Protecting online privacy requires users to engage with and comprehend website privacy policies, but many policies are difficult and tedious to read. We present PRISMe (Privacy Risk Information Scanner for Me), a novel Large Language Model (LLM)-driven privacy policy assessment tool, which helps users to understand the essence of a lengthy, complex privacy policy while browsing. The tool, a browser extension, integrates a dashboard and an LLM chat. One major contribution is the first rigorous evaluation of such a tool. In a mixed-methods user study (N=22), we evaluate PRISMe's efficiency, usability, understandability of the provided information, and impacts on awareness. While our tool improves privacy awareness by providing a comprehensible quick overview and a quality chat for in-depth discussion, users note issues with consistency and building trust in the tool. From our insights, we derive important design implications to guide future policy analysis tools.
翻译:保护在线隐私需要用户参与并理解网站隐私政策,但许多政策文本艰涩且冗长乏味。本文提出PRISMe(面向个人的隐私风险信息扫描器),这是一种基于大语言模型(LLM)的新型隐私政策评估工具,可在用户浏览时帮助其理解冗长复杂隐私政策的核心内容。该工具作为浏览器扩展程序,整合了仪表板与LLM对话界面。其主要贡献在于首次对此类工具进行了严格评估。通过混合方法用户研究(N=22),我们评估了PRISMe的效率、可用性、所提供信息的可理解性以及对隐私意识的影响。研究发现,虽然该工具通过提供易于理解的快速概览和高质量的深度对话功能提升了隐私意识,但用户指出其在一致性和建立工具信任度方面存在问题。基于研究洞察,我们提出了重要的设计启示以指导未来政策分析工具的研发。