Carnegie Mellon Universitycschafer/cmspbs.pdf · 2009. 2. 26. · Carnegie Mellon University
Thesis Proposal - Carnegie Mellon University
1
Thesis Proposal Institute for Software Research Computation, Organizations and Society Hazim Almuhimedi Wed Dec 2, 3:30-5:30pm GHC 4405 Dr. Norman Sadeh (Chair), Dr. Anind K. Dey, Dr. Alessandro Acquisti, Dr. Adrienne Porter Felt (Google, Inc.) Smartphones show significant adoption with a mobile market share of 75% in the US and 40% worldwide. This increased adoption has been primarily attributed to the availability of mobile applications (apps). The two major smartphone platforms (iOS and Android) have more than a million available apps to download from their respective app stores, and each store has seen more than 100 billion app downloads. Although apps provide desired functionality by accessing users’ personal information, they also access personal information for other purposes (e.g., advertising or profiling) that users may or may not desire. Users can exercise control over how apps access their personal information through permission managers that major mobile platforms provide. However, our earlier work suggests that a permission manager alone might not be sufficient to help users manage their privacy on mobile devices because: (1) privacy is typically a secondary task and thus users might not be motivated enough to take advantage of the permission manager’s functionality, and (2) even when using the permission manager, users often make suboptimal privacy decisions due to hurdles in decision making. To overcome these two challenges, we propose to adopt the concept of nudges: “soft paternalistic” behavioral interventions that do not restrict choice but account for decision making hurdles. Specifically, we propose to design and evaluate runtime mobile app privacy nudges that aim to help users make better privacy decisions by (1) increasing users’ awareness about privacy risks associated with apps that users have previously installed, and (2) motivating users to review their app privacy settings and adjust them as needed. Our initial results show that indeed runtime mobile app privacy nudges are a promising approach to help users utilize the permission manager to better manage their mobile app privacy settings. The nudges effectively switch users’ focus to privacy management and motivate them to review their app privacy settings. To build on these initial results, we propose to conduct a series of experiments to identify (1) key elements of effective content of mobile app privacy nudges, and (2) approaches to make the nudges engaging over time. We also hope that our work will enable us to uncover generalizable principles to inform the design of effective nudges in other domains such as the Internet of Things. Helping Users Manage their Privacy through Nudges
Transcript of Thesis Proposal - Carnegie Mellon University
Thesis Proposal Institute for Software Research Computation, Organizations and Society
Hazim Almuhimedi Wed Dec 2, 3:30-5:30pm
GHC 4405
Dr. Norman Sadeh (Chair), Dr. Anind K. Dey, Dr. Alessandro Acquisti, Dr. Adrienne Porter Felt (Google, Inc.)
Smartphones show significant adoption with a mobile market share of 75% in the US and 40% worldwide. This increased adoption has been primarily attributed to the availability of mobile applications (apps). The two major smartphone platforms (iOS and Android) have more than a million available apps to download from their respective app stores, and each store has seen more than 100 billion app downloads. Although apps provide desired functionality by accessing users’ personal information, they also access personal information for other purposes (e.g., advertising or profiling) that users may or may not desire. Users can exercise control over how apps access their personal information through permission managers that major mobile platforms provide. However, our earlier work suggests that a permission manager alone might not be sufficient to help users manage their privacy on mobile devices because: (1) privacy is typically a secondary task and thus users might not be motivated enough to take advantage of the permission manager’s functionality, and (2) even when using the permission manager, users often make suboptimal privacy decisions due to hurdles in decision making. To overcome these two challenges, we propose to adopt the concept of nudges: “soft paternalistic” behavioral interventions that do not restrict choice but account for decision making hurdles. Specifically, we propose to design and evaluate runtime mobile app privacy nudges that aim to help users make better privacy decisions by (1) increasing users’ awareness about privacy risks associated with apps that users have previously installed, and (2) motivating users to review their app privacy settings and adjust them as needed. Our initial results show that indeed runtime mobile app privacy nudges are a promising approach to help users utilize the permission manager to better manage their mobile app privacy settings. The nudges effectively switch users’ focus to privacy management and motivate them to review their app privacy settings. To build on these initial results, we propose to conduct a series of experiments to identify (1) key elements of effective content of mobile app privacy nudges, and (2) approaches to make the nudges engaging over time. We also hope that our work will enable us to uncover generalizable principles to inform the design of effective nudges in other domains such as the Internet of Things.
Helping Users Manage their Privacy through Nudges
