Problem Summary

Single view privacy notification interfaces provide little information to help users understand privacy risks.

Rationale

A multi-view privacy notification interface can help users better understand the privacy information, according to their interests and expertise.

Solution

A user-customisable multi-view privacy notification mechanism that provides customised notification interfaces that help users obtain necessary information about their privacy risk.

Fung, Rashidi and Motti [1] introduced a novel multi-view model for permission notifications that enhance user understanding and decision-making regarding app permissions. The multi-view model incorporates Control Theory to ensure consistency across views tailored to different user knowledge levels. A chain of control units was developed, each responsible for producing one of the multi-view interfaces. It tailors the presentation of privacy risks based on users' knowledge levels, offering customised interfaces with varying granularity, intricacy, and co-equality. These interfaces range from detailed app activity logs for expert users to simplified risk assessments for novices. Additionally, the model incorporates a user preference system, allowing individuals to select or automatically be assigned views that best match their understanding and comfort level. Beyond information presentation, the solution suggests actionable user recommendations, providing a nuanced approach to app permission management. Actions vary from simple permission denial to app uninstallation, depending on the assessed risk level of the app. This comprehensive approach informs users about potential privacy risks and empowers them with actionable insights to safeguard their privacy effectively.

When combined with privacy choices [2], which actions (block/deny/uninstall, for instance) to recommend for users in each view is an important aspect to consider on a case basis.

Platforms: personal computers, mobile devices

Related guidelines: Enhance Privacy Awareness by Communicating Privacy Risks

Example

Privacy notification view details are reduced from left to bottom right, accounting for different user visualisation choices [1]. (See enlarged)

• Consistency among the designed views is critical, so incorporating Control Theory to regulate the consistency of views across different user knowledge levels aims to ensure that despite the diversity in information presentation, the core message remains consistent, aiding in accurate interpretation and informed decision-making. Users can choose the view that they can understand the most and are more comfortable with [1].
• The solution provides actionable insights by recommending specific actions (like block, deny, uninstall) based on the assessed risk level of an app. This approach not only informs users about potential risks but also guides them on how to mitigate these risks, enhancing user security and privacy protection [1].

• The effectiveness of the multi-view model heavily relies on users actively engaging with and understanding the different views and recommended actions. There's a possibility that users might not invest the time to explore and switch between views, reducing the system's overall impact on privacy and security decision-making. Despite the intention to cater to different user expertise levels, there's a risk of information overload, particularly for users who might find multiple views and detailed action recommendations overwhelming. This could lead to decision fatigue, where users may default to simpler but less secure choices [1].
• The application of Control Theory to ensure view consistency adds a layer of complexity to the system's design and implementation. This could potentially increase development time and resources required, making it challenging to adapt and scale [1].