{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,6]],"date-time":"2025-12-06T04:38:16Z","timestamp":1764995896489,"version":"3.41.2"},"reference-count":23,"publisher":"Emerald","issue":"1","license":[{"start":{"date-parts":[[2012,3,16]],"date-time":"2012-03-16T00:00:00Z","timestamp":1331856000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.emerald.com\/insight\/site-policies"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2012,3,16]]},"abstract":"Purpose<\/jats:title>The purpose of this paper is to present the approach taken within the PrimeLife project for designing user\u2010friendly privacy policy interfaces for the PrimeLife Policy Language (PPL) and report on the lessons learned when designing interfaces for privacy policy management and display.<\/jats:p><\/jats:sec>Design\/methodology\/approach<\/jats:title>Taking an iterative process of design, the authors developed the interface of the \u201cSend Data?\u201d prototype, a browser extension designed and developed to deal with the powerful features provided by PPL, and having the purpose of helping users to make conscious decisions on the dissemination of their personal information. The proposed interface introduces the novel features of \u201con the fly\u201d privacy management, predefined levels of privacy settings, and simplified selection of anonymous credentials. The last iteration of the prototype has been tested using a cognitive walkthrough approach.<\/jats:p><\/jats:sec>Findings<\/jats:title>Results from usability tests show that users understood and appreciate most of the features contained within the interface and they perceived their benefit for protecting their privacy online. However, improvement is still needed in order to make the display and management of privacy policies more intuitive and seamless. Showing privacy mismatches inside a two\u2010dimensional table was preferred by users in general.<\/jats:p><\/jats:sec>Originality\/value<\/jats:title>The paper introduces the novelty of \u201con the fly\u201d privacy management, which lets users adapt and organize their own privacy preferences whilst an online transaction takes place, Also, it allows users to select credentials to identify themselves in a simpler manner.<\/jats:p><\/jats:sec>","DOI":"10.1108\/09685221211219155","type":"journal-article","created":{"date-parts":[[2012,3,17]],"date-time":"2012-03-17T08:21:01Z","timestamp":1331972461000},"page":"4-17","source":"Crossref","is-referenced-by-count":58,"title":["Towards usable privacy policy display and management"],"prefix":"10.1108","volume":"20","author":[{"given":"Julio","family":"Angulo","sequence":"first","affiliation":[]},{"given":"Simone","family":"Fischer\u2010H\u00fcbner","sequence":"additional","affiliation":[]},{"given":"Erik","family":"W\u00e4stlund","sequence":"additional","affiliation":[]},{"given":"Tobias","family":"Pulls","sequence":"additional","affiliation":[]}],"member":"140","reference":[{"key":"key2022031120073887200_b1","doi-asserted-by":"crossref","unstructured":"Angulo, J., Fischer\u2010H\u00fcbner, S., Pulls, T. and K\u00f6nig, U. (2011a), \u201cHCI for policy display and administration\u201d, in Camenisch, J., Fischer\u2010H\u00fcbner, S. and Rannenberg, K. (Eds), PrimeLife \u2013 Privacy and Identity Management for Life in Europe, Springer, New York, NY, p. 261.","DOI":"10.1007\/978-3-642-20317-6_14"},{"key":"key2022031120073887200_b2","unstructured":"Angulo, J., Fischer\u2010H\u00fcbner, S., Pulls, T. and W\u00e4stlund, E. (2011b), \u201cTowards usable privacy policy display & management \u2013 the PrimeLife approach\u201d, in Furnell, S.M. and Clarke, N.L. (Eds), Proceedings of the Fifth International Symposium on Human Aspects of Information Security & Assurance (HAISA 2011), University of Plymouth, Plymouth, p. 108, July."},{"key":"key2022031120073887200_b3","unstructured":"Article 29 Data Protection Working Party (2004), Opinion on More Harmonised Information Provisions 1198704\/EN WP 100, European Commission."},{"key":"key2022031120073887200_b5","doi-asserted-by":"crossref","unstructured":"Camenisch, J. and van Herreweghen, E. (2002), \u201cDesign and implementation of the IdeMix anonymous credential system\u201d, Proceedings of the 9th ACM Conference on Computer and Communications Security, Washington, DC, USA, p. 21.","DOI":"10.1145\/586110.586114"},{"key":"key2022031120073887200_b4","doi-asserted-by":"crossref","unstructured":"Camenisch, J., Fischer\u2010H\u00fcbner, S. and Rannenberg, K. (Eds) (2011), PrimeLife \u2013 Privacy and Identity Management for Life in Europe, 1st ed., Springer, New York, NY.","DOI":"10.1007\/978-3-642-20317-6"},{"key":"key2022031120073887200_b6","doi-asserted-by":"crossref","unstructured":"Cranor, L.F. (2003), \u201cP3P: making privacy policies more useful\u201d, IEEE Security & Privacy, Vol. 1 No. 6, pp. 50\u20105.","DOI":"10.1109\/MSECP.2003.1253568"},{"key":"key2022031120073887200_b7","doi-asserted-by":"crossref","unstructured":"Cranor, L.F., Guduru, P. and Arjula, M. (2006), \u201cUser interfaces for privacy agents\u201d, ACM Transactions on Computer\u2010Human Interaction, Vol. 13 No. 2, pp. 135\u201078.","DOI":"10.1145\/1165734.1165735"},{"key":"key2022031120073887200_b8","unstructured":"Friedman, B., Howe, D. and Felten, E. (2002), \u201cInformed consent in the Mozilla browser: implementing value sensitive design\u201d, Proceedings of the 35th Annual Hawaii International Conference on System Sciences (HICSS 02), IEEE Computer Society, Washington, DC, p. 247."},{"key":"key2022031120073887200_b9","doi-asserted-by":"crossref","unstructured":"Graf, C., Wolkerstorfer, P., Hochleitner, C., W\u00e4stlund, E. and Tscheligi, M. (2011), \u201cHCI for PrimeLife prototypes\u201d, in Camenisch, J., Fischer\u2010H\u00fcbner, S. and Rannenberg, K. (Eds), PrimeLife \u2013 Privacy and Identity Management for Life in Europe, 1st ed., Springer, New York, NY, p. 217.","DOI":"10.1007\/978-3-642-20317-6_11"},{"key":"key2022031120073887200_b10","doi-asserted-by":"crossref","unstructured":"Holtz, L., Nocun, K. and Hansen, M. (2011), \u201cDisplaying privacy information with icons\u201d, PrimeLife\/IFIP Summer School Proceedings, Springer, New York, NY.","DOI":"10.1007\/978-3-642-20769-3_27"},{"key":"key2022031120073887200_b11","doi-asserted-by":"crossref","unstructured":"Johnson, M., Karat, J., Karat, C. and Grueneberg, K. (2010), Optimizing a Policy Authoring Framework for Security and Privacy Policies, ACM, Redmond, WA.","DOI":"10.1145\/1837110.1837121"},{"key":"key2022031120073887200_b13","doi-asserted-by":"crossref","unstructured":"Kelley, P.G., Bresee, J., Cranor, L.F. and Reeder, R.W. (2009), \u201cA \u2018nutrition label\u2019 for privacy\u201d, SOUPS '09: Proceedings of the 5th Symposium on Usable Privacy and Security, ACM, New York, NY, p. 1.","DOI":"10.1145\/1572532.1572538"},{"key":"key2022031120073887200_b12","doi-asserted-by":"crossref","unstructured":"Kelley, P.G., Cesca, L., Bresee, J. and Cranor, L.F. (2010), \u201cStandardizing privacy notices: an online study of the nutrition label approach\u201d, Proceedings of the 28th International Conference on Human Factors in Computing Systems, ACM, New York, NY, p. 1573.","DOI":"10.1145\/1753326.1753561"},{"key":"key2022031120073887200_b14","doi-asserted-by":"crossref","unstructured":"Millett, L.I., Friedman, B. and Felten, E. (2001), \u201cCookies and web browser design: toward realizing informed consent online\u201d, Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, ACM, New York, NY, p. 46.","DOI":"10.1145\/365024.365034"},{"key":"key2022031120073887200_b15","unstructured":"Pettersson, J.S. (2003), \u201cOzlab \u2013 a system overview with an account of two years of experiences\u201d, HumanIT 2003, Karlstad University Studies, Karlstad, pp. 159\u201085."},{"key":"key2022031120073887200_b16","doi-asserted-by":"crossref","unstructured":"Pettersson, J.S. and Siponen, J. (2002), \u201cOzlab: a simple demonstration tool for prototyping interactivity\u201d, Proceedings of the Second Nordic Conference on Human\u2010Computer Interaction, ACM, New York, NY, p. 295.","DOI":"10.1145\/572020.572071"},{"key":"key2022031120073887200_b17","doi-asserted-by":"crossref","unstructured":"Pettersson, J.S., Fischer\u2010H\u00fcbner, S., Danielsson, N., Nilsson, J., Bergmann, M., Kriegelstein, S.C.T. and Krasemann, H. (2005), \u201cMaking PRIME usable\u201d, Proceedings of the 2005 Symposium on Usable Privacy and Security, ACM, New York, NY, p. 53.","DOI":"10.1145\/1073001.1073007"},{"key":"key2022031120073887200_b19","unstructured":"PrimeLife WP4.1 (2010), \u201cHigh\u2010level prototypes\u201d, in Graf, C., Wolkerstorfer, P., W\u00e4stlund, E., Wolkerstorfer, P., Fischer\u2010H\u00fcbner, S. and Kellermann, B. (Eds), PrimeLife Deliverable D4.1.4, PrimeLife, August, available at: www.primelife.eu\/results\/documents."},{"key":"key2022031120073887200_b18","unstructured":"PrimeLife WP4.1 (2011), \u201cTowards usable privacy enhancing technologies: lessons learned from the PrimeLife project\u201d, in Graf, C., Hochleitner, C., Wolkerstorfer, P., Angulo, J., Fischer\u2010H\u00fcbner, S. and W\u00e4stlund, E. (Eds), PrimeLife Deliverable D4.1.6, PrimeLife, February, available at: www.primelife.eu\/results\/documents."},{"key":"key2022031120073887200_b20","unstructured":"PrimeLife WP4.3 (2010), \u201cUI prototypes: policy administration and presentation \u2013 version 2\u201d, in Fischer\u2010H\u00fcbner, S. and Zwingelberg, H. (Eds), PrimeLife Deliverable D4.3.2, PrimeLife, June, available at: www.primelife.eu\/results\/documents."},{"key":"key2022031120073887200_b21","unstructured":"Reeder, R.W. (2008), Expandable Grids: A User Interface Visualization Technique and a Policy Semantics to Support Fast, Accurate Security and Privacy Policy Authoring, Carnegie Mellon University, Pittsburgh, PA."},{"key":"key2022031120073887200_b22","doi-asserted-by":"crossref","unstructured":"Reeder, R.W., Bauer, L., Cranor, L.F., Reiter, M.K., Bacon, K., How, K. and Strong, H. (2008), \u201cExpandable grids for visualizing and authoring computer security policies\u201d, Proceeding of the Twenty\u2010Sixth Annual SIGCHI Conference on Human Factors in Computing Systems, ACM, New York, NY, p. 1473.","DOI":"10.1145\/1357054.1357285"},{"key":"key2022031120073887200_b23","unstructured":"Whitten, A. and Tygar, J.D. (1999), \u201cWhy Johnny Can't Encrypt: a usability evaluation of PGP 5.0\u201d, Proceedings of the 8th USENIX Security Symposium, Washington, DC, USA."}],"container-title":["Information Management & Computer Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/www.emeraldinsight.com\/doi\/full-xml\/10.1108\/09685221211219155","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/09685221211219155\/full\/xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/09685221211219155\/full\/html","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,25]],"date-time":"2025-07-25T00:09:23Z","timestamp":1753402163000},"score":1,"resource":{"primary":{"URL":"http:\/\/www.emerald.com\/ics\/article\/20\/1\/4-17\/173825"}},"subtitle":[],"editor":[{"given":"Nathan","family":"Clarke","sequence":"first","affiliation":[]}],"short-title":[],"issued":{"date-parts":[[2012,3,16]]},"references-count":23,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2012,3,16]]}},"alternative-id":["10.1108\/09685221211219155"],"URL":"https:\/\/doi.org\/10.1108\/09685221211219155","relation":{},"ISSN":["0968-5227"],"issn-type":[{"type":"print","value":"0968-5227"}],"subject":[],"published":{"date-parts":[[2012,3,16]]}}}