Societal Computing Thesis Proposal
- Remote Access - Zoom
- Virtual Presentation - ET
- HANA HABIB
- Ph.D. Candidate
- Ph.D. Program in Societal Computing
- Institute for Software Research, Carnegie Mellon University
Evaluating the Usability of Privacy Choice Mechanisms
Notice and choice has dominated the discourse on consumer privacy protection and is the foundation of existing privacy regulation in the United States. Under this paradigm, companies disclose their data handling practices to consumers, who in turn are expected to make decisions according to their privacy preferences. As such, many companies have incorporated consent notices and other privacy choices into their web interfaces. The notice and choice model presents several challenges for providing effective consumer privacy protection, one of which is related to the usability of privacy choice mechanisms. The design of consent and privacy choice interfaces can significantly affect consumer choices and their privacy outcomes. This thesis will highlight usability issues in interactions required to use privacy choices, as well as provide guidance for conducting usability evaluations of such interactions.
In this thesis, I will first describe a series of studies examining different usability aspects of existing privacy choices. The first two studies present an overview of how privacy choices related to email marketing, targeted advertising, and data deletion are commonly offered to consumers on the web and provide insight into the usability of these implementations. Among other shortcomings, these studies found discoverability issues with existing privacy choices. One potential means of making privacy choices more visible to consumers is through the use of icons. The next study described in this thesis explains the design and evaluation of new icons to effectively communicate the presence of privacy choices. In addition to discoverability issues, privacy choices may not always align well with user needs. The fourth study in this thesis explored this aspect of usability, and evaluated whether existing controls related to targeted advertising on a social networking platform actually address user goals related to their advertising experience on the platform.
My prior work, as well as previous studies from the literature, emphasize the importance of usability testing with regards to privacy choice and consent interfaces. Despite increased regulatory requirements and consumer pressure for privacy choice mechanisms, there is little direction for practitioners on how to systematically evaluate such interfaces. To address this need, I propose to compile comprehensive guidance for conducting such usability evaluations that will address different aspects of usability, such as discoverability and understandability. This guidance will include a breadth of HCI research methods, as well as example metrics for measuring specific usability problems. To demonstrate the application of this guidance and some of the trade-offs associated with each research method, I will conduct usability evaluations of two distinct privacy choice and consent interfaces.
Lorrie Cranor (Chair)
Rebecca Balebako (Google)
Zoom Participation. See announcement.