Generating User-Understandable Privacy Preferences

Making use of the World Wide Web's numerous services increasingly requires the disclosure of personal user data. While these data represent an important value for service providers, users are increasingly concerned about growing privacy threats, as more and more of their personal and private information is released to a rising number of parties. Privacy-enhancing technologies, like the P3P specification, assist users in protecting their privacy. P3P provides means to express a machine-readable P3P privacy policy of a Web site and allows the interpretation of a dedicated P3P user agent that recommends a certain disclosure behavior. The agent's recommendation, however, is based on the quality of pre-defined privacy preferences of the user. Accordingly, the creation of these disclosure rules requires tools that accurately record individual privacy preferences in an understandable way. This paper introduces a novel, user-friendly privacy preference generator that allows the definition of privacy preferences for twelve different Internet service types, allowing for more precise and practical user preferences. Addressing the needs of users with different levels of experience, we present a multi-level user interface. Our solution includes a user-friendly P3P-based wizard as well as a clear and understandable configuration summary. The resulting privacy preferences of this tool will allow moreaccurate recommendations of future privacy agents.

[1]  Alfred Kobsa,et al.  The Adaptive Web, Methods and Strategies of Web Personalization , 2007, The Adaptive Web.

[2]  Mark S. Ackerman,et al.  Beyond Concern: Understanding Net Users' Attitudes About Online Privacy , 1999, ArXiv.

[3]  Jenifer Tidwell Designing Interfaces , 2005 .

[4]  Tom Jackson,et al.  A Fully Compliant Research Implementation of the P3P Standard for Privacy Protection: Experiences and Recommendations , 2002, ESORICS.

[5]  Lorrie Faith Cranor,et al.  User interfaces for privacy agents , 2006, TCHI.

[6]  Irene Pollach,et al.  What's wrong with online privacy policies? , 2007, CACM.

[7]  Shuk Ying Ho,et al.  Web personalization: Is it effective? , 2003 .

[8]  Lorrie Faith Cranor,et al.  Use of a P3P user agent by early adopters , 2002, WPES '02.

[9]  Lorrie Faith Cranor,et al.  The platform for privacy preferences , 1999, CACM.

[10]  Alfred C. Weaver,et al.  Social Networking , 2008, Computer.

[11]  Oliver Günther,et al.  Privacy in e-commerce: stated preferences vs. actual behavior , 2005, CACM.

[12]  S. Searby,et al.  Personalisation — An Overview of its Use and Potential , 2003 .

[13]  Horst Treiblmaier Beziehungsmarketing aus Kundensicht , 2007, Wirtsch..

[14]  Alfred Kobsa,et al.  Privacy-Enhanced Web Personalization , 2007, The Adaptive Web.

[15]  Simone Fischer Hübner,et al.  Evaluation of early prototypes (D[6-12].1.a) : Public EU6FP IST deliverable , 2004 .

[16]  Colin Potts,et al.  Privacy practices of Internet users: Self-reports versus observed behavior , 2005, Int. J. Hum. Comput. Stud..

[17]  Andrew S. Patrick,et al.  From Privacy Legislation to Interface Design: Implementing Information Privacy in Human-Computer Interactions , 2003, Privacy Enhancing Technologies.