Improving privacy choice through design: How designing for reflection could support privacy self-management

Research output: Contribution to journalArticleScientificpeer-review

Abstract

In today’s society online privacy is primarily regulated by two main regulatory systems: (command-and-control) law and notice and consent (i.e., agreeing to terms of agreement and privacy policies). Both systems prohibit reflection on privacy issues from the public at large and restrict the privacy debate to the legal and regulatory domains. However, from a socio-ethical standpoint, the general public needs to be included in the privacy debate in order to make well-informed decisions and contribute to the law-making process. Therefore, we argue that privacy regulation must shift from a purely legal debate and simple one-time yes/no decisions by ‘data subjects’ to public (debate and) awareness and continuous reflection on privacy and privacy decisions by users of IT systems and services. In order to allow for this reflective thinking, individuals need to (1) understand what is at stake when interacting with digital technology; (2) have the ability to reflect on the consequences of their privacy decisions; and (3) have meaningful controls to express their privacy preferences. Together, these three factors could provide for knowledge, evaluation and choice within the context of online privacy. In this paper, we elaborate on these factors and provide a design-for-privacy model that introduces friction as a central design concept that stimulates reflective thinking and thus restores the privacy debate within the public arena.
Original languageEnglish
Pages (from-to)1-13
Number of pages13
JournalFirst Monday
Volume24
Issue number7
DOIs
Publication statusPublished - 1 Jul 2019

Fingerprint

privacy
Command and control systems
management
Friction
Law
regulation

Keywords

  • privacy
  • reflection
  • privacy self-management
  • design

Cite this

@article{007ffa67123b4cedb64896e152e99ad4,
title = "Improving privacy choice through design: How designing for reflection could support privacy self-management",
abstract = "In today’s society online privacy is primarily regulated by two main regulatory systems: (command-and-control) law and notice and consent (i.e., agreeing to terms of agreement and privacy policies). Both systems prohibit reflection on privacy issues from the public at large and restrict the privacy debate to the legal and regulatory domains. However, from a socio-ethical standpoint, the general public needs to be included in the privacy debate in order to make well-informed decisions and contribute to the law-making process. Therefore, we argue that privacy regulation must shift from a purely legal debate and simple one-time yes/no decisions by ‘data subjects’ to public (debate and) awareness and continuous reflection on privacy and privacy decisions by users of IT systems and services. In order to allow for this reflective thinking, individuals need to (1) understand what is at stake when interacting with digital technology; (2) have the ability to reflect on the consequences of their privacy decisions; and (3) have meaningful controls to express their privacy preferences. Together, these three factors could provide for knowledge, evaluation and choice within the context of online privacy. In this paper, we elaborate on these factors and provide a design-for-privacy model that introduces friction as a central design concept that stimulates reflective thinking and thus restores the privacy debate within the public arena.",
keywords = "privacy, reflection, privacy self-management, design",
author = "Arnout Terpstra and Alexander Schouten and {de Rooij}, Alwin and Ronald Leenes",
year = "2019",
month = "7",
day = "1",
doi = "10.5210/fm.v24i7.9358",
language = "English",
volume = "24",
pages = "1--13",
journal = "First Monday",
issn = "1396-0466",
publisher = "First Monday",
number = "7",

}

Improving privacy choice through design : How designing for reflection could support privacy self-management. / Terpstra, Arnout; Schouten, Alexander; de Rooij, Alwin; Leenes, Ronald.

In: First Monday, Vol. 24, No. 7, 01.07.2019, p. 1-13.

Research output: Contribution to journalArticleScientificpeer-review

TY - JOUR

T1 - Improving privacy choice through design

T2 - How designing for reflection could support privacy self-management

AU - Terpstra, Arnout

AU - Schouten, Alexander

AU - de Rooij, Alwin

AU - Leenes, Ronald

PY - 2019/7/1

Y1 - 2019/7/1

N2 - In today’s society online privacy is primarily regulated by two main regulatory systems: (command-and-control) law and notice and consent (i.e., agreeing to terms of agreement and privacy policies). Both systems prohibit reflection on privacy issues from the public at large and restrict the privacy debate to the legal and regulatory domains. However, from a socio-ethical standpoint, the general public needs to be included in the privacy debate in order to make well-informed decisions and contribute to the law-making process. Therefore, we argue that privacy regulation must shift from a purely legal debate and simple one-time yes/no decisions by ‘data subjects’ to public (debate and) awareness and continuous reflection on privacy and privacy decisions by users of IT systems and services. In order to allow for this reflective thinking, individuals need to (1) understand what is at stake when interacting with digital technology; (2) have the ability to reflect on the consequences of their privacy decisions; and (3) have meaningful controls to express their privacy preferences. Together, these three factors could provide for knowledge, evaluation and choice within the context of online privacy. In this paper, we elaborate on these factors and provide a design-for-privacy model that introduces friction as a central design concept that stimulates reflective thinking and thus restores the privacy debate within the public arena.

AB - In today’s society online privacy is primarily regulated by two main regulatory systems: (command-and-control) law and notice and consent (i.e., agreeing to terms of agreement and privacy policies). Both systems prohibit reflection on privacy issues from the public at large and restrict the privacy debate to the legal and regulatory domains. However, from a socio-ethical standpoint, the general public needs to be included in the privacy debate in order to make well-informed decisions and contribute to the law-making process. Therefore, we argue that privacy regulation must shift from a purely legal debate and simple one-time yes/no decisions by ‘data subjects’ to public (debate and) awareness and continuous reflection on privacy and privacy decisions by users of IT systems and services. In order to allow for this reflective thinking, individuals need to (1) understand what is at stake when interacting with digital technology; (2) have the ability to reflect on the consequences of their privacy decisions; and (3) have meaningful controls to express their privacy preferences. Together, these three factors could provide for knowledge, evaluation and choice within the context of online privacy. In this paper, we elaborate on these factors and provide a design-for-privacy model that introduces friction as a central design concept that stimulates reflective thinking and thus restores the privacy debate within the public arena.

KW - privacy

KW - reflection

KW - privacy self-management

KW - design

U2 - 10.5210/fm.v24i7.9358

DO - 10.5210/fm.v24i7.9358

M3 - Article

VL - 24

SP - 1

EP - 13

JO - First Monday

JF - First Monday

SN - 1396-0466

IS - 7

ER -