Fariborz Farahmand, Joshua Ripple, M. Atallah, R. Dillon-Merrill
{"title":"Security and privacy risks in electronic communications: A user's assessment","authors":"Fariborz Farahmand, Joshua Ripple, M. Atallah, R. Dillon-Merrill","doi":"10.1109/UEMCON.2017.8249009","DOIUrl":null,"url":null,"abstract":"Most research today in electronic communications focuses on developing new technologies and “best practices” to enhance security and privacy. However, these technologies and best-practice codes are all too often not used, and in this failure the users are often their own worst enemies. It is thus important to develop an enhanced understanding of why users indicate concern about security and privacy, but when given the opportunity act contrary to their stated intention. We collect data from 435 participants about 24 electronic activities with a survey and a mixed effects model. We find a significant inverse relationship between their assessed risk and benefit (recognizing that the particular technology matters where some technologies are inherently perceived as more risky than others). This significant inverse relationship represents a departure from decision theories that assume purely cognitive information processing, and the separation of the probabilities and the utilities. We shed light on the role of affect, which commonly competes with cognition, and works as an orienting mechanism in security and privacy behaviors, and discuss business and policy implications of our findings.","PeriodicalId":403890,"journal":{"name":"2017 IEEE 8th Annual Ubiquitous Computing, Electronics and Mobile Communication Conference (UEMCON)","volume":"42 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 IEEE 8th Annual Ubiquitous Computing, Electronics and Mobile Communication Conference (UEMCON)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/UEMCON.2017.8249009","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
Most research today in electronic communications focuses on developing new technologies and “best practices” to enhance security and privacy. However, these technologies and best-practice codes are all too often not used, and in this failure the users are often their own worst enemies. It is thus important to develop an enhanced understanding of why users indicate concern about security and privacy, but when given the opportunity act contrary to their stated intention. We collect data from 435 participants about 24 electronic activities with a survey and a mixed effects model. We find a significant inverse relationship between their assessed risk and benefit (recognizing that the particular technology matters where some technologies are inherently perceived as more risky than others). This significant inverse relationship represents a departure from decision theories that assume purely cognitive information processing, and the separation of the probabilities and the utilities. We shed light on the role of affect, which commonly competes with cognition, and works as an orienting mechanism in security and privacy behaviors, and discuss business and policy implications of our findings.