Abstract
What makes a technology privacy-enhancing? In this study, we construct an explanation grounded in the technologies and practices that people report using to enhance their privacy. We conducted an online survey of privacy experts (i.e., privacy researchers and professionals who attend to privacy conferences and communication channels) and laypersons that catalogs the technologies they identify as privacy enhancing and the various privacy strategies they employ. The analysis of 123 survey responses compares not only self-reported tool use but also differences in how privacy experts and laypersons explain their privacy practices and tools use. Differences between the two samples show that privacy experts and laypersons have different styles of reasoning when considering PETs: Experts think of PETs as technologies whose primary function is enhancing privacy, whereas laypersons conceptualize privacy enhancement as a supplemental function incorporated into other technologies. The paper concludes with a discussion about potential explanations for these differences, as well as questions they raise about how technologies can best facilitate communication and collaboration while enhancing privacy.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
A total of 106 Qualtrics participants were solicited: 6 as a preliminary test and 100 additional participants. However, only 99 entered any data in the survey. Qualtrics data collection was limited to U.S. respondents and ended before widespread emergence of the COVID-19 pandemic in the United States.
- 2.
https://whatis.snapchat.com accessed 9/15/2022.
- 3.
https://www.signal.org/ accessed 9/15/2022.
References
Acquisti, A., Taylor, C., Wagman, L.: The economics of privacy. J. Econ. Liter. 54(2), 442–92 (2016)
Ahern, S., Eckles, D., Good, N.S., King, S., Naaman, M., Nair, R.: Over-exposed? privacy patterns and considerations in online and mobile photo sharing. In: Proceedings of the SIGCHI conference on Human factors in computing systems. pp. 357–366 (2007)
Ames, M.G., Go, J., Kaye, J., Spasojevic, M.: Understanding technology choices and values through social class. In: Proceedings of the ACM 2011 Conference on Computer Supported Cooperative Work, pp. 55–64 (2011)
Andalibi, N., Haimson, O.L., De Choudhury, M., Forte, A.: Understanding social media disclosures of sexual abuse through the lenses of support seeking and anonymity. In: Proceedings of the 2016 CHI Conference on Human Factors in Computing Systems, pp. 3906–3918 (2016)
Baumer, E.P., Forte, A.: Undoing the privacy paradox with data styles (2017)
Beyer, H., Holtzblatt, K.: Contextual design. Interactions 6(1), 32–42 (1999)
Borking, J.J.: Why adopting privacy enhancing technologies (pets) takes so much time. In: Gutwirth, S., Poullet, Y., De Hert, P., Leenes, R. (eds.) Computers, Privacy and Data Protection: an Element of Choice, pp. 309–341. Springer, Dordrecht (2011). https://doi.org/10.1007/978-94-007-0641-5_15
Bowker, G.C., Star, S.L.: Sorting things out: classification and its consequences. MIT press (2000)
Boyatzis, R.E.: Transforming qualitative information: thematic analysis and code development. Sage (1998)
Braun, V., Clarke, V.: Using thematic analysis in psychology. Qual. Res. Psychol. 3(2), 77–101 (2006)
Brennan, M., Afroz, S., Greenstadt, R.: Adversarial stylometry: circumventing authorship recognition to preserve privacy and anonymity. ACM Trans. Inf. Syst. Secur. (TISSEC) 15(3), 1–22 (2012)
Burkert, H., et al.: Privacy-enhancing technologies: typology, critique, vision. Technology and privacy: The new landscape, pp. 125–142 (1997)
Busse, K., Schäfer, J., Smith, M.: Replication: no one can hack my mind revisiting a study on expert and non-expert security practices and advice. In: Fifteenth Symposium on Usable Privacy and Security (\(\{\)SOUPS\(\}\) 2019), pp. 117–136 (2019)
Caulfield, T., Ioannidis, C., Pym, D.: On the adoption of privacy-enhancing technologies. In: Zhu, Q., Alpcan, T., Panaousis, E., Tambe, M., Casey, W. (eds.) GameSec 2016. LNCS, vol. 9996, pp. 175–194. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-47413-7_11
Caulfield, T., Ioannidis, C., Pym, D.: On the adoption of privacy-enhancing technologies. In: Zhu, Q., Alpcan, T., Panaousis, E., Tambe, M., Casey, W. (eds.) GameSec 2016. LNCS, vol. 9996, pp. 175–194. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-47413-7_11
Chua, W.Y., Chang, K.T.T., Wan, M.P.H.: Information privacy concerns among novice and expert users of solomo. In: PACIS (2014)
Clark, J., Van Oorschot, P.C., Adams, C.: Usability of anonymous web browsing: an examination of tor interfaces and deployability. In: Proceedings of the 3rd symposium on Usable privacy and security, pp. 41–51 (2007)
Evangelho, J.: Why you should ditch google search and use duckduckgo. Forbes (2018)
Fisher, R.J.: Social desirability bias and the validity of indirect questioning. J. Consumer Res. 20(2), 303–315 (1993)
Forte, A., Andalibi, N., Greenstadt, R.: Privacy, anonymity, and perceived risk in open collaboration: A study of tor users and wikipedians. In: Proceedings of the 2017 ACM Conference on Computer Supported Cooperative Work and Social Computing, pp. 1800–1811 (2017)
Gallagher, K.: Measurement and improvement of the tor user experience, Ph. D. thesis, New York University Tandon School of Engineering (2020)
Gallagher, K., Patil, S., Dolan-Gavitt, B., McCoy, D., Memon, N.: Peeling the onion’s user experience layer: examining naturalistic use of the tor browser. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, pp. 1290–1305 (2018)
Gallagher, K., Patil, S., Memon, N.: New me: understanding expert and non-expert perceptions and usage of the tor anonymity network. In: Thirteenth Symposium on Usable Privacy and Security (\(\{\)SOUPS\(\}\) 2017), pp. 385–398 (2017)
Garg, V., Camp, J.: Heuristics and biases: implications for security design. IEEE Technol. Soc. Mag. 32(1), 73–79 (2013)
Gobet, F., Ereku, M.H.: What Is Expertise? Psychology Today (2016)
Goldberg, I.: Privacy-enhancing technologies for the internet, ii: five years later. In: Dingledine, R., Syverson, P. (eds.) PET 2002. LNCS, vol. 2482, pp. 1–12. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-36467-6_1
Goldberg, I., Wagner, D., Brewer, E.: Privacy-enhancing technologies for the internet. In: Proceedings IEEE COMPCON 97. Digest of Papers, pp. 103–109. IEEE (1997)
Guest, G., MacQueen, K.M., Namey, E.E.: Applied thematic analysis. Sage Publications (2011)
Harborth, D., Pape, S., Rannenberg, K.: Explaining the technology use behavior of privacy-enhancing technologies: the case of Tor and Jondonym. Proceed. Privacy Enhancing Technol. 2020(2), 111–128 (2020)
Hargittai, E., Marwick, A.: “what can i really do?’’ explaining the privacy paradox with online apathy. Int. J. Commun. 10, 21 (2016)
Ion, I., Reeder, R., Consolvo, S.: “... no one can hack my mind”: comparing expert and non-expert security practices. In: Eleventh Symposium On Usable Privacy and Security (\(\{\)SOUPS\(\}\) 2015), pp. 327–346 (2015)
Kang, R., Dabbish, L., Fruchter, N., Kiesler, S.: “My data just goes everywhere:” user mental models of the internet and implications for privacy and security. In: Eleventh Symposium On Usable Privacy and Security (\(\{\)SOUPS\(\}\) 2015), pp. 39–52 (2015)
Kokolakis, S.: Privacy attitudes and privacy behaviour: a review of current research on the privacy paradox phenomenon. Comput. Secur. 64, 122–134 (2017). https://doi.org/10.1016/j.cose.2015.07.002. https://linkinghub.elsevier.com/retrieve/pii/S0167404815001017
Lampinen, A., Tamminen, S., Oulasvirta, A.: All my people right here, right now: Management of group co-presence on a social networking site. In: Proceedings of the ACM 2009 International Conference on Supporting Group Work, pp. 281–290 (2009)
Leavitt, A.: “ this is a throwaway account” temporary technical identities and perceptions of anonymity in a massive online community. In: Proceedings of the 18th ACM Conference on Computer Supported Cooperative Work & Social Computing, pp. 317–327 (2015)
Lee, L., Fifield, D., Malkin, N., Iyer, G., Egelman, S., Wagner, D.: A usability evaluation of Tor launcher. Proceed. Priv. Enhan. Technol. 2017(3), 90–109 (2017)
Marwick, A., Fontaine, C., Boyd, D.: “nobody sees it, nobody gets mad”: social media, privacy, and personal responsibility among low-ses youth. Soc. Media+ Soc. 3(2), 2056305117710455 (2017)
McDonald, N., Forte, A.: The politics of privacy theories: moving from norms to vulnerabilities. In: Proceedings of the 2020 CHI Conference on Human Factors in Computing Systems, pp. 1–14 (2020)
McDonald, N., Schoenebeck, S., Forte, A.: Reliability and inter-rater reliability in qualitative research: norms and guidelines for CSCW and HCI practice. Proc. ACM Hum.-Comput. Interact. 3(CSCW), 1–23 (2019). https://doi.org/10.1145/3359174
Mulligan, D.K., Koopman, C., Doty, N.: Privacy is an essentially contested concept: a multi-dimensional analytic for mapping privacy. Philos. Trans. Royal Soc. A: Math. Phys. Eng. Sci. 374(2083), 20160118 (2016). https://doi.org/10.1098/rsta.2016.0118
Oates, M., et al.: Turtles, locks, and bathrooms: understanding mental models of privacy through illustration. Proceed. Privacy Enhan. Technol. 2018(4), 5–32 (2018). https://content.sciendo.com/view/journals/popets/2018/4/article-p5.xml
Phelan, C., Lampe, C., Resnick, P.: It’s creepy, but it doesn’t bother me. In: Proceedings of the 2016 CHI Conference on Human Factors in Computing Systems, pp. 5240–5251 (2016)
Posner, R.A.: The economics of privacy. Am. Econ. Rev. 71(2), 405–409 (1981)
Renaud, K., Volkamer, M., Renkema-Padmos, A.: Why doesn’t jane protect her privacy? In: De Cristofaro, E., Murdoch, S.J. (eds.) PETS 2014. LNCS, vol. 8555, pp. 244–262. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-08506-7_13
Ruoti, S., Andersen, J., Zappala, D., Seamons, K.: Why Johnny still, still can’t encrypt: evaluating the usability of a modern PGP client. arXiv preprint arXiv:1510.08555 (2015)
Sheehan, K.B.: Toward a typology of internet users and online privacy concerns. Inf. Soc. 18(1), 21–32 (2002)
Shen, Y., Pearson, S.: Privacy enhancing technologies: A review. HP Laboratories 2739, 1–30 (2011)
Sheng, S., Broderick, L., Koranda, C.A., Hyland, J.J.: Why Johnny still can’t encrypt: evaluating the usability of email encryption software. In: Symposium On Usable Privacy and Security, pp. 3–4. ACM (2006)
Spiekermann, S.: The challenges of privacy by design. Commun. ACM 55(7), 38–40 (2012)
Stutzman, F., Hartzog, W.: Boundary regulation in social media. In: Proceedings of the ACM 2012 Conference on Computer Supported Cooperative Work, pp. 769–778 (2012)
Turner, E.C., Dasgupta, S.: Privacy on the web: an examination of user concerns, technology, and implications for business organizations and individuals. Inf.Syst. Manage. 20, 8–18 (2006)
Vemou, K., Karyda, M.: A classification of factors influencing low adoption of pets among sns users. In: International Conference on Trust, Privacy and Security in Digital Business, pp. 74–84. Springer (2013)
Whitten, A., Tygar, J.D.: Why Johnny can’t encrypt: a usability evaluation of PGP5.0. In: USENIX Security Symposium, vol. 348, pp. 169–184 (1999)
Yardi, S., Bruckman, A.: Income, race, and class: exploring socioeconomic differences in family technology use. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, pp. 3041–3050 (2012)
Young, A.L., Quan-Haase, A.: Privacy protection strategies on facebook: the internet privacy paradox revisited. Inf. Commun. Soc. 16(4), 479–500 (2013)
Zabihimayvan, M., Sadeghi, R., Doran, D., Allahyari, M.: A broad evaluation of the tor english content ecosystem. In: Proceedings of the 10th ACM Conference on Web Science, pp. 333–342 (2019)
Acknowledgements
This material is based on work supported in part by the NSF under Grants No. CNS-1814533 and CNS-1816264.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Elmimouni, H., Shusas, E., Skeba, P., Baumer, E.P.S., Forte, A. (2023). What Makes a Technology Privacy Enhancing? Laypersons’ and Experts’ Descriptions, Uses, and Perceptions of Privacy Enhancing Technologies. In: Sserwanga, I., et al. Information for a Better World: Normality, Virtuality, Physicality, Inclusivity. iConference 2023. Lecture Notes in Computer Science, vol 13972. Springer, Cham. https://doi.org/10.1007/978-3-031-28032-0_20
Download citation
DOI: https://doi.org/10.1007/978-3-031-28032-0_20
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-28031-3
Online ISBN: 978-3-031-28032-0
eBook Packages: Computer ScienceComputer Science (R0)