Hi everyone, This morning, Arash, Colin, Dana, Joanna, and I met to discuss the work that has started on the GPII user privacy settings. In a nutshell, GPII user privacy settings is a facility that allows an end user to define and control what part of their preference sets are accessible by third party websites.
To date we (Arash and I) have done a quick competitive analysis of existing privacy / security settings found in popular devices, applications, and websites (see http://wiki.fluidproject.org/display/fluid/GPII+User+Privacy+Settings+-+Competitive+Analysis). We have identified a pain point when a user is asked to authorize another entity access to personal information: - it is unclear how much personal information is going to be accessed and for what purposes - there is no obvious personal control over this agreement - declining the agreement often results in denied access to the desired feature We have also started to do some early sketching of what the privacy system may look like to an end user (see http://wiki.fluidproject.org/display/fluid/GPII+User+Privacy+Settings+-+Sketches+and+Mind+Maps). These early sketches depict an inverted relationship to traditional online privacy: - the 3rd party site presents what information they require and why they need it - the user determines what personal information they will share and for how long (i.e. temporary or permanent). - users gain access to their desired 3rd party site based on their mutual agreement. Work has begun on creating new scenarios based on the Sam use case for Cloud for All<http://wiki.fluidproject.org/display/fluid/%28C4A%29+Use+Cases>. These new scenarios will depict Sam accessing various online services and how she negotiates a privacy relationship with each site. These use cases will be located at this wiki page: http://wiki.fluidproject.org/display/fluid/GPII+User+Privacy+Settings+-+Use+Cases. We will also explore scenarios where Sam uses a public computer using her Cloud for All credentials, and how privacy is managed in that case. Work will continue on the design of the privacy system and how the user will specify default privacy settings, how exceptions are created and managed, and what the experience will be like in exceptional cases (i.e. the user has declined a website all access to personal information). This work will be tied very closely with the evolving use cases. You can keep track of the ongoing work by watching the GPII User Privacy Settings wiki page: http://wiki.fluidproject.org/display/fluid/GPII+User+Privacy+Settings. We welcome your comments and questions! Cheers, - Jon. -- *JONATHAN HUNG* INCLUSIVE DESIGNER, IDRC**** ** ** *T:* 416 977 6000 x3951**** *F:* 416 977 9844**** *E:* [email protected]**** ** ** *OCAD UNIVERSITY***** Inclusive Design Research Centre**** 205 Richmond Street W, Toronto, ON, M5V 1V3**** ** ** www.ocadu.ca**** www.idrc.ocad.ca
_______________________________________________________ fluid-work mailing list - [email protected] To unsubscribe, change settings or access archives, see http://lists.idrc.ocad.ca/mailman/listinfo/fluid-work
