However, formulating their own abstract data protection requirements is already a challenge for them. The mapping of these requirements to concrete setting options in an application is even more challenging—partially because the user interfaces for data protection settings are not tailored to the needs of different user types. This is one of the reasons why only few users make data protection settings regularly and purposefully. In this paper, we describe different specification paradigms for privacy settings and evaluate which paradigm best suits different user types. We investigate with which paradigm a certain user type achieves the best results in terms of objective and perceived correctness, efficiency and satisfaction
