Block Cookies, Not Websites: Analysing Mental Models and Usability of the Privacy-Preserving Browser Extension CookieBlock
Open access
Date
2023Type
- Journal Article
ETH Bibliography
yes
Altmetrics
Abstract
In the modern web, users are confronted with a plethora of complex privacy-related decisions about cookies and consent, often compounded by misleading policies and deceptive patterns. Past efforts to enhance online privacy have failed due to their dependence on website compliance. A solution to this lies in privacy-enhancing tools that are directly controlled by the user. However, challenges related to the usability and flawed understanding of the tools’ functionality hinder their widespread adoption. To address this problem, we evaluated the browser extension CookieBlock as an example of a current tool, which supports users by blocking tracking cookies independent of website compliance. We used a complementary approach consisting of an expert evaluation of CookieBlock and the related tools NoScript and Ghostery, and a laboratory user study focusing on the unique details of how users interact with CookieBlock specifically. The laboratory study with 42 participants investigated usage, mental models, and usability of CookieBlock based on eye tracking, interaction, and self-report data. While CookieBlock received good usability ratings, 18 participants were unable to solve a website breakage caused by cookie misclassification on their own. Overall, the results revealed flawed mental models of CookieBlock’s functionality and resulting challenges in making the connection between website breakage and cookie misclassification. Implications for CookieBlock and related applications include interface design recommendations supporting accurate mental models and the proposal of improved heuristics to better guide users and warn them about potential identified website breakage. Show more
Permanent link
https://doi.org/10.3929/ethz-b-000638291Publication status
publishedExternal links
Journal / series
Proceedings on Privacy Enhancing TechnologiesVolume
Pages / Article No.
Publisher
Privacy Enhancing Technologies Symposium Advisory BoardSubject
usable privacy; cookies; browser extension; eye trackingOrganisational unit
09775 - Zimmermann, Verena / Zimmermann, Verena
03634 - Basin, David / Basin, David
Related publications and datasets
Is cited by: https://doi.org/10.3929/ethz-b-000662039
Is supplemented by: https://doi.org/10.3929/ethz-b-000627400
More
Show all metadata
ETH Bibliography
yes
Altmetrics