Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Visualizing Exports of Personal Data by Exercising the Right of Data Portability in the Data Track - Are People Ready for This?
Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science. (Privacy and Security, PRISEC)ORCID iD: 0000-0003-2823-3837
Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science. (Privacy and Security, PRISEC)ORCID iD: 0000-0001-6459-8409
Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science. (Privacy and Security, PRISEC)ORCID iD: 0000-0002-6938-4466
2017 (English)In: Privacy and Identity Management. Facing up to Next Steps. Privacy and Identity 2016. IFIP Advances in Information and Communication Technology., Springer, 2017, Vol. 498, p. 164-181Conference paper, Published paper (Refereed)
Abstract [en]

A transparency enhancing tool called Data Track has been developed at Karlstad University. The latest stand-alone version of the tool allows users to visualize their data exports. For analyzing the users’ perceptions of the Data Track in regard to transparency features and the concepts of data export and data portability, we have conducted a qualitative user study. We observed that although users had rather little interest in the visualization of derived data activities revealed in the Google location file, they were interested in other kinds of derived data like usage patterns for different service providers. Also, as earlier user studies revealed, we again confirmed that it is confusing for users to differentiate between locally and remotely stored and controlled data. Finally, in spite of being concerned about the security of the data exported to their machines, for exercising data portability rights pursuant to the General Data Protection Regulation, most participants would prefer to first export and edit the data before uploading it to another service provider and would appreciate using a tool such as the Data Track for helping them in this context.

Place, publisher, year, edition, pages
Springer, 2017. Vol. 498, p. 164-181
Series
IFIP Advances in Information and Communication Technology book series, ISSN 1868-4238
Keyword [en]
Transparency Enhancing Tools, Data portability, visualization, Data Track
National Category
Computer Sciences
Research subject
Computer Science
Identifiers
URN: urn:nbn:se:kau:diva-64555DOI: 10.1007/978-3-319-55783-0_12ISBN: 978-3-319-55782-3 (print)ISBN: 978-3-319-55783-0 (electronic)OAI: oai:DiVA.org:kau-64555DiVA, id: diva2:1149533
Conference
The 11th International IFIP Summer School on Privacy and Identity Management, August 21-26, 2016, Karlstad, Sweden.
Available from: 2017-10-16 Created: 2017-10-16 Last updated: 2018-03-06Bibliographically approved
In thesis
1. Towards Improving Transparency, Intervenability, and Consent in HCI
Open this publication in new window or tab >>Towards Improving Transparency, Intervenability, and Consent in HCI
2018 (English)Licentiate thesis, comprehensive summary (Other academic)
Abstract [en]

Transparency of personal data processing is enforced by most Western privacy laws, including the new General Data Protection Regulation (GDPR) which will be effective from May 2018. The GDPR specifies that personal data shall be processed lawfully, fairly, and in a transparent manner. It strengthens people's rights for both ex-ante and ex-post transparency and intervenability. Equally important is the strict legal requirements for informed consent established by the GDPR.

On the other hand, the legal privacy principles have Human-Computer Interaction (HCI) implications. People should comprehend the principles, be aware of when the principles may be used, and be able to use them. Transparent information about personal data processing should be concise, intelligible, and provided in an easily accessible form, pursuant to the GDPR. Nonetheless, the answer to the question about how HCI implications can be addressed depends on the attempts to decrease the gap between legal and user-centric transparency, intervenability, and consent. Enhancing individuals' control in a usable way helps people to be aware of the flow of their personal information, control their data, make informed decisions, and finally preserve their privacy.

The objective of this thesis is to propose usable tools and solutions, to enhance people's control and enforce legal privacy principles, especially transparency, intervenability, and informed consent. To achieve the goal of the thesis, different ways to improve ex-ante transparency and informed consent are investigated by designing and testing new solutions to make effective consent forms. Moreover, ex-post transparency and intervenability are improved by designing a transparency enhancing tool and investigating users' perceptions of data portability and transparency in the tool. The results of this thesis contribute to the body of knowledge by mapping legal privacy principles to HCI solutions, unveiling HCI problems and answers when aiming for legal compliance, and proposing effective designs to obtain informed consent.    

Abstract [en]

The new General Data Protection Regulation (GDPR) strengthens people’s rights for transparency, intervenability, and consent. The legal privacy principles have Human-Computer Interaction (HCI) implications. Besides aiming for legal compliance, it is of paramount importance to investigate how to provide individuals with usable and user-centric transparency, intervenability, and consent.

The objective of this thesis is to propose usable tools and solutions, to enhance people's control and enforce legal privacy principles, especially transparency, intervenability, and informed consent. To achieve the goal of the thesis, different ways to improve ex-ante transparency and informed consent are investigated by designing and testing new solutions to make effective consent forms. Moreover, ex-post transparency and intervenability are improved by designing a transparency enhancing tool and investigating users' perceptions of data portability and transparency in the tool. The results of this thesis contribute to the body of knowledge by mapping legal privacy principles to HCI solutions, unveiling HCI problems and answers when aiming for legal compliance, and proposing effective designs to obtain informed consent.    

Place, publisher, year, edition, pages
Karlstad University Press, 2018. p. 39
Series
Karlstad University Studies, ISSN 1403-8099 ; 2018:9
Keyword
GDPR, Informed Consent, Intervenability, Transparency, Usable Privacy
National Category
Computer Sciences
Research subject
Computer Science
Identifiers
urn:nbn:se:kau:diva-66109 (URN)978-91-7063-838-1 (ISBN)978-91-7063-933-3 (ISBN)
Presentation
2018-03-15, 12 B 252, Universitetsgatan 2, Karlstad, 09:00 (English)
Opponent
Supervisors
Note

The 3. article was in manuscript form at the time of the licentiate defense: Karegar, F. / User Evaluations of an App Interface for Cloud-based Identity Management / / Manuskript (preprint)

Available from: 2018-02-22 Created: 2018-02-05 Last updated: 2018-05-17Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full text

Search in DiVA

By author/editor
Karegar, FarzanehPulls, TobiasFischer-Hübner, Simone
By organisation
Department of Mathematics and Computer Science
Computer Sciences

Search outside of DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 98 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf