TY - GEN
T1 - Designing Privacy Policies with Users
T2 - 28th Americas Conference on Information Systems, AMCIS 2022
AU - AlZoubi, Dana
AU - Albizri, Abdullah
AU - Nehme, Alaa
N1 - Publisher Copyright:
© 2022 28th Americas Conference on Information Systems, AMCIS 2022. All Rights Reserved.
PY - 2022
Y1 - 2022
N2 - Users' privacy concerns over their electronic data and how it is used across different digital platforms have grown in recent years. New regulations and policies (e.g., General Data Protection Regulation; GDRP) have been developed to grant users their rights to data transparency and intervenability. To that end, ex-post transparency tools have been offered to provide users with insights into how their data is used by business entities. Nonetheless, these tools do not consider individuals' privacy concerns ex-ante technology design. While ex-post transparency tools attempt to address users' privacy concerns, they remain limited in terms of users' agency and autonomy, and thereby do not consider users' voices. In contrast, ex-ante human-centered design processes would achieve that. Therefore, this research proposes a human-centered approach for designing data privacy policies with users rather than for users. To develop this approach, we primarily draw upon the human-centered design framework, commonly used in the field of Human-Computer Interaction (HCI). We compile and then use the design principles in the extant literature. The overarching objective of this approach is to understand users' “privacy” needs and thus facilitate a mutual understanding of users' priorities, values, and constraints. As such, co-designing data policies with users would give them agency and autonomy to actively participate in the design process. We hope that our proposed approach will allow for designing more effective privacy policies.
AB - Users' privacy concerns over their electronic data and how it is used across different digital platforms have grown in recent years. New regulations and policies (e.g., General Data Protection Regulation; GDRP) have been developed to grant users their rights to data transparency and intervenability. To that end, ex-post transparency tools have been offered to provide users with insights into how their data is used by business entities. Nonetheless, these tools do not consider individuals' privacy concerns ex-ante technology design. While ex-post transparency tools attempt to address users' privacy concerns, they remain limited in terms of users' agency and autonomy, and thereby do not consider users' voices. In contrast, ex-ante human-centered design processes would achieve that. Therefore, this research proposes a human-centered approach for designing data privacy policies with users rather than for users. To develop this approach, we primarily draw upon the human-centered design framework, commonly used in the field of Human-Computer Interaction (HCI). We compile and then use the design principles in the extant literature. The overarching objective of this approach is to understand users' “privacy” needs and thus facilitate a mutual understanding of users' priorities, values, and constraints. As such, co-designing data policies with users would give them agency and autonomy to actively participate in the design process. We hope that our proposed approach will allow for designing more effective privacy policies.
UR - http://www.scopus.com/inward/record.url?scp=85192531330&partnerID=8YFLogxK
M3 - Conference contribution
AN - SCOPUS:85192531330
T3 - 28th Americas Conference on Information Systems, AMCIS 2022
BT - 28th Americas Conference on Information Systems, AMCIS 2022
PB - Association for Information Systems
Y2 - 10 August 2022 through 14 August 2022
ER -