Sept 8 2016 Privacy Discussion Meeting Minutes
Present:
Colin, Dana, Michelle
TO DO:
a) determine what trust mapping is exactly - get examples from work with AARP/CARP
b) brain storm and co-design with regular people
people with disabilites; young people; older people - how to find them?
work through a set of ideas to get at what is personal information and when are people willing to share it
use the DEEP session on privacy to advertise/recruit/discuss (Dana is moderating the Innovation stream session)
c) create a taxonomy of preferences for use of personal information
d) do a similar thing with vendors
create a survey for vendors?
e) a specific list of privacy preferences, conditions, and uses of privacy information, which we will contribute to the ISO 24751 registry
define common preference terms
f) AMAZING DESIGNS
prototypes and exemplars of UIs for:
i) users to declare their preferences for personal information—to whom they will release it and under which conditions/qualifiers
ii) an exemplar easy-to-understand privacy policy for vendors
iii) an example of how a vendor can present to the user in an easy and specific way how their personal information will be used
iv) a UI for a kind of structured formy thing where vendors declare the above
"how to design a privacy-respecting experience"
Other Notes:
so-called "free" services that want your data
personal data that is valuable in aggregate - motivations/interests of vendor/services are opaque to user
- understanding the motivations/uses contributes to user-autonomy
what would motivate vendors to declare what info they’re using and for what ?
what kinds of info are folks willing to share, under what conditions? (user-determined value)
look at what the Brave browser is doing https://brave.com/
how to get past the abstract idea or ideology around privacy (the general feeling that “I don’t ever want my personal data misused/used by vendors”) and get to specifics ?
discuss choices, compromises people are willing to make based on valuable features etc (threshold for value exchange)
discuss the tradeoffs (between getting valuable features for users, and giving data to vendors)
sometimes caused by not knowing that personal data is actually being used or what it’s being used for
understanding how aggregate data is used - for targeted advertising etc
- also consider the very real and more dangerous consequences (often in countries outside of Canada etc) of data / location tracking