The Intelligent Environments Laboratory is releasing the first version of the UT Energy App. This app is intended to provide a way to collect information on climate/temperature and consequent comfort levels for students in UT classrooms and other campus buildings. This data will be used directly by the UT Energy Department to provide students with a better classroom experience and cut costs on climate control.
Key Security Aspects:
- Users log into the app using their unique email address and password.
- No data is store locally on the user’s phone; instead, the data is stored in Google’s Firebase database, whose privacy policy is located here: https://firebase.google.com/support/privacy/
- In the database, data is tied to a hashed user ID, from which it is not possible to gain personal information about the user without access to our database.
- The use of any email other than a utexas.edu email address to sign up is disallowed; this enables us to ensure that only UT related students and other persons are allowed to take part in the data submission. A user is not even allowed to log in without a valid email address.
Types of Data Collected:
- The data we collect from users includes 4 fields: gender, height, weight, and major in school. Users enter the data on the Settings tab of our app and press the Save button to send it to our online Firebase database, where the rest of our user data is stored. Our subjects are any UT students willing to download our iOS app and submit data for the climate of the classrooms they go to.
- We also collect location (GPS) data from our users, which we use to make sure that a user is actually in the building for which they claim to be submitting data for. Users receive giftcard rewards in return for the data they submit. This data is also only stored in our Firebase database, not locally in the phone’s memory.
- The only time data is presented from other users is when a user views a map of their data submissions. This map shows their average comfort level for a building, and beneath that, an average comfort level across all users. However, the comfort level is the only field we pull from the data submissions, and these submissions hold no personal information either way, as it was mentioned as the userId’s in each submission are hashed and mean nothing without our locked user authentication information in our database.
- The data that users submit is simply the building and room they’re in, the room’s perceived temperature, their preferred temperature, and whether they’re wearing a short or long sleeve shirt and short or long pants. There is no text field that they submit, only lists to choose from, sliders, and multiple choice buttons. This enables the data to retain anonymity during submission so that users can’t accidentally reveal personal information.
Screenshots