Note: When clicking on a Digital Object Identifier (DOI) number, you will be taken to an external site maintained by the publisher.
Some full text articles may not yet be available without a charge during the embargo (administrative interval).
What is a DOI Number?
Some links on this page may take you to non-federal websites. Their policies may differ from this site.
-
Sherr, Micah ; Shafiq, Zubair (Ed.)The California Privacy Rights Act (CPRA) was a ballot initiative that revised the California Consumer Privacy Act (CCPA). Although often framed as expanding and enhancing privacy rights, a close analysis of textual revisions—both changes from the earlier law and changes from earlier drafts of the CPRA guidelines—suggest that the reality might be more nuanced. In this work, we identify three textual revisions that have potential to negatively impact the right to opt-out of sale under CPRA and evaluate the effect of these textual revisions using (1) a large-scale longitudinal measurement study of 25,000 websites over twelve months and (2) an experimental user study with 775 participants recruited through Prolific. We find that all revisions negatively impacted the usability, scope, and visibility of the right to opt-out of sale. Our results provide the first comprehensive evaluation of the impact of CPRA on Internet privacy. They also emphasize the importance of continued evaluation of legal requirements as guidelines and case law evolve after a law goes into effect.more » « lessFree, publicly-accessible full text available July 16, 2025
-
Sherr, Micah ; Shafiq, Zubair (Ed.)Prior work has consistently found that people have miscomprehensions and misunderstandings about technical terms. However, that work has exclusively studied general populations, usually recruited online. This work investigates the relationship between generational cohorts and their understandings of privacy terms, specifically cohorts of elementary school children (aged 10-11), young adults (aged 18-23), and retired adults (aged 73-92), all recruited offline. We surveyed participants about their understanding of and confidence with technical terms that commonly appear in privacy policies. We then moderated a post-survey focus group with each generational cohort in which participants discussed their reactions to the actual definitions along with their experience with technical privacy terms. We found that young adults had better understandings of technical terms than the other generations, despite all generations reporting being regular Internet users. Participants across all generational cohorts discussed themes of confusion and frustration with technical terms, and older adults particularly reported a sense of being left behind. Our results reinforce the need for improvement in the presentation of information about data use practices. Our results also demonstrate the need for more focused research and attention on the youngest and oldest members of society and their use of the Internet and technology.more » « lessFree, publicly-accessible full text available July 16, 2025
-
Sherr, Micah ; Shafiq, Zubair (Ed.)Private heavy-hitters is a data-collection task where multiple clients possess private bit strings, and data-collection servers aim to identify the most popular strings without learning anything about the clients' inputs. In this work, we introduce PLASMA: a private analytics framework in the three-server setting that protects the privacy of honest clients and the correctness of the protocol against a coalition of malicious clients and a malicious server. Our core primitives are a verifiable incremental distributed point function (VIDPF) and a batched consistency check, which are of independent interest. Our VIDPF introduces new methods to validate client inputs based on hashing. Meanwhile, our batched consistency check uses Merkle trees to validate multiple client sessions together in a batch. This drastically reduces server communication across multiple client sessions, resulting in significantly less communication compared to related works. Finally, we compare PLASMA with the recent works of Asharov et al. (CCS'22) and Poplar (S&P'21) and compare in terms of monetary cost for different input sizes.more » « lessFree, publicly-accessible full text available July 1, 2025
-
Generalizable Active Privacy Choice: Designing a Graphical User Interface for Global Privacy ControlShafiq, Zubair ; Sherr, Micah (Ed.)The California Consumer Privacy Act and other privacy laws give people a right to opt out of the sale and sharing of personal information. In combination with privacy preference signals, especially, Global Privacy Control (GPC), such rights have the potential to empower people to assert control over their data. However, many laws prohibit opt out settings being turned on by default. The resulting usability challenges for people to exercise their rights motivate generalizable active privacy choice — an interface design principle to make opt out settings usable without defaults. It is based on the idea of generalizing one individual opt out choice towards a larger set of choices. For example, people may apply an opt out choice on one site towards a larger set of sites. We explore generalizable active privacy choice in the context of GPC. We design and implement nine privacy choice schemes in a browser extension and explore them in a usability study with 410 participants. We find that generalizability features tend to decrease opt out utility slightly. However, at the same time, they increase opt out efficiency and make opting out less disruptive, which was more important to most participants. For the least disruptive scheme, selecting website categories to opt out from, 98% of participants expressed not feeling disrupted, a 40% point increase over the baseline schemes. 83% of participants understood the meaning of GPC. They also made their opt out choices with intent and, thus, in a legally relevant manner. To help people exercise their opt out rights via GPC our results support the adoption of a generalizable active privacy choice interface in web browsers.more » « less