Redmorph x Carnegie Mellon: Let’s make online privacy more user-centered
Written by Emma Flickinger
Billions of people use the Internet every day, but most have no idea how private — or how exposed — their online activity is, and it’s easy to see why. Users might connect to dozens of websites and apps across smartphones and computers, on various networks in different locations… creating a mishmash of privacy rules that’s almost impossible to make sense of.
Keeping track of online privacy is overwhelming. But a joint project between Redmorph and students at Carnegie Mellon University’s Heinz College has set out to change that.
During the Spring 2018 semester, researchers from Carnegie Mellon’s Information Security Policy and Management program collaborated with Redmorph to design a brand-new method for creating tools to reliably evaluate online privacy. The method is uniquely flexible and highly customizable, so in the future, the online privacy tools created with this framework could help keep an eye on their privacy across all the platforms they use.
The criteria for “online privacy” are complex and often subjective: what one user might consider acceptable, another might consider a gross violation of privacy. Current tools to evaluate online privacy can be restrictive for those who want to set their own privacy standards, or overwhelming for users without technical knowledge. The researchers set out to address these problems by developing a method of creating more usable privacy tools.
Over the course of the semester, the researchers developed a detailed procedure for creating a privacy monitoring tool that’s user-centered, customizable, and able to adapt in real-time as the online environment changes. The steps are generalized so they can be applied for developing on any platform, but are thorough enough to guide a technical team through every stage of the project, from research and development to a finished product. The procedure itself can also be customized, depending on what the developers want the finished product to accomplish.
The method includes a procedure allowing users to rank their privacy preferences, so that the privacy score for each website or app can be customized based on the user’s own definition of privacy. The privacy score will come with an explanation, and suggestions for steps the user can take to improve their privacy.
The researchers who created the framework — master’s students Erik Bacilio, Neetha Nair, Erin Persson, and Yiru Qu — emphasize the importance of their method as not just an informational service, but an educational tool. Displaying the number of third-party trackers on a website may not be meaningful for most users, so including contextual information where appropriate (what are third-party trackers and what impact do they have on privacy?) is a crucial part of making privacy monitoring tools effective for users.
Going forward, Redmorph will use the research to develop new tools to measure online privacy. The ultimate goal is to make sure users have the same discretion in their lives online as they have in their personal or professional lives offline, and tools that offer not only transparency but also user input and control are what makes it possible. The researchers’ method will serve as a framework for Redmorph’s technical team as they develop the code that will make user-friendly online privacy monitoring a reality.
