Compiled 1

8/3/2019 Compiled 1

1/133

1

Executive Summary

Ten years ago, a website may have only constituted everything within its limited

directory structure. Today, those borders have become porous. Facebook extends its

reach far past the boundaries of what is contained after the last slash in

http://www.facebook.com/. The transformation of Facebook from a simple website to amesh of APIs has allowed for everything from social games to social viruses and

worms. When 90.7% of Facebook applications are given more private data than they

need1, its imperative that a solution be found. One angle that stands to be significantly

improved is the ecosystems usability. KnoBook is an attempt to keep all of this in

check.

This report is addressed at clients in the web security industry, particularly those

with an existing presence in the desktop security market (Symantec, Microsoft) that

desire to expand into social networking security.

This system is designed with the most rapidly growing Facebook user group inmind: middle-aged users2. This group has rapidly come to define Facebooks target

audience. Therefore, it should also define the target audience for any application

designed to better enforce privacy on Facebook.

One of the largest issues with Facebooks application platform is the vague

language it uses to describe what an application has access to. Few users understand

exactly what each permission listed by Facebook actually means in terms of what the

application would have access to. This makes the user feel nervous about using certain

applications for fear of exposing private information or unknowingly participating in

promotional activity for the application itself (spamming friends).

KnoBook provides extra information to the user. It maintains a database ofcrowd-sourced user reviews for both the level of interest maintained in an app and the

level of negative surprise it may give users. In this case, unpleasant surprise could

mean posting content to the users profile that was not expected or reading personal

data that the user was not aware the application had access to. The primary goal is to

allow the user to make informed choices about what applications to allow and disallow

based on real, tangible information instead of the vague explanations that Facebook

currently provides.

During early tests of the system, users familiar with Facebook platform

applications tended to ignore the new information being presented, as it was designed

to be unobtrusive and fit with Facebooks existing dialogs. After iterating the design and

modifying the system, users took action based on the information that was presented

to them to either approve or decline app invitations. Users were able to parse the

information provided to them and make decisions based on it. This contrasts with user

1Appendix: 22Appendix: 2

8/3/2019 Compiled 1

2/133

2

actions in preliminary interviews, where users were unsure about the decisions they

were making on the site based on information provided.

DesignLiterature Review3:

Research before the project consisted of a preliminary literature review followedby one semi-structured interview and two contextual inquiries. The topic of user-facing

API usability is very infrequently mentioned in the literature. In Stephen Clarkes (2004)

look at programmatic API usability, he suggests that developers follow the same

general guidelines as when looking to design usable graphical user interfaces and apply

user-centered design methodology. In this case, the user is the programmer instead of

the person eventually using the software the programmer is creating, however, the

attention to user-centered design at all stages in the process is worth noting. As it

stands, the Facebook APIs development has focused largely around Clarkes concepts

to provide affordances for platform developers. However, the end users of the product

are paid comparatively little attention.

This becomes especially concerning when taking into account Lovejoy, Horn,

and Hughes (2009) assertion that a good deal of Facebooks potential lies in exploiting

social ties to third parties for commercial gain. This activity remains invisible to the

average user, using the metaphor of an iceberg to separate the small portion of the

visible social networking benefits (according to Lovejoy, Horn, and Hughes social

networking and fun from the users perspective) from the invisible part of the network

(the large network of detailed personal data provided voluntarily by users; to be

aggregated, filtered and re-organized for purposes of targeted marketing, advertising,

and PR). In this case, applications could be categorized as providing a marketing

benefit for Facebook itself, allowing the reach of the platform to extend far beyond the

walls of the site.

Lovejoy, Horn and Hughes also note the gratifications of using Facebook tend

to outweigh the perceived threats to privacy. They go on to say that the common

solution, decreasing the visibility of information to friends only, tends to ignore the

larger part of the iceberg that continues to collect information. Clearly, then, there is a

need to expose the dangers of what may lie under the iceberg. Any product that is to

confront this problem will have to be designed to emphasize the positive aspects of

social networking in order to alert users of the potential threats to privacy.

Danah Boyds (2008) Facebooks Privacy Trainwreck: Exposure, Invasion and

Social Convergence makes an important point about the overall feeling of privacy in

stating privacy is not simply about the state of an inanimate object or set of bytes; it is

about the sense of vulnerability that an individual experiences when negotiating data.

The negotiation of data is the central tenet around which API dialogs are based; the

users vulnerability is at its highest at this point. There should be a significant amount of

attention paid to making the user feel less vulnerable through transparency. Boyd also

notes that young users are adjusting to a digital landscape where limited scope

broadcast is expected, implying that the younger users of Facebook have at least

3 References available, Appendix: 2

8/3/2019 Compiled 1

3/133

3

marginally become accustomed to the way privacy works on the site. With a product

targeted at an older age group, there is still the question of to what extent are users

comfortable with the existing privacy structure of the site.

Audience:

The users targeted by this product are between the ages of 35 and 55. This agegroup is rapidly turning into Facebooks core demographic, replacing the high school

and college-aged users that originally made the site popular. According to a study by

social gaming company PopCap, 66% of social gamers in the United States are

between the ages of 30 and 604. Since the social part of social games is usually

facilitated by the Facebook platform, the target audience is a perfect fit for a product

that helps to manage that platform. In addition, most of those users were not part of the

social networking phenomenon from its early days and, as such, may have different

expectations of functionality and privacy than other users who are younger and more

familiar with this type of site.

Another audience for this product would include any and all users of Facebook

platform applications. While not the focus of this research, users outside the

aforementioned age range may find the information this product provides to be useful in

making decisions about what platform applications to approve and which to deny.

User profiles:

This research used personas to best represent users that participated in

contextual inquiries and interviews while respecting their anonymity.

The first user participated in a semi-structured interview that focused on

questions involving expectations on privacy online. She is in her early 40s and

describes herself as very concerned about privacy. Her friends are spread out all overthe country, and even the world. While she has experienced identity theft and other

significant violations of privacy online in the past, her vigilance towards the issue has

prevented many issues arising in the last several months. She has swept through her

Facebook profile looking for any applications that may seem untrustworthy and

removed them. She plays social games on occasion, usually to keep in contact and

socialize with her geographically diverse network of friends.

The second user participated in a contextual inquiry involving the use of

Facebook platform applications. He is in his late 30s and teaches courses on games at

a foreign university. To understand the subject, he recently became immersed in a

large-scale social game. He began to devote significantly more time than was

necessary to the game and eventually just put it behind [him]. Now, he uses Facebookto keep in contact with friends overseas as well as play the occasional game. He gave

control over his Facebook to friends still playing the game he was involved in. He claims

to not care much about privacy.

The third user participated in a contextual inquiry, again involving the use of

Facebook platform applications. He is in his mid 30s and married. He teaches at a

4 Appendix: 2

8/3/2019 Compiled 1

4/133

4

university. While his wife is an avid user of Facebook, he only browses. He has played

social games in the past and still receives notifications from them, choosing not to

remove the games API access to his Facebook profile. Many former co-workers are

involved in Facebook, and he uses the site to keep in contact with them. His former

students are also frequent Facebook users and he networks with them to help current

students find jobs. He says privacy does not bother him.

Results:

Research was conducted in the first two weeks of October 2011. All interviews

and contextual inquiries took place in the users offices. The goal of the contextual

inquiries was to ascertain users responses to API dialog pages and gauge their

understanding of what information each application would have the ability to access.

Users were presented with a series of applications they had not seen and were asked

to explain how they felt about each API permission, what information the application

gave them outside of the API dialog, and how comfortable they were with approving the

application. They then used the application to determine how their social information

was being used. Applications used for these demonstrations were The WashingtonPosts Social Reader, Zyngas Words With Friends game, and two custom-developed

applications (one game and one utility).

The most important finding from my research was that even the users who

claimed to not be interested in protecting their privacy on social networks had certain

problems with privacy and control issues involved in the API dialogs. For example, all

users studied were concerned by the Post to Facebook as me dialog. The cultural

model revealed that this breakdown is coupled with the feeling that the application may

be untrustworthy and have more access than the user clearly understands5. For

example, one user said I generally assume that they have the ability to read just about

anything.6 Some users wished this would be remedied by providing more information

about what, exactly, the application would post. Others were generally concerned withthe permissions vagueness. One said that in order to figure out what it might have

access to, you sort of have to guess7. This could easily be solved through providing

personalized data as examples, showing exactly what the application might post. For

the users that have more than just a passing concern, it would make sense to offer a

notification option, letting the user know when the application has posted as him or her.

Zyngas Words With Friends game included a section of the API dialog for

ratings from other users. Most users who viewed this said they felt more assured with

this information, knowing other users have installed the app and enjoyed it8.

Users struggled with the impersonal nature of the dialog. Instead of giving them

information about what specific data from their own personal profile the applicationwould have access to, they felt it only provided a generic and non-specific overview.

This level of information was unsatisfactory for many users. A visual representation of

5 Appendix: 6

6 Appendix: 46

7 Appendix: 808 Appendix: 4

8/3/2019 Compiled 1

5/133

5

this data can be found in the consolidated artifact model9. As mentioned before, a

personalized dialog could alleviate the concern.

Many users found that they became less interested in an application after failing

to find content to draw them in, or recounted times where this had happened in the

past. In these cases, the user usually left the application installed, without worrying

about its continued access to personal profile information. Notice in the consolidatedsequence model, a user will stop using app, but only in rare circumstances uninstall it

from their profile10. If the user could somehow know beforehand if the application would

provide a high level of interest or if it would just be worth one quick glance, this

problem could be solved before it starts. From the research, the artifact model shows

that other users ratings frequently provide a sense of assurance to the user (cite

artifact model) and, from the cultural model, that the amount of users often lends the

application an air of credibility11.Therefore, letting other users populate a simple at-a-

glance rating system could lend it both credibility and usefulness.

Design plan:

My proposed solution to the aforementioned design issues is implemented as a

browser plugin that a user could install on their browser of choice. It is appropriate for

the entire range of users, from those who describe themselves as privacy-focused to

those who do not. To accomplish this goal, the application will only provide information.

It will not seek to alter already established Facebook behavior patterns except when

necessary to provide that information. For example, instead of dramatically changing

the application approval page, it will only modify it. Instead of changing how users

come across applications, it will just seek to supplement the information that comes

with applications in the News Feed.

The flow will function as follows:

User will see application status as posted by a friend On mouse-over, the application status will show crowd-sourced rankings

for the level of interest and level of negative surprise experienced by

other users.

A user can decide to then click on the application, bringing them to theAPI approval dialog.

Each data permission requested by the application is supplemented withexamples of that data field

The user can then choose to set a text-message alert if the applicationposts to their News Feed

After using the application for a significant amount of time, the user willrate the application, adding to the crowd-sourced rankings

This flow will also be entered into from the application request page as well as

the News Feed.

9 Appendix: 4

10 Appendix: 5

11 Appendix: 6

8/3/2019 Compiled 1

6/133

6

This system provides a way to keep users informed about the activity of the

application without significantly changing their expectations of how to approve

applications. It will only supplement the existing procedure, fixing the gaping privacy

and control holes through personalized and relevant information. It will grant users the

ability to more effectively control their own information online in a way that suits their

previous modalities of use.

Evaluation plan:

A successful implementation necessitates that the user understand the

information being presented to him or her and be able to act on it in order to make a

decision on whether or not to allow a Facebook platform application to be installed.

Additionally, the user must understand any rating system used in order to ensure that

the crowd-sourced rankings displayed next to the application are appropriately

reflective of the chosen metrics, as opposed to reflective of what each individual user

believes the metrics to represent. This means ensuring a cohesive user experience from

person to person.

The user should be able to access the newly added information on their first use

of the application. He or she should not have to search for the information somewhere

on the page, nor should he or she simply glance over the information without

attempting to read it. This means carefully balancing the goal of blending with the pre-

existing Facebook experience and providing the information to users.

Evaluation

Methodology:

The evaluation methods chosen for this research involved a competitive

analysis, three expert reviews (heuristic evaluations), and three think-alouds. A

competitive analysis helps explain the various other products competing in the same

space and helps to orient this product above and beyond what is already being

provided. The expert reviews were undertaken as a quick way to evaluate a prototype

before exposing it to users, allowing quick corrections that dont involve taking up a

users time. This way, potential issues could be identified before user testing. The think-

alouds gave the best feedback, allowing me to tailor the system to my user base of 35

to 55 year-olds.

The competitive analysis12 found that most services to protect Facebook privacy

do not have the same granularity in information as KnoBook aims for. They also do not

provide the same contextual information in-line with application approval dialogs.

The first heuristic evaluation took place before the first think-aloud. I attempted

to correct issues in the prototype before the think-aloud occurred. After the first think-

aloud, I created a new iteration of my prototype. I then conducted another two expert

reviews on this new prototype, as it involved significant changes. This resulted in yet

another iteration before my next think-aloud. This think aloud required only minor

12 Appendix 13

8/3/2019 Compiled 1

7/133

7

changes to the prototype, and as such, a large iteration was not needed before the next

think aloud. As such, I conducted the third and final think-aloud with a prototype that

was essentially the same as the second think-aloud.

Research was conducted between November 15th and November 25th, 2011.

Think-alouds took place in familiar environments for the participants. The first took

place in the users office, the following two in the users homes. Users interactions withthe prototype were recorded through screen-recording software (QuickTime X) on a

single laptop used for testing purposes (a MacBook Pro). Any inexperience using

software outside of the prototype (for example, Windows users on a Mac struggling

with scrolling) was corrected to the best of the researchers abilities without giving cues

on the use of the prototype itself.

User profiles:

All expert reviewers are also members of the User-Centered Research and

Evaluation class in Fall, 2011. All have significant experience using Facebook and

experience using Facebook Platform applications.

The first user of the prototype was the same as the first user from the original

evaluations. Because this user participated in the first pre-prototype user evaluation (a

semi-structured interview, used primarily as an information-gathering tool before

starting contextual interviews), she did not have any significant expectations from the

project outside of a very high-level overview to taint her perceptions of what the think-

aloud task was going to be.

The second user of the prototype is in her early-50s. She uses Facebook to

keep in touch with her children, co-workers and friends, as well as play social games

very regularly. She has a separate Facebook account dedicated to a social game with

several thousand friends. She is concerned about privacy and access and takesrecommendations from other users on what applications to install.

The third user of the prototype is in her mid-50s. She is a new user to Facebook,

and doesnt use platform applications often. She is very concerned about privacy, but

her understanding of the site is fairly limited. She has learned quickly how to use the

site, however, and now interacts with friends and family on a regular basis. Visual cues

are helpful to her in understanding how to interact with the site. She tends towards

caution whenever interacting with third-party applications and other potential privacy

risks.

Prototype:

The goals of the prototype were as follows:

Extract relevant information from the users social media presence Display that information contextually when a third-party application asks for it Provide the information to the user in a way that makes it actionable Do not interfere with a users ability to work with the existing Facebook interfaceTo test the system and gather data without altering users Facebook profiles, I

8/3/2019 Compiled 1

8/133

8

constructed a prototype that essentially worked as a sandboxed Facebook

environment. The prototype consisted of four main pages. These pages included:

News Feed13 API approval dialog14 Application information page 15 Application requests page16These pages were downloaded with appropriate resources (stylesheets and images)

from the Facebook website. They were linked together at appropriate points and then

changed from static HTML files to dynamic PHP files to allow user-specific data to be

displayed. The prototype was then constructed on top of these pages using HTML,

CSS, JavaScript and PHP. The final version of the product will use a browser plugin to

accomplish these goals on every Facebook page instead of just the ones downloaded

to create the sandboxed test environment.

On each page, the following modifications were made:

News Feed:o Crowd-sourced application ratings on mouse-over of application name

API approval dialogo Contextual information filled in from the users profile for each

permission. In the case of the may post to my profile as me

permission, filled in from the applications previous activity.

o Option to use text-message alerts for unexpected use of the profile Application information page

o Option to rate application based on both surprise and interest Application requests page

o Crowd-sourced application ratings on mouse-over of application areao Modal dialog to present crowd-sourced application ratings

Results:

The user was unaware that More information dialog boxes were new additions

to the API dialog that would help them make decisions about using the application, and

largely ignored them17. This was corrected in later iterations of the prototype by both

making the text areas larger and automatically expanding the first drop-down18.

The user was often confused about the language used to describe the crowd-

sourced ratings system19. This would result in potentially unusable ratings, especially as

the first user to experience the ratings set them to neutral, not knowing what they

meant. This was corrected in later iterations of the prototype by adding descriptive

13 Photo: Appendix 15




17 Appendix 24

18 Appendix 36

19 Appendix 26

8/3/2019 Compiled 1

9/133

9

text20.

The user originally bypassed the crowd-sourced ratings on the application

requests page as they quickly clicked the Approve button without hovering over the

application description21. This would result in the user not being exposed to that crowd-

sourced information when approving an application in this manner. This was corrected

in later iterations of the prototype by creating a modal dialog to grab the usersattention when exiting this page and entering the API approval dialog

The user did not find much use for the text-message alerts or was confused

about their purpose. Most users said that they did not want to receive text message

alerts from the system22.

When provided with data from their profiles in context with the application

approval permissions, the user was surprised and shocked at the extent of information

that was given to the application23. This indicates that the information being provided

was unique and not known to the user before viewing the prototype.

When provided with crowd-sourced reviews in context with the application, the

user was less likely to approve an application with poor ratings24. This indicates that the

user may be able to be steered away from potentially dangerous applications before

even reaching the API approval page, a major success for the prototype.

Observations & Recommendations:

The project succeeds on its original goals as described on page (X). Specifically,

it displays relevant information from a users social media profile when a third party

requests it, presents it in a way that encourages users to make use of it and integrates

itself into the Facebook experience enough to not significantly interrupt the users

existing knowledge of application approval.

After several iterations, it is clear that the prototype shows demonstrable

improvements over the existing Facebook API approval process. These areas are, in

order of severity:

First: The users desire to know what an application may post to their profile is

addressed. Users no longer have to be in the dark as to what information appears to be

coming from them and actually originates from the application itself.

Second: The crowd-sourced data improves on the success of the original

Facebook API dialogs ratings area25 and makes it accessible outside of the approval

page. Instead, it now shows up to the casual browsers, as noted in the affinity

20 Appendix 35

21 Appendix 2722 Appendix: 34, Appendix: 42

23 Appendix: 33

24 Appendix: 40

25 Appendix: 4

8/3/2019 Compiled 1

10/133

10

diagram26, before they even view the API approval dialog.

Third: It makes rating an application an easily-understood and painless process,

requiring only a small effort by the user and promising large benefits when significant

numbers of users adopt the project.

The text-message alert feature of the application should be removed. Mostusers either struggled interacting with it27 or simply found no need for it28. Users already

receive enough notifications from Facebook applications, and users of this project

would likely install it in order to free themselves from these notifications.

The most singularly difficult part of creating this prototype was in finding a

sweet spot between a too-radical reinvention of the Facebook experience that would

negatively affect users previous experience and expectations with the system and

creating a system that grabs the users attention enough to interrupt their previous flow

of simply clicking approve when the API dialog arises. It is imperative that any system

that seeks to make changes to the Facebook user-interface do so in a way that both is

powerful enough for users to break their habits on a site they use every day to make

use of the system and passive enough that it takes few skills beyond existing familiarity

with the social networking site to use the system.

In the end, KnoBook was able to accomplish even this difficult task. Users

appreciated the flexibility and control the system offered. While it is far from finished,

the research here shows promise for developing a better system for users that have

been slighted for far too long by a system that is not attuned to their needs.

26 Appendix: 10

27 Appendix: 34

28 Appendix: 42

8/3/2019 Compiled 1

11/133

Appendix 1

Appendix

Contents

References Page 2

Models

Affinity Diagram

Usability Aspect

ReportsInterview Transcripts

8/3/2019 Compiled 1

12/133

Appendix 2

References

Clarke, S. (2004). Measuring api usability. Dr. Dobb's Journal Special

Windows/.NET Supplement, S6-S9.

Debatin, B., Lovejoy, J. P., Horn, A.-K. and Hughes, B. N. (2009), Facebook andOnline Privacy: Attitudes, Behaviors, and Unintended Consequences.Journal of

Computer-Mediated Communication, 15: 83108. doi: 10.1111/j.1083-

6101.2009.01494.x

Boyd, D. (2008). Facebooks Privacy Trainwreck: Exposure, Invasion, and Social

Convergence. Convergence: The International Journal of Research into New

Media Technologies, 14(1), 13-20. UNIVERSITY OF LUTON. Retrieved from

http://con.sagepub.com/cgi/doi/10.1177/1354856507084416

Felt, A., & Evans, D. (2007). University of Virginia computer science department.Retrieved from http://www.cs.virginia.edu/felt/privacy/

PopCap Games (2010). 2010 social gaming research. PopCap Games

Information Solutions Group, Retrieved from

http://www.infosolutionsgroup.com/2010_PopCap_Social_Gaming_Research_R

esults.pdf

Social Networkings New Global Footprint (n.d.). NielsenWire. Retrieved October

23, 2011, from Nielsen website: http://blog.nielsen.com/nielsenwire/nielsen-

news/social-networking-new-global-footprint

8/3/2019 Compiled 1

13/133

Appendix 3

Models

8/3/2019 Compiled 1

14/133

Appendix 4

Artifact

The artifact model was the most important of my models used, as it directly

reflected the problematic interface.

8/3/2019 Compiled 1

15/133

Appendix 5

Sequence

The sequence model showed the various triggers that may induce users to stop

using an app. It also shows that few users will uninstall a malicious oruninteresting app.

Activity Intent Abstract Steps

Load socialapplication

Contact old friends Trigger: Link orrecommendation

Read socially-tuned

news

Load API dialog

Approve API dialog Use application Look over permissions

Approve and move on Try to understand them

Avoid oversharing Look at reviews

Avoid privacy issues

Use application Play game Look to see if anyone is

sharing

Read news Read privacy policy

Interact with content Trigger: No one sharing

Find socially-relevant

content

Look for relevant content

Stop using app

Trigger: Confusinglanguage

Try to understand

language

Stop using app

8/3/2019 Compiled 1

16/133

Appendix 6

Cultural

The cultural model provided important insights on how users perceived

themselves and others on social networks.

8/3/2019 Compiled 1

17/133

Appendix 7

Flow

The flow model provided a way to understand the connections between each

role in the Facebook API system, both tangible (sharing data) and intangible(assumptions about how that data is shared).

8/3/2019 Compiled 1

18/133

Appendix 8

Physical

As most, if not all, of my research was location-independent, the physical model

was not expressly useful. All interaction I studied took place around a desk,interacting with dialogs on a computer.

8/3/2019 Compiled 1

19/133

Appendix 9

Affinity

Diagram

8/3/2019 Compiled 1

20/133

Appendix 10

Outline

Facebook Cultureo Facebook is often about spontaneity from my perspective

I am sometimes friends with people I dont know

Facebook has a culture of browsing; I use it for thato I expect to gain something from my friends, but I dont expect that

exclusively There are benefits to being social, and I expect my friends

to pass those benefits to me

Other people use the site very differently than how I do, andthat is okay

I look for social content on social appso Games require a commitment, and their draw is understandable

Games take a lot of time. They are often strikingly timeconsuming

Social games can be a very compelling activity Problems with Facebook

o Facebooks recent strategies sometimes give me pause Automatic passive sharing gives me pause, I dont know if

thats okay.

I try to avoid Facebook authentication when possible Facebook frequently changes their layout and privacy

settings

Im suspicious that social games will not give me theexperience I want

o You have to go out of your way to be private on Facebook I am concerned about privacy on Facebook. I have been

proactive about it.

Privacy on Facebook can be annoying to deal with Lack of concern

o I use the site and see what happens I dont care much about Facebook privacy. I just use the

site and get what I get

I just ignore Facebook platform applications and alerts.Theyre easy to ignore.

oI dont worry about using apps based on certain criteria

Facebook can access certain things without bothering me I get cues on whether or not an app is dangerous based on

friends and other Facebook users

Concern about third-party appso Facebook apps confuse me

Facebook and Facebook applications may be able to do alot more than I know

8/3/2019 Compiled 1

21/133

Appendix 11

I generally dont understand what this app is doing Based on the API dialog, Im confused about what this app

might do

The in-application language is unclear; Im not sure whatthis application might do if I click on this

o I want to be proactive about app activity I want an example of what it might post before it posts it If an applications activity crosses the line of annoyance or

privacy, I want to be able to disable it

I dont know what this app is doing, but theres something Ican check or something I can do.

o There are certain problems inherent in the application ecosystem There are parts of Facebooks functionality that really bother

me

Third-party application developers have selfish motives.They want you to use their app more or use other apps from

their company

8/3/2019 Compiled 1

22/133

Appendix 12

Competitive

Analysis

8/3/2019 Compiled 1

23/133

Appendix 13

8/3/2019 Compiled 1

24/133

Appendix 14

Screen

Shots

8/3/2019 Compiled 1

25/133

Appendix 15

Contextual Application Ratings

Iteration One

Iteration Two

Iteration Three

8/3/2019 Compiled 1

26/133

Appendix 16

Application Permissions Screen

Iteration One

Iteration Two

8/3/2019 Compiled 1

27/133

Appendix 17

Text Notification Alert

Iteration One

Iteration Two

8/3/2019 Compiled 1

28/133

Appendix 18

Application Requests

Iteration One

Iteration Two

Iteration Three

8/3/2019 Compiled 1

29/133

Appendix 19

App Ratings Page

Iteration One

Iteration Two

Iteration Three

8/3/2019 Compiled 1

30/133

Appendix 20

Usability

AspectReports

8/3/2019 Compiled 1

31/133

Appendix 21

Think-aloud criteria

Negative:

1. User confused as to what a feature does2. User unsure of what to do next3. Feature does not function in the way a user expects it to (users

expectations differ from reality)

4. User does not make use of a feature5. User accomplishes the task, but in a suboptimal way6. User expresses negative surprise7. User makes a design suggestion

Positive:

8. User accomplishes task in optimal way9. User makes use of information provided by the system10.Previous analysis has predicted a usability problem, but user has no

difficulty with that aspect of the system

8/3/2019 Compiled 1

32/133

Appendix 22

ID:

Ksl-HE-04ProblemorGoodAspectProblem

Name:Notclearinwhatformatphonenumbershouldbeentered

Evidence:

Nowaytounderstandthephonenumberformatbeforeenteringit.

Explanation:

Thisformentryfieldlacksanexplanationofwhatformattoenterthephonenumberin.

Instead,itjustreturnsanerrorwhenitsnotcorrect,promptingthefirst-timeusertomakewildguesses.Thiscouldbeextremelyfrustrating,andencourageserror,violatingHeuristic

5(errorprevention)

Rating:2-Minor

Justification(Frequency,Impact,Persistence):

Thisismoreofafrustrationthanadeal-breakingerror.Iftheusertypesinthephonenumberinthecorrectformatthefirsttimethough,theissuewillnotshowup.Ifheorshe

doesnt,theimpactisjusttypinginthenumberafewmoretimes.However,thislackofanyexplanationwillhappenoneveryvisittothepage.

Possiblesolutionand/orTrade-offs:

Thereshouldbesomesortoftextualexplanationonthispageofhowtoenterthephone

number,orpre-populatethetext-boxwithexampletext.

Relationships:

8/3/2019 Compiled 1

33/133

Appendix 23

ID:

Ech-TA-01ProblemorGoodAspectProblem

Name:

Userclickslinkwithnoadditionalcontext

Evidence:

Whengoingthroughtheprototype,theuserclickedthesecondlinkontheapplication,whichlackedcrowd-sourcedratings.Userdidnotrealizetherewasotherdatathatwasbeingprovidedonthefirstlink[02:32]

Explanation:

4:Userdoesnotmakeuseofafeature5:Useraccomplishesthetaskinasuboptimalway

Theprototypeissupposedtogivetheuseradditionalinformationbeforeclickingalinktoaddanapplication.Thiscontextualinformationshouldappearalongwiththelinktothe

app.Here,itwasmissing,butpresentonthefirstSpotifylink.Thefirst-timeuserwillmissoutontheinformationtheprototypeshouldprovidebyclickingthesecondlink.

Rating:3-MajorJustification(Frequency,Impact,Persistence):

Thisappearsonlywhentheuserclicksthesecondlink.However,thisuserwasmoredrawntothatlinkthanothersonthepage.Theimpactisfairlyhigh,astheuserwillmiss

outonalargedegreeofthefunctionalityoftheprogram.Thishappenseverytimetheuserclicksonthesecondlink.


Thepossiblesolutionhereistoaddthesamecontextualinformationthatappearsonthefirstlinktothesecond.Thismaymaketheprototypeslightlybusier,design-wise,butthe

informationisrelevantandonlyonelinkscontextualinformationisdisplayedatonce.

Relationships:

Cas-HE-01:Dealswiththevisibilityofthisdata.

8/3/2019 Compiled 1

34/133

Appendix 24

ID:


Name:

Userdoesnotrespondtopromptsformoreinformation

Evidence:

Whengoingthroughtheprototype,theuser

clickedtheapprovebuttonwithoutexaminingany

Moreinformationareas.Whenasked,theuser

respondedthatthiswasbecausetheyblendedinwiththeFacebookexperience.

User:[whilemovingmousearounddialog]I

usuallyjustglancethroughthis[03:30]

Explanation:

4:Userdoesnotmakeuseofafeature

5:UseraccomplishestaskinasuboptimalwayTheprototypeissupposedtogiveexamplesofwhateachpermissionwillhaveaccessto

oncetheapplicationisapproved.ItdoesthisthroughtheuseofexpandingMore

informationboxesthatshowtheinformationwhenclicked.Thisuserbreezedthroughtheboxes,withoutclickingonthem.Theaverageuserislikelytodothesamething,negating

thebenefitoftheprototype.


Thisissueonlyappearswhentheuserbreezesthroughthepermissionsscreen.However,sincethesescreensusuallyprovideverylittletangibledata,usersareaccustomedtogoing

throughthemandpayingthemlittlemind.Theissuewillpersistforanyuserswitha

similarmindset.Thislargelynegatesthebenefitsoftheprototype,sotheimpactisfairlysevere.


Thepossiblesolutionhereistohighlightthemoreinformationlinksinsomeway.This

maymakeitlessblendedintotheFacebookexperience,butaslightlyjarringfontorcolorcouldcausetheusertopaymoreattention.

Relationships:

Ech-TA-11:Solutiontothisproblem

8/3/2019 Compiled 1

35/133

Appendix 25

ID:


Name:

Textalertnotificationdoesntcatchtheusersattentionenough

Evidence:

ThisboxcouldbeadifferentcolorthantheFacebookheadertocommandmoreattention.

Usersaidthat,whileshewasabletoreadit,itdidnotcatchherattentionasmuchasitcould

have.

User:IthinkthiswouldcatchmyattentionmoreifitwerentinthesamecolorastheheaderbarforthepageonFacebook.[05:21]

Explanation:

7.Usermakesadesignsuggestion

Theprototypeshouldkeeptheuserinformedaboutwhatstatethesystemisinandwhat

actionsitwilltakeinrelationtotheuser.Theaverageusermaynotrealizethatthisispartoftheprototype,andnotFacebookitself.Itmayalsopassbytheuserentirely.

Rating:2-Minor


Thisissuewillonlyariseforuserswhoarentlookingforit.Itmayaffecttheirperceptionofthesystem(iftheydontrealizeitwillsendthematext,theymaythinkthatthesystemthatpreventsthemfrombeingirritatedbyFacebookappsisactuallyirritatingthemmore).This

willhappeneverytimeauserturnsontextalerts.


Thepossiblesolutionhereistochangethecolortomakeitmoreapparent.ThiswillmakeitlookabitlessintegratedintoFacebook,butwilldrawtheusersattention.

Relationships:

BH-HE-06:Dealswiththissamepaneofinformation

8/3/2019 Compiled 1

36/133

Appendix 26

ID:


Name:

Noinformationprovidedtouseraboutmeaningsofnumericalratings

Evidence:

Usersaidthatshedidntknowif1wasgoodor5wasgood,sosheselected3.

User:Iwonderifoneisgoodoriffiveisgood.[06:14]

Explanation:

1.Userconfusedastowhatafeaturedoes2.Featuredoesnotfunctioninthewayauserexpectsitto

5.Useraccomplishesthetask,butinasuboptimalway

Theprototypeshouldencouragethesubmissionofvalid,usefulinformation.Iftheuserdoesntunderstandhowtheratingswork,theratingsarerenderedmeaningless.Nouser

willunderstandhowtheratingssystemworkswithoutabetterindicationofwhatsaidratingsmean.

Rating:3-Major


Thisissuewillariseforallbeginningusers.Itrendersthesocialratingsystemofthe

prototypeentirelyuseless,whichisaverysignificantimpact.Everytimethispageisloaded,thisissuewillcomeup.


Thepossiblesolutionhereistoaddsomesortofverbalcueastowhat1meansandwhat5

means,givingitascale.

Relationships:

Ech-TA-10:Anotherusersreactiontoaniteratedversionofthisdialog.

8/3/2019 Compiled 1

37/133

Appendix 27

ID:


Name:

UsergoestoapprovalscreenfromAppRequestspagewithoutlookingatsocialratings

Evidence:

Userdidnotviewcontextualratingsontheapplication(whichappearonmouse-over)before

clickingtheAcceptbutton.[07:43]

Explanation:

4.Userdoesnotmakeuseofafeature

5.Useraccomplishestask,butinasuboptimalway

Thecontextualinformationthatappearsonmouse-overissupposedtogivetheuseran

ideaofbothinterestandpotentialsurprisesfromtheapplicationbeforetheyevengettotheapprovalscreen.TheuserbypassedthatentirelybyclickingontheAcceptbutton.

Therearenocuesintheprototypeforanyusertorealizethatthereismouse-over-ableinformationtoberead.

Rating:3-Major


Thisissuewillariseforallbeginningusers.Itskipsoutonaveryvaluablepartofthe

applicationthatissupposedtohelpinformusersabouttheimpactoftheiractionswithinsocialnetworks.Theuserwillnothavetheinformationthesystemissupposedtoprovide

beforeclickingAccept,sotheimpactisfairysevere.Thiswillhappeneverytimetheuserdoesnotmouseoverthecorrectarea.


Therearetwopossiblesolutionshere:eitheraddcuesthatsuggestmouse-over

informationisavailableormaketheuserpausetoreadtheinformationbeforetheAcceptbuttonletsthemcontinue.ThiscouldbeaccomplishedthroughamodaldialogwithContinueandBackbuttonsthatappearafterclickingAccept.

Relationships:

Ech-TA-01:Clickthroughtotheapprovesscreenonanotherpagewithoutlookingatrating

information.

8/3/2019 Compiled 1

38/133

Appendix 28

ID:

Cas-HE-04ProblemorGoodAspectProblem

Name:

Surprisetextrequireshoveringoverthintextlabel

Evidence:

Spotifyistheonlytextthatsupportshover

Explanation:

Thehovertargetforgettingthisinformationistoosmall.Theusercaneasilygooffofit,providinganissueforusability.Anyusermaystrugglewiththis.

Rating:3-Major


Thiswillhappentoanyuserthatdoesntexactlyhoveroverasmallarea.Itaffectsthebasicinformationthatistobepresentedwithinthissystem,soitisfairlyimpactful.Thehover

areaissetbycode,soitpersistsacrossusers.


Thehoverareaneedstobeexpanded.Thiscouldleadtounintentionalhovers,howeverthe

actofhoveringdowndoesnothurttheexistingusabilityofthesystem.Therefore,the

tradeoffisminimal

Relationships:

Ech-TA-01:Alsodealswithvisibilityofsameinformation.

8/3/2019 Compiled 1

39/133

Appendix 29

ID:


Name:

NoideawhatWorkswithoutsurprisesandLevelofinterestmeansbeforegoingtoApp

page

Evidence:

Theselabelsareessentiallymeaninglesstotheuser

Explanation:

Thewordschosentoexplaintheconceptsofunexpectedappactivityandinterestinservicesprovidedbytheappdonotadequatelyexplaintheunderlyingideasbehindthem.Theinformationtheyprovidetotheuserisfairlyambiguous.Thisviolatesheuristic10,the

availabilityofhelpanddocumentation.

Rating:3-Major


Thiswilloccurwithanyuserwhodoesnthaveanexplanationofeachconceptbeforehand.

Itisveryimpactful,asitmakesdatarenderedbythesystemmeaningless.Thiswillpersistacrossusersanduses.


ThelanguagecouldbechangedtoThisapphassurprisedmenegativelyandThisapp

interestsmetomoreaccuratelyreflecttheusersperspective.Thiswouldrequiremore

spaceforthetextarea.

Relationships:

Cas-HE-04:Dealswithinteractionwiththisinformation.Ech-TA-01:Dealswithvisibilityofthisinformation.

Ech-TA-11:Finedetailsonthistext.RelatedtothemeaningofThisapp.

8/3/2019 Compiled 1

40/133

Appendix 30

ID:


Name:

Nowaytochangerating

Evidence:

Onceanappisrated,itcannotbechanged.

Explanation:

Whenauserhasaddedacertainapprating,thatratingcannotbechanged.Iftheapp

changesthewayitoperates,thismaybeanissue.Itisaviolationofheuristic3,which

suggeststhatusersshouldbeabletocontrolthesystem.Theaverageuserwilllikelyonlyvoteonce,butexperiencedusersmaywanttochangetheirmindlateron.Also,app

developersmayintroducechangesthatwillchangeausersrating.

Rating:2-Minor


Thiswillonlyhappenwhenauserwantstomakeachangeafterthefact.Thisisafairly

minorcondition.Itcouldnegativelyaffectthesystemsabilitytokeeptrackofthedataits

supposedtomonitorinthelongterm,aftermanychangestotheapp.Itwillpersistacrossusesuntilthisiscorrected.


Thedatacouldbemodifiedinthedatabase.Thiswillnotresultinanysignificanttrade-offsinthelongtermandcouldhelpusability.

Relationships:

8/3/2019 Compiled 1

41/133

Appendix 31

ID:


Name:

Hardtotellifinformationboxisextendedorretracted

Evidence:

Userclickedonboxandwassurpriseditretracted.Thoughtinformationhadyettobeshown.

User:Oh,sothatwasalreadyopen[06:20]

Explanation:

3.Featuredoesnotfunctionthewaytheuserexpectsitto

Theaverageuservisitingthispagewillnotimmediatelyunderstandthattheinformationin

thefirstboxisalreadybeingshown.Itshardtounderstandthesystemstatewithoutanyexplicitinformationastowhatitis.

Rating:2-MinorJustification(Frequency,Impact,Persistence):

Thisissuewilloccuronthepermissiondialogoneveryload.Theimpactisfairlyminimal,

asthealready-extendedinformationfulfilleditspurposetotheuserofprovidinginformation.Itwillonlypersistacrossuserswhohaveyettointeractwiththispage.


InsteadofMoreinformation,extendedinformationboxescoulddisplayLess

information

Relationships:

Ech-TA-02:Thiswasmysolutiontotheissueofpassingovertheinformationboxes.

8/3/2019 Compiled 1

42/133

Appendix 32

ID:


Name:

Userwantsoptiontoturnonandoffsharing

Evidence:

UsersaysthatanoptiontoturnoffpostingtoFacebookasmewouldbeappreciated.

User:Iwouldwantthattogivemeanoption.BecauseIdontnecessarilywanteveryoneto

knoweverythingIdo.[06:40]

Explanation:

7.Usermakesadesignsuggestion

Userswantnotjusttobeinformed,buttohavegranularityinsharingsettingsaswell.Mostusersinthepreliminaryresearchwantedtoknowwhatanapplicationwoulddoif

approved;nowthattheyhavethisinformation,userswantmorecontrolovertheapplicationitself.

Rating:3-Major


Thelogicalnextstepinhavinginformationaboutthewayanappworksiswantingtoturn

thenegativepartsoff.Mostuserswillrealizethisandwantthisoption,eventually.Itgoesaboveandbeyondwhatmysystemiscurrentlycapableof,andwoulddolotsofgoodin

achievingmygoalofprivacyprotection,sotheimpactisfairlylarge.However,notallusershaveimmediatelybroughtthisupinthink-alouds.


Addacheckboxtoeachpermissionindicatingwhetherornotitwillbeapproved.Thiswill

involveverylargetrade-offs,assomeapplicationssimplywillnotworkiftheydonthave

accesstothepermissionstheyrequest.Dummydatacouldbegiventotheapp,butthat

maymakeappssignificantlylessuseful.Relationships:

8/3/2019 Compiled 1

43/133

Appendix 33

ID:

Ech-TA-08ProblemorGoodAspectGood aspect

Name:

Userwasinformedofscopeofinformationaccessfromprototype

Evidence:

Userreadinformationpresentedinthissection,said:Thatskindofscary![07:09]

Explanation:9.Usermakesuseofinformationprovidedbythesystem

Thegoalofthisprojectwastomoreaccuratelyinformuserswhatapplicationshaveaccessto.Here,theapproachisclearlyworking,astheuserclearlydidnotunderstandthescope

ofthatpermissionuntilitwaspresentedhere.Theuseristhenmoreinformedaboutthe

exactdatathatisbeingshared.Rating:3-Major


TheuserthatisconcernedabouthisorherprivacywillclickthisMoreinformationfield

andsaidinformationwillbedelivered.Clearly,theuseristakenabackbythisinformationandisnowmoreinformedaboutdataheorsheissharingonline,representingamajor

accomplishmentoftheprototype.Theinformationwillalwaysbepresentedinthisway.


Theproblemhasbeensolved.Thetradeoffhereisthatpeoplemaybemoreconcernedabouttheapplicationandnotinstallit.

Relationships:

Ksl-HE-02:Thiswastheheuristicthatdealtwiththeavailabilityofthisinformation.It

notedthatitwasthere,wherethisUARindicatesthatusersarebeinginfluencedbyit.

8/3/2019 Compiled 1

44/133

Appendix 34

ID:


Name:

Validationerrorsinphonenumberarehardtoread

Evidence:

Userwaspresentedwiththisandstaredatscreen.Thepagedidnotlettheuseradvancebecauseoftheerror,buttheuserdidnotseetheEnteracorrect-lengthphonenumber

warningbelowthebox.Userassumeditwasfrozen.

User:Iwouldbelookingtoseeifmybarwasmoving,ifmycomputerwasfrozen.[10:25]

Explanation:

2.Userunsureofwhattodonext6.Userexpressesnegativesurprise

Theaverageuserwillnotrealizethatanerrordialogboxhasbeencreatedunderthetext

entry.Inthiscase,thiswasahugebreakdown,astheuserassumedthepagewasloadingthenextstepwhen,inreality,itwasdisplayinganunseenerror.

Rating:2-Minor


Thisissuewillonlyoccurwhenauserhastext-messagealertsonandmis-typesaphone

number,notreadingtheguidelinesabovethedialogbox.Itwilltemporarilystoptheuserfromadvancingandmaycausetheusertonotinstalltheapplication.Itwilloccurevery

timeaphonenumberismis-typed.


Thesolutionistomaketheerrormorenoticeable,possiblyviaincreasingtextsize.Thetradeoffisthatslightlymorespacemaybetakenup,anditmightnotlookaselegantas

withasmallerdialog.

Relationships:

Ksl-HE-04:Thisheuristicevaluationshowsthatthephonenumberformatwasoriginallyunclear.

8/3/2019 Compiled 1

45/133

Appendix 35

ID:


Name:

Userunderstandstheratingscaleforapplications

Evidence:

Userlookedatscaleanddescribedthestartandendpointandwhattheratingmeantwithout

additionalexplanation.User:ItsprettyclearIguessIdoknowwhatthatmeans.[17:26]

Explanation:

10.Previousanalysishassuggestedausabilityproblem,buttheuserhasnodifficulty

Thiswasoneoftheissueswiththeearlierprototypes,anditappearstobefixed.The

averageusernowunderstandswhattheratingsmeanandcanappropriatelyratean

applicationbetweenoneandfive.Thesystemservesitspurpose.


Themeaningoftheratingsshouldbeapparentformostusers.Itletstheusermakean

informedjudgmentofanapplicationanditssuitabilityforinstallation,meetingoneofthe

projectsgoals.Theseratingswillshowuponeverypageload.


Theonlytrade-offhereisthatthedialogisslightlybiggerandlesssleek.However,itisnowmoreusable,andusabilitytrumpsaestheticappealinthiscase.

Relationships:

Ech-TA-04:Inanotherthink-aloud,theuserclearlydidnotunderstandthisdialog.

8/3/2019 Compiled 1

46/133

Appendix 36

ID:


Name:

Userinteractedwiththepagewithoutadditionalexplanation

Evidence:

Interviewer:Justinteractwiththispageasyounormallywould

User:Okay.[interactswithpage,appropriatelyclickingonMoreinformationbuttonsand

clickingapprovewhenfinished][05:35]

Explanation:

8.Useraccomplishesthetaskinanoptimalway

TheuserinterfacehereissimilarenoughtotheexistingFacebookUIthat,forusersfamiliar

withtheFacebookdialog,noadditionalinformationwasnecessarytoexplainactionstheuserwillneedtotake.Thismakesitvastlyeasiertolearnthanasystemthattriesto

reinventtheUI,andwillappeaselong-timeusersofFacebookappsandnotplaceany

additionalbarrierstoentryonnewusers.

Rating:3-Major


Thisshouldmakethesystemmucheasiertouseforlong-termFacebookusers,aswellasnotintroduceanynewUIproblemsfornewusers.Ittakesthebestoftheexistingsystem

andmakesitbetter.Makingthisprojectfitseamlesslyintotheexistinginterfacewillallow

easierlearningforexistingusers,heighteningtheimpactoftheproject.Thisinterfacewillappearidenticaloneveryload,leadingtoaconsistentlysimilarexperience.


Theonlytradeoffinthiscaseisthat,byadoptingasimilarinterfacetotheoriginal

Facebookone,itmightnotallowtheprojectfreedomtodisplayadditionalinformationthatdoesntfitintothisdialog.However,thisisworthit,asitmakesthesystemvastlymore

accessible.

Relationships:

Ech-TA-02:Userstruggledtodothis.Iterationshavesignificantlyimproved.

8/3/2019 Compiled 1

47/133

Appendix 37

ID:

BH-HE-06ProblemorGoodAspectGood aspect

Name:Permissionrequestpagetellsmeitwillaccessmybasicinformation,andIamtoldwhatthat

informationis

Evidence:

Describesdirectlywhattheinformationis.

Explanation:

Thisisoneofthegoalsofmyprototype:toillustratewhatdatatheapplicationhasaccess

to.Theevaluatorunderstoodthebenefitofthisonthefirsttimethroughthesystem,hopefullyindicatingthattheuserwillaswell.Thisaddressesheuristic1,visibility.

Rating:3-Major


Thelackofinformationislikelytobothermostusers,asdeterminedfrommyresearchinthefirstpartofthisproject.Eventhosewhosaytheydontcareaboutprivacywantthis

information.Theimpactislikelytoleadtobreachesofprivacy,somethingthatFacebook

hasalreadyreceivedcriticismfor.Thisispersistentacrossusersanduses.


Thisproblemisessentiallysolved.Thetrade-offisthatmoreinformationmayleadtousers

beingmoreconcernedabouttheirprivacyandnotallowingallapps.

Relationships:

Ech-TA-02:Dealswithpresentationofthisinformation.

8/3/2019 Compiled 1

48/133

Appendix 38

ID:

BH-HE-06ProblemorGoodAspectProblem

Name:

Nofeedbacktellingmetheapphasbeensuccessfullyadded

Evidence:

Noinformationhereafterapprovinganappwithouttextmessaging.

Explanation:Thisviolatesthefirstheuristic,visibilityofsystemstatus.Thereshouldbeawaytoletthe

userknowthatheorshehasapprovedanapplicationaftertheyreturntothemainscreen.

Rating:2-Minor


Thiswillonlyhappenwhentheuserdoesnotsignupfortextmessagealerts.The

prototypeisntdesignedtoactuallyletauseracceptorrejectarealapp(onlyprovideinformation),sotheimpacthereisfairlyminimal.Itwillalwaysoccuriftheuserdoesnt

signupforalerts.


Fixingthisinvolvessimplyaddingasmallamountoftextonthetopofthepagetoletthe

userknowtheapphasbeenadded.Thereareminimaltrade-offs.

Relationships:

Ech-TA-03:Otherissueswiththisdialog(color)

8/3/2019 Compiled 1

49/133

Appendix 39

ID:


Name:

Userstruggledtounderstandwhattheratingsundertheappappliedto

Evidence:

Userwasntsuretheratingswereappliedtothesongsbeingdisplayed,theapplicationitself,

ortheapplicationprovidingtheoverlay.[05:34]

Explanation:

1.Userconfusedastowhatafeaturedoes2.Userdoesnotmakeuserofafeature

5.Useraccomplishesthetask,butinasuboptimalway

Theseratingsshouldbefairlyclear,astheyaredesignedtoshowtheuserwhatthe

benefitsanddrawbacksaretoinstallingtheapplication.Inthiscase,theycouldbesignificantlyclearer.Theaverageusermaynotunderstandexactlywhatisbeingsaidby

thisinformation.

Rating:2-MinorJustification(Frequency,Impact,Persistence):

Thisistheonlyuserthatstruggledwiththeissue,andtheuserunderstoodtheratingslaterinthethink-aloudwhentheywerepresenteddifferently.Itmakespartoftheprototype

useless(thepartthatgivesinformationquicklytocasualbrowsers),butdoesnotaffectthe

restoftheprototype.Itwilllookthiswayeverytimethepageisloaded.


Thepossiblesolutionhereistoreplacethisappwiththenameoftheapp,tomakeitclear

thatitstheapplicationitselfthatisbeingrated.

Relationships:

Cas-HE-05:Morebroadissueswiththistext.

8/3/2019 Compiled 1

50/133

Appendix 40

ID:


Name:

Useractedondataprovidedbyuser-ratings

Evidence:

Userwaspresentedabovedialog,recognizedtheappwasratedwithmoderatesurpriseand

moderatelylowinterestandultimatelydecidedtonotapprovetheapplication.

Itsinterestingthatthisonehasahighnegativeratingandalowerratingontheinterest

scalethanthelastone[12:15]

Explanation:

9.Usermakesuseofinformationprovidedbysystem

10.Previousanalysishaspredictedausabilityproblem,buttheuserhasnodifficultyThisshowsthattheratingscanprovideusersinexperiencedwithAPI-basedapplications

informationtoquicklymakeaninformeddecisionaboutusingtheapplications.The

informationmayhavetobepresentedinaveryobtrusiveway(inthiscaseamodaldialog)

inordertodrawtheattentionoftheuserandcorrectformissingtheinformationinotherthink-alouds.However,theuserwillultimatelyfinditusefulandimportant.

Rating:3-Major


Thisinformationwillbeprovidedtoallusers,andmostwillfindithelpful.Itletstheusersmakeinformedchoicesabouttheapplicationstheyapprove,usingratingsasassurancesor

deterrents.

Thiswasoneofthemaingoalsoftheprototype,sotheimpactisfairlyhigh.ThisdialogwillappearforallusersontheAppRequestspage.


Theproblemhasbeensolved.Thetrade-offisthatitrequiresalargenumberofuserstorateanapplication.

Relationships:

Ech-TA-05:Earlierproblemwhereuserdidnotviewthistext.

8/3/2019 Compiled 1

51/133

Appendix 41

ID:


Name:Userwasprovidedwithinformationcontextually,sawit,andreadit

Evidence:

Theuserstoppedtoprocessthisinformation.Whilesaiduserstruggledwithexactlywhatit

appliedto,theusersaid:Ilikeuserfeedback.IdothatwhenImoutshopping.[06:50]

Explanation:

9.Usermakesuseofinformationprovidedbythesystem

Theuserclearlymadetheconnectionbetweenthiscontextualinformationandother

systemsthatprovidesimilarinformation(inthiscase,shopping).Thisindicatesamatchbetweenexpectationsandreality,asthewaytheinformationispresentedhereconverges

withotherpresentationsofsimilardata.


Thisinformationwillbeexceptionallyusefultocasualbrowsers,astheywillseethe

informationwhenevertheymouse-overalink.Ithelpsausermakeaninformeddecision

aboutinstallinganapp,meetingoneofthegoalsoftheprototype.Thiswillpersisteverytimetheuserholdstheirmouseoveranapplicationlink.


Theproblemhasbeensolved.Thetrade-offisthatmostusersarenotfamiliarwiththis

sortofdrop-down,andmaybeconfusedaboutwhattheinformationappliesto.

Relationships:

Ech-TA-12:Userdoesnotunderstandwhatthetextpresentedhereappliesto.

8/3/2019 Compiled 1

52/133

Appendix 42

ID:


Name:

Textmessagesnotwantedbytheuser

Evidence:

User:IknowthatIwouldnotwantanythingtosendmetextmessagesIgetannoyedwhenVerizon,whosmycarrier,sendsmetextmessages[14:52]

Explanation:

4:Userdoesnotmakeuseofafeature

Theuserclearlyhasnointerestinreceivingtextmessagealertsfromtheapplication,regardlessoftheirutility.Textmessagesgreatlydistractusers,andaregenerallythought

ofasannoying.Evenwhenitisexplainedthatthetextmessagesaretheretoprevent

surprisepostsandprotectprivacy,theuserisstillnotinterested.Rating:3-Major


Thisuserskippedthetext-messagealertfieldunlessaskedtofillitoutoneverytask

involvingthefield.Thismeansthatthetextmessagesystemeitherneedstobeexplainedbetter,orneedstoberemoved.Evenafterexplainingittotheuser,thisuserdidnotwant

touseit.Theimpact,then,isthattheuserhasanextraneousfeaturethatisentirelynot

usefulandwillmaketheUIunnecessarilybusy.Inallthink-alouds,usersskippedthetextmessagealertfield,optingoutofit.


Thesolutionisthatthetext-messagealertfieldshouldberemoved.Inthiscase,thetrade

offisthattheuserdoesnothaveanywayofknowingwhennotonacomputeriftheapplicationhaspostedtotheNewsFeedormessagedafriendwithouttheusers

knowledge.ThiscouldbedonemorepassivelythroughastandardFacebooknotification.

Relationships:

Ech-TA-09:Dealswithvalidationissuesonthisform.

8/3/2019 Compiled 1

53/133

Appendix 43

Interview

TranscriptsDesign Idea

BreakdownQuestion

8/3/2019 Compiled 1

54/133

Appendix 44

USER 1

ImEstenHurtle,Imdoingthisinterviewaspartofaprojectdoingresearchinto

socialmediaprivacyandwaystobettermanagethatonline.

S:Great

I:Andum,Imgoingtokeepallthetranscriptsasanonymousaspossible,the

professorisgoingtobeseeingthevideo,buttheyllbeasanonymousaspossible.

S:Okay.

I:And,feelfreetoanswerasfreelyasyoucan.Ifyouhaveanyquestionsaboutany

questionsthatIhave,feelfreetobringitupandwellworkthroughit.

S:Okay.

I:So,myfirstquestionis,whatFacebookgamesapplicationsorintegratedsocial

websiteshaveyouused?

S:[laughs]ItsfunnycauseIwasthinkingIshouldprobablygofigureoutwhatIve

usedsothatIcantellyou,sothatIcanactuallyhelp

8/3/2019 Compiled 1

55/133

Appendix 45

I:Sure.Itsalittlebittransparent,Iknowthattherearealotofwebsitesthatuseit,

so...

S:So...uhh.Imjusttryingtothink.Whatwasyourquestion,whatFacebookgames?

I:Anykindofgames,anykindof,ah,platform...anykindofFacebookplatformthing.

Uh,soanythingthatusestheirAPIbasically.

S:So,Iveusedalot,Ivejustrecentlywentthroughanddumpedalotofstuff.Um.

But,um,usedImjustlookingatwhatsstillinmyapps,uh,forfacebook.Branch

Out,FriendMapstuff,um.Igotridofallthegames.Um.So,Idouse,andIdont

thinkthatitsonFacebookcauseIdoitonmyiPad,IuseWordsWithFriends,which

IknowisonFacebook,butIdontdoitonFacebook.Like,Itriedtocleanoutallof

mystuff.Iwentthroughandhadallofthis...Anygame,well,notany...alotofgame

stuffIwasntinterestedin,butsomestuffIwouldaddjusttoconnectwithfriends

andthenrealizedIprobablydontwanttobeacceptingallofthissoIwent

throughandcleanedoutabunchofstuff,mostlyduetoprivacyconcerns.

I:Alright,well,uh,haveanyofthoseapplications,havetheyeverpostedanythingon

toyourFacebookthatyoudidntexpect?

8/3/2019 Compiled 1

56/133

Appendix 46

S:Yes.WhichisprobablywhyIgotridofsomeinthefirstplace.Um.Alotofum...

like,3rdpartytypestufflikeappsthatwouldcomeinandsay,youknowThisis

safe,blah,blahandthensomethingwouldshowup.Icant...Idont..ImnotsureifI

cangiveyouarealgoodexample,Ijustknowthatsomethinghappenedthatcaused

mepause,andthenIwentthroughandjustgotridofalotofstuffthatIhadhadon...

onFacebook.

I:Sure.So,justtoclarify,yourreactionwastokindofpairitdownand...

S:Yeah.

I:Okay.Now,haveyoueverbeensurprisedbywhatitsreadfromyourFacebook?

Like,haveyoueverloggedintoagameorwebsiteandjustseendatawhereyou

thinkIdidntknowitcouldreadthat?

S:Um.No,Igenerallyassumethat...thatlike...Igenerallyassumethattheyhavethe

abilitytoreadjustaboutanything.Soitconcernsme,again,[laughter],um...to...

whatIletithaveaccess,so.

I:Okay.Um.Now,youveusedtheseappsbeforesoImgonnaask,whatdoyouthink

isnecessaryforlikeaminimallevelofsocialintegration?Whatshouldanapphave

ifitsgoingtobesocialthatisataminimallevelofinterferingwithyourprivacy?

8/3/2019 Compiled 1

57/133

Appendix 47

S:Um...Well,so,like,Iuse,asanexample,IuseWordsWithFriends,andIdontuse

itonFacebookbutIuseitonmyiPad,justbecausethatgenerally,generallyIhave

thatwithmeanditseemslikeoneofthoseeasythings.Idontfeellikeits...andit

connectsmethroughFacebooktothefriendsthatIhave,so.Ifeellikethatthat

connection,likethatlevelof...itpullsyourfriendslistdoesntseemtoointrusiveto

me.Um.Anditgivesyoutheoptiontosendarequestandpeoplecaneitheroptinor

not.ButIhavent...Ihaventfeltlikethathasbeenintrusive.So.

I:Okay.So,youthink,justtoclarifyonthat,aminimallevelofsocialintegration

wouldbejustpullingyourfriendsandknowingwhoyourfriendsare?

S:Right.

I:And,whatwouldbetheoppositeofthat?Atwhatpointdoesitcrosstheline?

S:Uhh.Postinglike...andFacebookinparticular,postingstuffwithoutmy

knowledge,readingpersonallike...stuffthatsnotpubliconmyprofile,thatstuff

kindofconcernsme.BecauseIknowtheresstuffthatsintherethatImadeprivate

thatIworryaboutotherpeoplebeingabletoaccess.

I:So,postingwithoutyourknowledgeandreadingprivateinformation?

S:Right.

8/3/2019 Compiled 1

58/133

Appendix 48

I:Okay.And,doyouthinkanysocialintegrationisnecessaryonthewebforthenew

webappsthatarecomingoutlately?

S:DoIthinkanysocialintegration?Dependsonthetype...Itreallydependsonthe

typeofgame.With...ifitsamultiplayergame,thanobviouslyyouneedsocial

integration.Butifits...ifitsjustasingle-player,single-personplaygame,Idont

thinkthereneedstobeanysocialintegration.Like,ifIjustwanttogoplaysome

brain-numbinggamethat...Idont...Idontneedtosocializewtih,Iwanttobeable

todothatwithoutbeingsociallyconnectedorhavepeopleknow,youknow,that

thatswhatImdoing.

I:Sure.Andinthecasethatoneofthosecomesup,saythatyoureonawebsite

thatsasingleplayergame,anditpopsupwiththeFacebooklogindialog,whatdo

youusuallydointhatkindofsituation.

S:Um.Dontplayonthatsite.

I:Okay.

S:Um.Itsgottenalittlebiteasier.LikenowthatIhave...like...Imsortofparticular

aboutgamesthatIplay,andwillgenerallyjustplaythemonmyiPadorjustnotplay

thematall.Really,iswhatitssortofgottentothesedays.

8/3/2019 Compiled 1

59/133

Appendix 49

I:Okay.And...letssee,now,andwevekindofalreadygoneoverthis,butIfigured

Idaskitanywayjusttosortofclarifyit,butum...whenyoudousesocialintegration

onanapp,whatareyourgoalswithit?Like,whatdoyouintendtogetoutofthat

socialintegration

S:Uh.ProbablyjustadifferentwaytoconnectwithpeopleImalreadyconnected

with.Um.Peopleare...uh...Ijustthinkaboutpeopleum...thatarearoundtheworld

thatIdonttalktoregularlythatitjustgivesadifferentway...givesadifferentway

toconnectonmaybeamoreregularbasisthatsnotum...Im...Icantthinkofwhat

therightwordis,butitsnotintrusive,itsjustpassiveconnectionyouhavewith

somebodythatsinyournetwork,butyoudonttalktoorseeeveryday.

I:Okay,thatmakessense.Um.Letssee...Nowum,whatservices,andIknowweve

mostlytalkedaboutFacebook,butwhatservicesdoyouthinkthesesocialapps

shouldconnectwithand,Iguess,Facebookiskindofcontroversialbutitsalso

ubiquitous,butum...arethereanybservicesthatyouthinkareasubiqutiousor

otherwisenotallthatcontroversialthatyouwouldprefer?Orarethereanyother

servicesthatyouwouldusetoconnect.Likeifyouhadtheoptiontouseanyother

socialnetworkstoconnect,whichonesdoyouthinkyouwoulduse?

S:Umm...IdontthinkIwoulduseanyotherone.Iknowthattheresawayto

connectthroughTwitter,andIdont...Ivenotoptedforthatoption.Uh.And,you

8/3/2019 Compiled 1

60/133

Appendix 50

knowwouldthere...youknow,myfirstthoughtwouldbelikeGooglePlus,um,but,

againIwouldn'tthinktoyouknow,integrateorloginthroughthat.So.Facebook

seemstobethesortofgotologinforthat.AndmostlybecauseIlookatFacebookas

thisweirdsortofmixofpersonalfunslashworktypestuff.Um.Soits,inmy,the

wayIlookatitisjustasortofconglomerateofstuff.And.So.

I:So,isthatwhyyousayTwitterwouldntbeappropritateforthat?Whatmakes

TwitterorGooglePlusnotasacceptableassortofauniversalloginforsocial?

S:Um...Idont...Twitter,becausethinkIvekeptthatsomewhatseparate,um,Imean

thereissomeworkandpersonalstuff,butitsmoreaboutmynetworkandmy

connectionsanditjustdoesntseem...Ijustdontwanttomixthem.Iguessits

personalpreference.Google...maybeifGoogleseemedalittlefriendlier,thenImight

considerit,butrightnowitjustdoesnt...like,itirritatedmewhenIwasintherethe

otherdayandthegamestuffisstartingtopopup.Itslikereally?Ikindalikedyou

causeyoudidnthavethisandnowitsstartingtopopupso...Itssortofmakesme

thingbacktolike...MySpace,whenMySpacehadallofthestuffanditkeptadding

andaddinganditsortofimploded.Iknowthatitstillexists,but...

I:Lessofwhatitwas.

S:Yes.Right.AndnowIthink,youknow,thatssortofwhatFacebook,kindadoes

that.So...

8/3/2019 Compiled 1

61/133

Appendix 51

I.Mhmm.Itsfunnythatitsdrawingcomparisonstomyspaceanditsonlybeenout

ofafewmonths.ThatsprobablynotagoodsignforGooglePlusthere.Um...Iguess,

um.Doyou,doyoueverusebrowserextensions?Um,anditskindoflikealeftturn

herejusttoaskaboutthis.Imjustlookingforpotentialmethodstosortofsolvethe

privacyissueandtofindsomeadditionalcontext.

S:Ihavenot.

I:Youhaventusedbrowserextensions.Whatbrowsersdoyouuse?

S:Uhh,IuseSafari.

I:Okay.So,whyhaveyouchosennotto?Justnoneofthemhavecomeupthatwere

especiallyitnerestingoristherealackofavailability,or...?

S:Um.Ihavenoidea?Ireallydont.Iknowthat...Iknowthattheyexist.Iknow

thatandand,Imnotgonna,ImprettycertainthatImnotgoingtorememberwhat

um...whatIused,butIknowonFirefox,manyyearsago,thatIhadextensions.Um,

but,thatwasalsoduetothefactthatIwasmarriedtoanetworkengineer,whowas

veryconcernedaboutprivacy,andyeah,wouldsortofgivemeguidanceonthat.So.

Butyeah,Safari,atthispoint,Ihaventreallyaddedanythingorthoughtaboutit,so.

8/3/2019 Compiled 1

62/133

Appendix 52

I:Haveyouhadanyproblemswithbrowserextensionsinthepast?Eitherwhenyou

hadfirefoxorjustlike,anecdotallyfromfriends?

S:No.

I:Sotheresnotreallyanycompellingthingthatwouldstopyoufromusingthat?

S:No,no.

I:Alright.Iknowthatthepastfewquestionshaveshedlightonthis,but,howmuch

doyouvalueyourprivacyonlineandwhyisitimportanttoyou?

S:Um..privacyonlineiskindofaprettybigdeal.And,whyisitimportant?Ithink

probablybecauseIvehadthings...ImeanIvedealtwithacoupleroundsofum,

Identitytheft,andum,thatwas,youknowwithonlinebankingstuff,um.And,so

thatsalwayssortofinthebackofmyhead.Whatcantheygetaccessto?WhydoI

haveto...whydoIneedtogiveyoumybirthday,whydoesthatmatter,andum,just,

differentthingslikethat.Itsjustimportantduetosafety,Ithink.Bothphysicaland

thatempotionalmentalIfeellikeImgoodum.So.

I:Alright,um.Well,andifyoucouldkindofgothroughit,andIknowwejustsortof

talkedaboutit,but,inageneralsense,butspecificallynarrowingitdown,what

aspectsofprivacydoyouthinkareworthhighlighting?Like,ifyoucouldgivea

8/3/2019 Compiled 1

63/133

Appendix 53

bulletedlist,top3thingsthatyoudbeveryveryupsetifsomeonefoundoutthat

wasntauthorizedtofindoutcertainthingsonline,whatwouldbeyourtopthree?

S:Hmm..

I:Youdonthavetodoitinanykindoforder,itsjustmoretogetafeelforwhatyou

prioritize.

S:Um...whatwouldIbe...passwords.Umm.Idsaybirthday,but,um,itssoeasyto...

itssoeasytofindthatout,soIdont...SocialSecuritynumber,um,whereIlive.Like,

youknowacompletephysicaladdress,mightkindoffreakmeout.Souh,yeah.

I:Yeah,definitely.Thatmakesperfectsense.Feelthatwaysometimestoo.When

theygeolocateyouandyourejustlikeokay?

S:Right,right.

I:Okay,um,now,wekindoftalkedaboutthis,butifyouseethisdialogherepopup

[presentsubjectwithprintoutofFacebookAPIauthorizationdialog]onascreen,

thesortofFacebookAPI...justwalkmethroughyourprocessofwhatyouthink

whenyouseethis.Ifasite...ifyouclickonalinkandyouseethissite.Whatdoyou

click,whatdoyouread,whatdoyoureyesgravitateto.

8/3/2019 Compiled 1

64/133

Appendix 54

S:Um,usuallymyeyesgravitatetowardsthisarea[pointstopermissionslist]asfar

aswhatsbeingaccessed.Um.And,um.Something...withthisoneinparticular,what

wouldprobablycausemetoclickdontallowwouldprobablybe,youknow,sharing

otherinformationIvesharedwitheveryone.Although...AnyotherinformationI

sharewitheveryone,so,whichmeans,Iwouldreadthisas,onFacebookifIsaid

onlysharewithfriends,itsnotbeingsharedwitheveryonesoitwouldntbeshared.

Thatmightactuallyleadmetoclickallow.

I:Okay.Soifyousaw...ifyoujustsawthisAccessmybasicinformation,youd

probablyclickallow?

S:Probably.

I:Isthereanythingthatwould...say,ifyouhaddirectexamplesofwhatitwas

sharing,likeifitwentintoyourpageandsaidheresanexampleofwhatwecan

see,youknow,wouldthatmakeitbetterorworse.

S:Um,solike,forexample,somethingthatIknowIvesharedismylocation.Not

like,myaddress,butlike,mycitylocation.Idontreallyhaveanissuewiththat.It

justseems...Idonthaveanissuewithsharingthatwithmyfriendslist.Idontwant

itsharedwiththeentireworld,butIfeelcomfortablewithhavingitsharedtomy

friendslist.Sodoesthatmakesense?

8/3/2019 Compiled 1

65/133

Appendix 55

I:Yeah,totally.So,um.ButIguessthebiggerquestionisthenwouldyoufeel

comfortablewithsharingitwithExampleapplicationorwhateverapplication,like

forexampleWashingtonPostsocialreaderorsomethinglikethat.

S:Uh..Probably.Probably.

I:Sure.And,Iguessum,Imkindofwondering,wevealreadytalkedaboutum,

friendslistandyouknow,uh,whatsgenerallypublic,butifyoucouldtellme,in

general,whatyoukeeppubliconyourFAcebook?Like,whatdoyougenerally

classifyaspublicinformation?IfIvisityourprofilepage,Imnotsignedin,Imsome

randompersonwhosnotfriendswithyouonFacebook?

S:Yourenotgonnabeabletoseeverymuch.Andactually,Iwasjustwondering...

uh...Umm.Iknowthatitsprettymuchlockeddown,Ithinkthatpeoplecansearch

forit.Um.But,Idontthinkyougettosee...um...IknowthatIwentin,andafter

recentchanges,itwassharinglocationandstuff.Iwentinandshutthatoff,mostly

becauseitseemedannoying.NotsomuchthatIwasconcernedthatpeopleknew

whereIwas,um,orthatIwasconcernedaboutmyprivacy,butsimplyduetoum,it

wasjustannoying.Um.ButwhatdoI...peoplecanlook.Anybodycanlookupmy

nameandanyonecansendmeafriendrequest,anyonecansendmeamessage,but

onlyfriendscanpostorstufflikethat.Um.And...um...Yeah.Imnotreallysure.I

justwentintotheprivacysettingsandeventhosehavechangedsincethelasttimeI

wasinhere,soIshouldprobablygopokearoundandseewhatImactually,uh,

8/3/2019 Compiled 1

66/133

Appendix 56

whatImactuallyshowing.But,youknow,Ishowthemonthanddayofmybirthday,

Idontshowphonenumbersoranythinglikethat,butIshowemailaddressesand

websites.Um.

I:So,itwouldntbotheryouifsomerandompersoncameinandsawthemonthand

dayofyourbirthdayandanemailaddress?

S:Um...No,buttheyreprobablynotgonnagettothatpoint.Um,causethatdoesnt

showonthe...Ibelievethatthisdoesntshowontheinitiallike...Ivelookedup

somebodyandthisiswhatIsee.

I:Okay,alright.

S:Doesthatmakesense?

I:Yeah,definitely.

S:NowImallparanoid.

I:Yeah,Imsorry,thisinterviewprobablyisnthelpingany.ThatssomethingIm

gonnarunintoalot.

8/3/2019 Compiled 1

67/133

Appendix 57

S:NowImlike,crap,nowIneedtogolooktosee...andIcantsearchformyself

without,yeah,anyway.

I:Iknowthattheychangedafewthingslately,so,especially,likeinthelastweek

theyvechangedabunch.

S:Yeah.

I:AndIguess,um...Whatwouldhelpyousortofunderstandthescopeofthe

informationyoureshowing?Isthereanykindofvisualrepresentationyoucould

thinkofthatwouldreallyhelpdemonstrateoh,Imsharingthiswiththesepeople

orImsharingthiswiththeworld?

S:So,IknowthatFacebookhasawayforyoutolike...clickonviewas,butthenit

asksyoutotypeinoneofyourfriendsnames.So,but,iftheyreafriend,thenIve

giventhempermissiontoseewhatIvegivenpermissionformyentirefriendslistto

see,butitwouldbenice...frommyperspective,itwouldbenicetosee,soifIthink

thatIvelockedeverythingdown,ifIthinkthatIvemadeitsothatpeoplecant

accessthat,howcanIcheckthat?Like,howcanIgetsomesortofvisual

representationofviewassomebodywhosnotconnectedtoyou.Andit...popsit

upwithjustyourprofilepictureandwhatevergenericinformation,yourewillingto

give.Thatwouldmakemefeelbetter.

8/3/2019 Compiled 1

68/133

Appendix 58

I:Sure.Andwhatkindofphonedoyouhave?

S:Android.

I:YouhaveAndroid.Wheneveryouinstallanapp,youknowhowitgivesyouthat

listofpermissionsandstufflikethat,doyoureadwhatitsdoing,whenyouinstall

anapp?

S:Uhhh,mostofthetime.MostofthetimeIdo.Igenerallydontinstallappsonmy

phonethatI...thatIdontknowof,eithersomebodyelseinstallingorhasntsortof

beenhighlyrecommended.

I:So,yousortofrelyonavettingprocesstodothat...

S:Uh,yeah.

I:Okay,alright.Imjustthinkingaboutthatbecauseitsaverysimilarkindof

process,andIwantedtoseeifitssimilaracrossplatforms.Um.Now,wesortof...

mighthave...no,Iknowwevealreadytalkedaboutthis,Imjustgoingtoaskyouto

explainthisonemoretime.IfyougotoasitethatusesFacebookauthentication,and

yousee...youreatthehomepage,andyousee...itsaysloginwithFacebookto

get...oritjustsaysloginwithFacebook.Walkmethroughyourmentalprocess

there?

8/3/2019 Compiled 1

69/133

Appendix 59

S:Uh,so.Igotolike,theNewYorkTimes,anditsays,theynowhavesomesortof

login,loginbyFacebook.IfIvegonethereandIneedtologintoreadsomething,Id

probablyconsiderit.Um,ifIdontneedtologin,Igenerallylookforwaystonot

havetologintoothersites.Um.IfIhavetologinthenIllgothroughthatprocess

andlogin,um,Illchecktoseeifitsgoingtopoststuff,ifitsgoingtopullstuff,pull

datafrommylogin,orifitsjustusingittoauthenticate,um,login.So.

I:Whatfeatureswouldasocialapphavethatwouldmakeyouwanttousethat.Like

ifyoudidnthaveto,sayyougototheNewYorkTimesandyoudonthaveto,andit

saidonthebottomSeewhatyourfriendsarereadingoranykindoffeaturelike

that.Wouldthatmotivateyoutopossiblylogin,orwhatlevelwouldthathavetobe

at.

S:Um.IthinkIwouldbemotivatedtologintosharestuffortorecieve...Youknow,

thegivingandtherecievingofsharingwhatpeoplearereading.Inanactivemannor.

Notinsortofapassivemanner,likehowyouloginandeverybodycanseewhat

yourereading,justanactivemannorofsharing.

I:Doesitbotheryouthatitssortof...Thattheyredoingthepassivethingrightnow

withWashingtonPostandafewotherapps?

8/3/2019 Compiled 1

70/133

Appendix 60

S:Um,wellIdontusetheWashingtonPost,soI...Doesitbotherme?Imnotgonna

beinclinedtogovisitthemanytimesoon,butum.Yeah,thatkindofbothersme.

I:Okay.Soitssortofthepassivepartthatbothersyou?

S:Yeah,itsthepassivepartand,ImsureIsortofamgivingthemmorecreditthan

theydeserve,buttheyprobablytoldmethattheyweregoingtosharethis

informationandIprobablyjustdidntpayattention.

I:Okay.Now,hasoneofyourfriendseverpostedsomethingthatyouthinkthey

didntmeantoshare?Like,youthink,ohtheyvepostedeithersomethingas

innocuousasjustagamerequestoranadvertisementbecausetheirfacebookhad

beenhackedsomehow?Hasthateverhappened?

S:Ivehadstuffendupbeiongpostedbecausepeoplehavebeenhacked,sure.Butas

faras...Imtryingtothink.Ivehadpeoplepostpicturesthathaveshownuptagged

thatIvehadtoaskpeopletountagorremovealtogetherbutno,Icantthinkof

anythingotherthanthat.

I:Okay,butifsomeone...Somostlyitsjustbeenpictures,andifsomeonesbeen

hacked?

S:Gamestuffshowsupalot,andItendtojustignoreitordeleteit.

8/3/2019 Compiled 1

71/133

Appendix 61

I:Okay,nowinthecasethattheyhadbeenhacked,didyoutellthemthattheyhad

sharedsomethingthatwasprobablynottheirdoing?Youknow?

S:Sometimes.Itdependsonthe...ifitssomeoneIhaventtalkedtoinlike5years,

probablyjustgonnadeleteit.Ifitsmysister,probablygonnacallherandtellherto

changeherpassword.Um.Ifitsoneofyouguys,probablygonnabelike,uhhhh,

youveprobablybeenhacked.Usuallydoesnthappenfromoneofyouguys.It

usuallyhappensfromsomebodywhoisntonthecomputerallthetime,isnt...I

mean,Ihatetobeverybroadandgeneralize,butgenerallyspeakingthereare

certainpeoplewhotendtobehacked,so.Notthatitcanthappentoanybody,but

justingeneral.

I:Sure.And,ifyoucouldchangejustonethingaboutsocialinteractiononline,likeif

youcouldjustmakeonewish,tochangethewayweinteractsocially,through

FacebookandTwitter,whatwouldyouchange?

S:Goodgod.

I:Youcangoallthewaybackto1994,andyoucanjustcompletelychange

something.

8/3/2019 Compiled 1

72/133

Appendix 62

S:Thefirstthingthatcametomymindwasmakepeoplebehonest.But,Idont

think...Yousaidonewish,myonewish,andwellgobackallthewayto1994,

becauseIremember,itsalwaysbeenaproblem.Makepeoplebehonest.For

whateverreason,Idontthinkthisisanythingyoucanfix,butforwhateverreason,

peoplefeelliketheycandowhatever,theycansaywhatever.

I:So,honesty.Youwouldjustcreatesomekindoftruth...yeah.Thatmakessense.

S:Oneverylofty,high-levelwish,thatwouldbeit.

I:Thatscool.Well,thatsreallyprettymuchmyentirelistofquestions.Iwas

wonderingisthereanythingthatIvemissed,anythingthatyoudliketoaddtothe

project,anythingyoufeelImightveglossedover?

S:Well,whatwereyouhopingtodo?

I:Mygeneralthoughtwassortofabrowserextensionthatwouldhighlightexactly

whatinformationyouresharing.So,like...

S:Thatskindofcool.Thatwouldmakemebelike,ohIshouldcheckthatout.Like...

So...Anyway.

8/3/2019 Compiled 1

73/133

Appendix 63

I:Yeah!So,Iwasjustsortoflookingatitasawaythatyoucouldseerealdata

insteadofjustlikethatabstractbasicinformation.Insteadofsayingbasic

information,itwouldsayheresanexampleofthisandshowexactlythe

informationitcouldgetaccessto.Wouldthatbesomethingyouwoulduse?

S:Yeah,thatwouldbesomethingthatIwoulddefinitelyconsiderusing.So...

I:Great.Um...well.IthinkImdone.Thankssomuchforlettingmedothis,Ireally

appreciateit.

S:Yourewelcome.Hopefullythathelps.

I:Yeah,definitely.Iactuallyfiguredoutalot.So,thatwillbereallyreallynice.Alot

ofdifferentkindofdesignstuffIcanworkoffof.Especiallythinkingaboutwhatyou

lookatwhenyoulookintothis.Because,mostpeople,Isortofimaginearejustlike

ohFacebook,yesandclickit.

S:Right,right.Iknowthattherearepeoplewhodothatso.Irememberwhenlike,

myonesisterjoinedfacebookandsheputherentirebirthdayonthere,andIwas

justlikeYouknow,youprobablydontwantyourentirebirthdayshowing,justa

thought.Theyonlyneedalittlebitmoreinformationtopiecetogetherandso...you

know.

8/3/2019 Compiled 1

74/133

Appendix 64

I:Yeah,itsmakingmerethinkalotofwhatImdoingonminetoo.Doingthisproject

andstartingtothinkaboutit.Iknowmybirthdaysupthere.Phonenumbersup

there.Ummm,websitesareupthere.

S:Well,so,heresthefunnything.Itsverycontradictoryinthat,Idontwanttoput

myphonenumberupthere,butIamsogratefulthat,whentheresanemergency

andIreallyneedtogetintouchwithastudent,thatmosteverybodyhas...Icango

onmyphoneanditsthere,eventhoughIvenotcalledyoubefore.

I:Youwanttoencouragesharing,but...

S:Yeah,wheredoyoudrawtheline.

I:Thatsinterestingthough.Itissomethingthatyousortoftakeforgrantedwhen

otherpeopledoit.

S:youtakeitforgrantedwhensomebodyelsedoesit,butthenatthesametime,if

yourconcernedaboutyours,thenIstopandgo,well,ifIpublishaphonenumber,

likemyphonenumberhasbeenpublishedinhandbooks,anddocumentationthat

wevesentouttostudentsinthepast,an

Documents

Compiled 1