UCL Discovery
UCL home » Library Services » Electronic resources » UCL Discovery

Designing User-Centered Privacy-Enhancing Technologies

Abu-Salma, Ruba; (2020) Designing User-Centered Privacy-Enhancing Technologies. Doctoral thesis (Ph.D), UCL (University College London). Green open access

[thumbnail of Abu-Salma__Thesis.pdf]
Preview
Text
Abu-Salma__Thesis.pdf

Download (7MB) | Preview

Abstract

Computer security and privacy experts have always advocated the widespread adoption of privacy-enhancing technologies (PETs). However, it remains unclear if mainstream users1 understand what protection these technologies offer. Unlike prior work, we take a user-centered approach to evaluating the user experience, and improving the design, of two PETs: secure (mainly encrypted) communications and private browsing. Prior studies have shown poor usability primarily hampers the adoption and use of secure communication tools. However, we found – by conducting five qualitative (n=102) and two quantitative (n=425) user studies – that, in addition to poor usability, lack of utility and incorrect user mental models of secure communications are primary obstacles to adoption. Users will not adopt a communication tool that is both usable and secure, but lacks utility (due to, e.g., the tool’s small userbase). Further, most users do not know what it means for a usable and secure tool that is widely-adopted and offers utility (e.g., WhatsApp) to be end-to-end encrypted. Incorrect mental models of encryption lead people to use less secure channels that they incorrectly perceive as more secure than end-to-end encrypted tools. Thus, we argue the key user-related challenge for secure communications is not only fostering adoption, but also emphasizing appropriate use – by helping people who already use secure tools avoid sending sensitive information over less secure channels. By employing participatory design, we take a user-centered approach to designing effective descriptions that explain the security properties of end-to-end encrypted communications. Additionally, we take a user-centered approach (as part of a validation study) to evaluating and improving the user experience of another PET: private browsing mode. We conduct a qualitative user study (n=25) to explore the adoption and use of private mode. We employ participatory design and propose guidelines to help create informative browser disclosures that explain the security properties of private mode.

Type: Thesis (Doctoral)
Qualification: Ph.D
Title: Designing User-Centered Privacy-Enhancing Technologies
Event: UCL (University College London)
Open access status: An open access version is available from UCL Discovery
Language: English
Additional information: Copyright © The Author 2020. Original content in this thesis is licensed under the terms of the Creative Commons Attribution 4.0 International (CC BY 4.0) Licence (https://creativecommons.org/licenses/by/4.0/). Any third-party copyright material present remains the property of its respective owner(s) and is licensed under its existing terms. Access may initially be restricted at the author’s request.
UCL classification: UCL
UCL > Provost and Vice Provost Offices
UCL > Provost and Vice Provost Offices > UCL BEAMS
UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science
UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science > Dept of Computer Science
URI: https://discovery.ucl.ac.uk/id/eprint/10098693
Downloads since deposit
947Downloads
Download activity - last month
Download activity - last 12 months
Downloads by country - last 12 months

Archive Staff Only

View Item View Item