Yusuf Albayram
ABSTRACT
Due to increasing trend of data collection by websites, the use of privacy-enhancing technologies is becoming more and more important in our digital age. However, widespread adoption of tools that provide strongest protection, such as a TOR browser, has been low. Instead of using a “one-size-fits-all” approach when promoting privacy-enhancing technologies as users often vary widely in their perceptions and ways to be persuaded, this study investigated whether using “personalized” content in the form of videos based on decision-making style (GDMS scale) and the level of IT expertise would lead to a higher adoption rate of a TOR browser. Towards that, we designed a study (n = 186) with control and treatment groups. While participants in the control group were randomly given a video raising awareness of the TOR browser, participants in the treatment group were given one of four personalized versions of these videos based on their scores on IT expertise questions and the GDMS scale measuring social influence. Two follow-up surveys, each a week apart, were conducted to determine if the participants installed a TOR browser. We found that only a small percentage of participants started using a TOR browser, and the personalized group did not significantly differ from the control in terms of adoption rate. Though personalized videos did not increase the adoption rate, this study showed that other factors contributed to the low adoption rate and provided insights and recommendations for designing personalized effective videos promoting the TOR browser or similar privacy-enhancing technologies.
- Elham Al Qahtani, Mohamed Shehab, and Abrar Aljohani. 2018. The effectiveness of fear appeals in increasing smartphone locking behavior among Saudi Arabians. In Fourteenth Symposium on Usable Privacy and Security (SOUPS 2018). 31–46.Google Scholar
- Yusuf Albayram, Mohammad Maifi Hasan Khan, and Michael Fagan. 2017. A study on designing video tutorials for promoting security features: A case study in the context of two-factor authentication (2fa). International Journal of Human–Computer Interaction 33, 11(2017), 927–942.Google Scholar
- Yusuf Albayram, Mohammad Maifi Hasan Khan, Theodore Jensen, and Nhan Nguyen. 2017. “... better to use a lock screen than to worry about saving a few seconds of time”: Effect of Fear Appeal in the Context of Smartphone Locking Behavior. In Thirteenth Symposium on Usable Privacy and Security ({SOUPS} 2017). 49–63.Google Scholar
- Yusuf Albayram, John Liu, and Stivi Cangonj. 2021. Comparing the Effectiveness of Text-based and Video-based Delivery in Motivating Users to Adopt a Password Manager. In European Symposium on Usable Security 2021. 89–104.Google ScholarDigital Library
- Maria Bada, Angela M Sasse, and Jason RC Nurse. 2019. Cyber security awareness campaigns: Why do they fail to change behaviour?arXiv preprint arXiv:1901.02672(2019).Google Scholar
- Brave. 2020. What is a Private Window with Tor Connectivity?Retrieved June 5, 2022 from https://support.brave.com/hc/en-us/articles/360018121491-What-is-a-Private-Window-with-Tor-Connectivity-Google Scholar
- PEW RESEARCH CENTER. 2019. Digital Knowledge Quiz. Retrieved June 5, 2022 from https://www.pewresearch.org/internet/quiz/digital-knowledge-quiz/Google Scholar
- Sauvik Das, Tiffany Hyun-Jin Kim, Laura A Dabbish, and Jason I Hong. 2014. The effect of social influence on security sensitivity. In 10th Symposium On Usable Privacy and Security (SOUPS 2014). 143–157.Google Scholar
- Sauvik Das, Adam DI Kramer, Laura A Dabbish, and Jason I Hong. 2014. Increasing security sensitivity with social proof: A large-scale experimental confirmation. In Proceedings of the 2014 ACM SIGSAC conference on computer and communications security. 739–749.Google ScholarDigital Library
- Sanchari Das, Shrirang Mare, and L Jean Camp. 2020. Smart storytelling: Video and text risk communication to increase mfa acceptability. In 2020 IEEE 6th International Conference on Collaboration and Internet Computing (CIC). IEEE, 153–160.Google ScholarCross Ref
- Ph.D. Deen Freelon. 2020. ReCal2: Reliability for 2 Coders. Retrieved June 10, 2022 from https://http://dfreelon.org/utils/recalfront/recal2/Google Scholar
- Serge Egelman and Eyal Peer. 2015. Scaling the security wall: Developing a security behavior intentions scale (sebis). In Proceedings of the 33rd annual ACM conference on human factors in computing systems. 2873–2882.Google ScholarDigital Library
- Deen Freelon. 2013. ReCal OIR: Ordinal, interval, and ratio intercoder reliability as a web service.International Journal of Internet Science 8, 1 (2013).Google Scholar
- Kevin Gallagher, Sameer Patil, Brendan Dolan-Gavitt, Damon McCoy, and Nasir Memon. 2018. Peeling the Onion’s User Experience Layer: Examining Naturalistic Use of the Tor Browser. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. 1290–1305.Google ScholarDigital Library
- Kevin Gallagher, Sameer Patil, and Nasir Memon. 2017. New Me: Understanding Expert and {Non-Expert} Perceptions and Usage of the Tor Anonymity Network. In Thirteenth Symposium on Usable Privacy and Security (SOUPS 2017). 385–398.Google Scholar
- Joseph A Gliem and Rosemary R Gliem. 2003. Calculating, interpreting, and reporting Cronbach’s alpha reliability coefficient for Likert-type scales. In Midwest Research-to-Practice Conference in Adult, Continuing, and Community Eduction. Midwest Research-to-Practice Conference in Adult, Continuing, and Community Eduction.Google Scholar
- David Harborth, Sebastian Pape, and Kai Rannenberg. 2020. Explaining the Technology Use Behavior of Privacy-Enhancing Technologies: The Case of Tor and JonDonym.Proc. Priv. Enhancing Technol. 2020, 2 (2020), 111–128.Google ScholarCross Ref
- Marie Helweg-Larsen and James A Shepperd. 2001. Do moderators of the optimistic bias affect personal or target risk estimates? A review of the literature. Personality and social psychology review 5, 1 (2001), 74–95.Google Scholar
- Adele E Howe, Indrajit Ray, Mark Roberts, Malgorzata Urbanska, and Zinta Byrne. 2012. The psychology of security for the home computer user. In 2012 IEEE Symposium on Security and Privacy. IEEE, 209–223.Google ScholarDigital Library
- Iulia Ion, Rob Reeder, and Sunny Consolvo. 2015. “... no one can hack my mind”: Comparing Expert and Non-Expert Security Practices. In Eleventh Symposium On Usable Privacy and Security ({SOUPS} 2015). 327–346.Google Scholar
- Ruogu Kang, Laura Dabbish, Nathaniel Fruchter, and Sara Kiesler. 2015. {“My} Data Just Goes {Everywhere:”} User Mental Models of the Internet and Implications for Privacy and Security. In Eleventh Symposium on Usable Privacy and Security (SOUPS 2015). 39–52.Google Scholar
- Ben Kero. 2020. Brave.com now has its own Tor Onion Service, providing more users with secure access to Brave. Retrieved June 5, 2022 from https://brave.com/new-onion-service/Google Scholar
- Klaus Krippendorff. 2009. Testing the Reliability of Content Analysis Data. The Content Analysis Reader(2009), 350–357.Google Scholar
- Linda N Lee, David Fifield, Nathan Malkin, Ganesh Iyer, Serge Egelman, and David A Wagner. 2017. A Usability Evaluation of Tor Launcher.Proc. Priv. Enhancing Technol. 2017, 3 (2017), 90.Google ScholarCross Ref
- Sarah Lichtenstein, Baruch Fischhoff, and Lawrence D Phillips. 1977. Calibration of probabilities: The state of the art. Decision making and change in human affairs(1977), 275–324.Google Scholar
- Naresh K Malhotra, Sung S Kim, and James Agarwal. 2004. Internet users’ information privacy concerns (IUIPC): The construct, the scale, and a causal model. Information systems research 15, 4 (2004), 336–355.Google Scholar
- Nathan Malkin, Arunesh Mathur, Marian Harbach, and Serge Egelman. 2017. Personalized security messaging: Nudges for compliance with browser warnings. In 2nd European Workshop on Usable Security. Internet Society.Google ScholarCross Ref
- Matthew B Miles and A Michael Huberman. 1994. Qualitative data analysis: An expanded sourcebook. SAGE.Google Scholar
- Greg Norcie, Jim Blythe, Kelly Caine, and L Jean Camp. 2014. Why Johnny can’t blow the whistle: Identifying and reducing usability issues in anonymity systems. In Proceedings 2014 Workshop on Usable Security. https://doi. org/10.14722/usec.Google ScholarCross Ref
- Stefan Palan and Christian Schitter. 2018. Prolific. ac—A subject pool for online experiments. Journal of Behavioral and Experimental Finance 17 (2018), 22–27.Google ScholarCross Ref
- Eyal Peer, Serge Egelman, Marian Harbach, Nathan Malkin, Arunesh Mathur, and Alisa Frik. 2020. Nudge me right: Personalizing online security nudges to people’s decision-making styles. Computers in Human Behavior 109 (2020), 106347.Google ScholarCross Ref
- Tor project. 2022. Tor Project. Retrieved June 5, 2022 from https://www.torproject.org/Google Scholar
- Leilei Qu, Ruojin Xiao, Cheng Wang, and Wenchang Shi. 2021. Design and Evaluation of CFC-targeted Security Nudges. In Extended Abstracts of the 2021 CHI Conference on Human Factors in Computing Systems. 1–6.Google Scholar
- Lee Rainie and Mary Madden. 2015. Americans’ privacy strategies post-Snowden. (2015).Google Scholar
- Yukiko Sawaya, Mahmood Sharif, Nicolas Christin, Ayumu Kubota, Akihiro Nakarai, and Akira Yamada. 2017. Self-confidence trumps knowledge: A cross-cultural study of security behavior. In Proceedings of the 2017 CHI Conference on Human Factors in Computing Systems. 2202–2214.Google ScholarDigital Library
- Susanne G Scott and Reginald A Bruce. 1995. Decision-making style: The development and assessment of a new measure. Educational and psychological measurement 55, 5 (1995), 818–831.Google Scholar
- Peter Story, Daniel Smullen, Alessandro Acquisti, Lorrie Faith Cranor, Norman Sadeh, and Florian Schaub. 2020. From intent to action: Nudging users towards secure mobile payments. In Sixteenth Symposium on Usable Privacy and Security (SOUPS 2020). 379–415.Google Scholar
- Peter Story, Daniel Smullen, Rex Chen, Yaxing Yao, Alessandro Acquisti, Lorrie Faith Cranor, Norman Sadeh, and Florian Schaub. 2022. Increasing Adoption of Tor Browser Using Informational and Planning Nudges. Proceedings on Privacy Enhancing Technologies 2 (2022), 152–183.Google ScholarCross Ref
- Peter Story, Daniel Smullen, Yaxing Yao, Alessandro Acquisti, Lorrie Faith Cranor, Norman Sadeh, and Florian Schaub. 2021. Awareness, adoption, and misconceptions of web privacy tools. Proceedings on Privacy Enhancing Technologies 2021, 3(2021), 308–333.Google ScholarCross Ref
- Yixin Zou, Kevin Roundy, Acar Tamersoy, Saurabh Shintre, Johann Roturier, and Florian Schaub. 2020. Examining the adoption and abandonment of security, privacy, and identity theft protection practices. In Proceedings of the 2020 CHI Conference on Human Factors in Computing Systems. 1–15.Google ScholarDigital Library
Index Terms
- Investigating the Effectiveness of Personalized Content in the Form of Videos When Promoting a TOR Browser
Recommendations
Personalized Content Recommendation and User Satisfaction: Theoretical Synthesis and Empirical Findings
Personalized services are increasingly popular in the Internet world. This study identifies theories related to the use of personalized content services and their effect on user satisfaction. Three major theories have been identified-information ...
Increasing Web Accessibility Through a Personalized Web Browser for Older Adults
AbstractA web browser is a crucial tool for older adults to access the Internet. An essential reason for web browser redesign is to increase the accessibility for older people that considered a particular user group. The paper presents an approach to ...
Comments