Article

A design space for effective privacy notices

Authors:

Florian Schaub,

Rebecca Balebako,

Adam L. Durity,

Lorrie Faith CranorAuthors Info & Claims

SOUPS '15: Proceedings of the Eleventh USENIX Conference on Usable Privacy and Security

Pages 1 - 17

Published: 22 July 2015 Publication History

Abstract

Notifying users about a system's data practices is supposed to enable users to make informed privacy decisions. Yet, current notice and choice mechanisms, such as privacy policies, are often ineffective because they are neither usable nor useful, and are therefore ignored by users. Constrained interfaces on mobile devices, wearables, and smart home devices connected in an Internet of Things exacerbate the issue. Much research has studied usability issues of privacy notices and many proposals for more usable privacy notices exist. Yet, there is little guidance for designers and developers on the design aspects that can impact the effectiveness of privacy notices. In this paper, we make multiple contributions to remedy this issue. We survey the existing literature on privacy notices and identify challenges, requirements, and best practices for privacy notice design. Further, we map out the design space for privacy notices by identifying relevant dimensions. This provides a taxonomy and consistent terminology of notice approaches to foster understanding and reasoning about notice options available in the context of specific systems. Our systemization of knowledge and the developed design space can help designers, developers, and researchers identify notice and choice requirements and develop a comprehensive notice concept for their system that addresses the needs of different audiences and considers the system's limitations and opportunities for providing notice.

References

[1]

A. Acquisti. Nudging privacy: The behavioral economics of personal information. IEEE Security Privacy, 7(6):82-85, 2009.

Digital Library

[2]

A. Acquisti, L. Brandimarte, and G. Loewenstein. Privacy and human behavior in the age of information. Science, 347(6221):509-514, 2015.

[3]

I. Adjerid, A. Acquisti, L. Brandimarte, and G. Loewenstein. Sleights of privacy: Framing, disclosures, and the limits of transparency. In Proc. SOUPS '13, page 9. ACM, 2013.

Digital Library

[4]

H. Almuhimedi, F. Schaub, N. Sadeh, I. Adjerid, A. Acquisti, J. Gluck, L. F. Cranor, and Y. Agarwal. Your location has been shared 5,398 times! a field study on mobile app privacy nudging. In Proc. CHI '15. ACM, 2015.

Digital Library

[5]

B. Anderson, B. Kirwan, D. Eargle, S. Howard, and A. Vance. How polymorphic warnings reduce habituation in the brain - insights from an fMRI study. In Proc. CHI '15. ACM, 2015.

Digital Library

[6]

B. Anderson, A. Vance, B. Kirwan, E. D., and S. Howard. Users aren't (necessarily) lazy: Using NeuroIS to explain habituation to security warnings. In Proc. ICIS '14, 2014.

[7]

J. Angulo, S. Fischer-Hübner, T. Pulls, and U. König. HCI for Policy Display and Administration. In Privacy and Identity Management for Life, pages 261-277. Springer, 2011.

[8]

J. J. Argo and K. J. Main. Meta-Analyses of the Effectiveness of Warning Labels. Journal of Public Policy & Marketing, 23(2):193-208, Oct. 2004.

[9]

Article 29 Data Protection Working Party. Opinion 10/2004 on More Harmonised Information Provisions. WP 100, Nov. 2004.

[10]

Article 29 Data Protection Working Party. Opinion 8/2014 on the Recent Developments on the Internet of Things. WP 223, Sept. 2014.

[11]

Autographer. http://www.autographer.com, 2012. accessed: 2015-06-01.

[12]

R. Balebako. Mitigating the Risks of Smartphone Data Sharing: Identifying Opportunities and Evaluating Notice. PhD thesis, Engineering and Public Policy, Carnegie Mellon University, 2014.

[13]

R. Balebako, J. Jung, W. Lu, L. F. Cranor, and C. Nguyen. Little brothers watching you: Raising awareness of data leaks on smartphones. In Proc. SOUPS '13. ACM, 2013.

Digital Library

[14]

R. Balebako, R. Shay, and L. F. Cranor. Is your inseam a biometric? a case study on the role of usability studies in developing public policy. In Proc. USEC '14, 2014.

[15]

L. Barkhuus. The Mismeasurement of Privacy: Using Contextual Integrity to Reconsider Privacy in HCI. In Proc. CHI '12. ACM, 2012.

Digital Library

[16]

L. Bauer, C. Bravo-Lillo, L. F. Cranor, and E. Fragkaki. Warning design guidelines. Tech. report CMU-CyLab-13-002, CyLab, Carnegie Mellon University, 2013.

[17]

A. Besmer, J. Watson, and H. R. Lipford. The impact of social navigation on privacy policy configuration. In Proc. SOUPS '10. ACM, 2010.

Digital Library

[18]

R. Böhme and J. Grossklags. The security cost of cheap user interaction. In Proc. Workshop on New Security Paradigms. ACM, 2011.

Digital Library

[19]

R. Böhme and S. Köpsell. Trained to accept?: A field experiment on consent dialogs. In Proc. CHI '10. ACM, 2010.

Digital Library

[20]

L. Brandimarte, A. Acquisti, and G. Loewenstein. Misplaced confidences privacy and the control paradox. Social Psychological and Personality Science, 4(3):340-347, 2013.

[21]

C. Bravo-Lillo, L. F. Cranor, S. Komanduri, S. Schechter, and M. Sleeper. Harder to ignore? Revisiting pop-up fatigue and approaches to prevent it. In Proc. SOUPS '14, 2014.

[22]

C. Bravo-Lillo, S. Komanduri, L. F. Cranor, R. W. Reeder, M. Sleeper, J. Downs, and S. Schechter. Your attention please: Designing security-decision uis to make genuine risks harder to ignore. In Proc. SOUPS '13. ACM, 2013.

Digital Library

[23]

R. Calo. Against notice skepticism in privacy (and elsewhere). Notre Dame Law Review, 87(3):1027-1072, 2012.

[24]

J. Cannon. Privacy in Technology. IAPP, 2014.

[25]

F. Cate. The Limits of Notice and Choice. IEEE Security Privacy, 8(2):59-62, Mar. 2010.

Digital Library

[26]

Center for Information Policy Leadership. Ten Steps to Develop a Multilayered Privacy Notice. White paper, Mar. 2007.

[27]

Centers for Medicare & Medicaid Services. The Health Insurance Portability and Accountability Act of 1996 (HIPAA). http://www.cms.hhs.gov/hipaa/, 1996.

[28]

Y. Chen, F. M. Zahedi, and A. Abbasi. Interface design elements for anti-phishing systems. In Service-Oriented Perspectives in Design Science Research, pages 253-265. Springer, 2011.

Digital Library

[29]

E. Choe, J. Jung, B. Lee, and K. Fisher. Nudging people away from privacy-invasive mobile apps through visual framing. In Proc. INTERACT '13. Springer, 2013.

[30]

CMU CyLab. Workshop on the future of privacy notice and choice. https://www.cylab.cmu.edu/news_events/events/fopnac/, June 27 2015.

[31]

L. Cranor. Giving notice: Why privacy policies and security breach notifications aren't enough. IEEE Communications Magazine, 43(8):18-19, Aug. 2005.

Digital Library

[32]

L. F. Cranor. A framework for reasoning about the human in the loop. In Proc. UPSEC '08. USENIX Assoc., 2008.

Digital Library

[33]

L. F. Cranor. Necessary but not sufficient: Standardized mechanisms for privacy notice and choice. Journal on Telecommunications and High Technology Law, 10:273, 2012.

[34]

L. F. Cranor, P. Guduru, and M. Arjula. User interfaces for privacy agents. ACM TOCHI, 13(2):135-178, 2006.

Digital Library

[35]

L. F. Cranor, K. Idouchi, P. G. Leon, M. Sleeper, and B. Ur. Are they actually any different? Comparing thousands of financial institutions' privacy practices. In Proc. WEIS '13, 2013.

[36]

G. Danezis, J. Domingo-Ferrer, M. Hansen, J.-H. Hoepman, D. Le Métayer, R. Tirtea, and S. Schiffner. Privacy and Data Protection by Design -- from policy to engineering. report, ENISA, Dec. 2014.

[37]

M. Deng, K. Wuyts, R. Scandariato, B. Preneel, and W. Joosen. A privacy threat analysis framework: supporting the elicitation and fulfillment of privacy requirements. Requirements Engineering, 16(1):3-32, Nov. 2010.

Digital Library

[38]

Disconnect.me. Privacy policies are too complicated: We've simplified them. https://disconnect.me/icons, Dec. 2014. accessed: 2015-06-01.

[39]

J. Eason. Android M developer preview & tools. Android Developers Blog, May 28 2015. http://android-developers.blogspot.com/2015/05/android-m-developer-preview-tools.html, accessed: 2015-06-01.

[40]

S. Egelman, J. Tsai, L. F. Cranor, and A. Acquisti. Timing is everything?: the effects of timing and placement of online privacy indicators. In Proc. CHI '09. ACM, 2009.

Digital Library

[41]

European Parliament and Council. Directive 95/46/EC on the protection of individuals with regard to the processing of personal data and on the free movement of such data. Official Journal of the European Communities, (L 281):31-50, 1995.

[42]

European Parliament and Council. Directive 2002/58/EC concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications). Official Journal of the European Communities, (L 201), 2002.

[43]

European Parliament and Council. Directive 2009/136/EC. Official Journal of the European Communities, (L 337), 2009.

[44]

Facebook. Data policy. https://www.facebook.com/privacy/explanation, 2015. accessed: 2015-06-01.

[45]

Federal Trade Commission. Privacy online: a report to Congress. FTC report, 1998.

[46]

Federal Trade Commission. Protecting consumer privacy in an era of rapid change. FTC report, 2012.

[47]

Federal Trade Commission. Mobile privacy disclosures: Building trust through transparency. FTC staff report, Feb. 2013.

[48]

Federal Trade Commission. Internet of things: Privacy & security in a connected world. FTC staff report, Jan. 2015.

[49]

A. Felt, S. Egelman, M. Finifter, D. Akhawe, and D. Wagner. How to ask for permission. In Proc. HOTSEC '12, 2012.

Digital Library

[50]

S. Fischer-Hübner, J. S. Pettersson, M. Bergmann, M. Hansen, S. Pearson, and M. C. Mont. HCI Designs for Privacy-Enhancing Identity Management. In Digital Privacy: Theory, Technologies, and Practices, pages 229-252. Auerbach Pub., 2008.

[51]

H. Fu, Y. Yang, N. Shingte, J. Lindqvist, and M. Gruteser. A field study of run-time location access disclosures on android smartphones. In Proc. USEC '14, 2014.

[52]

L. Garrison, M. Hastak, J. M. Hogarth, S. Kleimann, and A. S. Levy. Designing Evidence-based Disclosures: A Case Study of Financial Privacy Notices. Journal of Consumer Affairs, 46(2):204-234, June 2012.

[53]

C. Gates, N. Li, H. Peng, B. Sarma, Y. Qi, R. Potharaju, C. Nita-Rotaru, and I. Molloy. Generating summary risk scores for mobile applications. IEEE Trans. Dependable and Secure Computing, 11(3):238-251, May 2014.

Digital Library

[54]

Ghostery. https://www.ghostery.com. accessed: 2015-06-01.

[55]

J. Gomez, T. Pinnick, and A. Soltani. KnowPrivacy. Final report, UC Berkeley, School of Information, 2009.

[56]

N. S. Good, J. Grossklags, D. K. Mulligan, and J. A. Konstan. Noticing notice: a large-scale experiment on the timing of software license agreements. In Proc. CHI '07. ACM, 2007.

Digital Library

[57]

G. Greenleaf. Sheherezade and the 101 data privacy laws: Origins, significance and global trajectories. Journal of Law, Information and Science, 23(1):4-49, 2014.

[58]

M. Harbach, S. Fahl, P. Yakovleva, and M. Smith. Sorry, I don't get it: An analysis of warning message texts. In Proc. USEC '13. Springer, 2013.

[59]

M. Harbach, M. Hettig, S. Weber, and M. Smith. Using personal examples to improve risk communication for security & privacy decisions. In Proc. CHI '14. ACM, 2014.

Digital Library

[60]

C. Harrison, J. Horstman, G. Hsieh, and S. Hudson. Unlocking the expressivity of point lights. In Proc. CHI '12. ACM, 2012.

Digital Library

[61]

L.-E. Holtz, H. Zwingelberg, and M. Hansen. Privacy Policy Icons. In Privacy and Identity Management for Life, pages 279-285. Springer, 2011.

[62]

G. Iachello, K. N. Truong, G. D. Abowd, G. R. Hayes, and M. Stevens. Prototyping and sampling experience to evaluate ubiquitous computing privacy in the real world. In Proc. CHI '06. ACM, 2006.

Digital Library

[63]

P. G. Inglesant and M. A. Sasse. The True Cost of Unusable Password Policies: Password Use in the Wild. In Proc. CHI '10. ACM, 2010.

Digital Library

[64]

C. Jensen and C. Potts. Privacy policies as decision-making tools: an evaluation of online privacy notices. In Proc. CHI '04. ACM, 2004.

Digital Library

[65]

M. J. Keith, C. Maynes, P. B. Lowry, and J. Babb. Privacy fatigue: The effect of privacy control complexity on consumer electronic information disclosure. In Proc. ICIS '14. SSRN, 2014.

[66]

P. G. Kelley, L. Cesca, J. Bresee, and L. F. Cranor. Standardizing privacy notices: an online study of the nutrition label approach. In Proc. CHI '10. ACM, 2010.

Digital Library

[67]

P. G. Kelley, L. F. Cranor, and N. Sadeh. Privacy as part of the app decision-making process. In Proc. CHI '13. ACM, 2013.

Digital Library

[68]

A. Kobsa and M. Teltzrow. Contextualized communication of privacy practices and personalization benefits: Impacts on users' data sharing and purchase behavior. In Proc. PETS '05. Springer, 2005.

Digital Library

[69]

B. Könings, F. Schaub, and M. Weber. PriFi beacons: piggybacking privacy implications on wifi beacons. In Ubicomp '13 Adjunct Proceedings. ACM, 2013.

Digital Library

[70]

B. Könings, S. Thoma, F. Schaub, and M. Weber. Pripref broadcaster: Enabling users to broadcast privacy preferences in their physical proximity. In Proc. MUM '14. ACM, 2014.

Digital Library

[71]

P. Kortum. HCI beyond the GUI: Design for haptic, speech, olfactory, and other nontraditional interfaces. Morgan Kaufmann, 2008.

Digital Library

[72]

P. Kortum. HCI beyond the GUI: Design for haptic, speech, olfactory, and other nontraditional interfaces. Morgan Kaufmann, 2008.

Digital Library

[73]

S. Landau. Control use of data to protect privacy. Science, 347(6221):504-506, Jan. 2015.

[74]

M. Langheinrich. Privacy by design - principles of privacy-aware ubiquitous systems. In Proc. UbiComp '01. Springer, 2001.

Digital Library

[75]

M. Langheinrich. A Privacy Awareness System for Ubiquitous Computing Environments. In Proc. UbiComp '02. Springer, 2002.

Digital Library

[76]

M. Lazer-Walker. Core location in ios 8. http://nshipster.com/core-location-in-ios-8/, 2014. accessed: 2015-06-01.

[77]

P. Leon, B. Ur, R. Shay, Y. Wang, R. Balebako, and L. Cranor. Why Johnny can't opt out: A usability evaluation of tools to limit online behavioral advertising. In Proc. CHI '12. ACM, 2012.

Digital Library

[78]

P. G. Leon, J. Cranshaw, L. F. Cranor, J. Graves, M. Hastak, B. Ur, and G. Xu. What do online behavioral advertising privacy disclosures communicate to users? In Proc. WPES '12. ACM, 2012.

Digital Library

[79]

I. Liccardi, J. Pato, D. J. Weitzner, H. Abelson, and D. De Roure. No technical understanding required: Helping users make informed choices about access to their personal data. In Proc. MOBIQUITOUS '14. ICST, 2014.

Digital Library

[80]

J. Lin, S. Amini, J. I. Hong, N. Sadeh, J. Lindqvist, and J. Zhang. Expectation and purpose: understanding users' mental models of mobile app privacy through crowdsourcing. In Proc. UbiComp '12. ACM, 2012.

Digital Library

[81]

G. Maganis, J. Jung, T. Kohno, A. Sheth, and D. Wetherall. Sensor tricorder: What does that sensor know about me? In Proc. HotMobile '11. ACM, 2011.

Digital Library

[82]

G. Marx. Murky conceptual waters: The public and the private. Ethics and Information technology, pages 157-169, 2001.

Digital Library

[83]

A. M. McDonald and L. F. Cranor. The Cost of Reading Privacy Policies. I/S: A Journal of Law and Policy for the Information Society, 4(3):540-565, 2008.

[84]

A. M. Mcdonald, R. W. Reeder, P. G. Kelley, and L. F. Cranor. A comparative study of online privacy policies and formats. In Proc. PETS '09. Springer, 2009.

Digital Library

[85]

Microsoft. Privacy Guidelines for Developing Software Products and Services. Technical Report version 3.1, 2008.

[86]

Microsoft. Microsoft.com privacy statement. https://www.microsoft.com/privacystatement/enus/core/default.aspx, 2014. accessed: 2015-06-01.

[87]

G. R. Milne, M. J. Culnan, and H. Greene. A longitudinal assessment of online privacy notice readability. Journal of Public Policy & Marketing, 25(2):238-249, 2006.

[88]

A. Mylonas, M. Theoharidou, and D. Gritzalis. Assessing privacy risks in android: A user-centric approach. In Workshop on Risk Assessment and Risk-Driven Testing. Springer, 2014.

[89]

J. Nielsen and R. Molich. Heuristic evaluation of user interfaces. In Proc. CHI '90. ACM, 1990.

Digital Library

[90]

L. Nielsen. Personas. In The Encyclopedia of Human-Computer Interaction. The Interaction Design Foundation, 2nd ed. edition, 2014. https://www.interaction-design.org/encyclopedia/personas.html.

[91]

H. Nissenbaum. A contextual approach to privacy online. Daedalus, 140(4):32-48, 2011.

[92]

NTIA. Short form notice code of conduct to promote transparency in mobile app practices. Redline draft, July 2013. http://www.ntia.doc.gov/files/ntia/publications/july_25_code_draft.pdf.

[93]

NTIA. Privacy multistakeholder process: Facial recognition technology, 2014. http://www.ntia.doc.gov/other-publication/2014/privacy-multistakeholder-process-facial-recognition-technology, accessed: 2015-06-01.

[94]

OECD. Making Privacy Notices Simple. Digital Economy Papers 120, July 2006. http://www.oecdilibrary.org/science-and-technology/making-privacy-notices-simple_231428216052.

[95]

OECD. The OECD Privacy Framework. Report, 2013. http://www.oecd.org/sti/ieconomy/oecd_privacy_framework.pdf.

[96]

Official California Legislative Information. The Online Privacy Protection Act of 2003, 2003.

[97]

L. Palen and P. Dourish. Unpacking "privacy" for a networked world. In Proc. CHI '03. ACM, 2003.

Digital Library

[98]

S. Patil, R. Hoyle, R. Schlegel, A. Kapadia, and A. J. Lee. Interrupt now or inform later?: Comparing immediate and delayed privacy feedback. In Proc. CHI '15. ACM, 2015.

Digital Library

[99]

S. Patil, X. Page, and A. Kobsa. With a little help from my friends: Can social navigation inform interpersonal privacy preferences? In Proc. CSCW '11. ACM, 2011.

Digital Library

[100]

S. Patil, R. Schlegel, A. Kapadia, and A. J. Lee. Reflection or action?: How feedback and control affect location sharing decisions. In Proc. CHI '14. ACM, 2014.

Digital Library

[101]

A. Patrick and S. Kenny. From privacy legislation to interface design: Implementing information privacy in human-computer interactions. In Proc. PET '03. Springer, 2003.

[102]

K. Peffers, T. Tuunanen, M. A. Rothenberger, and S. Chatterjee. A design science research methodology for information systems research. Journal of management information systems, 24(3):45-77, 2007.

Digital Library

[103]

S. R. Peppet. Regulating the Internet of Things: First Steps Toward Managing Discrimination, Privacy, Security, and Consent. Texas Law Review, 93(85):85-176, 2014.

[104]

T. Pinnick. Privacy short notice design. TRUSTe blog, Feb. 2011. http://www.truste.com/blog/2011/02/17/privacy-short-notice-design/, accessed: 2015-06-01.

[105]

R. S. Portnoff, L. N. Lee, S. Egelman, P. Mishra, D. Leung, and D. Wagner. Somebody's watching me? assessing the effectiveness of webcam indicator lights. In Proc. CHI '15, 2015.

Digital Library

[106]

President's Concil of Advisors on Science and Technology. Big data and privacy: A technological perspective. Report to the President, Executive Office of the President, May 2014.

[107]

E. Ramirez. Privacy and the IoT: Navigating policy issues. CES Opening Remarks, 2015. FTC public statement.

[108]

A. Raskin. Privacy icons: Alpha release. http://www.azarask.in/blog/post/privacy-icons/. accessed: 2015-06-01.

[109]

N. Raval, A. Srivastava, K. Lebeck, L. Cox, and A. Machanavajjhala. Markit: Privacy markers for protecting visual secrets. In UbiComp '14 Adjunct Proceedings. ACM, 2014.

Digital Library

[110]

J. Reidenberg and L. F. Cranor. Can User Agents Accurately Represent Privacy Policies? Available at SSRN: http://papers.ssrn.com/abstract=328860, 2002.

[111]

J. R. Reidenberg, T. Breaux, L. F. Cranor, B. French, A. Grannis, J. T. Graves, F. Liu, A. M. McDonald, T. B. Norton, R. Ramanath, N. C. Russell, N. Sadeh, and F. Schaub. Disagreeable privacy policies: Mismatches between meaning and users' understanding. Berkeley Technology Law Journal, 30, 2015.

[112]

C. Richthammer, M. Netter, M. Riesner, J. Sänger, and G. Pernul. Taxonomy of social network data types. EURASIP Journal on Information Security, 2014(1):1-17, 2014.

[113]

F. Schaub, B. Könings, and M. Weber. Context-adaptive privacy: Leveraging context awareness to support privacy decision making. IEEE Pervasive Computing, 14(1):34-43, 2015.

Digital Library

[114]

R. Schlegel, A. Kapadia, and A. J. Lee. Eyeing your exposure: Quantifying and controlling information sharing for improved privacy. In Proc. SOUPS '11. ACM, 2011.

Digital Library

[115]

B. Schwartz. The Paradox of Choice: Why More is Less. HarperCollins Publishers, 2004.

[116]

P. M. Schwartz and D. Solove. Notice & Choice. In The Second NPLAN/BMSG Meeting on Digital Media and Marketing to Children, 2009.

[117]

A. J. Sellen and S. Whittaker. Beyond total capture: A constructive critique of lifelogging. Commun. ACM, 53(5):70-77, May 2010.

Digital Library

[118]

B. Shneiderman. The eyes have it: A task by data type taxonomy for information visualizations. In Proc. Symp. on Visual Languages. IEEE, 1996.

Digital Library

[119]

R. I. Singh, M. Sumeeth, and J. Miller. Evaluating the readability of privacy policies in mobile environments. International Journal of Mobile Human Computer Interaction, 3(1):55-78, 2011.

Digital Library

[120]

SOUPS 2014 organizing committee. Tenth Symposium on Usable Privacy and Security. http://cups.cs.cmu.edu/soups/2014/, July 9-11 2014.

[121]

J. Tan, K. Nguyen, M. Theodorides, H. Negrón-Arroyo, C. Thompson, S. Egelman, and D. Wagner. The effect of developer-specified explanations for permission requests on smartphone user behavior. In Proc. CHI '14. ACM, 2014.

Digital Library

[122]

The White House. Consumer data privacy in a networked world. Technical report, Feb. 2012. http://www.whitehouse.gov/sites/default/files/privacy-final.pdf.

[123]

B. Ur, J. Jung, and S. Schechter. Intruders versus intrusiveness: teens' and parents' perspectives on home-entryway surveillance. In Proc. UbiComp '14. ACM, 2014.

Digital Library

[124]

B. Ur, M. Sleeper, and L. F. Cranor. Privacy policies in social media: Providing translated privacy notice. I/S: A Journal of Law and Policy for the Information Society, 9(2), 2013.

[125]

U.S. Department of Health & Human Services. Notice of privacy practices for protected health information, April 2003.

[126]

R. H. von Alan, S. T. March, J. Park, and S. Ram. Design science in information systems research. MIS quarterly, 28(1):75-105, 2004.

Digital Library

[127]

W3C. Tracking protection working group. http://www.w3.org/2011/tracking-protection/. accessed: 2015-06-01.

[128]

W3C. Web accessibility and usability working together. http://www.w3.org/WAI/intro/usable. accessed: 2015-06-01.

[129]

Y. Wang, P. G. Leon, A. Acquisti, L. F. Cranor, A. Forget, and N. Sadeh. A field trial of privacy nudges on facebook. In Proc. CHI '14. ACM, 2014.

Digital Library

[130]

S. Weber, M. Harbach, and M. Smith. Participatory Design for Security-Related User Interfaces. In Proc. USEC '15, 2015.

[131]

R. Wenning, M. Schunter, L. Cranor, B. Dobbs, S. Egelman, G. Hogben, J. Humphrey, M. Langheinrich, M. Marchiori, M. Presler-Marshall, J. Reagle, and D. A. Stampley. The Platform for Privacy Preferences 1.1 (P3P 1.1) Specification. http://www.w3.org/TR/P3P11/, 2006. accessed: 2015-06-01.

[132]

M. S. Wogalter, V. C. Conzola, and T. L. Smith-Jackson. Research-based guidelines for warning design and evaluation. Applied Ergonomics, 33(3):219-230, 2002.

[133]

M. S. Wogalter, B. M. Racicot, M. J. Kalsher, and S. Noel Simpson. Personalization of warning signs: The role of perceived relevance on behavioral compliance. International Journal of Industrial Ergonomics, 14(3):233-242, Oct. 1994.

[134]

D. Wright. Should privacy impact assessments be mandatory? Communications of the ACM, 54(8):121-131, Aug. 2011.

[135]

D. Wright. Making Privacy Impact Assessment More Effective. The Information Society, 29(5):307-315, Oct. 2013.

Digital Library

[136]

D. Wright, K. Wadhwa, P. D. Hert, D. Kloza, and D. G. Justice. A Privacy Impact Assessment Framework for data protection and privacy rights. Deliverable September, PIAF project, 2011.

[137]

Xbox.com. Kinect and Xbox One privacy FAQ. http://www.xbox.com/en-US/kinect/privacyandonlinesafety.

[138]

H. Xu, R. E. Crossler, and F. Bélanger. A value sensitive design investigation of privacy enhancing tools in web browsers. Decision Support Systems, 54(1):424-433, 2012.

Digital Library

Cited By

Belguith SOmoronyia IChitchyan Rd'Amorim M(2024)Personal Data-Less Personalized Software ApplicationsCompanion Proceedings of the 32nd ACM International Conference on the Foundations of Software Engineering10.1145/3663529.3663781(477-481)Online publication date: 10-Jul-2024
https://dl.acm.org/doi/10.1145/3663529.3663781
Sailaja NCrabtree ALodge TChamberlain ACoulton PPilling MForrester I(2024)Making of an Adaptive Podcast that Engenders Trust through Data NegotiabilityProceedings of the 2024 ACM International Conference on Interactive Media Experiences10.1145/3639701.3663634(334-341)Online publication date: 7-Jun-2024
https://dl.acm.org/doi/10.1145/3639701.3663634
Sun KKanchi REllo FCo LWu MGelman SRadesky JSchaub FYip J(2024)"Why is Everything in the Cloud?": Co-Designing Visual Cues Representing Data Processes with ChildrenProceedings of the 23rd Annual ACM Interaction Design and Children Conference10.1145/3628516.3655819(517-532)Online publication date: 17-Jun-2024
https://dl.acm.org/doi/10.1145/3628516.3655819
Show More Cited By

A design space for effective privacy notices
1. Human-centered computing
2. Social and professional topics
  1. Computing / technology policy

Recommendations

A Design Space for Privacy Choices: Towards Meaningful Privacy Control in the Internet of Things
CHI '21: Proceedings of the 2021 CHI Conference on Human Factors in Computing Systems

“Notice and choice” is the predominant approach for data privacy protection today. There is considerable user-centered research on providing effective privacy notices but not enough guidance on designing privacy choices. Recent data privacy regulations ...
Enhancing privacy through the visual design of privacy notices: exploring the interplay of curiosity, control and affect
SOUPS'20: Proceedings of the Sixteenth USENIX Conference on Usable Privacy and Security

When people sign-up to new online services, privacy notices are the initial means by which data handling practices are communicated. Yet, their design seldom ensures users' privacy comprehension or provides people with privacy choices, resulting in ...
Designing Effective Privacy Notices and Controls

Privacy notice and choice are essential aspects of privacy and data protection regulation worldwide. Yet, today's privacy notices and controls are surprisingly ineffective at informing users or allowing them to express choice. Here, the authors analyze ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image Guide Proceedings

SOUPS '15: Proceedings of the Eleventh USENIX Conference on Usable Privacy and Security

July 2015

359 pages

ISBN:9781931971249

Editors:
Lorrie Faith Cranor
Carnegie Mellon University
,
Robert Biddle
Carleton University
,
Sunny Consolvo
Google

Sponsors

U.S. National Science Foundation: U.S. National Science Foundation
Google Inc.
Microsoft: Microsoft
CyLab

In-Cooperation

SIGCHI: ACM Special Interest Group on Computer-Human Interaction

Publisher

USENIX Association

United States

Publication History

Published: 22 July 2015

Qualifiers

Article

Acceptance Rates

Overall Acceptance Rate 15 of 49 submissions, 31%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

40
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 28 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

Belguith SOmoronyia IChitchyan Rd'Amorim M(2024)Personal Data-Less Personalized Software ApplicationsCompanion Proceedings of the 32nd ACM International Conference on the Foundations of Software Engineering10.1145/3663529.3663781(477-481)Online publication date: 10-Jul-2024
https://dl.acm.org/doi/10.1145/3663529.3663781
Sailaja NCrabtree ALodge TChamberlain ACoulton PPilling MForrester I(2024)Making of an Adaptive Podcast that Engenders Trust through Data NegotiabilityProceedings of the 2024 ACM International Conference on Interactive Media Experiences10.1145/3639701.3663634(334-341)Online publication date: 7-Jun-2024
https://dl.acm.org/doi/10.1145/3639701.3663634
Sun KKanchi REllo FCo LWu MGelman SRadesky JSchaub FYip J(2024)"Why is Everything in the Cloud?": Co-Designing Visual Cues Representing Data Processes with ChildrenProceedings of the 23rd Annual ACM Interaction Design and Children Conference10.1145/3628516.3655819(517-532)Online publication date: 17-Jun-2024
https://dl.acm.org/doi/10.1145/3628516.3655819
Kaushik SSharma TYu YAli AWang YZou Y(2024)Cross-Country Examination of People’s Experience with Targeted Advertising on Social MediaExtended Abstracts of the 2024 CHI Conference on Human Factors in Computing Systems10.1145/3613905.3650780(1-10)Online publication date: 11-May-2024
https://dl.acm.org/doi/10.1145/3613905.3650780
Caven PZhang ZAbbott JMa XCamp L(2024)Comparing the Use and Usefulness of Four IoT Security LabelsProceedings of the 2024 CHI Conference on Human Factors in Computing Systems10.1145/3613904.3642951(1-31)Online publication date: 11-May-2024
https://dl.acm.org/doi/10.1145/3613904.3642951
Zhou HGoel MAgarwal Y(2024)Bring Privacy To The Table: Interactive Negotiation for Privacy Settings of Shared Sensing DevicesProceedings of the 2024 CHI Conference on Human Factors in Computing Systems10.1145/3613904.3642897(1-22)Online publication date: 11-May-2024
https://dl.acm.org/doi/10.1145/3613904.3642897
Smith GCarson SVengurlekar RMorales STsai YGeorge RBedwell JJones TMondal MSmith BSu NKnijnenburg BPage X(2024)"I Know I'm Being Observed:" Video Interventions to Educate Users about Targeted Advertising on FacebookProceedings of the 2024 CHI Conference on Human Factors in Computing Systems10.1145/3613904.3642885(1-27)Online publication date: 11-May-2024
https://dl.acm.org/doi/10.1145/3613904.3642885
Agha ZPark JWan RAli NWang YDifranzo DBadillo-Urquiola KWisniewski P(2024)Tricky vs. Transparent: Towards an Ecologically Valid and Safe Approach for Evaluating Online Safety Nudges for TeensProceedings of the 2024 CHI Conference on Human Factors in Computing Systems10.1145/3613904.3642313(1-20)Online publication date: 11-May-2024
https://dl.acm.org/doi/10.1145/3613904.3642313
Chiang YKhan OBates ACobb C(2024)More than just informed: The importance of consent facets in smart homesProceedings of the 2024 CHI Conference on Human Factors in Computing Systems10.1145/3613904.3642288(1-21)Online publication date: 11-May-2024
https://dl.acm.org/doi/10.1145/3613904.3642288
Kyi LMhaidli ASantos CRoesner FBiega A(2024)“It doesn’t tell me anything about how my data is used”: User Perceptions of Data Collection PurposesProceedings of the 2024 CHI Conference on Human Factors in Computing Systems10.1145/3613904.3642260(1-12)Online publication date: 11-May-2024
https://dl.acm.org/doi/10.1145/3613904.3642260
Show More Cited By

View Options

View options

Media

Figures

Other

Tables

View Table of Contents