et al. SOUPS 2010. Of Passwords and People: Measuring the Eﬀect of Password-Composition Policies. Komanduri et al. CHI 2011. Guess again (and again and again): Measuring password strength by simulating password- cracking algorithms. Kelley et al. OAKLAND 2012. CHI 2011 HONORABLE MENTION 3
et al. UBICOMP 2010. Location-Sharing Technologies: Privacy Risks and Controls. Tsai et al. I/ S 2010. Who’s Viewed You? The Impact of Feedback in a Mobile-location System. Tsai et al. CHI 2009. Capturing Social Networking Privacy Preferences... Ravichandran, et al. PETS 2009. 4
1998 14 In light of the Commission's findings and significant consumer concerns regarding privacy online, it is evident that substantially greater incentives are needed to spur self- regulation and ensure widespread implementation of basic privacy principles. “ ”
• Context matters • Not enough to know only type of data collected and how data is used • Need to know which data are used for what purposes as companies use some data for some purposes and other data for other purposes • Privacy policies are complex • People don’t understand privacy implications
each • explored attitudes towards privacy policies • tested understanding of labels and symbols Patrick Gage Kelley, Joanna Bresee, Lorrie Faith Cranor, and Robert W. Reeder. A "Nutrition Label" for Privacy. SOUPS 2009.
your information Provide service and maintain site Research and development Marketing Telemarketing Profiling not linked to you Profiling linked to you Other companies Public forums Contact information Content Cookies Demographic information Social security no. and gov't ID Preferences Purchase and financial data Web browsing information Unique identifiers Understanding this privacy report Data is collected and used in this way. Your data will not be used in this way unless you opt-in. You can opt-out of this data use. You can opt-in or opt-out of some uses of this data.
information financial information health information preferences purchasing information social security number & govt ID your activity on this site your location how we use your information provide service & maintain site research & development marketing telemarketing profiling who we share your information with other companies public forums
to compare label and text policies • 8 tasks, measured time and accuracy • 6 opinion questions Iterative design approach 5 focus groups • 7-11 participants each • explored attitudes towards privacy policies • tested understanding of labels and symbols Patrick Gage Kelley, Joanna Bresee, Lorrie Faith Cranor, and Robert W. Reeder. A "Nutrition Label" for Privacy. SOUPS 2009.
design • Measured time, accuracy, and enjoyability on information ﬁnding and comparison tasks • Average time to complete ~15 minutes User testing Standardizing Privacy Notices: An Online Study of the Nutrition Label Approach. Patrick Gage Kelley, Lucian Cesca, Joanna Bresee, and Lorrie Faith Cranor. CHI 2010.
Policy Text Layered Text Percentage correct Overall accuracy results ANOVA signiﬁcant at p < 0.05, F(4; 1094) = 73.75 std label vs. full text, p < 0.05, t(510) = 14:4, std. short label vs. full text p < 0.05, t(490) = 12.9, std. short text vs. full text p < 0.05, t(491) = 14.3 layered vs. full text policy p = 0.83, t(314) = -0.21
Policy Text Layered Text Timing results ANOVA on the log-normalized time information p < 0.0001 Standardized all took less time sig. p < 0.05, layered at p = 0.025 std. label, t(348) = 5.36, std. short label t(327) = 6.01, std. short text t(329) = 4.55, layered t(238) = 2.25
of policy Short table takes up less space but sometimes makes comparison tasks and tasks about data not collected more diﬃcult Text doesn’t scale well for complex policies, people more likely to miss text in the middle of paragraphs 57
read and understand likened them to Japanese Stereo Instructions The standardized-format were more complimentary: This layout for privacy policies is MUCH more consumer friendly. I hope this becomes the industry standard 62 “ “ ” ” “ ”
will not apply in situations where (a) you either have made, simultaneously make, or later make a speciﬁc request for information from a member of The Bell Group, (b) The Bell Group uses your personal information for either “Operational Uses” or “Fulﬁllment Uses” (as described above in A3), (c) you either have engaged, simultaneously engage, or later engage in either Non-Registered Transactions or Sponsored Activities (as described above in A3), or (d) The Bell Group shares your personal information under the provisions of A3 above with respect to “Companies That Facilitate Communications and Transactions With You,” “Companies That You Previously Authorized to Obtain Your Information,” “Purchase or Sale of Businesses,” or “Disclosures to Comply with Laws and Disclosures to Help Protect the Security and Safety of Our Web Sites, The Bell Group and Others.” Also, any opt-out choices you make will not apply to personal information that you provide about other persons, but these other persons will have the
potential applications for their device. 1. Do I believe this application will compromise the security and function of my phone if I install it? 2.Do I trust this developer and their partners with access to my personal information? 70
and Seattle Semi-structured interview methodology focused on ecosystem wide issues: - What do they think of Android generally? - Why and how do they select apps to install/purchase? - Do they read and understand permissions screens? - Are they concerned about malicious applications? - Are tools/info needed to help with app privacy/security?
- The reviews and star-ratings, word of mouth from friends, and those who don’t see anything sketchy on the permissions list - Nearly all participants don’t buy apps, so since it is free, they try it, and later delete it Do they read and understand permissions screens? - Many said they try, most don’t believe they understand the terms used, and haven’t tried to learn them - They trust the reviews more - They don’t understand why the apps need such access 76
Android is protecting them with app review for usability, bugs, viruses - Are concerned in general about technology, most refused to do banking on their phones Are tools/info needed to help with app privacy/security? - Most said they would be interested in better app reviews, or an app that checks their phone, a few had tried similar tools, installed anti-virus software 77
access to all kinds of websites, even the protected ones.” –P1 I would say, this just requires a data plan, and you would need to have Internet access.” –P6 Any app that needs to get information from somewhere other than that is local on the phone.” –P7 “ “ “
assume it would probably be along the lines of, it knows when my phone is sleeping or in use or in a phone call, and the type of phone” –P2 So it knows whether or not I am in the middle of a call? I don’t really know what that part [identity] means.” –P13 If you are on the phone maybe it shuts itself oﬀ... Maybe like your carrier? Hopefully not like who you are.” –P19 “ “ “
don’t like, I don’t know what it means, ... my impression is that instead of me being able to authorize something, that application is saying it can.” –P3 That freaks me out. What does that mean exactly, cause I am not quite sure.” –P12 I don’t know, I guess it is in charge of whatever accounts you open up.” –P18 “ “ “
Sunny Consolvo Patrick Gage Kelley @patrickgage email@example.com patrickgagekelley.com Privacy nutrition labels Joanna Bresee, Aleecia McDonald, Rob Reeder, Sungjoon Steve Won Android app permissions Jaeyeon Jung, David Wetherall, Tim Vidas Location sharing Michael Benisch, Janice Tsai, Eran Toch, Paul Hankes Drielsma, Jialiu Lin, Jason Hong Passwords Michelle Mazurek, Saranga Komanduri, Rich Shay, Blase Ur, Lujo Bauer Twitter/Facebook Manya Sleeper, Justin Cranshaw, Yang Wang, Yael Mayer, Robin Brewer New Media Arts Golan Levin, Danny Rashid, Matthew Kay, Polo Chau, Sue Ann Hong