Workshop on Privacy Indicators

We present Privacy Wedges, a user interface designed to allow users of online social networks to make meaningful decisions on who to share their posts with. By displaying the privacy settings for historical posts, it is possible to visualize them in a meaningful and comprehensive way. We conducted a user study with 26 participants that showed that unwanted disclosure could be significantly reduced compared to the current implementation of Facebook. That is, there were significantly fewer posts shown to friends they were not appropriate for or intended for.

There have been multiple studies exploring the content and efficacy of privacy policies. However, to date no one has examined them from the angle we are proposing for this study: to determine whether the presence of a privacy policy link on a website has any significant influence on one's willingness to disclose personal information. Our study intends to examine whether the link itself acts as a trust heuristic without testing a respondent's comprehension or opinion about the privacy policy itself. In this paper, we discuss a study currently in progress to examine this question.

Privacy notice is the statement that contains all data practice of a particular app. Presenting privacy notice as a lengthy text has not been successful as it imposes reading fatigue. Therefore, several design proposals that substitute the classic privacy notice have been employed to different audience and in different contexts as a means to enhance user’s awareness. However, there is still a shortage in having a notice display that helps users shape a coherent idea about app’s data gathering practice and seamlessly allowing them to compare different application alternatives based on their data gathering practices. In this work, we propose an approach to quantify the amount of data collection of an application by analyzing its privacy policy text using natural language processing (NLP) techniques. There are in fact numerous use cases for such a quantitative measure, one of which is designing a visceral notice that relies on an experiential approach to communicate privacy information to users. The results show that our quantification approach holds promise. Using our quantification measure, we propose a new display for nano-sized visceral notice in which we leverage user’s familiarity with pie chart as a data measuring tool to communicate information about an app’s data collection practice.

Third party applications work on top of existing platforms that host users’ data. Although these apps access this data to provide users with specific services, they can also use it for monetization or profiling purposes. In practice, there is a significant gap between users’ privacy expectations and the actual access levels of 3rd party apps, which are often over-privileged. Due to weaknesses in the existing privacy indicators, users are generally not well-informed on what data these apps get. Even more, we are witnessing the rise of inverse privacy: 3rd parties collect data that enables them to know information about users that users do not know, cannot remember, or cannot reach. In this paper, we describe our recent experiences with the design and evaluation of Data-Driven Privacy Indicators (DDPIs), an approach attempting to reduce the aforementioned privacy gap. DDPIs are realized through analyzing user’s data by a trusted party (e.g., the app platform) and integrating the analysis results in the privacy indicator’s interface. We discuss DDPIs in the context of 3rd party apps on cloud platforms, such as Google Drive and Dropbox. Specifically, we present our recent work on Far-reaching Insights, which show users the insights that apps can infer about them (e.g., their topics of interest, collaboration and activity patterns etc.). Then we present History-based insights, a novel privacy indicator which informs the user on what data is already accessible by an app vendor, based on previous app installations by the user or her collaborators. We further discuss future ideas on new DDPIs, and we outline the challenges facing the wide-scale deployment of such indicators.