Document Type

Article

Author ORCID Identifier

Hanieh Atashpanjeh https://orcid.org/0000-0002-7626-629X

Rizu Paudel https://orcid.org/0000-0003-3840-9015

Mahdi Nasrullah Al-Ameen https://orcid.org/0000-0002-5764-2253

Journal/Book Title/Conference

International Journal of Human–Computer Interaction

Volume

41

Issue

12

Publisher

Taylor & Francis Inc.

Publication Date

10-2-2024

Journal Article Version

Accepted Manuscript

First Page

1

Last Page

32

Creative Commons License

Creative Commons Attribution-Noncommercial 4.0 License
This work is licensed under a Creative Commons Attribution-Noncommercial 4.0 License

Abstract

Users' mental models influence secure and privacy-preserving behavior in a computing environment. Prior studies on users' mental models of Internet, security tools, and digital privacy show that there is no one-size-fits-all solution when it comes to security and privacy design. However, little study to date has explored the ways to translate users' mental models into interactive security and privacy designs. As we begin to address this gap, we focus on privacy policy in this paper. The typical text-based privacy policy suffers from poor readability and usability. A recent study proposed a Visual Interactive Privacy Policy (VIPP), showing promise to offer a better user experience as compared to prior designs – we used VIPP as a control condition and compared that with our mental model (MM)-based designs, inspired by users' privacy mental models explored in the existing literature. We iteratively improved our MM-based designs through a series of user studies in the lab setting. We evaluated our updated designs in an online study with 182 participants over Amazon Mechanical Turk. The participants rated MM-based designs significantly better than the control in most of our evaluation parameters. Furthermore, we found that when a design is centered around the mental model of participants, study participants rated it higher in terms of personal connection to the design, perspicuity, attractiveness, being stimulated towards privacy protection, as well as the propensity for real-life adoption. Based on our findings, we discussed the successes and challenges of MM-based designs and provided guidelines on the scope of leveraging mental models in the broader area of privacy and security designs.

Comments

This is an Accepted Manuscript version of the following article, accepted for publication in International Journal of Human–Computer Interaction. Atashpanjeh, H., Paudel, R., & Al-Ameen, M. N. (2024). Mental Model-Based Designs: The Study in Privacy Policy Landscape. International Journal of Human–Computer Interaction, 41(12), 7253–7272. https://doi.org/10.1080/10447318.2024.2392064. It is deposited under the terms of the Creative Commons Attribution- NonCommercial License (http://creativecommons.org/licenses/by-nc/4.0), which permits non-commercial re-use, distribution, and reproduction in any medium, provided the original work is properly cited.

Available for download on Thursday, October 02, 2025

Share

COinS