Abstract

http://ssrn.com/abstract=2031720
 


 



Nano-Notice: Privacy Disclosure at a Mobile Scale


Aleecia M. McDonald


Stanford University

Tom Lowenthal


affiliation not provided to SSRN

September 09, 2012

2012 TRPC

Abstract:     
The trend toward mobile is clear: increasingly, people are accessing the Internet through smart phones and other mobile devices. Privacy notice, too, is going mobile. In February 2012, the California Attorney General’s office announced that application stores will ensure that mobile apps offer privacy policies. In March 2012, the Federal Trade Commission’s Protecting Consumer Privacy in an Era of Rapid Change report echoed the call for improved mobile notices.

Internet privacy notice is a difficult, well-studied problem. Mobile devices face the additional restriction of smaller screens and further limits to user attention. One approach to privacy notice in this context is to highlight only a small subset of relevant privacy policy information. But what subset? How do we go about isolating what information to surface? Another approach is to present information "just in time," as it is relevant, rather than present all information in a policy designed to be read prior to acquiring an application. When do users think privacy information is most relevant? Are there differences between types of information, and when they would prefer disclosure?

We performed a study aimed at exploring the question of what information mobile privacy notices should highlight, and when. Drawing in part from risk communication literature, the study focuses on the area of overlap between consumer assumptions and consumer preferences: what is it that consumers simultaneously (1) do not realize about mobile data practices and (2) would care about if they did realize it?

We recruited participants (n=534) from Mozilla's "Test Pilot" program. Participants were not primed that we were studying privacy. In addition to testing user knowledge, we asked questions to determine users’ priorities: which practices actually bother users when they are aware of them? Which practices would surprise users? Finally, in a between-subjects design, we tested comprehension of proposed formats for privacy polices from TRUSTe, Privacy Choice, and a Natural Language mobile privacy policy designed without using either format. We conclude with observations and suggestions for policy makers and technology developers.

Number of Pages in PDF File: 29

Keywords: privacy, notice, mobile

JEL Classification: 033, 038

working papers series


Download This Paper

Date posted: March 31, 2012 ; Last revised: September 10, 2012

Suggested Citation

McDonald, Aleecia M. and Lowenthal, Tom, Nano-Notice: Privacy Disclosure at a Mobile Scale (September 09, 2012). 2012 TRPC. Available at SSRN: http://ssrn.com/abstract=2031720 or http://dx.doi.org/10.2139/ssrn.2031720

Contact Information

Aleecia M. McDonald (Contact Author)
Stanford University ( email )
Stanford, CA 94305
United States
Tom Lowenthal
affiliation not provided to SSRN ( email )
Feedback to SSRN


Paper statistics
Abstract Views: 712
Downloads: 93
Download Rank: 159,006

© 2014 Social Science Electronic Publishing, Inc. All Rights Reserved.  FAQ   Terms of Use   Privacy Policy   Copyright   Contact Us
This page was processed by apollo7 in 0.406 seconds