Sirvi Autor "Pontes Da Costa Reis, Beatriz" järgi

Tulemuste filtreerimiseks trükkige paar esimest tähte
Nüüd näidatakse 1 - 1 1
  • Pisipilt
    listelement.badge.dso-type Kirje ,
    An Approach for Designing Responsible Privacy Heuristics
    (Tartu Ülikool, 2025) Pontes Da Costa Reis, Beatriz; Gharib, Mohamad, juhendaja; Tartu Ülikool. Loodus- ja täppisteaduste valdkond; Tartu Ülikool. Arvutiteaduse instituut
    Privacy compliance is a major concern for legal entities handling Personal Information (PI), as noncompliance leads to substantial fines. Regulations require these entities to implement privacy protection mechanisms (privacy solutions) and inform data subjects (DSs) about PI processing. However, DSs often struggle to understand relevant information and effectively use these mechanisms, leaving their privacy vulnerable. Privacy heuristics (PHs) offer a potential solution by assisting users in making informed decisions. Yet, their design is complex, prone to bias, and, if done irresponsibly, can lead to unethical or manipulative outcomes. This thesis addresses these challenges by developing an approach that provides design principles for guiding and evaluating Responsible Privacy Heuristics (RPHs) in privacy-aware systems. Following the Design Science Research methodology, we formulated the principles to satisfy six meta-requirements derived from ethical principles: Integrity, Non-manipulation, Beneficence and Non-maleficence, Autonomy and Control, Context-aware and Accessible, and Regulatory Compliance. Each principle is paired with acceptance criteria that practitioners can use to verify correct application. The clarity and applicability of the resulting eleven design principles, as well as the validity of their acceptance criteria, were evaluated by privacy domain experts. We demonstrate the applicability of the approach through a practical example, following the steps of the methodological process. The resulting design was validated via a moderated A/B test with 12 end-users. Participants were asked to complete demographic questions, read a scenario, interact with their assigned design version, and then respond to a post-task questionnaire that assessed perceived usability, perceived informed decision, perceived autonomy, and perceived consequences awareness. In addition, we evaluated informed decision and decision-awareness to measure the new privacy solution’s effectiveness. The results show that the RPH version matched the standard PH version in usability, while being slightly more effective in preventing the selection of privacy-invasive options and enabling informed decision-making, without compromising user autonomy.