Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
User Evaluations of an App Interface for Cloud-Based Identity Management
Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science (from 2013).ORCID iD: 0000-0003-2823-3837
Karlstad University.
Karlstad University, Faculty of Arts and Social Sciences (starting 2013), Karlstad Business School (from 2013).ORCID iD: 0000-0001-6826-3358
Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science (from 2013). (Prisec)ORCID iD: 0000-0002-6938-4466
2018 (English)In: Advances in Information Systems Development / [ed] Paspallis N., Raspopoulos M., Barry C., Lang M., Linger H., Schneider C., Cham: Springer, 2018, Vol. 26, p. 205-223Conference paper, Published paper (Refereed)
Abstract [en]

Within a project developing cloud technology for identity access management, usability tests of the mock-up of a mobile app identity provider were conducted to assess Internet users’ consciousness of data disclosures in consent forms and their comprehension of the flow of authentication data. Results show that using one’s fingerprint for giving consent was easy, but most participants did not have a correct view of where the fingerprint data is used and what entities would have access to it. Familiarity with ID apps appeared to aggravate misunderstanding. In addition, participants could not well recall details of personal data releases and settings for disclosure options. An evaluation with a confirmation screen improved the recall rate slightly. However, some participants voiced a desire to have control over their data and expressed a wish to manually select mandatory information. This can be a way of slowing users down and make them reflect more.

Place, publisher, year, edition, pages
Cham: Springer, 2018. Vol. 26, p. 205-223
Series
Lecture Notes in Information Systems and Organisation, ISSN 2195-4968 ; 26
Keywords [en]
Cloud computing, Identity management, Data disclosure, Usable privacy, Smartphone
National Category
Computer Sciences
Research subject
Computer Science
Identifiers
URN: urn:nbn:se:kau:diva-67323DOI: 10.1007/978-3-319-74817-7_13ISBN: 978-3-319-74816-0 (print)ISBN: 978-3-319-74817-7 (electronic)OAI: oai:DiVA.org:kau-67323DiVA, id: diva2:1206561
Conference
6th International Conference on Information Systems Development (ISD) held in Larnaca, Cyprus, September 6 - 8, 2017
Note

This article was published as manuscript in Farzaneh Karegars licentiate thesis. 

Available from: 2018-05-17 Created: 2018-05-17 Last updated: 2018-07-02Bibliographically approved
In thesis
1. Towards Improving Transparency, Intervenability, and Consent in HCI
Open this publication in new window or tab >>Towards Improving Transparency, Intervenability, and Consent in HCI
2018 (English)Licentiate thesis, comprehensive summary (Other academic)
Abstract [en]

Transparency of personal data processing is enforced by most Western privacy laws, including the new General Data Protection Regulation (GDPR) which will be effective from May 2018. The GDPR specifies that personal data shall be processed lawfully, fairly, and in a transparent manner. It strengthens people's rights for both ex-ante and ex-post transparency and intervenability. Equally important is the strict legal requirements for informed consent established by the GDPR.

On the other hand, the legal privacy principles have Human-Computer Interaction (HCI) implications. People should comprehend the principles, be aware of when the principles may be used, and be able to use them. Transparent information about personal data processing should be concise, intelligible, and provided in an easily accessible form, pursuant to the GDPR. Nonetheless, the answer to the question about how HCI implications can be addressed depends on the attempts to decrease the gap between legal and user-centric transparency, intervenability, and consent. Enhancing individuals' control in a usable way helps people to be aware of the flow of their personal information, control their data, make informed decisions, and finally preserve their privacy.

The objective of this thesis is to propose usable tools and solutions, to enhance people's control and enforce legal privacy principles, especially transparency, intervenability, and informed consent. To achieve the goal of the thesis, different ways to improve ex-ante transparency and informed consent are investigated by designing and testing new solutions to make effective consent forms. Moreover, ex-post transparency and intervenability are improved by designing a transparency enhancing tool and investigating users' perceptions of data portability and transparency in the tool. The results of this thesis contribute to the body of knowledge by mapping legal privacy principles to HCI solutions, unveiling HCI problems and answers when aiming for legal compliance, and proposing effective designs to obtain informed consent.    

Abstract [en]

The new General Data Protection Regulation (GDPR) strengthens people’s rights for transparency, intervenability, and consent. The legal privacy principles have Human-Computer Interaction (HCI) implications. Besides aiming for legal compliance, it is of paramount importance to investigate how to provide individuals with usable and user-centric transparency, intervenability, and consent.

The objective of this thesis is to propose usable tools and solutions, to enhance people's control and enforce legal privacy principles, especially transparency, intervenability, and informed consent. To achieve the goal of the thesis, different ways to improve ex-ante transparency and informed consent are investigated by designing and testing new solutions to make effective consent forms. Moreover, ex-post transparency and intervenability are improved by designing a transparency enhancing tool and investigating users' perceptions of data portability and transparency in the tool. The results of this thesis contribute to the body of knowledge by mapping legal privacy principles to HCI solutions, unveiling HCI problems and answers when aiming for legal compliance, and proposing effective designs to obtain informed consent.    

Place, publisher, year, edition, pages
Karlstad University Press, 2018. p. 39
Series
Karlstad University Studies, ISSN 1403-8099 ; 2018:9
Keywords
GDPR, Informed Consent, Intervenability, Transparency, Usable Privacy
National Category
Computer Sciences
Research subject
Computer Science
Identifiers
urn:nbn:se:kau:diva-66109 (URN)978-91-7063-838-1 (ISBN)978-91-7063-933-3 (ISBN)
Presentation
2018-03-15, 12 B 252, Universitetsgatan 2, Karlstad, 09:00 (English)
Opponent
Supervisors
Note

The 3. article was in manuscript form at the time of the licentiate defense: Karegar, F. / User Evaluations of an App Interface for Cloud-based Identity Management / / Manuskript (preprint)

Available from: 2018-02-22 Created: 2018-02-05 Last updated: 2018-07-03Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full text

Authority records BETA

Karegar, FarzanehPettersson, John SörenFischer-Hübner, Simone

Search in DiVA

By author/editor
Karegar, FarzanehPettersson, John SörenFischer-Hübner, Simone
By organisation
Department of Mathematics and Computer Science (from 2013)Karlstad UniversityKarlstad Business School (from 2013)
Computer Sciences

Search outside of DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 83 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf