Patrick Murmann scite author profile

The possibilities of employing mobile health (mhealth) devices for the purpose of self-quantification and fitness tracking are increasing; yet few users of online mhealth services possess proven knowledge of how their personal data are processed once the data have been disclosed. Ex post transparency-enhancing tools (TETs) can provide such insight and guide users in making informed decisions with respect to intervening with the processing of their personal data. At present, however, there are no suitable guidelines that aid designers of TETs in implementing privacy notifications that reflect their recipients' needs in terms of what they want to be notified about and the level of guidance required to audit their data effectively. Based on an analysis of gaps related to TETs, the findings of a study on privacy notification preferences, and the findings on notifications and privacy notices discussed in the literature, this paper proposes a set of guidelines for the human-centred design of privacy notifications that facilitate ex post transparency.

show abstract

From Design Requirements to Effective Privacy Notifications: Empowering Users of Online Services to Make Informed Decisions

Murmann

¹

,

Karegar

²

2021

International Journal of Human–Computer Interaction

View full text Add to dashboard Cite

Privacy notifications issued by Transparency-Enhancing Tools (TETs) constitute a conceptual means of informing users of online data services about how their personal data are processed. We elicit a set of design requirements that reflect the particularities of privacy notifications received on mobile phones. Pursuing the principles of human-centered design, we evaluate the efficacy of a prototypical implementation for the context of personal health tracking in an iterative lab study. Our findings show that privacy notifications have the potential to facilitate usable transparency and informed decision-making in terms of improving privacy in the designated usage context. The feedback obtained during the evaluation of the prototype lends itself to a refined set of design requirements. We discuss these requirements as building blocks that can help designers create usable artifacts that accommodate the needs of users of mobile health services.

show abstract

Eliciting Design Guidelines for Privacy Notifications in mHealth Environments

Murmann

¹

2021

View full text Add to dashboard Cite

The possibilities of employing mobile health (mhealth) devices for the purpose of self-quantification and fitness tracking are increasing; yet few users of online mhealth services possess proven knowledge of how their personal data are processed once the data have been disclosed. Ex post transparency-enhancing tools (TETs) can provide such insight and guide users in making informed decisions with respect to intervening with the processing of their personal data. At present, however, there are no suitable guidelines that aid designers of TETs in implementing privacy notifications that reflect their recipients' needs in terms of what they want to be notified about and the level of guidance required to audit their data effectively. Based on an analysis of gaps related to TETs, the findings of a study on privacy notification preferences, and the findings on notifications and privacy notices discussed in the literature, this paper proposes a set of guidelines for the human-centred design of privacy notifications that facilitate ex post transparency.

show abstract