Abstract
Even though smartphones are personal devices, phone sharing has proven to be popular at different levels among users. Access control for data is an alternative solution that could let users decide to which degree specific information on the phone should be exposed to a specific person. Although there are a handful of studies that investigate users’ behaviors when sharing their phones, how users react to such access control in the app ecosystem has not been figured out. In this paper, we conducted a fine-grained survey with 165 participants, including German and Chinese to investigate users’ attitudes towards smartphone sharing as owner and as guest, as well as how they work with such access control mechanism. We also propose four persona guests for the user study, including stranger, acquaintance, close people and kids, which underlie this research, to understand to what extent users expose apps, sensors, and resources for diverse guests.
You have full access to this open access chapter, Download conference paper PDF
Similar content being viewed by others
Keywords
1 Introduction
Even though smartphones are personal devices, phone sharing has proven to be popular at different levels among users [1, 2]. Previous user studies on phone sharing [1–4] were mainly conducted in the form of interviews, semi-interviews, focus groups, etc., covering understanding users’ concerns, attitudes and practices when sharing smartphone. These studies have investigated sharing behavior aspects such as the frequency of sharing, location, reasons, and permissiveness by application or data type or the relationships involved. However, mobile phones carry data such as private photos, contacts, and messages, information such as browsing history, and they are equipped with apps. The way in which these may be configured with personal setting choices, so as to respond to privacy and sharing preferences, is addressed in this paper.
Access control for data is an alternative solution that could let users decide to which degree specific information on the phone should be exposed to a specific person. To address such issues, manufacturers and third-party app providers have incorporated access control into smartphone settings. They provide mechanisms and modes of operations to support access control at different levels, so that people could set limits on who could see or use data, sensors and apps. With iPhone, user could define and block several interactive areas in the settings under the category of accessibility, individually for different apps. The iOS also has a “Restriction” feature that limits specific functions and apps. Although there are a handful of studies that investigate users’ behaviors when sharing their phone, how users react to such access control in the app ecosystem has not been figured out. To investigate the user behavior, we divide user into owner and guest, and classify their activities of sharing. Four scenarios indicate sharing behaviors, (1) the owner lends the phone to a borrower; (2) the owner does not give the phone to the borrower, instead, he keeps the phone and navigates it following the borrower’s requests; (3) the owner shares the screen with the borrower, and they use the phone together; (4) there is no owner and borrower, that is, a group of people (for example family members) share the (hence “public”) phone.
In this paper, we mainly discuss sharing issues of the first and second scenarios. We conducted a fine-grained survey with 165 participants, including German and Chinese to investigate users’ attitudes towards smartphone sharing as owner and as guest, as well as how they work with such access control mechanism. We also propose four persona guests for the user study, including stranger, acquaintance, close people and kids, which underlie this research, to understand to what extent users expose apps, sensors, and resources for diverse guests. Based on control mechanisms and the diversity of guests, we explore how phone owners set limits for guests and what phone borrowers expect in terms of privacy protection from the access control provided by the system. In the past, in particular the parental control as one of the sub topics of phone sharing has gained researchers’ attentions. Increasingly, children are playing with the smartphone, but parents may be unaware of the dangers faced by children. Therefore, we also explore how adults restrict apps, sensors and resources for the use of a phone by kids. The paper presents a preliminary analysis of the data and discusses the results and implications for usable privacy and interface design.
2 Survey Design and Demography
We recruited 165 participants from Wenjuan website and Prometei, which are influential online crowdsourcing platforms. Participants are required to be the smartphone owner. The questionnaire includes but not limited to four parts: (1) basic demographics; (2) users’ attitudes towards phone sharing as owner; (3) users’ attitudes towards multiple user account as owner; and (4) users’ attitudes towards phone sharing as guest.
In total, we had 69.1 % males and 30.9 % females. Their ages were distributed and covered all age groups but 66.7 % were in the range of 18 to 24. There was a bias towards higher education levels and 94.0 % were under a higher education.
3 Results and Discussion
3.1 Attitudes Towards Phone Sharing as Owner
In this part, we discuss frequency of sharing behaviors, phone owner’s concern about the data on phone, lend time, and the data, sensors and resources that the owner would like to block to borrower.
We used the semantic differential technique with paring of Never (score 1)/Always (score 7) to form the answer of sharing behavior frequency in 7-scale with 4 as neutral score. We listed four sharing behaviors, including “lending my smartphone”, “borrowing other’s smartphone”, “sharing screen of my smartphone”, “sharing screen of other’s smartphone” and “using a public smartphone at home”. The median of “using a public smartphone at home” case is 1. Except for this case, the median of other four cases are all 2. Results showed that phone sharing is not that frequent, partly due to participants’ no need of sharing (almost everyone owns a smartphone), and partly due to fear of privacy leakage.
To go one step further, we asked participants to describe how much they were concerned about their data on smartphone. The answers were formed using Weak (score 1)/Strong (score 7) pair. From the responses of phone owner’s concern about the data on smartphone, we found that they were concerned about the data when lending phone to stranger (median = 7), felt neutral when lending phone to acquaintance and kids (median = 4), but felt weak concern about close people (median = 2).
Besides, the participants were asked to indicate how long they would like to let people use their phone. Most of them (57.6 %) chose to lend phone to stranger for less than 10 min. 25.8 % and 18.5 % of participants chose to lend to acquaintance for less than 10 min and 10 to 30 min respectively, which is similar to lending phone to kids (20 %: 10 min, 13.8 %: 10 to 30 min). With regard to close people like friends or parents, rare of them (1.2 %) did not want to lend the device. 12.7 % and 10.0 % of participants would like to lend the phone to close people for one day and one week respectively.
Finally, we also explored how people restricted resources/sensors and apps for each guest. As shown in Fig. 1, we found that most of participants blocked resources/sensors more strict to stranger, acquaintance, and kids than close people overall, which is similar to the cases of exposing apps (as shown in Fig. 2). Among these resources, people protected call history more than other resources. Among all apps listed, participants gave more protection for four types of apps, including social networking apps (like Facebook, Instagram, and WhatsApp), calendar (also email, notebook, etc.), Settings, as well as photo and video apps.
Responses on restricting and exposing resources/sensors for each guest persona (Color figure online)
Responses on restricting and exposing apps for each guest persona (Color figure online)
3.2 Attitudes Towards Multiple User Account as Owner
We explored users’ attitudes as owner towards the necessity of using Multiple User Account (MUA), and their intention to clean guests’ trace. In this part, all the answers were formed using Weak (score 1)/Strong (score 7) pair. The median of using MUA for stranger is 7, for acquaintance and kids respectively 5, for close people 2. We found that MUA is necessary for users when lending phone to distant relationships or kids.
When asked how much they would like to use one-button function to clear guests’ trace instead of guest clearing trace by themselves manually, more than 67.8 % participants gave scores higher than 4 (The median is 6).
3.3 Attitudes Towards Phone Sharing as Guest
In this part, we explored users’ attitudes towards phone sharing as guest. We asked participants to recall their experience of borrowing a smartphone, and image that they were the guest. We explored their protection actions, concerns about the usage history/log, intention of clearing trace as guest, feelings on the way of other’s using multiple user account.
With regard to taking actions to erase their usage trace before they return smartphone, 64.4 % of participants said that they tried to do something, like logging out and deleting the number they dialed. The rest of them expressed that they did not take any actions, partly they thought they did not need to (21.2 %), partly they thought they needed to (6.1 %), and partly they did not become aware of privacy issues (7.9 %).
When asked how much they were concerned about their trace that would be seen by device owner, 37.6 % felt strong concern. The answers were formed using Weak (score 1)/Strong (score 7) pair. The median is 6.
We also asked people to indicate how much they would like to use a one-button function to clear their trace. The answers were formed using Weak (score 1)/Strong (score 7) pair. The median is 6 and most of them (68.4 %) gave scores more than 4. Results showed that people had strong desire to have one click interface to easily protect their privacy as guest.
Finally, we asked how much people felt that they were untrusted by owner (stranger, acquaintance and close people) if the owner used multiple user account in front of them. We did not consider kids since it is not applicable in this case. We used to the semantic differential technique with paring of Weak (score 1)/Strong (score 7) to form answers. The results showed that most of participants (73.4 %) gave scores less than or equal to 4 to stranger owner, and 74.6 % to acquaintance owner. However, 48.5 % participants had negative feelings and gave scores more than 4 to close people owner.
4 Conclusion and Future Work
To investigate users’ attitudes towards access control of smartphone, we organize and conduct a survey to understand users’ attitudes towards phone sharing as owner, attitudes towards multiple user account as owner, and attitudes towards phone sharing as guest. Results showed that both owner and guest intent to protect their personal data. People gave different protection to resources/sensors and apps. The resources/sensors and apps that contain more personal data have obtained more protection. Multiple user account is necessary for users when lending phone to distant relationships or kids. In the near future, we will compare and analyze people’s attitudes towards access control of smartphone and tablet.
References
Karlson, A.K., Brush, A.J., Schechter, S.: Can I borrow your phone? Understanding concerns when sharing mobile phones. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, pp. 1647–1650. ACM (2009)
Liu, Y., Rahmati, A., Jang, H., Huang, Y., Zhong, L., Zhang, Y., Zhang, S.: Design, realization, and evaluation of xshare for impromptu sharing of mobile phones. IEEE Trans. Mobile Comput. 9, 1682–1696 (2010)
Hang, A., von Zezschwitz, E., De Luca, A., Hussmann, H.: Too much information!: user attitudes towards smartphone sharing. In: Proceedings of the 7th Nordic Conference on Human-Computer Interaction: Making Sense Through Design, pp. 284–287. ACM (2012)
King, J.: “How come I’m allowing strangers to go through my phone?” Smartphones and privacy expectations. In: Symposium on Usable Privacy and Security (SOUPS) (2013)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this paper
Cite this paper
Zhou, Y., Xu, T., Raake, A., Cai, Y. (2016). Access Control Is Not Enough: How Owner and Guest Set Limits to Protect Privacy When Sharing Smartphone. In: Stephanidis, C. (eds) HCI International 2016 – Posters' Extended Abstracts. HCI 2016. Communications in Computer and Information Science, vol 617. Springer, Cham. https://doi.org/10.1007/978-3-319-40548-3_82
Download citation
DOI: https://doi.org/10.1007/978-3-319-40548-3_82
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-40547-6
Online ISBN: 978-3-319-40548-3
eBook Packages: Computer ScienceComputer Science (R0)