About
37
Publications
9,700
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
535
Citations
Introduction
Additional affiliations
Publications
Publications (37)
Background
As consent for data sharing evolves with the digital age, plain-text consent is not the only format in which information can be presented. However, designing a good consent form is highly challenging. The addition of graphics, video, and other mediums to use can vary widely in effectiveness; and improper use can be detrimental to users....
BACKGROUND
As consent for data sharing evolves with the digital age, plain-text consent is not the only format in which information can be presented. However, designing a good consent form is highly challenging. The addition of graphics, video, and other mediums to use can vary widely in effectiveness; and improper use can be detrimental to users....
This short paper is a primer for early career researchers that collect and analyze social media data. It provides concise, practical instructions on how to address personal data protection concerns and implement research ethics principles.
There has been a burst of discussions about how to characterize and recognize online dark patterns — i.e., web design strategies that aim to steer user choices towards what favours service providers or third parties like advertisers rather than what is in the best interest of users. Dark patterns are common in cookie banners where they are used to...
Growth hacking, particularly within the spectre of surveillance capitalism , has led to the widespread use of deceptive, manipulative, and coercive design techniques in the last decade. These challenges exist at the intersection of many diferent technology professions that are rapidly evolving and "shapeshifting" their design practices to confront...
App permission requests are a control mechanism meant to help users oversee and safeguard access to data and resources on their smartphones. To decide whether to accept or deny such requests and make this consent valid, users need to understand the underlying reasons and judge the relevance of disclosing data in line with their own use of an app. T...
Data Protection and Consenting Communication Mechanisms (DPCCMs) have the potential of becoming one of the most funda�mental means of protecting humans’ privacy and agency. However, they are yet to be improved, adopted and enforced. In this paper,
based on the results of a technical document analysis and an expert study, we
we identify some of the...
App permission requests are a control mechanism meant to help users oversee and safeguard access to data and resources on their smartphones. To decide whether to accept or deny such requests and make this consent valid, users need to understand the underlying reasons and judge the relevance of disclosing data in line with their own use of an app. T...
Being asked to consent to data sharing is a ubiquitous experience in digital services-yet it is very rare to encounter a well designed consent experience. Considering the momentum and importance of a European data space where personal information freely and easily flows across organizations, sectors and Member States, solving the long-discussed tho...
Icons may become a universal language for data privacy only if they are standardized (both through norms and widespread, uniform use) and machine-readable to aid visually impaired people and maintain semantic meaning over time. However, they are not always the most appropriate solution to effectively communicate with different audiences. For
insta...
A cookie banner pops up when a user visits a website for the first time, requesting consent to the use of cookies and other trackers for a variety of purposes. Unlike prior work that has focused on evaluating the user interface (UI) design of cookie banners, this paper presents an in-depth analysis of what cookie banners say to users to get their c...
Online services pervasively employ manipulative designs (i.e., dark patterns) to influence users to purchase goods and subscriptions, spend more time on-site, or mindlessly accept the harvesting of their personal data. To protect users from the lure of such designs, we asked: are users aware of the presence of dark patterns? If so, are they able to...
With emerging technologies such as genome research and the digitization of health records comes the need for new models of informed consent. In this climate of innovation people are often prone to explore the latest technological advancement as possible solutions, including for informed consent. In this paper, we present the design and evaluation o...
Following GDPR’s Article12.7’s proposal to use standardized icons to inform data subject in “an easily visible, intelligible and clearly legible manner,” several icon sets have been developed. In this paper, we firstly critically review some of those proposals. We then examine the properties that icons and icon sets should arguably fulfill accordin...
This position paper draws from the complexity of dark patterns to develop arguments for differentiated interventions. We propose a matrix of interventions with a measure axis (from user-directed to environment-directed) and a scope axis (from general to specific). We furthermore discuss a set of interventions situated in different fields of the int...
Online services pervasively employ manipulative designs (i.e., dark patterns) to influence users to purchase goods and subscriptions, spend more time on-site, or mindlessly accept the harvesting of their personal data. To protect users from the lure of such designs, we asked: are users aware of the presence of dark patterns? If so, are they able to...
This position paper draws from the complexity of dark patterns to develop arguments for differentiated interventions. We propose a matrix of interventions with a \textit{measure axis} (from user-directed to environment-directed) and a \textit{scope axis} (from general to specific). We furthermore discuss a set of interventions situated in different...
The DAPRECO knowledge base is the main outcome of the interdisciplinary project bearing the same name (https://www.fnr.lu/projects/data-protection-regulation-compliance). It is a repository of rules written in LegalRuleML, an XML formalism designed to be a standard for representing the semantic and logical content of legal documents. The rules repr...
Oftentimes information disclosures describing personal data-gathering research activities are so poorly designed that participants fail to be informed and blindly agree to the terms, without grasping the rights they can exercise and the risks derived from their cooperation. To respond to the challenge, this article presents a series of operational...
Design is a key player in the future of data privacy and data protection. The General Data Protection Regulation (GDPR) established by the European Union aims to rebalance the information asymmetry between the organizations that process personal data and the individuals to which that data refers. Machine-readable, standardized icons that present a...
Patterns are a central tool in legal design. They are conceptual schemes or entities describing solutions to a recurring legal problem, helping to make contracts, disclosures and policies accessible to users and easier to prepare. In this paper, we take stock of existing legal design patterns and pattern libraries and present the idea of a legal de...
Legal Design is an umbrella term for merging forward-looking legal thinking with design thinking. It applies human-centered design to prevent or solve legal problems. Legal Design takes an interdisciplinary and proactive approach to law, covering not only legal information and documents, but also legal services, processes, and systems. This paper i...
One of the common characteristics of legal documents is the absolute preponderance of text and their specific domain language, whose complexity can result in impenetrability for those that have no legal expertise. In some experiments, visual communication has been introduced in legal documents to make their meaning clearer and more intelligible, wh...
The GDPR (GDPR, REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)) introduces the self-assessment of digital risks and...
Fulfilling the legal requirements of mandated disclosure is a challenge in many contexts. Privacy communication is no exception, especially for those who seek to effectively inform individuals about the use of their data. Lawyers across countries and industries are facing recurring problems when (re)writing privacy notices and terms. Visual and int...
The GDPR suggests icons to convey data practices in a more straightforward way. Although visualizations to represent legal terms have many benefits, there is fear that they could be misrepresented by designers and misinterpreted by individuals, thus hindering instead of facilitating the comprehension. In order to solve these issues, we present a me...
For the first time in the history of European data protection law, the use of visualizations and especially of icons is explicitly suggested as a way to improve the comprehensibility of the information about data handling practices provided to the data subjects, which plays a crucial role to obtain informed consent. Privacy icon sets have already b...
English. This paper presents a work in progress on the design of a sentiment polarity classification system that participates in the EVALITA 2014 SENTIPOLC task. Although we have been working on the system implementation for only three months, the results are promising, as the system ranked 5th (out of 9) in the subjec-tivity detection task and 7th...