Usable and Useful Privacy Interfaces
ARTICLE SUMMARY
Designing privacy interfaces for devices, software, and websites that are easy for people to understand and control is difficult. Designers should shift focus from information to people and their privacy needs.
POLICY RELEVANCE
Privacy notices should be integrated with the service or product interface. User testing is important to reveal problems.
KEY TAKEAWAYS
- Improving users' experience of privacy interfaces requires designers to shift focus to people and to their privacy needs, preferences, understanding, and behavior.
- When privacy interfaces are hard for users to understand and control, the user may later be surprised and angry to learn how the data is actually used, and lose trust in the organization.
- The usability of a system is determined by factors such as the length of time it takes a new user to learn to perform a task, or the number of errors users make; the utility of a system depends on how well it meets the exact needs of users.
- Privacy is a value that competes with other values and norms, and the desire for privacy is context sensitive; the question of how well an interface serves privacy needs can be hard to assess, compared to the efficiency of the interface, or error rates.
- Usability problems result when designers assume that information needed for regulatory compliance and the information users need is the same, but this is often not true.
- Permissions to share data should be unbundled, as in mobile phone systems, where users are presented with a prompt when an app wants to access a phone's location, contacts, or photos for the first time.
- The privacy design process should include user testing.
- Studies that reveal how users believe privacy settings should work help companies redesign controls in response to complaints.
- User studies are important for understanding how privacy notices should be timed.
- Small-scale user testing is inexpensive, quick, and can offer important insights.
- Studies that reveal how users believe privacy settings should work help companies redesign controls in response to complaints.
- The percentage of users who opt in or opt out does not show the privacy interface’s effectiveness; studies should measure user comprehension, and whether their personal preferences are in alignment with what the interface does.
QUOTE
TAGS
About Lorrie Faith Cranor
Lorrie Faith Cranor is the Director and Bosch Distinguished Professor in Security and Privacy Technologies of CyLab and the FORE Systems Professor of Computer Science and of Engineering and Public Policy at Carnegie Mellon University. She also directs the CyLab Usable Privacy and Security Laboratory (CUPS) and co-directs the MSIT-Privacy Engineering masters program. She teaches courses on privacy, usable security, and computers and society.
