Human-GDPR Interaction: Practical Experiences of Accessing Personal Data

Bowyer, Alex; Holt, Jack; Jefferies, Josephine Go; Wilson, R. G.; Kirk, David; Smeddinck, Jan David

doi:10.1145/3491102.3501947

Cited by 27 publications

(9 citation statements)

References 42 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Researchers also studied the usability of subject access request and deletion mechanisms from a number of different angles, including the ease of initiating the requests as well as the extent to which the content of the responses can be understood by average users [8,24,60,64,66]. After investigating users' awareness of their rights under the GDPR in [36], researchers found that users do not have sufficient understanding of their "right to data portability."…”

Section: Efficacy Of Subject Access Requestsmentioning

confidence: 99%

“…By the same token, users do not gain much by being informed about the collection of these categories. We also identified the categories of personal information that the developers disclosed or sold, 8 as well as the categories of recipients of users' personal information. Although the CCPA requires companies to enumerate the recipients for each category of personal information, in practice we found that only a small number of policies did so.…”

Section: Privacy Policiesmentioning

confidence: 99%

See 1 more Smart Citation

Lessons in VCR Repair: Compliance of Android App Developers with the California Consumer Privacy Act (CCPA)

Samarin

Shayna

Zaina

et al. 2023

PoPETs

View full text Add to dashboard Cite

The California Consumer Privacy Act (CCPA) provides California residents with a range of enhanced privacy protections and rights. Our research investigated the extent to which Android app developers comply with the provisions of the CCPA that require them to provide consumers with accurate privacy notices and respond to "verifiable consumer requests" (VCRs) by disclosing personal information that they have collected, used, or shared about consumers for a business or commercial purpose. We compared the actual network traffic of 109 apps that we believe must comply with the CCPA to the data that apps state they collect in their privacy policies and the data contained in responses to "right to know" requests that we submitted to the app's developers. Of the 69 app developers who substantively replied to our requests, all but one provided specific pieces of personal data (as opposed to only categorical information). However, a significant percentage of apps collected information that was not disclosed, including identifiers (55 apps, 80%), geolocation data (21 apps, 30%), and sensory data (18 apps, 26%) among other categories. We discuss improvements to the CCPA that could help app developers comply with "right to know" requests and other related regulations.

show abstract

Section: Efficacy Of Subject Access Requestsmentioning

confidence: 99%

Section: Privacy Policiesmentioning

confidence: 99%

Lessons in VCR Repair: Compliance of Android App Developers with the California Consumer Privacy Act (CCPA)

Samarin

Shayna

Zaina

et al. 2023

PoPETs

View full text Add to dashboard Cite

show abstract

“…Can we rely on alternative ways to access behavioral data (e.g., crowdsourcing [17], data donation [8])? How do these approaches ft and challenge existing data protection regulations and privacy considerations (e.g., the European General Data Protection Regulation [5])? To what extent do these approaches reinforce or mitigate existing inequalities [7]?…”

Section: Sig Goalmentioning

confidence: 99%

“…For example, looking at her activity tracker, the same participant could say "my daily steps were below my goal for two days when I was sick". In this context, design and HCI researchers support people's engagement with their behavioral data; helping them (1) navigate existing data protection regulations [5,8], (2) categorize and visualize the data and, in doing so, understand it and its implications [13,17], and (3) interpret and situate the data [8,13,18,19].…”

Section: Introductionmentioning

confidence: 99%

SIG on Data as Human-Centered Design Material

Ortega

Lövei

Noortman

et al. 2023

Extended Abstracts of the 2023 CHI Conference on Human Factors in Computing Systems

Self Cite

View full text Add to dashboard Cite

Behavioral data is ubiquitous in products, services, and systems that people interact with. It is increasingly used by design and HCI researchers and practitioners throughout their human-centered and participatory design processes. The highly dynamic nature of behavioral data makes it deeply intertwined with people, their behavior, and their experiences. Thus, it presents unique opportunities and challenges. This Special Interest Group will provide a space to refect and discuss efective and responsible ways to engage with behavioral data in human-centered design processes. We will explore questions about the types and scale of data used, the contexts in which data is embedded and applied, the methods we rely on, and the forms of engagement of the multiple stakeholders. In doing so, our goal is to collaboratively develop a research agenda, setting the scope for an annual, international symposium on Data-Centric Design. CCS CONCEPTS• Human-centered computing → Interaction design process and methods.

show abstract

“…We should learn from these experiences to improve procedures and instructions for users. Furthermore, the format and data quality of takeouts is often far from ideal, lacking crucial data sources or variables of interest (Bowyer et al, 2022). The research community must push for higher standards and the monitoring of the completeness of data take-outs, not only for its sake by also for the sake of users executing their rights to data access (Ausloos & Veale, 2020).…”

Section: Methodological Implications and Challengesmentioning

confidence: 99%

Diversity of News Consumption in a Digital Information Environment

Löecherbach¹

View full text Add to dashboard Cite

This dissertation examines the impact of a digital information environment on media diversity and the types of political news people consume. The study is based on four sub-studies, two of which focus on methodological and conceptual challenges faced by researchers in studying media diversity in the digital environment. In Chapter 2, a systematic literature review of over 200 academic articles was conducted to identify gaps in existing research, revealing that most studies on media diversity rely on outdated ideas from an era dominated by mass media, and do not consider the impact of personalization and fragmentation. Chapter 3 provides an overview of the challenges associated with collecting digital traces for research purposes, including data access, privacy, and usability of data collection tools. The chapter offers recommendations on how researchers can collect data from multiple platforms and devices to improve their studies. Chapter 4 and 5 examine the impact of fragmentation and personalization on news diversity. The main findings of these studies show that fragmentation leads to less diverse news consumption, whereas personalization leads to more niche and diverse consumption. Overall, the dissertation concludes that the digital environment has fundamentally changed the way people engage with news and that media diversity research needs to evolve to reflect these changes, considering aspects such as personalization and fragmentation.

show abstract

Human-GDPR Interaction: Practical Experiences of Accessing Personal Data

Cited by 27 publications

References 42 publications

Lessons in VCR Repair: Compliance of Android App Developers with the California Consumer Privacy Act (CCPA)

Lessons in VCR Repair: Compliance of Android App Developers with the California Consumer Privacy Act (CCPA)

SIG on Data as Human-Centered Design Material

Diversity of News Consumption in a Digital Information Environment

Contact Info

Product

Resources

About