A design experiment to explore trust in data privacy

A working prototype of a Facebook messenger bot to understand how agent characteristics such as personality, etiquette, and multimedia use affect users' trust in data privacy.

A mixed reality system that supports conversation and memory recall, to help aging adults connect with others and preserve memories in the moment.

Part of my thesis research: Designing for Trust

Code: Github
Thesis Advisors
: Dan Lockton, Daragh Byrne 

Duration: 4 weeks


While researching trust on conversational interfaces, one of the personal goals that I also want to learn how to develop working digital prototypes to test with users along with human-centered design research. To do this, I prototyped zero UIs and web services with Ruby, Sinatra, Node.js, and Dialogflow.

A food recommendation bot

Botae is a Messenger bot informs its users' on their trust level with other bots by walking them through a food recommendation scenario. It finds the best places for food/coffee through using users' location and promises user to find the most popular places among their Facebook friends by accessing their Facebook data.

What can it do for users?

Botae works similar to As users go through the flow of getting recommendations for nearby places by providing their location, Botae aims to establish an initial trust with users by working as they expected.

Then Botae aims to get users' consent of accessing their FB data by asking them to click a pseudo-authorization button. After users 'authorize', it shows its true intention: informing users on how easily they give access to their data.


What can it do for the researcher?

Botae is mainly a bot conversation research tool. As its replies are all tied to numerous conversation flows that have slightly different content, it enables to test different dimensions of content such as personality, etiquette, use of other media such as GIFs, emojis, photos etc. for gaining user trust in relation to persuasive design. 

As Botae also keeps a log of user actions, it also becomes a point of data collection. It provides insights into how many participants used the system and what is the level of trust that they had with the system. In the current scenario, the level of trust is measured as:

Not Trusted: Users do not give access any of their data.
Low Trust: Users only give access to their location data.
Medium Trust: Users only give access to their FB data.
High Trust:
 Users approve access to both of their data.


Changing Personalities, Faces as Words

By default, Botae is smart, somehow poker-face, caring. Its most important characteristic is being poker-faced, a little mysterious until it builds up trust with its user. It is task-driven, but also have a sense of humor, especially when it things go as not planned.

As it can't understand many commands that people may expect from a generalist bot such as Alexa or Siri, it is forgiving in a way that it will inform the user what it can do. No matter how people interact with it, it is polite.


How does it work?

Botae uses Facebook Messenger as a platform. It is powered by several Ruby gems and a PostgreSQL database that are hosted on Heroku. Its technology stack as follows: 

  • Sinatra gem as the main web app structure.
  • Facebook Messenger API, Graph API through Facebook-Messenger gem and Rubotnik Boilerplate. 
  • Facebook Wit.AI NLP for understanding human natural language, and turning user intentions into actionable entities.
  • GMaps API for location inquiries via httparty and json gems.
  • Puma for a basic web server.
  • PostgreSQL database through PG and ActiveRecord gems.
  • Heroku as hosting the app, and other back-end actions. 

Conversation flow

Conversation flow

In its first version, Botae consists of two flows: the main flow and a persuasion flow. If the user needs more explanation before entering the main flow to try its "functions", it provides a separate 'persuasion' flow, that gives information on different levels. In the next iteration, I will combine two flows into one, which users can get answers about how the system works.


Data Structure

I also experimented with a PostgreSQL database to reading all of the bot responses and storing user data and replies.


Initial User/Participant Reactions

While I was developing Botae, I was able to test with my close friends and save their initial reactions to specific patterns, such as bouncing back their profile information, or not replying them in a way that they expect. For example, when I bounced back their public profile data, many of my friends shocked and questioned the intention of the bot.



While developing Botae, I learned:

  • Privacy paradox is real, but people are also hesitant with starting a conversation with a "stranger" agent even if agent promises them a value in exchange their data.
  • The main reason that my pilot study participants gave their permissions was that they trusted me, social influence is crucial if people have to try an interact with a new agent.
  • "Tell me more" flow shouldn't be a separate flow, a bot should ideally provide an in-context explanation if users ask.
  • Although FB Messenger enables users to overcome the onboarding, users tend to end the conversation quickly. This inspired me to make the conversation intentionally long for my research.

© 2019 Meriç Dağlı