An Online Experiment of Privacy Authorization Dialogues for Social Applications

The extensive disclosure of personal information by users of social networking sites (SNS) has made privacy concerns particularly salient. The growth of apps’ aggressive practices of collecting users’ information from SNS (e.g., Facebook) made this situation even worse. A heightened need for empowering user control for third-party apps arises due to the inability to monitor the data use by app providers within and outside of the social networking platform and the inherent uncertainty about their privacy practices.

To address the critical privacy concerns for third-party apps, we conducted this research to investigate whether consumers can more adequately represent their preferences for sharing and releasing personal information with our newly proposed privacy authorization dialogues.

Proposed Check-box, Signal, and App Activity Design (One out of Four Proposed Designs).

Proposed Check-box, Signal, and App Activity Design (One out of Four Proposed Designs).

Our designs draw upon the internationally recognized Fair Information Practice Principles (FIPPs) and address important interaction problems identified in our previous study. Further, we conduct a series of online experiments to examine the impact of these new interfaces on users’ privacy behaviors. We also compare our results with the original authorization dialogue employed by Facebook. This research is not targeted at making value judgments about desirable user practices (e.g., to decide whether an app should be installed or not). Instead, we are interested in understanding the relative observable effect of our proposed redesign elements on the practice of notice and consent on Facebook. Specifically, we found:

  • Our proposed designs lowered the participants’ readiness to add the apps.
  • When users are interacting with the new designs, they not only tend to release significantly less information in total, but also tend to opt out of publishing permissions to prevent the app from re-posting information to their wall compared to the original Facebook interface.
  • The app-activity drop-down list enhanced participants’ awareness that their interaction with the app might be observed by other users on Facebook, and then triggered them to reduce the information released to the third-party app.
  • The red “i” mark helped users better recognize when a particular type of sensitive information is being collected by the app compared with the original authorization dialogue.

For more, see our full paper, An Online Experiment of Privacy Authorization Dialogues for Social Applications.

Na Wang, Pennsylvania State University
Jens GrossklagsPennsylvania State University
Heng XuPennsylvania State University