skip to main content

Title: Bringing Design to the Privacy Table: Broadening “Design” in “Privacy by Design” Through the Lens of HCI
In calls for privacy by design (PBD), regulators and privacy scholars have investigated the richness of the concept of "privacy." In contrast, "design" in HCI is comprised of rich and complex concepts and practices, but has received much less attention in the PBD context. Conducting a literature review of HCI publications discussing privacy and design, this paper articulates a set of dimensions along which design relates to privacy, including: the purpose of design, which actors do design work in these settings, and the envisioned benefciaries of design work. We suggest new roles for HCI and design in PBD research and practice: utilizing values-and critically-oriented design approaches to foreground social values and help defne privacy problem spaces.We argue such approaches, in addition to current "design to solve privacy problems" eforts, are essential to the full realization of PBD, while noting the politics involved when choosing design to address privacy.  more » « less
Award ID(s):
Author(s) / Creator(s):
Date Published:
Journal Name:
CHI conference on human factors in computing systems
Page Range / eLocation ID:
1 to 17
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. Privacy and surveillance are central features of public discourse around use of computing systems. As the systems we design and study are increasingly used and regulated as potential instruments of surveillance, HCI researchers— even those whose focus is not privacy—find themselves needing to understand privacy in their work. Concepts like contextual integrity and boundary regulation have become touchstones for thinking about privacy in HCI. In this paper, we draw on HCI and privacy literature to understand the limitations of commonly used theories and examine their assumptions, politics, strengths, and weaknesses. We use a case study from the HCI literature to illustrate conceptual gaps in existing frameworks where privacy requirements can fall through. Finally, we advocate vulnerability as a core concept for privacy theorizing and examine how feminist, queer-Marxist, and intersectional thinking may augment our existing repertoire of privacy theories to create a more inclusive scholarship and design practice. 
    more » « less
  2. null (Ed.)
    Abstract There is growing consensus that teaching computer ethics is important, but there is little consensus on how to do so. One unmet challenge is increasing the capacity of computing students to make decisions about the ethical challenges embedded in their technical work. This paper reports on the design, testing, and evaluation of an educational simulation to meet this challenge. The privacy by design simulation enables more relevant and effective computer ethics education by letting students experience and make decisions about common ethical challenges encountered in real-world work environments. This paper describes the process of incorporating empirical observations of ethical questions in computing into an online simulation and an in-person board game. We employed the Values at Play framework to transform empirical observations of design into a playable educational experience. First, we conducted qualitative research to discover when and how values levers—practices that encourage values discussions during technology development—occur during the design of new mobile applications. We then translated these findings into gameplay elements, including the goals, roles, and elements of surprise incorporated into a simulation. We ran the online simulation in five undergraduate computer and information science classes. Based on this experience, we created a more accessible board game, which we tested in two undergraduate classes and two professional workshops. We evaluated the effectiveness of both the online simulation and the board game using two methods: a pre/post-test of moral sensitivity based on the Defining Issues Test, and a questionnaire evaluating student experience. We found that converting real-world ethical challenges into a playable simulation increased student’s reported interest in ethical issues in technology, and that students identified the role-playing activity as relevant to their technical coursework. This demonstrates that roleplaying can emphasize ethical decision-making as a relevant component of technical work. 
    more » « less
  3. HCI scholarship is increasingly concerned with the ethical impact of socio-technical systems. Current theoretically driven approaches that engage with ethics generally prescribe only abstract approaches by which designers might consider values in the design process. However, there is little guidance on methods that promote value discovery, which might lead to more specific examples of relevant values in specific design contexts. In this paper, we elaborate a method for value discovery, identifying how values impact the designer's decision making. We demonstrate the use of this method, called Ethicography, in describing value discovery and use throughout the design process. We present analysis of design activity by user experience (UX) design students in two lab protocol conditions, describing specific human values that designers considered for each task, and visualizing the interplay of these values. We identify opportunities for further research, using the Ethicograph method to illustrate value discovery and translation into design solutions. 
    more » « less
  4. People who are marginalized experience disproportionate harms when their privacy is violated. Meeting their needs is vital for developing equitable and privacy-protective technologies. In response, research at the intersection of privacy and marginalization has acquired newfound urgency in the HCI and social computing community. In this literature review, we set out to understand how researchers have investigated this area of study. What topics have been examined, and how? What are the key findings and recommendations? And, crucially, where do we go from here? Based on a review of papers on privacy and marginalization published between 2010-2020 across HCI, Communication, and Privacy-focused venues, we make three main contributions: (1) we identify key themes in existing work and introduce the Privacy Responses and Costs framework to describe the tensions around protecting privacy in marginalized contexts, (2) we identify understudied research topics (e.g., race) and other avenues for future work, and (3) we characterize trends in research practices, including the under-reporting of important methodological choices, and provide suggestions to establish shared best practices for this growing research area.

    more » « less
  5. null (Ed.)
    “Notice and choice” is the predominant approach for data privacy protection today. There is considerable user-centered research on providing effective privacy notices but not enough guidance on designing privacy choices. Recent data privacy regulations worldwide established new requirements for privacy choices, but system practitioners struggle to implement legally compliant privacy choices that also provide users meaningful privacy control. We construct a design space for privacy choices based on a user-centered analysis of how people exercise privacy choices in real-world systems. This work contributes a conceptual framework that considers privacy choice as a user-centered process as well as a taxonomy for practitioners to design meaningful privacy choices in their systems. We also present a use case of how we leverage the design space to finalize the design decisions for a real-world privacy choice platform, the Internet of Things (IoT) Assistant, to provide meaningful privacy control in the IoT. 
    more » « less