Comprehension from Chaos: Towards Informed Consent for Private Computation

TL;DR

This study explores end users' understanding and acceptance of private computation techniques, revealing that concrete scenarios improve comprehension and trust, emphasizing the importance of purpose and transparency in data sharing.

Contribution

It provides empirical insights into user perceptions of private computation, highlighting the need for clear communication about its purpose and privacy guarantees.

Findings

Participants struggled with abstract cryptographic concepts.

Concrete scenarios improved understanding and trust.

Purpose of data sharing influences acceptance.

Abstract

Private computation, which includes techniques like multi-party computation and private query execution, holds great promise for enabling organizations to analyze data they and their partners hold while maintaining data subjects' privacy. Despite recent interest in communicating about differential privacy, end users' perspectives on private computation have not previously been studied. To fill this gap, we conducted 22 semi-structured interviews investigating users' understanding of, and expectations for, private computation over data about them. Interviews centered on four concrete data-analysis scenarios (e.g., ad conversion analysis), each with a variant that did not use private computation and another that did (private set intersection, multi-party computation, and privacy preserving query procedures). While participants struggled with abstract definitions of private computation, they found the concrete scenarios enlightening and plausible even though we did not explain the complex cryptographic underpinnings. Private computation increased participants' acceptance of data sharing, but not unconditionally; the purpose of data sharing and analysis was the primary driver of their attitudes. Through collective activities, participants emphasized the importance of detailing the purpose of a computation and clarifying that inputs to private computation are not shared across organizations when describing private computation to end users.