Privacy at a Glance: The User-Centric Design of Glanceable Data Exposure Visualizations

AbstractSmartphone users are often unaware of mobile applications’ (“apps”) third-party data collection and sharing practices, which put them at higher risk of privacy breaches. One way to raise awareness of these practices is by providing unobtrusive but pervasive visualizations that can be presented in a glanceable manner. In this paper, we applied Wogalter et al.’s Communication-Human Information Processing model (C-HIP) to design and prototype eight different visualizations that depict smartphone apps’ data sharing activities. We varied the granularity and type (i.e., data-centric or app-centric) of information shown to users and used the screensaver/lock screen as a design probe. Through interview-based design probes with Android users (n=15), we investigated the aspects of the data exposure visualizations that influenced users’ comprehension and privacy awareness. Our results shed light on how users’ perceptions of privacy boundaries influence their preference regarding the information structure of these visualizations, and the tensions that exist in these visualizations between glanceability and granularity. We discuss how a pervasive, soft paternalistic approach to privacy-related visualization may raise awareness by enhancing the transparency of information flow, thereby, unobtrusively increasing users’ understanding of data sharing practices of mobile apps. We also discuss implications for privacy research and glanceable security.

Download Full-text

Assessment and Prediction of Privacy Concerns on Health Apps (Preprint)

10.2196/preprints.20409 ◽

2020 ◽

Author(s):

Reham AlTamime ◽

Vincent Marmion ◽

Wendy Hall

Keyword(s):

Data Sharing ◽

Mobile Applications ◽

Retention Rate ◽

Mobile Apps ◽

Third Party ◽

Privacy Concerns ◽

Health Apps ◽

Mobile Health Apps ◽

Specific Factors ◽

And Control

BACKGROUND Mobile apps and IoT-enabled smartphones technologies facilitate collecting, sharing, and inferring from a vast amount of data about individuals’ location, health conditions, mobility status, and other factors. The use of such technology highlights the importance of understanding individuals’ privacy concerns to design applications that integrate their privacy expectations and requirements. OBJECTIVE This paper explores, assesses, and predicts individuals’ privacy concerns in relation to collecting and disclosing data on mobile health apps. METHODS We designed a questionnaire to identify participants’ privacy concerns pertaining to a set of 432 mobile apps’ data collection and sharing scenarios. Participants were presented with 27 scenarios that varied across three categorical factors: (1) type of data collected (e.g. health, demographic, behavioral, and location); (2) data sharing (e.g., whether it is shared, and for what purpose); and, (3) retention rate (e.g., forever, until the purpose is satisfied, unspecified, week, or year). RESULTS Our findings show that type of data, data sharing, and retention rate are all factors that affect individuals’ privacy concerns. However, specific factors such as collecting and disclosing health data to a third-party tracker play a larger role than other factors in triggering privacy concerns. CONCLUSIONS Our findings suggest that it is possible to predict privacy concerns based on these three factors. We propose design approaches that can improve users’ awareness and control of their data on mobile applications

Download Full-text

Losing Control to Data-Hungry Apps: A Mixed-Methods Approach to Mobile App Privacy

Social Science Computer Review ◽

10.1177/0894439318777706 ◽

2018 ◽

Vol 37 (4) ◽

pp. 466-488 ◽

Cited By ~ 8

Author(s):

Petter Bae Brandtzaeg ◽

Antoine Pultier ◽

Gro Mette Moen

Keyword(s):

Mixed Methods ◽

Data Sharing ◽

Mobile Apps ◽

Personal Data ◽

The United States ◽

Mobile App ◽

Third Party ◽

User Survey ◽

Privacy Policies ◽

Mixed Methods Approach

Personal data from mobile apps are increasingly impacting users’ lives and privacy perceptions. However, there is a scarcity of research addressing the combination of (1) individual perceptions of mobile app privacy, (2) actual dataflows in apps, and (3) how such perceptions and dataflows relate to actual privacy policies and terms of use in mobile apps. To address these limitations, we conducted an innovative mixed-methods study including a representative user survey in Norway, an analysis of personal dataflows in apps, and content analysis of privacy policies of 21 popular, free Android mobile apps. Our findings show that more than half the respondents in the user survey repeatedly had refrained from downloading or using apps to avoid sharing personal data. Our analysis of dataflows applied a novel methodology measuring activity in the apps over time (48 hr). The investigation showed that 19 of the 21 apps investigated transmitted personal data to a total of approximately 600 different primary and third-party domains. From an European perspective, it is particularly noteworthy that most of these domains were associated with tech companies in the United States, where privacy laws are less strict than companies operating from Europe. The investigation further revealed that some apps by default track and share user data continuously, even when the app is not in use. For some of these, the terms of use provided with the apps did not inform the users about the actual tracking practice. A comparison of terms of use as provided in the studied apps with actual person dataflows as identified in the analysis disclosed that three of the apps shared data in violation with their provided terms of use. A possible solution for the mobile app industry, to strengthen user trust, is privacy by design through opt-in data sharing with the service and third parties and more granular information on personal data sharing practices. Also, based on the findings from this study, we suggest specific visualizations to enhance transparency of personal dataflows in mobile apps. A methodological contribution is that a mixed-methods approach strengthens our understanding of the complexity of privacy issues in mobile apps.

Download Full-text

Abstract P201: Evaluating Data Sharing And Privacy Policies Of Diabetes Mobile Apps: Where Is The Data Going?

Hypertension ◽

10.1161/hyp.76.suppl_1.p201 ◽

2020 ◽

Vol 76 (Suppl_1) ◽

Author(s):

Khaled Abdelrahman ◽

Josh Bilello ◽

Megna Panchbhavi ◽

Mohammed S Abdullah

Keyword(s):

Data Sharing ◽

Mobile Applications ◽

Mobile Apps ◽

Third Party ◽

Privacy Policies ◽

Privacy Concerns ◽

App Store ◽

User Data ◽

Do So

Introduction: Diabetes mobile applications (apps) that help patients monitor disease have led to privacy concerns. We aimed to assess privacy policies for diabetes mobile applications with a focus on data transmission to outside parties. Methods: The App Store was used to gather apps pertaining to diabetes by searching “diabetes” and “blood sugar”. Two readers evaluated privacy policies (PP) including data sharing and storing techniques for mention of 27 predetermined criteria. All network traffic generated while loading and using the app was intercepted by a man-in-the-middle attack to listen to data delivered between the sender and receiver of data transmissions. A packet analyzer determined contents of transmission, where data was sent, and if transmission contained user data. Results: Of 35 apps evaluated, 29 (83%) had PP. The most frequent transmission destinations were Google (n=130 transmissions), Kamai Technologies (n=53), Facebook (n=38) and Amazon (n=33). 35 of 35 apps (100%) were transmitting data to a third party. 2 of 2 (100%) of those who had a privacy policy without mention of a third party transmitted data to a third party. 8 of 8 (100%) apps who mentioned they would not transmit to a third party were found to do so. 19 of 19 (100%) apps who mentioned they would transmit data to a third party were found to do so. All apps (n=6) without a privacy policy were found to be transmitting data to a third party. Conclusion: Most diabetes apps on the App store have accessible PP. All apps evaluated transmitted data to a third party, even when the policy stated this would not occur. As mobile applications are increasingly utilized by patients, it is important to warn of privacy implications.

Download Full-text

Evaluation of Safety Label Design

Proceedings of the Human Factors and Ergonomics Society Annual Meeting ◽

10.1177/1541931213601376 ◽

2016 ◽

Vol 60 (1) ◽

pp. 1632-1636

Author(s):

Mila Sugovic ◽

Ismail Nooraddini ◽

Bohdana Sherehiy

Keyword(s):

Information Processing ◽

Focus Group ◽

Human Information Processing ◽

Cognitive Interviewing ◽

Cognitive Interviews ◽

Warning Label ◽

Information Processing Model ◽

Safety Communication ◽

Model C ◽

Testing And Evaluation

The testing and evaluation of newly designed warnings or safety communications is of utmost importance so that consumers understand the hazards and act accordingly. This paper presents the theoretical model underlying the cognitive interviewing methodology and discusses the applicability of this method for evaluation of warning labels and safety communication. Cognitive Interviewing methodology provides the framework and methodology to systematically test and evaluate effectiveness of warning information processing at each of the stages described by the Communication-Human Information Processing Model (C-HIP). The paper concludes with a comparison of cognitive interviewing and focus group methodology in the evaluation of a warning label. The responses of ten participants in each of the two groups were analyzed to determine which method produced more useful data for safety label evaluation and redesign. The cognitive interviews yielded more detailed, relevant, and useful data than the focus group.

Download Full-text

Children’s Group Biases In Third-Party Punishment Are Guided By Norms-Focused Behaviors

10.31234/osf.io/pxyw4 ◽

2020 ◽

Author(s):

Maria Luz Gonzalez-Gadea ◽

Antonella Dominguez ◽

Agustin Petroni

Keyword(s):

Developmental Trajectories ◽

Third Party ◽

Controlled Processes ◽

Group Members ◽

Shed Light

Children tend to punish norm transgressions, even when they are mere external observers—a phenomenon known as third-party punishment. This behavior is influenced by group biases, as children unevenly punish in-group and out-group members.Two opposing hypotheses have been proposed to explain group biases during third-party punishment: the Norms-Focused Hypothesis predicts that individuals punish more harshly selfishness by in-group than by out-group members; contrarily, the Mere Preferences Hypothesis predicts that people are more lenient to selfishness by in-group than by out-group members. Here, we tested these hypotheses in children between six and 11 years of age (N=124) and explored the mechanisms underlying group biases during the development of third-party punishment. Our results supported the Norms-Focused Hypothesis: children preferentially punished unfair sharing from in-group members evidencing in-group policing bias, and they were also more willing to punish selfishness directed at in-group members than out-group members, showing in-group favoritism bias. We observed different developmental trajectories and mechanisms associated with these biases: while in-group policing remained stable over childhood as automatic as well as more effortful and controlled processes, in-group favoritism increases with age and was manifested only in the context of more controlled processes. These results shed light on the mechanisms underlying the development of third-party decisions and could be used to plan strategies and interventions to manipulate group biases in children.

Download Full-text

A New User-controlled and Efficient Encrypted Data Sharing Model in Cloud Storage

Recent Patents on Engineering ◽

10.2174/1872212113666190215143537 ◽

2019 ◽

Vol 13 (4) ◽

pp. 356-363

Author(s):

Yuezhong Wu ◽

Wei Chen ◽

Shuhong Chen ◽

Guojun Wang ◽

Changyun Li

Keyword(s):

Data Sharing ◽

Data Security ◽

Cloud Storage ◽

Screening Program ◽

Original Data ◽

Third Party ◽

Active System ◽

Encrypted Data ◽

Active User ◽

User Data

Background: Cloud storage is generally used to provide on-demand services with sufficient scalability in an efficient network environment, and various encryption algorithms are typically applied to protect the data in the cloud. However, it is non-trivial to obtain the original data after encryption and efficient methods are needed to access the original data. Methods: In this paper, we propose a new user-controlled and efficient encrypted data sharing model in cloud storage. It preprocesses user data to ensure the confidentiality and integrity based on triple encryption scheme of CP-ABE ciphertext access control mechanism and integrity verification. Moreover, it adopts secondary screening program to achieve efficient ciphertext retrieval by using distributed Lucene technology and fine-grained decision tree. In this way, when a trustworthy third party is introduced, the security and reliability of data sharing can be guaranteed. To provide data security and efficient retrieval, we also combine active user with active system. Results: Experimental results show that the proposed model can ensure data security in cloud storage services platform as well as enhance the operational performance of data sharing. Conclusion: The proposed security sharing mechanism works well in an actual cloud storage environment.

Download Full-text

Brokering Peace in Nuclear Environments

10.11126/stanford/9781503604858.001.0001 ◽

2018 ◽

Cited By ~ 2

Author(s):

Moeed Yusuf

Keyword(s):

Cold War ◽

Third Party ◽

Bargaining Theory ◽

The Third ◽

China And India ◽

International Setting ◽

Multiple Audiences ◽

Crisis Behavior ◽

The Cold War ◽

Shed Light

This book is the first to theorize third party mediation in crises between regional nuclear powers. Its relevance flows from two of the most significant international developments since the end of the Cold War: the emergence of regional nuclear rivalries; and the shift from the Cold War’s bipolar context to today’s unipolar international setting. Moving away from the traditional bilateral deterrence models, the book conceptualizes crisis behavior as “brokered bargaining”: a three-way bargaining framework where the regional rivals and the ‘third party’ seek to influence each other to behave in line with their crisis objectives and in so doing, affect each other’s crisis behavior. The book tests brokered bargaining theory by examining U.S.-led crisis management in South Asia, analyzing three major crises between India and Pakistan: the Kargil conflict, 1999; the 2001-02 nuclear standoff; and the Mumbai crisis, 2008. The case studies find strong evidence of behavior predicted by the brokered bargaining framework. They also shed light on several risks of misperceptions and inadvertence due to the challenges inherent in signaling to multiple audiences simultaneously. Traditional explanations rooted in bilateral deterrence models do not account for these, leaving a void with serious practical consequences, which the introduction of brokered bargaining seeks to fill. The book’s findings also offer lessons for crises on the Korean peninsula, between China and India, and between potential nuclear rivals in the Middle East.

Download Full-text

Reputation and Gossip in Game Theory

The Oxford Handbook of Gossip and Reputation ◽

10.1093/oxfordhb/9780190494087.013.12 ◽

2019 ◽

pp. 213-229

Author(s):

Charles Roddie

Keyword(s):

Game Theory ◽

Strategic Behavior ◽

Third Party ◽

The Past ◽

Past Behavior ◽

Future Behavior ◽

The Game Theory ◽

Shed Light

When interacting with others, it is often important for you to know what they have done in similar situations in the past: to know their reputation. One reason is that their past behavior may be a guide to their future behavior. A second reason is that their past behavior may have qualified them for reward and cooperation, or for punishment and revenge. The fact that you respond positively or negatively to the reputation of others then generates incentives for them to maintain good reputations. This article surveys the game theory literature which analyses the mechanisms and incentives involved in reputation. It also discusses how experiments have shed light on strategic behavior involved in maintaining reputations, and the adequacy of unreliable and third party information (gossip) for maintaining incentives for cooperation.

Download Full-text

Examination of Driver Visual and Cognitive Responses to Billboard Elicited Passive Distraction Using Eye-Fixation Related Potential

Sensors ◽

10.3390/s21041471 ◽

2021 ◽

Vol 21 (4) ◽

pp. 1471

Author(s):

Yongxiang Wang ◽

William Clifford ◽

Charles Markham ◽

Catherine Deegan

Keyword(s):

Visual Information ◽

Driving Simulator ◽

Tracking System ◽

Eye Gaze ◽

Driver Distraction ◽

Experimental Results ◽

Human Information Processing ◽

Cognitive Responses ◽

Information Processing Model ◽

Eye Fixation

Distractions external to a vehicle contribute to visual attention diversion that may cause traffic accidents. As a low-cost and efficient advertising solution, billboards are widely installed on side of the road, especially the motorway. However, the effect of billboards on driver distraction, eye gaze, and cognition has not been fully investigated. This study utilises a customised driving simulator and synchronised electroencephalography (EEG) and eye tracking system to investigate the cognitive processes relating to the processing of driver visual information. A distinction is made between eye gaze fixations relating to stimuli that assist driving and others that may be a source of distraction. The study compares the driver’s cognitive responses to fixations on billboards with fixations on the vehicle dashboard. The measured eye-fixation related potential (EFRP) shows that the P1 components are similar; however, the subsequent N1 and P2 components differ. In addition, an EEG motor response is observed when the driver makes an adjustment of driving speed when prompted by speed limit signs. The experimental results demonstrate that the proposed measurement system is a valid tool in assessing driver cognition and suggests the cognitive level of engagement to the billboard is likely to be a precursor to driver distraction. The experimental results are compared with the human information processing model found in the literature.

Download Full-text

Third-party libraries in mobile apps

Empirical Software Engineering ◽

10.1007/s10664-019-09754-1 ◽

2019 ◽

Vol 25 (3) ◽

pp. 2341-2377 ◽

Cited By ~ 2

Author(s):

Pasquale Salza ◽

Fabio Palomba ◽

Dario Di Nucci ◽

Andrea De Lucia ◽

Filomena Ferrucci

Keyword(s):

Mobile Apps ◽

Third Party

Download Full-text