This research article, written by a consortium of researchers at Carnegie Mellon University and Rutgers University, outlines core issues related to users’ expectations regarding privacy and mobile apps. The researchers used the concept of mental models to frame their study.
Here’s how the researchers describe “mental model”:
All people have a simplified model that describes what people think an object does and how it works (in our case, the object is an app). Ideally, if a person’s mental model aligns with what the app actually does, then there would be fewer privacy problems since that person is fully informed as to the app’s behavior. However, in practice, a person’s mental model is never perfect.
The researchers posited that when there’s a disconnect between a user’s mental model as to how an app operates with respect to information users would regard as private (e.g., location or contact records) users view such an operation as illegitimate and, thus, a breach of privacy. To address this issue the researches formulated a new concept in mobile privacy called privacy as expectations, where they determine these expectations via crowdsourcing. Previous research has focused on using automated analysis to discern users’ privacy thresholds. But the researchers argue that this purely analytical method is flawed and, thus, proposed a crowdsourcing model.
The end result of their study yielded a proposed interface when downloading apps:
Having a clear and concise understanding of privacy issues relating to apps during download (like Figure 2 above) improves a user’s experience. Using such an interface gives users notice and choice. I agree with the researchers that this model of displaying privacy issues related to downloading mobile apps is a bit of a break-through in regards to the issue of users’ controlling their privacy, and deciding when and under what circumstances to give up their privacy.
Photo credit: Michael Francis McArthy