A Design Space for Effective Privacy Notices*

Schaub, Florian; Balebako, Rebecca; Durity, Adam L.; Cranor, Lorrie Faith

doi:10.1017/9781316831960.021

Cited by 143 publications

(185 citation statements)

References 91 publications

Supporting

Mentioning

178

Contrasting

Unclassified

Order By: Relevance

“…Text summarization is a possibility, using the annotations as a guide for important details to retain. Internet users have already demonstrated limited patience with text-based privacy policies, which adds a nuance to this challenge and suggests the need for a combination of text and pictorial representations (or chiefly pictorial representations) to communicate data practices (Schaub et al, 2015).…”

Section: Future Directionsmentioning

confidence: 99%

The Creation and Analysis of a Website Privacy Policy Corpus

Wilson¹,

Schaub

Dara

et al. 2016

Proceedings of the 54th Annual Meeting of the Association for Computational Linguistics (Volume 1: Long Papers)

Self Cite

211

149

View full text Add to dashboard Cite

Website privacy policies are often ignored by Internet users, because these documents tend to be long and difficult to understand. However, the significance of privacy policies greatly exceeds the attention paid to them: these documents are binding legal agreements between website operators and their users, and their opaqueness is a challenge not only to Internet users but also to policy regulators. One proposed alternative to the status quo is to automate or semi-automate the extraction of salient details from privacy policy text, using a combination of crowdsourcing, natural language processing, and machine learning. However, there has been a relative dearth of datasets appropriate for identifying data practices in privacy policies. To remedy this problem, we introduce a corpus of 115 privacy policies (267K words) with manual annotations for 23K fine-grained data practices. We describe the process of using skilled annotators and a purpose-built annotation tool to produce the data. We provide findings based on a census of the annotations and show results toward automating the annotation procedure. Finally, we describe challenges and opportunities for the research community to use this corpus to advance research in both privacy and language technologies.

show abstract

Section: Future Directionsmentioning

confidence: 99%

The Creation and Analysis of a Website Privacy Policy Corpus

Wilson¹,

Schaub

Dara

et al. 2016

Proceedings of the 54th Annual Meeting of the Association for Computational Linguistics (Volume 1: Long Papers)

Self Cite

211

149

View full text Add to dashboard Cite

show abstract

“…While research has highlighted the importance of allowing data legibility, negotiability and agency through control [32] to the users, there still remains an explicit call for the technological embodiment of these principles. Users are continued to be presented with incomprehensible privacy statements [31,37], followed by acceptance statements where the users are constrained to binary choices [45] dictated by service providers often leading to low levels of understanding and very little space to exercise control [43].…”

Section: Current Challengesmentioning

confidence: 99%

“…Terms and conditions statements are a classic example of transparency provision where despite active research in both industry [52] and academia [21,43], the adoption of alternative forms of privacy statements that empower the user, still remain a challenge. Thus, designing data interactions that lead to increased awareness and understanding of the underlying data practises are prioritised as a means for building user trust.…”

Section: Technological Reasoningsmentioning

confidence: 99%

Explicating the Challenges of Providing Novel Media Experiences Driven by User Personal Data

Sailaja

Crabtree

McAuley

et al. 2018

Proceedings of the 2018 ACM International Conference on Interactive Experiences for TV and Online Video

View full text Add to dashboard Cite

The turn towards personal data to drive novel media experiences has resulted in a shift in the priorities and challenges associated with media creation and dissemination. This paper takes up the challenge of explicating this novel and dynamic scenario through an interview study of employees delivering diverse personal data driven media services within a large U.K. based media organisation. The results identify a need for better interactions in the user-data-service ecosystem where trust and value are prioritised and balanced. Being legally compliant and going beyond just the mandatory to further ensure social accountability and ethical responsibility as an organisation are unpacked as methods to achieve this balance in data centric interactions. The work also presents how technology is seen and used as a solution for overcoming challenges and realising priorities to provide value while preserving trust within the personal data ecosystem.

show abstract

“…In the U.S., the Federal Trade Commission has been regulating the same since the Fair Credit Reporting Act of the 1970s (Federal Trade Commission n.d.). Polices are often expected to serve multiple and contradictory roles (Schaub et al 2015). Whilst policies may be meeting legal requirements, they are not successful in fulfilling obligations to endusers (McDonald & Cranor 2008;Cranor 2012;Schaub et al 2015) as the lengthy legal jargon is often inaccessible to the non-specialist.…”

Section: Need For Regulatory Compliancementioning

confidence: 99%

“…Alternative layouts like the multilayered approach (Pinnick n.d.), nutrition label approach (Kelley et al 2009), P3P policy presentation tool based on the Expandable Grid (Reeder et al 2008), Audience View (Lipford et al 2010), Privacy Bird (Cranor et al 2006) etc have been proposed before. Even with this wide and emerging set of solutions at hand, there is still a call for further research (Schaub et al 2015) in this area as the majority of the most accessed privacy policies still follow the traditional, text-intensive format.…”

Section: Need For Contextual Integritymentioning

confidence: 99%

Industry Ideals Barriers in Using Alternative Privacy Policies

Sailaja

Jones²

2017

Electronic Workshops in Computing

View full text Add to dashboard Cite

While privacy policies were developed with the aim of helping users understand their participation in the data economy, they often fail to serve this purpose. Highly complex and extensively lengthy policies have resulted in extremely low levels of user interest and engagement, leading to the users being unaware of the personal data exchange they are involved in. There is an increasing interest in industry to shift from this pattern and move towards alternative models of privacy policies that are more engaging and less intimidating to the average user. In this paper, we outline the results of an industry workshop that explores service provider views, ideals and challenges associated with the move towards alternative models of privacy policies. The results show that providing accountability and maintaining a sustainable and trustworthy customer relationship are the key drivers for this move and focusing on user-centered data practices that enables more active user participation in this scenario is the prescribed method for this shift. The call for interdisciplinary involvement to help cater to the technological, legal, regulatory and ethical demands of this move are also highlighted.

show abstract

A Design Space for Effective Privacy Notices*

Cited by 143 publications

References 91 publications

The Creation and Analysis of a Website Privacy Policy Corpus

The Creation and Analysis of a Website Privacy Policy Corpus

Explicating the Challenges of Providing Novel Media Experiences Driven by User Personal Data

Industry Ideals Barriers in Using Alternative Privacy Policies

Contact Info

Product

Resources

About