Refine
Document Type
- Bachelor Thesis (1)
- Conference Proceeding (1)
- Working Paper (1)
Has Fulltext
- yes (3) (remove)
Keywords
- Privacy (3) (remove)
Design Patterns im Kontext von mHealth-Anwendungen unter besonderer Berücksichtigung von Privacy
(2021)
Gesundheitsapps bzw. mHealth-Apps werden immer häufiger verwendet, um die Gesundheit aufrechtzuerhalten oder das eigene Gesundheitsverhalten zu verbessern. Vor allem die Corona-Pandemie im Jahr 2020 und die damit einhergehenden Kontaktbeschränkungen führten zu einem Anstieg der Nutzerzahlen. Für diese Forschungsarbeit sind Lifestyle-Apps von besonderem Interesse, da sich diese im Gegensatz zu anderen Arten von mHealth-Apps an Konsumenten als Zielgruppe richten.
Zunächst werden Design-Methoden ermittelt, die bei der Gestaltung von mHealth-Lösungen zum Einsatz kommen. Dabei liegt der Fokus auf Persuasive Technology, die darauf abzielt, Verhaltensweisen des Nutzers zu verändern. Es wird geklärt, auf welchen theoretischen Modellen solche Systeme basieren und mit welchen Vorteilen und Risiken die Nutzung von mHealth-Anwendungen verbunden ist. Die in Persuasive Technology vorkommenden Design-Methoden werden kritisch betrachtet, indem überprüft wird, ob mithilfe von Dark Patterns Schwachstellen der menschlichen kognitiven Fähigkeiten und Verhaltensweisen ausgenutzt werden können und ob es dadurch zur Verletzung der Privatsphäre oder zu einer Gefährdung des seelischen Wohlbefinden des Nutzers kommen kann.
Im empirischen Teil wird eine Umfrage durchgeführt, in der Probanden zu der Nutzung von bestimmten mHealth-Apps und dem Abbruch der Nutzung befragt werden. Bei der Umfrage wird ebenfalls erhoben, ob die Nutzung einen positiven oder negativen Eindruck auf mHealth hinterlassen hat und ob sich der Umgang der persönlichen Daten nach der Nutzung verändert hat.
Educational institutions have increasing needs for professional digital communication. When selecting suitable communication tools, there is a need for appropriate information as a basis for decision-making. Messenger communication in particular is strongly integrated into people's private everyday lives. While needs for extensive data-secure communication in educational contexts are increasing, there is a lack of concepts for data-protected and privacy-preserving support of educational processes through software (Karaboga et al 2014; Digitalcourage e.V. n.d.) , as well as for mandatory training for professionals (Zorn, Tillmann, and Kaminski 2014; Imort and Niesyto 2014), and reliable information for viable software alternatives. This paper outlines the specific requirements of educational institutions when selecting suitable software, using messenger communication as an example. From these requirements, criteria for needed information are presented as a basis for software selection decisions in three categories: data protection/privacy, accessibility/low-barrier, practicability. Since no criteria and good practice suggestions were available so far, a study was conducted to elicit the characteristics of potentially suitable messenger software. To this end, the necessary criteria for the three categories mentioned were first defined and then German and well-known international messengers were tested for data protection criteria. Based on the results for conformity with the EU's General Data Protection Regulation (GDPR) as an inclusion criterion, the messengers in question were subjected to a practical test. In the process, additional practicality criteria were developed, in part iteratively.
In addition to institution-internal messengers, six services were identified among the freely available provider-dependent messengers that can be used in a GDPR-compliant manner, at least for users over the age of 16. At the time of publication, this leaves only five: Threema, Wire, SID, Ginlo, Chiffry. Furthermore, provider-independent messenger systems that adhere to the international standard protocol for the exchange of chat messages (XMPP) appear to be a viable option for educational institutions. In-house or commissioned server hosting would then be possible and a corresponding agreement for commissioned data processing can be concluded with an IT service provider.
The decisions to use "Wire" and "Threema Work" in the IDiT project context are explained and justified. The context was vocational training for prospective office management clerks at vocational schools and vocational training centers. Although the underlying considerations are tailored to the project context (application in the Berufsförderungswerk Köln), they can be generalized.
Web browsers use HTTP caches to reduce the amount of data to be transferred over the network and allow Web pages to load faster. Content such as scripts, images, and style sheets, which are static most of the time or shared across multiple websites, are stored and loaded locally when recurring requests ask for cached resources. This behaviour can be exploited if the cache is based on a naive implementation. This paper summarises possible attacks on the browser cache and shows through extensive experiments that even modern web browsers still do not provide enough safeguards to protect their users. Moreover, the available built-in as well as addable cache controls offer rather limited functionality in terms of protection and ease of use. Due to the volatile and inhomogeneous APIs for controlling the cache in modern browsers, the development of enhanced user-centric cache controls remains -until further notice- in the hands of browser manufacturers.