2 research outputs found
A Concept and Evaluation of Usable and Fine-Grained Privacy-Friendly Cookie Settings Interface
As cookies are commonly used on websites, they can constitute a significant threat to user’s privacy by tracking surfing behaviour. The browsers provide a variety of options for cookie settings, thereby potentially enabling the user to execute some control over the extent of being tracked. However, studies show that the interfaces for these settings are often deemed too confusing or complex for lay users, often failing to provide necessary explanations, and therefore preventing the users from properly using these setting interfaces to protect themselves against tracking. In this paper, we present a concept for a privacy-friendly cookie setting interface that is meant to support the user in configuring their cookie settings. The setting interface in our concept (1) uses an assistant to guide the user towards their preferred cookie settings via a series of questions; and (2) enables the user to set their cookie settings manually, providing explanations for each of the options available to the user, including the potential advantages and disadvantages of each option. To gauge the viability of the proposal, the concept has been implemented as a Chrome extension and evaluated in a user study with 21 participants. The results have shown, that the extension is well received by the participants and provides better usability than the standard cookie settings interface in Chrome
(Un)informed Consent: Studying GDPR Consent Notices in the Field
Since the adoption of the General Data Protection Regulation (GDPR) in May
2018 more than 60 % of popular websites in Europe display cookie consent
notices to their visitors. This has quickly led to users becoming fatigued with
privacy notifications and contributed to the rise of both browser extensions
that block these banners and demands for a solution that bundles consent across
multiple websites or in the browser.
In this work, we identify common properties of the graphical user interface
of consent notices and conduct three experiments with more than 80,000 unique
users on a German website to investigate the influence of notice position, type
of choice, and content framing on consent. We find that users are more likely
to interact with a notice shown in the lower (left) part of the screen. Given a
binary choice, more users are willing to accept tracking compared to mechanisms
that require them to allow cookie use for each category or company
individually. We also show that the wide-spread practice of nudging has a large
effect on the choices users make. Our experiments show that seemingly small
implementation decisions can substantially impact whether and how people
interact with consent notices. Our findings demonstrate the importance for
regulation to not just require consent, but also provide clear requirements or
guidance for how this consent has to be obtained in order to ensure that users
can make free and informed choices.Comment: 18 pages, 6 figures, 2019 ACM SIGSAC Conference on Computer and
Communications Security (CCS '19), November 11-15, 2019, London, United
Kingdo