usability of privacy policies notice and choice
play

Usability of privacy policies: Notice and choice Michelle Mazurek - PowerPoint PPT Presentation

Sep 14, 2022 •363 likes •786 views

Usability of privacy policies: Notice and choice Michelle Mazurek With material from Lorrie Cranor, Florian Schaub, and Carman Neustaedter 1 Logistics HW3 grades are out See detailed comments in ELMS Today: Privacy policies, notice

  1. Usability of privacy policies: Notice and choice Michelle Mazurek With material from Lorrie Cranor, Florian Schaub, and Carman Neustaedter 1

  2. Logistics • HW3 grades are out – See detailed comments in ELMS • Today: Privacy policies, notice and choice • Today/Thurs: Coding qualitative data – Important for HW4 2

  3. Review: Privacy self-regulation e c i o t N d n a e c o i h C 3

  4. Notice and choice Protect privacy by giving people control over their information Choices Choices about allowing their data to be collected and used Notice Notice about data in that way collection and use 4

  5. Requirements for meaningful control • Individuals must: – Understand what options they have – Understand implications of their options – Have the means to exercise options • Costs must be reasonable – Money, time, convenience, benefits We know this does not occur in practice! 5

  6. Approaches to improvement • Better labels and icons – Nutrition labels – Privacy icons • Automated policy processing – P3P – Do Not Track – Crowdsourcing – NLP 6

  7. Towards a privacy “nutrition label” • Standardized format – People learn where to find answers – Facilitates policy comparisons • Standardized language – People learn terminology • Brief – People find info quickly • Linked to extended view – Get more details if needed 7

  8. Iterative design process • Focus groups, lab studies, online studies • Comparison to text, standardized text, etc. • Metrics – Reading comprehension (accuracy) – Time to find information – Ease of comparison between pol policies icies – Subjective opinion (easy, fun, trustworthy) P.G. Kelley, J. Bresee, L.F. Cranor, and R.W. Reeder. A “Nutrition Label” for Privacy. SOUPS 2009. P.G. Kelley, L.J. Cesca, J. Bresee, and L.F. Cranor. Standardizing Privacy Notices: An Online Study of the Nutrition Label Approach. CHI2010. 8

  9. 9

  10. Privacy label for Android 10

  11. Role play studies • Select apps for friend with new Android phone – Choose from 2 similar apps in each of 6 categories – Click on app name to visit download screens – Different permissions per app • Post-task questionnaire • Participants who saw Privacy Facts more likely to select apps that requested fewer permissions – Other factors such as brand and rating reduce effect P .G. Kelley, L.F. Cranor, and N. Sadeh. Privacy as part of the app decision-making process. CHI 2013. 11

  12. http://www.azarask.in/blog/post/privacy-icons/ 2010 12

  13. 13

  14. http://www.azarask.in/blog/post/privacy-icons/ 2010 14

  15. In groups: Design icons and tag lines for smartphone app privacy 1. App only collects the information it needs to work and only uses and shares information as necessary to provide the service you requested 2. Same as 1 but app also collects information about your location and use of apps and provides it to advertising companies to target ads to you 3. App may collect any information and use or share it for any purpose 15

  16. P3P Overview (Review) • W3C specification for XML privacy policies – Proposed 1996 – Adopted 2002 • Optional P3P compact policy HTTP headers to accompany cookies • Goal: Your agent enforces your preferences • Lacks incentives for adoption 16

  17. Too much is not enough? • 17 data categories, 12 possible collection purposes, 6 possible recipients, 5 retention policies – Annotations: description, opt-in/out, etc. • Too much detail? Insufficiently expressive? – Both! 17

  18. Why provide more detail? • Companies’ actions are nuanced • What is important may change over time • Broad categories may make things look worse – Compact P3P policies • Provide all info and let user agent sort it out 18

  19. Why is this too much detail? • Difficult to author a policy accurately – Ambiguous, redundant categories • Bugs in user agent parsing/display • Different agents may abstract differently – Hard for users to compare across tools – Companies must test different views 19

  20. Do Not Track • An HTTP header sent by your browser – Websites and services can promise to respect it – No client-side enforcement • What does tracking mean? • The problem of defaults 20

  21. CMU Usable Privacy Project • Semi-automatically extract data practices from privacy policies – Crowdsourcing, machine learning, NLP • Understanding and modeling user preferences – Focus on data practices users care about • Provide effective for privacy notices • Large-scale analysis of website privacy policies – To inform public policy 21

  22. Which practices are relevant? • From FTC enforcement, class action suits: – Unauthorized disclosure – Surreptitious collection – Unlawful retention – Do you think this is the right approach? • Prior studies of privacy concerns: – Contact info, location, financials, health 22

  23. Crowdsourcing policy extraction • Does the site collect X information? – Yes, no, unclear; provide evidence 23

  24. Crowdsourcing policy extraction • Compare results: crowdworkers vs. experts – 76% of cases: crowdworkers agree w/ experts – 2%: agree with each other, but not experts – 22%: don’t reach consensus Reidenberg et al., Disagreeable Privacy Policies: Mismatches between Meaning and Users’ Understanding, Berkeley Technology Law Journal (to appear) 24

  25. User interface goals • Use extracted data to inform consumers – With level of confidence • Enable meaningful comparisons with similar sites • Design and testing in progress • What wil What will it take for users to pay at l it take for users to pay attent tention? ion? 25

  26. Summary: Privacy notice and choice • Only works if understandable, actionable • Incentives, enforcement are critical • Better together: automated policy reading, usable notices and icons – Standardized, layered • The problem of expressiveness 26

  27. CODING QUALITATIVE DATA 27

  28. Qualitative coding • Today: Types of coding and methods – Open, axial, systematic • Thursday: – Validating coded data – Reporting coded data – Hopefully: Try it! • You may feel uncomfortable with this! – Work carefully, use established methods 28

  29. Kinds of coding • Open coding (inductive) – When you aren’t sure what you’re looking for – Fine-grained details • Axial coding (inductive) – Draw connections and themes (from data or codes) – One option: Affinity diagrams • Systematic coding (deductive) – When you start from a hypothesis or theory 29

  30. Open coding • Inductive: For generating theory • Treat data as answers to open-ended questions • Formulate questions (mostly) ahead – Go through transcript, asking the questions – Encounter a new possible answer, make a code – Record the participant, the code, and the evidence he evidence 30

  31. Example: Access control in the home • Questions: – What data should be protected? – How are physical files protected? – How are digital files protected? – Has the participant had a bad experience? • Update and refine questions as you go 31

  32. Example codes • “If I didn’t want everyone to see them, I just had them for a little while and then I just deleted DEL them.” • “If you name something ‘8F2R349,’ who’s going HID to look at that?” • Using a laptop password “just in case … we PWD have guests over” 32

  33. Keeping track • Codebook: Questions, possible answers • Excel, db software, expensive coding tools • Track per question: – Participant – Code(s) – Where you found evidence, quotes 33

  34. Axial coding – Finding themes • Group low-level codes into categories • One method: affinity diagramming – Write low-level data/codes on sticky notes – Group hierarchically – Update as themes emerge 34

  35. Example: Calendar field study • Step 1: Affinity Notes – Each note contains one idea / code – Place them on a flat surface / wall 35 Neustaedter, 2007

  36. Diagram building • Collect related notes 36

  37. Diagram building 37

  38. Diagram building 38

  39. Diagram building 39

  40. Write affinity labels for each group • Continue to further refine groupings People check the Calendar placement Interface visuals calendar when not at is a challenge affect usage home 40

  41. Systematic coding • For testing an existing hypothesis/theory • Codes are created ahead of time – Before interviewing! – From existing literature/theory – From prior rounds of open coding • Code just as before 41

  42. Summary: Qualitative coding • Generating or testing a theory? – Open, axial vs. systematic • Short codes representing possible answers – If open coding, refine as you go • Carefully track codebook and evidence 42

Recommend

Privacy notice and Privacy notice and choice choice Engineering & Public Policy Lorrie

Privacy notice and Privacy notice and choice choice Engineering & Public Policy Lorrie

CyLab Privacy notice and Privacy notice and choice choice Engineering & Public Policy Lorrie Faith Cranor October 1, 2013 y & c S a e v c i u r P r i t e y l b L a a s b U o 8-533 / 8-733 / 19-608 /

1.1k views • 53 slides
Privacy notice and Privacy notice and choice choice Engineering & Public Policy Lorrie

Privacy notice and Privacy notice and choice choice Engineering & Public Policy Lorrie

CyLab Privacy notice and Privacy notice and choice choice Engineering & Public Policy Lorrie Faith Cranor September 29, 2015 y & c S a e v c i u r P r i t e y l b L a a s b U o 8-533 / 8-733 / 19-608 /

1.11k views • 76 slides
Privacy notice and Privacy notice and choice choice Engineering & Public Policy Lorrie

Privacy notice and Privacy notice and choice choice Engineering & Public Policy Lorrie

CyLab Privacy notice and Privacy notice and choice choice Engineering & Public Policy Lorrie Faith Cranor September 23, 2014 y & c S a e v c i u r P r i t e y l b L a a s b U o 8-533 / 8-733 / 19-608 /

1.01k views • 67 slides
Disclosures in Privacy Policies: Does notice and consent work? Rishab Bailey, Smriti

Disclosures in Privacy Policies: Does notice and consent work? Rishab Bailey, Smriti

Disclosures in Privacy Policies: Does notice and consent work? Rishab Bailey, Smriti Parsheera, Faiza Rahman and Renuka Sane National Institute of Public Finance and Policy Supported by the Omidyar Network What is consent? Law

770 views • 17 slides
Conclusion Announcements Society Privacy Policies and Laws 4 Privacy Policies and Laws Mark

Conclusion Announcements Society Privacy Policies and Laws 4 Privacy Policies and Laws Mark

Conclusion Announcements Society Privacy Policies and Laws 4 Privacy Policies and Laws Mark Zuckerberg in San Francisco, January 8, 2010 "People have really gotten comfortable not only sharing more information and different kinds, but

352 views • 21 slides
Seeing through Website Privacy Policies Rishiraj Saha Roy Max Planck Institute for Informatics

Seeing through Website Privacy Policies Rishiraj Saha Roy Max Planck Institute for Informatics

Seeing through Website Privacy Policies Rishiraj Saha Roy Max Planck Institute for Informatics Saarbrcken, Germany "Data, Responsibly", Dagstuhl Seminar, 20 July 2016 Opacity in todays Website privacy policies Privacy policies

215 views • 6 slides
Why We Cant Be Bothered to Read Privacy Policies: Models of Privacy Economics as a Lemons

Why We Cant Be Bothered to Read Privacy Policies: Models of Privacy Economics as a Lemons

Why We Cant Be Bothered to Read Privacy Policies: Models of Privacy Economics as a Lemons Market Tony Vila Rachel Greenstadt David Molnar Harvard University March 27, 2003 1 Motivation People claim to have high values for privacy

474 views • 9 slides
The Usability, Security, and Privacy Limits of Blockchain J I B E . C O M P A N Y Codiax 2019

The Usability, Security, and Privacy Limits of Blockchain J I B E . C O M P A N Y Codiax 2019

The Usability, Security, and Privacy Limits of Blockchain J I B E . C O M P A N Y Codiax 2019 Hello! Im Joris van Rooij Software Architect at Jibe.Company From Eindhoven, the Netherlands J I B E . C O M P A N Y I like...

1.72k views • 144 slides
Type checking privacy policies in the

Type checking privacy policies in the

Type checking privacy policies in the -calculus Anna Philippou University of Cyprus Joint work with Dimitrios

572 views • 28 slides
Standardised Privacy Policies: A Post-mortem and Promising Developments Presentation for W3C

Standardised Privacy Policies: A Post-mortem and Promising Developments Presentation for W3C

Standardised Privacy Policies: A Post-mortem and Promising Developments Presentation for W3C Workshop: Privacy and User-Centric Controls, Berlin 21.11.2014 Reuben Binns r@reubenbinns.com @RDBinns Incentives Creating a standard is costly

721 views • 14 slides
Beyond the Pile of Knobs: Usability and Design for Privacy, Security, Safety & Consent

Beyond the Pile of Knobs: Usability and Design for Privacy, Security, Safety & Consent

Beyond the Pile of Knobs: Usability and Design for Privacy, Security, Safety & Consent Georgia Bullen // @georgiamoon Executive Director Simply Secure FOSDEM // 2 February 2020 Everyone deserves technology they can trust. Simply Secure

437 views • 28 slides
IPv6 Stateless Address Autoconfiguration: Balancing Between Security, Privacy and Usability Ahmad

IPv6 Stateless Address Autoconfiguration: Balancing Between Security, Privacy and Usability Ahmad

IPv6 Stateless Address Autoconfiguration: Balancing Between Security, Privacy and Usability Ahmad AlSadeh, Hosnieh Rafiee, Christoph Meinel Hasso-Plattner-Institut, University of Potsdam, Germany IPv6 StateLess Address Auto- Configuration

330 views • 20 slides
Augmented SEND: Aligning Security, Privacy, and Usability Ahmad AlSadeh Supervisor: Prof. Dr.

Augmented SEND: Aligning Security, Privacy, and Usability Ahmad AlSadeh Supervisor: Prof. Dr.

Augmented SEND: Aligning Security, Privacy, and Usability Ahmad AlSadeh Supervisor: Prof. Dr. Christoph Meinel Hasso-Plattner-Institut, University of Potsdam April 23, 2013 IPv4 address exhaustion 2 IANA unallocated address pool IPv6

885 views • 47 slides
How Badly Broken is Privacy Legislation? And what can we do to fix it? 17th Annual Privacy and

How Badly Broken is Privacy Legislation? And what can we do to fix it? 17th Annual Privacy and

How Badly Broken is Privacy Legislation? And what can we do to fix it? 17th Annual Privacy and Security Conference Privacy and Security by Choice, not Chance Afternoon Workshop Wednesday February 3, 2016 Victoria, B.C. Canada Gerry Bliss

1.11k views • 63 slides
Personal Choice and Challenge Questions: A Security and Usability Assessment 16 July 2009 Mike

Personal Choice and Challenge Questions: A Security and Usability Assessment 16 July 2009 Mike

SOUPS 2009 Personal Choice and Challenge Questions: A Security and Usability Assessment 16 July 2009 Mike Just University of Edinburgh (joint work with David Aspinall) Challenge Question Authentication Authentication credential is answer

394 views • 20 slides
Do gma 1 Deliverables from usability professionals must be highly usable Reports,

Do gma 1 Deliverables from usability professionals must be highly usable Reports,

Myths about usability testing Copies of Slides U X Day Graz 2013 F ive use rs will find 85% o f the usability pro ble ms Rolf Molich - and o the r myths abo ut DialogDesign usability te sting Do gma 1 Deliverables from

659 views • 18 slides
Ag e nda What is an IDP? What are NIH and OGS policies for IDPs? Review of NIH

Ag e nda What is an IDP? What are NIH and OGS policies for IDPs? Review of NIH

Ag e nda What is an IDP? What are NIH and OGS policies for IDPs? Review of NIH notice/policies Introduction of IDP Form Skill Assessment Career Exploration/Objective Goal Setting Mentor Input IDP Progress Wha t

540 views • 21 slides
Privacy Preserving Rechargeable Battery Policies for Smart Metering Systems Simon Li (Toronto),

Privacy Preserving Rechargeable Battery Policies for Smart Metering Systems Simon Li (Toronto),

Privacy Preserving Rechargeable Battery Policies for Smart Metering Systems Simon Li (Toronto), Ashish Khisti (Toronto), Aditya Mahajan (McGill) March 3, 2016 1/15 Motivation: Privacy Leakage through Power Profile U. Greveler, P. Glosekotter,

810 views • 25 slides
CSCI E-170: Computer Security, Privacy and Usability Hour #2: Biometrics Biometrics Something

CSCI E-170: Computer Security, Privacy and Usability Hour #2: Biometrics Biometrics Something

CSCI E-170: Computer Security, Privacy and Usability Hour #2: Biometrics Biometrics Something that you know Something that you have Something that you are Uses of Biometrics: Simple: Verification Is this who he claims to be?

592 views • 40 slides
The impact of policies of increasing choice on those who live in households Susan Himmelweit

The impact of policies of increasing choice on those who live in households Susan Himmelweit

The impact of policies of increasing choice on those who live in households Susan Himmelweit Jerome De Henau Open University, UK s.f.himmelweit@open.ac.uk j.de-henau@open.ac.uk IAFFE, Paris, July 2012 Choice Increasingly called on as a

324 views • 14 slides
Now Do Voters Notice Review Screen Anomalies? A Look at Voting System Usability Bryan A.

Now Do Voters Notice Review Screen Anomalies? A Look at Voting System Usability Bryan A.

Now Do Voters Notice Review Screen Anomalies? A Look at Voting System Usability Bryan A. Campbell Michael D. Byrne Department of Psychology Rice University Houston, TX bryan.campbell@rice.edu byrne@acm.org http://chil.rice.edu/ Overview

802 views • 29 slides
Rigorous Evaluation Usability Testing To Review - What is Usability? A measure of the quality

Rigorous Evaluation Usability Testing To Review - What is Usability? A measure of the quality

Rigorous Evaluation Usability Testing To Review - What is Usability? A measure of the quality of the users experience when interacting with a product or system How usable is the interface? Usability Measures Ease of learning

912 views • 24 slides
Privacy David Wagner What is privacy? the right to be let alone Justices Samuel Warren

Privacy David Wagner What is privacy? the right to be let alone Justices Samuel Warren

Privacy David Wagner What is privacy? the right to be let alone Justices Samuel Warren and Louis Brandeis control over who can obtain or use information about me Fair Information Practices notice, consent (opt-in/opt-out),

711 views • 21 slides
USABILITY INTRODUCTION USABILITY AND USER INTERFACE DESIGN TO BE PREPARED FOR THIS CLASS YOU

USABILITY INTRODUCTION USABILITY AND USER INTERFACE DESIGN TO BE PREPARED FOR THIS CLASS YOU

USABILITY INTRODUCTION USABILITY AND USER INTERFACE DESIGN TO BE PREPARED FOR THIS CLASS YOU WILL HAVE WORKED THROUGH THE LYNDA.COM UX-1 SECTION. FOR THIS CLASS USABILITY WHAT is Usability? WHY is Usability important? USER

611 views • 21 slides

More recommend