To Be, or Not to Be Notified

Eliciting Privacy Notification Preferences for Online mHealth Services
  • Patrick MurmannEmail author
  • Delphine Reinhardt
  • Simone Fischer-Hübner
Conference paper
Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT, volume 562)


Millions of people are tracking and quantifying their fitness and health, and entrust online mobile health (mhealth) services with storing and processing their sensitive personal data. Ex post transparency-enhancing tools (TETs) enable users to keep track of how their personal data are processed, and represent important building blocks to understand privacy implications and control one’s online privacy. Particularly, privacy notifications provide users of TETs with the insight necessary to make informed decision about controlling their personal data that they have disclosed previously. To investigate the notification preferences of users of online mhealth services, we conducted an online study. We analysed how notification scenarios can be grouped contextually, and how user preferences with respect to being notified relate to intervenability. Moreover, we examined to what extent ex post notification preferences correlate with privacy personas established in the context of trust in and reliability of online data services. Based on our findings, we discuss the implications for the design of usable ex post TETs.


Privacy Transparency-enhancing tool Usability Personas mHealth 



This research has received funding from the European Union’s Horizon 2020 research and innovation programme under the Marie Skłodowska-Curie grant agreement No. 67573 and the SSF project SURPRISE.

The authors thank Dan Larsson and Erik Wästlund for advice on the study design, and advice on conducting and interpreting various statistical analyses.


  1. 1.
    Dupree, J.L., Devries, R., Berry, D.M., Lank, E.: Privacy personas: clustering users via attitudes and behaviors toward security practices. In: Proceedings of the ACM Conference on Human Factors in Computing Systems (CHI) (2016)Google Scholar
  2. 2.
    The European Parliament and the Council of the European Union. Regulation (EU) 2016/679 of the European Parliament and of the Council (2016)Google Scholar
  3. 3.
    Fischer-Hübner, S., Pettersson, J.S., Angulo, J., Edbom, J., Toresson, M., Andersson, H.: D:C-7.3 Report on end-user perceptions of privacy-enhancing transparency and accountability. Technical report D37.3, A4Cloud Project (2014)Google Scholar
  4. 4.
    Harkous, H., Rahman, R., Aberer, K.: Data-driven privacy indicators. In: Proceedings of the Symposium on Usable Privacy and Security (SOUPS) (2016)Google Scholar
  5. 5.
    Peter Kincaid, J., Fishburne Jr., R.P., Rogers, R.L., Chissom, B.S.: Derivation of new readability formulas (automated readability index, fog count and flesch reading ease formula) for navy enlisted personnel. Technical report, Institute for Simulation and Training, University of Central Florida (1975)Google Scholar
  6. 6.
    Knijnenburg, B.P., Kobsa, A., Jin, H.: Dimensionality of information disclosure behavior. Int. J. Hum.-Comput. Stud. 71(12), 1144–1162 (2013)CrossRefGoogle Scholar
  7. 7.
    Lowens, B., Motti, V.G., Caine, K.: Wearable privacy: skeletons in the data closet. In: Proceedings of the IEEE International Conference on Healthcare Informatics (ICHI) (2017)Google Scholar
  8. 8.
    Morton, A.: Individual privacy concern and organisational privacy practice - bridging the gap. Ph.D. thesis, University College London (2015)Google Scholar
  9. 9.
    Morton, A., Angela Sasse, M.: Desperately seeking assurances: segmenting users by their information-seeking preferences. In: Proceedings of the IEEE Annual International Conference on Privacy, Security and Trust (PST) (2014)Google Scholar
  10. 10.
    Murmann, P.: Supplementary material. Accessed 13 Nov 2018
  11. 11.
    Murmann, P., Fischer-Hübner, S.: Tools for achieving usable ex post transparency: a survey. IEEE Access 5, 22965–22991 (2017)CrossRefGoogle Scholar
  12. 12.
    Naeini, P.E., et al.: Privacy expectations and preferences in an IoT world. In: Proceedings of the Symposium on Usable Privacy and Security (SOUPS) (2017)Google Scholar
  13. 13.
    Palan, S., Schitter, C.:—a subject pool for online experiments. J. Behav. Exp. Finan. 17, 22–27 (2018)CrossRefGoogle Scholar
  14. 14.
    Peer, E., Brandimarte, L., Samat, S., Acquisti, A.: Beyond the Turk: alternative platforms for crowdsourcing behavioral research. J. Exp. Soc. Psychol. 70, 153–163 (2017)CrossRefGoogle Scholar
  15. 15.
    Prolific Academic Ltd., Prolific. Accessed 27 Aug 2018
  16. 16.
    Statista. Number of connected wearable devices worldwide from 2016 to 2021. Accessed 28 June 2018
  17. 17.
    Wagner, I., He, Y., Rosenberg, D., Janicke, H.: User interface design for privacy awareness in ehealth technologies. In: Proceedings of the IEEE Annual Consumer Communications & Networking Conference (CCNC) (2016)Google Scholar
  18. 18.
    Westin, A.F.: Social and political dimensions of privacy. J. Soc. Issues 59(2), 431–453 (2003)CrossRefGoogle Scholar
  19. 19.
    Woodruff, A., Pihur, V., Consolvo, S., Schmidt, L., Brandimarte, L., Acquisti, A.: Would a privacy fundamentalist sell their DNA for \$1000... if nothing bad happened as a result? The Westin categories, behavioral intentions, and consequences. In: Proceedings of the Symposium on Usable Privacy and Security (SOUPS) (2014)Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2019

Authors and Affiliations

  • Patrick Murmann
    • 1
    Email author
  • Delphine Reinhardt
    • 2
  • Simone Fischer-Hübner
    • 1
  1. 1.Karlstad UniversityKarlstadSweden
  2. 2.University of GöttingenGöttingenGermany

Personalised recommendations