equally but, if any Additional Term is inconsistent with any provision of this Agreement, the Additional Term will prevail for the IoT PI functionality or features to which the Additional Terms apply.
The IoT PI website is being provided by CMU as part of a research study under CMU’s IRB ID STUDY2017_00000215 and use of the IoT PI website is further subject to accepting the study consent forms during the account set-up process.
Account Set-Up; User Account Names and Passwords. A user name and password will be required to access the IoT PI (currently available at https://www.iotprivacy.io), to request the creation of an IRR, to create IoT Resource Listings, to request the publication of these IoT Resource Listings in one or more IRRs, and to create IoT Resource Templates. People can request the creation of an account at https://www.iotprivacy.io/register. To enable the account set-up, you must provide a user account name for each person at your organization who is intended to access the IoT PI.
User accounts can be granted different roles: IRR owners/administrators or IRR contributors, or IoT Resource Template contributors. These roles are all specific to a given IRR. These roles entail different levels of access through the IoT PI. Users agree not to share their user account names and passwords with others.
If you are an IRR owner/administrator you agree that you are the (data) controller (as defined under the EU General Data Protection Regulation (Regulation (EU) 2016/679) (“GDPR”)) of information you publicize through the IRRs you own or manage. You agree that you: (i) have provided adequate notice and obtained any necessary consents from data subjects required for personal data collected in connection with an IRR you own or manage, and (ii) abided by any privacy choices (including opt-out preferences) of data subjects relating to the personal data you collect.
IRR Contributors: To be an IRR contributor, you will first agree to the study consent form provided. You will need to create an IoT PI user account with a display name and a valid email address. The information you provide may be used in part to vet your contributions, to prevent abuse and to contact you. IRR contributors can enter descriptions of IoT Resource Listings using a form that includes fields such as the location where the IoT Resource will be discoverable and the data it collects. There are two ways to publish IoT Resource Listings: self-publication by IRR contributors and publication in an IRR through publication submissions. For self-publication, each IRR contributor can publish IoT Resource Listings and is responsible for the content of their IoT Resource Listings. For publication in an IRR, publication submissions may be vetted by the corresponding IRR owner/administrator, and different IRR owners/administrators may have different policies. Note that administrators of specific IRRs have the authority to decide whether or not a particular IoT Resource Listing gets published in that IRR, and CMU cannot guarantee that any particular IoT Resource Listing will be published.
Once an IoT Resource Listing is published, it will be publicly discoverable through the IoT privacy infrastructure and in particular users using their IoTA Mobile App. Since their contents are not vetted by Registry owner/administrators, self-published IoT Resource Listings may be shown differently from IoT Resource Listings published in an IRR on IoTA Mobile App. IRR contributors are responsible for the descriptions of their IoT Resource Listings.
Since the purpose of IoT Resource listings is to provide information to all users of the IoT privacy infrastructure, the display name associated with your user account will be made visible to IoT privacy infrastructure users, including IoTA Mobile App users, who view the IoT Resource Listings you have created and published.
If you are an IRR contributor you agree that you are authorized to share any information you contribute to an IRR. You agree that you will not include personal data, including names, email addresses, phone numbers, and IP addresses, in contributions you make to an IRR.
If you are an IoT Resource Template Contributor you agree that you are authorized to share any information you include in the IoT Resource Templates you create. You agree that you will not include personal data, including names, email addresses, phone numbers, and IP addresses, in such templates and agree that you responsible for the information you provide in the IoT Resource Templates you create.
Content. "Content” means all information, data, text, photographs, graphics, video, messages, tags, or other materials accessed, posted and/or transmitted through the IoT PI. "User Content" is any Content provided by and/or originating from a user (regardless of whether IRR owner/administrator IRR contributor or IoT Resource Template contributor). “IoT PI Content” is Content provided by and/or originating from the IoT PI. As used herein, "Content" refers to both User Content and IoT PI Content unless expressly stated otherwise. CMU is not responsible for any User Content that is uploaded, posted, emailed, transmitted or otherwise made available via the IoT PI. CMU does NOT make any warranties or guarantees about the accuracy, integrity or quality of any Content. You, your organization and its relevant users must evaluate the risks associated with the use of any Content, including any reliance on the accuracy, completeness, or usefulness of such Content. CMU is not assuming liability in any way for any Content, including, but not limited to, any errors or omissions in any Content, or any loss or damage of any kind incurred as a result of the use of any Content posted, emailed, transmitted or otherwise made available via the IoT PI. These terms do not preclude you from pursuing legal action to seek compensation in the event of malpractice, negligence, blame, fault, or guilt on the part of those involved in the research study (including CMU). CMU and its designees shall have the right (but not the obligation) in their sole discretion to pre-screen, refuse, or move any Content for any reason. Should User Content be found or reported in violation of these TOU, it will be CMU’s sole discretion as to what action should be taken, including removal of such Content and/or the suspension or termination of the applicable account(s) (see “Revocation, Suspension or Termination of Accounts” section below).
Permitted Use/Availability of the IoT PI. Subject to other relevant provisions of the TOU, the IoT PI may be used by you, your organization and your organization’s users for their respective personal, academic, educational, non-commercial use in connection with the study. Except for these limited rights, no other rights are granted to the IoT PI and Users may not copy, reproduce, alter, modify, create derivative works, or publicly display any part of the IoT PI. CMU (and/or its content providers, as applicable) own and retain all intellectual property rights they have in and to the IoT PI, including but not limited to the IoT PI Content and the underlying IoT privacy infrastructure. CMU shall have the right in its sole and absolute discretion to suspend or terminate any or all of the users’ access to it for any reason. As specified below, the IoT PI and IRRs are provided on an “AS-IS, AS-AVAILABLE” basis.
Prohibited Uses/Activities. The following activities are prohibited with respect to your and/or your Organization’s and users’ use of the IoT PI : (a) using the IoT PI or any Content in a manner not permitted under these TOU; (b) using another user’s credentials to access and/or use the IoT PI ; (c) transmitting or submitting or accessing any User Content that you do not have the right to transmit, submit or access (as applicable); (d) transmitting or submitting any User Content or otherwise taking any action using the IoT PI that is harmful, threatening, abusive, harassing, tortious, defamatory, vulgar, obscene, libelous, invasive of another's privacy, hateful, discriminatory or racially, ethnically or otherwise objectionable, or encourage and/or assist others to engage in these activities; (e) interfering with, removing or modifying any terms and conditions or other Content on the IoT PI and/or any part of the IoT PI used for the operation and/or security of the IoT PI ; (f) impersonating any person or entity, including, but not limited to, any CMU personnel, or falsely stating or otherwise misrepresenting your affiliation with a person or entity; (g) knowingly uploading, posting, emailing, transmitting or otherwise making available any User Content that contains software viruses or any other computer code, files or programs designed to interrupt, destroy or limit the functionality of any computer software or hardware or telecommunications equipment; (h) interfering with or disrupting the IoT PI or servers or networks connected to the IoT PI , or disobeying any requirements, procedures, policies or regulations of networks connected to the IoT PI (including but not limited to those of any relevant third party service providers used in connection with the IoT PI ); (i) taking IoT PI Content from the IoT PI and reformatting it and/or displaying it on any other website; and/or (j) exceeding the scope of the relevant user’s account authority with respect to the user’s use of the IoT PI , for example, a user accessing and using features or content that the user does do not have the authority to use, or deleting, adding to, or otherwise changing other people's entries or other Content when you have not been granted the privileges to do so.
Revocation, Suspension or Termination of Accounts. CMU retains the right to revoke, suspend and/or terminate any or all user account privileges at any time in its sole and absolute discretion including, without limitation, for any violation of the TOU. To the extent your use of the IoT PI is subject to an applicable consent to participate in research, you acknowledge that CMU may terminate your use of the IoT PI if you withdraw your consent.
If you, your organization or a user becomes aware that a user account has been or may be compromised or is being used in violation of these TOU, or if a user for whom you had CMU create an account leaves your organization and/or will no longer be expected to use the IoT PI, please notify CMU by contacting email@example.com as soon as possible so that CMU may de-activate the applicable account.
Features of the IoT PI; Use of Third Party Providers. The IoT PI and software embodied within the IoT PI may include security components that permit digital materials to be protected, and use of these materials may be subject to usage rules set by CMU. In addition, such features may include tools or other features designed to protect the integrity of certain materials, provide security-related features (such as automatically logging off a user after a period of inactivity) and/or to detect improper activity with respect to the IoT PI. You may not attempt to override or circumvent any of the usage rules embedded into the IoT PI. CMU may, at its discretion, use certain third party service providers to support portions of the IoT PI (including but not limited to hosting services and QR code functionality).
Notifications on the IoTA Mobile App. The IoTA Mobile App is designed to provide notice of nearby IoT Resources. You can customize the notification settings for such notices, including the frequency of such notifications, and the types of data collection you want to be notified about. Your notification settings are only stored on your mobile device and are not linked to your account. Your notification settings will be deleted when you uninstall the IoTA Mobile App. By using the IoTA Mobile App, you consent to receive such notifications in accordance with your then-current notification settings.
Use of Information. CMU has the right to access, preserve and/or disclose account information and Content if required to do so by law or in a good faith belief that such access preservation or disclosure is reasonably necessary to: (a) comply with legal process; (b) enforce these TOU; (c) respond to claims that any Content violates the rights of third parties; (d) respond to your requests for assistance; or (e) protect the rights, property or personal safety of CMU, its users and/or the public. Further, CMU reserves the right to cooperate with legitimate law enforcement requests for information at its sole discretion. In addition, CMU has the right to use data and information obtained or collected through the IoT PI to improve the IoT PI and/or for research or other activities consistent with CMU’s status as a 501(c)(3) organization, provided that CMU removes individually identifiable information (if any) contained in such data or information.
License to User Content. By submitting User Content, the applicable user retains any rights the user has with respect to its User Content (i.e. the user is not assigning ownership to CMU). However, CMU is hereby granted a worldwide, royalty-free, non-exclusive perpetual, irrevocable and fully sub-licensable license to use, distribute, reproduce, modify, adapt, publish, translate, publicly perform and publicly display such User Content (in whole or in part) as necessary to operate the IoT PI and for any other purposes permitted herein.
International Use. If you are not a United States resident and you are accessing the IoT PI from outside the United States, you agree to transfer certain information outside your home country to us and that you will follow all the laws that apply to you.
CMU’s servers and operations are located primarily in the United States and our policies and procedures are based primarily on United States law. Because of this, the following provisions apply specifically to users located outside of the United States: (i) you consent to the transfer, storage, and processing of your information to and in the United States and/or other countries; (ii) if you are using the IoT PI from a country embargoed by the United States, or are on the United States Treasury Department’s list of “Specially Designated Nationals,” you are not authorized to access or use the IoT PI ; and (iii) you agree to comply with all local laws, rules, and regulations including all laws, rules, and regulations in effect in the country in which you reside and the country from which you access the IoT PI. The IoT PI is not intended for distribution to or use by any person or entity in any jurisdiction or country where such distribution or use would be contrary to law or regulation, or that would subject CMU or its affiliates to any registration requirement within such jurisdiction or country.
Notice to California Residents. BY USING THE SERVICES, YOU WAIVE YOUR RIGHTS WITH RESPECT TO CALIFORNIA CIVIL CODE SECTION 1542, WHICH SAYS "A GENERAL RELEASE DOES NOT EXTEND TO CLAIMS WHICH THE CREDITOR DOES NOT KNOW OR SUSPECT TO EXIST IN HIS FAVOR AT THE TIME OF EXECUTING THE RELEASE, WHICH, IF KNOWN BY HIM MUST HAVE MATERIALLY AFFECTED HIS SETTLEMENT WITH THE DEBTOR." HOWEVER, IN NO EVENT ARE STUDY PARTICIPANTS RELEASING ANY LIABILITY OR CLAIMS WITH RESPECT TO THE MALPRACTICE, NEGLIGENCE, BLAME, FAULT, OR GUILT ON THE PART OF THOSE INVOLVED IN THE RESERCH STUDY (INCLUDING CMU).
If the IoT PI is at any time deemed an electronic commercial service (as defined under California Civil Code Section 1789.3), California residents are entitled to the following specific consumer rights information:
The provider of the IoT PI is:
Carnegie Mellon University
5000 Forbes Avenue
Pittsburgh, PA 15213
If the IoT PI is deemed as electronic commercial service, you may file a complaint regarding the IoT PI or to receive further information regarding use of the IoT PI by sending a letter to the attention of “Legal Department” at the above address.
Disclaimer of Warranties. THE IoT PI, AND ALL MATERIALS, INFORMATION, PRODUCTS AND SERVICES INCLUDED IN THE IoT PI ARE PROVIDED "AS IS," WITH NO WARRANTIES WHATSOEVER. CMU, ITS DIRECTORS, OFFICERS, EMPLOYEES, AGENTS, REPRESENTATIVES, AFFILIATES, LICENSORS, CONTENT PROVIDERS, CONTRACTORS (INCLUDING ANY THIRD PARTY PROVIDERS) AND SPONSORS (COLLECTIVELY THE “IoT PI PARTIES”) EXPRESSLY DISCLAIM TO THE FULLEST EXTENT PERMITTED BY LAW ALL EXPRESS, IMPLIED, AND STATUTORY WARRANTIES AND DUTIES, INCLUDING, WITHOUT LIMITATION: THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT; ANY WARRANTIES REGARDING THE SECURITY, RELIABILITY, TIMELINESS, AND PERFORMANCE OF THE IoT PI .
YOU UNDERSTAND AND AGREE THAT YOU PROVIDE OR OTHERWISE OBTAIN ANY AND ALL INFORMATION, MATERIAL, DATA AND/OR OTHER CONTENT THROUGH THE USE OF THE IoT PI AT YOUR OWN DISCRETION AND CMU IS NOT ASSUMING RESPONSIBILITY FOR ANY DAMAGES TO YOUR COMPUTER SYSTEM OR LOSS OF DATA THAT RESULTS FROM THE USE OF SUCH ITEMS; PROVIDED THAT THESE TERMS DO NOT PRECLUDE YOU FROM PURSUING LEGAL ACTION TO SEEK COMPENSATION IN THE EVENT OF MALPRACTICE, NEGLIGENCE, BLAME, FAULT, OR GUILT ON THE PART OF THOSE INVOLVED IN THE RESERCH STUDY (INCLUDING CMU). IN ADDITION, SOME STATES OR OTHER JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES, SO THE ABOVE EXCLUSIONS MAY NOT APPLY TO YOU. YOU MAY ALSO HAVE OTHER RIGHTS THAT VARY FROM STATE TO STATE AND JURISDICTION TO JURISDICTION.
LIMITATION OF LIABILITY; LIMITATION ON DAMAGES. UNDER NO CIRCUMSTANCES ARE CMU OR ANY OTHER IoT PI PARTIES BE LIABLE TO YOU, YOUR ORGANIZATION OR ANY USER ON ACCOUNT OF USE OR MISUSE OF OR RELIANCE ON THE IoT PI ARISING FROM ANY CLAIM FOR THE RECOVERY OF INDIRECT, INCIDENTAL, CONSEQUENTIAL, SPECIAL, EXEMPLARY, AND PUNITIVE DAMAGES WHETHER SUCH CLAIM IS BASED ON WARRANTY, CONTRACT, TORT, OR OTHERWISE, (EVEN IF CMU AND/OR THE IoT PI PARTIES HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES); PROVIDED, HOWEVER, THE FOREGOING LIMITATION OF LIABILITY SHALL NOT APPLY TO ANY CLAIMS DUE TO THE MALPRACTICE, NEGLIGENCE, BLAME, FAULT, OR GUILT ON THE PART OF THOSE INVOLVED IN THE RESERCH STUDY (INCLUDING CMU).
Some states or other jurisdictions do not allow the exclusion or limitation of liability for certain damages, so the above limitations and exclusions shall apply only to the extent permitted under applicable law.
Force Majeure. In the event CMU’s performance of its obligations is delayed or prevented directly or indirectly by acts of nature, forces, or causes beyond its reasonable control, including, without limitation, Internet failures, computer equipment failures, telecommunication equipment failures, other equipment failures, electrical power failures, strikes, labor disputes, riots, insurrections, civil disturbances, shortages of labor or materials, fires, floods, storms, explosions, acts of God, war, governmental actions, orders of domestic or foreign courts or tribunals, non-performance of third parties, or loss of or fluctuations in heat, light, or air conditioning, CMU may take additional time to perform commensurate with the delay or may elect to terminate account access as described in these TOU.
Permitted Users; No CMU Status or Credit Conferred. Using the IoT PI does not confer any CMU course credit and/or any employment or student status at CMU.
Miscellaneous. If any provision of these TOU is held to be invalid or unenforceable, such provision shall be deemed superseded by a valid enforceable provision that most closely matches the intent of the original provision and the remaining provisions shall be enforced. CMU’s failure to act with respect to a breach by you, your organization or any other users does not waive CMU’s right to act with respect to subsequent or similar breaches. The failure of CMU to exercise or enforce any right or provision of these terms and conditions shall not constitute a waiver of such right or provision. The section headings and subheadings contained in these TOU are included for convenience only, and shall not limit or otherwise affect the terms of these TOU. These TOU and any disputes related to them shall be interpreted in accordance with the laws of the Commonwealth of Pennsylvania without regard to its conflicts of laws provisions. All claims and/or controversies of every kind and nature arising out of or relating to these TOU, including any questions concerning its existence, negotiation, validity, meaning, performance, non-performance, breach, continuance or termination shall be settled (1) at CMU’s election, by binding arbitration administered by the American Arbitration Association ("AAA") in accordance with its Commercial Arbitration Rules and, in such case (a) the arbitration proceedings shall be conducted before a panel of three arbitrators, with each party selecting one disinterested arbitrator from a list submitted by the AAA and the two disinterested arbitrators selecting a third arbitrator from the list, (b) each party shall bear its own costs of arbitration, (c) all arbitration hearings shall be conducted in Allegheny County, Pennsylvania, and (d) the provisions hereof shall be a complete defense to any suit, action or proceeding instituted in any Federal, state or local court or before any administrative tribunal with respect to any claim or controversy arising out of or relating to these TOU and which is arbitrable as provided in these TOU, provided that either party may seek injunctive relief in a court of law or equity to assert, protect or enforce its rights hereunder (2) in the event that CMU does not elect binding arbitration as permitted in point (1) above, exclusively in the United States District Court for the Western District of Pennsylvania or, if such Court does not have jurisdiction, in any court of general jurisdiction in Allegheny County, Pennsylvania and each party consents to the exclusive jurisdiction of any such courts and waives any objection which such party may have to the laying of venue in any such courts. Notwithstanding any provision hereof, for all purposes of these TOU each party shall be and act as an independent contractor and not as partner, joint venture, agent, employee or employer of the other and shall not bind nor attempt to bind the other to any contract. You are agreeing to these TOU on behalf of you, and where applicable, your organization. You agree that, except as otherwise expressly provided in these TOU, there shall be no third-party beneficiaries to these TOU.
These TOU and consent form represent the entire agreement with CMU regarding the subject matter hereof, superseding any and all prior or contemporaneous oral or written understandings. These TOU may be amended or changed only by mutual written agreement of you and CMU.
If you have a question about the IoT PI, please contact CMU via email at firstname.lastname@example.org.