Browser manufacturers have developed artifacts such as the lock icon, specially colored address bars, and security warnings to provide security awareness in browsing sessions. Friedman et al. developed user interfaces to show to end-users what cookies are used by different web sites .
However, there are few published studies on the effectiveness of these mechanisms. Few notable exceptions include Friedman et al.’s study showing the low recognition rate of secure connections by diverse sets of users , and Whalen and Inkpen’s experiments on the effectiveness of security cues (the lock icon) in web surfing sessions . Whalen and Inkpen used eye-tracking techniques to follow users’ focus of view when interacting with web sites. The results indicate that users do not look at, or interact with, the lock icon to verify certificate information. Furthermore, they showed that even when viewed, certificate information was not helpful to the user in understanding whether the web page is authentic or not.
Recently, interaction techniques for awareness have been developed in the context of ubiquitous computing, because the lack of appropriate feedback is exacerbated by the often-invisible nature of these technologies . Nguyen and Mynatt observed that in the physical world, people can use mirrors to see how others would see them. Drawing on this analogy, they introduced the idea of Privacy Mirrors, artifacts that can help people see what information might be shared with others. According to Nguyen and Mynatt, technology must provide a history of relevant events, feedback about privacy-affecting data exchanges, awareness of ongoing transactions, accountability for the transactions, and the ability to change privacy state and preferences. This framework was used to critique a multi-user web-based application and to develop original design ideas for it . However, the Privacy Mirrors concept itself was not formally evaluated.
An interesting variant of the Privacy Mirror concept is the peripheral privacy notification device developed by Kowitz and Cranor . In this system, a display located in a shared workplace shows words taken from unencrypted chats, web browsing sessions, and emails transiting on the local wireless network. Kowitz and Cranor carefully designed this awareness device so that only generic words are anonymously projected on the display (i.e., no personal names), and words are selected out of context so that the meaning of the phrase is likely not intelligible by others. Kowitz and Cranor assessed the reactions of users through interviews and questionnaires before and after the deployment of the device. The self-reported results indicate that the users of the wireless network became more aware of the unencrypted wireless network, but did not change their usage behavior. Kowitz and Cranor note that the change in perception was likely due to the awareness display since participants already knew that wireless traffic was visible to eavesdroppers. However, awareness was not tied to any actionable items, as the system did not suggest what steps one could take to protect oneself.
A key design issue in awareness user interfaces is how to provide meaningful notifications that are not overwhelming nor annoying. Good et al. showed that end-users typically skip over end-user license agreements . Many users also ignore alert boxes in their web browsers, having become inured to them. Currently, there is no strong consensus in the research community or in industry as to how these kinds of user interfaces for awareness should be built. This issue is discussed as a key challenge for future work in Section 4.1.
end-user-privacy-in-human-computer-interaction-v57.docPage 39 of 85