ABSTRACT
In an increasingly digitized society, apps and technological services are virtually everywhere. Whether finance or fitness, users accept privacy policies and terms of service – often, without reading or engaging with them beforehand. Paradoxically, despite this behavior, users voice privacy concerns about their data. In this work, we shed light on the occurrence of this Privacy Paradox, offering suggestions how technology may be designed to support informed privacy decision-making. We followed a three-step method, inspecting user journeys of twenty health and fitness apps, conducting twenty semi-structured interviews with users and analyzing seven state-of-the-art privacy assistant systems. Our work offers three contributions: First, we provide critical reflections on when, how and which privacy information is displayed. Second, we present insights on contrasting user interests regarding e.g. information density and time effort. Third, we derive design recommendations for future privacy communication systems, elaborating on use cases, displayed contents and presentation formats.
- Alessandro Acquisti, Idris Adjerid, Rebecca Balebako, Laura Brandimarte, Lorrie Faith Cranor, Saranga Komanduri, Pedro Giovanni Leon, Norman Sadeh, Florian Schaub, Manya Sleeper, Yang Wang, and Shomir Wilson. 2018. Nudges for Privacy and Security: Understanding and Assisting Users’ Choices Online. Comput. Surveys 50, 3 (May 2018), 1–41. https://doi.org/10.1145/3054926Google ScholarDigital Library
- Alessandro Acquisti, Laura Brandimarte, and George Loewenstein. 2015. Privacy and Human Behavior in the Age of Information. Science 347, 6221 (Jan. 2015), 509–514. https://doi.org/10.1126/science.aaa1465Google ScholarCross Ref
- ActiveMind AG. 2021. Videokonferenztools Im Datenschutz-Vergleich.Google Scholar
- ActiveMind AG. 2022. Datenschutz Und Informationssicherheit Für Unternehmen. https://www.activemind.de/.Google Scholar
- Hazim Almuhimedi, Florian Schaub, Norman Sadeh, Idris Adjerid, Alessandro Acquisti, Joshua Gluck, Lorrie Faith Cranor, and Yuvraj Agarwal. 2015. Your Location Has Been Shared 5,398 Times!: A Field Study on Mobile App Privacy Nudging. In Proceedings of the 33rd Annual ACM Conference on Human Factors in Computing Systems. ACM, Seoul Republic of Korea, 787–796. https://doi.org/10.1145/2702123.2702210Google ScholarDigital Library
- Apple Inc. 2022. Categories and Discoverability - App Store. https://developer.apple.com/app-store/categories/.Google Scholar
- Apple Inc. 2022. Healthcare - Products and Platform. https://www.apple.com/healthcare/products-platform/.Google Scholar
- Susan B. Barnes. 2006. A Privacy Paradox: Social Networking in the United States. First Monday 11, 9 (Sept. 2006). https://doi.org/10.5210/fm.v11i9.1394Google ScholarCross Ref
- Susanne Barth and Menno D.T. de Jong. 2017. The Privacy Paradox – Investigating Discrepancies between Expressed Privacy Concerns and Actual Online Behavior – A Systematic Literature Review. Telematics and Informatics 34, 7 (Nov. 2017), 1038–1058. https://doi.org/10.1016/j.tele.2017.04.013Google ScholarDigital Library
- Niels Beisinghoff. 2021. Data Protection and Instant Messenger System Solutions for Companies. https://www.dataguard.co.uk/blog/data-protection-with-instant-messenger-systems-a-comparison-which-services-are-suitable-for-companies.Google Scholar
- A. Blandford, D. Furniss, and S. Makri. 2016. Qualitative HCI Research: Going Behind the Scenes. Synthesis Lectures on Human-Centered Informatics, Vol. 1. Springer Cham.Google Scholar
- Komang Brata, Aryo Pinandito, Nurizal Priandani, and Mahardeka Ananta. 2021. Usability Improvement of Public Transit Application through Mental Model and User Journey. TELKOMNIKA (Telecommunication Computing Electronics and Control) 19 (April 2021), 397. https://doi.org/10.12928/telkomnika.v19i2.18323Google Scholar
- Virginia Braun and Victoria Clarke. 2006. Using Thematic Analysis in Psychology. Qualitative Research in Psychology 3, 2 (Jan. 2006), 77–101. https://doi.org/10.1191/1478088706qp063oaGoogle ScholarCross Ref
- Virginia Braun and Victoria Clarke. 2021. Thematic Analysis: A Practical Guide(first ed.). SAGE, London.Google Scholar
- Virginia Braun, Victoria Clarke, Nikki Hayfeld, and Gareth Terry. 2018. Thematic Analysis. In Handbook of Research Methods in Health Social Sciences. Springer Singapore, Singapore, 1–18.Google Scholar
- Brent Brown. 2021. Why Source Data Is The New Currency For Retailers. https://www.forbes.com/sites/forbestechcouncil/2021/11/03/why-source-data-is-the-new-currency-for-retailers/.Google Scholar
- Clickwrapped. 2022. Clickwrapped - LinkedIn. https://www.clickwrapped.com/sites/linkedin.Google Scholar
- Common Sense Media. 2020. Common Sense Privacy Standard Privacy Report for WhatsApp Messenger. https://privacy.commonsense.org/privacy-report/WhatsApp-Messenger.Google Scholar
- Common Sense Media. 2022. Common Sense Privacy Program. https://privacy.commonsense.org/.Google Scholar
- Secure Messaging Apps Comparison. 2022. Secure Messaging Apps Comparison | Privacy Matters. https://www.securemessagingapps.com/.Google Scholar
- DataGuard. 2022. DataGuard Blog. https://www.dataguard.co.uk/blog.Google Scholar
- Jayati Dev, Pablo Moriano, and L Jean Camp. 2020. Lessons Learnt from Comparing WhatsApp Privacy Concerns Across Saudi and Indian Populations. In Proceedings of the Sixteenth Symposium on Usable Privacy and Security. USENIX Association, 18.Google ScholarDigital Library
- Tamara Dinev, Massimo Bellotto, Paul Hart, Vincenzo Russo, Ilaria Serra, and Christian Colautti. 2006. Privacy Calculus Model in E-Commerce – a Study of Italy and the United States. European Journal of Information Systems 15, 4 (Aug. 2006), 389–402. https://doi.org/10.1057/palgrave.ejis.3000590Google ScholarCross Ref
- Anja Endmann and Daniela Keßner. 2016. User Journey Mapping – A Method in User Experience Design. i-com 15, 1 (April 2016), 105–110. https://doi.org/10.1515/icom-2016-0010Google Scholar
- Simson Garfinkel and Heather Richter Lipford. 2014. Usable Security: History, Themes, and Challenges (first ed.). Synthesis Lectures on Information Security, Privacy, and Trust, Vol. 5. Springer Cham.Google ScholarCross Ref
- Greg Guest, Kathleen M. MacQueen, and Emily E. Namey. 2012. Applied Thematic Analysis. SAGE Publications.Google Scholar
- Hana Habib, Megan Li, Ellie Young, and Lorrie Cranor. 2022. “Okay, Whatever”: An Evaluation of Cookie Consent Interfaces. In CHI Conference on Human Factors in Computing Systems. ACM, New Orleans LA USA, 1–27. https://doi.org/10.1145/3491102.3501985Google ScholarDigital Library
- Bernardo Huberman, E. Adar, and L.R. Fine. 2005. Valuating Privacy. Security & Privacy, IEEE 3 (Oct. 2005), 22–25. https://doi.org/10.1109/MSP.2005.137Google ScholarDigital Library
- Internet Society. 2012. Global Internet User Survey Summary Report. Technical Report. Internet Society. 5 pages.Google Scholar
- Patrick Gage Kelley, Lucian Cesca, Joanna Bresee, and Lorrie Faith Cranor. 2010. Standardizing Privacy Notices: An Online Study of the Nutrition Label Approach. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems(CHI ’10). Association for Computing Machinery, New York, NY, USA, 1573–1582. https://doi.org/10.1145/1753326.1753561Google ScholarDigital Library
- Patrick Gage Kelley, Lorrie Faith Cranor, and Norman Sadeh. 2013. Privacy as Part of the App Decision-Making Process. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems. ACM, Paris France, 3393–3402. https://doi.org/10.1145/2470654.2466466Google ScholarDigital Library
- Agnieszka Kitkowska, Johan Högberg, and Erik Wästlund. 2022. Online Terms and Conditions: Improving User Engagement, Awareness, and Satisfaction through UI Design. In Proceedings of the 2022 CHI Conference on Human Factors in Computing Systems(CHI ’22). Association for Computing Machinery, New York, NY, USA, 1–22. https://doi.org/10.1145/3491102.3517720Google ScholarDigital Library
- Agnieszka Kitkowska, Yefim Shulman, Leonardo A. Martucci, and Erik Wastlund. 2020. Psychological Effects and Their Role in Online Privacy Interactions: A Review. IEEE Access 8(2020), 21236–21260. https://doi.org/10.1109/ACCESS.2020.2969562Google ScholarCross Ref
- John Koetsier. 2021. Top 10 Most Downloaded Apps And Games Of 2021: TikTok, Telegram Big Winners. https://www.forbes.com/sites/johnkoetsier/2021/12/27/top-10-most-downloaded-apps-and-games-of-2021-tiktok-telegram-big-winners/.Google Scholar
- Spyros Kokolakis. 2017. Privacy Attitudes and Privacy Behaviour: A Review of Current Research on the Privacy Paradox Phenomenon. Computers & Security 64 (Jan. 2017), 122–134. https://doi.org/10.1016/j.cose.2015.07.002Google ScholarDigital Library
- Julia Lane, Victoria Stodden, Stefan Bender, and Helen Nissenbaum. 2014. Privacy, Big Data, and the Public Good: Frameworks for Engagement. Cambridge University Press, New York. https://doi.org/10.1017/CBO9781107590205Google Scholar
- Jonathan Lazar. 2017. Interviews and Focus Groups. In Research Methods in Human Computer Interaction. Elsevier, 187–228. https://doi.org/10.1016/B978-0-12-805390-4.00008-XGoogle Scholar
- Heather Richter Lipford, Jason Watson, Michael Whitney, Katherine Froiland, and Robert W. Reeder. 2010. Visual vs. Compact: A Comparison of Privacy Policy Interfaces. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems(CHI ’10). Association for Computing Machinery, New York, NY, USA, 1111–1114. https://doi.org/10.1145/1753326.1753492Google ScholarDigital Library
- Benjamin Mayersohn and Joshua Vernazza. 2022. App Snapshot Q4 2021, Apple and Google. Technical Report. Appfigures, New York.Google Scholar
- Aleecia M. McDonald, Robert W. Reeder, Patrick Gage Kelley, and Lorrie Faith Cranor. 2009. A Comparative Study of Online Privacy Policies and Formats. In Privacy Enhancing Technologies(Lecture Notes in Computer Science), Ian Goldberg and Mikhail J. Atallah (Eds.). Springer, Berlin, Heidelberg, 37–55. https://doi.org/10.1007/978-3-642-03168-7_3Google ScholarDigital Library
- Mozilla Foundation. 2021. *Privacy Not Included Review: Telegram. https://foundation.mozilla.org/en/privacynotincluded/telegram/.Google Scholar
- Mozilla Foundation. 2021. *Privacy Not Included Review: WhatsApp. https://foundation.mozilla.org/en/privacynotincluded/whatsapp/.Google Scholar
- Mozilla Foundation. 2022. Mozilla * Privacy Not Included. https://foundation.mozilla.org/en/.Google Scholar
- Mozilla Foundation. 2022. *Privacy Not Included Review: Headspace. https://foundation.mozilla.org/en/privacynotincluded/headspace/.Google Scholar
- Netzpolitik.org. 2022. Netzpolitik.Org. https://netzpolitik.org/.Google Scholar
- Andrew Nicole. 2022. Clickwrapped. https://www.clickwrapped.com/.Google Scholar
- Jonathan A. Obar and Anne Oeldorf-Hirsch. 2018. The Biggest Lie on the Internet: Ignoring the Privacy Policies and Terms of Service Policies of Social Networking Services. SSRN Scholarly Paper 2757465. Social Science Research Network, Rochester, NY. https://doi.org/10.2139/ssrn.2757465Google Scholar
- Andrew Patrick and Steve Kenny. 2003. From Privacy Legislation to Interface Design: Implementing Information Privacy in Human-Computer Interactions. In Privacy Enhancing Technologies, Vol. Lecture Notes in Computer Science. Dresden, 107–124. https://doi.org/10.1007/978-3-540-40956-4_8Google Scholar
- Christian Reuter, Luigi Lo Iacono, and Alexander Benlian. 2022. A Quarter Century of Usable Security and Privacy Research: Transparency, Tailorability, and the Road Ahead. Behaviour & Information Technology 41, 10 (2022), 2035–2048. https://doi.org/10.1080/0144929X.2022.2080908Google ScholarCross Ref
- Ferdinand David Schoeman. 1984. Philosophical Dimensions of Privacy: An Anthology. Cambridge University Press, New York.Google Scholar
- Secure Messaging Apps Comparison. 2022. Secure Messaging Apps Comparison | Privacy Matters.Google Scholar
- Than Htut Soe, Oda Elise Nordberg, Frode Guribye, and Marija Slavkovik. 2020. Circumvention by Design - Dark Patterns in Cookie Consent for Online News Outlets. In Proceedings of the 11th Nordic Conference on Human-Computer Interaction: Shaping Experiences, Shaping Society. ACM, Tallinn Estonia, 1–12. https://doi.org/10.1145/3419249.3420132Google ScholarDigital Library
- Pia Stenner. 2021. Neue WhatsApp-Datenschutzrichtlinie: Messengerdienste Im Vergleich. https://netzpolitik.org/2021/neue-whatsapp-datenschutzrichtlinie-messengerdienste-im-vergleich/.Google Scholar
- Richard H. Thaler and Cass R. Sunstein. 2003. Libertarian Paternalism. American Economic Review 93, 2 (May 2003), 175–179. https://doi.org/10.1257/000282803321947001Google ScholarCross Ref
- Jeroen van den Hoven, Martijn Blaauw, Wolter Pieters, and Martijn Warnier. 2020. Privacy and Information Technology. In The Stanford Encyclopedia of Philosophy (summer 2020 ed.), Edward N. Zalta (Ed.). Metaphysics Research Lab, Stanford University.Google Scholar
- Robin Wakefield. 2013. The Influence of User Affect in Online Information Disclosure. Journal of Strategic Information Systems 22, 2 (2013), 157–174. https://doi.org/10.1016/j.jsis.2013.01.003Google ScholarDigital Library
- Yang Wang, Pedro Giovanni Leon, Alessandro Acquisti, Lorrie Faith Cranor, Alain Forget, and Norman Sadeh. 2014. A Field Trial of Privacy Nudges for Facebook. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems. ACM, Toronto Ontario Canada, 2367–2376. https://doi.org/10.1145/2556288.2557413Google ScholarDigital Library
Index Terms
- I do. Do I? – Understanding User Perspectives on the Privacy Paradox
Recommendations
Perspectives on privacy in the use of online systems
HCI '16: Proceedings of the 30th International BCS Human Computer Interaction Conference: Companion VolumeHuman-Computer Interaction looks to better understand the relationship between people and computers. Our work considers this relationship in the context of privacy and the privacy expectations users have when using online systems. While many surveys ...
Unveiling consumers' privacy paradox behaviour in an economic exchange
Privacy paradox is of great interest to IS researchers and firms gathering personal information. It has been studied from social, behavioural, and economic perspectives independently. However, prior research has not examined the degrees of influence ...
Privacy attitudes and privacy behaviour
Do people really care about their privacy? Surveys show that privacy is a primary concern for citizens in the digital age. On the other hand, individuals reveal personal information for relatively small rewards, often just for drawing the attention of ...
Comments