Putting Privacy Notices to the Test

Wednesday, February 1, 2017 - 10:30am11:00am

Lorrie Faith Cranor, Professor of Computer Science and of Engineering and Public Policy, Carnegie Mellon University


We all know that hardly anybody ever reads privacy notices or security warnings, and when people try to read them, they tend to be long and extremely difficult to understand. In this talk I will start by discussing why privacy notices are important, explain why they are largely failing to inform people, and discuss some of the approaches companies and researchers are taking in an attempt to make privacy notices more useful. Then I’ll present a theory about the cognitive processes that take place when someone encounters a privacy notice or security warning. Finally, I will share several examples in which my students conducted user studies to test the effectiveness of privacy notices or security warnings. I will show some examples of notices that don’t seem to be very effective, as well as some examples of how notices can be improved through an iterative design and testing process.

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

@conference {201459,
author = {Lorrie Faith Cranor},
title = {Putting Privacy Notices to the Test},
year = {2017},
address = {Oakland, CA},
publisher = {{USENIX} Association},