ABSTRACT
Privacy-enhanced Identity Management can enable users to retain and maintain informational self-determination in our networked society. This paper describes the usability research work that has been done within the first year of the European Union project on "Privacy and Identity Management for Europe" (PRIME). It primarily discusses and compares three alternative Ul paradigms for privacy-enhanced Identity Management, and presents how important legal privacy principles derived from the European Union Directives have been mapped into suggestions of user interface solutions for PRIME. Besides, it discusses results and encountered problems from conducted usability tests on mock-ups implementing the different Ul paradigms and proposes means for addressing those problems. The paper concludes with remarks on the characteristics of usability work for privacy-enhancing technologies.
- Article 29 Data Protection Working Party. Opinion on More Harmonised Information provisions. 11987/04/EN WP 100, November 25 2004. http://europa.eu.int/comm/internal_market/privacy/workingroup/wp2004/wpdocs04_en.htmGoogle Scholar
- Clauß, S., Kriegelstein, T. Datenschutzfreunliches Identitätsmanagement, DuD Datenschutz und Datensicherheit 27, pp. 297, 2003.Google Scholar
- Cranor, L. F., Guduru, P., & Arjula, M. User Interfaces for Privacy Agents {forthcoming} ms 2004. Google ScholarDigital Library
- Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector, Official Journal L No. 201, 31.07.2002.Google Scholar
- Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, Official Journal L No. 281, 23.11.1995.Google Scholar
- Fischer-Hübner, S. & Pettersson, J. S. (Eds.). Evaluation of early prototypes, PRIME deliverable D6.1.b, 1 December 2004. http://www.prime- project.eu.org/public/prime_products/deliverables/Google Scholar
- Johnston, J., Eloff, J. H. P. & Labuschagne L. Security and human computer interfaces. Computers & Security, Vol. 22 (8), pp. 675, 2003.Google ScholarDigital Library
- Kobsa, A. Personalized Hypermedia and International Privacy. Comm. of the ACM 45(5), pp. 64--67, 2002. Google ScholarDigital Library
- Law, L-C. & Hvannberg, E. Analysis of strategies for improving and estimating the effectiveness of heuristic evaluation. In Hyrskykari, A. (Ed.) Proceedings of the Third Nordic Conference on Human-Computer Interaction, Tampere, Finland, October 23--27, 2004 Google ScholarDigital Library
- Nielsen, J. Heuristic evaluation. In Nielsen, J., and Mack, R. L. (Eds.) Usability Inspection Methods, John Wiley & Sons, New York, NY, 1994. Cf. also http://www.useit.com/papers/heuristic/heuristic_ list.html Google ScholarDigital Library
- Nielsen, J., Molich, R., Snyder C. & Farell S. E-commerce user experience: Trust. Nielsen Norman Group, 2000. Google ScholarDigital Library
- Patrick, A. S. & Kenny, S. From Privacy Legislation to Interface Design: Implementing Information Privacy in Human-Computer Interaction. Proceedings of the Privacy Enhancing Technologies Workshop (PET2003), Dresden/Germany, 2003.Google ScholarCross Ref
- Patrick, A. S., Kenny, S., Holmes C. & van Breukelen, M. Human Computer Interaction. Chapter 12 in Handbook for Privacy and Privacy-Enhancing Technologies. PISA project. Eds. van Blarkom, Borking, Olk, 2002. http://www.andrewpatrick.ca/pisa/handbook/handbook.htmlGoogle Scholar
- Pettersson, J. S. & Siponen, J. Ozlab - a Simple Demonstration Tool for Prototyping Interactivity. Proceedings of the Second Nordic Conference on Human-Computer Interaction, Demonstration session, October 19--23, 2002, Aarhus, Denmark. Pp. 293--294, 2002. Google ScholarDigital Library
- Pettersson, J. S. (Ed.). HCI guidance and proposals, PRIME deliverable D6.1.c, 11 February 2005. http://www.prime-project.eu.org/public/prime_products/deliverables/Google Scholar
- Pettersson, J. S. Ozlab -- a Systems Overview with an Account of Two Years of Experiences. Chapter 10 in Pettersson, J. S. (Ed.) HumanIT 2003, Karlstad University Studies, 26, 2003. http://www.cs.kau.se/~jsp/ozlabGoogle Scholar
- Pettersson, J. S. P3P and Usability -- the Mobile Case. In Duquennoy, P., Fischer-Hübner, S., Holvast J. & Zuccato A., (Eds.) Risk and challenges of the network society, Karlstad University Studies 2004:35, 2004.Google Scholar
- Pfitzmann, A. & Hansen, M. Anonymity, Unobservability, Pseudonymity, and Idenity Management -- A Proposal for Terminology, v0.21, 3. September 2004, http://dud.inf.tudresden.de/Literatur_V1.shtmlGoogle Scholar
- Raskin, J. The Humane Interface - New Directions for Designing Interactive Systems. ACM Press, New York, 2000. Google ScholarDigital Library
- UK Information Commissioner. Annual Track Research Findings, Individuals. 2004. http:/www.informationcommissioner.gov.uk/eventual.aspxGoogle Scholar
Index Terms
- Making PRIME usable
Recommendations
User-Centric Identity Management: New Trends in Standardization and Regulation
The European Commission-funded Privacy and Identity Management for Europe project (Prime) proposes a solution driven by the EU Privacy Directive, which puts the user in control wherever possible. This article focuses on that project and how it interacts ...
Identity management throughout one's whole life
AbstractIdentity management has to comprise all areas of life throughout one's whole lifetime to gain full advantages, e.g., ease-of-use for all kinds of digital services, authenticity and authorisation, reputation and user-controlled privacy.
...Exploiting cryptography for privacy-enhanced access control: A result of the PRIME Project
EU-Funded ICT Research on Trust and SecurityWe conduct more and more of our daily interactions over electronic media. The EC-funded project PRIME (Privacy and Identity Management for Europe) envisions that individuals will be able to interact in this information society in a secure and safe way ...
Comments