2014

Visualizing Privacy!

Morgan Eisler (@mogasaur)!UX Researcher!

!!

10/09/14!

#GHC14

2014

2014

2014

2014

2014

TL;DR!

2014

2014

2014

Users With!Data Exposed!

Data! Breaches!

2014

2014

2014

2014

The NTIA Code of Conduct!§  Categories of Data Collected:!−  Biometrics!−  Browser History!−  Phone or Text Log!−  Contacts!−  Financial Info!−  Health, medical, or therapy info!−  Location!−  User Files!

2014

The NTIA Code of Conduct!§  Entities Data is Shared With:!−  Ad Networks!−  Carriers!−  Consumer Data Resellers!−  Data Analytics Providers!−  Government Entities!−  Operating Systems and Platforms!−  Other Apps!−  Social Networks!

2014

2014

2014

“I think this signifies a company that is very conscientious. A company that cares about people's privacy and is aware of people's concerns about how their information will be gathered, shared, and used.”!

" "- Lookout Customer!!

2014

“I think if a privacy policy was that way then everybody’s policy would get read. It would help a lot of people out if it looked like this.”!

" "- Lookout Customer!

2014

2014

2014

2014

2014

2014

Final Thoughts!§  Be more transparent!§  Inspire trust!§  Improve comprehension!§  Keep in mind:!−  A short form policy is not a replacement for a

full-length policy!−  Make sure that users understand that a short

form policy is just that!

2014

References §  2013, 9 May.“More than 2 billion people use

the internet, here’s what they’re up to (inforgraphic)”. The Cultureist. Retrieved from <http://www.thecultureist.com/2013/05/09/how-many-people-use-the-internet-more-than-2-billion-infographic/>.!

§  O’Toole, James. 2014, 28 February. “Mobile apps overtake PC internet usage in U.S.”. CNN Money. Retrieved from http://money.cnn.com/2014/02/28/technology/mobile/mobile-apps-internet/>.!

2014

References

§  Ezor, Jonathan I. 2009, 12 August. “Why your web site’s privacy policy matters more than you think.” Bloomberg Businessweek. Retrieved from <http://www.businessweek.com/smallbiz/running_small_business/archives/2009/08/why_web_site_pr.html>.!

§  ,2012. “ Global Internet User Survey Summary Report”. The Internet Society. Retrieved from <https://www.internetsociety.org/sites/default/files/rep-GIUS2012global-201211-en.pdf>.!

2014

References §  2009, 10 March. “TRUSTe survey findings

indicate majority of small business neglect vital privacy measures” [press release]. TRUSTe. Retrieved from <http://www.truste.com/about-TRUSTe/press-room/news_truste_smb_neglect_privacy>.!

§  Bilton, Nick. 2010, 12 May. “Price of Facebook privacy? Start clicking.” The New York Times. Retrieved from <http://www.nytimes.com/2010/05/13/technology/personaltech/13basics.html?src=tptw&_r=0>.!

2014

References §  Vedantam, Shankar. 2012, 19 April. “To read all

those web privacy policies, just take a month off work.” NPR. Retrieved from <http://www.npr.org/blogs/alltechconsidered/2012/04/19/150905465/to-read-all-those-web-privacy-policies-just-take-a-month-off-work>.!

§  McDonald, Aleecia M. & Faith Cranor, Lorrie, 2008. “The cost of reading privacy policies.” I/S: A Journal of Law and Policy for the Information Society, 2008 Privacy Year in Review Issue. Retrieved from <http://lorrie.cranor.org/pubs/readingPolicyCost-authorDraft.pdf>.!

2014

References §  Westerman, Ilana. 2013, 3 June. “What

misconceptions do consumers have about privacy?” IAPP. Retrieved from <https://privacyassociation.org/news/a/what-misconceptions-do-consumers-have-about-privacy/>.!

§  Weise, Elizabeth. 2014, 24 September. “43% of companies had a data breach in the past year.” USA Today. Retrieved from <http://www.usatoday.com/story/tech/2014/09/24/data-breach-companies-60/16106197/>.!

2014

References

§  Pagliery, Jose. 2014, 28 May. “Half of American adults hacked this year.” CNN Money. Retrieved from <http://money.cnn.com/2014/05/28/technology/security/hack-data-breach/?iid=EL>.!

§  Fiegerman, Seth. 2014, 20 June. “Yo gets hacked.” Mashable. Retrieved from <http://mashable.com/2014/06/20/yo-gets-hacked/>.!

2014

References §  2013, 25 July. “Short Form Notice Code of

Conduct to Promote Transparency in Mobile App Practices”. The National Telecommunications and Information Administration. Retrieved from <http://www.ntia.doc.gov/files/ntia/publications/july_25_code_draft.pdf>.!

§  2014, 24 July. “Apps Alliance and Intuit partner to release new app privacy tool” [press release]. Application Developers Alliance. Retrieved from <http://www.appdevelopersalliance.org/news/2014/7/23/new-tool-allows-developers-to-create-consumer-friendly-app-privacy-notices>.!

2014

Links to Tools on GitHub!§  Lookout: !−  https://github.com/lookout/private-parts!

§  Intuit/TRUSTe:!−  https://github.com/appsalliance/privacynotices!

§  Mozilla:!−  https://github.com/flamsmark/privacy-policy-

template!

2014

Contact/Feedback!

Questions?!MORGAN.EISLER@LOOKOUT.COM or!

Lookout Booth at the Career Fair! !

Rate and Review the session using the GHC Mobile App!

To download visit www.gracehopper.org!