NSF Award
2309277
Much privacy research has taken an app-centric approach, narrowly focused on understanding user concerns, if any, with privacy risks of an app and alleviating the symptomatic evidence of the ailment (data leaked by a specific app). This project tackles the privacy ecosystem, an interlocking web of dataveillance that can encompass everything from credit card purchases to location history to communications metadata. The larger privacy ecosystems goes beyond the risks of particular apps and aims to mitigate the multiple privacy risks that threaten people, particularly vulnerable individuals who are both more at risk of privacy breaches and more harmed by their consequences. Health is a key context and domain in which a broad view of privacy is necessary. This project goes beyond app-centric views of health privacy and aims to examine vulnerable individuals’ privacy behaviors in the healthcare context. It develops and evaluates ways that these individuals can better protect themselves, as well as tools to help healthcare providers support their clients’ privacy. <br/><br/>Through qualitative research that includes in-depth interviews and systematic analysis, this project is characterizing the understanding of risk experienced by vulnerable individuals in the context of their healthcare, taking into account the broad privacy ecosystem beyond individual apps. Qualitative research also is exploring the role of service providers, including librarians, social workers, teachers, and healthcare professionals. providing privacy management strategies. Through qualitative research that includes in-depth interviews and systematic analysis, this project is characterizing the understanding of risk experienced by vulnerable individuals in the context of their healthcare, taking into account the broad privacy ecosystem beyond individual apps. Qualitative research also is exploring the role of service providers, including librarians, social workers, teachers, and healthcare professionals in providing privacy management strategies. The second part of this research involves vulnerable populations, service providers, and privacy experts. Participatory design is employed to develop and evaluate a toolkit to support privacy ecosystem management. This research project is developing a freely available privacy toolkit designed for those who provide support and guidance to vulnerable individuals to help mitigate privacy harms. The project is contributing to understanding privacy risk and management for vulnerable individuals and provides a new frame for privacy and security researchers in the study of privacy protection for vulnerable communities.<br/><br/>This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
