Talk I gave at IAPP 2013 Navigate conference, on designing for the user experience of privacy. I give examples of why privacy is so hard to design for. I also talk about three ideas for improving privacy, including privacy nutrition labels, using crowdsourcing, and privacy placebos.
https://www.privacyassociation.org/events_and_programs/navigate_2013/
My background is in HCISome reasons why designing for the user experience for online privacy is so hardStart out with the most visible form of privacy today, the privacy policy
http://moritzlaw.osu.edu/students/groups/is/files/2012/02/Cranor_Formatted_Final.pdfAverage policy takes about 10 minutes to readEstimate it would take 25 full days to read every privacy policy of every web site visited in a yearClear cost (time), unclear benefit to reading these policies
Grade 12.5About 10 min to readSo based on Lorrie and Aleecia’s work, it will take 25 full days to read all privacy policies of all web sitesBut this assumes people read itRationale behavior not to read privacy policies: we want to use the service, painful to read, clear cost but unclear benefit
We all have mental models about every aspect of the worldMaps of where we live, how computers work, how our cars workHere’s an example
So what does this have to do with privacy?Unclear mental models make it hard to be effective with respect to privacyIf you make a private album, no one can see it. But what happens if you tag someone in a photo? Can that person see it? So the mental models aren’t always clear.
Harder to maintain personas in digital worldHarder to know who can see what, plus stored for a long time
One reason privacy is hard is that there are way too many optionsFrom http://online.wsj.com/article/SB10001424127887324880504578300312528424302.html
More accurate and faster in a number of comprehension and comparison tasks
http://www.nytimes.com/2012/02/19/magazine/shopping-habits.htmlAs Pole’s computers crawled through the data, he was able to identify about 25 products that, when analyzed together, allowed him to assign each shopper a “pregnancy prediction” score.
See http://cups.cs.cmu.edu/privacyLabel/files/CHI-privacyFinal2010 for more details