An online experiment of privacy authorization dialogues for social applications

Several studies have documented the constantly evolving privacy practices of social networking sites and users' misunderstandings about them. Researchers have criticized the interfaces to "configure" privacy preferences as opaque, uninformative, and ineffective. The same problems have also plagued the constant growth of third-party applications and their troubling privacy authorization dialogues. In this paper, we report the results of an experimental study examining the limitations of current privacy authorization dialogues on Facebook as well as four new designs which we developed based on the Fair Information Practice Principles (FIPPs). Through an online experiment with 250 users, we study and document the effectiveness of installation-time configuration and awareness-enhancing interface changes.