Abstract— Following Mark Weiser’s vision of ubiquitous computing and calm technology, computer systems should run in the background, preferably without the user noticing it at all. The gathering and disclosure of contextual information on the one hand enables the improvement of system behaviour towards a more autonomous and adaptive behaviour but on the other hand raises privacy issues by disclosing personal data. Thus, a major challenge in ubiquitous computing environments is achieving a good balance between convenience and control over personal data. In this paper we describe an access control mechanism for context data that enables the user to control his personal data in a convenient and non-intrusive way. The approach is based on existing role-based access control mechanisms but extends them as follows. Firstly, our approach is owner-centric, i.e. it is under control of each user, to whom his context is propagated throughout the system. Secondly, our approach does not only con...