Towards usable privacy policy display and management

Julio Angulo (Department of Information Systems, Karlstad University, Karlstad, Sweden)
Simone Fischer‐Hübner (Department of Computer Science, Karlstad University, Karlstad, Sweden)
Erik Wästlund (Department of Psychology, Karlstad University, Karlstad, Sweden)
Tobias Pulls (Department of Computer Science, Karlstad University, Karlstad, Sweden)

Information Management & Computer Security

ISSN: 0968-5227

Publication date: 16 March 2012

Abstract

Purpose

The purpose of this paper is to present the approach taken within the PrimeLife project for designing user‐friendly privacy policy interfaces for the PrimeLife Policy Language (PPL) and report on the lessons learned when designing interfaces for privacy policy management and display.

Design/methodology/approach

Taking an iterative process of design, the authors developed the interface of the “Send Data?” prototype, a browser extension designed and developed to deal with the powerful features provided by PPL, and having the purpose of helping users to make conscious decisions on the dissemination of their personal information. The proposed interface introduces the novel features of “on the fly” privacy management, predefined levels of privacy settings, and simplified selection of anonymous credentials. The last iteration of the prototype has been tested using a cognitive walkthrough approach.

Findings

Results from usability tests show that users understood and appreciate most of the features contained within the interface and they perceived their benefit for protecting their privacy online. However, improvement is still needed in order to make the display and management of privacy policies more intuitive and seamless. Showing privacy mismatches inside a two‐dimensional table was preferred by users in general.

Originality/value

The paper introduces the novelty of “on the fly” privacy management, which lets users adapt and organize their own privacy preferences whilst an online transaction takes place, Also, it allows users to select credentials to identify themselves in a simpler manner.

Keywords

Citation

Angulo, J., Fischer‐Hübner, S., Wästlund, E. and Pulls, T. (2012), "Towards usable privacy policy display and management", Information Management & Computer Security, Vol. 20 No. 1, pp. 4-17. https://doi.org/10.1108/09685221211219155

Download as .RIS

Publisher

:

Emerald Group Publishing Limited

Copyright © 2012, Emerald Group Publishing Limited

Please note you might not have access to this content

You may be able to access this content by login via Shibboleth, Open Athens or with your Emerald account.
If you would like to contact us about accessing this content, click the button and fill out the form.
To rent this content from Deepdyve, please click the button.