In addition, we found that functionality is the most important part
of an application for many users, although it is not the only factor
they use to make a decision. Regardless of the bundled content,
users will often install the application if they believe the utility is
high enough.
It may be tempting to interpret our results to claim that users do
not care about privacy, especially when the utility of a software
application is high for a particular user. However, we discovered
that privacy and security become important factors when choosing
between two applications with similar functionality. Given two
similar programs (e.g., KaZaA and Edonkey), consumers will
choose the one they believe to be less invasive and more stable.
We also found that providing vague information in EULAs and
short notices can create an unwarranted impression of increased
security. This places increased importance on the accuracy and
presentation of the information that users consult to make their
installation decisions. In these cases, it may be helpful to have a
standardized format for assessing the possible options and trade-
offs between applications.
7. FUTURE WORK
In future work, we will experiment with other mechanisms to
inform and provide transparency to users. We plan to perform a
more controlled experiment on notice, for example, by removing
the influence of brand recognition. Our ecological study provides
a foundation on which to base such complementary research. One
further approach is to investigate the use of trusted third parties to
provide notice information to consumers. Another area of
research is to explore the trade-offs between software features and
privacy preferences.
8. ACKNOWLEDGMENTS
We would like to thank our study participants, UC Berkeley’s
Haas School of Business X-lab for use of their facilities, the
School of Information Management and Systems for providing
equipment and support, and the Samuelson Law, Technology, and
Public Policy Clinic for funding our research. We thank Nicolas
Christin and Jack Lerner for many helpful suggestions.
9. REFERENCES
[1] Abrams, M., Eisenhauer, M. and Sotto, L. (2004) “Response to the
FTC request for public comments in the Advance Notice of
Proposed Rulemaking on Alternative Forms of Privacy Notices
under the Gramm-Leach-Bliley Act”, Center for Information Policy
Leadership, March 2004. Available at:
http://www.hunton.com/files/tbl_s47Details/FileUpload265/685/CIP
L_Notices_ANPR_Comments_3.29.04.pdf
[2] Ackerman, M., and Cranor, L. (1999) “Privacy Critics: UI
components to safeguard users' privacy,” Proceedings of CHI '99,
extended abstracts.
[3] Acquisti, A. and Grossklags, J. (2005) Privacy and Rationality in
Individual Decision Making, IEEE Security and Privacy, IEEE
Computer Society, Vol. 3, No. 1, January/February 2005, pp. 26-33.
[4] Acquisti, A. and Grossklags, J. (2005) “Uncertainty, Ambiguity and
Privacy,” Fourth Annual Workshop Economics and Information
Security (WEIS 2005), MA, 2-3 June, 2005.
[5] AOL/NSCA Online Safety Study, America Online and National
Cyber Security Alliance, October 2004. Available at:
http://www.staysafeonline.info/news/safety_study_v04.pdf
[6] Bartram, L., Ware, C., Calvert, T., (2003) “Moticons: detection,
distraction and task”, International Journal of Human-Computer
Studies 58: 515-545, Issue 5 (May 2003).
[7] Berthold, O., Köhntopp, M. (2000) “Identity Management based on
P3P”, in: Federrath, H. “Designing Privacy Enhancing
Technologies”, Proceedings of the Workshop on Design Issues in
Anonymity and Unobservability, Springer, pp. 141-160.
[8] Cranor, L., Reagle, J., and Ackerman, M. (1999) "Beyond Concern:
Understanding Net Users' Attitudes About Online Privacy”, AT&T
Labs-Research, April, 1999.
[9] Dourish, P. and Redmiles, D. (2002) "An approach to usable security
based on event monitoring and visualization,” Proceedings of the
2002 workshop on New security paradigms, September 2002.
[10] Earthlink (2005) “Results complied from Webroot's and EarthLink's
Spy Audit programs”. Available at:
http://www.earthlink.net/spyaudit/press/ (last accessed February 25,
2005)
[11] Gilbert, D., Morewedge, C., Risen, J. and Wilson, T. (2004)
“Looking Forward to Looking Backward: The Misprediction of
Regret”, Psychological Science, Vol. 15, No. 5, pp. 346-350.
[12] Good, N.S., Krekelberg, A.J. (2003) “Usability and Privacy: A study
of Kazaa P2P file-sharing”, in: Proceedings of CHI 2003.
[13] HIPAA Highlights Privacy Notice, Press Release, Center for
Information Policy Leadership, Hunton and Williams
http://www.hunton.com/news/news.aspx?nws_pg=7&gen_H4ID=10
102
(last accessed May 24, 2005)
[14] Bettman, J.R., Payne, J.W. and Staelin, R. (1986) “Cognitive
Considerations in Designing Effective Labels for Presenting Risk
Information,” J. Pub. Pol’y & Marketing, 5, pp. 1-28.
[15] Jensen, C. and Potts, C. (2004) “Privacy policies as decision-making
tools: an evaluation of online privacy notices”, in: Proceedings of
ACM CHI 2004, Vienna, Austria, pages 471-478.
[16] PC Pitstop (2005) “It pays to read EULAs.” Available at
http://www.pcpitstop.com/spycheck/eula.asp (last accessed May 24,
2005)
[17] Platform for Privacy Preferences Project (P3P).
http://www.w3.org/P3P/
[18] Spiekermann, S., Grossklags, J. and Berendt, B. (2001) “E-privacy
in 2nd generation E-Commerce: privacy preferences versus actual
behavior”, in: Proceedings of the Third ACM Conference on
Electronic Commerce, Association for Computing Machinery (ACM
EC'01), Tampa, Florida, US, pp. 38-47.
[19] Trafton, J. G., Altmann, E. M., Brock, D. P., Mintz, F. E. (2003).
“Preparing to resume an interrupted task: effects of prospective goal
encoding and retrospective rehearsal”, International Journal of
Human-Computer Studies 58: 583-603.
[20] Van Dantzich, M., Robbins, D., Horvitz, E. and Czerwinski, M.
(2002) “Scope: Providing awareness of multiple notifications at a
glance”, in: Proceedings of Advanced Visual Interfaces 2002,
Trento, Italy.
[21] Wired. “Spyware on My Machine? So
What?”:http://www.wired.com/news/technology/0,1282,65906,0
0.html
10