This study addresses the privacy risks posed by domestic robots in multi-user households, where data collection and sharing often occur without explicit consent from all residents—a gap largely overlooked in prior research. Through participatory design workshops involving 15 households, this work investigates users’ control needs and design expectations for privacy-aware robots from a multi-user perspective. Integrating insights from human-computer interaction and privacy-enhancing technologies, the research proposes a privacy design framework centered on user data sovereignty, accessible controls, transparent notifications, and personalized customization. The resulting actionable design guidelines offer robot manufacturers practical strategies to significantly enhance privacy protection in shared domestic environments.

Household robots boasting mobility, more sophisticated sensors, and powerful processing models have become increasingly prevalent in the commercial market. However, these features may expose users to unwanted privacy risks, including unsolicited data collection and unauthorized data sharing. While security and privacy researchers thus far have explored people's privacy concerns around household robots, literature investigating people's preferred privacy designs and mitigation strategies is still limited. Additionally, the existing literature has not yet accounted for multi-user perspectives on privacy design and household robots. We aimed to fill this gap by conducting in-person participatory design sessions with 15 households to explore how they would design a privacy-aware household robot based on their concerns and expectations. We found that participants did not trust that robots, or their respective manufacturers, would respect the data privacy of household members or operate in a multi-user ecosystem without jeopardizing users' personal data. Based on these concerns, they generated designs that gave them authority over their data, contained accessible controls and notification systems, and could be customized and tailored to suit the needs and preferences of each user over time. We synthesize our findings into actionable design recommendations for robot manufacturers and developers.