Current mobile platforms provide privacy management interfaces to regulate how applications access sensitive data. Prior research has shown how these interfaces are insufficient from a usability standpoint: they do not account for context. In allowing for more contextual decisions, machine-learning techniques have shown great promise for designing systems that automatically make privacy decisions on behalf of the user. However, if such decisions are made automatically, then feedback mechanisms are needed to empower users to both audit those decisions and correct any errors.
In this paper, we describe our user-centered approach towards designing a fully functional privacy feedback interface for the Android platform. We performed two large-scale user studies to research the usability of our design. Our second, 580-person validation study showed that users of our new interface were significantly more likely to both understand and control the selected set of circumstances under which applications could access sensitive data when compared to the default Android privacy settings interface.
Lynn Tsai, Primal Wijesekera, Joel Reardon, Irwin Reyes, Jung-Wei Chen, Nathan Good, Serge Egelman, and David Wagner. TurtleGuard: Helping Android Users Apply Contextual Privacy Preferences. Proceedings of the 13th Symposium on Usable Privacy and Security (SOUPS ’17), 2017.