Qian Wang

Sponsor

DARPA / BBN

Advisor

Jason Hong (CMU CHIMPS Lab)

Time

Feb. - Jul. 2019 (5 months)

Team

Ally Liu / Qian Wang / Rudy Iyer / Won-Woo Chung

My Role

I was one of the main designers and also conducted usability testings

Summary

Problem

How might we help people manage their mobile data privacy in a more knowledgeable way?

Although mobile OS (operation system) today allow users to configure data access an App gets. However, users don't know if their data will be used for unexpected purposes or get leaked to a third party. This may even put lives at danger for special occupations like the military.

Solution

A privacy-enhanced Android system that helps you control and understand privacy settings.

To give users finer control and more information about data accesses, we designed an App called "Privacy Manager" and modified 4 parts of Android OS. Our system consists of 4 types of settings to satisfy user needs under different circumstances.

Research

When I joined the project, generative research was already towards the end. So we first concluded design principles based on previous user research.

Design Principles

👁 Easy to understand the current status and risks

⚙️ Guided to maintain the best configuration

❤️ Feels trustworthy and native to Android

Card Sorting

Decide on information hierarchy: “what-why-where"

We used card sorting to figure out the right information hierarchy. We printed out permission cards with “what data this is for”, “why it was requested”, and “who'll be using it” on each one. Then we asked users to organize them. The result shows 80% of users sorted them in a “what-why-where” sequence.

Conceptual Models

Simplify the control logic of the complex system.

I worked together with the developer to simplify the control logic of our complicated system. We considered as many edge cases as possible to make the decision. I also transformed our decision into the flow model to help development

Think-Alouds

Ongoing substantial user testings to keep refining the design.

Designing for such a complicated system and various user types means testing again and again. The most often used method is the simplest A/B testing combined with think-alouds. For each design decision, we usually develop multiple designs to test. Asking users to perform a task and thinking aloud helped us better understand the mindset of users, thus informed us how to proceed.

Design

Privacy Manager App

1. Homepage

There are a few sections on the homepage:

Privacy Mode: Switch from work mode and life mode.
Privacy Overview: Review how your data is accessed.
Recommended Settings: Quickly improve privacy settings based on other people's settings and users' previous behavior.
Global Settings & App Settings: Configure for all Apps or individual App.

Key iterations:

2. Global Setting

“Global Setting” means configuring for all Apps. Based on user research, we decided on a “what-why-where” information hierarchy: “what data is accessed,” “why it is accessed,” and “where is it used.” We also used a progressive disclosure fashion to avoid overwhelming users.

Key iterations

3. Privacy Mode

Privacy mode is to help organizations prevent data leakage from its employees or visitors. Employees can easily switch to different mode under different circumstances,and apply the set of configurations. For instance, DARPA’s military people may need to hide their location from all apps when they are out on a mission.

Key Iterations

Android - Quick Settings

We designed more privacy-related options in the quick setting view, which can help those in sensitive situations temporarily protect specific data from all Apps. But it's still under control of the privacy mode, as shown in the demo here.

Key Iterations

Android - App Installation

App Settings

Right after users installed an app, the App Settings page will show up. The default settings are based on your previous behavior or the majority of our users. We especially designed an “uncommon requests” section to make the configuration process more manageable.

Key Iterations

Android OS - Request Access

Request Access

If permission is set to “Ask,” a pop-up will appear when users are using the App. We showed the purpose, the requester, and a detailed explanation from the App to help users make decisions more knowledgeably.

Key Iterations

Android - Notification Center

Why I can't use this App?

When a data request was blocked by the OS, the App may not function normally. A notification can help user identify why it's refused and help user take action easily if needed.

Key Iterations

Reflection

Things we did correctly 😉

The key to designing a complex system is to simplify it through understanding the data and logic. We spent weeks discussing the control logic, conducting user research to understand users’ mental models before settling down on a design.
We had a good balance between following a design guideline (Material Design) and innovating based on the need.

Things we can improve 🤔

We couldn't test the privacy profile with organizational users due to lack of user access. If possible, I hope to do more testing with them.
If given more time, I hope to further explore how we can recommend configurations, thus making it even easier to maintain a good setting.