publications_
Consumer-Driven Design and Evaluation of Broadband Labels
Christopher Choy, Ellie Young, Megan Li, Lorrie Faith Cranor, Jon Peha
TPRC51: The Research Conference on Communications, Information and Internet Policy (2023)
open-access PDF at SSRN 10/22 technical report FCC filing #10820081478988A US-UK Usability Evaluation of Consent Management Platform Cookie Consent Interface Design on Desktop and Mobile
Elijah Bouma-Sims, Megan Li, Yanzi Lin, Adia Sakura-Lemessy, Alexandra Nisenoff, Ellie Young, Eleanor Birrell, Lorrie Faith Cranor, Hana Habib
CHI '23: Proceedings of the 2023 CHI Conference on Human Factors in Computing Systems
open-access PDF on ACM Digital LibraryUser-friendly yet rarely read: A case study on the redesign of an online HIPAA authorization
Sarah Pearman, Ellie Young, Lorrie Faith Cranor
Proceedings of Privacy Enhancing Technologies (PoPETS) 2022.3
open-access PDF at PoPETS presentation at PEPR ‘21“Okay, whatever”: An Evaluation of Cookie Consent Interfaces
Hana Habib, Megan Li, Ellie Young, Lorrie Faith Cranor
CHI '22: Proceedings of the 2022 CHI Conference on Human Factors in Computing Systems
open-access PDF on ACM Digital Library posterIdentifying User Needs for Advertising Controls on Facebook
Hana Habib, Sarah Pearman, Ellie Young, Jiamin Wang, Robert Zhang, Ishika Saxena, Lorrie Faith Cranor
CSCW ‘22: Proceedings of the ACM on Human-Computer Interaction, Volume 6, Issue CSCW1
open-access PDF on ACM Digital Library posterA second look at SecondLook: Design iterations and usability of digital dating abuse detection and awareness app
Tania Roy, Eleanor Young, Larry F. Hodges
ICHI 2020: IEEE International Conference on Healthcare Informatics, 1-11
PDF
broadband transparency
with Chris Choy
when was the last time you bought new home internet or cell service?
how was the experience?
it sucked, right?
chris, me, and jon peha presenting our work at TPRC50, Sep 2022.
we made many enemies with corporate telecom people that day
the U.S. Federal Commuications Commission is well aware of how slimy & misleading ISPs are during the sign-up process for new internet consumers, and has adopted rules requiring the display of easy-to-understand labels at the point of sale
we surveyed 2,500 people who had submitted their internet bills to Consumer Reports to learn what people want to know when purchasing an internet plan
i led the visual design of an adaptable, responsive label based on what the people want
see for yourself: the FCC’s final rendering adopted most of our proposals
my label (longform)
FCC label
🍪 cookie 🍪 consent 🍪
with Hana Habib and Elijah Bouma-Sims
you’ve heard it. i’ve heard it. we’ve all heard it.
you’re not crazy for wondering what that even means, or feeling like sometimes websites make the button to decline cookies really really small and hard to find… or they don’t have that option at all.
i designed the 12 prototype websites used in our study “okay, whatever,” which enabled us to tell the US internet “according to science, your cookie banners are bad, they make users feel bad, and you should feel bad, too.”
our lab immediately followed up this study with a more robust, international iteration (Bouma-Sims et al.) where we could really put GDPR compliance to the test.
for this second study, i built functional versions of all 12 of those websites (+ 2 new conditions) using bootstrap.
“this website uses cookies.”
healthcare chatbot
with Sarah Pearman
an app is not your doctor, no matter how much health data you share with it—and HIPAA, penned in 1991, will not protect you from evil (or simply incompetent) tech companies sharing your deepest medical secrets with anyone they want.
so what if a covered healthcare entity wants to leverage a tech company’s expertise to help patients?
patients who want to utilize this outside tech need to sign a HIPAA Authorization consenting to the release of their protected health information (PHI) to an entity who can legally do whatever they want with it.
the lawmakers who drafted the requirements for how authorizations must be presented 30 years ago had no way of envisioning a future where everyone carries around a global internet and artificial intelligence in their pockets.
in this project, we iterated on consent flows for a new chatbot integration on a major health insurer’s website, which was required to include the dreaded full-fat HIPAA Authorization.
i built several prototypes starting from files the insurer gave us, each one better than the last—but no matter how much we optimized the process, people still had no idea what they were consenting to.
the second phase of this study was a deep dive into misunderstandings, comfort levels with sensitive PHI, the importance of digital consent in high-stakes situations, and the ways in which our current models for consent don’t measure up for making users feel good about the safety & privacy of their data when it really matters.
* * also the topic of my undergrad honors thesis! *
facebook ad settings
with Hana Habib and Sarah Pearman
i ran 20-odd hour-long interviews, then did a lot of qualitative data analysis, to take a look at how well the various advertising and ads-related controls across facebook suited users’ needs
(spoiler: they didn’t)
secondlook
with Tania Roy
ai-powered mobile intervention for digital dating abuse
secondlook is an app that uses supervised machine learning to detect abusive language in a user’s text messages. it also offers informational content on healthy vs. abusive relationships and resources for individuals who may need outside help to secure their safety in an abusive relationship.
i completely redesigned and built this app from the ground up (flutter frontend + flask backend), then designed, conducted, and analyzed a user study with 20 participants testing how well it meets the needs of the target population