Transparency regarding the processing of personal data in online services is a necessary precondition for informed decisions on whether or not to share personal data. In this paper, we argue that privacy interfaces shall incorporate the context of display, personal preferences, and individual competences of data subjects following the principles of universal design and usable privacy. Doing so requires -- among others -- to consciously decouple the provision of transparency information from their ultimate presentation. To this end, we provide a general model of how transparency information can be provided from a data controller to data subjects, effectively leveraging machine-readable transparency information and facilitating versatile presentation interfaces. We contribute two actual implementations of said model: 1) a GDPR-aligned privacy dashboard and 2) a chatbot and virtual voice assistant enabled by conversational AI. We evaluate our model and implementations with a user study and find that these approaches provide effective and time-efficient transparency. Consequently, we illustrate how transparency can be enhanced using machine-readable transparency information and how data controllers can meet respective regulatory obligations.

翻译：在线服务中对个人数据进行处理的透明性是数据主体就是否共享个人数据做出知情决策的必要前提。本文认为，隐私界面应遵循通用设计和可用性隐私原则，融合显示上下文、个人偏好及数据主体的个体能力。实现这一目标需要——其中关键——有意识地解耦透明信息的提供与其最终呈现方式。为此，我们提出一个通用模型，阐明数据控制者如何向数据主体提供透明信息，有效利用机器可读的透明信息并支持多功能呈现界面。我们贡献了该模型的两种实际实现：1）符合GDPR规范的隐私仪表盘，2）基于对话式AI的聊天机器人及虚拟语音助手。通过用户研究评估我们的模型与实现，发现这些方法能提供有效且高效的透明性。由此，我们阐释了如何借助机器可读的透明信息增强透明性，以及数据控制者如何履行相应的监管义务。