abstract

My Bank Already Gets this Data: Exposure Minimisation and Company Relationships in Privacy Decision-Making

Authors:

Nigel Shadbolt,

Ilaria Liccardi,

Daniel WeitznerAuthors Info & Claims

CHI EA '17: Proceedings of the 2017 CHI Conference Extended Abstracts on Human Factors in Computing Systems

Pages 2403 - 2409

https://doi.org/10.1145/3027063.3053255

Published: 06 May 2017 Publication History

Abstract

This paper explores how individuals' privacy-related decision-making processes may be influenced by their pre-existing relationships to companies in a wider social and economic context. Through an online role-playing exercise, we explore attitudes to a range of services including home automation, Internet-of-Things and financial services. We find that individuals do not only consider the privacy-related attributes of applications, devices or services in the abstract. Rather, their decisions are heavily influenced by their pre-existing perceptions of, and relationships with, the companies behind such apps, devices and services. In particular, perceptions about a company's size, level of regulatory scrutiny, relationships with third parties, and pre-existing data exposure lead some users to choose an option which might otherwise appear worse from a privacy perspective. This finding suggests a need for tools that support users to incorporate these existing perceptions and relationships into their privacy-related decision making.

References

[1]

Alessandro Acquisti and Jens Grossklags. 2005. Privacy and rationality in individual decision making. IEEE Security & Privacy 2, 2005 (2005), 24--30.

Digital Library

[2]

Julio Angulo, Simone Fischer-Hübner, Tobias Pulls, and Erik Wästlund. 2015. Usable transparency with the data track: a tool for visualizing data disclosures. In Proceedings of the Conference Extended Abstracts on Human Factors in Computing Systems. ACM, 1803-- 1808.

Digital Library

[3]

Zinaida Benenson, Freya Gassmann, and Lena Reinfelder. 2013. Android and iOS users' differences concerning security and privacy. In Proceedings of the Conference Extended Abstracts on Human Factors in Computing Systems. ACM, 817--822.

Digital Library

[4]

Federal Trade Commission and others. 2013. FTC Staff Report Recommends Ways to Improve Mobile Privacy Disclosures. (2013).

[5]

Lorrie Faith Cranor. 2006. What do they indicate?: evaluating security and privacy indicators. Interactions 13, 3 (2006), 45--47.

Digital Library

[6]

Serge Egelman, Janice Tsai, Lorrie Faith Cranor, and Alessandro Acquisti. 2009. Timing is everything?: the effects of timing and placement of online privacy indicators. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems. ACM, 319-- 328.

Digital Library

[7]

Adrienne Porter Felt, Elizabeth Ha, Serge Egelman, Ariel Haney, Erika Chin, and David Wagner. 2012. Android permissions: User attention, comprehension, and behavior. In Proceedings of Symposium on Usable Privacy and Security. ACM, 3.

Digital Library

[8]

Hamza Harkous, Rameez Rahman, and Karl Aberer. 2016. Data-Driven Privacy Indicators. In Symposium on Usable Privacy and Security. USENIX Association.

[9]

Carlos Jensen and Colin Potts. 2004. Privacy Policies As Decision-making Tools: An Evaluation of Online Privacy Notices. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems (CHI '04). 471--478.

Digital Library

[10]

Ruogu Kang, Laura Dabbish, Nathaniel Fruchter, and Sara Kiesler. 2015. "My Data Just Goes Everywhere:" User Mental Models of the Internet and Implications for Privacy and Security. In Proceedings of Symposium On Usable Privacy and Security. 39--52.

[11]

Patrick Gage Kelley, Joanna Bresee, Lorrie Faith Cranor, and Robert W Reeder. 2009. A nutrition label for privacy. In Proceedings of Symposium on Usable Privacy and Security. ACM, 4.

Digital Library

[12]

Patrick Gage Kelley, Sunny Consolvo, Lorrie Faith Cranor, Jaeyeon Jung, Norman Sadeh, and David Wetherall. 2012. A conundrum of permissions: installing applications on an android smartphone. In International Conference on Financial Cryptography and Data Security. Springer, 68--79.

Digital Library

[13]

Patrick Gage Kelley, Lorrie Faith Cranor, and Norman Sadeh. 2013. Privacy as part of the app decisionmaking process. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems. ACM, 3393--3402.

Digital Library

[14]

Ilaria Liccardi, Joseph Pato, and Daniel J. Weitzner. 2014a. Improving Mobile App Selection through Transparency and Better Permission Analysis. Journal of Privacy and Confidentiality: Vol. 5: Iss. 2, Article 1. (2014), 1--55.

[15]

Ilaria Liccardi, Joseph Pato, Daniel J. Weitzner, Hal Abelson, and David De Roure. 2014b. No Technical Understanding Required: Helping Users Make Informed Choices About Access to Their Personal Data. In Proceedings of International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services. 140--150.

Digital Library

[16]

Kenneth Olmstead and Michelle Atkinson. 2015. App Permissions in the Google Play Store: Chapter 1: The Majority of Smartphone Owners Download Apps. Pew's Report: Numbers, fact and Trends Shaping the world (November 19th 2015), 1--19.

[17]

Yong Jin Park and S Mo Jang. 2014. Understanding privacy knowledge and skill in mobile communication. Computers in Human Behavior 38 (2014), 296--303.

Digital Library

[18]

Max Van Kleek, Ilaria Liccardi, Reuben Binns, Jun Zhao, Daniel J. Weitzner, and Nigel Shadbolt. 2017. Better the devil you know: Exposing the data sharing practices of smartphone apps. In forthcoming in CHI2017.

Cited By

Pattnaik NLi SNurse J(2023)A Survey of User Perspectives on Security and Privacy in a Home Networking EnvironmentACM Computing Surveys10.1145/355809555:9(1-38)Online publication date: 16-Jan-2023
https://dl.acm.org/doi/10.1145/3558095
Robinson EZhu Y(2020)Beyond “I Agree”: Users’ Understanding of Web Site Terms of ServiceSocial Media + Society10.1177/20563051198973216:1(205630511989732)Online publication date: 9-Mar-2020
https://doi.org/10.1177/2056305119897321
Dowthwaite LCreswick HPortillo VZhao JPatel MVallejos EKoene AJirotka MRubegni EVasalou AParés NSawhney N(2020)"It's your private information. it's your life."Proceedings of the Interaction Design and Children Conference10.1145/3392063.3394410(121-134)Online publication date: 21-Jun-2020
https://dl.acm.org/doi/10.1145/3392063.3394410
Show More Cited By

Index Terms

My Bank Already Gets this Data: Exposure Minimisation and Company Relationships in Privacy Decision-Making
1. Human-centered computing
2. Social and professional topics
  1. Computing / technology policy

Recommendations

Better the Devil You Know: Exposing the Data Sharing Practices of Smartphone Apps
CHI '17: Proceedings of the 2017 CHI Conference on Human Factors in Computing Systems

Most users of smartphone apps remain unaware of what data about them is being collected, by whom, and how these data are being used. In this mixed methods investigation, we examine the question of whether revealing key data collection practices of ...
Privacy-Aware Infrastructure for Managing Personal Data
SIGCOMM '16: Proceedings of the 2016 ACM SIGCOMM Conference

In recent times, we have seen a proliferation of personal data. This can be attributed not just to a larger proportion of our lives moving online, but also through the rise of ubiquitous sensing through mobile and IoT devices. Alongside this surge, ...
Appraising Personal Data Protection in Startup Companies in Financial Technology: A Case Study of ABC Corp
APIT '20: Proceedings of the 2020 2nd Asia Pacific Information Technology Conference

Financial Technology (fintech) has been immerged extensively in the last decade. In the realm of disruptive world, there are many areas in which startup companies are developing their business. There is always contradiction when dealing with innovation ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

CHI EA '17: Proceedings of the 2017 CHI Conference Extended Abstracts on Human Factors in Computing Systems

May 2017

3954 pages

ISBN:9781450346566

DOI:10.1145/3027063

General Chairs:
Gloria Mark
University of California Irvine
,
Susan Fussell
Cornell University
,
Program Chairs:
Cliff Lampe
University of Michigan
,
m.c. schraefel
University of Southampton
,
Juan Pablo Hourcade
University of Iowa
,
Caroline Appert
Université Paris-Sud
,
Daniel Wigdor
University of Toronto

Copyright © 2017 Owner/Author.

Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.

Sponsors

SIGCHI: ACM Special Interest Group on Computer-Human Interaction

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 06 May 2017

Check for updates

Author Tags

Qualifiers

Abstract

Funding Sources

Engineering and Physical Sciences Research Council

Conference

CHI '17

Sponsor:

SIGCHI

CHI '17: CHI Conference on Human Factors in Computing Systems

May 6 - 11, 2017

Colorado, Denver, USA

Acceptance Rates

CHI EA '17 Paper Acceptance Rate 1,000 of 5,000 submissions, 20%;

Overall Acceptance Rate 6,164 of 23,696 submissions, 26%

Upcoming Conference

CHI '25

Sponsor:
sigchi

CHI Conference on Human Factors in Computing Systems

April 26 - May 1, 2025

Yokohama , Japan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

5
Total Citations
View Citations
227
Total Downloads

Downloads (Last 12 months)9
Downloads (Last 6 weeks)1

Reflects downloads up to 10 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Pattnaik NLi SNurse J(2023)A Survey of User Perspectives on Security and Privacy in a Home Networking EnvironmentACM Computing Surveys10.1145/355809555:9(1-38)Online publication date: 16-Jan-2023
https://dl.acm.org/doi/10.1145/3558095
Robinson EZhu Y(2020)Beyond “I Agree”: Users’ Understanding of Web Site Terms of ServiceSocial Media + Society10.1177/20563051198973216:1(205630511989732)Online publication date: 9-Mar-2020
https://doi.org/10.1177/2056305119897321
Dowthwaite LCreswick HPortillo VZhao JPatel MVallejos EKoene AJirotka MRubegni EVasalou AParés NSawhney N(2020)"It's your private information. it's your life."Proceedings of the Interaction Design and Children Conference10.1145/3392063.3394410(121-134)Online publication date: 21-Jun-2020
https://dl.acm.org/doi/10.1145/3392063.3394410
Vinbæk EPettersen FCarlsen JFremstad KEdvinsen NSandnes F(2019)On Online Banking Authentication for All: A Comparison of BankID Login Efficiency Using Smartphones Versus Code GeneratorsUniversal Access in Human-Computer Interaction. Theory, Methods and Tools10.1007/978-3-030-23560-4_27(365-374)Online publication date: 26-Jul-2019
https://dl.acm.org/doi/10.1007/978-3-030-23560-4_27
Shadbolt NO’Hara KDe Roure DHall WShadbolt NO’Hara KDe Roure DHall W(2019)Privacy, Trust and Ethical IssuesThe Theory and Practice of Social Machines10.1007/978-3-030-10889-2_4(149-200)Online publication date: 15-Feb-2019
https://doi.org/10.1007/978-3-030-10889-2_4
Chow R(2017)The Last Mile for IoT PrivacyIEEE Security and Privacy10.1109/MSP.2017.425111815:6(73-76)Online publication date: 28-Nov-2017
https://dl.acm.org/doi/10.1109/MSP.2017.4251118

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents