How to make privacy policies both GDPR-compliant and usable

It is important for organisations to ensure that their privacy policies are General Data Protection Regulation (GDPR) compliant, and this has to be done by the May 2018 deadline. However, it is also important for these policies to be designed with the needs of the human recipient in mind. We carried out an investigation to find out how best to achieve this.We commenced by synthesising the GDPR requirements into a checklist-type format. We then derived a list of usability design guidelines for privacy notifications from the research literature. We augmented the recommendations with other findings reported in the research literature, in order to confirm the guidelines. We conclude by providing a usable and GDPR-compliant privacy policy template for the benefit of policy writers

After Over-Privileged Permissions: Using Technology and Design to Create Legal Compliance

Consumers in the mobile ecosystem can putatively protect their privacy with the use of application permissions. However, this requires the mobile device owners to understand permissions and their privacy implications. Yet, few consumers appreciate the nature of permissions within the mobile ecosystem, often failing to appreciate the privacy permissions that are altered when updating an app. Even more concerning is the lack of understanding of the wide use of third-party libraries, most which are installed with automatic permissions, that is permissions that must be granted to allow the application to function appropriately. Unsurprisingly, many of these third-party permissions violate consumers’ privacy expectations and thereby, become “over-privileged” to the user. Consequently, an obscurity of privacy expectations between what is practiced by the private sector and what is deemed appropriate by the public sector is exhibited. Despite the growing attention given to privacy in the mobile ecosystem, legal literature has largely ignored the implications of mobile permissions. This article seeks to address this omission by analyzing the impacts of mobile permissions and the privacy harms experienced by consumers of mobile applications. The authors call for the review of industry self-regulation and the overreliance upon simple notice and consent. Instead, the authors set out a plan for greater attention to be paid to socio-technical solutions, focusing on better privacy protections and technology embedded within the automatic permission-based application ecosystem

Security awareness and affective feedback:categorical behaviour vs. reported behaviour

A lack of awareness surrounding secure online behaviour can lead to end-users, and their personal details becoming vulnerable to compromise. This paper describes an ongoing research project in the field of usable security, examining the relationship between end-user-security behaviour, and the use of affective feedback to educate end-users. Part of the aforementioned research project considers the link between categorical information users reveal about themselves online, and the information users believe, or report that they have revealed online. The experimental results confirm a disparity between information revealed, and what users think they have revealed, highlighting a deficit in security awareness. Results gained in relation to the affective feedback delivered are mixed, indicating limited short-term impact. Future work seeks to perform a long-term study, with the view that positive behavioural changes may be reflected in the results as end-users become more knowledgeable about security awareness

Using augmented reality (AR) in vocational education programs to teach occupational health and safety (OHS)

The aim of this research is to design a system that will raise awareness among vocational education students about occupational health and safety, and the integration of Augmented Reality (AR) system into the application/concept. Simply, projected on the work force surface, the AR system warns the students as they perform actions that pose a risk, need caution and may result in accidents. Therefore, by repetitive warnings, students learn the faultiness of actions in a faster pace and develop and insightful awareness.  The research involves a literature review and two experiments studies in Çınarlı Vocational and Technical High School (CVHS) with high school and Dokuz Eylül University Mechanical Engineering (DEU ME) students. A system is designed according to the findings from these studies. As the result, Students learnt to be more cautious, and the number of mistakes they make decreased. This will result in decrease in the number of occupational accidents, deaths and financial loss. The project presents an innovative method applicable both to the industry and the training a qualified work force

Design an Internet of Things-Based LPG Gas Leak Detection System

LPG currently plays a big role in human life, both in industry and households. However, since the existence of LPG, there have been many cases of fires caused by LPG gas leaks. Undetected LPG gas leaks can cause sparks and can trigger fires. Therefore, currently an LPG gas detection device is needed. The system designed in this study uses an MQ-6 sensor to detect LPG gas, and NodeMCU as a microcontroller. This system not only detects leaking gas, but can also provide alerts and information to the Blynk application on smartphones by utilizing the Internet of Things (IoT). System testing resulted in an error value in detecting gas of 9.52% and the distance between the system and the smartphone was 500 meters. The sensor can detect gas well when the distance between the gas and the sensor is no more than 10 cm. The system can provide information to the smartphone if a gas leak is detected and can provide alerts by turning on the buzzer and LEDs