CrySP Speaker Series on Privacy

This speaker series is made possible by an anonymous charitable donation in memory of cypherpunks and privacy advocates Len Sassaman, Hugh Daniel, Hal Finney, and Caspar Bowden.

View the list of past and upcoming speakers

Designing Useful and Usable Privacy Interfaces

Lorrie Faith Cranor, Carnegie Mellon University

[Download (MP4)] [View on Youtube]

May 27, 2021 1:30pm, in Zoom


Users who wish to exercise privacy rights or make privacy choices must often rely on website or app user interfaces. However, too often, these user interfaces suffer from usability deficiencies ranging from being difficult to find, hard to understand, or time-consuming to use, to being deceptive and dangerously misleading. An emphasis on meeting legal and regulatory obligations is not sufficient to create privacy interfaces that are usable and useful for users. This talk will provide insights into the reasons why it can be difficult to design privacy interfaces that are usable and useful and suggest user-centric approaches to designing privacy interfaces that better meet user needs and reduce the overwhelming number of privacy choices. I’ll discuss some of our research along these lines at Carnegie Mellon University including our work on designing and evaluating privacy icons and link texts for the California Consumer Privacy Act and our design and evaluation of privacy "nutrition" labels for websites, mobile apps, and IoT devices.


Lorrie Faith Cranor is the Director and Bosch Distinguished Professor of the CyLab Security and Privacy Institute and FORE Systems Professor of Computer Science and of Engineering and Public Policy at Carnegie Mellon University. She is also co-director of the Collaboratory Against Hate: Research and Action Center at Carnegie Mellon and the University of Pittsburgh. In addition, she directs the CyLab Usable Privacy and Security Laboratory (CUPS) and co-directs the MSIT-Privacy Engineering masters program. In 2016 she served as Chief Technologist at the US Federal Trade Commission. She co-founded Wombat Security Technologies, a security awareness training company that was acquired by Proofpoint. She is a fellow of the ACM, IEEE, and AAAS; a member of the ACM CHI Academy; and a recipient of the IAPP Privacy Leadership Award. Her pandemic pet is a bass flute.