My research investigates the effect of technology on individuals’ privacy by studying (1) privacy concerns, needs and behavior, including how and why individuals’ needs and behaviors tend to be misaligned, (2) how privacy issues disparately affect exposure-sensitive populations, and (3) how we can design usable and useful privacy interfaces and solutions, as well as advance best practices for human-centered privacy design and privacy engineering.
My lab’s research has demonstrated how technology design can hamper people’s assessment of privacy risks and limit privacy-seeking behavior, leading people to act against their privacy preferences. We have investigated how platform design and policies create and exacerbate privacy risks for exposure-sensitive populations. We have revealed substantial gaps between the intent and effect of privacy-focused public policy (e.g., requirements for privacy notices and opt-outs; required data breach notifications). We have further shown how these issues can be addressed with human-centered privacy design. Our work has informed the public debate on privacy, influenced industry practice, and directly impacted public policy. Most recently, we worked with the California Attorney General’s Office on designing and evaluating the Privacy Options icon, which is now part of the CCPA regulations.
Come join the Security Privacy Interaction Lab (spilab) at the University of Michigan!