Disclosing the current location of a person can seriously affect their privacy, but many apps request location information to provide location-based services. Simultaneously, these apps provide only crude controls for location privacy settings (sharing all or nothing). There is an ongoing discussion about rights of users regarding their location privacy (e.g. in the context of the General Data Protection Regulation -GDPR). GDPR requires data collectors to notify users about data collection and to provide them with opt-out options. To address these requirements, we propose a set of user interface (UI) controls for fine-grained management of location privacy settings based on privacy theory (Westin), privacy by design principles and general UI design principles. The UI notifies users about the state of location data sharing and provides controls for adjusting location sharing preferences. It addresses three key issues: whom to share location with, when to share it, and where to share it. Results of a user study (N=23) indicate that (1) the proposed interface led to a greater sense of control, that (2) it was usable and well received, and that (3) participants were keen on using it in real life. Our findings can inform the development of interfaces to manage location privacy.
An individual's location data is very sensitive geoinformation. While its disclosure is necessary, e.g., to provide location-based services (LBS), it also facilitates deep insights into the lives of LBS users as well as various attacks on these users. Location privacy threats can be mitigated through privacy regulations such as the General Data Protection Regulation (GDPR), which was introduced recently and harmonises data privacy laws across Europe. While the GDPR is meant to protect users' privacy, the main problem is that it does not provide explicit guidelines for designers and developers about how to build systems that comply with it. In order to bridge this gap, we systematically analysed the legal text, carried out expert interviews, and ran a nine-week-long take-home study with four developers. We particularly focused on user-facing issues, as these have received little attention compared to technical issues. Our main contributions are a list of aspects from the legal text of the GDPR that can be tackled at the user interface level and a set of guidelines on how to realise this. Our results can help service providers, designers and developers of applications dealing with location information from human users to comply with the GDPR.using location data of their users, i.e., location-based services (LBS). Given that in the digital age "privacy goes global" [6], the impacts of the GDPR will be felt far beyond the boundaries of Europe.While this new law promises to strengthen the rights of individuals, it also poses challenges to the designers and developers of systems that process personal data (e.g., location data). On the legal level, there are questions as to how compliance can be demonstrated. On a technical level, the law introduces new requirements regarding how data is stored, processed and deleted. While these two perspectives already introduce many challenges, it is also not clear how to realise various requirements that the GDPR formulates with respect to what users should be able to control and regarding how and when certain types of information should be presented to them. Providing material to support developers implementing GDPR is critical, as non-compliant companies could be fined with up to (the greater of) 20 million Euro or 4% of their global annual turnover.Location-based services (LBS) are increasingly ubiquitous systems that deal with geo-information and process the location data of their users. In this paper, we aim to address challenges resulting from the introduction of the GDPR that relate to user interfaces of LBS. Our main contributions are as follows: (1) We systematically analysed the legal text to identify a list of aspects that can be tackled at the user interface level (UI) (Section 3); (2) In addition, we carried out interviews with experts to gain further insights into challenges arising from having to comply with the GDPR as well as into ways of addressing them (Section 4); (3) Based on the outcome of both activities, we compiled a set of guidelines for developers and desi...
Safe spaces' have been at the core of participatory design (PD) in HCI. However, their characteristics, their potential impact and what enables them are not yet fully understood. The present article presents a series of insights derived from a six-week long study with 19 young forced migrants (YFMs). We investigated factors which contributed to enable the creation of 'safe spaces' while developing digital services with them. We based our case study on four main components of such spaces: (i) ethics, (ii) reflective processes, (iii) content, (iv) and spatial layout and dynamics. Our findings pointed to a promotion of 'safe spaces' through the combination of these components. Participants showed a high degree of engagement, seemed to be comfortable while interacting socially, and manifested signs of developing a trust relationship with the facilitators. The work presented in this article can benefit designers engaging in participatory activities in HCI with communities with highly complex and sensitive backgrounds or who are underrepresented.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.