research-article

Lean Privacy Review: Collecting Users’ Privacy Concerns of Data Practices at a Low Cost

Authors:

Jason I. HongAuthors Info & Claims

ACM Transactions on Computer-Human Interaction (TOCHI), Volume 28, Issue 5

Article No.: 34, Pages 1 - 55

https://doi.org/10.1145/3463910

Published: 20 August 2021 Publication History

Abstract

Today, industry practitioners (e.g., data scientists, developers, product managers) rely on formal privacy reviews (a combination of user interviews, privacy risk assessments, etc.) in identifying potential customer acceptance issues with their organization’s data practices. However, this process is slow and expensive, and practitioners often have to make ad-hoc privacy-related decisions with little actual feedback from users. We introduce Lean Privacy Review (LPR), a fast, cheap, and easy-to-access method to help practitioners collect direct feedback from users through the proxy of crowd workers in the early stages of design. LPR takes a proposed data practice, quickly breaks it down into smaller parts, generates a set of questionnaire surveys, solicits users’ opinions, and summarizes those opinions in a compact form for practitioners to use. By doing so, LPR can help uncover the range and magnitude of different privacy concerns actual people have at a small fraction of the cost and wait-time for a formal review. We evaluated LPR using 12 real-world data practices with 240 crowd users and 24 data practitioners. Our results show that (1) the discovery of privacy concerns saturates as the number of evaluators exceeds 14 participants, which takes around 5.5 hours to complete (i.e., latency) and costs 3.7 hours of total crowd work (

$80 in our experiments); and (2) LPR finds 89% of privacy concerns identified by data practitioners as well as 139% additional privacy concerns that practitioners are not aware of, at a 6% estimated false alarm rate.

References

[1]

Roger Clarke. 2016. Privacy Introduction and Definitions. Retrieved July 17, 2018 from http://www.rogerclarke.com/DV/Intro.html.

[2]

Fox Van Allen. 2014. When the Device You Use Determines the Price You Get. Techlicious. Retrieved from https://www.techlicious.com/blog/price-discrimination-by-operating-system-device/.

[3]

Amazon. 2016. Does Amazon Have a Minimum Character Requirement for Reviews?—Selling on Amazon / General Selling Questions—Amazon Seller Forums. Retrieved February 17, 2020 from https://sellercentral.amazon.com/forums/t/does-amazon-have-a-minimum-character-requirement-for-reviews/130681.

[4]

Cynthia Van Ort, Andrew Clearwater, and Chad Quayle. 2016. An Agile Approach to PIAs and Privacy by Design. Retrieved March 30, 2020 from https://iapp.org/resources/article/an-agile-approach-to-pias-and-privacy-by-design/.

[5]

Annie I. Antón, Julia B. Earp, and Jessica D. Young. 2010. How internet users’ privacy concerns have evolved since 2002. IEEE Security & Privacy 8, 1 (2010), 21–27.

Digital Library

[6]

Noah Apthorpe, Yan Shvartzshnaider, Arunesh Mathur, Dillon Reisman, and Nick Feamster. 2018. Discovering smart home internet of things privacy norms using contextual integrity. Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies 2, 2, Article 59 (July 2018), 23 pages.

Digital Library

[7]

Charles Arthur. 2012. Marissa Mayer’s appointment: What does it mean for Yahoo? | Technology | The Guardian. Retrieved January 30, 2019 from https://www.theguardian.com/technology/2012/jul/16/marissa-mayer-appointment-mean-yahoo?newsfeed=true.

[8]

Atlassian. 2020. Epics, Stories, Themes, and Initiatives | Atlassian. Retrieved April 29, 2020 from https://www.atlassian.com/agile/project-management/epics-stories-themes.

[9]

Louise Barkhuus. 2012. The mismeasurement of privacy: Using contextual integrity to reconsider privacy in HCI. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems. ACM, New York, NY, 367–376.

Digital Library

[10]

Kent Beck, Mike Beedle, Arie Van Bennekum, Alistair Cockburn, Ward Cunningham, Martin Fowler, James Grenning, Jim Highsmith, Andrew Hunt, Ron Jeffries, Jon Kern, Brian Marick, Robert C. Martin, Steve Mellor, Ken Schwaber, Jeff Sutherland, and Dave Thomas2001. Manifesto for agile software development. https://agilemanifesto.org/.

[11]

Michael S. Bernstein, Greg Little, Robert C. Miller, Björn Hartmann, Mark S. Ackerman, David R. Karger, David Crowell, and Katrina Panovich. 2010. Soylent: A word processor with a crowd inside. In Proceedings of the 23rd Annual ACM Symposium on User Interface Software and Technology. ACM, 313–322.

Digital Library

[12]

Jaspreet Bhatia and Travis D. Breaux. 2018. Empirical measurement of perceived privacy risk. ACM Transactions on Computer-Human Interaction 25, 6, Article 34 (December 2018), 47 pages.

Digital Library

[13]

Engin Bozdag. 2020. Privacy at Speed: Privacy by Design for Agile Development at Uber. USENIX Association, San Francisco, CA.

[14]

Virginia Braun and Victoria Clarke. 2006. Using thematic analysis in psychology. Qualitative Research in Psychology 3, 2 (2006), 77–101.

[15]

Alex Braunstein, Laura Granka, and Jessica Staddon. 2011. Indirect content privacy surveys: Measuring privacy without asking about it. In Proceedings of the 7th Symposium on Usable Privacy and Security. ACM, 15.

Digital Library

[16]

Sean Brooks, Sean Brooks, Michael Garcia, Naomi Lefkovitz, Suzanne Lightman, and Ellen Nadeau. 2017. An Introduction to Privacy Engineering and Risk Management in Federal Systems. US Department of Commerce, National Institute of Standards and Technology, Gaithersburg, MD.

[17]

Ryan Calo. 2013. Digital market manipulation. George Washington Law Review 82, 4 (2013), 995.

[18]

Nicholas Carlson. 2010. WARNING: Google Buzz Has a Huge Privacy Flaw—Business Insider. Retrieved December 18, 2018 from https://www.businessinsider.com/warning-google-buzz-has-a-huge-privacy-flaw-2010-2.

[19]

Ann Cavoukian. 2011. Privacy by Design in Law, Policy and Practice. A White Paper for Regulators, Decision-Makers and Policy-Makers. Information and Privacy Commissioner, Ontario.

[20]

Bill Chappell. 2013. Google: Don’t Expect Privacy When Sending to Gmail | Technology | The Guardian. Retrieved April 11, 2020 from https://www.theguardian.com/technology/2013/aug/14/google-gmail-users-privacy-email-lawsuit.

[21]

Lydia B. Chilton, Greg Little, Darren Edge, Daniel S. Weld, and James A. Landay. 2013. Cascade: Crowdsourcing taxonomy creation. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems. 1999–2008.

Digital Library

[22]

Amit Chowdhry. 2016. Uber: Users Are More Likely to Pay Surge Pricing if Their Phone Battery is Low. Forbes. Retrieved from https://www.forbes.com/sites/amitchowdhry/2016/05/25/uber-low-battery.

[23]

David Cohen, Mikael Lindvall, and Patricia Costa. 2004. An introduction to agile methods.Advances in Computers 62, 03 (2004), 1–66.

[24]

Federal Trade Commission Staff. 2012. Protecting consumer privacy in an era of rapid change–A proposed framework for businesses and policymakers. Journal of Privacy and Confidentiality 3, 1 (2011).

[25]

The Nielsen Company. 2011. Privacy Please! U.S. Smartphone App Users Concerned with Privacy When it Comes to Location. Retrieved December 20, 2018 from https://www.nielsen.com/us/en/insights/news/2011/privacy-please-u-s-smartphone-app-users-concerned-with-privacy-when-it-comes-to-location.html.

[26]

Sunny Consolvo, Ian E. Smith, Tara Matthews, Anthony LaMarca, Jason Tabert, and Pauline Powledge. 2005. Location disclosure to social relations: Why, when, & what people want to share. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems. ACM, 81–90.

Digital Library

[27]

Josh Constine. 2017. Facebook Rolls Out AI to Detect Suicidal Posts before They’re Reported | TechCrunch. Retrieved February 04, 2020 from https://techcrunch.com/2017/11/27/facebook-ai-suicide-prevention/?guccounter=1.

[28]

Lorrie Faith Cranor and Norman Sadeh. 2013. Privacy engineering emerges as a hot new career. IEEE Potentials 32, 6 (2013), 7–9.

[29]

Mary J. Culnan and Pamela K. Armstrong. 1999. Information privacy concerns, procedural fairness, and impersonal trust: An empirical investigation. Organization Science 10, 1 (1999), 104–115.

Digital Library

[30]

Adele Da Veiga. 2018. An information privacy culture instrument to measure consumer privacy expectations and confidence. Information & Computer Security26, 3, (2018), 338–364.

[31]

Sauvik Das. 2016. Social cybersecurity: Understanding and leveraging social influence to increase security sensitivity. it-Information Technology 58, 5 (2016), 237–245.

[32]

Scott Davidoff, Min Kyung Lee, Anind K. Dey, and John Zimmerman. 2007. Rapidly exploring application design through speed dating. In Proceedings of the International Conference on Ubiquitous Computing. Springer, 429–446.

Digital Library

[33]

George Demiris, Brian K. Hensel, Marjorie Skubic, and Marilyn Rantz. 2008. Senior residents’ perceived need of and preferences for “smart home” sensor technologies. International Journal of Technology Assessment in Health Care 24, 1 (2008), 120–124.

[34]

Jia Deng, Wei Dong, Richard Socher, Li-Jia Li, Kai Li, and Li Fei-Fei. 2009. Imagenet: A large-scale hierarchical image database. In Proceedings of the 2009 IEEE Conference on Computer Vision and Pattern Recognition. IEEE, 248–255.

[35]

Department of Health, Education, and Welfare; National Commission for the Protection of Human Subjects of Biomedical and Behavioral Research. 2014. The Belmont report. Ethical principles and guidelines for the protection of human subjects of research.The Journal of the American College of Dentists 81, 3 (2014), 4.

[36]

Department of Homeland Security. 2020. Privacy Impact Assessment Template. Retrieved March 23, 2020 from https://www.dhs.gov/xlibrary/assets/privacy/privacy_pia_template.pdf.

[37]

Aaron Yi Ding, Gianluca Limon De Jesus, and Marijn Janssen. 2019. Ethical hacking for boosting IoT vulnerability management: A first look into bug bounty programs and responsible disclosure. In Proceedings of the 8th International Conference on Telecommunications and Remote Sensing. 49–55.

Digital Library

[38]

Ryan Drapeau, Lydia B. Chilton, Jonathan Bragg, and Daniel S. Weld. 2016. Microtalk: Using argumentation to improve crowdsourcing accuracy. In Proceedings of the 4th AAAI Conference on Human Computation and Crowdsourcing.

[39]

Serge Egelman, Adrienne Porter Felt, and David Wagner. 2013. Choice architecture and smartphone privacy: There’sa price for that. In The Economics of Information Security and Privacy. Böhme R. (Ed.), Springer, Berlin, 211–236.

[40]

Malin Eiband, Mohamed Khamis, Emanuel Von Zezschwitz, Heinrich Hussmann, and Florian Alt. 2017. Understanding shoulder surfing in the wild: Stories from users and observers. In Proceedings of the 2017 CHI Conference on Human Factors in Computing Systems. 4254–4265.

Digital Library

[41]

Dean Eckles, Eytan Bakshy, and Michael Bernstein. 2014. Big Experiments: Big Data’s Friend for Making Decisions | Facebook. Retrieved March 02, 2020 from https://www.facebook.com/notes/facebook-data-science/big-experiments-big-datas-friend-for-making-decisions/10152160441298859/.

[42]

Adrienne Porter Felt, Serge Egelman, and David Wagner. 2012. I’ve got 99 problems, but vibration ain’t one: A survey of smartphone users’ concerns. In Proceedings of the 2nd ACM Workshop on Security and Privacy in Smartphones and Mobile Devices. ACM, New York, NY, 33–44.

Digital Library

[43]

Rachel L. Finn, David Wright, and Michael Friedewald. 2013. Seven types of privacy. In European Data Protection: Coming of Age. S. Gutwirth, R. Leenes, P. de Hert, and Y. Poullet (Eds.), Springer, 3–32.

[44]

Nuno Fortes, Paulo Rita, and Margherita Pagani. 2017. The effects of privacy concerns, perceived risk and trust on online purchasing behaviour. International Journal of Internet Marketing and Advertising 11, 4 (2017), 307–329.

[45]

Sheera Frenkel and Kate Conger. 2018. Facebook’s Security Chief to Depart for Stanford University—The New York Times. Retrieved January 15, 2019 from https://www.nytimes.com/2018/08/01/technology/facebook-security-alex-stamos.html.

[46]

Kevin Granville. 2018. Facebook and Cambridge analytica: What you need to know as fallout widens. The New York Times. Retrieved July 07, 2020 https://www.nytimes.com/2018/03/19/technology/facebook-cambridge-analytica-explained.html.

[47]

Frances S. Grodzinsky and Herman T. Tavani. 2011. Privacy in the cloud: Applying Nissenbaum’s theory of contextual integrity. ACM SIGCAS Computers and Society 41, 1 (2011), 38–47.

Digital Library

[48]

Jens Grossklags and Alessandro Acquisti. 2007. When 25 cents is too much: An experiment on willingness-to-sell and willingness-to-protect personal information. In Proceedings of 6th Workshop on the Economics of Information Security.

[49]

The Guardian. 2018. Revealed: 50 Million Facebook Profiles Harvested for Cambridge Analytica in Major Data Breach | News. Retrieved September 26, 2018 from https://www.theguardian.com/news/2018/mar/17/cambridge-analytica-facebook-influence-us-election.

[50]

Qi Guo, Haojian Jin, Dmitry Lagun, Shuai Yuan, and Eugene Agichtein. 2013. Mining touch interaction data on mobile devices to predict web search result relevance. In Proceedings of the 36th International ACM SIGIR Conference on Research and Development in Information Retrieval. ACM, 153–162.

Digital Library

[51]

Drew Harwell. 2019. The Pregnancy-Tracking App Ovia Lets Women Record Their Most Sensitive Data for Themselves—and Their Boss—The Washington Post. Retrieved February 04, 2020 from https://www.washingtonpost.com/technology/2019/04/10/tracking-your-pregnancy-an-app-may-be-more-public-than-you-think/?arc404=true.

[52]

Miguel Helft. 2010. Google Alters Buzz Service over Privacy Concerns —The New York Times. Retrieved January 9, 2019 from https://www.nytimes.com/2010/02/15/technology/internet/15google.html.

[53]

Kashmir Hill. 2012. How Target Figured Out a Teen Girl Was Pregnant before Her Father Did. Retrieved August 27, 2019 from https://www.forbes.com/sites/kashmirhill/2012/02/16/how-target-figured-out-a-teen-girl-was-pregnant-before-her-father-did/.

[54]

Kashmir Hill. 2014. OkCupid Lied to Users about Their Compatibility as an Experiment. Retrieved July 6, 2018 from https://www.forbes.com/sites/kashmirhill/2014/07/28/okcupid-experiment-compatibility-deception/.

[55]

Laura M. Holson. 2009. Putting a Bolder Face on Google—The New York Times. Retrieved January 30, 2019 https://www.nytimes.com/2009/03/01/business/01marissa.html?pagewanted=3&mtrref=undefined&gwh=2970AE389901E20D8913B8FB7ABB5DBE&gwt=pay.

[56]

Jason I. Hong, Jennifer D. Ng, Scott Lederer, and James A. Landay. 2004. Privacy risk models for designing privacy-sensitive ubiquitous computing systems. In Proceedings of the 5th Conference on Designing Interactive Systems: Processes, Practices, Methods, and Techniques. ACM, 91–100.

Digital Library

[57]

Giovanni Iachello and Jason Hong. 2007. End-user privacy in human–computer interaction. Foundations and Trends® in Human–Computer Interaction 1, 1 (2007), 1–137.

Digital Library

[58]

Qatrunnada Ismail, Tousif Ahmed, Apu Kapadia, and Michael K. Reiter. 2015. Crowdsourced exploration of security configurations. In Proceedings of the 33rd Annual ACM Conference on Human Factors in Computing Systems. 467–476.

Digital Library

[59]

Molly Jackman and Lauri Kanerva. 2016. Evolving the IRB: Building robust review for industry research. Washington and Lee Law Review Online 72, 3 (2016), 442.

[60]

Yunhan Jack Jia, Qi Alfred Chen, Shiqi Wang, Amir Rahmati, Earlence Fernandes, Zhuoqing Morley Mao, Atul Prakash, and Shanghai JiaoTong Unviersity. 2017. ContexloT: Towards providing contextual integrity to appified IoT platforms.In Proceedings of the 24th Annual Network and Distributed System Security Symposium.

[61]

Haojian Jin, Tetsuya Sakai, and Koji Yatani. 2014. ReviewCollage: A mobile interface for direct comparison using online reviews. In Proceedings of the 16th International Conference on Human-Computer Interaction with Mobile Devices & Services. 349–358.

Digital Library

[62]

Aniket Kittur, Ed H. Chi, and Bongwon Suh. 2008. Crowdsourcing user studies with mechanical turk. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems. ACM, 453–456.

Digital Library

[63]

Aniket Kittur, Boris Smus, Susheel Khamkar, and Robert E. Kraut. 2011. Crowdforge: Crowdsourcing complex work. In Proceedings of the 24th Annual ACM Symposium on User Interface Software and Technology. 43–52.

Digital Library

[64]

Ron Kohavi, Alex Deng, Brian Frasca, Toby Walker, Ya Xu, and Nils Pohlmann. 2013. Online controlled experiments at large scale. In Proceedings of the 19th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. 1168–1176.

Digital Library

[65]

Adam D. I. Kramer, Jamie E. Guillory, and Jeffrey T. Hancock. 2014. Experimental evidence of massive-scale emotional contagion through social networks. Proceedings of the National Academy of Sciences of the United States of America, 111, 24 (2014), 8788–8790.

[66]

Katharina Krombholz, Adrian Dabrowski, Matthew Smith, and Edgar Weippl. 2017. Exploring design directions for wearable privacy. In Proceedings of USEC Mini Conference. Internet Society. https://www.internetsociety.org/doc/exploring-design-directions-wearable-privacy.

[67]

Ponnurangam Kumaraguru and Lorrie Faith Cranor. 2005. Privacy Indexes: A Survey of Westin’s Studies (CMU-ISRI-5-138), Technical Report. Institute for Software Research International, School of Computer Science, Carnegie Mellon University, Pittsburgh, PA.

[68]

Michelle Kwasny, Kelly Caine, Wendy A. Rogers, and Arthur D. Fisk. 2008. Privacy and technology: Folk definitions and perspectives. In Proceedings of the CHI’08 Extended Abstracts on Human Factors in Computing Systems. 3291–3296.

Digital Library

[69]

Walter Lasecki, Christopher Miller, Adam Sadilek, Andrew Abumoussa, Donato Borrello, Raja Kushalnagar, and Jeffrey Bigham. 2012. Real-time captioning by groups of non-experts. In Proceedings of the 25th Annual ACM Symposium on User Interface Software and Technology. 23–34.

Digital Library

[70]

Haein Lee, Hyejin Park, and Jinwoo Kim. 2013. Why do people share their context information on Social Network Services? A qualitative study and an experimental study on users’ behavior of balancing perceived benefit and risk. International Journal of Human-Computer Studies 71, 9 (2013), 862–877.

Digital Library

[71]

Sam Levin. 2017. Facebook Told Advertisers It Can Identify Teens Feeling ’insecure’ and ’worthless’ | Technology | The Guardian. Retrieved February 17, 2020 from https://www.theguardian.com/technology/2017/may/01/facebook-advertising-data-insecure-teens.

[72]

Yang Li, Jason I. Hong, and James A. Landay. 2007. Design challenges and principles for Wizard of Oz testing of location-enhanced applications. IEEE Pervasive Computing 6, 2 (2007), 70–75.

Digital Library

[73]

Jialiu Lin, Bin Liu, Norman Sadeh, and Jason I. Hong. 2014. Modeling users’ mobile app privacy preferences: Restoring usability in a sea of permission settings. In Proceedings of the 10th Symposium on Usable Privacy and Security.

Digital Library

[74]

Leib Litman, Jonathan Robinson, and Tzvi Abberbock. 2017. TurkPrime. com: A versatile crowdsourcing data acquisition platform for the behavioral sciences. Behavior Research Methods 49, 2 (2017), 433–442.

[75]

Di Liu, Randolph G. Bias, Matthew Lease, and Rebecca Kuipers. 2012. Crowdsourcing for usability testing. Proceedings of the American Society for Information Science and Technology 49, 1 (2012), 1–10.

[76]

Yabing Liu, Krishna P. Gummadi, Balachander Krishnamurthy, and Alan Mislove. 2011. Analyzing Facebook privacy settings: User expectations vs. reality. In Proceedings of the 2011 ACM SIGCOMM Conference on Internet Measurement Conference. 61–70.

Digital Library

[77]

Lucidchart. 2018. Context Data Flow Diagram Template. Retrieved December 22, 2018 from https://www.lucidchart.com/pages/templates/data-flow-diagram/context-data-flow-diagram-template.

[78]

Miguel Malheiros, Sören Preibusch, and M. Angela Sasse. 2013. “Fairly truthful”: The impact of perceived effort, fairness, relevance, and sensitivity on personal data disclosure. In Proceedings of the International Conference on Trust and Trustworthy Computing. Springer, 250–266.

[79]

Scott McCloud. 1993. Understanding Comics: The Invisible Art. Northampton, Mass. William Morrow Paperbacks.

[80]

Aleecia M. McDonald and Lorrie Faith Cranor. 2010. Americans’ attitudes about internet behavioral advertising practices. In Proceedings of the 9th Annual ACM Workshop on Privacy in the Electronic Society. ACM, New York, NY, 63–72.

Digital Library

[81]

Matt McFarland. 2018. Amazon Go: No Cashiers, Hundreds of Cameras, and Lots of data—CNN. Retrieved February 4, 2020 from https://www.cnn.com/2018/10/03/tech/amazon-go/index.html.

[82]

Alan McQuinn and Daniel Castro. 2019. The Costs of an Unnecessarily Stringent Federal Data Privacy Law. Technical Report. Information Technology and Innovation Foundation, Washington, D.C.

[83]

MeetingKing. 2020. Calculate Meeting Cost. Retrieved March 2, 2020 from https://meetingking.com/meeting-cost-calculator/.

[84]

Rolf Molich and Jakob Nielsen. 1990. Improving a human-computer dialogue. Communications of the ACM 33, 3 (March 1990), 338–348.

Digital Library

[85]

Vivian Genaro Motti and Kelly Caine. 2015. Users’ privacy concerns about wearables. In Proceedings of the International Conference on Financial Cryptography and Data Security. Springer, 231–244.

[86]

Stuart Myerscough, Ben Lowe, and Frank Alpert. 2008. Willingness to provide personal information online: The role of perceived privacy risk, privacy statements and brand strength. Journal of Website Promotion 2, 1–2 (2008), 115–140.

[87]

Arvind Narayanan and Bendert Zevenbergen. 2015. No encore for encore? Ethical questions for web-based censorship measurement. Retrieved September 24, 2015 from https://ssrn.com/abstract=2665148 or http://dx.doi.org/10.2139/ssrn.2665148

[88]

Lily Hay Newman. 2018. The Privacy Battle to Save Google from Itself | WIRED. Retrieved January 10, 2019 from https://www.wired.com/story/google-privacy-data/.

[89]

Jakob Nielsen. 1995. Applying discount usability engineering. IEEE Software 12, 1 (1995), 98–100.

Digital Library

[90]

Jakob Nielsen. 1995. Heuristic Evaluation: How-To: Article by Jakob Nielsen. Retrieved January 04, 2019 from https://www.nngroup.com/articles/how-to-conduct-a-heuristic-evaluation/.

[91]

Jakob Nielsen and Rolf Molich. 1990. Heuristic evaluation of user interfaces. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems. ACM, New York, NY, 249–256.

Digital Library

[92]

Helen Nissenbaum. 2009. Privacy in Context: Technology, Policy, and the Integrity of Social Life. Stanford University Press.

Digital Library

[93]

National Institute of Standards and Technology. 2015. Draft NISTIR 8062: An Introduction to Privacy Engineering and Risk Management in Federal Systems. Retrieved from https://csrc.nist.gov/csrc/media/publications/nistir/8062/draft/documents/nistir_8062_draft.pdf.

[94]

National Institute of Standards and Technology. 2017. NISTIR 8062: An Introduction to Privacy Engineering and Risk Management in Federal Systems. Retrieved from https://nvlpubs.nist.gov/nistpubs/ir/2017/NIST.IR.8062.pdf.

[95]

Information Commissioner’s Office. 2020. Data Protection Impact Assessments (DPIAs) | ICO. Retrieved December 30, 2020 from https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/data-protection-impact-assessments-dpias/.

[96]

Cathy O’Neil. 2019. China Knows How to Take Away Your Health Insurance— Bloomberg. Retrieved February 04, 2020 from https://www.bloomberg.com/opinion/articles/2019-06-14/china-knows-how-to-take-away-your-health-insurance.

[97]

Stacey A. Page and Jeffrey Nyeboer. 2017. Improving the process of research ethics review. Research Integrity and Peer Review 2, 1 (2017), 1–7.

[98]

R. Michael Varney Pamela S. Hrubey. 2020. Privacy and Data Protection: Internal Audit’s Role in Establishing a Resilient Framework. Retrieved December 28, 2020 from https://www.crowe.com/-/media/Crowe/LLP/folio-pdf-hidden/Privacy_and_Data_Protection_Crowe_IIA_IAF_Joint_Report_CC2015-006.pdf?la=en-US&modified=20200407161139&hash=4F7360FDC3C61D820622DA34FC448C5B1E6F7877.

[99]

Clare Payne. 2016. Bad People, or Bad Decisions? | Investment Magazine. Retrieved April 26, 2020 from https://www.investmentmagazine.com.au/2016/11/bad-people-or-bad-decisions/.

[100]

Dan Pearson. 2016. Riot Uses LoL Chatlogs to Weed Out Toxic Employees | GamesIndustry.biz. Retrieved February 4, 2020 from https://www.gamesindustry.biz/articles/2016-06-10-riot-uses-lol-chatlogs-to-weed-out-toxic-employees.

[101]

Angelisa C. Plane, Elissa M. Redmiles, Michelle L. Mazurek, and Michael Carl Tschantz. 2017. Exploring user perceptions of discrimination in online targeted advertising. In Proceedings of the 26th USENIX Security Symposium.

Digital Library

[102]

CMU PrivacyGrade. 2015. Grading the Privacy of Smartphone Apps. http://privacygrade.org/.

[103]

Leena Rao. 2011. Sexual Activity Tracked by Fitbit Shows Up in Google Search Results | TechCrunch. Retrieved February 4, 2020 from https://techcrunch.com/2011/07/03/sexual-activity-tracked-by-fitbit-shows-up-in-google-search-results/.

[104]

Michael Reilly. 2017. Is Facebook Targeting Ads at Sad Teens?—MIT Technology Review. Retrieved February 17, 2020 from https://www.technologyreview.com/s/604307/is-facebook-targeting-ads-at-sad-teens/.

[105]

Eric Reis. 2011. The Lean Startup, Vol. 27. Crown Business, New York, NY.

[106]

Matthew Richardson, Ewa Dominowska, and Robert Ragno. 2007. Predicting clicks: Estimating the click-through rate for new ads. In Proceedings of the 16th International Conference on World Wide Web. ACM, 521–530.

Digital Library

[107]

Mary Beth Rosson, John M. Carroll, and Natalie Hill. 2002. Usability Engineering: Scenario-Based Development of Human-Computer Interaction. Morgan Kaufmann.

Digital Library

[108]

Spencer Rothwell, Steele Carter, Ahmad Elshenawy, and Daniela Braga. 2016. Job complexity and user attention in crowdsourcing microtasks. In Proceedings of the 3rd AAAI Conference on Human Computation and Crowdsourcing.

[109]

Stuart Schechter and Cristian Bravo-Lillo. 2014. Ethical-Response Survey Report: Fall 2014. Technical Report. Technical Report MSR-TR-2014-140. https://www.microsoft.com/en-us/research/publication/ethical-response-survey-report-fall-2014/.

[110]

Stuart Schechter and Cristian Bravo-Lillo. 2014. Using ethical-response surveys to identify sources of disapproval and concern with Facebook’s emotional contagion experiment and other controversial studies. https://www.microsoft.com/en-us/research/wp-content/uploads/2016/02/CURRENT20DRAFT20-20Ethical-Response20Survey.pdf.

[111]

NOAM SCHEIBER. 2017. How Uber Uses Psychological Tricks to Push its Drivers’ Buttons. Retrieved July 8, 2018 from https://www.nytimes.com/interactive/2017/04/02/technology/uber-drivers-psychological-tricks.html.

[112]

Kim Bartel Sheehan. 2002. Toward a typology of Internet users and online privacy concerns. The Information Society 18, 1 (2002), 21–32.

[113]

Michael Skirpan and Tom Yeh. 2017. Designing a moral compass for the future of computer vision using speculative analysis. In Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition Workshops. IEEE, 1368–1377.

[114]

Smartdraw. 2018. Data Flow Diagram—Everything You Need to Know About DFD. Retrieved December 22, 2018 from https://www.smartdraw.com/data-flow-diagram/.

[115]

Daniel J. Solove. 2006. A taxonomy of privacy. University of Pennsylvania Law Review 154, 3 (2006), 477.

[116]

Sarah Spiekermann. 2012. The challenges of privacy by design. Communications of the ACM 55, 7 (2012), 38–40.

Digital Library

[117]

Adam Tanner. 2014. What Stays in Vegas: The World of Personal Data—Lifeblood of Big Business—and the End of Privacy as We Know It. PublicAffairs.

Digital Library

[118]

Gwen Thomas. 2006. The DGI Data Governance Framework, Vol. 20. The Data Governance Institute, Orlando, FL.

[119]

ThoughtWorks. 2015. Security Sandwich | Technology Radar | ThoughtWorks. Retrieved April 25, 2020 from https://www.thoughtworks.com/radar/techniques/security-sandwich.

[120]

Tripadvisor. 2019. Number of Characters for Review—Tripadvisor Support Forum. Retrieved February 17, 2020 from https://www.tripadvisor.com/ShowTopic-g1-i12105-k12375287-Number_of_characters_for_review-Tripadvisor_Support.html.

[121]

Khai N. Truong, Gillian R. Hayes, and Gregory D. Abowd. 2006. Storyboarding: An empirical determination of best practices and effective guidelines. In Proceedings of the 6th Conference on Designing Interactive Systems. ACM, 12–21.

Digital Library

[122]

Khai N. Truong, Elaine M. Huang, Molly M. Stevens, and Gregory D. Abowd. 2004. How do users think about ubiquitous computing? In Proceedings of the CHI’04 Extended Abstracts on Human Factors in Computing Systems. ACM, 1317–1320.

Digital Library

[123]

Blase Ur, Pedro Giovanni Leon, Lorrie Faith Cranor, Richard Shay, and Yang Wang. 2012. Smart, useful, scary, creepy: Perceptions of online behavioral advertising. In Proceedings of the 8th Symposium on Usable Privacy and Security. ACM, New York, NY, Article 4, 15 pages.

Digital Library

[124]

Lawrence G. Votta Jr. 1993. Does every inspection need a meeting? In Proceedings of the 1st ACM SIGSOFT Symposium on Foundations of Software Engineering. 107–114.

Digital Library

[125]

Vox. 2018. The Facebook and Cambridge Analytica scandal, explained with a simple diagram. Retrieved September 26, 2018 from https://www.vox.com/policy-and-politics/2018/3/23/17151916/facebook-cambridge-analytica-trump-diagram.

[126]

Xu Wang, Srinivasa Teja Talluri, Carolyn Rose, and Kenneth Koedinger. 2019. UpGrade: Sourcing student open-ended solutions to create scalable learning opportunities. In Proceedings of the 6th (2019) ACM Conference on Learning@ Scale. 1–10.

Digital Library

[127]

Yang Wang, Gregory Norcie, Saranga Komanduri, Alessandro Acquisti, Pedro Giovanni Leon, and Lorrie Faith Cranor. 2011. “I regretted the minute I pressed share” a qualitative study of regrets on Facebook. In Proceedings of the 7th Symposium on Usable Privacy and Security. 1–16.

Digital Library

[128]

Yang Wang, Gregory Norice, and Lorrie Faith Cranor. 2011. Who is concerned about what? A study of American, Chinese and Indian users’ privacy concerns on social network sites. In Proceedings of the 4th International Conference on Trust and Trustworthy Computing. Springer, 146–153.

Digital Library

[129]

Zhou Wei. 2019. What Your Face May Tell Lenders about Whether You’re Creditworthy—WSJ. Retrieved February 4, 2020 from https://www.wsj.com/articles/what-your-face-may-tell-lenders-about-whether-youre-creditworthy-11560218700.

[130]

Western City. 2012. The “Front Page” Test: An Easy Ethics Standard—Western City Magazine. Retrieved April 25, 2020 from https://www.westerncity.com/article/front-page-test-easy-ethics-standard.

[131]

Wikipedia. 2020. Discounted Cumulative Gain—Wikipedia. Retrieved March 3, 2020 from https://en.wikipedia.org/wiki/Discounted_cumulative_gain.

[132]

Wikipedia. 2020. Separation of Duties. Retrieved April 23, 2020 from https://en.wikipedia.org/wiki/Separation_of_duties.

[133]

Jenifer S. Winter. 2012. Privacy and the emerging internet of things: Using the framework of contextual integrity to inform policy. In Proceedings of the Pacific Telecommunication Council Conference, Vol. 2012.

[134]

Molly Wood. 2014. OKCupid Plays With Love in User Experiments—The New York Times. Retrieved July 6, 2018 from https://www.nytimes.com/2014/07/29/technology/okcupid-publishes-findings-of-user-experiments.html?ref=technology&_r=1.

[135]

Allison Woodruff, Vasyl Pihur, Sunny Consolvo, Lauren Schmidt, Laura Brandimarte, and Alessandro Acquisti. 2014. Would a privacy fundamentalist sell their DNA for $1000... if nothing bad happened as a result? The Westin categories, behavioral intentions, and consequences. In Proceedings of the 10th USENIX Conference on Usable Privacy and Security, Vol. 5, USENIX Association, 1–18.

Digital Library

[136]

David Wright and Paul De Hert. 2011. Privacy Impact Assessment. Vol. 6. Springer Science & Business Media.

Cited By

Dehling TSunyaev A(2023)A Design Theory for Transparency of Information Privacy PracticesInformation Systems Research10.1287/isre.2019.0239Online publication date: 8-Aug-2023
https://doi.org/10.1287/isre.2019.0239
Gardner DTanenbaum T(2023)The access control double bind: How everyday interfaces regulate access and privacy, enable surveillance, and enforce identityConvergence: The International Journal of Research into New Media Technologies10.1177/1354856523119370630:3(1186-1218)Online publication date: 19-Aug-2023
https://doi.org/10.1177/13548565231193706
Saad ALiebers JSchneegass SGruenefeld U(2023)“They see me scrollin”—Lessons Learned from Investigating Shoulder Surfing Behavior and Attack Mitigation StrategiesHuman Factors in Privacy Research10.1007/978-3-031-28643-8_10(199-218)Online publication date: 10-Mar-2023
https://doi.org/10.1007/978-3-031-28643-8_10
Show More Cited By

Index Terms

Lean Privacy Review: Collecting Users’ Privacy Concerns of Data Practices at a Low Cost
1. Human-centered computing
  1. Human computer interaction (HCI)
    1. HCI design and evaluation methods
2. Security and privacy
  1. Human and societal aspects of security and privacy

Recommendations

The effects of attacker identity and individual user characteristics on the value of information privacy

Past research indicates that people have strong concerns about their information privacy. This study applies multi-attribute utility theory to conceptualize the concern for smartphone privacy and examine how people value smartphone privacy protection. ...
Increasing service users' privacy awareness by introducing on-line interactive privacy features
NordSec'11: Proceedings of the 16th Nordic conference on Information Security Technology for Applications

The work presented in this paper introduces the concept of <em>On-line Interactive (OI) privacy feature</em> which is defined as any on-line interactive tool, component or user-interface that creates privacy awareness and supports users in understanding ...
A meta-analysis to explore privacy cognition and information disclosure of internet users
Highlights
- Identify the differences between privacy concerns and perceived privacy risks based on the Elaboration Likelihood Model.
Abstract
Based on the Elaboration Likelihood Model (ELM), this study identifies the differences between perceived privacy risks and privacy concern. Furthermore, the study analyses how perceived privacy risks and privacy concerns affect the ...

Comments

Information & Contributors

Information

Published In

cover image ACM Transactions on Computer-Human Interaction

ACM Transactions on Computer-Human Interaction Volume 28, Issue 5

October 2021

308 pages

ISSN:1073-0516

EISSN:1557-7325

DOI:10.1145/3481685

Editor:
Kristina Höök
KTH Royal Institute of Technology, Sweden

Issue’s Table of Contents

Copyright © 2021 Copyright held by the owner/author(s). Publication rights licensed to ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 20 August 2021

Accepted: 01 April 2021

Revised: 01 February 2021

Received: 01 April 2020

Published in TOCHI Volume 28, Issue 5

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Refereed

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

4
Total Citations
View Citations
730
Total Downloads

Downloads (Last 12 months)260
Downloads (Last 6 weeks)47

Reflects downloads up to 30 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

Dehling TSunyaev A(2023)A Design Theory for Transparency of Information Privacy PracticesInformation Systems Research10.1287/isre.2019.0239Online publication date: 8-Aug-2023
https://doi.org/10.1287/isre.2019.0239
Gardner DTanenbaum T(2023)The access control double bind: How everyday interfaces regulate access and privacy, enable surveillance, and enforce identityConvergence: The International Journal of Research into New Media Technologies10.1177/1354856523119370630:3(1186-1218)Online publication date: 19-Aug-2023
https://doi.org/10.1177/13548565231193706
Saad ALiebers JSchneegass SGruenefeld U(2023)“They see me scrollin”—Lessons Learned from Investigating Shoulder Surfing Behavior and Attack Mitigation StrategiesHuman Factors in Privacy Research10.1007/978-3-031-28643-8_10(199-218)Online publication date: 10-Mar-2023
https://doi.org/10.1007/978-3-031-28643-8_10
Jin HGuo BRoychoudhury RYao YKumar SAgarwal YHong J(2022)Exploring the Needs of Users for Supporting Privacy-Protective Behaviors in Smart HomesProceedings of the 2022 CHI Conference on Human Factors in Computing Systems10.1145/3491102.3517602(1-19)Online publication date: 29-Apr-2022
https://dl.acm.org/doi/10.1145/3491102.3517602

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

HTML Format

View this article in HTML Format.

Media

Figures

Other

Tables

View Issue’s Table of Contents