Aleecia M. McDonald

A comparative study of online privacy policies and formats

Online privacy policies are difficult to understand. Most privacy policies require a college reading level and an ability to decode legalistic, confusing, or jargon-laden phrases. Privacy researchers and industry groups have devised several standardized privacy policy formats to address these issues and help people compare policies. We evaluated three formats in this paper: layered policies, which present a short form with standardized components in addition to a full policy; the Privacy Finder privacy report, which standardizes the text descriptions of privacy practices in a brief bulleted format; and conventional non-standardized human-readable policies. We contrasted six companies’ policies, deliberately selected to span the range from unusually readable to challenging. Based on the results of our online study of 749 Internet users, we found participants were not able to reliably understand companies’ privacy practices with any of the formats. Compared to natural language, participants were faster with standardized formats but at the expense of accuracy for layered policies. Privacy Finder formats supported accuracy more than natural language for harder questions. Improved readability scores did not translate to improved performance. All formats and policies were similarly disliked. We discuss our findings as well as public policy implications.

P3P deployment on websites

We studied the deployment of computer-readable privacy policies encoded using the standard W3C platform for privacy preferences (P3P) format to inform questions about P3Ps usefulness to end users and researchers. We found that P3P adoption is increasing overall and that P3P adoption rates greatly vary across industries. We found that P3P had been deployed on 10% of the sites returned in the top-20 results of typical searches, and on 21% of the sites returned in the top-20 results of e-commerce searches. We examined a set of over 5000 websites in both 2003 and 2006 and found that P3P deployment among these sites increased over that time period, although we observed decreases in some sectors. In the Fall of 2007 we observed 470 new P3P policies created over a 2-month period. We found high rates of syntax errors among P3P policies, but much lower rates of critical errors that prevent a P3P user agent from interpreting them. We also found that most P3P policies have discrepancies with their natural language counterparts. Some of these discrepancies can be attributed to ambiguities, while others cause the two policies to have completely different meanings. Finally, we show that the privacy policies of P3P-enabled popular websites are similar to the privacy policies of popular websites that do not use P3P.

A usability evaluation of a home monitoring system

In this paper, we describe results from a laboratory-based study of user interactions with the Home Heartbeat system, which allows customers to monitor sensor data about their residence. Our study focused on usability, privacy, and security.

Access Denied! Contrasting Data Access in the United States and Ireland

Abstract The ability of an Internet user to access data collected about himself as a result of his online activity is a key privacy safeguard. Online, data access has been overshadowed by other protections such as notice and choice. This paper describes attitudes about data access. 873 US and Irish Internet users participated in a survey designed to examine views on data access to information held by online companies and data brokers. We observed low levels of awareness of access mechanisms along with a high desire for access in both participant groups. We tested three proposed access systems in keeping with industry programs and regulatory proposals. User response was positive. We conclude that access remains an important privacy protection that is inadequately manifested in practice. Our study provides insight for lawmakers and policymakers, as well as computer scientists who implement these systems.