skip to main content


Title: Understanding How to Inform Blind and Low-Vision Users about Data Privacy through Privacy Question Answering Assistants
This repository archives the supplemental materials for the USENIX Security '24 paper of the same title.  more » « less
Award ID(s):
1914444
NSF-PAR ID:
10512026
Author(s) / Creator(s):
; ; ; ; ; ;
Corporate Creator(s):
Publisher / Repository:
OSF
Date Published:
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. Inspired by earlier academic research, iOS app privacy labels and the recent Google Play data safety labels have been introduced as a way to systematically present users with concise summaries of an app’s data practices. Yet, little research has been conducted to determine how well today’s mobile app privacy labels address people’s actual privacy concerns or questions. We analyze a crowd-sourced corpus of privacy questions collected from mobile app users to determine to what extent these mobile app labels actually address users’ privacy concerns and questions. While there are differences between iOS labels and Google Play labels, our results indicate that an important percentage of people’s privacy questions are not answered or only partially addressed in today’s labels. Findings from this work not only shed light on the additional fields that would need to be included in mobile app privacy labels but can also help inform refinements to existing labels to better address users’ typical privacy questions. 
    more » « less
  2. Security protocols enable secure communication over insecure channels. Privacy proto- cols enable private interactions over secure channels. Security protocols set up secure channels using cryptographic primitives. Privacy protocols set up private channels using secure channels. But just like some security protocols can be broken without breaking the underlying cryptography, some privacy protocols can be broken without breaking the underlying security. Such privacy attacks have been used to leverage e-commerce against targeted advertising from the outset; but their depth and scope became appar- ent only with the overwhelming advent of influence campaigns in politics. The blurred boundaries between privacy protocols and privacy attacks present a new challenge for protocol analysis. Covert channels turn out to be concealed not only below overt chan- nels, but also above: subversions, and the level-below attacks are supplemented by sublimations and the level-above attack 
    more » « less