Skip to main content
SpringerLink
Log in
Book cover

International Conference on Decision and Game Theory for Security

GameSec 2014: Decision and Game Theory for Security pp 246–265Cite as

An Economic Model and Simulation Results of App Adoption Decisions on Networks with Interdependent Privacy Consequences

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8840))

Abstract

The popularity of third-party apps on social network sites and mobile networks emphasizes the problem of the interdependency of privacy. It is caused by users installing apps that often collect and potentially misuse the personal information of users’ friends who are typically not involved in the decision-making process. In this paper, we provide an economic model and simulation results addressing this problem space. We study the adoption of social apps in a network where privacy consequences are interdependent. Motivated by research in behavioral economics, we extend the model to account for users’ other-regarding preferences; that is, users care about privacy harms they inflict on their peers.

We present results from two simulations utilizing an underlying scale-free network topology to investigate users’ app adoption behaviors in both the initial adoption period and the late adoption phase. The first simulation predictably shows that in the early adoption period, app adoption rates will increase when (1) the interdependent privacy harm caused by an app is lower, (2) installation cost decreases, or (3) network size increases. Surprisingly, we find from the second simulation that app rankings frequently will not accurately reflect the level of interdependent privacy harm when simultaneously considering the adoption results of multiple apps. Given that in the late adoption phase, users make their installation decisions mainly based on app rankings, the simulation results demonstrate that even rational actors who consider their peers’ well-being might adopt apps with significant interdependent privacy harms. Our findings complement the usable privacy and security studies which show that users install privacy-invasive apps because they are unable to identify and understand apps’ privacy consequences; however, we show that fully-informed and rational users will likely fall for privacy-invasive apps as well.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Chia, P., Yamamoto, Y., Asokan, N.: Is this app safe?: A large scale study on application permissions and risk signals. In: Proceedings of the 21st International World Wide Web Conference (WWW), pp. 311–320 (April 2012)

    Google Scholar 

  2. Felt, A., Evans, D.: Privacy protection for social networking APIs. In: Proceedings of the 2008 Workshop on Web 2.0 Security and Privacy (W2SP) (May 2008)

    Google Scholar 

  3. Besmer, A., Lipford, H.: Users’ (mis)conceptions of social applications. In: Proceedings of Graphics Interface (GI), pp. 63–70 (May 2010)

    Google Scholar 

  4. Felt, A., Ha, E., Egelman, S., Haney, A., Chin, E., Wagner, D.: Android permissions: User attention, comprehension, and behavior. In: Proceedings of the 7th Symposium on Usable Privacy and Security (SOUPS), pp. 3:1–3:14 (July 2012)

    Google Scholar 

  5. Biczók, G., Chia, P.H.: Interdependent privacy: Let me share your data. In: Sadeghi, A.-R. (ed.) FC 2013. LNCS, vol. 7859, pp. 338–353. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  6. Grossklags, J., Christin, N., Chuang, J.: Secure or insure?: A game-theoretic analysis of information security games. In: Proceedings of the 17th International World Wide Web Conference (WWW), pp. 209–218 (April 2008)

    Google Scholar 

  7. Kunreuther, H., Heal, G.: Interdependent security. Journal of Risk and Uncertainty 26(2), 231–249 (2003)

    Article  MATH  Google Scholar 

  8. Laszka, A., Felegyhazi, M., Buttyán, L.: A survey of interdependent information security games. ACM Computing Surveys (forthcoming)

    Google Scholar 

  9. Cooper, D., Kagel, J.: Other regarding preferences: A selective survey of experimental results (forthcoming), http://myweb.fsu.edu/djcooper/research/otherregard.pdf

  10. Stahl, D., Haruvy, E.: Other-regarding preferences: Egalitarian warm glow, empathy, and group size. Journal of Economic Behavior & Organization 61(1), 20–41 (2006)

    Article  Google Scholar 

  11. Ifrach, B., Johari, R.: The impact of visibility on demand in the market for mobile apps. Technical report, SSRN Working Paper (February 2014)

    Google Scholar 

  12. Book, T., Wallach, D.: A case of collusion: A study of the interface between ad libraries and their apps. In: Proceedings of the 3rd Annual ACM CCS Workshop on Security and Privacy in Smartphones & Mobile Devices (SPSM), pp. 79–86 (November 2013)

    Google Scholar 

  13. Krishnamurthy, B., Wills, C.: On the leakage of personally identifiable information via online social networks. In: Proceedings of ACM SIGCOMM Workshop on Online Social Networks (WOSN), pp. 7–12 (August 2009)

    Google Scholar 

  14. Steel, E., Fowler, G.: Facebook in privacy breach. The Wall Street Journal (October 2010)

    Google Scholar 

  15. King, J., Lampinen, A., Smolen, A.: Privacy: Is there an app for that? In: Proceedings of the 7th Symposium on Usable Privacy and Security (SOUPS), pp. 12:1–12:20 (July 2011)

    Google Scholar 

  16. Tam, J., Reeder, R., Schechter, S.: I’m allowing what? Disclosing the authority applications demand of users as a condition of installation. Technical Report MSR-TR-2010-54, Microsoft Research (2010)

    Google Scholar 

  17. Wang, N., Grossklags, J., Xu, H.: An online experiment of privacy authorization dialogues for social applications. In: Proceedings of the Conference on Computer Supported Cooperative Work (CSCW), pp. 261–272 (February 2013)

    Google Scholar 

  18. Wang, N., Xu, H., Grossklags, J.: Third-party apps on Facebook: Privacy and the illusion of control. In: Proceedings of the ACM Symposium on Computer Human Interaction for Management of Information Technology (CHIMIT), pp. 4:1–4:10 (December 2011)

    Google Scholar 

  19. Good, N., Dhamija, R., Grossklags, J., Aronovitz, S., Thaw, D., Mulligan, D., Konstan, J.: Stopping spyware at the gate: A user study of privacy, notice and spyware. In: Proceedings of the Symposium on Usable Privacy and Security (SOUPS), pp. 43–52 (July 2005)

    Google Scholar 

  20. Good, N., Grossklags, J., Mulligan, D., Konstan, J.: Noticing notice: A large-scale experiment on the timing of software license agreements. In: Proceedings of the ACM Conference on Human Factors in Computing Systems (CHI), pp. 607–616 (April-May 2007)

    Google Scholar 

  21. Shehab, M., Marouf, S., Hudel, C.S.: ROAuth: Recommendation based open authorization. In: Proceedings of the 7th Symposium on Usable Privacy and Security (SOUPS), pp. 11:1–11:12 (July 2011)

    Google Scholar 

  22. Wang, N.: Third-party applications’ data practices on Facebook. In: Proceedings of the 2012 ACM Annual Conference on Human Factors in Computing Systems, Extended Abstracts (CHI EA), pp. 1399–1404 (May 2012)

    Google Scholar 

  23. Felt, A., Finifter, M., Chin, E., Hanna, S., Wagner, D.: A survey of mobile malware in the wild. In: Proceedings of the ACM Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM), pp. 3–14 (October 2011)

    Google Scholar 

  24. Felt, A., Greenwood, K., Wagner, D.: The effectiveness of application permissions. In: Proceedings of the 2nd USENIX Conference on Web Application Development (WebApps), p. 7 (June 2011)

    Google Scholar 

  25. Kelley, P., Cranor, L., Sadeh, N.: Privacy as part of the app decision-making process. In: Proceedings of the ACM Annual Conference on Human Factors in Computing Systems (CHI), pp. 3393–3402 (April 2013)

    Google Scholar 

  26. Beresford, A., Rice, A., Skehin, N., Sohan, R.: Mockdroid: Trading privacy for application functionality on smartphones. In: Proceedings of the 12th Workshop on Mobile Computing Systems and Applications (HotMobile), pp. 49–54 (March 2011)

    Google Scholar 

  27. Woollaston, V.: Is Facebook reading your TEXTS? Android update lets app access your written and picture messages. Daily Mail Online (January 2014)

    Google Scholar 

  28. Karambelkar, D.: Spyware: A bird’s-eye view. Gulf News (February 2014)

    Google Scholar 

  29. Robertson, J.: Google+, ‘Candy Crush’ show risk of leakiest apps. Bloomberg Technology (January 2014)

    Google Scholar 

  30. Sundararajan, A.: Local network effects and complex network structure. The BE Journal of Theoretical Economics 7(1) (January 2007)

    Google Scholar 

  31. Fehr, E., Schmidt, K.: A theory of fairness, competition, and cooperation. The Quarterly Journal of Economics 114(3), 817–868 (1999)

    Article  MATH  Google Scholar 

  32. Bolton, G., Ockenfels, A.: ERC: A theory of equity, reciprocity, and competition. American Economic Review 90(1), 166–193 (2000)

    Article  Google Scholar 

  33. Berg, J., Dickhaut, J., McCabe, K.: Trust, reciprocity, and social history. Games and Economic Behavior 10(1), 122–142 (1995)

    Article  MATH  Google Scholar 

  34. Darley, J., Latane, B.: When will people help in a crisis? In: Hochman, S. (ed.) Readings in Psychology, pp. 101–110. MSS Information Corporation (1972)

    Google Scholar 

  35. Fisher, R., Price, L.: An investigation into the social context of early adoption behavior. Journal of Consumer Research 19(3), 477–486 (1992)

    Article  Google Scholar 

  36. Salganik, M., Dodds, P., Watts, D.: Experimental study of inequality and unpredictability in an artificial cultural market. Science 311(5762), 854–856 (2006)

    Article  Google Scholar 

  37. Ahn, Y., Han, S., Kwak, H., Moon, S., Jeong, H.: Analysis of topological characteristics of huge online social networking services. In: Proceedings of the 16th International World Wide Web Conference (WWW), pp. 835–844 (May 2007)

    Google Scholar 

  38. Mislove, A., Marcon, M., Gummadi, K., Druschel, P., Bhattacharjee, B.: Measurement and analysis of online social networks. In: Proceedings of the 7th ACM SIGCOMM Conference on Internet Measurement (IMC), pp. 29–42 (October 2007)

    Google Scholar 

  39. Barabási, A., Albert, R.: Emergence of scaling in random networks. Science 286(5439), 509–512 (1999)

    Article  MathSciNet  Google Scholar 

  40. Verbrugge, L.: The structure of adult friendship choices. Social Forces 56(2), 576–597 (1977)

    Article  Google Scholar 

  41. Carare, O.: The impact of bestseller rank on demand: Evidence from the app market. International Economic Review 53(3), 717–742 (2012)

    Article  Google Scholar 

  42. Garg, R., Telang, R.: Inferring app demand from publicly available data. MIS Quarterly 37(4), 1253–1264 (2013)

    Google Scholar 

  43. Good, N., Grossklags, J., Thaw, D., Perzanowski, A., Mulligan, D., Konstan, J.: User choices and regret: Understanding users’ decision process about consensually acquired spyware. I/S: A Journal of Law and Policy for the Information Society 2(2), 283–344 (2006)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. College of Information Sciences and Technology, The Pennsylvania State University, University Park, PA, USA

    Yu Pu & Jens Grossklags

Authors
  1. Yu Pu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jens Grossklags
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Electrical Engineering Department, Network Securitiy Lab, University of Washington, Box 352500, 98195-2055, Seattle, WA, USA

    Radha Poovendran

  2. Department of Electrical and Computer Engineering, Virginia Tech, Whittmore Hall 302, 1185 Perry Street, 24061, Blacksburg, VA, USA

    Walid Saad

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this paper

Cite this paper

Pu, Y., Grossklags, J. (2014). An Economic Model and Simulation Results of App Adoption Decisions on Networks with Interdependent Privacy Consequences. In: Poovendran, R., Saad, W. (eds) Decision and Game Theory for Security. GameSec 2014. Lecture Notes in Computer Science, vol 8840. Springer, Cham. https://doi.org/10.1007/978-3-319-12601-2_14

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-12601-2_14

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-12600-5

  • Online ISBN: 978-3-319-12601-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation