A Usability Study on the Privacy Policy Visualization Model

Ghazinour, Kambiz; Albalawi, Tahani

doi:10.1109/dasc-picom-datacom-cyberscitec.2016.109

Cited by 9 publications

(5 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…External privacy policy is the legal obligation that each organization has to precisely declare the way that it collects, reveals and handles users’ private information. On the contrary, internal privacy policies regulate the usage of sensitive information within an organization (Ghazinour and Albalawi, 2016; Karat et al , 2006). In any case, a privacy policy is a legitimate action that should fulfill specific requirements.…”

Section: Theoretical Background and Literature Reviewmentioning

confidence: 99%

“…Results suggested that 7 out of 11 usability heuristic problems are confronted in this model. Specifically, notice/awareness problems were successfully encountered, as the symbols used could efficiently contribute to users’ knowledge about privacy issues (Ghazinour and Albalawi, 2016). Despite the fact that this research offers significant insights and the proposed visualization technique aims to positively affect users’ privacy awareness level, Ghazinour et al (2009) have only tested the usability of the proposed approach.…”

Section: Theoretical Background and Literature Reviewmentioning

confidence: 99%

See 1 more Smart Citation

Effects of privacy policy visualization on users’ information privacy awareness level

Soumelidou

Tsohou

2019

ITP

View full text Add to dashboard Cite

Purpose The purpose of this paper is to propose visualization techniques as a new representation for privacy policies instead of traditional textual representation and to examine empirically their effects on users’ information privacy awareness level. Design/methodology/approach The authors selected as a case the privacy policy of Instagram and conducted two empirical investigations, each one with three interventions and each representing a different version of the Instagram privacy policy to users. Through a pre- and a post-questionnaire, the authors examined the effects that each representation technique had on the users’ privacy awareness level. Findings The paper finds that visualized privacy policies lead to higher privacy awareness levels than conventional textual ones, especially when icons are included. Research limitations/implications The authors implemented two new representation techniques offering beneficial guidelines for designing more attractive privacy policy representations. However, the samples are rather limited for generalization to the wide population; nonetheless, they are significant to demonstrate the effect of visualized techniques. The findings might also be subject to bias (e.g. brand bias), although the authors took necessary methodological actions to prevent bias. Practical implications The results and the methodology of the paper could guide practitioners for the representation of a privacy policy, given that the authors provide systematic and concrete steps. Originality/value This paper examines the value of privacy policy visualization as a new approach for enabling user privacy awareness, as well as implements two visualization techniques for a given privacy policy. The paper and its findings should be useful for researchers, as well as for practitioners.

show abstract

Section: Theoretical Background and Literature Reviewmentioning

confidence: 99%

Section: Theoretical Background and Literature Reviewmentioning

confidence: 99%

Effects of privacy policy visualization on users’ information privacy awareness level

Soumelidou

Tsohou

2019

ITP

View full text Add to dashboard Cite

show abstract

“…The way such complex information is presented is nearly always controlled by the Organisation which uses this fact in their favour. Some research exists on this topic such as visualisation of Privacy Notices [6]- [8], including using comics [9], but the topic needs to be refreshed given the dramatic changes in the landscape in the recent years. A recent example is the Consent Request (CoRe) user interface [10] which presents a user interface to visually structure and manage consent across its lifecycle.…”

Section: ) the Lifecycle Of Consentmentioning

confidence: 99%

Towards an Accountable Web of Personal Information: The Web-of-Receipts

Jesus

2020

IEEE Access

View full text Add to dashboard Cite

Consent is a corner stone in any Privacy practice or public policy. Much beyond a simple ''accept'' button, we show in this paper that obtaining and demonstrating valid Consent can be a complex matter since it is a multifaceted problem. This is important for both Organisations and Users. As shown in recent cases, not only cannot an individual prove what they accepted at any point in time, but also organisations are struggling with proving such consent was obtained leading to inefficiencies and noncompliance. To a large extent, this problem has not obtained sufficient visibility and research effort. In this paper, we review the current state of Consent and tie it to a problem of Accountability. We argue for a different approach to how the Web of Personal Information operates: the need of an accountable Web in the form of Personal Data Receipts which are able to protect both individuals and organisation. We call this evolution the Web-of-Receipts: online actions, from registration to real-time usage, is preceded by valid consent and is auditable (for Users) and demonstrable (for Organisations) at any moment by using secure protocols and locally stored artefacts such as Receipts. The key contribution of this paper is to elaborate on this unique perspective, present proof-of-concept results and lay out a research agenda. INDEX TERMS Privacy, consent, accountability, web-of-receipts, personal data receipts.

show abstract

“…The Privacy Policy Visualization Model [11] is a framework for graphical policy representations. Policy representations in this model are diagrams that connect personal data and relevant entities, including the user and the data collector.…”

Section: Related Workmentioning

confidence: 99%