With the increasing awareness and concerns around privacy, many service providers offer their users various privacy controls. Through these controls, users gain greater authority over the collection, utilisation, and dissemination of their personal information by the services. However, these controls may be buried deep within menus or settings, making them difficult for a user to access. Additionally, the terminology used to describe privacy controls can sometimes be confusing or technical, further complicating the user's ability to understand and use them effectively. This is especially true for health websites, as users often share sensitive information about their health and well-being. While many privacy controls have been proposed to protect user data on these sites, existing research focuses on individual controls (e.g., privacy policies or cookie opt-outs) rather than providing a comprehensive overview of the privacy landscape. In addition, many studies concentrate on the technical aspects of privacy controls without considering the usability of these features from a user's perspective. This paper aims to fill the gaps in the existing work by analysing four privacy controls, namely privacy nudge, privacy notice, privacy policy, and privacy setting, and evaluating their usability on the top 100 most visited health websites. First, we define usability attributes for each privacy control in three website visit scenarios; the guest, registering, and log-in visits. These attributes include awareness, efficiency, comprehension, functionality, and choice. Then, we design a survey template based on these attributes and scenarios and collect data about privacy controls. Next, we analyse the availability and usability of each privacy control on health websites. Finally, we provide suggestions for improving the design of these privacy controls based on the data analysis results.

翻译：随着公众对隐私问题的意识增强及担忧加深，众多服务提供商向用户提供多种隐私控制功能。通过这些控制措施，用户能够对服务商收集、使用及传播其个人信息的方式获得更大自主权。然而，这些功能常深藏于菜单或设置层级中，导致用户难以发现与访问。此外，描述隐私控制的术语有时晦涩难懂或偏向技术化，进一步削弱了用户理解与有效运用的能力。这一问题在健康类网站中尤为突出——用户常在此类平台分享涉及自身健康福祉的敏感信息。尽管已有诸多隐私控制方案旨在保护用户数据，但现有研究多聚焦于单一控制手段（如隐私政策或Cookie退选机制），缺乏对隐私生态的整体性审视。同时，多数研究侧重隐私控制的技术实现，忽视了从用户视角评估其可用性。本文旨在填补这些研究空白，通过分析四种隐私控制功能——隐私提示、隐私声明、隐私政策及隐私设置，并对全球访问量排名前100的健康网站进行可用性评估。首先，针对网站访问的三种场景（匿名访问、注册过程、登录状态），我们为每种隐私控制功能定义了可用性属性，包括知晓性、效率性、理解性、功能性及选择权。继而，基于这些属性与场景设计调查模板，收集隐私控制的相关数据。随后，分析各健康网站中每种隐私控制功能的可用性与部署情况。最终，依据数据分析结果提出改进这些隐私控制设计的建议。