Sept 8 2016 Privacy Discussion Meeting Minutes

Present:

Colin, Dana, Michelle


TO DO:


a) determine what trust mapping is exactly - get examples from work with AARP/CARP

b) brain storm and co-design with regular people

  • people with disabilites; young people; older people - how to find them?

  • work through a set of ideas to get at what is personal information and when are people willing to share it

  • use the DEEP session on privacy to advertise/recruit/discuss (Dana is moderating the Innovation stream session)

c) create a taxonomy of preferences for use of personal information

d) do a similar thing with vendors

  • create a survey for vendors?

e) a specific list of privacy preferences, conditions, and uses of privacy information, which we will contribute to the ISO 24751 registry

  • define common preference terms

f) AMAZING DESIGNS

  • prototypes and exemplars of UIs for:

i) users to declare their preferences for personal information—to whom they will release it and under which conditions/qualifiers

ii) an exemplar easy-to-understand privacy policy for vendors

iii) an example of how a vendor can present to the user in an easy and specific way how their personal information will be used

iv) a UI for a kind of structured formy thing where vendors declare the above


"how to design a privacy-respecting experience"

Other Notes:

  • so-called "free" services that want your data

    • personal data that is valuable in aggregate - motivations/interests of vendor/services are opaque to user

    • understanding the motivations/uses contributes to user-autonomy
  • what would motivate vendors to declare what info they’re using and for what ?

  • what kinds of info are folks willing to share, under what conditions? (user-determined value)

  • look at what the Brave browser is doing https://brave.com/ 

  • how to get past the abstract idea or ideology around privacy (the general feeling that “I don’t ever want my personal data misused/used by vendors”) and get to specifics ?

    • discuss choices, compromises people are willing to make based on valuable features etc (threshold for value exchange)

    • discuss the tradeoffs (between getting valuable features for users, and giving data to vendors)

    • sometimes caused by not knowing that personal data is actually being used or what it’s being used for

    • understanding how aggregate data is used - for targeted advertising etc

    • also consider the very real and more dangerous consequences (often in countries outside of Canada etc) of data / location tracking