Jason Hong (CMU CHIMPS Lab)
Feb. - Jul. 2019 (5 months)
Ally Liu / Qian Wang / Rudy Iyer / Won-Woo Chung
My Role
I was one of the main designers and also conducted usability testings
How might we help people manage their mobile data privacy in a more knowledgeable way?
Although mobile OS (operation system) today allow users to configure data access an App gets. However, users don't know if their data will be used for unexpected purposes or get leaked to a third party. This may even put lives at danger for special occupations like the military.
A privacy-enhanced Android system that helps you control and understand privacy settings.
To give users finer control and more information about data accesses, we designed an App called "Privacy Manager" and modified 4 parts of Android OS. Our system consists of 4 types of settings to satisfy user needs under different circumstances.
When I joined the project, generative research was already towards the end. So we first concluded design principles based on previous user research.
Design Principles
👁 Easy to understand the current status and risks
⚙️ Guided to maintain the best configuration
❤️ Feels trustworthy and native to Android
Card Sorting
Decide on information hierarchy: “what-why-where"
We used card sorting to figure out the right information hierarchy. We printed out permission cards with “what data this is for”, “why it was requested”, and “who'll be using it” on each one. Then we asked users to organize them. The result shows 80% of users sorted them in a “what-why-where” sequence.
Conceptual Models
Simplify the control logic of the complex system.
I worked together with the developer to simplify the control logic of our complicated system. We considered as many edge cases as possible to make the decision. I also transformed our decision into the flow model to help development
Ongoing substantial user testings to keep refining the design.
Designing for such a complicated system and various user types means testing again and again. The most often used method is the simplest A/B testing combined with think-alouds. For each design decision, we usually develop multiple designs to test. Asking users to perform a task and thinking aloud helped us better understand the mindset of users, thus informed us how to proceed.
Privacy Manager App
1. Homepage
There are a few sections on the homepage:

Privacy Mode: Switch from work mode and life mode.
Privacy Overview: Review how your data is accessed.
Recommended Settings: Quickly improve privacy settings based on other people's settings and users' previous behavior.
Global Settings & App Settings: Configure for all Apps or individual App.

Key iterations:
2. Global Setting
“Global Setting” means configuring for all Apps. Based on user research, we decided on a “what-why-where” information hierarchy: “what data is accessed,” “why it is accessed,” and “where is it used.” We also used a progressive disclosure fashion to avoid overwhelming users.
Key iterations
3. Privacy Mode
Privacy mode is to help organizations prevent data leakage from its employees or visitors. Employees can easily switch to different mode under different circumstances,and apply the set of configurations. For instance, DARPA’s military people may need to hide their location from all apps when they are out on a mission.
Key Iterations
Android - Quick Settings
We designed more privacy-related options in the quick setting view, which can help those in sensitive situations temporarily protect specific data from all Apps. But it's still under control of the privacy mode, as shown in the demo here.
Key Iterations
Android - App Installation
App Settings
Right after users installed an app, the App Settings page will show up. The default settings are based on your previous behavior or the majority of our users. We especially designed an “uncommon requests” section to make the configuration process more manageable.
Key Iterations
Android OS - Request Access
Request Access
If permission is set to “Ask,” a pop-up will appear when users are using the App. We showed the purpose, the requester, and a detailed explanation from the App to help users make decisions more knowledgeably.
Key Iterations
Android - Notification Center
Why I can't use this App?
When a data request was blocked by the OS, the App may not function normally. A notification can help user identify why it's refused and help user take action easily if needed.
Key Iterations
Things we did correctly 😉
Things we can improve 🤔