Endre søk
Link to record
Permanent link

Direct link
Murmann, Patrick
Publikasjoner (10 av 12) Visa alla publikasjoner
Murmann, P. (2021). Eliciting Design Guidelines for Privacy Notifications in mHealth Environments. In: Information Resources Management Association (Ed.), Research Anthology on Privatizing and Securing Data: (pp. 1909-1928). IGI Global
Åpne denne publikasjonen i ny fane eller vindu >>Eliciting Design Guidelines for Privacy Notifications in mHealth Environments
2021 (engelsk)Inngår i: Research Anthology on Privatizing and Securing Data / [ed] Information Resources Management Association, IGI Global, 2021, s. 1909-1928Kapittel i bok, del av antologi (Annet vitenskapelig)
Abstract [en]

The possibilities of employing mobile health (mhealth) devices for the purpose of self-quantification and fitness tracking are increasing; yet few users of online mhealth services possess proven knowledge of how their personal data are processed once the data have been disclosed. Ex post transparency-enhancing tools (TETs) can provide such insight and guide users in making informed decisions with respect to intervening with the processing of their personal data. At present, however, there are no suitable guidelines that aid designers of TETs in implementing privacy notifications that reflect their recipients' needs in terms of what they want to be notified about and the level of guidance required to audit their data effectively. Based on an analysis of gaps related to TETs, the findings of a study on privacy notification preferences, and the findings on notifications and privacy notices discussed in the literature, this paper proposes a set of guidelines for the human-centred design of privacy notifications that facilitate ex post transparency.

sted, utgiver, år, opplag, sider
IGI Global, 2021
HSV kategori
Forskningsprogram
Datavetenskap
Identifikatorer
urn:nbn:se:kau:diva-91616 (URN)10.4018/978-1-7998-8954-0.ch093 (DOI)2-s2.0-85134995291 (Scopus ID)9781799889540 (ISBN)9781799889557 (ISBN)
Tilgjengelig fra: 2022-08-25 Laget: 2022-08-25 Sist oppdatert: 2022-10-07bibliografisk kontrollert
Murmann, P. & Karegar, F. (2021). From Design Requirements to Effective Privacy Notifications: Empowering mHealth Users to Make Informed Decisions. International Journal of Human-Computer Interaction, 37(19), 1823-1848
Åpne denne publikasjonen i ny fane eller vindu >>From Design Requirements to Effective Privacy Notifications: Empowering mHealth Users to Make Informed Decisions
2021 (engelsk)Inngår i: International Journal of Human-Computer Interaction, ISSN 1044-7318, E-ISSN 1532-7590, Vol. 37, nr 19, s. 1823-1848Artikkel i tidsskrift (Fagfellevurdert) Published
Abstract [en]

To date, there are no satisfactory design requirements for privacy notifications, which constitute a conceptual means of informing users of online data services about how their personal data are processed and guide the decisions they make. Contextualising privacy notifications in the field of personal health tracking, we elicit a set of design requirements from the literature, implement a prototype, and conduct a qualitative, iterative lab study to evaluate the efficacy of the requirements immanent in the prototype. Our findings show that privacy notifications have the potential to facilitate usable transparency and intervenability in the ecosystem of mobile devices. The feedback obtained about the prototype lends itself to a refined set of design requirements presented in this paper. Implementing the principles of human-centred design, these requirements reflect building blocks that can help designers create usable tools that accommodate the needs of users of mobile health services.

Emneord
Design requirements, General Data Protection Regulation (GDPR), Human-centred design, Information privacy, Mobile computing, Mobile health (mhealth), Mobile phone, Personal health tracking, Privacy notifications, Rapid prototyping, Transparency-Enhancing Tool (TET)
HSV kategori
Forskningsprogram
Datavetenskap
Identifikatorer
urn:nbn:se:kau:diva-80073 (URN)10.1080/10447318.2021.1913859 (DOI)000660315800001 ()2-s2.0-85107811795 (Scopus ID)
Forskningsfinansiär
EU, Horizon 2020, 675730EU, Horizon 2020, 786767
Merknad

Article as manuscript in Murmann's doctoral thesis (2020): Information at Your Fingertips: Facilitating Usable Transparency via Privacy Notifications and in Karegar's doctoral thesis (2020): The Lord of Their Data Under the GDPR?: Empowering Users Through Usable Transparency, Intervenability, and Consent

Tilgjengelig fra: 2020-09-04 Laget: 2020-09-04 Sist oppdatert: 2022-05-16bibliografisk kontrollert
Murmann, P., Matthias, B., Fischer-Hübner, S. & Reinhardt, D. (2021). Reconciling the what, when and how of privacy notifications in fitness tracking scenarios. Pervasive and Mobile Computing, 77, Article ID 101480.
Åpne denne publikasjonen i ny fane eller vindu >>Reconciling the what, when and how of privacy notifications in fitness tracking scenarios
2021 (engelsk)Inngår i: Pervasive and Mobile Computing, ISSN 1574-1192, E-ISSN 1873-1589, Vol. 77, artikkel-id 101480Artikkel i tidsskrift (Fagfellevurdert) Published
Abstract [en]

The increasing number of fitness tracking wearables deployed worldwide poses challenges to the privacy of their users, esp. in terms of transparency. Privacy notifications facilitate transparency by providing users with situational awareness about the pro-cessing of their personal data. We present the results of two online surveys including English-speaking (n(Eng) = 154) and German-speaking (n(Ger) = 150) users of fitness track-ing devices from Europe, conducted to elicit determinants of notification settings. We found evidence for the perceived usefulness of privacy notifications, and for concordant predictors in terms of when and how users prefer to be notified about personal data processing in 12 scenarios related to fitness tracking.

sted, utgiver, år, opplag, sider
Elsevier, 2021
Emneord
Customisation; Fitness tracking; Privacy notifications; Transparency-enhancing tool (TET)
HSV kategori
Forskningsprogram
Datavetenskap
Identifikatorer
urn:nbn:se:kau:diva-87400 (URN)10.1016/j.pmcj.2021.101480 (DOI)2-s2.0-85117906197 (Scopus ID)
Tilgjengelig fra: 2021-11-25 Laget: 2021-11-25 Sist oppdatert: 2022-05-25bibliografisk kontrollert
Murmann, P. (2020). Information at Your Fingertips: Facilitating Usable Transparency via Privacy Notifications. (Doctoral dissertation). Karlstads universitet
Åpne denne publikasjonen i ny fane eller vindu >>Information at Your Fingertips: Facilitating Usable Transparency via Privacy Notifications
2020 (engelsk)Doktoravhandling, med artikler (Annet vitenskapelig)
Abstract [en]

The General Data Protection Regulation stipulates legal rights of transparency and intervenability. Transparency provides data subjects with insight into how their personal data have been processed, clarifying what consequences will or may arise due to the processing of their data, whereas intervenability enables them to intervene in the process. Technological artefacts, transparency-enhancing tools (TETs) serve the purpose of conveying respective information precisely and intelligibily. However, despite being a prerequisite for transparency, many TETs available today lack usability in that they do not stringently reflect the needs of their users, which raises the question as to whether individual TETs fulfil their designated purpose.

The objective of this dissertation is to systematically apply principles pertaining to human-centred design to ascertain the qualities necessary to design TETs that facilitate transparency and advise means of intervenability with regard to the needs of their target audience. We classify the state of the art of usable TETs published in the literature and discuss the gaps therein. Contextualising our research in the domain of personal health tracking, we investigate to what extent customisation can help accommodate the needs of users of TETs. We introduce privacy notifications as a conceptual means to inform data subjects about facts worthy of their attention, and examine the immanent properties required to accomplish actual usability. We categorise the characteristics of privacy notifications in terms of what insight they convey, and how respective facts need to be presented to facilitate informed decision-making on the recipient's part. Based on findings obtained via quantitative and qualitative user studies, we elicit concomitant factors related to the parameterisation of privacy notifications. We present the prototypical implementation of TETs whose iterative evaluation provides us with a catalogue of design requirements that demonstrably reflect the needs of their users.

sted, utgiver, år, opplag, sider
Karlstads universitet, 2020. s. 55
Serie
Karlstad University Studies, ISSN 1403-8099 ; 2020:28
Emneord
General Data Protection Regulation (GDPR), Human-centred design, Human-computer interaction (HCI), Information privacy, Intervenability, Mobile health (mhealth), Personal health tracking, Privacy notification, Transparency, Transparency-enhancing tool (TET), Usability
HSV kategori
Forskningsprogram
Datavetenskap
Identifikatorer
urn:nbn:se:kau:diva-80075 (URN)978-91-7867-144-1 (ISBN)978-91-7867-148-9 (ISBN)
Disputas
2020-10-28, 21E415A, Sjökvistsalen, Karlstad, 09:00 (engelsk)
Opponent
Veileder
Merknad

Artikel 6 del av avhandlingen som manuskript, nu publicerad.

Tilgjengelig fra: 2020-10-07 Laget: 2020-09-04 Sist oppdatert: 2021-07-02bibliografisk kontrollert
Schlehahn, E., Murmann, P., Karegar, F. & Fischer-Hübner, S. (2020). Opportunities and Challenges of Dynamic Consent in Commercial Big Data Analytics. In: M. Friedewald, M. Önen, E. Lievens, S. Krenn, and S. Fricker (Ed.), Privacy and Identity Management. Data for Better Living: AI and Privacy, Proceedings of the IFIP Summer School. Paper presented at IFIP Summer School 2019 (pp. 29-44). Springer
Åpne denne publikasjonen i ny fane eller vindu >>Opportunities and Challenges of Dynamic Consent in Commercial Big Data Analytics
2020 (engelsk)Inngår i: Privacy and Identity Management. Data for Better Living: AI and Privacy, Proceedings of the IFIP Summer School / [ed] M. Friedewald, M. Önen, E. Lievens, S. Krenn, and S. Fricker, Springer, 2020, s. 29-44Konferansepaper, Publicerat paper (Fagfellevurdert)
Abstract [en]

In the context of big data analytics, the possibilities and demands of online data services may change rapidly, and with it change scenarios related to the processing of personal data. Such changes may pose challenges with respect to legal requirements such as a transparency and consent, and therefore call for novel methods to address the legal and conceptual issues that arise in its course. We define the concept of ‘dynamic consent’ as a means to meet the challenge of acquiring consent in a commercial use case that faces change with respect to re-purposing the processing of personal data with the goal to implement new data services. We present a prototypical implementation that facilitates incremental consent forms based on dynamic consent. We report the results gained via two focus groups which we used to evaluate our design, and derive from our findings implications for future directions.

sted, utgiver, år, opplag, sider
Springer, 2020
Emneord
Dynamic consent, EU General Data Protection Regulation (GDPR), Human-computer interaction (HCI), Notification, Re-purposing
HSV kategori
Forskningsprogram
Datavetenskap; Informatik; Rättsvetenskap
Identifikatorer
urn:nbn:se:kau:diva-77400 (URN)10.1007/978-3-030-42504-3_3 (DOI)2-s2.0-85082402828 (Scopus ID)978-3-030-42504-3 (ISBN)
Konferanse
IFIP Summer School 2019
Tilgjengelig fra: 2020-04-02 Laget: 2020-04-02 Sist oppdatert: 2022-10-05bibliografisk kontrollert
Murmann, P. (2019). Eliciting Design Guidelines for Privacy Notifications in mHealth Environments. International Journal of Mobile Human Computer Interaction, 11(4), 66-83
Åpne denne publikasjonen i ny fane eller vindu >>Eliciting Design Guidelines for Privacy Notifications in mHealth Environments
2019 (engelsk)Inngår i: International Journal of Mobile Human Computer Interaction, ISSN 1942-390X, E-ISSN 1942-3918, Vol. 11, nr 4, s. 66-83Artikkel i tidsskrift (Fagfellevurdert) Published
Abstract [en]

The possibilities of employing mobile health (mhealth) devices for the purpose of self-quantification and fitness tracking are increasing, yet few users of online mhealth services possess proven knowledge of how their personal data are processed once the data have been disclosed. Ex post transparency-enhancing tools (TETs) can provide such insight and guide users in making informed decisions with respect to intervening with the processing of their personal data. At present, however, there are no suitable guidelines that aid designers of TETs in implementing privacy notifications that reflect their recipients’ needs in terms of what they want to be notified about and the level of guidance required to audit their data effectively. Based on an analysis of gaps related to TETs, the findings of a study on privacy notification preferences, and the findings on notifications and privacy notices discussed in the literature, this paper proposes a set of guidelines for the human-centred design of privacy notifications that facilitate ex post transparency.

sted, utgiver, år, opplag, sider
IGI Global, 2019
Emneord
Data transparency, Human-Centred Design, Individualisation, Intervenability, Mobile Health (mHealth), Notification, Privacy, Transparency-Enhancing Tool (TET), Usability
HSV kategori
Forskningsprogram
Datavetenskap
Identifikatorer
urn:nbn:se:kau:diva-71119 (URN)10.4018/IJMHCI.2019100106 (DOI)000501306200007 ()
Merknad

Artikeln ingick som manuskript i Murmanns (2019) licentiatuppsats Towards Usable Transparency via Individualisation.

Tilgjengelig fra: 2019-02-18 Laget: 2019-02-18 Sist oppdatert: 2020-09-04bibliografisk kontrollert
Murmann, P., Reinhardt, D. & Fischer-Hübner, S. (2019). To Be, or Not to Be Notified: Eliciting Privacy Notification Preferences for Online mHealth Services. In: Gurpreet Dhillon, Fredrik Karlsson, Karin Hedström, André Zúquete (Ed.), ICT Systems Security and Privacy Protection: . Paper presented at 34th IFIP TC 11 International Conference, SEC 2019, Lisbon, Portugal, June 25-27, 2019 (pp. 209-222). Springer, 562
Åpne denne publikasjonen i ny fane eller vindu >>To Be, or Not to Be Notified: Eliciting Privacy Notification Preferences for Online mHealth Services
2019 (engelsk)Inngår i: ICT Systems Security and Privacy Protection / [ed] Gurpreet Dhillon, Fredrik Karlsson, Karin Hedström, André Zúquete, Springer, 2019, Vol. 562, s. 209-222Konferansepaper, Publicerat paper (Fagfellevurdert)
Abstract [en]

Millions of people are tracking and quantifying their fitness and health, and entrust online mobile health (mhealth) services with storing and processing their sensitive personal data. Ex post transparency-enhancing tools (TETs) enable users to keep track of how their personal data are processed, and represent important building blocks to understand privacy implications and control one’s online privacy. Particularly, privacy notifications provide users of TETs with the insight necessary to make informed decision about controlling their personal data that they have disclosed previously. To investigate the notification preferences of users of online mhealth services, we conducted an online study. We analysed how notification scenarios can be grouped contextually, and how user preferences with respect to being notified relate to intervenability. Moreover, we examined to what extent ex post notification preferences correlate with privacy personas established in the context of trust in and reliability of online data services. Based on our findings, we discuss the implications for the design of usable ex post TETs.

sted, utgiver, år, opplag, sider
Springer, 2019
Emneord
privacy, transparency-enhancing tool, usability, personas, mhealth
HSV kategori
Forskningsprogram
Datavetenskap
Identifikatorer
urn:nbn:se:kau:diva-74439 (URN)10.1007/978-3-030-22312-0_15 (DOI)000560392300015 ()978-3-030-22312-0 (ISBN)
Konferanse
34th IFIP TC 11 International Conference, SEC 2019, Lisbon, Portugal, June 25-27, 2019
Tilgjengelig fra: 2019-08-21 Laget: 2019-08-21 Sist oppdatert: 2020-09-16bibliografisk kontrollert
Murmann, P. (2019). Towards Usable Transparency via Individualisation. (Licentiate dissertation). Karlstad: Karlstads universitet
Åpne denne publikasjonen i ny fane eller vindu >>Towards Usable Transparency via Individualisation
2019 (engelsk)Licentiatavhandling, med artikler (Annet vitenskapelig)
Abstract [en]

The General Data Protection Regulation grants data subjects the legal rights of transparency and intervenability. Ex post transparency provides users of data services with insight into how their personal data have been processed, and potentially clarifies what consequences will or may arise due to the processing of their data. Technological artefacts, ex post transparency-enhancing tools (TETs) convey such information to data subjects, provided the TETs are designed to suit the predisposition of their audience. Despite being a prerequisite for transparency, however, many of the TETs available to date lack usability in that their capabilities do not reflect the needs of their final users.

The objective of this thesis is therefore to systematically apply the concept of human-centred design to ascertain design principles that demonstrably lead to the implementation of a TET that facilitates ex post transparency and supports intervenability. To this end, we classify the state of the art of usable ex post TETs published in the literature and discuss the gaps therein. Contextualising our findings in the domain of fitness tracking, we investigate to what extent individualisation can help accommodate the needs of users of online mobile health services. We introduce the notion of privacy notifications as a means to inform data subjects about incidences worthy of their attention and examine how far privacy personas reflect the preferences of distinctive groups of recipients. We suggest a catalogue of design guidelines that can serve as a basis for specifying context-sensitive requirements for the implementation of a TET that leverages privacy notifications to facilitate ex post transparency, and which also serve as criteria for the evaluation of a future prototype.

sted, utgiver, år, opplag, sider
Karlstad: Karlstads universitet, 2019. s. 140
Serie
Karlstad University Studies, ISSN 1403-8099 ; 2019:8
Emneord
Data transparency, General Data Protection Regulation (GDPR), Human-centred design, Human-computer interaction (HCI), Information privacy, Intervenability, Mobile health (mhealth), Transparency-enhancing tool (TET), Usability
HSV kategori
Forskningsprogram
Datavetenskap
Identifikatorer
urn:nbn:se:kau:diva-71120 (URN)978-91-7867-003-1 (ISBN)978-91-7867-008-6 (ISBN)
Presentation
2019-05-23, 1B309, Karlstad university, Karlstad, 10:00 (engelsk)
Opponent
Veileder
Forskningsfinansiär
EU, Horizon 2020, 675730
Merknad

Paper 2 ingick som manuskript i avhandlingen, nu publicerad.

Tilgjengelig fra: 2019-05-02 Laget: 2019-02-28 Sist oppdatert: 2019-09-18bibliografisk kontrollert
Murmann, P. (2018). Usable Transparency for Enhancing Privacy in Mobile Health Apps. In: Proceedings of the 20th International Conference on Human-Computer Interaction with Mobile Devices and Services Adjunct: . Paper presented at MobileHCI 2018 (pp. 440-442). New York, NY, USA: Association for Computing Machinery (ACM)
Åpne denne publikasjonen i ny fane eller vindu >>Usable Transparency for Enhancing Privacy in Mobile Health Apps
2018 (engelsk)Inngår i: Proceedings of the 20th International Conference on Human-Computer Interaction with Mobile Devices and Services Adjunct, New York, NY, USA: Association for Computing Machinery (ACM), 2018, s. 440-442Konferansepaper, Oral presentation with published abstract (Fagfellevurdert)
Abstract [en]

We report on our research on usable transparency in thecontext of mobile health (mhealth) tracking. Usable trans-parency refers to the usability of transparency-enhancingtools (TETs), which seek to aid users of online data ser-vices in improving their privacy. Focusing on fitness track-ing scenarios, our research addresses the conceptual andtechnical demands of such tools in terms of usability

sted, utgiver, år, opplag, sider
New York, NY, USA: Association for Computing Machinery (ACM), 2018
Emneord
privacy, transparency, notification, privacy persona, preferences
HSV kategori
Forskningsprogram
Datavetenskap
Identifikatorer
urn:nbn:se:kau:diva-69468 (URN)10.1145/3236112.3236184 (DOI)978-1-4503-5941-2 (ISBN)
Konferanse
MobileHCI 2018
Tilgjengelig fra: 2018-10-04 Laget: 2018-10-04 Sist oppdatert: 2022-06-29bibliografisk kontrollert
Murmann, P. & Fischer-Hübner, S. (2017). Tools for Achieving Usable Ex Post Transparency: A Survey. IEEE Access, 5, 22965-22991
Åpne denne publikasjonen i ny fane eller vindu >>Tools for Achieving Usable Ex Post Transparency: A Survey
2017 (engelsk)Inngår i: IEEE Access, E-ISSN 2169-3536, Vol. 5, s. 22965-22991Artikkel i tidsskrift (Fagfellevurdert) Published
Abstract [en]

Transparency of personal data processing is a basic privacy principle and a right that is well acknowledged by data protection legislation, such as the EU general data protection regulation (GDPR). The objective of ex post transparency enhancing tools (TETs) is to provide users with insight about what data have been processed about them and what possible consequences might arise after their data have been revealed, that is, ex post. This survey assesses the state of the art in scientific literature of the usability of ex post TETs enhancing privacy and discusses them in terms of their common features and unique characteristics. The article first defines the scope of usable transparency in terms of relevant privacy principles for providing transparency by taking the GDPR as a point of reference, and usability principles that are important for achieving transparency. These principles for usable transparency serve as a reference for classifying and assessing the surveyed TETs. The retrieval and screening process of the publications is then described, as is the process for deriving the subsequent classification of the characteristics of the TETs. The survey not only looks into what is made transparent by the TETs but also how transparency is actually achieved. A main contribution of this survey is a proposed classification that assesses the TETs based on their functionality, implementation and evaluation as described in the literature. It concludes by discussing the trends and limitations of the surveyed TETs in regard to the defined scope of usable TETs and shows possible directions of future research for addressing these gaps. This survey provides researchers and developers of privacy enhancing technologies an overview of the characteristics of state of the art ex post TETs, on which they can base their work.

sted, utgiver, år, opplag, sider
IEEE, 2017
Emneord
GDPR, HCI, privacy, transparency, usability, visualization
HSV kategori
Forskningsprogram
Datavetenskap
Identifikatorer
urn:nbn:se:kau:diva-65290 (URN)10.1109/ACCESS.2017.2765539 (DOI)000415170200021 ()
Prosjekter
Privacy&Us
Forskningsfinansiär
EU, Horizon 2020
Tilgjengelig fra: 2017-11-29 Laget: 2017-11-29 Sist oppdatert: 2020-09-04bibliografisk kontrollert
Organisasjoner