TY - GEN
T1 - Exploring user perceptions of online privacy disclosures
AU - Marreiros, Helia
AU - Gomer, Richard
AU - Vlassopoulos, Michael
AU - Tonin, Mirco
AU - Schraefel, Monica C.
PY - 2015
Y1 - 2015
N2 - As a result of various industry regulations service providers such as websites and app developers are required to explain the ways in which they process the personal data of service users. These "privacy disclosures", which aim to inform users and empower them to control their privacy, take several forms. Among these forms are the privacy policy, the cookie notice and, on smart phones, the app permission request. The interaction problems with these different types of disclosure are relatively well understood - habituation, inattention and cognitive biases undermine the extent to which user consent is truly informed. User understanding of the actual content of these disclosures, and their feelings toward it, are less well understood, though. In this paper we report on a mixed-methods study that explored these three types of privacy disclosure and compare their relative merits as a starting point for the development of more meaningful consent interactions. We identify four key findings - heterogeneity of user perceptions and attitudes to privacy disclosures, limited ability of users to infer data processing outputs and risks based on technical explanations of particular practices, suggestions of a naïve model of "cost justification" rather cost-benefit analysis by users, and the possibility that consent interactions are valuable in themselves as a means to improve user perceptions of a service.
AB - As a result of various industry regulations service providers such as websites and app developers are required to explain the ways in which they process the personal data of service users. These "privacy disclosures", which aim to inform users and empower them to control their privacy, take several forms. Among these forms are the privacy policy, the cookie notice and, on smart phones, the app permission request. The interaction problems with these different types of disclosure are relatively well understood - habituation, inattention and cognitive biases undermine the extent to which user consent is truly informed. User understanding of the actual content of these disclosures, and their feelings toward it, are less well understood, though. In this paper we report on a mixed-methods study that explored these three types of privacy disclosure and compare their relative merits as a starting point for the development of more meaningful consent interactions. We identify four key findings - heterogeneity of user perceptions and attitudes to privacy disclosures, limited ability of users to infer data processing outputs and risks based on technical explanations of particular practices, suggestions of a naïve model of "cost justification" rather cost-benefit analysis by users, and the possibility that consent interactions are valuable in themselves as a means to improve user perceptions of a service.
KW - Apps
KW - Consent
KW - Cookies
KW - Privacy
UR - http://www.scopus.com/inward/record.url?scp=84958541853&partnerID=8YFLogxK
M3 - Conference contribution
AN - SCOPUS:84958541853
T3 - Proceedings of the 14th International Conference WWW/Internet 2015
SP - 19
EP - 26
BT - Proceedings of the 14th International Conference WWW/Internet 2015
A2 - Isaias, Pedro
A2 - Rodrigues, Luis
PB - IADIS
T2 - 14th International Conference WWW/Internet 2015
Y2 - 24 October 2015 through 26 October 2015
ER -