Designing the User Experience for Online Privacy, at IAPP Navigate 2013

1,088 views
1,021 views

Published on

Talk I gave at IAPP 2013 Navigate conference, on designing for the user experience of privacy. I give examples of why privacy is so hard to design for. I also talk about three ideas for improving privacy, including privacy nutrition labels, using crowdsourcing, and privacy placebos.
https://www.privacyassociation.org/events_and_programs/navigate_2013/

Published in: Technology, News & Politics
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,088
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
10
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide
  • My background is in HCISome reasons why designing for the user experience for online privacy is so hardStart out with the most visible form of privacy today, the privacy policy
  • http://moritzlaw.osu.edu/students/groups/is/files/2012/02/Cranor_Formatted_Final.pdfAverage policy takes about 10 minutes to readEstimate it would take 25 full days to read every privacy policy of every web site visited in a yearClear cost (time), unclear benefit to reading these policies
  • Grade 12.5About 10 min to readSo based on Lorrie and Aleecia’s work, it will take 25 full days to read all privacy policies of all web sitesBut this assumes people read itRationale behavior not to read privacy policies: we want to use the service, painful to read, clear cost but unclear benefit
  • We all have mental models about every aspect of the worldMaps of where we live, how computers work, how our cars workHere’s an example
  • So what does this have to do with privacy?Unclear mental models make it hard to be effective with respect to privacyIf you make a private album, no one can see it. But what happens if you tag someone in a photo? Can that person see it? So the mental models aren’t always clear.
  • Brightest Flashlighthttps://play.google.com/store/apps/details?id=goldenshorestechnologies.brightestflashlight.freeBible apphttps://play.google.com/store/apps/details?id=com.sirma.mobile.bible.android
  • Harder to maintain personas in digital worldHarder to know who can see what, plus stored for a long time
  • One reason privacy is hard is that there are way too many optionsFrom http://online.wsj.com/article/SB10001424127887324880504578300312528424302.html
  • More accurate and faster in a number of comprehension and comparison tasks
  • http://www.nytimes.com/2012/02/19/magazine/shopping-habits.htmlAs Pole’s computers crawled through the data, he was able to identify about 25 products that, when analyzed together, allowed him to assign each shopper a “pregnancy prediction” score. 
  • See http://cups.cs.cmu.edu/privacyLabel/files/CHI-privacyFinal2010 for more details
  • Designing the User Experience for Online Privacy, at IAPP Navigate 2013

    1. 1. ©2009CarnegieMellonUniversity:1 Designing the User Experience for Online Privacy IAPP June 21, 2013 Jason Hong Associate Professor, HCII Computer Human Interaction: Mobility Privacy Security
    2. 2. ©2013CarnegieMellonUniversity:2 Full policy is 10x this length
    3. 3. ©2013CarnegieMellonUniversity:3 But this assumes people read it
    4. 4. ©2013CarnegieMellonUniversity:4
    5. 5. ©2013CarnegieMellonUniversity:5 Mental models not always clear
    6. 6. ©2013CarnegieMellonUniversity:6 Location Data Unique device ID Location Data Network Access Unique device ID Location Data Unique device ID Many hidden and surprising behaviors
    7. 7. ©2013CarnegieMellonUniversity:7 Timing really matters too
    8. 8. ©2013CarnegieMellonUniversity:8
    9. 9. ©2013CarnegieMellonUniversity:9 Not always clear who your audience is
    10. 10. ©2013CarnegieMellonUniversity:10
    11. 11. ©2013CarnegieMellonUniversity:11 Too many options!
    12. 12. ©2013CarnegieMellonUniversity:12 So what can we do to help with the user experience?
    13. 13. ©2013CarnegieMellonUniversity:13 Can we simplify and standardize privacy info? (Kelley et al, CHI 2010)
    14. 14. ©2013CarnegieMellonUniversity:14 Standard symbols Standard locations High level visual feedback
    15. 15. ©2013CarnegieMellonUniversity:15 Finding Surprises Can we find the gaps between what people think an app does and what an app actually does? App Behavior (What an app actually does) User Expectations (What people think the app does)
    16. 16. ©2013CarnegieMellonUniversity:16 Amazon Mechanical Turk
    17. 17. ©2013CarnegieMellonUniversity:17
    18. 18. ©2013CarnegieMellonUniversity:18 Expectations Condition Why do you think Angry Birds uses your location data? How comfortable are you with Angry Birds using your location data?
    19. 19. ©2013CarnegieMellonUniversity:19 Purpose Condition Angry Birds uses your location data for advertising. How comfortable are you with Angry Birds using your location data?
    20. 20. ©2013CarnegieMellonUniversity:20 Results for Location Data (N=20 per app, Expectations Condition) App Comfort Level (-2 – 2) Maps 1.52 GasBuddy 1.47 Weather Channel 1.45 Foursquare 0.95 TuneIn Radio 0.60 Evernote 0.15 Angry Birds -0.70 Brightest Flashlight Free -1.15 Toss It -1.2
    21. 21. ©2013CarnegieMellonUniversity:21 “[H]e was able to identify about 25 products that… allowed him to assign each shopper a ‘pregnancy prediction’ score. [H]e could also estimate her due date to within a small window, so Target could send coupons timed to very specific stages of her pregnancy.”
    22. 22. ©2013CarnegieMellonUniversity:22 “We’d put an ad for a lawn mower next to diapers. We’d put a coupon for wineglasses next to infant clothes. That way, it looked like all the products were chosen by chance.”
    23. 23. ©2013CarnegieMellonUniversity:23 Privacy placebos?
    24. 24. ©2013CarnegieMellonUniversity:24 Computation Communication Sensing
    25. 25. ©2013CarnegieMellonUniversity:25
    26. 26. ©2013CarnegieMellonUniversity:26
    27. 27. ©2013CarnegieMellonUniversity:27
    28. 28. ©2013CarnegieMellonUniversity:28
    29. 29. ©2013CarnegieMellonUniversity:29

    ×