GGrantIndex
← Search

CAREER: Presentation and Mitigation of Privacy Risks for Online Users

$538,943FY2020CSENSF

University Of Wisconsin-Madison, Madison WI

Investigators

Abstract

It is a long-standing challenge to make the users of online systems "privacy-aware" where one understands the privacy practices and controls of the online service being used. For decades, the "Notice and Choice" framework has been the governing practice for the disclosure and control of online privacy practices. Privacy notices, manifesting in lengthy privacy policies, inform users about how websites, devices, apps, or service providers handle their data. Notices pave the way for choices to be made by users. Through online settings and menus, users can opt-in for data collection, authorize the transfer of their data to third-party ad networks, or control the extent to which their data is shared. However, in their current forms, policies are hard for users to comprehend, and control settings are not user-friendly. While some providers have improved the readability of their privacy policies, these notices remain long and hard to follow. Further, unreachable privacy settings make it very hard for users to control their privacy effectively. Thus, users are far more likely to rely on default options rather than fine-tuning their settings for each service they use. When the service provider's behavior does not match the user's privacy preferences, privacy risks arise. Providing users with the means to understand and control how their data is handled remains an open problem. This project explores and addresses the challenges associated with developing interfaces to present and mitigate online privacy risks for users. The main impact of this research is to educate users more effectively about privacy risks and to offer them user-friendly tools to reduce these risks. The research in this project has three thrusts: (i) Technology probes-based methodology for designing better privacy-enhancing interfaces: Using basic privacy-interfaces to probe users about what they perceive as missing and inconvenient design elements, this thrust aims to develop a set of user-driven guidelines for designing privacy interfaces that are easier to adopt and use; (ii) A comprehensive framework to make the privacy practices and controls of service providers machine-readable: Through contributions in the natural-language processing of privacy text and the automated analysis of online privacy menus, this framework overcomes challenges due to heterogeneity, vagueness, or complexity in an online platform's presentation of its privacy practices and controls. It automatically conceptualizes the privacy practices and controls of a service provider as a graph by associating the user's data with the provider's fine-grained privacy practices and controls. The framework will also enable designing new interfaces through querying its automatically generated graph without collaboration from the service provider, thus addressing scalability; (iii) A set of usable interfaces for understanding and controlling privacy risk without requiring providers to adopt changes: Combining the identified design guidelines with the framework's querying capabilities, the focus here is a dialog interface that allows users to inquire about privacy practices and control privacy settings using natural-language queries, even on UI-limited devices. It also introduces privacy nudges to add privacy as a factor when users are shopping for services. The methodologies will be tested in real systems through collaboration with DuckDuckGo and other companies. The developed products will be made available to public as browser plugins, apps, and APIs, as appropriate. A set of education initiatives, including privacy modules for the public, privacy as a design dimension for capstone undergraduate classes, and an advanced privacy course at the graduate level, complement the research effort. This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

View original record on NSF Award Search →