Exploring the Effects of GDPR on the User Experience

Fernando Almeida; José Augusto Monteiro

doi:10.21601/jisem/10957

Exploring the Effects of GDPR on the User Experience

Fernando Almeida ¹ ^* , José Augusto Monteiro ²

More Detail

¹ University of Porto, INESC TEC, PORTUGAL
² Polytechnic Institute of Gaya, ISPGAYA, PORTUGAL
^* Corresponding Author

Full Text (PDF)

Research Article

Journal of Information Systems Engineering and Management, 2021 - Volume 6 Issue 3, Article No: em0140
https://doi.org/10.21601/jisem/10957

Published Online: 28 May 2021

Views: 2142 | Downloads: 1841

Open Access

How to cite this article

APA 6th edition

In-text citation: (Almeida & Monteiro, 2021)
Reference: Almeida, F., & Monteiro, J. A. (2021). Exploring the Effects of GDPR on the User Experience. Journal of Information Systems Engineering and Management, 6(3), em0140. https://doi.org/10.21601/jisem/10957

Vancouver

In-text citation: (1), (2), (3), etc.
Reference: Almeida F, Monteiro JA. Exploring the Effects of GDPR on the User Experience. J INFORM SYSTEMS ENG. 2021;6(3):em0140. https://doi.org/10.21601/jisem/10957

AMA 10th edition

In-text citation: (1), (2), (3), etc.
Reference: Almeida F, Monteiro JA. Exploring the Effects of GDPR on the User Experience. J INFORM SYSTEMS ENG. 2021;6(3), em0140. https://doi.org/10.21601/jisem/10957

Chicago

In-text citation: (Almeida and Monteiro, 2021)
Reference: Almeida, Fernando, and José Augusto Monteiro. "Exploring the Effects of GDPR on the User Experience". Journal of Information Systems Engineering and Management 2021 6 no. 3 (2021): em0140. https://doi.org/10.21601/jisem/10957

Harvard

In-text citation: (Almeida and Monteiro, 2021)
Reference: Almeida, F., and Monteiro, J. A. (2021). Exploring the Effects of GDPR on the User Experience. Journal of Information Systems Engineering and Management, 6(3), em0140. https://doi.org/10.21601/jisem/10957

MLA

In-text citation: (Almeida and Monteiro, 2021)
Reference: Almeida, Fernando et al. "Exploring the Effects of GDPR on the User Experience". Journal of Information Systems Engineering and Management, vol. 6, no. 3, 2021, em0140. https://doi.org/10.21601/jisem/10957

ABSTRACT

With the implementation of the General Data Protection Regulation (GDPR) in the European Union, companies must be able to ensure that applications requesting the user to record personal data inform the user of the purpose for which the data collected is being collected. Furthermore, it is also necessary to ensure the data owner has given his/her explicit consent to the collection of these data and that such consent is recorded. This imperative has required a reworking of the interfaces of the applications. In this sense, this study seeks to explore the policies and practices that are being followed by organizations in designing interfaces. Four case studies were considered in the development of this study to explore this phenomenon in the dimensions of pragmatic hedonic processes of interface design, approaches to collect consent, and how personal data is managed.

KEYWORDS

GDPR user experience interfaces data privacy data management

REFERENCES

Almeida, F. And Lourenço, J. (2020). Privacy and Security Challenges in the Internet of Things. In Khosrow-Pour D.B.A., M. (Ed.), Encyclopedia of Criminal Activities and the Deep Web (pp. 749-762). IGI Global. https://doi.org/10.4018/978-1-5225-9715-5.ch051
Auka (2018). Best UX practices for GDPR compliance. Available at: https://medium.com/@AukaPay/best-ux-practices-for-gdpr-compliance-563b73362095
Bakker, S. and Niemantsverdriet, K. (2016). The Interaction-Attention Continuum: Considering Various Levels of Human Attention in Interaction Design. International Journal of Design, 10(2), 1-21.
Barrett, C. (2019). What does GDPR mean for UX? Available at: https://uxdesign.cc/what-does-gdpr-mean-for-ux-9b5ecbc51a43
Chiosa, A. R. and Anastasiei, B. (2017). Negative word-of-mouth: exploring the impact of adverse meassages on consumers’ reactions on facebook. Review of Economic & Business Studies, 10(2), 157-173. https://doi.org/10.1515/rebs-2017-0059
Cooper, A., Reimann, R. and Cronin, D. (2007). About Face 3: The Essentials of Interaction Design. Michigan, Wiley.
Crutzen, R., Peters, G. Y. and Mondschein, C. (2019). Why and how we should care about the General Data Protection Regulation. Psychology & Health, 34(11), 1347-1357. https://doi.org/10.1080/08870446.2019.1606222
Denning, S. (2018). GDPR & the User Experience. Available at: https://uservision.co.uk/thoughts/gdpr-the-user-experience/
Distler, V., Lallemand, C. and Koenig, V. (2020). How Acceptable Is This? How User Experience Factors Can Broaden our Understanding of The Acceptance of Privacy Trade-offs. Computers in Human Behavior, 106, 106227. https://doi.org/10.1016/j.chb.2019.106227
Hallinan, D. (2020). Broad consent under the GDPR: an optimistic perspective on a bright future. Life Sciences, Society and Policy, 16(1), 1-18. https://doi.org/10.1186/s40504-019-0096-3
Hassenzahl, M., Diefenbach, S., e Göritz, A. (2010). Needs, affect, and interactive products – Facets of user experience. Interacting with Computers, 22(5), 353-362. https://doi.org/10.1016/j.intcom.2010.04.002
Hoofnagle, C. J., Van der Sloot, B. and Borgesius, F. Z. (2019). The European Union general data protection regulation: what it is and what it means. Information & Communications Technology Law, 28(1), 69-98. https://doi.org/10.1080/13600834.2019.1573501
Hu, X. and Sastry, N. (2019). Characterising third party cookie usage in the EU after GDPR. WebSci '19: Proceedings of the 10th ACM Conference on Web Science, 137-141. https://doi.org/10.1145/3292522.3326039
ICO (2017). Consultation: GDPR consent guidance. Available at: https://ico.org.uk/media/about-the-ico/consultations/2013551/draft-gdpr-consent-guidance-for-consultation-201703.pdf
Irwin, L. (2017). GDPR: When do you need to seek consent? Available at: https://www.itgovernance.eu/blog/en/gdpr-when-do-you-need-to-seek-consent
Jamshed, S. (2014). Qualitative research method-interviewing and observation. Journal of Basic and Clinical Pharmacy, 5(4), 87-88. https://doi.org/10.4103/0976-0105.141942
Karray, F., Alemzadeh, M., Saleh, J. A. and Arab, M. N. (2008). Human-Computer Interaction: Overview on State of the Ar. International Journal on Smart Sensing and Intelligent Systems, 1(1), 137-159. https://doi.org/10.21307/ijssis-2017-283
Kujala, S., Roto, V., Väänänen-Vainio-Mattila, K. and Sinnelä, A. (2011). Identifying Hedonic Factors in Long-Term User Experience. In Proceedings of the 2011 Conference on Designing Pleasurable Products and Interfaces, Milano, Italy, 1-8. https://doi.org/10.1145/2347504.2347523
Lee, H. J., Lee, K. K. and Choi, J. (2018). A Structural Model for Unity of Experience: Connecting User Experience, Customer Experience, and Brand Experience. Journal of Usability Studies, 14(1), 8-34.
Li, H., Yu, L. and He, W. (2019). The Impact of GDPR on Global Technology Development. Journal of Global Information Technology Management, 22(1), 1-6. https://doi.org/10.1080/1097198X.2019.1569186
Lomas, N. (2019). Europe’s top court says active consent is needed for tracking cookies. Available at: https://techcrunch.com/2019/10/01/europes-top-court-says-active-consent-is-needed-for-tracking-cookies/
Machuletz, D. and Böhme, R. (2020). Multiple Purposes, Multiple Problems: A User Study of Consent Dialogs after GDPR. In Proceedings on Privacy Enhancing Technologies, Virtual, 481-498. https://doi.org/10.2478/popets-2020-0037
Marsh, S. (2018). User Research: A Practical Guide to Designing Better Products and Services. London, UK: Kogan Page.
Morville, P. (2004). User Experience Design. Available at: https://semanticstudios.com/user_experience_design/
Mulder, T. and Tudorica, M. (2019). Privacy policies, cross-border health data and the GDPR. Information & Communications Technology Law, 28(3), 261-274. https://doi.org/10.1080/13600834.2019.1644068
Newman, D. (2017). Improving Customer Experience Through Customer Data. Available at: https://www.forbes.com/sites/danielnewman/2017/04/04/improving-customer-experience-through-customer-data/#4e497f144e64
Politou, E., Alepis, E. and Patsakis, C. (2018). Forgetting personal data and revoking consent under the GDPR: Challenges and proposed solutions. Journal of Cybersecurity, 4(1), 1-20. https://doi.org/10.1093/cybsec/tyy001
Poritskiy, N., Oliveira, F. and Almeida, F. (2019). The benefits and challenges of general data protection regulation for the information technology sector. Digital Policy, Regulation and Governance, 21(5), 510-524. https://doi.org/10.1108/DPRG-05-2019-0039
Queirós, A., Faria, D. and Almeida, F. (2017). Strengths and Limitation of Qualitative and Quantitative Research Methods. European Journal of Education Studies, 3(9), 369-387.
Rostama, G., Bekhradi, A. and Yannou, B. (2017). From privacy by design to design for privacy. In Proceedings of the International Conference on Engineering Design (ICED), Vancouver, Canada, 1-11.
Saariluoma, P. and Jokinen, J. P. (2014). Emotional Dimensions of User Experience: A User Psychological Analysis. International Journal of Human-Computer Interaction, 30(4), 303-320. https://doi.org/10.1080/10447318.2013.858460
Shneiderman, B., Plaisant, C., Cohen, M., Jacobs, S., Elmqvist, N. and Diakopoulos, N. (2016). Designing the User Interface: Strategies for Effective Human-Computer Interaction. London, UK: Pearson.
Thew, S. and Sutcliffe, A. (2018). Value-based requirements engineering: method and experience. Requirements Engineering, 23, 443-464. https://doi.org/10.1007/s00766-017-0273-y
Thüring, M. and Mahlke, S. (2007). Usability, aesthetics and emotions in human–technology interaction. International Journal of Psychology, 42(4), 253-264. https://doi.org/10.1080/00207590701396674
Todorovic, I., Komazec, S., Krivokapic, D. and Krivokapic, D. (2018). Project Management in the Implementation of General Data Protection Regulation (GDPR). European Project Management Journal, 8(1), 55-64. https://doi.org/10.18485/epmj.2018.8.1.7
Utz, C., Degeling, M., Fahl, S., Schaub, F. and Holz, T. (2019). (Un)informed Consent: Studying GDPR Consent Notices in the Field. In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, London, UK, 973-990. https://doi.org/10.1145/3319535.3354212
Van Ooijen, I. and Vrabec, H. U. (2019). Does the GDPR Enhance Consumers’ Control over Personal Data? An Analysis from a Behavioural Perspective. Journal of Consumer Policy, 42, 91-107. https://doi.org/10.1007/s10603-018-9399-7
Yin, R. (2017). Case Study Research and Applications: Design and Methods. Thousand Oaks, California: SAGE Publications. https://doi.org/10.1002/col.22052
Yu, E. (2018). Designing for Value: Insights from the Emotional Appraisal Approach to Understanding User Value. The Design Journal, 21(2), 185-207. https://doi.org/10.1080/14606925.2018.1407540

LICENSE

This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.