Designing natural language and structured entry methods for privacy policy authoring

Authors:
John Karat;Clare-Marie Karat;Carolyn Brodie;Jinjuan Feng
Affiliations:
IBM T.J. Watson Research Center, Hawthorne, NY;IBM T.J. Watson Research Center, Hawthorne, NY;IBM T.J. Watson Research Center, Hawthorne, NY;University of Maryland Baltimore County, Baltimore, MD
Venue:
INTERACT'05 Proceedings of the 2005 IFIP TC13 international conference on Human-Computer Interaction
Year:
2005

Citing 10
Cited 4

Privacy policies and practices: inside the organizational maze

Communications of the ACM
Personalized hypermedia and international privacy

Communications of the ACM - The Adaptive Web
Privacy of medical records: IT implications of HIPAA

ACM SIGCAS Computers and Society
Unpacking "privacy" for a networked world

Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Patient Privacy in Electronic Prescription Transfer

IEEE Security and Privacy
Web Privacy with P3p

Web Privacy with P3p
Privacy policies as decision-making tools: an evaluation of online privacy notices

Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Personalizing the user experience on ibm.com

IBM Systems Journal
Enabling Video Privacy through Computer Vision

IEEE Security and Privacy
Privacy in context

Human-Computer Interaction

Privacy in information technology: designing to enable privacy policy management in organizations

International Journal of Human-Computer Studies - Special isssue: HCI research in privacy and security is critical now
CNL4DSA: a controlled natural language for data sharing agreements

Proceedings of the 2010 ACM Symposium on Applied Computing
Privacy-aware role-based access control

ACM Transactions on Information and System Security (TISSEC)
Automated extraction of security policies from natural-language software documents

Proceedings of the ACM SIGSOFT 20th International Symposium on the Foundations of Software Engineering

Quantified Score

Hi-index	0.00

Visualization

Abstract

As information technology continues to spread, we believe that there will be an increasing awareness of a fundamental need to seriously consider privacy concerns, and that doing so will require an understanding of policies that govern information use accompanied by development of technologies that can implement such policies. The research reported here describes our efforts to design a system which facilitates effective privacy policy authoring, implementation, and compliance monitoring. We employed a variety of user-centered design methods with 109 target users across the four steps of the research reported here. This case study highlights our work to iteratively design and validate a prototype with target users, and presents a laboratory evaluation aimed at providing early support for specific design decisions to meet the needs of providing flexible privacy enabling technologies. This paper highlights our work to include natural language and structured entry methods for policy authoring.