320 likes | 460 Views
Displaying privacy information with icons. Leif-Erik Holtz Marit Hansen PrimeLife / IFIP Summer School 2010 Helsingborg, August 6th, 2010. Content. Introduction Related work Approaches to implement privacy icons Icons for general usage Icons for an e-commerce scenario
E N D
Displaying privacy information with icons Leif-Erik Holtz Marit Hansen PrimeLife / IFIP Summer School 2010 Helsingborg, August 6th, 2010
Content • Introduction • Related work • Approaches to implement privacy icons • Icons for general usage • Icons for an e-commerce scenario • Icons for a social network scenario • Conclusions and outlook PrimeLife/IFIP Summer School 2010
1. Introduction Every person has an individual view on her privacy, what to protect and what information to share with others. Which factors are important for this individual view? • Cultural background • Social background • Legal background PrimeLife/IFIP Summer School 2010
1. Introduction The cultural background is important for the individual view: • people in Asia for example might have a different understanding of privacy than people in Europe or people in Africa • privacy also might have another importance in Japan than in China • the individual view on privacy will also be influenced by the degree of individual freedom PrimeLife/IFIP Summer School 2010
1. Introduction The social background is important for the individual view, too: • especially young people use all options of modern communication like social networking sites and consequently often have a different view on privacy than older people • people with a higher degree of education might have a different view on privacy than people with a lower degree of education PrimeLife/IFIP Summer School 2010
1. Introduction The legal background is important, too: • European data protection law requires clarity and transparency on the data processing and possible consequences for the individual • US-American law is different and less concrete, law in Japan or China for example is different, too People are inter alia influenced by the law of their country PrimeLife/IFIP Summer School 2010
1. Introduction One of the core elements of European data protection legislation is that data must only be handled if the data controller has a legal basis or if the person concerned gave her (informed) consent (see Art. 7 of Directive 95/46 EC) • data handling parties therefore have to provide the information necessary for the person concerned • how can this be achieved? – usage of privacy policies • problem: even if the information necessary to provide perfect transparency is provided by the data controller most users refrain from studying it PrimeLife/IFIP Summer School 2010
1. Introduction As a solution, machine-readable privacy policies that could be interpreted by the user’s machine according to her preferences were proposed: • P3P (Platform for Privacy Preferences by the World Wide Web Consortium) Other proposals for standardised and informative privacy policies: • multi-layered privacy policies by the Art. 29 Data Protection Working Party • using icons depicting privacy policies PrimeLife/IFIP Summer School 2010
1. Introduction How could privacy icons be used? • In general icons are used to visualise specific statements or properties, e.g., for emergency fire exits or subway stations: PrimeLife/IFIP Summer School 2010
1. Introduction • Icons may allow for a quick comprehensibility for everybody who is not visually impaired and they also offer specific information at a glance • Privacy icons are able to offer at least some valuable information on a first-glance basis for users and point to core issues related with the processing of data in a given case – they are understood as simplified pictures expressing privacy-related statements PrimeLife/IFIP Summer School 2010
2. Related work • statements on how well a situation matches the privacy preference of a user, e.g., Cranor’s Privacy Bird for P3P • statements from privacy policies on planned or performed processing of potential personal data or on guarantees concerning the processing of these data, e.g., proposals from Rundle, Mehldau, Helton and Raskin as well as the evaluative approach in the KnowPrivacy report • statements on how personal data may be used by others, e.g., Bickerstaff strengthens the user’s perspective and proposes “Privacy Commons” analogue to “Creative Commons” or the Privicon approach PrimeLife/IFIP Summer School 2010
2. Related work Potential for improvement of the related work: • the approaches described above have not gained much outreach, yet • privacy icons also cannot replace written policies, they can only be used additional to written policies to depict core elements and to visualise specific problems according data handling to the user Benefits of privacy icons • icons and related information might help to sensibilise users for the policy content and thereby for their own privacy management PrimeLife/IFIP Summer School 2010
3. Approaches to implement privacy icons Privacy icons could have a vast area of usage: • For indicating rights and limitations for own data provided via e-mail • for social networks or blogs • for web sites showing prominently their illustrated privacy policy • for web sites providing machine-readable policies to be interpreted and depicted on the client side • for third-party services commenting others’ privacy policies PrimeLife/IFIP Summer School 2010
3. Approaches to implement privacy icons • during the PrimeLife project different icon sets for depicting purposes and data categories have been developed and tested in the first year • as a result of the research and reviews, a modified icon set has been developed and tested by users in the second year • the usability tests have been performed by Karlstad University in Sweden and by CURE in Austria PrimeLife/IFIP Summer School 2010
3. Approaches to implement privacy icons • on basis of the results of the usability tests and the ongoing internal review icon sets for defined use cases should be developed • one of the core aims of ongoing work on icons will be the development of icon sets with reduced complexity to enable users to easily understand and handle them PrimeLife/IFIP Summer School 2010
3. Approaches to implement privacy icons • to our understanding privacy icons should indicate privacy aspects in a neutral form without an evaluative assessment or prejudice towards specific types of processing • therefore a circular form was chosen, not a triangular one; triangular signs usually have a warning functionality: PrimeLife/IFIP Summer School 2010
3. Approaches to implement privacy icons 3.1 Icons for general use The broad icon set for general use developed during the PrimeLife project includes categories like types of data, purposes and data processing steps. • The development of the icon set is still in progress. • Each icons can be used on its own or combined with other icons. • In the following: excerpt of the developed, tested and well quoted icons PrimeLife/IFIP Summer School 2010
3. Approaches to implement privacy icons • Sensitive data PrimeLife/IFIP Summer School 2010
3. Approaches to implement privacy icons • Data disclosure • Storage PrimeLife/IFIP Summer School 2010
3. Approaches to implement privacy icons 3.2 Icons for an e-commerce scenario An icon set in an e-commerce scenario or other client-server applications dealing with personal data should be able to describe data types that usually play a role in these settings, describe the policy for erasure / retention of data and comprise icons for specific purposes such as shipping or transfer to third parties. PrimeLife/IFIP Summer School 2010
3. Approaches to implement privacy icons • Medical data • Payment data PrimeLife/IFIP Summer School 2010
3. Approaches to implement privacy icons • Personal data • Shipping data PrimeLife/IFIP Summer School 2010
3. Approaches to implement privacy icons • Erasure of data • Legal obligations PrimeLife/IFIP Summer School 2010
3. Approaches to implement privacy icons 3.3 Icons for a social network scenario In social networks additional privacy-related statements are helpful for users, in particular to visualise who will get access to which information or what happens to their data within the social network. • The development of the icon set is still in progress • In the following: excerpt of the developed and tested icons PrimeLife/IFIP Summer School 2010
3. Approaches to implement privacy icons • Recipients: Public PrimeLife/IFIP Summer School 2010
3. Approaches to implement privacy icons • Recipients: Selected individuals or PrimeLife/IFIP Summer School 2010
3. Approaches to implement privacy icons • Recipients: Friends, contacts or PrimeLife/IFIP Summer School 2010
3. Approaches to implement privacy icons • Recipients: Friends of friends PrimeLife/IFIP Summer School 2010
3. Approaches to implement privacy icons • the icons for usage in a social network scenario could also be used in combination with configuring privacy settings, e.g., to directly select individuals that may or must not get access to personal data • in addition, they may work as reminder whenever the user looks at her profile PrimeLife/IFIP Summer School 2010
4. Conclusions and outlook • privacy icons may be an important means to convey relevant information about the processing of personal data to a user and thereby enhance her awareness concerning her privacy • the usability will be improved, among others, by providing information about the icons’ meaning via the mouse-over function and links to the concerning part of the written privacy policy PrimeLife/IFIP Summer School 2010
4. Conclusions and outlook • complexity will be reduced by shrinking the icon sets to only few different icons • special attention will be given to possibilities of combining the icon approach with machine-readable service policies and user preferences • while the singular use of either privacy icons or machine-readable policies have already some advantages, their combination can be even more fruitful PrimeLife/IFIP Summer School 2010
Displaying privacy information with icons Thank you for your attention! Leif-Erik Holtz uld63@datenschutzzentrum.de PrimeLife/IFIP Summer School 2010