Chapter Twenty Two. Privacy Policies and Privacy Preferences

Lorrie Faith Cranor

MOST PRIVACY ENHANCING TECHNOLOGIES (PETs) research and development has focused on just one category of Benjamin Brunk’s Privacy Space Framework :[1] prevention. In Brunk’s 2002 review of available privacy technology solutions, prevention tools dominated. In the PETs research literature, we see numerous papers on cryptographic protocols, anonymous communication systems, and private information retrieval techniques, all of which are designed to prevent information from being disclosed. However, prevention tools tend to be blunt instruments that offer their users only the ability to turn protections on or off. They usually do not facilitate fine-grained control over the flow of personal information.

The concept of individual control over personal information is central to most conceptions of privacy. To facilitate user control over their information requires tools that can be tuned to allow or block information exchange at a fine-grained level based on a variety of factors. Such tools might be categorized as awareness tools, as they can convey privacy-related information to users to help them inform their decision making. However, we would ultimately like these tools not only to inform users, but also to take actions on their behalf. Thus, these tools might also be categorized as detection tools, because they can analyze privacy-related information and detect situations where preventive steps should be ...

Get Security and Usability now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.