A Novel Approach to Modeling Contextual Privacy Preference and Practice

We are living in a time of fundamental changes in the dynamic between privacy and surveillance. The ubiquity of information technology has changed the ways in which we interact, empowering us through new venues of communication and social intimacy. At the same time, it exposes us to the prying eyes of others, in the shape of governments, companies, or even fellow humans. This creates a challenging environment for the design of 'privacy-aware' applications, exacerbated by a disconnect between abstract knowledge of privacy and concrete information requirements of privacy design frameworks.

In this work, we present a novel approach for the modeling of contextual privacy preference and practice. The process guides a 'privacy analyst' through the steps of evaluating, choosing, and deploying appropriate data collection strategies; the verification and validation of the collected data; and the systematic transformation of the dense, unstructured data into a structured domain model. We introduce the Privacy Domain Modeling Language (PDML) to address the representational needs of privacy domain models. Making use of the structure of PDML, we explore the applicability of the information theoretic concept 'entropy' to determine the completeness of the resulting model. We evaluate the utility of the process through its application to the evaluation and re-design of a web application for the management of students' directory information and education records. Through this case study, we demonstrate the potential for automation of the process through the Privacy Analyst Work eNvironment (PAWN) and show the process's seamless integration with existing privacy design frameworks. Finally, we provide evidence for the value of using entropy for determining model completeness, and provide an outlook on future work.