Towards usable privacy policy display and management

The purpose of this paper is to present the approach taken within the PrimeLife project for designing user‐friendly privacy policy interfaces for the PrimeLife Policy Language (PPL) and report on the lessons learned when designing interfaces for privacy policy management and display.

Taking an iterative process of design, the authors developed the interface of the “Send Data?” prototype, a browser extension designed and developed to deal with the powerful features provided by PPL, and having the purpose of helping users to make conscious decisions on the dissemination of their personal information. The proposed interface introduces the novel features of “on the fly” privacy management, predefined levels of privacy settings, and simplified selection of anonymous credentials. The last iteration of the prototype has been tested using a cognitive walkthrough approach.

Results from usability tests show that users understood and appreciate most of the features contained within the interface and they perceived their benefit for protecting their privacy online. However, improvement is still needed in order to make the display and management of privacy policies more intuitive and seamless. Showing privacy mismatches inside a two‐dimensional table was preferred by users in general.

The paper introduces the novelty of “on the fly” privacy management, which lets users adapt and organize their own privacy preferences whilst an online transaction takes place, Also, it allows users to select credentials to identify themselves in a simpler manner.