HCI Issues in Privacy
Mark Ackerman
Department of Electrical Engineering and Computer Science
and
School of Information
University of Michigan
DIMACS
July, 2004
Overview of talk
1.
HCI
2.
What is “privacy”?
3.
The “privacy problem”
4.
Why is privacy hard?
2
HCI
• Human-Computer Interaction
User control aka User-centered
–Not just about user interfaces
–Cognitive versus micro-sociology
–Broad view of HCI
- Combined social and technical co-design
space
Empirically driven (both as science and
development process)
3
Privacy
• What is “privacy”
 Differing but connected senses in social psychology,
micro-sociology, policy literatures
– Solitude
- Regulation of social interaction (Altman)
– A private (versus public) space or activity
– Avoiding unwanted personal disclosure or noise
– Freedom from surveillence
– Control over release and dissemination of
personal data
- Control over one’s persona (Goffman)
4
Privacy
• What is “privacy”
Control over one’s personal data
–Control over release and dissemination
Overlapping with security but different
Inherently a tension between person and others
Thought to be critical element in using a
commercial Web site, adoption of ubicomp
5
The “Privacy Problem”
• Privacy is important
– Growing problem for users
• Consumers see privacy as a big problem
– 41% of sampled US consumers very concerned
about their privacy [Harris Poll, 2000]
– 92% of respondents indicated that even when
companies promised to keep personal data
private, they would not actually do so [Light 2001]
– 57% of sampled US consumers want better legal
protection [Harris Poll, 2000]
6
The “Privacy Problem”
• But privacy is not a monolithic problem
Differing attitudes in different cultures
7
The “Privacy Problem”
• But privacy is not a monolithic problem
Differing types of privacy concerns (Culnan
and Armstrong 1999)
–Unauthorized access
–Risk of secondary use
- Reuse of personal data for unrelated
purposes without consent
- Sharing with third-parties
- Creation of profiles
8
The “Privacy Problem”
• But privacy is not a monolithic problem
 Attitudes are hardly monolithic
– 3 basic groups in US (Ackerman, Cranor,
Reagle 1999, based on Westin 1991)
- Marginally concerned (27%)
- Privacy fundamentalists (17%)
- Privacy pragmatics (56%)
– Spiekermann et al. found similar in Germany
– Based on what people both said they would
do in an activity and their actual activity
9
The “Privacy Problem”
• But privacy is not a monolithic problem
 Large gap between most people's stated
preferences and their actual behavior
 But most people want a feeling of control
– For example, no automatic transfer of data
(86% of sample in Ackerman, Cranor and
Reagle 1999)
10
Why is privacy a hard problem for HCI?
• Social theoretic background
 Goffman (1961)
 Release of personal info is highly nuanced
 Presentation of “face” is critically important
to people
 An everyday activity
 Garfinkel (1967)
 People expect to be able to make sense of
their environments and their activities
11
Why is privacy a hard problem for HCI?
• Social activity is fluid and nuanced
 Details of interaction matter (Garfinkel 1967,
Strauss 1993)
 People handle this detail with agility (Suchman
1987)
 What people pay attention differs according to
the situation (situated activity, Suchman 1987)
12
Why is privacy a hard problem for HCI?
• HCI problem (also CSCW problem)
 Information space is horrendous
 At least nine dimensions of analysis (e.g., what,
who, intended use, duration of use)
 And
 Critically important to people
 Highly nuanced
 An everyday activity
 Social-technical gap (Ackerman 2001)
 We know what we need to do, but we don’t know
how to do it.
13
Why is privacy a hard problem for HCI?
• Ubicomp makes user control even harder:
 An individual will operate within many social and
organizational contexts, and surrounding social
and organizational environments may make use
of many individuals' data.
 A pervasive software environment, consisting of
many systems, may be in a complex relation to
“the user.”
14
More info?
Mark Ackerman
ackerm@umich.edu
http://www.eecs.umich.edu/~ackerman
15
Privacy Critics
• Privacy critics (Ackerman and Cranor 1996)
16
Privacy Critics
17