Jusletter IT

A Methodological Framework to Design a Machine-readable Privacy Icon Set

  • Authors: Monica Palmirani / Arianna Rossi / Michele Martoni / Margaret Hagan
  • Category: Articles
  • Region: Italy, USA
  • Field of law: Legal Visualisation
  • Collection: Conference proceedings IRIS 2018
  • Citation: Monica Palmirani / Arianna Rossi / Michele Martoni / Margaret Hagan, A Methodological Framework to Design a Machine-readable Privacy Icon Set, in: Jusletter IT 22 February 2018
The GDPR suggests icons to convey data practices in a more straightforward way. Although visualizations to represent legal terms have many benefits, there is fear that they could be misrepresented by designers and misinterpreted by individuals, thus hindering instead of facilitating the comprehension. In order to solve these issues, we present a methodology to generate legal visual representations that is based on an analysis of legal requirements, on an ontological representation of the legal knowledge, and on an iterative, multi-stakeholder design approach, followed by empirical evaluation.

Table of contents

  • 1. Introduction
  • 2. Project Overview: Machine-Readable, Standardized, Visual Elements for Privacy Policies
  • 3. Methodology
  • 3.1. Analysis of Legal Requirements
  • 3.2. Formalization of Legal Knowledge
  • 3.3. Participatory, Human-Centered Design to Convert Formal Knowledge into Visuals
  • 3.4. Empirical Evaluation
  • 4. Limitations and Conclusions
  • 5. References


Introduction ^


The development of a «visual language for privacy data rights» [Popova 2011] has been pursued by many to represent in a straightforward manner relevant information about data practices,1 as opposed to the lengthy, tedious privacy policies that are either disregarded or not understood [European Commission 2015]. Most importantly, Article 12(7) of the General Data Protection Regulation2 suggests privacy icons3 «to give in an easily visible, intelligible and clearly legible manner a meaningful overview of the intended processing». However, graphical symbols show a limited ability to convey abstract or complex meanings [Etsi 1998], such as data protection concepts. Furthermore, images are not necessarily universally understood [Esayas 2016], especially when they don’t depict concrete objects or actions, but are rather arbitrary symbols. Indeed, a few user studies emphasized that a chance of misinterpretation of privacy icons exists [Holtz 2010, Pettersson 2014], when the designer’s intention does not meet others’ understanding of the symbol.

This finding raises a critical aspect about the visual communication of legal knowledge: if visual elements can be wrongly understood, then they could hinder, instead of facilitating, comprehension of data practices. If the burden imposed on the individuals to interpret the icons is too onerous, they could simply ignore them. Moreover, the visuals could suggest misleading information, based on which data subjects will create a wrong mental model of a certain entity’s processing practices and give uninformed consent to them. Data controllers might therefore prefer to keep on relying on classical legal terms to avoid liability issues [Hansen 2009]. Thus, although legal icons are not meant to completely replace text [Esayas 2016], it is necessary to establish a methodology to generate legal symbols4 with a reliable meaning that will be easily recognized and (ideally) universally interpreted.5 Moreover, the set of concepts to be represented must be defined, since existing privacy icon sets are diverse in nature and function [Rossi/Palmirani 2017]. Therefore, we advocate to rely on legal requirements and knowledge formalization, e.g. ontologies. Moreover, multidisciplinary collaborations reduce personal bias to create visualizations of legal concepts, while design cycles generate multiple prototypes that are iteratively tested. Lastly, user research provides empirical evaluation of the visuals. This methodology is intended for any legal context, but will be exemplified in the following by privacy icons.


Project Overview: Machine-Readable, Standardized, Visual Elements for Privacy Policies ^


The methodology for the generation of machine-readable, standardized, effective privacy icons is part of a project that aims to visualize key notions of privacy disclosures in a semi-automatic manner [Rossi/Palmirani 2017]. Technologies such as LegalDocML6 and ontologies [Biasiotti 2011] convert legal knowledge into a machine-readable representation that can be, in turn, transformed into a visual representation. Namely, the semantics of legal terms can be captured by the mark-up, which can be linked to an ontology, where concepts of a specific domain, alongside their corresponding visual representation, are formally codified. Specific semantic content of legal texts can, thus, be semi-automatically visualized to make these documents more informative.


Methodology ^


Analysis of Legal Requirements ^


The first step of this approach is an analysis of the legal requirements, e.g. transparency. Article 12 GDPR grants permission to use icons, rather than other visual elements, to communicate data practices. Articles 13–14 GDPR detail the exact pieces of information that must be provided, e.g. the processing purposes. Whilst a human-centered design approach favours exploration, experimentation, and the analysis of users’ needs to steer the design process, in this case it is the law to mandate what information must be provided and how.


Formalization of Legal Knowledge ^

The analysis of legal requirements is then transformed into a computational ontology, which is an abstract model of concepts, properties and relations among them of a certain domain knowledge [Biasiotti 2011], where consensus about their definition and organization has been reached. This shared formalization lowers the chances of personal biases’ influence on the selection, interpretation, and representation of legal knowledge. The entities in the ontology can be linked to their pictorial representations, so that they will have a precise, stable, and machine-interpretable meaning (as the GDPR requires), thus presumably avoiding misrepresentations. Finally, this formalized conversion of natural language into conceptualization and, in turn, into visualizations provides traceable passages of the transformation. An ontology of the EU data protection legislation, PrOnto [Palmirani/et Al. forthcoming], has been thus developed around five conceptual cores: i) personal data, ii) agents, iii) processing operations, iv) purposes, and v) rights and obligations. These basic concepts, defined by the norm and the ontology, were leveraged to design the privacy icon set.


Participatory, Human-Centered Design to Convert Formal Knowledge into Visuals ^

The formalization of knowledge is integrated with a design-driven approach to legal innovation. Legal design introduces experimental user research into the legal domain [Hagan 2017], to facilitate the generation of new ideas, but also to validate them through empirical evaluation [Berger-Walliser/Barton/Haapio 2017]. The generation of new ideas, such as legal visualizations, can take place in participatory design workshops where multidisciplinary collaboration is encouraged to reduce personal bias. Participatory design is not prescriptive: it does not aim to generate one single («right») idea [Berger-Walliser/Barton/Haapio 2017]. Instead, peer-collaboration and reciprocal understanding among people with different mindsets and expertise produce harmonious solutions for multiple users’ needs. For instance, legal experts guarantee the correct interpretation of the concepts, whereas professionals from graphical disciplines ensure the visual representatins’ quality and the appropriateness to the context and the intended users [Rossi/Palmirani forthcoming]. Users are involved so that the legal visualizations mirror their (non-expert) view and interpretation.

A participatory, multidisciplinary design workshop was held in July 2017 at Stanford University [Legal Design Lab 2017] to create icons for the key data protection notions defined in the ontology. Different visual alternatives were generated, discussed, and concretized in prototypes. The icons were iteratively tested with small samples of individuals to evaluate their level of comprehensibility and to gather alternatives. At the end, some design principles for the visual communication of complex techno-legal concepts were formulated. A data protection icon set was developed afterwards by a graphic artist that followed these guidelines.7


Empirical Evaluation ^

In addition to the iterative evaluation of the prototypes during the design phase, it is essential to empirically assess the communicative power of visual elements in a more rigorous manner. User testing helps to find weak points, to examine alternative views, and to confirm or negate the researcher’s hypothesis with empirical evidence [Hagan 2017], e.g. that icons foster the understanding of privacy communication. For different kinds and functions of (legal) visualizations, different methods of evaluation might be needed.8 For the evaluation of graphical symbols, for instance, guidance from standardizing bodies can be followed9 and adapted to the context. In the present research, an association test alongside interviews was conducted to evaluate the ease of recognition of the icons and of the underlying legal concept. The user sample reflected as diverse demographics as possible. This study shed light on which images, for instance, were most successful at suggesting a data protection concept, even if this was unknown to the participants. Also the icons’ effectiveness in context will be tested, namely to find out if icons provide a «meaningful overview» of the privacy policy and help users to skim though the text to find relevant information.


Limitations and Conclusions ^

This paper has presented an application of a methodology for the generation of standardized, machine-readable visual representations of legal concepts. The proposed methodology adds a «code layer» between the language of the law and the legal visualization by leveraging semantic web technologies. Moreover, it relies on a multidisciplinary, participatory approach to generate the visuals and on empirical research to evaluate them. We have thus attempted to conciliate the advantages of the closed world of code with the open world of possibilities of design to generate visuals that are representative of as more views as possible.
It must be reckoned, however, that such an approach can be time-consuming, whereas the conciliation of different views and needs can be demanding. For instance, whilst for legal experts accuracy and completeness of representation is necessary to avoid misinterpretation or oversimplification, icons should be very simple and clear to ease individuals’ understanding and recognition. The user testing exposed the risk concerning misinterpretation of the symbols: for instance, the icon for profiling, which can be an invasive and harmful process, was believed to mean data anonymization. However, when the visualizations are arbitrary representations, even if carefully crafted, vetted, and tested, only standardization, widespread adoption, and education can guide a correct interpretation. Standardization and formalization can also lower the initial costs for the generation of legal visuals and paves the way to its automatization, which will reduce the coding, transmission, retrieval, and de-coding costs [Berger-Walliser/Barton/Haapio 2017].


References ^

Berger-Walliser, Gerlinde/Barton, Thomas D./Haapio, Helena, From Visualization to Legal Design: a Collaborative and Creative Process. American Business Law Journal, Vol. 54, No. 2, Summer 2017, pp. 347–392.

Biasiotti, Maria Angela, Semantic Resources for Managing Legislative Information. In: Sartor, Giovanni, Palmirani, Monica, Francesconi, Enrico & Biasiotti, Maria Angela (Eds.), Legislative XML for the Semantic Web: Principles, Models, Standards for Document Management, Springer, Berlin, Heidelberg, 2011.

Brunschwig, Colette, Visualisierung von Rechtsnormen: Legal Design. Schulthess. Zürich, Schweiz. 2001.

Esayas, Samson/Mahler, Tobias/McGillivray, Kevin, Is a Picture Worth a Thousand Terms? Visualising Contract Terms and Data Protection Requirements for Cloud Computing Users. International Conference on Web Engineering, Springer, Berlin, Heidelberg 2016, pp. 39–56.

Etsi, Human Factors (HF); Framework for the Development, Evaluation and Selection of Graphical Symbols, 1998. http://www.etsi.org/ (accessed on 27 December 2017).

European Commission/Directorate-General for Justice and Consumers/Directorate-General for Communication, Special Eurobarometer 431: Data Protection, TNS Opinion and Social, S2075_83_1_431_ENG, 2015. https://data.europa.eu/euodp/en/data/dataset/S2075_83_1_431_ENG (accessed on 23 December 2017).

European Parliament/Council of European Union, Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation). O.J. L 119, 4.5.2016, p. 1–88.

Hagan, Margaret, Law by Design, 2017. http://lawbydesign.co (accessed on 2 January 2018).

Hansen, Marit, Putting Privacy Pictograms into Practice – a European Perspective. GI Jahrestagung Vol.154, 2009, pp. 703–716.

Holtz, Leif-Erik/Nocun, Katharina/Hansen, Marit, Towards Displaying Privacy Information with Icons. In: Camenisch, Ian, Crispo, Bruno, Fischner-Hubner, Simone, Leenes, Ronald & Russello, Giovanni (Eds.), IFIP PrimeLife International Summer School on Privacy and Identity Management for Life. Springer, Berlin, Heidelberg 2010, p. 338–348.

Legal Design Lab, Design Workshop for EU General Data Protection Regulation, July 2017, http://www.legaltechdesign.com/design-workshop-for-eu-general-data-protection-regulation/.

Palmirani, Monica/Martoni, Michele/Rossi, Arianna/Bartolini, Cesare/Robaldo, Livio, PRONTO: Privacy Ontology for Legal Reasoning. Proceedings of the 21st International Legal Informatics Symposium IRIS 2018. Österreichische Computer Gesellschaft OCG / books@ocg.at, forthcoming.

Passera, Stefania, Beyond the Wall of Contract Text. Visualizing Contracts to foster Understanding and Collaboration Within and Across Organizations. Doctoral Dissertation, Aalto University, Helsinki, 2017.

Pettersson, John Soren, A Brief Evaluation of Icons in the First Reading of the European Parliament on COM (2012) 0011. In: Camenisch, Ian, Crispo, Bruno, Fischner-Hubner, Simone, Leenes, Ronald & Russello, Giovanni (Eds.), IFIP PrimeLife International Summer School on Privacy and Identity Management. Springer, Berlin, Heidelberg 2014, pp. 125–135.

Popova, Maria, Mozilla’s Privacy Icons: a Visual Language for Privacy Data Rights, 2011. http://bigthink.com/design-for-good/mozillas-privacy-icons-a-visual-language-for-data-rights.

Rossi, Arianna/Palmirani, Monica, A Visualization Approach for Adaptive Consent in the European Data Protection Framework. In: Parycek, Peter & Edelmann, Noella (Eds), Proceedings of the 7th International Conference for E-Democracy and Open Government (CeDEM), Krems, Austria 2017, p. 159–170.

Rossi, Arianna/Palmirani, Monica, From Words to Images through Legal Visualizations. AI Approaches to the Complexity of Legal Systems, Springer, Berlin, Heidelberg, forthcoming.

  1. 1 See e.g. Hansen 2009, Holtz 2010. For a review, see Rossi/Palmirani 2017.
  2. 2 European Parliament/Council of European Union 2016. Hereafter: GDPR.
  3. 3 The literature generally refers to icons depicting concepts related to data practices as «privacy icons». However, they mostly represent concepts of data protection so the term is inexact. In the present article, the expression «privacy icons» will be used interchangeably with the expression «data protection icons» and analogous terms.
  4. 4 Similarly, for a methodology to generate legal visualizations of norms, see Brunschwig 2001.
  5. 5 See also Rossi/Palmirani forthcoming.
  6. 6 https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=legaldocml (all websites accessed in January 2018).
  7. 7 See http://www.gdprbydesign.cirsfid.unibo.it.
  8. 8 See the seminal work of [Passera 2017].
  9. 9 See e.g. Etsi 1998.