In the research cluster “data protection by design”, we combine concepts and methods from different research disciplines, such as from law and Human Computer Interaction (HCI). In this cluster, our core research project is the project “Designing and Testing Privacy Icons for their Effectiveness”. According to the GDPR-legislator, privacy icons should enable individuals to better understand the complexity of privacy, for example, with respect to data protection policies and informed consent. In numerous exploratory workshops with laypeople, we have explored how these laypersons perceive privacy risks when using specific technologies, such as voice recognition (e.g. Alexa and Google Home), smart cars (e.g. “pay-as-you-drive” insurance rates) but also, more commonly, websites. Understanding how laypeople perceive privacy risks is crucial for designing privacy icons to help them understand these risks effectively. The result of these workshops is a list of user-perceived privacy risks that we subsequently categorized together with more than 10 privacy and security experts. On this basis, we will start designing privacy icons later this year (hopefully despite the coronavirus) together with design students from the UdK. Together with other research institutions, we have also set up our Privacy Icons Forum to facilitate the exchange about privacy icons on an international level.
Besides this project, our research group aims to explore new forms and methods to better understand and explain the complexity of data protection. One example for this is our modularizable privacy policy for websites, which we have drafted and are constantly improving by applying the approach of “legal design”. Another example is our chart explaining “The concept of data protection law”.
Selected publications:
Selected workshops, conferences and events: