Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Learn about a user-centric threat modeling framework designed to address privacy notice and choice challenges in this conference presentation from PEPR '25. Explore how recent privacy regulations impose stringent requirements on data collection and use, including specific obligations for disclosure and comprehensive user controls, with an increasing emphasis on user-centric criteria. Discover how the failure to provide usable notices and choices has become a significant privacy threat, impacting regulatory compliance, consumer trust, and privacy-by-design practices. Examine the UsersFirst Privacy Threat Modeling framework, which supplements existing privacy threat modeling approaches to help organizations analyze and mitigate risks associated with absent or ineffective privacy notices and choices. Understand how this framework moves beyond treating privacy notices and choices as mere checkboxes, instead focusing on user-centric interpretations that reflect emerging trends in privacy regulations where perfunctory approaches are no longer sufficient. Gain insights into requirements for notices and choices to be noticeable, usable, unambiguous, and free from deceptive patterns, while reviewing detailed evaluation results of the UsersFirst user-centric threat taxonomy conducted with privacy professionals and trained practitioners.
