More Like this

1. "I'm not as afraid as a woman might be about sharing my exact location:" On the Intersection of Identity and Privacy Concerns in Fitness Tracking

   https://doi.org/10.1145/3706598.3713941  

   Jo, Yeeun; Jameel, Mahnoor; Cobb, Camille; Bates, Adam (April 2025, ACM)

   Users’ perceptions of fitness tracking privacy is a subject of active study, but how do various aspects of social identity inform these perceptions? We conducted an online survey (N=322) that explores the influence of identity on fitness tracking privacy perceptions and practices, considering participants’ gender, race, age, and whether or not they identify as LGTBQ*. Participants reported how comfortable they felt sharing fitness data, commented on whether they believed their identity impacted this comfort, and brainstormed several data sharing risks and a possible mitigation for each risk. For each surveyed dimension of social identity, we find one or more reliable effects on participants’ level of comfort sharing fitness data, specifically when considering institutional groups like employers, insurers, and advertisers. Further, 64% of participants indicate at least one of their identity characteristics informs their comfort. We also find evidence that the perceived risks of sharing fitness data vary by identity, but do not find evidence of difference in the strategies used to manage these risks. This work highlights a path towards reasoning about the privacy challenges of fitness tracking with respect for the lived experiences of all users. 

   more » « less
2. Privacy attitudes and data valuation among fitness tracker users

   Vitak, J.; Liao, Y.; Kumar, P.; Zimmer, M.; Kritikos, K. (March 2018, Lecture notes in computer science)

   Fitness trackers are an increasingly popular tool for tracking one’s health and physical activity. While research has evaluated the potential benefits of these devices for health and well-being, few studies have empirically evaluated users’ behaviors when sharing personal fitness information (PFI) and the privacy concerns that stem from the collection, aggregation, and sharing of PFI. In this study, we present findings from a survey of Fitbit and Jawbone users (N=361) to understand how concerns about privacy in general and user- generated data in particular affect users’ mental models of PFI privacy, tracking, and sharing. Findings highlight the complex relationship between users’ demographics, sharing behaviors, privacy concerns, and internet skills with how valuable and sensitive they rate their PFI. We conclude with a discussion of opportunities to increase user awareness of privacy and PFI. 

   more » « less
3. Privacy attitudes and data valuation among fitness tracker users

   https://doi.org/10.1007/978-3-319-78105-1_27  

   Vitak, J.; Liao, Y.; Kumar, P.; Zimmer, M.; Kritikos, K. (January 2018, Lecture notes in computer science)

   Fitness trackers are an increasingly popular tool for tracking one’s health and physical activity. While research has evaluated the potential benefits of these devices for health and well-being, few studies have empirically evaluated users’ behaviors when sharing personal fitness information (PFI) and the privacy concerns that stem from the collection, aggregation, and sharing of PFI. In this study, we present findings from a survey of Fitbit and Jawbone users (N=361) to understand how concerns about privacy in general and user- generated data in particular affect users’ mental models of PFI privacy, tracking, and sharing. Findings highlight the complex relationship between users’ demographics, sharing behaviors, privacy concerns, and internet skills with how valuable and sensitive they rate their PFI. We conclude with a discussion of opportunities to increase user awareness of privacy and PFI. 

   more » « less
4. Toward Context-Aware Privacy Enhancing Technologies for Online Self-Disclosure

   https://doi.org/10.1609/hcomp.v12i1.31599  

   Du, Tingting; Kim, Jiyoon; Squicciarini, Anna; Rajtmajer, Sarah (October 2024, Proceedings of the AAAI Conference on Human Computation and Crowdsourcing)

   Voluntary sharing of personal information is at the heart of user engagement on social media and central to platforms' business models. From the users' perspective, so-called self-disclosure is closely connected with both privacy risks and social rewards. Prior work has studied contextual influences on self-disclosure, from platform affordances and interface design to user demographics and perceived social capital. Our work takes a mixed-methods approach to understand the contextual information which might be integrated in the development of privacy-enhancing technologies. Through observational study of several Reddit communities, we explore the ways in which topic of discussion, group norms, peer effects, and audience size are correlated with personal information sharing. We then build and test a prototype privacy-enhancing tool that exposes these contextual factors. Our work culminates in a browser extension that automatically detects instances of self-disclosure in Reddit posts at the time of posting and provides additional context to users before they post to support enhanced privacy decision-making. We share this prototype with social media users, solicit their feedback, and outline a path forward for privacy-enhancing technologies in this space. 

   more » « less
5. On The Ridiculousness of Notice and Consent: Contradictions in App Privacy Policies

   Okoyomon, Ehimare; Samarin, Nikita; Wijesekera, Primal; Elazari Bar On, Amit; Vallina-Rodriguez, Narseo; Reyes, Irwin; Feal, Álvaro; Egelman, Serge (June 2019, The Workshop on Technology and Consumer Protection (ConPro ’19))

   The dominant privacy framework of the information age relies on notions of “notice and consent.” That is, service providers will disclose, often through privacy policies, their data collection practices, and users can then consent to their terms. However, it is unlikely that most users comprehend these disclosures, which is due in no small part to ambiguous, deceptive, and misleading statements. By comparing actual collection and sharing practices to disclosures in privacy policies, we demonstrate the scope of the problem. Through analysis of 68,051 apps from the Google Play Store, their corresponding privacy policies, and observed data transmissions, we investigated the potential misrepresentations of apps in the Designed For Families (DFF) program, inconsistencies in disclosures regarding third-party data sharing, as well as contradictory disclosures about secure data transmissions. We find that of the 8,030 DFF apps (i.e., apps directed at children), 9.1% claim that their apps are not directed at children, while 30.6% claim to have no knowledge that the received data comes from children. In addition, we observe that 10.5% of 68,051 apps share personal identifiers with third-party service providers, yet do not declare any in their privacy policies, and only 22.2% of the apps explicitly name third parties. This ultimately makes it not only difficult, but in most cases impossible, for users to establish where their personal data is being processed. Furthermore, we find that 9,424 apps do not use TLS when transmitting personal identifiers, yet 28.4% of these apps claim to take measures to secure data transfer. Ultimately, these divergences between disclosures and actual app behaviors illustrate the ridiculousness of the notice and consent framework. 

   more » « less