Presentation is loading. Please wait.

Presentation is loading. Please wait.

Displaying privacy information with icons Leif-Erik Holtz Marit Hansen PrimeLife / IFIP Summer School 2010 Helsingborg, August 6th, 2010.

Published by Modified over 10 years ago

Similar presentations

Presentation on theme: "Displaying privacy information with icons Leif-Erik Holtz Marit Hansen PrimeLife / IFIP Summer School 2010 Helsingborg, August 6th, 2010."— Presentation transcript:

1 Displaying privacy information with icons Leif-Erik Holtz Marit Hansen PrimeLife / IFIP Summer School 2010 Helsingborg, August 6th, 2010

2 www.datenschutzzentrum.de PrimeLife/IFIP Summer School 2010 2 Content 1.Introduction 2.Related work 3.Approaches to implement privacy icons 1.Icons for general usage 2.Icons for an e-commerce scenario 3.Icons for a social network scenario 4.Conclusions and outlook

3 www.datenschutzzentrum.de PrimeLife/IFIP Summer School 2010 3 1. Introduction Every person has an individual view on her privacy, what to protect and what information to share with others. Which factors are important for this individual view? Cultural background Social background Legal background

4 www.datenschutzzentrum.de PrimeLife/IFIP Summer School 2010 4 1. Introduction The cultural background is important for the individual view:  people in Asia for example might have a different understanding of privacy than people in Europe or people in Africa  privacy also might have another importance in Japan than in China  the individual view on privacy will also be influenced by the degree of individual freedom

5 www.datenschutzzentrum.de PrimeLife/IFIP Summer School 2010 5 1. Introduction The social background is important for the individual view, too:  especially young people use all options of modern communication like social networking sites and consequently often have a different view on privacy than older people  people with a higher degree of education might have a different view on privacy than people with a lower degree of education

6 www.datenschutzzentrum.de PrimeLife/IFIP Summer School 2010 6 1. Introduction The legal background is important, too:  European data protection law requires clarity and transparency on the data processing and possible consequences for the individual  US-American law is different and less concrete, law in Japan or China for example is different, too People are inter alia influenced by the law of their country

7 www.datenschutzzentrum.de PrimeLife/IFIP Summer School 2010 7 1. Introduction One of the core elements of European data protection legislation is that data must only be handled if the data controller has a legal basis or if the person concerned gave her (informed) consent (see Art. 7 of Directive 95/46 EC)  data handling parties therefore have to provide the information necessary for the person concerned  how can this be achieved? – usage of privacy policies  problem: even if the information necessary to provide perfect transparency is provided by the data controller most users refrain from studying it

8 www.datenschutzzentrum.de PrimeLife/IFIP Summer School 2010 8 1. Introduction As a solution, machine-readable privacy policies that could be interpreted by the user’s machine according to her preferences were proposed:  P3P (Platform for Privacy Preferences by the World Wide Web Consortium) Other proposals for standardised and informative privacy policies:  multi-layered privacy policies by the Art. 29 Data Protection Working Party  using icons depicting privacy policies

9 www.datenschutzzentrum.de PrimeLife/IFIP Summer School 2010 9 1. Introduction How could privacy icons be used? In general icons are used to visualise specific statements or properties, e.g., for emergency fire exits or subway stations:

10 www.datenschutzzentrum.de PrimeLife/IFIP Summer School 2010 10 1. Introduction Icons may allow for a quick comprehensibility for everybody who is not visually impaired and they also offer specific information at a glance Privacy icons are able to offer at least some valuable information on a first-glance basis for users and point to core issues related with the processing of data in a given case – they are understood as simplified pictures expressing privacy-related statements

11 www.datenschutzzentrum.de PrimeLife/IFIP Summer School 2010 11 2. Related work statements on how well a situation matches the privacy preference of a user, e.g., Cranor’s Privacy Bird for P3P statements from privacy policies on planned or performed processing of potential personal data or on guarantees concerning the processing of these data, e.g., proposals from Rundle, Mehldau, Helton and Raskin as well as the evaluative approach in the KnowPrivacy report statements on how personal data may be used by others, e.g., Bickerstaff strengthens the user’s perspective and proposes “Privacy Commons” analogue to “Creative Commons” or the Privicon approach

12 www.datenschutzzentrum.de PrimeLife/IFIP Summer School 2010 12 2. Related work Potential for improvement of the related work: the approaches described above have not gained much outreach, yet privacy icons also cannot replace written policies, they can only be used additional to written policies to depict core elements and to visualise specific problems according data handling to the user Benefits of privacy icons icons and related information might help to sensibilise users for the policy content and thereby for their own privacy management

13 www.datenschutzzentrum.de PrimeLife/IFIP Summer School 2010 13 3. Approaches to implement privacy icons Privacy icons could have a vast area of usage: For indicating rights and limitations for own data provided via e-mail for social networks or blogs for web sites showing prominently their illustrated privacy policy for web sites providing machine-readable policies to be interpreted and depicted on the client side for third-party services commenting others’ privacy policies

14 www.datenschutzzentrum.de PrimeLife/IFIP Summer School 2010 14 3. Approaches to implement privacy icons during the PrimeLife project different icon sets for depicting purposes and data categories have been developed and tested in the first year as a result of the research and reviews, a modified icon set has been developed and tested by users in the second year the usability tests have been performed by Karlstad University in Sweden and by CURE in Austria

15 www.datenschutzzentrum.de PrimeLife/IFIP Summer School 2010 15 3. Approaches to implement privacy icons on basis of the results of the usability tests and the ongoing internal review icon sets for defined use cases should be developed one of the core aims of ongoing work on icons will be the development of icon sets with reduced complexity to enable users to easily understand and handle them

16 www.datenschutzzentrum.de PrimeLife/IFIP Summer School 2010 16 3. Approaches to implement privacy icons to our understanding privacy icons should indicate privacy aspects in a neutral form without an evaluative assessment or prejudice towards specific types of processing therefore a circular form was chosen, not a triangular one; triangular signs usually have a warning functionality:

17 www.datenschutzzentrum.de PrimeLife/IFIP Summer School 2010 17 3. Approaches to implement privacy icons 3.1 Icons for general use The broad icon set for general use developed during the PrimeLife project includes categories like types of data, purposes and data processing steps.  The development of the icon set is still in progress.  Each icons can be used on its own or combined with other icons.  In the following: excerpt of the developed, tested and well quoted icons

18 www.datenschutzzentrum.de PrimeLife/IFIP Summer School 2010 18 3. Approaches to implement privacy icons Sensitive data

19 www.datenschutzzentrum.de PrimeLife/IFIP Summer School 2010 19 3. Approaches to implement privacy icons Data disclosure Storage

20 www.datenschutzzentrum.de PrimeLife/IFIP Summer School 2010 20 3. Approaches to implement privacy icons 3.2 Icons for an e-commerce scenario An icon set in an e-commerce scenario or other client- server applications dealing with personal data should be able to describe data types that usually play a role in these settings, describe the policy for erasure / retention of data and comprise icons for specific purposes such as shipping or transfer to third parties.

21 www.datenschutzzentrum.de PrimeLife/IFIP Summer School 2010 21 3. Approaches to implement privacy icons Medical data Payment data

22 www.datenschutzzentrum.de PrimeLife/IFIP Summer School 2010 22 3. Approaches to implement privacy icons Personal data Shipping data

23 www.datenschutzzentrum.de PrimeLife/IFIP Summer School 2010 23 3. Approaches to implement privacy icons Erasure of data Legal obligations

24 www.datenschutzzentrum.de PrimeLife/IFIP Summer School 2010 24 3. Approaches to implement privacy icons 3.3 Icons for a social network scenario In social networks additional privacy-related statements are helpful for users, in particular to visualise who will get access to which information or what happens to their data within the social network. The development of the icon set is still in progress In the following: excerpt of the developed and tested icons

25 www.datenschutzzentrum.de PrimeLife/IFIP Summer School 2010 25 3. Approaches to implement privacy icons Recipients: Public

26 www.datenschutzzentrum.de PrimeLife/IFIP Summer School 2010 26 3. Approaches to implement privacy icons Recipients: Selected individuals or

27 www.datenschutzzentrum.de PrimeLife/IFIP Summer School 2010 27 3. Approaches to implement privacy icons Recipients: Friends, contacts or

28 www.datenschutzzentrum.de PrimeLife/IFIP Summer School 2010 28 3. Approaches to implement privacy icons Recipients: Friends of friends

29 www.datenschutzzentrum.de PrimeLife/IFIP Summer School 2010 29 3. Approaches to implement privacy icons the icons for usage in a social network scenario could also be used in combination with configuring privacy settings, e.g., to directly select individuals that may or must not get access to personal data in addition, they may work as reminder whenever the user looks at her profile

30 www.datenschutzzentrum.de PrimeLife/IFIP Summer School 2010 30 4. Conclusions and outlook privacy icons may be an important means to convey relevant information about the processing of personal data to a user and thereby enhance her awareness concerning her privacy the usability will be improved, among others, by providing information about the icons’ meaning via the mouse-over function and links to the concerning part of the written privacy policy

31 www.datenschutzzentrum.de PrimeLife/IFIP Summer School 2010 31 4. Conclusions and outlook complexity will be reduced by shrinking the icon sets to only few different icons special attention will be given to possibilities of combining the icon approach with machine-readable service policies and user preferences while the singular use of either privacy icons or machine- readable policies have already some advantages, their combination can be even more fruitful

32 www.datenschutzzentrum.de PrimeLife/IFIP Summer School 2010 32 Displaying privacy information with icons Thank you for your attention! Leif-Erik Holtz uld63@datenschutzzentrum.de

Download ppt "Displaying privacy information with icons Leif-Erik Holtz Marit Hansen PrimeLife / IFIP Summer School 2010 Helsingborg, August 6th, 2010."

Similar presentations

MicroKernel Pattern Presented by Sahibzada Sami ud din Kashif Khurshid.

MicroKernel Pattern Presented by Sahibzada Sami ud din Kashif Khurshid.
Public Sector Information & Data Protection: A plea for personal privacy settings for the re-use of PSI Bart van der Sloot Institute for Information Law.

Public Sector Information & Data Protection: A plea for personal privacy settings for the re-use of PSI Bart van der Sloot Institute for Information Law.
WG 2 (data exchange) 2.1 - During the transitional period and till the Single Authorisation electronic information and communication system is implemented,

WG 2 (data exchange) During the transitional period and till the Single Authorisation electronic information and communication system is implemented,
ITU WORKSHOP ON STANDARDS AND INTELLECTUAL PROPERTY RIGHTS (IPR) ISSUES Session 5: Software copyright issues Dirk Weiler, Chairman of ETSI General Assembly.

ITU WORKSHOP ON STANDARDS AND INTELLECTUAL PROPERTY RIGHTS (IPR) ISSUES Session 5: Software copyright issues Dirk Weiler, Chairman of ETSI General Assembly.
[Organisation’s Title] Environmental Management System

[Organisation’s Title] Environmental Management System
 The Citrix Application Firewall prevents security breaches, data loss, and possible unauthorized modifications to Web sites that access sensitive business.

 The Citrix Application Firewall prevents security breaches, data loss, and possible unauthorized modifications to Web sites that access sensitive business.
CHAPTER 4 E-ENVIRONMENT

CHAPTER 4 E-ENVIRONMENT
Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.

Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.
Transposition of Consumer Rights ERGEG Monitoring Report Christina Veigl-Guthann, ERGEG Task Force Chair.

Transposition of Consumer Rights ERGEG Monitoring Report Christina Veigl-Guthann, ERGEG Task Force Chair.
Minding Your Own Business The Platform for Privacy Preferences Project and Privacy Minder Lorrie Faith Cranor AT&T Labs-Research

Minding Your Own Business The Platform for Privacy Preferences Project and Privacy Minder Lorrie Faith Cranor AT&T Labs-Research
Internet Privacy Policies Presented by: Paul Frenken President, COLAIP.

Internet Privacy Policies Presented by: Paul Frenken President, COLAIP.
Screen 1 of 24 Reporting Food Security Information Understanding the User’s Information Needs At the end of this lesson you will be able to: define the.

Screen 1 of 24 Reporting Food Security Information Understanding the User’s Information Needs At the end of this lesson you will be able to: define the.
DATA PROTECTION and Research University Research Ethics Committee – 08.05.2006 David Cauchi Office of the Data Protection Commissioner.

DATA PROTECTION and Research University Research Ethics Committee – David Cauchi Office of the Data Protection Commissioner.
ICT Issues Social Networking. Social Networking Social networking: the interaction between a group of people who have a common interest, eg. music. Popular.

ICT Issues Social Networking. Social Networking Social networking: the interaction between a group of people who have a common interest, eg. music. Popular.
Usable Security (Part 1 – Oct. 30/07) Dr. Kirstie Hawkey Content primarily from Teaching Usable Privacy and Security: A guide for instructors (http://cups.cs.cmu.edu/course-guide/)

Usable Security (Part 1 – Oct. 30/07) Dr. Kirstie Hawkey Content primarily from Teaching Usable Privacy and Security: A guide for instructors (
FI-WARE – Future Internet Core Platform FI-WARE Security July 2011 High-level Description.

FI-WARE – Future Internet Core Platform FI-WARE Security July 2011 High-level Description.
ICAICT202A - Work and communicate effectively in an IT environment

ICAICT202A - Work and communicate effectively in an IT environment
CMU Usable Privacy and Security Laboratory Power Strips, Prophylactics, and Privacy, Oh My! Julia Gideon, Serge Egelman, Lorrie.

CMU Usable Privacy and Security Laboratory Power Strips, Prophylactics, and Privacy, Oh My! Julia Gideon, Serge Egelman, Lorrie.
15 April 2011. Fostering Entrepreneurship among young people through education: a EU perspective Simone Baldassarri Unit “Entrepreneurship” Forum “Delivering.

15 April Fostering Entrepreneurship among young people through education: a EU perspective Simone Baldassarri Unit “Entrepreneurship” Forum “Delivering.
Vienna, April 2003 Birgit Nieskens, Master of Education Online Counselling.

Vienna, April 2003 Birgit Nieskens, Master of Education Online Counselling.

Similar presentations

Ads by Google