”Privacy for a Networked World”: Bridging Theory and Design
As our lives are more commonly mediated by IT, an interactional perspective of privacy  is increasingly applicable to the study of how people find and construct privacy in socio-technical interactions. This perspective has received increasing attention within the HCI research community in recent years. While the interactional perspective has proven effective as a starting point for theoretical and empirical studies of privacy in relation to everyday use of IT, there remain important open questions regarding how to translate results based on this perspective into design practice. Addressing these questions requires a greater sensitivity to when interactional privacy is applicable, a better understanding of suitable research methods, and more effective means for communicating results to the research and practitioner communities.
Privacy, boundary regulation, design, theory
ACM Classification Keywords
H5.m. Information interfaces and presentation (e.g., HCI): Miscellaneous.
Over the past decade, social media, the Internet, and new communication devices have challenged society to become more mindful of privacy [e.g., 1, 2]. While public attention to privacy for a networked world may seem like a relatively new societal phenomenon, HCI researchers and practitioners have been exploring the intersection of media, devices, and privacy for a much longer time. In their review, Iachello and Hong outline two main strands of privacy research in HCI : data protection and personal privacy.
Data protection research has its historical roots in attempts to regulate personal information processing, dating back to the earliest debates on computers and privacy in the 1960’s [4, 5]. At that time, computerization introduced an unprecedented informational power asymmetry, as information started to be collected, processed, and stored by governments and large organizations in novel ways. This posed challenges for regulators and computer scientists, leading to attempts to define private boundaries by identifying types, and legitimate uses, of personal information [4, 6].
Personal privacy research, in contrast, takes a step back and asks how users come to manage and know about privacy. Having its roots in social sciences, most prominently in Irwin Altman’s theories about the basic human need for private spaces , this approach concerns how privacy as a phenomenon is constructed and achieved in everyday life. As our lives are more commonly mediated by IT, such a perspective is increasingly applicable to the study of how people construct and manage privacy in socio-technical interactions.
The interactional perspective of privacy
Within personal privacy research, privacy is understood as a critical factor in the ongoing management of interpersonal relations. In interaction, individuals create and manage boundaries that delimit private spaces, monitor these boundaries, and configure them anew. Herein, privacy is found in ongoing action, in which dynamic spheres of privacy are created, regulated, protected, opened, and closed.
Altman views privacy as an element of human social behavior in physical environments . This involves privacy in face-to-face interaction between individuals, but also in interaction between other social units, such as families and other groups. In contrast to data protection research, which typically is normative and informational, Altman describes privacy as a dynamic optimization process between the opposing forces of public and private. From this view, privacy can be regarded as a boundary regulation process that is dependent on past experiences of the involved parties, the present context, expectations, and a whole range of other factors. Privacy, according to Altman, is thus more of a process than a state.
Palen and Dourish apply Altman’s interactional privacy perspective in the context of the “networked world” [8, p. 129]. In this world, the mechanisms for managing privacy in physical environments must be modified and complemented, since spaces mediated by information technology are governed by different rules. Palen and Dourish explore Altman’s notion that people typically employ a whole range of mechanisms offline to maintain an optimum level of privacy. These include reliance on physical features (walls and doors), social and cultural norms, and verbal behavior. In computing
devices and virtual worlds, individuals are challenged to understand and identify a new set of boundaries in order to negotiate privacy in these spaces.
Data protection research has long been the dominating perspective in HCI. After Palen and Dourish’s paper at CHI’2003 , there has been increased attention to interactional aspects of privacy [see e.g., 9-14]. This workshop continues to build on this perspective.
Challenges for privacy research in HCI
The interactional perspective has proven particularly effective as a starting point for theoretical and empirical studies of privacy in relation to everyday use of information technology, not least in relation to social media and new issues associated with fast-changing technologies. While this perspective has proved evocative, there remain important open questions regarding how to translate results from this perspective into design practice. Our goal with this workshop is to start bridging this critical gap between theory and practice.
We plan to address this gap by focusing the workshop on three primary challenges. The first challenge is to identify situations and contexts where interactional privacy research can be effectively applied to design solutions. Potential design solutions include:
I. guiding design to avoid privacy invasion (privacy-aware design);
II. guiding design of privacy management mechanisms (as in privacy-enhancing technologies and disclosure control); and
III. guiding design to assist the creation of interpersonal privacy practices.
The second challenge concerns methods and research practices, founded in the interactional privacy perspective, that are effective for privacy-centric design of information technology. What common tools, measurement instruments, methods, and design exercises work, and what could benefit from the attention of the community? Through in-depth discussion, we will identify steps the community can take to strengthen work founded in this perspective.
The third challenge relates to how results are best communicated to the HCI practice and research communities. For example, what are the most useful deliverables, and what steps can be taken at the beginning of research to increase the likelihood that the outcome has practical use? What form should deliverables take? Guidelines and design practices are typical means for this type of communication within HCI, but which kinds of guidelines can support the processual definition of interactional privacy effectively?
In this workshop we aim to bring together participants from a variety of disciplines. Psychologists, sociologists and user-oriented researchers in general are invited to bring in their theoretical insights into interactional privacy. Designers and computer scientists can provide the workshop with an understanding of the design challenges related to supporting privacy management and emerging social practices related to privacy. The workshop brings together experts from different fields with the goal of fostering interdisciplinary discussions on interactional privacy and facilitating further work in bridging the gap between theory and design. To facilitate attaining the objectives of the workshop, we will first seek to come up with a common understanding
of interactional privacy research: what do we really mean when we approach privacy challenges from this perspective? The workshop will then address the three challenges outlined above. The expected contribution of the workshop is an increased understanding of how to bridge theory and design, acknowledging that privacy is enacted in technical controls but also in social practices online and in the way design takes them into account.
As technologies that mediate social interaction continue to pervade everyday life, there is a growing need for privacy technologies that are mindful of context and individual needs. We feel this workshop will strengthen the study of interactional privacy in HCI through in- depth discussion, community building as well as prioritization of research questions and strategies.
 Hoofnagle, C., King, J., Li, S., and Turow, J. How Different are Young Adults from Older Adults when it Comes to Information Privacy Attitudes and Policies. UC Berkeley Center for Law and Technology (2010).
 Madden, M. and Smith, A. Reputation Management and Social Media: How people monitor their identity and search for others online. Pew Internet and American Life Project (2010).
 Iachello, G. and Hong, J. 2007. End-user privacy in human-computer interaction. Found. Trends Hum.- Comput. Interact. 1, 1 (Jan. 2007), 1-137
 Hoffman, L. J. 1969. Computers and Privacy: A Survey. ACM Comput. Surv. 1, 2 (Jun. 1969), 85-103
 Westin, A. Privacy and Freedom. Atheneum, New York (1967).
 Bennett, C. and Raab, C. The Governance of Privacy: Policy Instruments in Global Perspective. Cambridge, The MIT Press (2006).
 Altman, I. The Environment and Social Behavior— Privacy, Personal Space, Territory, Crowding. Brooks/Cole Publishing Company, Monterey, CA (1975).
 Palen, L. and Dourish, P. 2003. Unpacking “privacy” for a networked world. In Proc CHI 2003, ACM Press (2003) 129-136.
 Besmer, A. and Richter Lipford, H. 2010. Moving beyond untagging: photo privacy in a tagged world. In Proc CHI 2010, ACM Press (2010), 1563-1572.
 Mancini, C., Thomas, K., Rogers, Y., Price, B. A., Jedrzejczyk, L., Bandara, A. K., Joinson, A. N., and Nuseibeh, B. From spaces to places: emerging contexts in mobile privacy. In Proc Ubicomp 2009, ACM Press (2009), 1-10.
 Stutzman, F. and Kramer-Duffield, J. 2010. Friends Only: Examining a Privacy-Enhancing Behavior in Facebook. In Proc CHI 2010, ACM Press (2010) 1553- 1562.
 Child, J. T., Pearson, J. C., and Petronio, S. . Blogging, communication, and privacy management: Development of the Blogging Privacy Management Measure. JASIST 60, 10 (2009) 2079-2094.
 Snyder, J. L. E-Mail Privacy in the Workplace. Journal of Business Communication 47, 3 (2010) 266- 294.
 Tufekci, Z. 2008. Can You See Me Now? Audience and Disclosure Regulation in Online Social Network Sites. Bulletin of Science Technology and Society 2, 1 (2008) 20-36.