search

privacy-tech-lab / gpc-privacy-choice

Privacy browser extension for researching GPC privacy choice user interfaces
https://www.privacytechlab.org
MIT License
15 stars 2 forks source link

Implement scheme for sending GPC signals depending on data categories shared (scheme 7) #229

Closed SebastianZimmeck closed 2 years ago

SebastianZimmeck commented 2 years ago

As discussed today with @bella-tassone, it would be interesting to implement one more scheme, scheme 7, according to which users select sites to send GPC signals based on the type of data a site shares or sells. Here are the different data types that we could use (from one of our survey questions).

Screen Shot 2022-06-21 at 9 42 24 AM

For example, if a user selects Phone number, then all web requests containing the user's phone number (and possibly additional data types) would have GPC enabled. All requests that do not contain the phone number would not receive GPC signals.

As @bella-tassone pointed out, at the Firebase backend, we would need to implement something similar as the profile or recipient category scheme. We may be able to essentially just use those schemes as a blueprint.

This scheme would be a pure frontend implementation without actually sending GPC signals as we do not have functionality to filter web requests according to data categories (which we are working on in Privacy Pioneer).

If we want to add this scheme, we should aim to have it finalized within the next three weeks or so (to also leave some wiggle room for testing).

As an aside, we have to be careful of testing this scheme to not mix up any test data with real data on Firebase.

I would need to submit an IRB protocol change.

bella-tassone commented 2 years ago

At this time, I believe I have fully implemented scheme 7. Still need to do a bunch of testing, but the front-end is completely implemented. The main components of scheme 7 are:

Screen Shot 2022-06-22 at 2 07 44 PM Screen Shot 2022-06-22 at 2 08 23 PM

I don't think it would make sense for scheme 7 to have a domain list since there isn't any backend implementation. Unless users wanted to make specific changes, all domains would show as Off (it wouldn't vary since selecting different data categories doesn't actually do anything). I don't think it would look good for users to see that their choices don't actually change anything, so I suggest we forgo the domain list in this scheme.

If there's an argument to maintain the domain list, then I think we would need to come up with a solution that prevents users from realizing this is a dummy scheme.

SebastianZimmeck commented 2 years ago

I have fully implemented scheme 7

Very nice! Does that include writing to the Firebase backend as well?

I don't think it would make sense for scheme 7 to have a domain list since there isn't any backend implementation. ... so I suggest we forgo the domain list in this scheme.

Yes, I agree. One could think of a domain list that has each data type per domain, but that may be too much detail and from a practical perspective for us a lot of effort to implement. So, yes, let's remove the domain list from this scheme.

we would need to come up with a solution that prevents users from realizing this is a dummy scheme

I will look into the IRB how to best present this to our study participants.

bella-tassone commented 2 years ago

Yes, the firebase backend is set up! Just need more testing.

SebastianZimmeck commented 2 years ago

Once it is done, we also need to add a description and screenshot of scheme 7 to the readme.