eduzhai > Applied Sciences > Engineering >

Privacy Preserving Policy Framework: User-Aware and User-Driven

  • Save

... pages left unread,continue reading

Document pages: 0 pages

Abstract: Privacy policies outline and structure data collection and access management for online services or websites. These policies are often too long, complex, and convoluted for an average internet user to understand which is a factor in why these policies are ignored. Prior work has mostly focused on improving the accessibility of these privacy policies. Here we focus on making the policies more resemble the negotiation they are supposed to represent by proving flexibility to people. An example is a website which offers various services such as photo, video, or location sharing, where the people are required to either accept the privacy policy to access all the services provided by the website or be prevented from using any of the services. Our goal is to map privacy policy statements to the distinct services offered by a website allowing people to agree for only the services they wish to use. By not agreeing to a policy statement, the access would be denied only on the corresponding service instead of following the all or none mechanism. Additionally, this would also prevent the website from collecting data from people for a particular service which they have no current or future desire to use, in accordance with the principle of data collection minimization.We propose a privacy policy framework to promote transparency for consumers, credibility and trust building for the organization, and clarity in data storage for the developers. Our modular service-policy map for developers allow them to easily associate new features to the corresponding privacy policy section. Modularizing enables developers, organizations, customers, and other stakeholders to understand how specific services correspond with individual data compilations. With the current ongoing debate of data access strategies in social media platforms, our initial framework is based on Facebook’s privacy policy because of the diversity in services that the platform offers. However, the framework can be widely applied across various social media, business, and health care policies. Finally, through pilot interviews with existing consumers, we report on the initial validity testing of our proposed framework. Our early findings are promising in terms of meeting the goals of promoting privacy awareness and increasing trust in organizations privacy policies.

Please select stars to rate!

         

0 comments Sign in to leave a comment.

    Data loading, please wait...
×