Privacy Policies

Slides

• 15-PrivacyPolicies
• 16 - Notice and choice

Papers mentioned in lecture

• Riegelsberger, Jens, and M. Angela Sasse. “ Trustbuilders and trustbusters: The role of trust cues in interfaces to e-commerce applications.” Towards the E-Society: E-commerce, E-business, and E-government. Boston, MA: Springer US, 2001. 17-30.
• Riegelsberger, Jens, M. Angela Sasse, and John D. McCarthy. “The mechanics of trust: A framework for research and design.” International journal of human-computer studies 62.3 (2005): 381-422.

Required Reading

• Privacy by Design The 7 Foundational Principles Implementation and Mapping of Fair Information Practices by Ann Cavoukian, Information & Privacy Commissioner, Ontario, Canada

Lecture Notes

Research in Canada is done under TCPS 2.

• “Privacy refers to “an individual’s right to be free from intrusion or interference by others” (Chapter 5, Section A)”
• The ethical duty of confidentiality refers to “the obligation of an individual or organization to safeguard entrusted information” (Chapter 5, Section A).

Additional Resources

Laws and regulations

• The Personal Information Protection and Electronic Documents Act (PIPEDA) requirements in brief
• Mapping the Policy Process

Academic Publications

• Kalle Kusk and Midas Nouwens. 2025. How Website Owners Use Consent Management Platforms: An Interview Study. In Proceedings of the Extended Abstracts of the CHI Conference on Human Factors in Computing Systems (CHI EA ‘25).
• Lorrie Faith Cranor; “Informing California Privacy Regulations with Evidence from Research Designing and testing ‘Do Not Sell My Personal Information’ icons.” Communications of the ACM, 2021
• Mhaidli, Abraham, et al. “Researchers’ experiences in analyzing privacy policies: Challenges and opportunities.” Proceedings on Privacy Enhancing Technologies (2023).

Privacy by Design

• Privacy By Design: The Seven Foundational Principles
• Privacy Design Strategies (Little Blue Book)