More Like this

1. Data Safety vs. App Privacy: Comparing the Usability of Android and iOS Privacy Labels

   https://doi.org/10.56553/popets-2024-0047  

   Lin, Yanzi; Juneja, Jaideep; Birrell, Eleanor; Cranor, Lorrie Faith (April 2024, Proceedings on Privacy Enhancing Technologies)

   Privacy labels---standardized, compact representations of data collection and data use practices---are often presented as a solution to the shortcomings of privacy policies. Apple introduced mandatory privacy labels for apps in its App Store in December 2020; Google introduced mandatory labels for Android apps in July 2022. iOS app privacy labels have been evaluated and critiqued in prior work. In this work, we evaluated Android Data Safety Labels and explored how differences between the two label designs impact user comprehension and label utility. We conducted a between-subjects, semi-structured interview study with 12 Android users and 12 iOS users. While some users found Android Data Safety Labels informative and helpful, other users found them too vague. Compared to iOS App Privacy Labels, Android users found the distinction between data collection groups more intuitive and found explicit inclusion of omitted data collection groups more salient. However, some users expressed skepticism regarding elided information about collected data type categories. Most users missed critical information due to not expanding the accordion interface, and they were surprised by collection practices excluded from Android's definitions. Our findings also revealed that Android users generally appreciated information about security practices included in the labels, and iOS users wanted that information added. 

   more » « less
2. Overcoming Barriers in Scaling Computing Education Research Programming Tools: A Developer's Perspective

   https://doi.org/10.1145/3632620.3671113  

   Tran, Keith; Bacher, John; Shi, Yang; Skripchuk, James; Price, Thomas (August 2024, ACM)

   Background and Context. Research software in the Computing Education Research (CER) domain frequently encounters issues with scalability and sustained adoption, which limits its educational impact. Despite the development of numerous CER programming (CER-P) tools designed to enhance learning and instruction, many fail to see widespread use or remain relevant over time. Previous research has primarily examined the challenges educators face in adopting and reusing CER tools, with few focusing on understanding the barriers to scaling and adoption practices from the tool developers’ perspective. Objectives. To address this, we conducted semi-structured interviews with 16 tool developers within the computing education community, focusing on the challenges they encounter and the practices they employ in scaling their CER-P tools. Method. Our study employs thematic analysis of the semi-structured interviews conducted with developers of CER-P tools. Findings. Our analysis revealed several barriers to scaling highlighted by participants, including funding issues, maintenance burdens, and the challenge of ensuring tool interoperability for a broader user base. Despite these challenges, developers shared various practices and strategies that facilitated some degree of success in scaling their tools. These strategies include the development of teaching materials and units of curriculum, active marketing within the academic community, and the adoption of flexible design principles to facilitate easier adaptation and use by educators and students. Implications. Our findings lay the foundation for further discussion on potential community action initiatives, such as the repository of CS tools and the community of tool developers, to allow educators to discover and integrate tools more easily in their classrooms and support tool developers by exchanging design practices to build high-quality education tools. Furthermore, our study suggests the potential benefits of exploring alternative funding models. 

   more » « less
3. Exploring Expandable-Grid Designs to Make iOS App Privacy Labels More Usable

   Zhang, Shikun; Klucinec, Lily; Norton, Kyerra; Sadeh, Norman; Cranor, Lorrie Faith (August 2024, Usenix)

   People value their privacy but often lack the time to read privacy policies. This issue is exacerbated in the context of mobile apps, given the variety of data they collect and limited screen space for disclosures. Privacy nutrition labels have been proposed to convey data practices to users succinctly, obviating the need for them to read a full privacy policy. In fall 2020, Apple introduced privacy labels for mobile apps, but research has shown that these labels are ineffective, partly due to their complexity, confusing terminology, and suboptimal information structure. We propose a new design for mobile app privacy labels that addresses information layout challenges by representing data collection and use in a color-coded, expandable grid format. We conducted a between-subjects user study with 200 Prolific participants to compare user performance when viewing our new label against the current iOS label. Our findings suggest that our design significantly improves users' ability to answer key privacy questions and reduces the time required for them to do so. 

   more » « less
4. Exploring Expandable-Grid Designs to Make iOS App Privacy Labels More Usable

   Zhang, Shikun; Klucinec, Lily; Norton, Kyerra; Sadeh, Norman; Cranor, Lorrie (July 2024, USENIX Symposium on Usable Privacy and Security (SOUPS) 2024.)

   People value their privacy but often lack the time to read privacy policies. This issue is exacerbated in the context of mobile apps, given the variety of data they collect and limited screen space for disclosures. Privacy nutrition labels have been proposed to convey data practices to users succinctly, obviating the need for them to read a full privacy policy. In fall 2020, Apple introduced privacy labels for mobile apps, but research has shown that these labels are ineffective, partly due to their complexity, confusing terminology, and suboptimal in- formation structure. We propose a new design for mobile app privacy labels that addresses information layout challenges by representing data collection and use in a color-coded, expand- able grid format. We conducted a between-subjects user study with 200 Prolific participants to compare user performance when viewing our new label against the current iOS label. Our findings suggest that our design significantly improves users’ ability to answer key privacy questions and reduces the time required for them to do so. 

   more » « less
5. Understanding Challenges for Developers to Create Accurate Privacy Nutrition Labels

   https://doi.org/10.1145/3491102.3502012  

   Li, Tianshi; Reiman, Kayla; Agarwal, Yuvraj; Cranor, Lorrie Faith; Hong, Jason I. (April 2022, SIGCHI Conference: Human Factors in Computing Systems)

   Apple announced the introduction of app privacy details to their App Store in December 2020, marking the frst ever real-world, large-scale deployment of the privacy nutrition label concept, which had been introduced by researchers over a decade earlier. The Apple labels are created by app developers, who self-report their app’s data practices. In this paper, we present the frst study examining the usability and understandability of Apple’s privacy nutrition label creation process from the developer’s perspective. By observing and interviewing 12 iOS app developers about how they created the privacy label for a real-world app that they developed, we identified common challenges for correctly and efciently creating privacy labels. We discuss design implications both for improving Apple’s privacy label design and for future deployment of other standardized privacy notices. 

   more » « less