Usability
Previously
- What is security?
- What is privacy?
Today
- What is usable?
Revisiting contextual integrity
CI recap
- Privacy as appropriate flow
- Appropriate flow as conformance with legitimate contextual-informational privacy norms
- Five parameters of privacy norms: subject, sender, recipient, information type, transmission principle
- Ethical legitimacy of privacy norms based on I) interests, II) ethical/political values, III) contextual functions, purposes and values
CI limitation: model for behaviors, not mental models
How people actually think about privacy
CI limitation: entrenched norms may be bad
CI limitation: inferences
Data “food chain”
CI: a useful model
What is usability?
Quality of being usable
What makes something usable?
- fulfills its intended purpose
- efficiency = fewest number of steps
- convenience
- learning curve
- easy to understand
- for diverse users
- attractiveness, esthetics = looks nice
- overall satisfaction
- retention of users
What qualities make something usable?
- Intuitive design
- Ease of learning
- Efficiency of use
- Memorability
- Error frequency and severity
- Subjective satisfaction
Security is a secondary task
How can we get out of the way of what the user actually wants to do?
Questions to ask for (security) usability
- What does the user want to do?
- What’s getting in the way?
- What can we do about it?
- Did it work?
How can we find out?
- What does the user want to do?
- What’s getting in the way?
- What can we do about it?
- Did it work?
- Surveys
- Interview
- current users, dropouts
- Feedback form, bug reports
- User reviews
- Telemetry = log data and analyze it
- Usability test
- with/without novel users
- Experiments
- with control groups
User goals
- Domain knowledge
- Observations
- Interviews
- Surveys
Obstacles
- Domain knowledge
- Observations
- Interviews
- Surveys
. . .
- User studies
- Telemetry
- Diary studies
Ideation
- Think really hard
. . .
- Participatory design
- Focus groups
- Talk to experts
Evaluation
- User studies
- Telemetry
. . .
- Experiments
- A/B tests
- Everything from before!
Summary of methods
- Observations
- Interviews
- Surveys
- User studies
- Telemetry
- Diary studies
- Participatory design
- Focus groups
- Experiments
Formative vs summative evaluations
- formative = shape direction
- summative = evaluate performance
Who does this research?
- UX researchers
- Designers
- Developers
- Academics
Questions about measuring usability
How we will work with papers
Reading reflections
- What are the paper’s main contributions?
- What parts of the paper do you find unclear? (Optional)
- What parts of the paper are questionable? (E.g., methodology, omissions, relevance, presentation.)
Why am I requiring paper summaries?
- LLMs are great at summarizing
- But you should get good at it too
- Evaluating LLM output is a different skill
Reading discussion roles
- 👩🏽🔬 Scientific Peer Reviewer
- 🏺 Archaeologist
- 🍜 Academic Researcher
- 💰 Industry Practitioner
- 👾 Hacker / Social Engineer
- 🕵️ Private Investigator
- 🌎 Social Impact Assessor
based on concept by Alec Jacobson and Colin Raffel
Case study: usable encryption
The paper
