Abstract
Transparency is an integral part of European data protection. In particular, the right of access allows the data subject to verify if his personal data is processed in a lawful manner. The data controller has the full obligation to provide all information on personal data processing in an easily accessible way. Privacy dashboards are promising tools for this purpose. However, there is not yet any privacy dashboard available which allows full access to all personal data. Particularly, information flows remain unclear. We present the next generation privacy dashboard PrivacyInsight. It provides full access to all personal data along information flows. Additionally, it allows exercising the data subject’s further rights. We evaluate PrivacyInsight in comparison with existing approaches by means of a user study. Our results show that PrivacyInsight is the most usable and most feature complete existing privacy dashboard.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
CJEU, 07.05.2009 - C-553/07.
- 2.
- 3.
- 4.
- 5.
- 6.
- 7.
- 8.
- 9.
- 10.
- 11.
- 12.
References
Aldeco-Pérez, R., Moreau, L.: Provenance-based auditing of private data use. In: Proceedings of the 2008 International Conference on Visions of Computer Science: BCS International Academic Conference, VoCS 2008, pp. 141–152. British Computer Society, Swinton (2008)
Angulo, J., Bernsmed, K., Fischer-Hübner, S., Froystad, C., Gjaere, E.A., Wästlund, E.: D: D-5.1 user interface prototypes v1. Deliverable, KAU, SINTEF (2014)
Angulo, J., Fischer-Hübner, S., Pulls, T., Wästlund, E.: Usable transparency with the data track: a tool for visualizing data disclosures. In: Proceedings of the 33rd Annual ACM Conference Extended Abstracts on Human Factors in Computing Systems, pp. 1803–1808. ACM (2015)
Bangor, A., Kortum, P., Miller, J.: Determining what individual sus scores mean: adding an adjective rating scale. J. Usability Stud. 4(3), 114–123 (2009)
Bier, C.: How usage control and provenance tracking get together - a data protection perspective. In: IEEE Security and Privacy Workshops (SPW), pp. 13–17 (2013)
Brooke, J., et al.: Sus-a quick and dirty usability scale. Usability Eval. Ind. 189(194), 4–7 (1996)
Cranor, L.F., Guduru, P., Arjula, M.: User interfaces for privacy agents. ACM Trans. Comput.-Hum. Interact. 13(2), 135–178 (2006)
Fischer-Hübner, S., Angulo, J., Pulls, T.: How can cloud users be supported in deciding on, tracking and controlling how their data are used? In: Hansen, M., Hoepman, J.-H., Leenes, R., Whitehouse, D. (eds.) Privacy and Identity 2013. IFIP AICT, vol. 421, pp. 77–92. Springer, Heidelberg (2014)
Freire, J., Koop, D., Santos, E., Silva, C.T.: Provenance for computational tasks: a survey. Comput. Sci. Eng. 10(3), 11–21 (2008)
Harvan, M., Pretschner, A.: State-based usage control enforcement with data flow tracking using system call interposition. In: Proceedings of the 3rd International Conference on Network and System Security (NSS 2009), pp. 373–380. IEEE, Saint Malo (2009)
Hedbom, H.: A survey on transparency tools for enhancing privacy. In: Matyáš, V., Fischer-Hübner, S., Cvrček, D., Švenda, P. (eds.) The Future of Identity. IFIP AICT, vol. 298, pp. 67–82. Springer, Heidelberg (2009)
ISO: ISO 9241–11: Ergonomic requirements for office work with visual display terminals (VDTs). Technical report, International Organization for Standardization, Geneva, Switzerland (2000)
Janic, M., Wijbenga, J.P., Veugen, T.: Transparency enhancing tools (TETs): an overview. In: Third Workshop on Socio-Technical Aspects in Security and Trust (STAST), pp. 18–25 (2013)
Kani-Zabihi, E., Helmhout, M.: Increasing service users’ privacy awareness by introducing on-line interactive privacy features. In: Laud, P. (ed.) NordSec 2011. LNCS, vol. 7161, pp. 131–148. Springer, Heidelberg (2012)
Kolter, J., Netter, M., Pernul, G.: Visualizing past personal data disclosures. In: International Conference on Availability, Reliability, and Security (ARES 2010), pp. 131–139 (2010)
Laugwitz, B., Held, T., Schrepp, M.: Construction and evaluation of a user experience questionnaire. In: Holzinger, A. (ed.) USAB 2008. LNCS, vol. 5298, pp. 63–76. Springer, Heidelberg (2008)
Lewis, J.R., Sauro, J.: The factor structure of the system usability scale. In: Kurosu, M. (ed.) HCD 2009. LNCS, vol. 5619, pp. 94–103. Springer, Heidelberg (2009)
Park, J., R.: Towards usage control models: beyond traditional access control. In: Proceedings of the Seventh ACM Symposium on Access control models and technologies (SACMAT 2002), pp. 57–64. ACM, Monterey (2002)
Park, J., Sandhu, R.: The UCON ABC usage control model. ACM Trans. Inf. Syst. Secur. 7(1), 128–174 (2004)
Pretschner, A., Büchler, M., Harvan, M., Schaefer, C., Walter, T.: Usage control enforcement with data flow tracking for X11. In: Proceedings of the 5th International Workshop on Security and Trust Management (STM), pp. 124–137, Saint Malo (2009)
Pretschner, A., Lovat, E., Büchler, M.: Representation-independent data usage control. In: Garcia-Alfaro, J., Navarro-Arribas, G., Cuppens-Boulahia, N., de Capitani di Vimercati, S. (eds.) DPM 2011 and SETOP 2011. LNCS, vol. 7122, pp. 122–140. Springer, Heidelberg (2012)
Pulls, T., Peeters, R., Wouters, K.: Distributed privacy-preserving transparency logging. In: Proceedings of the 12th ACM Workshop on Workshop on Privacy in the Electronic Society, WPES 2013, pp. 83–94. ACM, New York (2013)
Roßnagel, A.: Handbuch Datenschutzrecht. C.H. Beck, München (2003)
Simitis, S. (ed.): Bundesdatenschutzgesetz. Nomos, Baden-Baden, 7 auflage (2011)
Simmhan, Y.L., Plale, B., Gannon, D.: A survey of data provenance in e-science. ACM Sigmod Record 34(3), 31–36 (2005)
Warren, S.D., Brandeis, L.D.: The right to privacy. Harvard Law Rev. 4(5), 193–220 (1890)
Wästlund, E., Hübner, S.F.: End user transparency tools: UI prototypes. Technical report, KAU (2010)
Wästlund, E., Wolkerstorfer, P., Köffel, C.: PET-USES: privacy-enhancing technology – users’ self-estimation scale. In: Bezzi, M., Duquenoy, P., Fischer-Hübner, S., Hansen, M., Zhang, G. (eds.) IFIP AICT 320. IFIP AICT, vol. 320, pp. 266–274. Springer, Heidelberg (2010)
Weichert, T.: Auskunftsanspruch in Verteilten Systemen. Datenschutz und Datensicherheit (DuD) 30(11), 694–699 (2006)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this paper
Cite this paper
Bier, C., Kühne, K., Beyerer, J. (2016). PrivacyInsight: The Next Generation Privacy Dashboard. In: Schiffner, S., Serna, J., Ikonomou, D., Rannenberg, K. (eds) Privacy Technologies and Policy. APF 2016. Lecture Notes in Computer Science(), vol 9857. Springer, Cham. https://doi.org/10.1007/978-3-319-44760-5_9
Download citation
DOI: https://doi.org/10.1007/978-3-319-44760-5_9
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-44759-9
Online ISBN: 978-3-319-44760-5
eBook Packages: Computer ScienceComputer Science (R0)