Is this contextual?

How would we enforce this?

Where would user come across this?

Timeline assumes we have access to this information
Data that we explicity share vs. inferred data (derived from your activity) and sharing of inferred data
Inference that is happening that is not transparent - about what the data will be used for

“We don’t have access to that but our algorithms do” e.g. Amazon employees may not have access to your data, but algorithms can present you with suggestions etc.
Who has access? What kinds of decisions are being made? Can we and/or do we need to surface this in the UI?
Customer-based privacy maintenance
Make it game-like, story-based
Discrepancy hook - i want this, they are giving me that
The tool has to have access to your personal data?

Aggregation of all the data in a timeline - could present security concern as a potential point of attack

Can we collect info about what you’re protecting (or not protecting) but not the value itself?
Can we “aggregate” the data superficially (not actually)?
Can we take a kind of hypothetical approach like Me and My Shadow - if you are using these devices, making these choices etc then it is probably that this information is being tracked about you
1. The richer and more specific your personal privacy policy is, the more sensitive it is e.g. if you are blocking medical information, it could be inferred that you have something to hide - and by making it less granular it could be limiting
2. Is there a way to approach this differently such that the user doesn’t feel that we are another place that is collecting data about them?
We are not actually collecting the data about the user?

A partnership - with the provider - a speculative exercise - we don’t want to aggregate data, we assume a balanced partnership

E.g. provider specifies a token rather than the actual data - the event not the value

Could provide a rating for different sites etc re: privacy
Once it’s gone you can’t get that data back
A hypothetical approach - the tool reveals the policies of the services rather than specifically setting preferences?
A game - create a persona and interact with services - experience what happens

Next Steps

Begin with generalised timeline OR hypothetical exercise/mapping, with links into
simplified preference setting tool/UI

Timeline could link into app-specific privacy settings? And from there, prompt to use preference-setting tool to avoid having to set app-specific privacy settings in the future?
consider both the speculative (full, complex) design (like current wireframes with timeline etc) as well as the simplified / what is realistic today
in simplified case - what is bare minimum? the bottom line? "5 things"
- what does user want to "say" to provider (i.e. privacy preferences) - what can they opt-out of
- what does user want to know from provider (i.e. what info is being used and why?)

Browser not supported