User Privacy Communication Guidelines

GD9 - Enhance Parental Control in Smart Toys

Problem Summary

Smart toys introduce significant privacy concerns related to protecting children's data. Existing privacy control tools are often complex and not user-friendly, making them challenging for parents and guardians, who typically lack technical expertise.

Rationale

To assist parents in enhancing the protection of children's privacy in the dynamic environment of smart toys by filling the existing gaps in privacy control tools for smart toys by making them more usable, standardised, and comprehensive.

Solution

To enhance the privacy control tools for smart toys by making them more user-friendly and effective in protecting children's privacy.

Albuquerque et al. [1] noted the absence of a standardised reference solution in the literature and proposed a comprehensive framework to fill this gap. They developed a conceptual model for a smart toy parental control tool to address the limitations of existing solutions. First, they elicited a set of requirements for parental control based on scientific and technical literature. Then, they structured a model using Unified Modelling Language (UML) diagrams, focusing on key features like creating a user profile, establishing privacy rules, and managing them. For user profile creation, parents provide contact details, agree to updates, input the child's data, consent to agreements, and authenticate access. Privacy rule creation involves specifying rule details, configuring access controls, and reviewing the rule. The tool allows parents to manage, view, edit, or delete privacy rules, with an option to choose predefined templates. A proof-of-concept app an its source code is available at https://github.com/OtavioAlb/ParentalControlPrototype.

Salgado et al. [2] addressed the usability challenges in smart toy privacy control interfaces. The authors structured process included an open Card Sorting with potential users, followed by cluster analysis and a comparison with the nutrition label (by Kelley et al. ) model. They collected 30 valid responses and observed two main branches in the resulting dendrogram, indicating a distinction between terms related to privacy policies and the creation of privacy rules. The authors also prototyped (using Marvel App) a parental control as an Android-like version of an existing model and then adapted the nutrition label model based on Card Sorting and cluster analysis results. They used a mini-Information Architecture (mini-IA) process to reshape the nutrition label into a more user-friendly interface, aligning with Western reading styles. Google's Material Design guidelines and assets from the Marvel App prototyping tool were utilised in the process. Overall, the authors found the suggestion that adopting the nutrition label model and consolidating rules in a single interface could enhance the efficiency of parental controls, saving users time and effort. Icons from the nutrition label were updated for better visibility on mobile screens, aligning with Google Material Design symbols. This approach improved usability and streamlined the process of creating privacy rules for various services.

Platforms: smart devices, mobile devices

Example

Template-based privacy rule creation option [1]. (See enlarged)

Three main screens of the parental control: manage rules, parent area, and support area [1]. (See enlarged)

Parent profile creation [1]. (See enlarged)

Parental control prototype [2]. (See enlarged)

Use cases

Empowering parents to protect their children's privacy with parental privacy controls.

Pros

Adopting the nutrition label model simplifies privacy rule creation by consolidating all rules into a single interface, potentially saving users time and effort [2]. A survey study revealed high user appreciation for the functional requirements, indicating the proposed solution's suitability for theoretical and practical applications [1].

Cons

The study acknowledges limitations in generalising the proposed conceptual model beyond countries covered by major privacy policies (COPPA, PIPEDA, GDPR, SIP-BENCH III), such as the USA, Canada, and the European Union [1]. Although the final prototype was not validated with users, it was built based on a card sorting experiment to group privacy-related contents in the proposed design [2].

Privacy Attribute(s)

Control

The discussed solutions are designed to give users more control over privacy preferences, decisions on data sharing, and interactions with smart devices, especially when a supervision relationship is involved. They address the core elements of control, allowing users to influence how service providers handle personal data actively [3]. Other related privacy attributes:

Transparency
This guideline also addresses transparency since it can offer clarification before consent.

Collection
This recommendation also helps in communicating data collection to users, facilitating the visualisation of the collected data.

References

[1] Otavio de Paula Albuquerque, Marcelo Fantinato, Hung, Patrick C.K. Hung, Sarajane Marques Peres, Farkhund Iqbal, Umair Rehman, and Muhammad Umair Shah. Recommendations for a smart toy parental control tool. J Supercomput 78, 2022, 11156–11194. https://doi.org/10.1007/s11227-022-04319-4

[2] André de Lima Salgado, Felipe Silva Dias, João Pedro Rodrigues Mattos, Renata Pontin de Mattos Fortes, and Patrick CK Hung. Smart toys and children's privacy: usable privacy policy insights from a card sorting experiment. In Proceedings of the 37th ACM International Conference on the Design of Communication, 2019, 1-8. https://doi.org/10.1145/3328020.3353951

[3] Susanne Barth, Dan Ionita, and Pieter Hartel (2022). Understanding Online Privacy — A Systematic Review of Privacy Visualizations and Privacy by Design Guidelines. ACM Comput. Surv. 55, 3, Article 63 (February 2022), 37 pages. https://doi.org/10.1145/3502288