Merge branch 'main' of https://github.com/privacy-tech-lab/gpc-privac…

…y-choice into main
privacy-tech-lab · Aug 22, 2023 · 0437c53 · 0437c53
2 parents fc6d720 + 7aa7e7e
commit 0437c53
Showing 1 changed file with 25 additions and 24 deletions.
diff --git a/README.md b/README.md
@@ -44,77 +44,77 @@ GPC Privacy Choice is developed and maintained by **Eliza Kuller (@ekuller)**, *
 
 ## 2. Privacy Choice Schemes
 
-The GPC Privacy Choice extension includes 7 schemes for enabling GPC signals on websites. Which scheme a user is assigned upon installation of the extension is randomized, though, it is also possible to set the extension to a particular scheme (see `background.js`).
+The GPC Privacy Choice extension includes nine schemes for enabling GPC signals on websites. Which scheme a user is assigned upon installation of the extension is intentionally set within the extension (see `background.js`).
 
 Here are the main features of each scheme:
 
-### Scheme 0: GPC Privacy Choice Banner with Snooze Option
+### SB-Base: GPC Privacy Choice Banner
 
-Users are presented a **GPC Privacy Choice Banner** on each new site they visit. There is a **Snooze** button that, upon being selected, will prevent the banner from popping up on new sites for a few hours. Users can select to which domains they want to send GPC signals via a domain list on the Options Page.
+SB-Base is the base scheme. Users are presented a **GPC Privacy Choice Banner** on each new site they visit. Users can select to which domains they want to send GPC signals via a domain list on the Options Page.
 
 <p align="center">
-  <img width="250" alt="Scheme 0 screenshot." src="https://user-images.githubusercontent.com/54873610/148790325-ef5ae195-e024-4177-9119-9f21865108df.png">
+  <img width="250" alt="Screen Shot 2022-12-19 at 11 57 06 AM" src="https://user-images.githubusercontent.com/54873610/208479232-0b2752b2-0bf2-4b3e-8ff1-319b4dd9ab65.png">
 </p>
 
-### Scheme 0b: GPC Privacy Choice Banner
+### S0-Snooze: GPC Privacy Choice Banner with Snooze Option
 
-Scheme 0b is the base scheme. Users are presented a **GPC Privacy Choice Banner** on each new site they visit. Users can select to which domains they want to send GPC signals via a domain list on the Options Page. In the code the number used to represent Scheme 0b is "9". The paper refers to Scheme 0b as Scheme B.
+Users are presented a **GPC Privacy Choice Banner** on each new site they visit. There is a **Snooze** button that, upon being selected, will prevent the banner from popping up on new sites for a few hours. Users can select to which domains they want to send GPC signals via a domain list on the Options Page.
 
 <p align="center">
-  <img width="250" alt="Screen Shot 2022-12-19 at 11 57 06 AM" src="https://user-images.githubusercontent.com/54873610/208479232-0b2752b2-0bf2-4b3e-8ff1-319b4dd9ab65.png">
+  <img width="250" alt="Scheme 0 screenshot." src="https://user-images.githubusercontent.com/54873610/148790325-ef5ae195-e024-4177-9119-9f21865108df.png">
 </p>
 
-### Scheme 1: GPC Privacy Choice Banner with Apply-all Option
+### S1-Apply-All: GPC Privacy Choice Banner with Apply-all Option
 
-In scheme 1 the **GPC Privacy Choice Banner** is presented on every new site, however, with an **Apply-all** option but no **Snooze** button. Users can select to which domains they want to send GPC signals via a domain list on the Options Page.
+In S1-Apply-All the **GPC Privacy Choice Banner** is presented on every new site, however, with an **Apply-all** option but no **Snooze** button. Users can select to which domains they want to send GPC signals via a domain list on the Options Page.
 
 <p align="center">
   <img width="250" alt="Scheme 1 screenshot." src="https://user-images.githubusercontent.com/54873610/148790364-f41b418d-a6ec-41f4-bc79-78647f2e4096.png">
 </p>
 
-### Scheme 2: GPC Privacy Choice Banner with Snooze and Apply-all Option
+### S2-Snooze+Apply-All: GPC Privacy Choice Banner with Snooze and Apply-all Option
 
-Scheme 2 is a combination of schemes 0 and 1. The **GPC Privacy Choice Banner** contains both the **Apply-all** option as well as the **Snooze** button. Users can select to which domains they want to send GPC signals via a domain list on the Options Page.
+S2-Snooze+Apply-All is a combination of schemes 0 and 1. The **GPC Privacy Choice Banner** contains both the **Apply-all** option as well as the **Snooze** button. Users can select to which domains they want to send GPC signals via a domain list on the Options Page.
 
 <p align="center">
   <img width="250" alt="Scheme 2 screenshot." src="https://user-images.githubusercontent.com/54873610/148790378-31a501e2-3e63-4096-b74a-695b02405468.png">
 </p>
 
-### Scheme 3: Privacy Profiles
+### S3-Profile: Privacy Profiles
 
-Scheme 3 makes use of **Privacy Profiles**. Upon running the extension for the first time, users are prompted to choose a privacy profile. Their choice will then determine which sites will receive GPC signals. We use the [disconnect-tracking-protection list](https://github.com/disconnectme/disconnect-tracking-protection) to identify sites that should receive signals under a certain Privacy Profile. Users can select to which domains they want to send GPC signals via a domain list on the Options Page. The GPC values for domains on the domain list depend on in which category, if any, the domain is included in the disconnect-tracking-protection list as well as the choices a user makes on the domain list.
+S3-Profile makes use of **Privacy Profiles**. Upon running the extension for the first time, users are prompted to choose a privacy profile. Their choice will then determine which sites will receive GPC signals. We use the [disconnect-tracking-protection list](https://github.com/disconnectme/disconnect-tracking-protection) to identify sites that should receive signals under a certain Privacy Profile. Users can select to which domains they want to send GPC signals via a domain list on the Options Page. The GPC values for domains on the domain list depend on in which category, if any, the domain is included in the disconnect-tracking-protection list as well as the choices a user makes on the domain list.
 
 <p align="center">
   <img width="800" alt="Scheme 3 screenshot." src="https://user-images.githubusercontent.com/54873610/148790400-24901af2-596c-439d-bcac-34318a3a685f.png">
 </p>
 
-### Scheme 4: Website Categories
+### S4-Website: Website Categories
 
-Scheme 4 makes use of **Website Categories**. Upon running the extension for the first time, users are prompted to select the categories that they would like to opt out from. We use the disconnect-tracking-protection list to identify sites that should receive signals under a certain Website Category. Users can select to which domains they want to send GPC signals via a domain list on the Options Page. The GPC values for domains on the domain list depend on in which category, if any, the domain is included in the disconnect-tracking-protection list as well as the choices a user makes on the domain list.
+S4-Website makes use of **Website Categories**. Upon running the extension for the first time, users are prompted to select the categories that they would like to opt out from. We use the disconnect-tracking-protection list to identify sites that should receive signals under a certain Website Category. Users can select to which domains they want to send GPC signals via a domain list on the Options Page. The GPC values for domains on the domain list depend on in which category, if any, the domain is included in the disconnect-tracking-protection list as well as the choices a user makes on the domain list.
 
 <p align="center">
   <img width="800" alt="Scheme 4 screenshot." src="https://user-images.githubusercontent.com/54873610/162093136-451a4898-a8f2-4c3e-8d37-a444a71b96f3.png">
 </p>
 
-### Scheme 5: Learning Privacy Profiles
+### S5-Learn: Learning Privacy Profiles
 
-Scheme 5 is a combination of schemes 1 and 3 and makes use of a simple technique to **Learn Privacy Profiles**. The user is presented with **GPC Privacy Choice Banners** on the first 10 websites they visit. Their choices are recorded and then used to select a **Privacy Profile** that suits the user best. No **GPC Privacy Choice Banners** are shown beyond the initial 10. Users that choose to enable GPC signals on 8 or more of the first 10 websites will be assigned a **High-Sensitivity Privacy Profile**. 4-7 enables (inclusive) will yield a **Medium-Sensitivity Privacy Profile** and 3 or fewer will give users a **Low-Sensitivity Privacy Profile**. Users can select to which domains they want to send GPC signals via a domain list on the Options Page. After the learning period is over a user may change their privacy profile on the Options Page.
+S5-Learn is a combination of schemes 1 and 3 and makes use of a simple technique to **Learn Privacy Profiles**. The user is presented with **GPC Privacy Choice Banners** on the first 10 websites they visit. Their choices are recorded and then used to select a **Privacy Profile** that suits the user best. No **GPC Privacy Choice Banners** are shown beyond the initial 10. Users that choose to enable GPC signals on 8 or more of the first 10 websites will be assigned a **High-Sensitivity Privacy Profile**. 4-7 enables (inclusive) will yield a **Medium-Sensitivity Privacy Profile** and 3 or fewer will give users a **Low-Sensitivity Privacy Profile**. Users can select to which domains they want to send GPC signals via a domain list on the Options Page. After the learning period is over a user may change their privacy profile on the Options Page.
 
 <p align="center">
   <img width="400" alt="Scheme 5 screenshot." src="https://user-images.githubusercontent.com/54873610/148790447-63aa0939-309c-413d-af31-4599326a53a5.png">
 </p>
 
-### Scheme 6: Enabling/Disabling GPC for All Sites
+### S6-Universal: Enabling/Disabling GPC for All Sites
 
-Scheme 6 is the simplest of all schemes. Upon running the extension for the first time, users are prompted as to whether they would like to send GPC signals to all websites they visit or not. They may change this preference on the Options Page. Users can select to which domains they want to send GPC signals via a domain list on the Options Page.
+S6-Universal is the simplest of all schemes. Upon running the extension for the first time, users are prompted as to whether they would like to send GPC signals to all websites they visit or not. They may change this preference on the Options Page. Users can select to which domains they want to send GPC signals via a domain list on the Options Page.
 
 <p align="center">
   <img width="800" alt="Scheme 6 screenshot." src="https://user-images.githubusercontent.com/54873610/148790468-28c41e3e-b9db-408e-a927-65a0c4955131.png">
 </p>
 
-### Scheme 7: Data Categories
+### S7-Data: Data Categories
 
-Scheme 7 makes use of **Data Categories**. Upon running the extension for the first time, users are prompted to select the types of data that they would **not** like to be shared with or sold to advertisers. Users should not rely on being opted out with scheme 7, as our extension is not a full implementation of the described functionality. Users can adjust their categories on the Options Page. In scheme 7 users are **not** able to select individual domains to which they want to send GPC signals.
+S7-Data makes use of **Data Categories**. Upon running the extension for the first time, users are prompted to select the types of data that they would **not** like to be shared with or sold to advertisers. Users should not rely on being opted out with S7-Data, as our extension is not a full implementation of the described functionality. Users can adjust their categories on the Options Page. In S7-Data users are **not** able to select individual domains to which they want to send GPC signals.
 
 <p align="center">
   <img width="800" alt="Screen Shot 2022-07-06 at 11 32 54 AM" src="https://user-images.githubusercontent.com/54873610/177589363-70910692-d1ac-49dc-b76f-f4b2abdb2450.png">
@@ -195,12 +195,13 @@ The Mute Interaction History covers schemes where the **Snooze** button is prese
 </p>
 
 ## 4. Developer's Guide to Implement GPC Privacy Choice
+**NOTE: In order to create a Firebase project, you need 'Cloud Resource Manager project creation' to be enabled. This may be disabled if you are using an institutional account.**
 
 Follow the instructions to implement the GPC Privacy Choice browser extension for your own projects.
 
 1. Clone this repo: `git clone https://github.com/privacy-tech-lab/gpc-privacy-choice.git`.
-2. Create a Firebase Cloud Firestore project. [Here](https://firebase.google.com/docs/firestore/quickstart) are detailed instructions on how to set up a Firebase server for data collection.
-3. In the `src` folder, create a `config.js` file and add in the following code. Be sure to update the fields based on the project you have set up. You can pick any password you like. Upon installing the extension users will be asked for the password. If users do not enter a password or enter a wrong password, no data will be collected on Firebase. If you are running a study with multiple schemes one after another, it is recommended to change the password between schemes. Otherwise, data from study participants running a previous scheme may continue to be collected inadvertently.
+2. Create a Firebase Cloud Firestore project. [Here](https://firebase.google.com/docs/firestore/quickstart) are detailed instructions on how to set up a Firebase server for data collection. We have already added the required dependencies, client libraries, and initialized an instance of Cloud Firestore. Before proceeding, make sure that you have created a Firebase account, a Cloud Firestore database and a web app within the database, and selected **Test Mode** as the starting mode for your Cloud Firestore Security Rules.
+3. In the `src` folder, create a `config.js` file and add in the following code. Be sure to update the fields based on the Firebase Cloud Firestore project you have set up. The information should be in **Project Settings**, under the **General** tab. Make sure you have your web app selected, then switch the **SDK setup and configuration** from `npm` to `config` to see all the necessary information. You can pick any password you like. Upon installing the extension users will be asked for the password. If users do not enter a password or enter a wrong password, no data will be collected on Firebase. If you are running a study with multiple schemes one after another, it is recommended to change the password between schemes. Otherwise, data from study participants running a previous scheme may continue to be collected inadvertently.
 
    ```javascript
    export const PASSWORD = "*******";
@@ -217,7 +218,7 @@ Follow the instructions to implement the GPC Privacy Choice browser extension fo
 
 4. To test the extension from a local repo, open the browser (Chrome, Brave, etc) and find the manage extension options from settings. In Google Chrome, this can be done by clicking on the puzzle icon on the top right corner and then clicking `Manage Extensions`.
 5. Turn on developer mode, and then click the `Load unpacked` button. Select the folder `gpc-privacy-choice/src` from your files.
-6. The extension should now be loaded and you should see the registration page popping up on the browser. In order to access the extension and start writing to your database, supply a string formatted as a valid Prolific ID. You also need to supply the password mentioned above. The registration process should start.
+6. The extension should now be loaded and you should see the registration page popping up on the browser. In order to access the extension and start writing to your database, supply a string formatted as a valid Prolific ID (you may use 5f473753tbf20b123d695213 for testing purposes). You also need to supply the password you created above. The registration process should start.
 7. The best way to deploy GPC Privacy Choice, for example, to participants in a research study, is via the [Chrome Web Store](https://chrome.google.com/webstore/category/extensions).
 
 ## 5. GPC Privacy Choice Architectural Overview