research-article

Implementation and In Situ Assessment of Contextual Privacy Policies

Authors:
Anna-Marie Ortloff

University of Regensburg, Regensburg, Germany

University of Regensburg, Regensburg, Germany
View Profile

,
Maximiliane Windl

University of Regensburg, Regensburg, Germany

University of Regensburg, Regensburg, Germany
View Profile

,
Valentin Schwind

Frankfurt University of Applied Sciences, Frankfurt, Germany

Frankfurt University of Applied Sciences, Frankfurt, Germany
View Profile

,
Niels Henze

University of Regensburg, Regensburg, Germany

University of Regensburg, Regensburg, Germany
View Profile

DIS '20: Proceedings of the 2020 ACM Designing Interactive Systems ConferenceJuly 2020Pages 1765–1778https://doi.org/10.1145/3357236.3395549

Published:03 July 2020Publication History

DIS '20: Proceedings of the 2020 ACM Designing Interactive Systems Conference

Pages 1765–1778

ABSTRACT

Online services collect an increasing amount of data about their users. Privacy policies are currently the only common way to inform users about the kinds of data collected, stored and processed by online services. Previous work showed that users do not read and understand privacy policies, due to their length, difficult language, and often non-prominent location. Embedding privacy-relevant information directly in the context of use could help users understand the privacy implications of using online services. We implemented Contextual Privacy Policies (CPPs) as a browser extension and provide it to the community to make privacy information accessible for end-users. We evaluated CPPs through a one-week deployment and in situ questionnaires as well as pre- and post-study interviews. We found that CPPs were well received by participants. The analysis revealed that provided information should be as compact as possible, be adjusted to user groups and enable users to take action.

References

Tousif Ahmed, Roberto Hoyle, Kay Connelly, David Crandall, and Apu Kapadia. 2015. Privacy Concerns and Behaviors of People with Visual Impairments. In Proceedings of the 33rd Annual ACM Conference on Human Factors in Computing Systems (CHI '15). ACM, New York, NY, USA, 3523--3532. DOI: http://dx.doi.org/10.1145/2702123.2702334Google ScholarDigital Library
Tousif Ahmed, Roberto Hoyle, Patrick Shaffer, Kay Connelly, David Crandall, and Apu Kapadia. 2017. Understanding Physical Safety, Security, and Privacy Concerns of People with Visual Impairments. IEEE Internet Computing (2017), 1--1. DOI: http://dx.doi.org/10.1109/MIC.2017.265103316Google ScholarCross Ref
Alexa Internet. 2019. Top Sites in Germany. https://www.alexa.com/topsites/countries/DE. (2019). Last accessed: 2019-05--30.Google Scholar
Hazim Almuhimedi, Florian Schaub, Norman Sadeh, Idris Adjerid, Alessandro Acquisti, Joshua Gluck, Lorrie Faith Cranor, and Yuvraj Agarwal. 2015. Your Location Has Been Shared 5,398 Times! A Field Study on Mobile App Privacy Nudging. In Proceedings of the 33rd Annual ACM Conference on Human Factors in Computing Systems (CHI '15). Association for Computing Machinery, New York, NY, USA, 787--796. DOI:http://dx.doi.org/10.1145/2702123.2702210Google ScholarDigital Library
Bonnie Anderson, Tony Vance, Brock Kirwan, David Eargle, and Seth Howard. 2014. Users Aren't (Necessarily) Lazy: Using NeuroIS to Explain Habituation to Security Warnings. In Proceedings of the 35th International Conference on Information Systems. https://aisel.aisnet.org/icis2014/proceedings/ISSecurity/13Google Scholar
Kelvin Balcombe, Iain Fraser, and Salvatore Di Falco. 2010. Traffic lights and food choice: A choice experiment examining the relationship between nutritional food labels and price. Food Policy 35, 3 (2010), 211--220. DOI:http://dx.doi.org/https://doi.org/10.1016/j.foodpol.2009.12.005Google ScholarCross Ref
Solon Barocas and Helen Nissenbaum. 2009. On notice: The trouble with Notice and Consent. In Proceedings of the engaging data forum: The first international forum on the application and management of personal electronic information. 7. https://ssrn.com/abstract=2567409Google Scholar
Mike Bergmann. 2009. Testing Privacy Awareness. In The Future of Identity in the Information Society, Vashek Matyá?, Simone Fischer-Hübner, Daniel Cvr? cek, and Petr ?venda (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 237--253.Google Scholar
Danah Boyd. 2012. Networked privacy. Surveillance & Society 10, 3/4 (2012), 348.Google ScholarCross Ref
Virginia Braun and Victoria Clarke. 2006. Using thematic analysis in psychology. Qualitative Research in Psychology 3, 2 (2006), 77--101. DOI: http://dx.doi.org/10.1191/1478088706qp063oaGoogle ScholarCross Ref
Ryan Calo. 2011. Against notice skepticism in privacy (and elsewhere). Notre Dame Law Review 87 (2011), 1027--1072.Google Scholar
Jean Camp and Kay Connelly. 2007. Beyond consent: privacy in ubiquitous computing (Ubicomp). In Digital Privacy -- Theory, Technologies, and Practices (1 ed.), Alessandro Acquisti, Stefanos Gritzalis, Costos Lambrinoudakis, and Sabrina di Vimercati (Eds.). Taylor and Francis, New York, Chapter 16. DOI:https://dx.doi.org/https://doi.org/10.1201/9781420052183Google ScholarCross Ref
John Edward Campbell and Matt Carlson. 2002. Panopticon.com: Online Surveillance and the Commodification of Privacy. Journal of Broadcasting & Electronic Media 46, 4 (2002), 586--606. DOI: http://dx.doi.org/10.1207/s15506878jobem4604_6Google ScholarCross Ref
F. H. Cate. 2010. The Limits of Notice and Choice. IEEE Security Privacy 8, 2 (March 2010), 59--62. DOI: http://dx.doi.org/10.1109/MSP.2010.84Google ScholarDigital Library
Ann Cavoukian. 2012. Privacy by Design. IEEE Technology and Society Magazine 31, 4 (2012), 18--19.Google ScholarCross Ref
Sushain K. Cherivirala. 2018. UsablePrivacy.org Explore Google.com. https://explore.usableprivacy. org/youtube.com/?view=machine. (2018). Last accessed: 2019-06-02.Google Scholar
Kay Connelly, Ashraf Khalil, and Yong Liu. 2007. Do I Do What I Say?: Observed Versus Stated Privacy Preferences. In Human-Computer Interaction -- INTERACT 2007, Cécilia Baranauskas, Philippe Palanque, Julio Abascal, and Simone Diniz Junqueira Barbosa (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 620--623.Google ScholarCross Ref
Lorrie Faith Cranor. 2012. Necessary but not sufficient: Standardized mechanisms for privacy notice and choice. Journal on Telecommunications and High Technology Law 10 (2012), 273.Google Scholar
Lorrie Faith Cranor, Praveen Guduru, and Manjula Arjula. 2006a. User Interfaces for Privacy Agents. ACM Trans.comput.-Hum. Interact. 13, 2 (June 2006), 135--178. DOI: http://dx.doi.org/10.1145/1165734.1165735Google ScholarDigital Library
Lorrie Faith Cranor, Praveen Guduru, and Manjula Arjula. 2006b. User Interfaces for Privacy Agents. ACM Transactions on Computer-Human Interaction (TOCHI) 13, 2 (June 2006), 135--178. DOI: http://dx.doi.org/10.1145/1165734.1165735Google ScholarDigital Library
Android Developers. n.d. Request App Permissions. https://developer.android.com/training/permissions/requesting.html. (n.d.). Last accessed: 2019-05-10.Google Scholar
Denis Feth. 2017. Transparency through Contextual Privacy Statements. In Mensch und Computer 2017-Workshopband, Manuel Burghardt, Raphael Wimmer, Christian Wolff, and Christa Womser-Hacker (Eds.). DOI: http://dx.doi.org/10.18420/muc2017-ws05-0406Google ScholarCross Ref
Carlos Flavián and Miguel Guinalíu. 2006. Consumer trust, perceived security and privacy policy. Industrial Management and Data Systems 106, 5 (2006), 601--620. DOI:http://dx.doi.org/10.1108/02635570610666403Google ScholarCross Ref
Martin Gisch, Alexander De Luca, and Markus Blanchebarbe. 2007. The Privacy Badge: A Privacy-awareness User Interface for Small Devices. In Proceedings of the 4th International Conference on Mobile Technology, Applications, and Systems and the 1st International Symposium on Computer Human Interaction in Mobile Technology (Mobility '07). ACM, New York, NY, USA, 583--586. DOI: http://dx.doi.org/10.1145/1378063.1378159Google ScholarDigital Library
Hamza Harkous, Kassem Fawaz, Rémi Lebret, Florian Schaub, Kang G. Shin, and Karl Aberer. 2018. Polisis: Automated Analysis and Presentation of Privacy Policies Using Deep Learning. In 27th USENIX Security Symposium (USENIX Security 18). USENIX Association, Baltimore, MD, 531--548. https://www.usenix.org/conference/usenixsecurity18/presentation/harkousGoogle ScholarDigital Library
Instagram Inc. n.d. Help Center - How do I post a photo? https://help.instagram.com/442418472487929. (n.d.). Last accessed: 2019-06-02.Google Scholar
Jim Isaak and Mina J. Hanna. 2018. User Data Privacy: Facebook, Cambridge Analytica, and Privacy Protection.computer 51, 08 (aug 2018), 56--59. DOI: http://dx.doi.org/10.1109/MC.2018.3191268Google ScholarDigital Library
Timo Jakobi, Sameer Patil, Dave Randall, Gunnar Stevens, and Volker Wulf. 2019. It Is About What They Could Do with the Data: A User Perspective on Privacy in Smart Metering. ACM Trans.comput.-Hum. Interact. 26, 1, Article 2 (Jan. 2019), 44 pages. DOI: http://dx.doi.org/10.1145/3281444Google ScholarDigital Library
Carlos Jensen and Colin Potts. 2004. Privacy Policies As Decision-making Tools: An Evaluation of Online Privacy Notices. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems (CHI '04). ACM, New York, NY, USA, 471--478. DOI: http://dx.doi.org/10.1145/985692.985752Google ScholarDigital Library
Apu Kapadia, Tristan Henderson, Jeffrey J. Fielding, and David Kotz. 2007. Virtual Walls: Protecting Digital Privacy in Pervasive Environments. In Pervasive Computing, Anthony LaMarca, Marc Langheinrich, and Khai N. Truong (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 162--179.Google Scholar
David J. Kaufman, Juli Murphy-Bollinger, Joan Scott, and Kathy L. Hudson. 2009. Public Opinion about the Importance of Privacy in Biobank Research. The American Journal of Human Genetics 85, 5 (2009), 643--654. DOI:http://dx.doi.org/https://doi.org/10.1016/j.ajhg.2009.10.002Google ScholarCross Ref
Patrick Gage Kelley, Joanna Bresee, Lorrie Faith Cranor, and Robert W. Reeder. 2009. A "Nutrition Label" for Privacy. In Proceedings of the 5th Symposium on Usable Privacy and Security (SOUPS '09). ACM, New York, NY, USA, Article 4, 12 pages. DOI: http://dx.doi.org/10.1145/1572532.1572538Google ScholarDigital Library
Patrick Gage Kelley, Lucian Cesca, Joanna Bresee, and Lorrie Faith Cranor. 2010. Standardizing Privacy Notices: An Online Study of the Nutrition Label Approach. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems (CHI '10). ACM, New York, NY, USA, 1573--1582. DOI: http://dx.doi.org/10.1145/1753326.1753561Google ScholarDigital Library
Marc Langheinrich. 2001. Privacy by Design - Principles of Privacy-Aware Ubiquitous Systems. In Ubicomp 2001: Ubiquitous Computing, Gregory D. Abowd, Barry Brumitt, and Steven Shafer (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 273--291.Google Scholar
Scott Lederer, Jason I. Hong, Anind K. Dey, and James A. Landay. 2004. Personal Privacy through Understanding and Action: Five Pitfalls for Designers. Personal and Ubiquitous Computing 8, 6 (2004), 440--454.Google ScholarCross Ref
Shaun Alexander Macdonald and Stephen Brewster. 2019. Gamification of a To-Do List with Emotional Reinforcement. In Extended Abstracts of the 2019 CHI Conference on Human Factors in Computing Systems (CHI EA '19). Association for Computing Machinery, New York, NY, USA, Article Paper LBW1621, 6 pages. DOI:http://dx.doi.org/10.1145/3290607.3313060Google ScholarDigital Library
Elena Maris, Timothy Libert, and Jennifer Henrichsen. 2019. Tracking sex: The implications of widespread sexual data leakage and tracking on porn websites. (2019). https://arxiv.org/abs/1907.06520Google Scholar
Arunesh Mathur, Jessica Vitak, Arvind Narayanan, and Marshini Chetty. 2018. Characterizing the Use of Browser-Based Blocking Extensions To Prevent Online Tracking. In Fourteenth Symposium on Usable Privacy and Security (SOUPS 2018). USENIX Association, Baltimore, MD, 103--116. https://www.usenix.org/conference/soups2018/presentation/mathurGoogle Scholar
Matthew Louis Mauriello, Brenna McNally, and Jon E. Froehlich. 2019. Thermporal: An Easy-To-Deploy Temporal Thermographic Sensor System to Support Residential Energy Audits. In Proceedings of the 2019 CHI Conference on Human Factors in Computing Systems (CHI '19). Association for Computing Machinery, New York, NY, USA, Article Paper 113, 14 pages. DOI:http://dx.doi.org/10.1145/3290605.3300343Google ScholarDigital Library
Aleecia M McDonald and Lorrie Faith Cranor. 2008. The cost of reading privacy policies. I/S: A Journal of Law and Policy for the Information Society 4 (2008), 543--568. http://hdl.handle.net/1811/72839Google Scholar
MDN Web Docs. 2019. Browser Extensions. (Jun 2019). https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensionsGoogle Scholar
George R. Milne, Mary J. Culnan, and Henry Greene. 2006. A Longitudinal Assessment of Online Privacy Notice Readability. Journal of Public Policy & Marketing 25, 2 (2006), 238--249. DOI: http://dx.doi.org/10.1509/jppm.25.2.238Google ScholarCross Ref
Mozilla. 2019. Building a cross-browser extension. https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/Build_a_cross_browser_extension. (2019). Last accessed: 2019-05-30.Google Scholar
Kanthashree Mysore Sathyendra, Shomir Wilson, Florian Schaub, Sebastian Zimmeck, and Norman Sadeh. 2017. Identifying the Provision of Choices in Privacy Policy Text. In Proceedings of the 2017 Conference on Empirical Methods in Natural Language Processing. Association for Computational Linguistics, Copenhagen, Denmark, 2774-2779. DOI: http://dx.doi.org/10.18653/v1/D17-1294Google ScholarCross Ref
Helen Nissenbaum. 2004. Privacy as contextual integrity. Washington Law Review 79 (2004), 119--158.Google Scholar
Patricia A. Norberg, Dan Horne, and David Horne. 2007. The Privacy Paradox: Personal Information Disclosure Intentions Versus Behaviors. Journal of Consumer Affairs 41, 1 (2007), 100--126. DOI: http://dx.doi.org/10.1111/j.1745-6606.2006.00070.xGoogle ScholarCross Ref
Jonathan A. Obar. 2016. The Biggest Lie on the Internet: Ignoring the Privacy Policies and Terms of Service Policies of Social Networking Services. SSRN Electronic Journal (2016). DOI: http://dx.doi.org/10.2139/ssrn.2757465Google ScholarCross Ref
Jason D. O'Grady. 2014. New privacy enhancements coming to iOS 8 in the fall. https://www.zdnet.com/article/new-privacy-enhancements-coming-to-ios-8-in-the-fall/. (2014). Last accessed: 2019-05-10.Google Scholar
Anna-Marie Ortloff, Lydia Güntner, Maximiliane Windl, Denis Feth, and Svenja Polst. 2018. Evaluation kontextueller Datenschutzerklärungen. In Mensch und Computer 2018 - Workshopband, Raimund Dachselt and Gerhard Weber (Eds.). Gesellschaft für Informatik e.V., Bonn.Google Scholar
Sameer Patil, Roberto Hoyle, Roman Schlegel, Apu Kapadia, and Adam J. Lee. 2015. Interrupt Now or Inform Later?: Comparing Immediate and Delayed Privacy Feedback. In Proceedings of the 33rd Annual ACM Conference on Human Factors in Computing Systems (CHI '15). ACM, New York, NY, USA, 1415--1418. DOI: http://dx.doi.org/10.1145/2702123.2702165Google ScholarDigital Library
Sameer Patil, Yann Le Gall, Adam J. Lee, and Apu Kapadia. 2012. My Privacy Policy: Exploring End-user Specification of Free-form Location Access Rules. In Financial Cryptography and Data Security, Jim Blyth, Sven Dietrich, and L. Jean Camp (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 86--97.Google Scholar
Andrew S. Patrick and Steve Kenny. 2003. From Privacy Legislation to Interface Design: Implementing Information Privacy in Human-Computer Interactions. In Privacy Enhancing Technologies, Roger Dingledine (Ed.). Springer Berlin Heidelberg, Berlin, Heidelberg, 107--124.Google Scholar
Sabine Pötzsch. 2009. Privacy Awareness: A Means to Solve the Privacy Paradox?. In The Future of Identity, V. Matyá?, S. Fischer-Hübner, D. Cvrček, and P. ?venda (Eds.). IFIP International Federation for Information Processing, 226--236. DOI: http://dx.doi.org/10.1007/978-3-642-03315-5_17Google ScholarCross Ref
Robert W. Proctor, M. Athar Ali, and Kim-Phuong L. Vu. 2008. Examining Usability of Web Privacy Policies. International Journal of Human-Computer Interaction 24, 3 (2008), 307--328. DOI: http://dx.doi.org/10.1080/10447310801937999Google ScholarCross Ref
Joseph Reagle and Lorrie Faith Cranor. 1999. The Platform for Privacy Preferences.commun. ACM 42, 2 (Feb. 1999), 48--55. DOI: http://dx.doi.org/10.1145/293411.293455Google ScholarDigital Library
Joel R. Reidenberg, Travis Breaux, Lorrie Faith Carnor, Brian French, Amanda Grannis, James T. Graves, Fei Liu, Aleecia McDonald, Thomas B. Norton, Rohan Ramanath, N. Cameron Russell, Norman Sadeh, and Florian Schaub. 2014. Disagreeable Privacy Policies: Mismatches Between Meaning and Users Understanding. Berkeley Technology Law Journal 30, 1 (2014). DOI:http://dx.doi.org/10.15779/Z384K33Google ScholarCross Ref
Huang Ronggui. 2016. RQDA: R-based Qualitative Data Analysis. R package version 0.2-8. http://rqda.r-forge.r-project.org/. (2016). Last accessed: 2019-07-14.Google Scholar
Florian Schaub, Rebecca Balebako, and Lorrie Faith Cranor. 2017. Designing Effective Privacy Notices and Controls. IEEE Internet Computing 21, 3 (2017), 70--77. DOI:http://dx.doi.org/10.1109/MIC.2017.75Google ScholarDigital Library
Florian Schaub, Rebecca Balebako, Adam L. Durity, and Lorrie Faith Cranor. 2015a. A Design Space for Effective Privacy Notices. In Eleventh Symposium On Usable Privacy and Security (SOUPS 2015). USENIX Association, Ottawa, 1--17. https://www.usenix.org/conference/soups2015/proceedings/presentation/schaubGoogle Scholar
F. Schaub, B. Konings, and M. Weber. 2015b. Context-Adaptive Privacy: Leveraging Context Awareness to Support Privacy Decision Making. IEEE Pervasive Computing 14, 01 (jan 2015), 34--43. DOI: http://dx.doi.org/10.1109/MPRV.2015.5Google ScholarDigital Library
Florian Schaub, Aditya Marella, Pranshu Kalvani, Blase Ur, Chao Pan, Emily Forney, and Lorrie Faith Cranor. 2016. Watching them watching me: Browser extensions impact on user privacy awareness and concern. In NDSS workshop on usable security.Google ScholarCross Ref
Paul M Schwartz and Daniel Solove. 2009. Notice & Choice. In The Second NPLAN/BMSG Meeting on Digital Media and Marketing to Children. 7.Google Scholar
Andreas Sotirakopoulos, Kirstie Hawkey, and Konstantin Beznosov. 2011. On the Challenges in Usable Security Lab Studies: Lessons Learned from Replicating a Study on SSL Warnings. In Proceedings of the Seventh Symposium on Usable Privacy and Security (SOUPS '11). Association for Computing Machinery, New York, NY, USA, Article Article 3, 18 pages. DOI: http://dx.doi.org/10.1145/2078827.2078831Google ScholarDigital Library
Janice Y. Tsai, Serge Egelman, Lorrie Cranor, and Alessandro Acquisti. 2011. The Effect of Online Privacy Information on Purchasing Behavior: An Experimental Study. Information Systems Research 22, 2 (2011), 254--268. DOI: http://dx.doi.org/10.1287/isre.1090.0260Google ScholarDigital Library
Primal Wijesekera, Arjun Baokar, Ashkan Hosseini, Serge Egelman, David Wagner, and Konstantin Beznosov. 2015. Android Permissions Remystified: A Field Study on Contextual Integrity. In 24th USENIX Security Symposium (USENIX Security 15). USENIX Association, Washington, D.C., 499--514. https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/wijesekeraGoogle ScholarDigital Library
Daricia Wilkinson, Saadhika Sivakumar, David Cherry, Bart P Knijnenburg, Elaine M Raybourn, Pamela Wisniewski, and Henry Sloan. 2017. User-tailored privacy by design. In Proceedings of the Usable Security Mini Conference. https://www.ndss-symposium.org/wp-content/uploads/2017/09/usec2017_03_4_Wilkinson_paper.pdfGoogle Scholar
Craig E Wills and Mihajlo Zeljkovic. 2011. A personalized approach to web privacy: awareness, attitudes and actions. Information Management & Computer Security 19, 1 (2011), 53--73.Google ScholarCross Ref
Shomir Wilson, Florian Schaub, Frederick Liu, Kanthashree Mysore Sathyendra, Daniel Smullen, Sebastian Zimmeck, Rohan Ramanath, Peter Story, Fei Liu, Norman Sadeh, and others. 2018. Analyzing privacy policies at scale: From crowdsourcing to automated annotations. ACM Transactions on the Web (TWEB) 13, 1 (2018), 1.Google ScholarDigital Library
Jochen Wirtz, May O. Lwin, and Jerome D. Williams. 2007. Causes and consequences of consumer online privacy concern. International Journal of Service Industry Management 18, 4 (2007), 326--348.Google ScholarCross Ref
Kuang-Wen Wu, Shaio Yan Huang, David C. Yen, and Irina Popova. 2012. The effect of online privacy policy on consumer privacy concern and trust.computers in Human Behavior 28, 3 (2012), 889--897. DOI: http://dx.doi.org/10.1016/j.chb.2011.12.008Google ScholarDigital Library
Shaomei Wu, Lindsay Reynolds, Xian Li, and Francisco Guzmán. 2019. Design and Evaluation of a Social Media Writing Support Tool for People with Dyslexia. In Proceedings of the 2019 CHI Conference on Human Factors in Computing Systems (CHI '19). Association for Computing Machinery, New York, NY, USA, Article Paper 516, 14 pages. DOI: http://dx.doi.org/10.1145/3290605.3300746Google ScholarDigital Library
Serena Zheng, Noah Apthorpe, Marshini Chetty, and Nick Feamster. 2018. User Perceptions of Smart Home IoT Privacy. Proc. ACM Hum.-Comput. Interact. 2, CSCW, Article Article 200 (18 2018), 20 pages. DOI: http://dx.doi.org/10.1145/3274469Google ScholarDigital Library
Sebastian Zimmeck and Steven M. Bellovin. 2014. Privee: An Architecture for Automatically Analyzing Web Privacy Policies. In 23rd USENIX Security Symposium (USENIX Security 14). USENIX Association, San Diego, CA, 1--16. https://www.usenix.org/conference/usenixsecurity14/technical-sessions/presentation/zimmeckGoogle ScholarDigital Library

Index Terms

Implementation and In Situ Assessment of Contextual Privacy Policies
1. Human-centered computing
  1. Human computer interaction (HCI)
    1. Interaction paradigms
      1. Web-based interaction
2. Security and privacy
  1. Human and societal aspects of security and privacy

Recommendations

Automating Contextual Privacy Policies: Design and Evaluation of a Production Tool for Digital Consumer Privacy Awareness
CHI '22: Proceedings of the 2022 CHI Conference on Human Factors in Computing Systems

Users avoid engaging with privacy policies because they are lengthy and complex, making it challenging to retrieve relevant information. In response, research proposed contextual privacy policies (CPPs) that embed relevant privacy information directly ...
Read More
E-P3P privacy policies and privacy authorization
WPES '02: Proceedings of the 2002 ACM workshop on Privacy in the Electronic Society

Enterprises collect large amounts of personal data from their customers. To ease privacy concerns, enterprises publish privacy statements that outline how data is used and shared. The Platform for Enterprise Privacy Practices (E-P3P) defines a fine-...
Read More
A Gap in Perceived Importance of Privacy Policies between Individuals and Companies
CONGRESS '09: Proceedings of the 2009 World Congress on Privacy, Security, Trust and the Management of e-Business

Although several studies have examined individuals’ privacy concerns and companies’ privacy policy disclosures, only a few studies examined whether customers’ privacy concerns are adequately addressed in companies’ privacy policy disclosures. This study ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
DIS '20: Proceedings of the 2020 ACM Designing Interactive Systems Conference
July 2020
2264 pages
ISBN:9781450369749
DOI:10.1145/3357236
General Chairs:
Ron Wakkary
Simon Fraser University, CA and Eindhoven University of Technology, NL
,
Kristina Andersen
Eindhoven University of Technology, NL
,
Program Chairs:
Will Odom
Simon Fraser University, CA
,
Audrey Desjardins
University of Washington, USA
,
Marianne Graves Petersen
Aarhus University, DK
Copyright © 2020 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 3 July 2020
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
contextual privacy
online services
privacy
privacy policies
Qualifiers
- research-article
Conference

Acceptance Rates
Overall Acceptance Rate1,158of4,684submissions,25%
Upcoming Conference
DIS '24

Sponsor:

sigchi

Designing Interactive Systems Conference

July 1 - 5, 2024

IT University of Copenhagen , Denmark
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 5
  Total Citations
  View Citations
- 262
  Total Downloads
- Downloads (Last 12 months)43
- Downloads (Last 6 weeks)9
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Implementation and In Situ Assessment of Contextual Privacy Policies

DIS '20: Proceedings of the 2020 ACM Designing Interactive Systems Conference

ABSTRACT

References

Cited By

Index Terms

Recommendations

Automating Contextual Privacy Policies: Design and Evaluation of a Production Tool for Digital Consumer Privacy Awareness

E-P3P privacy policies and privacy authorization

A Gap in Perceived Importance of Privacy Policies between Individuals and Companies