Skip to main content
SpringerLink
Log in
Book cover

International Conference on Financial Cryptography and Data Security

FC 2007: Financial Cryptography and Data Security pp 341–355Cite as

Empirical Studies on Software Notices to Inform Policy Makers and Usability Designers

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 4886))

Abstract

We evaluate the usability of End User License Agreements (EULAs) of popular consumer programs. Results from an empirical evaluation of 50 popular programs show the lack of accessibility and readability of notices. Our data from a recent study with 64 users involved in installation tasks confirms the public perception that notice to and consent by the user is not achieved.

We are greatly indebted to Susheel Daswani for constructing the experimental framework. Part of this work is conducted jointly with Joe Konstan, Deirdre Mulligan and Becca Shortle. We also thank Chris J. Hoofnagle, Ira Rubenstein and the anonymous reviewers for their valuable feedback and suggestions. Jens Grossklags’ work is supported in part by the National Science Foundation under ITR award ANI-0331659. This work was also supported in part by TRUST (The Team for Research in Ubiquitous Secure Technology), which receives support from the National Science Foundation (NSF award number CCF-0424422) and the following organizations: AFOSR (#FA9550-06-1-0244) Cisco, British Telecom, ESCHER, HP, IBM, iCAST, Intel, Microsoft, ORNL, Pirelli, Qualcomm, Sun, Symantec, Telecom Italia and United Technologies.

The original version of this chapter was revised: The copyright line was incorrect. This has been corrected. The Erratum to this chapter is available at DOI: 10.1007/978-3-540-77366-5_37

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Good, N., Krekelberg, A.: Usability and privacy: A study of Kazaa P2P file-sharing. In: CHI 2003. Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, pp. 137–144 (2003)

    Google Scholar 

  2. Dhamija, R., Tygar, J.D., Hearst, M.: Why Phishing Works. In: CHI 2006. Proceedings of the SIGCHI conference on Human factors in computing systems, pp. 581–590 (2006)

    Google Scholar 

  3. Bederson, B.B., Lee, B., Sherman, R.M., Herrnson, P.S., Niemi, R.G.: Electronic voting system usability issues. In: CHI 2003. Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, pp. 145–152 (2003)

    Google Scholar 

  4. Whitten, A., Tygar, J.D.: Why Johnny can’t encrypt: A usability evaluation of PGP 5.0. In: Proceedings of the 8th USENIX Security Symposium, pp. 169–184 (1999)

    Google Scholar 

  5. AOL and National Cyber Security Alliance: AOL/NCSA online safety study (December 2005), http://www.staysafeonline.info/pdf/safety_study_2005.pdf

  6. Earthlink: Earthlink spy audit: Results complied from Webroot’s and Earthlink’s Spy Audit programs (2005), http://www.earthlink.net/about/press/pr_spyAuditReport/

  7. Delio, M.: Spyware on My Machine? So What? Wired News (December 06, 2004) http://www.wired.com/news/technology/0,1282,65906,00.html

  8. Good, N., Dhamija, R., Grossklags, J., Aronovitz, S., Thaw, D., Mulligan, D., Konstan, J.: Stopping Spyware at the Gate: A User Study of Privacy, Notice and Spyware. In: SOUPS 2005. Proceedings of the Symposium On Usable Privacy and Security, Pittsburgh, PA , pp. 43–52 (July 6-8, 2005)

    Google Scholar 

  9. Slawson, W.D.: Standard Form Contracts and Democratic Control of Law Making Power. Harvard Law Review 84, 529–566 (1971)

    Article  Google Scholar 

  10. Overly, M., Kalyvas, J.R.: Software Agreements Line by Line: A Detailed Look at Software Contracts and Licenses & How to Change Them to Fit Your Needs. Aspatore Books (2004)

    Google Scholar 

  11. Marotta-Wurgler, F.: Competition and the quality of standard form contracts: An empirical analysis of software license agreements. New York University working paper (2005)

    Google Scholar 

  12. Good, N., Grossklags, J., Mulligan, D., Konstan, J.: Noticing Notice: A large-scale experiment on the timing of software license agreements. In: CHI 2007. Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, pp. 607–616 (2007)

    Google Scholar 

  13. Kucera, K., Plaisent, M., Bernard, P., Maguiraga, L.: An empirical investigation of the prevalence of spyware in internet shareware and freeware distributions. Journal of Enterprise Information Management 18(6), 697–708 (2005)

    Article  Google Scholar 

  14. Schechter, R.E.: The Unfairness of Click-On Software Licenses. Wayne Law Review 46, 1735–1803 (2000)

    Google Scholar 

  15. Microsoft Corporation: Privacy Guidelines for Developing Software Products and Services (October 10, 2006)

    Google Scholar 

  16. Casamiquela, R.J.: Contractual Assent and Enforceability in Cyberspace. Berkeley Tech. L.J. 17, 475–495 (2002)

    Google Scholar 

  17. Lewandowski, L.J., Codding, R.S., Kleinmann, A.E., Tucker, K.L.: Assessment of Reading Rate in Postsecondary Students. Journal of Psychoeducational Assessment 21(2), 134–144 (2003)

    Article  Google Scholar 

  18. Kincaid, J., Fishburn, R., Rogers Jr., R., Chissom, B.: Derivation of New Readability Formulas for Navy Enlisted Personnel. CNTECHTRA Research Branch Report , 8–75 (1975)

    Google Scholar 

  19. Flesch, R.: A new readability yardstick. Journal of Applied Psychology 32, 221–233 (1948)

    Article  Google Scholar 

  20. Jensen, C., Potts, C.: Privacy policies as decision-making tools: An evaluation on online privacy notices. In: CHI 2004. Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, pp. 471–478 (2004)

    Google Scholar 

  21. Breese, P., Burman, W.: Readability of Notice of Privacy Forms Used by Major Health Care Institutions. Journal of the American Medical Association 293, 1593–1594 (2005)

    Google Scholar 

  22. Hochhauser, M.: Lost in the Fine Print: Readability of Financial Privacy Notices (2001), http://www.privacyrights.org/ar/GLB-Reading.htm

  23. Hochhauser, M.: Readability of HIPAA Privacy Notices (2003), http://benefitslink.com/articles/hipaareadability.pdf

  24. Masson, M.E.J., Waldron, M.A.: Comprehension of legal contracts by non-experts: Effectiveness of plain language redrafting. Applied Cognitive Psychology 8, 67–85 (1994)

    Article  Google Scholar 

  25. Acquisti, A., Grossklags, J.: Privacy and Rationality in Individual Decision Making. IEEE Security and Privacy 3(1), 26–33 (2005)

    Article  Google Scholar 

  26. Vila, T., Greenstadt, R., Molnar, D.: Why We Can’t Be Bothered To Read Privacy Policies: Models of Privacy Economics as a Lemons Market. In: Camp, L.J., Lewis, S. (eds.) Economics of Information Security, pp. 143–153. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  27. Hillman, R.A.: Online Boilerplate: Would Mandatory Website Disclosure of E-Standard Terms Backfire. Michigan Law Review 104, 837–856 (2006)

    Google Scholar 

  28. PC Pitstop: It pays to read EULAs (2007), http://www.pcpitstop.com/spycheck/eula.asp

  29. Kreuter, M.W., Brennan, L.K., Scharff, D.P., Lukwago, S.N.: Do nutrition label readers eat healthier diets? Behavioral correlates of adults’ use of food labels. American Journal of Preventive Medicine 13(4), 277–283 (1997)

    Google Scholar 

  30. Hochhauser, M.: Compliance v Communication. Clarity: Journal of the International Movement to simplify legal language 50, 11–19 (2003)

    Google Scholar 

  31. Turow, J., Hoofnagle, C., Mulligan, D., Good, N., Grossklags, J.: Consumers & Privacy In the Coming Decade, Session on Communicating with Consumers in the Next Tech-ade - The Impact of Demographics and Shifting Consumer Attitudes. In: Public Hearings on Protecting Consumers in the Next Tech-ade, Federal Trade Commission, Washington D.C (November 6-8, 2006)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Information, University of California, 102 South Hall, Berkeley, CA, 94720, USA

    Jens Grossklags & Nathan Good

Authors
  1. Jens Grossklags
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Nathan Good
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Software Engineering Institute, Carnegie Mellon University, 4500 Fifth Avenue, 15213, Pittsburgh, PA, USA

    Sven Dietrich

  2. CRCS DEAS, Harvard University, Maxwell Dworkin 110, 33 Oxford Street, 02138, Cambridge, MA, USA

    Rachna Dhamija

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Grossklags, J., Good, N. (2007). Empirical Studies on Software Notices to Inform Policy Makers and Usability Designers. In: Dietrich, S., Dhamija, R. (eds) Financial Cryptography and Data Security. FC 2007. Lecture Notes in Computer Science, vol 4886. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-77366-5_31

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-77366-5_31

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-77365-8

  • Online ISBN: 978-3-540-77366-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation