Abstract
Providers of mobile applications (apps) offer free apps and services but monetise user information and attention, whilst app users have limited control and inadequate understanding over the manner in which apps use their personal data. This study is a first step to taking a user centred approach in the design of app privacy policies to ensure they are easy to understand by non-technical users. To this end we capture the views of 41 users on four different privacy policy representations and analyse them to extract user priorities and needs. We have found that one of the alternative policy representations is liked best by users, and that users focused on data collection and use, neglecting other privacy aspects such as data monetisation and legal issues. As a result of our analysis, we propose a novel interactive representation to enhance the informativeness of privacy policies, especially with respect to data monetisation, whilst facilitating greater user control over personal data privacy. We evaluate our proposal using the cognitive dimensions framework.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Gerlach, J., Widjaja, T., Buxmann, P.: Handle with care: how online social network providers’ privacy policies impact users’ information sharing behavior. J. Strateg. Inf. Syst. 24(1), 33–43 (2015). doi:10.1016/j.jsis.2014.09.001
Jentzsch, N., Preibusch, S., Harasser, A.: Study on monetising privacy: an economic model for pricing personal information. In: ENISA (2012)
Acquisti, A., Taylor, C.R., Wagman, L.: The economics of privacy (2016). doi:10.1257/jel.54.2.442
Taylor, C., Webb, R.: HBR Blog Network (2012). http://blogs.hbr.org/cs/2012/10/a_penny_for_your_privacy.html
Steinke, G.: Data privacy approaches from US and EU perspectives. Telematics Inform. 19(2), 193–200 (2002)
Schaub, F., Balebako, R., Durity, A.L., Cranor, L.F.: A design space for effective privacy notices. In: Eleventh Symposium On Usable Privacy and Security (SOUPS 2015), pp. 1–17 (2015)
Patil, S., Schlegel, R., Kapadia, A., Lee, A.J.: Reflection or action? How feedback and control. In: CHI (2014). doi:10.1145/2556288.2557121
Wesson, J.L., Akash, S., van Tonder, B.: Can Adaptive Interfaces Improve the Usability of Mobile Applications? Brisbane (2010). doi:10.1007/978-3-642-15231-3_19
Sharp, H., Rogers, Y., Preece, J.: Interaction Design: Beyond Human-Computer Interaction, 2nd edn. Wiley, West Sussex (2006)
P3P. Platform for privacy preferences (2007). https://www.w3.org/P3P/
Langheinrich, M.: Privacy by design — principles of privacy-aware ubiquitous systems. In: Abowd, Gregory D., Brumitt, B., Shafer, S. (eds.) UbiComp 2001. LNCS, vol. 2201, pp. 273–291. Springer, Heidelberg (2001). doi:10.1007/3-540-45427-6_23
Cranor, L., Kelley, P.G., Cesca, L., Bresee, J.: Standardizing privacy notices: an online study of the nutrition label approach. In: Human Factors in Computing Systems: Proceedings of the SIGCHI Conference, pp. 1573–1582 (2010). doi:10.1145/1753326.1753561
Earp, J.B., Vail, M., Anton, A.I.: Privacy policy representation in web-based healthcare. In: 40th Annual Hawaii International Conference, p. 138 (2007). doi:10.1109/HICSS.2007.445
Norberg, P.A., Horne, D.R.: Privacy attitudes and privacy-related behavior. Psychol. Market. 24(10), 829–847 (2007)
Li, T., Unger, T.: Willing to pay for quality personalization? Trade-off between quality and privacy. Eur. J. Inf. Syst. 21(6), 621–642 (2012). doi:10.1057/ejis.2012.13
Bélanger, F., Crossler, R.E.: Privacy in the digital age: a review of information privacy research in information systems. MIS Q. 35(4), 1017–1042 (2011)
Dinev, T.: Why would we care about privacy? EJIS 23(2), 97–102 (2014). doi:10.1057/ejis.2014.1
Green, G., Petre, M.: Usability analysis of visual programming environments: a ‘cognitive dimensions’ framework. J. Visual Lang. Comput. 7(2), 131–174 (1996). doi:10.1006/jvlc.1996.0009
Wu, J.J., Chen, Y.H., Chung, Y.S.: Trust factors influencing virtual community members: a study of transaction communities. J. Bus. Res. 63(9), 1025–1032 (2010). doi:10.1016/j.jbusres.2009.03.022
McDonald, A.M., Cranor, L.F.: The cost of reading privacy policies. J. Law Policy Inf. Soc. (ISJLP) 4, 543 (2008)
Lin, J., et al.: Expectation and purpose: understanding users’ mental models of mobile app privacy through crowdsourcing (2012). doi:10.1145/2370216.2370290
Qualtrics. Qualtrics.com (2017). https://www.qualtrics.com/
Brandimarte, L., Acquisti, A., Loewenstein, G.: Misplaced confidences privacy and the control paradox. Soc. Psychol. Pers. Sci. 4(3), 340–347 (2013)
Clarke, S., Becker, C.: Using the cognitive dimensions framework to evaluate the usability of a class library (2003)
Nielsen, J.: (1995). www.nngroup.com, https://www.nngroup.com/articles/ten-usability-heuristics/
Mehandjiev, N., Namoune, A., Wajid, U., Macaulay, L., Sutcliffe, A.: End user service composition: perceptions and requirements. In: Eighth IEEE European Conference on Web Services, pp. 139–146 (2010)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Appendix
Appendix
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Kununka, S., Mehandjiev, N., Sampaio, P., Vassilopoulou, K. (2017). End User Comprehension of Privacy Policy Representations. In: Barbosa, S., Markopoulos, P., Paternò, F., Stumpf, S., Valtolina, S. (eds) End-User Development. IS-EUD 2017. Lecture Notes in Computer Science(), vol 10303. Springer, Cham. https://doi.org/10.1007/978-3-319-58735-6_10
Download citation
DOI: https://doi.org/10.1007/978-3-319-58735-6_10
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-58734-9
Online ISBN: 978-3-319-58735-6
eBook Packages: Computer ScienceComputer Science (R0)