web browser privacy & security
DESCRIPTION
Informed Consent in the Mozilla Browser: Implementing Value-Sensitive Design. Web Browser Privacy & Security. Nan Li. Agenda. Value-Sensitive Design (VSD) Criteria and issues of informed consent online Redesign goals and strategies Different prototypes and their evaluation - PowerPoint PPT PresentationTRANSCRIPT
WEB BROWSER PRIVACY & SECURITY
Nan Li
Informed Consent in the Mozilla Browser:Implementing Value-Sensitive Design
10/13/2009
08-534 Usability Privacy and Security
08-534 Usability Privacy and Security
2
Agenda Value-Sensitive Design (VSD) Criteria and issues of informed consent
online Redesign goals and strategies Different prototypes and their evaluation Usability test and results Discussion
10/13/2009
08-534 Usability Privacy and Security
3
Conceptual
Investigation
Technical Investiga
tion
Empirical Investiga
tion
What is VSD?VSD seeks to design technology that accounts
for human values in a principled and comprehensive manner throughout the design process (Friedman, 1997).
Key features of VSD Interactional theory Direct and indirect stakeholders Tripartite methodology
Value-Sensitive Design (VSD)
Tripartite methodology
Technical design & mechanisms VS. Values
Value oriented perceptions and experience
Philosophically informed analyses
10/13/2009
08-534 Usability Privacy and Security
4
Criteria of Informed Consent Online
“Informed” Disclosure Comprehension
“Consent” Voluntariness Competence Agreement
Minimal Distraction
10/13/2009
08-534 Usability Privacy and Security
6
Issues of Informed Consent Online Browsers do not disclose the right sort of
information. Preference settings are typically located
in obscure menu hierarchies. The undue burden still falls to the user. Users' 'out-of-the-box' experience of
cookies (the default setting) is no different than it was in 1995: to accept all cookies.
No browser alerts a user.10/13/2009
08-534 Usability Privacy and Security
7
Redesign Goals Enhance users’ local understanding of
discrete cookie events as the events occur Enhance users’ global understanding of
the common uses of cookie technology including potential benefits and risks associated with those uses
Enhance users’ ability to manage cookies Achieve design goals 1, 2 and 3 while
minimizing distraction for the user
10/13/2009
08-534 Usability Privacy and Security
8
Redesign Strategies Iterative design, rapid prototyping, user
evaluations Enhancements to cookie manager tool Additional cookie information Peripheral awareness and just-in-time
interventions for cookie events
10/13/2009
9
Prototype1 - The Gedanken prototype
Pros: Aware of discrete cookie-
event Automatically block a
website Link a discrete cookie
even with ones already identified
Facilitate cookies mgmt Cons:
Lacked of adequate awareness
Was short of intuitive representation for cookie classification
Fail to conceptual link discrete cookies with a global understanding
10
Prototype 2 - the Mozilla Cookie-Watcher
Pros: the ability to link visual
cues for discrete cookie events with the existing Cookie-Management toolkit
the opportunity to present persistent data about recently set cookies
the ease with which a focused user could ignore a small visual representation on the screen
Moving smoothly from observation to management
greater flexibility and expandability for representing the cookie classification scheme
Cons: Cookie information tool
11 Pros:
The Cookie-Information Dialog Box
Color and formatting in cookie information dialog box
Prototype 3 - the Revised Mozilla Cookie-Watcher
08-534 Usability Privacy and Security
12
Usability Study Participants
8 (3 male, 5 female) between the ages of 20~30
University students who are experienced web users
Methods Pre-session semi-structured interview 30 minutes hands-on session + semi-
structured interview Post-session interview
10/13/2009
08-534 Usability Privacy and Security
13
Usability Study - Results 63% (5 participants) explored the tool on their own 37% (3) chose to close the tool to save screen space
25% (2) showed that they were short of knowledge about cookies in the pre-session interview.
88% stated they would use the tool
Increased awareness of cookie events More likely to understand benefits and risks of cookies More easily make cookie management actions More smoothly transfer from observation to
management
10/13/2009
08-534 Usability Privacy and Security
14
Discussion What the difficulties to implement just-
in-time interventions for cookie events? Any good ideas?
How to making proper decisions about the tradeoff of privacy and functionality?
Who is better equipped to make the decision? The user or the browser?
10/13/2009
08-534 Usability Privacy and Security
15
Questions? Presentation content comes from papers
Informed Consent in the Mozilla Browser: Implementing Value-Sensitive Design
Value Sensitive Design as a Pattern Informed Consent by Design (Chapter 24)
10/13/2009