Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

PrivacyMotiv: Speculative Persona Journeys for Empathic and Motivating Privacy Reviews in UX Design

Zeya Chen, Jianing Wen, Ruth Schmidt, Yaxing Yao, Toby Jia-Jun Li, Tianshi Li

TL;DR

This work tackles the lack of intrinsic motivation and empathy for privacy in UX design by introducing PrivacyMotiv, an LLM-powered tool that generates vulnerability-centered personas and speculative persona journeys to surface potential privacy harms in design reviews. The system combines persona generation, narrative harm scenarios, and annotated lo-fi flows to connect harms with concrete design decisions, aiming to make privacy issues more tangible and actionable. In a within-subject study with 16 professional UX practitioners, PrivacyMotiv significantly improved empathy, intrinsic motivation, and perceived usefulness, and increased the volume and concreteness of privacy review outcomes compared to self-proposed approaches. The results suggest that empathy-driven speculative narratives can bridge motivational gaps, promote broader PbD coverage, and enable integration of proactive privacy review into standard UX workflows, with future work focusing on persona customization, realism, and tool integration with design environments.

Abstract

UX professionals routinely conduct design reviews, yet privacy concerns are often overlooked -- not only due to limited tools, but more critically because of low intrinsic motivation. Limited privacy knowledge, weak empathy for unexpectedly affected users, and low confidence in identifying harms make it difficult to address risks. We present PrivacyMotiv, an LLM-powered system that supports privacy-oriented design diagnosis by generating speculative personas with UX user journeys centered on individuals vulnerable to privacy risks. Drawing on narrative strategies, the system constructs relatable and attention-drawing scenarios that show how ordinary design choices may cause unintended harms, expanding the scope of privacy reflection in UX. In a within-subjects study with professional UX practitioners (N=16), we compared participants' self-proposed methods with PrivacyMotiv across two privacy review tasks. Results show significant improvements in empathy, intrinsic motivation, and perceived usefulness. This work contributes a promising privacy review approach which addresses the motivational barriers in privacy-aware UX.

PrivacyMotiv: Speculative Persona Journeys for Empathic and Motivating Privacy Reviews in UX Design

TL;DR

This work tackles the lack of intrinsic motivation and empathy for privacy in UX design by introducing PrivacyMotiv, an LLM-powered tool that generates vulnerability-centered personas and speculative persona journeys to surface potential privacy harms in design reviews. The system combines persona generation, narrative harm scenarios, and annotated lo-fi flows to connect harms with concrete design decisions, aiming to make privacy issues more tangible and actionable. In a within-subject study with 16 professional UX practitioners, PrivacyMotiv significantly improved empathy, intrinsic motivation, and perceived usefulness, and increased the volume and concreteness of privacy review outcomes compared to self-proposed approaches. The results suggest that empathy-driven speculative narratives can bridge motivational gaps, promote broader PbD coverage, and enable integration of proactive privacy review into standard UX workflows, with future work focusing on persona customization, realism, and tool integration with design environments.

Abstract

UX professionals routinely conduct design reviews, yet privacy concerns are often overlooked -- not only due to limited tools, but more critically because of low intrinsic motivation. Limited privacy knowledge, weak empathy for unexpectedly affected users, and low confidence in identifying harms make it difficult to address risks. We present PrivacyMotiv, an LLM-powered system that supports privacy-oriented design diagnosis by generating speculative personas with UX user journeys centered on individuals vulnerable to privacy risks. Drawing on narrative strategies, the system constructs relatable and attention-drawing scenarios that show how ordinary design choices may cause unintended harms, expanding the scope of privacy reflection in UX. In a within-subjects study with professional UX practitioners (N=16), we compared participants' self-proposed methods with PrivacyMotiv across two privacy review tasks. Results show significant improvements in empathy, intrinsic motivation, and perceived usefulness. This work contributes a promising privacy review approach which addresses the motivational barriers in privacy-aware UX.

Paper Structure

This paper contains 76 sections, 16 figures, 6 tables.

Table of Contents

  1. Introduction
  2. Background and Related Work
  3. Privacy Design Support for Practitioners
  4. The Empathy Deficit in Design Practices
  5. Privacy Research on Vulnerable and Marginalized Populations
  6. LLM-powered Tools for UX Design Review
  7. PrivacyMotiv Design and Implementation
  8. PrivacyMotiv System Overview
  9. Example Usage Scenario
  10. Vulnerability-Centered Persona Generation
  11. Speculative Persona Journey Story Generation: Contextualizing Privacy Tensions and Harms
  12. User Flows as Input
  13. Harm-Informed User Journey Story and Design Diagnosis Generation
  14. UX of PrivacyMotiv: Making Design Consequences Visible and Relatable
  15. Personal Selection and Analysis Result Presentation
  16. ...and 61 more sections

Figures (16)

  • Figure 1: PrivacyMotiv System Overview. This figure illustrates the end-to-end workflow of the PrivacyMotiv system for uncovering privacy harms through vulnerability-centered personas and speculative user journeys. Step 1: Persona Selection. Users begin by selecting from a set of vulnerability-centered personas. Each persona includes demographic context, privacy tensions, and privacy responses. Step 2: Narrative Journey. The system presents a narrative-style user journey that demonstrates how privacy harms can emerge from concrete interactions with the app design. Step 3: Link Harm with Design. On the right, annotated low-fidelity user flows allow designers to trace where and how privacy harms are triggered. Each flow can be clicked to open a new modal with a zoomable, draggable interface that presents a step-by-step interaction sequence. Color-coded annotations indicate user actions (blue) and design flaws (orange), supporting in-depth inspection and analysis.
  • Figure 2: The generation pipeline of PrivacyMotiv. Prompt1 is a prompt (Appendix \ref{['appendix:Input_1']}) used to generate initial structured personas (Appendix \ref{['appendix:Input_1']}). The results are further enriched by supporting literature, resulting in Output1: expanded personas with privacy tensions, responses, and costs. Combined with user flows and the Privacy Harms Typology reference, these form Prompt2 (Appendix \ref{['appendix:Input_2']}) for generating speculative user journey narratives in Output2. These outputs collectively form the PrivacyMotiv system.
  • Figure 3: Three formats of user flows (conceptually equivalent). (A) A traditional text-based task flow drawn in Figma. (B) A JSON-formatted user flow manually converted from the text-based version to improve model interpretability. (C) A traditional low-fidelity wireframe flow, offering a more visually intuitive representation for designers.
  • Figure 4: Persona journey story page of Eva
  • Figure 5: Design Flaws Triggering Privacy Harms in Eva’s Case. This annotated user flow, presented in a low-fidelity wireframe format, illustrates how specific interface designs and default behaviors in the “Private Session” feature contributed to privacy harms for Eva.
  • ...and 11 more figures