Dis-Empowerment Online: An Investigation of Privacy-Sharing Perceptions Method Preferences

03/19/2020
by   Kovila P. L. Coopamootoo, et al.
Newcastle University
0

While it is often claimed that users are empowered via online technologies, there is also a general feeling of privacy dis-empowerment. We investigate the perception of privacy and sharing empowerment online, as well as the use of privacy technologies, via a cross-national online study with N=907 participants. We find that perception of privacy empowerment differs from that of sharing across dimensions of meaningfulness, competence and choice. We find similarities and differences in privacy method preference between the US, UK and Germany. We also find that non-technology methods of privacy protection are among the most preferred methods, while more advanced and standalone privacy technologies are least preferred.. By mapping the perception of privacy dis-empowerment into patterns of privacy behavior online, and clarifying the similarities and distinctions in privacy technology use, this paper provides an important foundation for future research and the design of privacy technologies. The findings may be used across disciplines to develop more user-centric privacy technologies, that support and enable the user.

READ FULL TEXT VIEW PDF
POST COMMENT

Comments

There are no comments yet.

Authors

page 1

page 2

page 3

page 4

09/22/2020

Usage Patterns of Privacy-Enhancing Technologies

The steady reports of privacy invasions online paints a picture of the I...
09/22/2019

From Data Disclosure to Privacy Nudges: A Privacy-aware and User-centric Personal Data Management Framework

Although there are privacy-enhancing tools designed to protect users' on...
07/23/2021

User Perception of Privacy with Ubiquitous Devices

Privacy is important for all individuals in everyday life. With emerging...
10/27/2020

Revolutionizing Medical Data Sharing Using Advanced Privacy Enhancing Technologies: Technical, Legal and Ethical Synthesis

Multisite medical data sharing is critical in modern clinical practice a...
11/24/2021

The Evolving Path of "the Right to Be Left Alone" - When Privacy Meets Technology

This paper deals with the hot, evergreen topic of the relationship betwe...
12/10/2018

The Effectiveness of Privacy Enhancing Technologies against Fingerprinting

We measure how effective Privacy Enhancing Technologies (PETs) are at pr...
10/19/2020

Saudi Arabian Parents' Perception of Online Marital Matchmaking Technologies

Finding a date or a spouse online is usually considered an individualist...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.

1 Introduction

The internet is often seen as an empowering environment for consumers impacting personal, interpersonal, group and citizen-wide dynamics [amichai2008empowerment, fuglsang2005and], and enabling consumer influence on product design, choice and decisions [fuller2009consumer], as well as co-creation [wathieu2002consumer]. However, the indiscriminate amount of information collected for this purpose is also seen to come with privacy-, identity- and empowerment-related issues [15].

Indeed, today’s data-intensive web is characterized with mass sharing, collection, aggregation, mining and selling of individuals’ data. It enables the provisioning of customised services but unfortunately also engenders targeted advertising [chandramouli2013real], digital discrimination [edelman2014digital], privacy invasive algorithmic computations [forbes2019], and a general fuzzyness about privacy rights online. Various high profile cases involving mass unauthorised transfer and use of sensitive data have been reported in the recent years, including influencing voters via social media [garrett2019social], top health websites’ are sharing sensitive data with advertisers, including Google and Facebook [murgia2019how] as investigated by the Financial Times, and period apps’ (such as Maya and MIA) extensive sharing of sensitive personal data pertaining to women’s health with third parties, including Facebook as found by Privacy International [privacyint2019nobodys].

Although the internet is often seen as an empowering environment for consumers, the indiscriminate amount of information collected in today’s data-intensive web, characterized with mass sharing, collection, aggregation, mining and selling of individuals’ data, is also seen to come with privacy-, identity- and empowerment-related issues [15].

Internet users often express discomfort with the data collection that enables personalization, and a large portion takes some kind of action such as clearing cookies and browsing history [18]. However, the methods employed by individuals may not be enough to protect one’s privacy, because, as example, a particular web browser on a specific machine comprises a unique fingerprint that can be traced by web servers across the web, and this information in conveyed through headers that are automatically exchanged by every web browser and web server behind the scenes [14].

In general, privacy experts perceive an overall sense of privacy dis-empowerment online [6]. The perception of privacy dis-empowerment has mainly been attributed to business models and the social web that favour sharing and data analytics, to privacy of personal content [12, 17]. Other reasons include human challenges to the adoption of privacy technologies, and human-computer mismatches. We posit that privacy dis-empowerment is evidenced in the failure to use privacy technologies [1, 10].

When individuals share online, they are willing to take a number of steps towards social or interpersonal privacy for data shared as part of social interactions. These include the use of privacy settings for boundary regulation, as well as coping strategies to reduce emotional distress from privacy loss [wisniewski2012fighting], such as blocking others, creating multiple profiles, censoring themselves, untagging and offline negotiations [stutzman2012boundary].

Yet, individuals may not perceive the connection between social and informational privacy, where strategies such as specifying privacy settings or having multiple profiles do not support better control over informational privacy, because the architectures and algorithms that collect data and make inferences are mostly invisible to users [de2005two]. Privacy protection is therefore perceived to be a ‘losing game’ for individuals as more and more data about them is being generated faster and faster from more and more devices [kerry2019why].

Use of privacy technologies is thought to be moderated by user perception of technology. In particular, perceived usefulness and effectiveness do not match the technology’s offering, and users exhibit poor trust in the technology [1, 3, 10], and in-correct mental models [1]. However, individuals are likely impacted by their own self-perception, in addition to their perception of the technology. As a result, they likely engage with some privacy technologies more than others, employ privacy technologies in a certain way, or develop non-technology methods of protection.

Contributions: In this paper, we seek to better understand how the perception of privacy (dis)-empowerment is mapped out into patterns of privacy behavior online. We employ a quantitative method as we investigate how individuals protect their privacy from others - whether individual others or organisations - in particular what privacy methods they use. We investigate the link between perception of dis-empowerment and behavior across 40+ privacy methods elicited from users themselves. The paper makes the following contributions: (1) We provide a cross-national report of users’ perception of empowerment. (2) We find that individuals use privacy methods on average, where to of the topmost preferred methods are non-technology methods that are reported to be used by to of the surveyed participants. (4) We find that the use of an additional privacy method is only likely with an increase in perceived competency of -points and perceived meaningfulness of -points on a visual analogue scale. Men use approximately more privacy method than women. (3) We identify similarities and differences in privacy and sharing method preferences between the three countries.

This paper therefore provides valuable insights into individuals’ methods of protecting their privacy online, that includes both non-technology methods and the use of privacy technologies. This helps to ground the perceptions of privacy dis-empowerment into behavior patterns. The paper also helps to identify privacy technologies that appear to be more accessible to users.

Outline: In the rest of the paper, provide the aim and method of our study, followed by the results and a discussion, and conclusion.

2 Aim

Our research aim is to compare privacy and sharing empowerment perceptions and to map perceptions of privacy dis-empowerment onto usage of privacy and sharing methods. We do so via the research questions below.

Figure 1: Research Summary.

2.1 Privacy vs Sharing Empowerment

Thomas & Velthouse [21] defined Psychological Empowerment as increased intrinsic task motivation and proposed a theoretical model with four perceptions or cognitions, namely perception of impact, competence, meaningfulness, and choice [21]. The model captures individuals’ interpretive processes via which they assess the actions they engage in. Compared to other psychological empowerment models, Thomas & Velthouse’s model focuses on intrinsic motivation and involves positively valued experiences that individuals derive directly from a task, and impact behavior.

With the power imbalance between online users and others (including more able other individuals perceived as threatening and organisations), individuals likely perceive privacy and sharing empowerment differently online. We investigate as RQ1, “How do individuals’ perception of privacy and sharing empowerment differ?” via the hypotheses:
:There is no difference in individuals’ perception of privacy and sharing empowerment.
:There is a significant difference in individuals’ perception of privacy and sharing empowerment.

2.2 Privacy & Sharing Methods, Similarties & Differences

We investigate as RQ2, “What methods are mostly used to protect one’s privacy and to share information online?” and RQ3, “How similar are individuals’ [privacy/sharing] methods usage and preference? What patterns of use emerge? Are there similarities or differences between countries?”

3 Method

We conduct two survey studies online via an evidence-based method [7, 8]. The first study is mainly aimed at identifying a preferred list of privacy methods. The second and main study employs the compiled list of methods to query a representative sample of participants about their use of the range of privacy methods identified.

The studies have a within subject design, where participants answered both the privacy and sharing empowerment questions. We compared privacy and sharing empowerment for each participant. However, we compared preferred privacy and sharing methods between countries, thereby including a between-subject analysis. We randomly assigned participants to answer either the privacy or sharing empowerment questions first.

We conduct a first study with participants, querying participants about empowerment perception and their preferred list of privacy and sharing methods. We compile lists of preferred privacy and sharing methods. Using these lists, we design and run a second study with a representative sample with participants. We ask participants to select their preferences from the lists provided.

3.1 Participants

With their advanced digital economies, Europe and the USA may be considered drivers of protection technology around the globe. However, Europe versus the US differ in privacy regulation [pwc2016data] and individuals’ privacy protection culture.

3.1.1 Recruitment

For the first study, we sampled participants, comprising US participants, UK participants and German (DE) participants. The US sample was recruited from population of Amazon Mechanical Turk workers, while the UK and DE sample were from Prolific Academic. The data quality of Prolific Academic is comparable to Amazon Mechanical Turk’s, with good reproducibility [16].

For the second study, we recruited an sample from the US, UK and DE via Prolific Academic. The sample was representative of age, gender and ethnicity demographics of the UK and US countries, as provided by Prolific Academic. For the DE sample, we did not achieve a representative sample in terms of gender and age. While we use that sample to investigate our research questions, we foresee extending to representative samples of other countries in the future.

The studies lasted between to minutes. Participants were compensated at a rate of £ per hour, slightly above the minimum rate of £ per hour suggested by Prolific Academic.

3.1.2 Demographics

Table 1 provides a summary of the demographic details for the two studies, with sample size , mean age, gender, education level and ethnicity. of the German sample had an education level lower than high school for the first study and for the second study. For the second study, UK participants reported to have a PhD, for the US and for DE.

Country Mean Age Gender %Education Level % Ethnicity
#Female #Male HighSchool College Undergrad Masters/PhD White Black Asian Mixed Other
First Study US 24.1 31.0 36.2 8.6 82.8 5.2 5.1 5.2 1.7
UK 22.6 19.4 41.9 16.1 88.7 3.2 3.2 4.8 -
DE 30.0 13.3 28.3 21.7 96.7 - - 3.3 -
Second Study US 303 43.72 155 148 39.9 22.1 20.1 14.2 69.3 14.9 8.9 4.3 2.6
UK 303 44.21 154 149 26.7 17.5 32.0 18.5 77.6 5.3 10.9 4.3 2.0
DE 301 28.91 115 186 31.2 15.6 28.6 23.6 93.0 0.7 1.9 3.7 0.7

Table 1: Participant Characteristics

3.2 Procedure

The aim of the first study was to identify and compile a list of privacy and sharing methods preference. We did so via an open-ended question and across three countries. The first study consisted of (a) a questionnaire on demographics, (b) a description of privacy online, and the four psychological empowerment questions, (c) an open-ended query to list three to five tools most often employed to achieve the purpose of privacy online, (d) a description of sharing online, and the four psychological empowerment questions, (e) an open-ended query to list three to five tools most often employed to achieve the purpose of sharing online.

The second study followed the same format of the first study, except that we changed the open-ended queries of the first study to close-ended privacy and sharing methods questions, for participants to select the methods they mostly use from the whole list provided. We also shifted to a larger sample for the three countries.

We defined privacy and sharing for the two studies, thereby focusing participants to a specific meaning. We developed the definition of [privacy/sharing] online with inputs from Coopamootoo & Groß’s findings of the cognitive content of individuals’ [privacy/sharing] attitude [9]. In particular, privacy attitude has contents of ‘others as individuals or organisations who pose a threat, while sharing attitude includes ‘others as connections including friends, family’.

We defined privacy online as “to control access to information that are sensitive or personal, to be informed of other individual and business practices such as collection, processing and use of personal information disclosed, and to have the choice on disclosure and how one’s information is dealt with.” We defined Sharing online as “to create content and share with other web users (such as sharing one’s opinion or expertise) and also to share personal information or life events with close connections, friends and family.” We provide a summary of the procedure in Figure 2.

Figure 2: Experiment design including user study, expert evaluation and subsequent analyses.

3.3 Measurement Apparatus

3.3.1 Perception of Psychological Empowerment

Measures of psychological empowerment have mainly been employed within management and social science research [20, 13]. In particular, Spreitzer proposed a four-factor scale based on Thomas & Velthouse’s conceptualization [21]. The scale has been widely applied in the context of organizational management [20]. It has also been evaluated for construct validity [11]. In addition, Spreitzer’s formulation was observed as seminal to research on psychological empowerment [19]. However, so far, sparse application appear in relation to technology, such as Van Dyke et al.’s measure of consumer privacy empowerment in E-Commerce [22].

The Psychological Empowerment Scale consists of -items focused on the four dimensions of empowerment defined by Thomas & Velthouse [21], in particular areas of (1) meaning, (2) competence, (3) self-determination/choice, and (4) impact. Whereas Van Dyke et al. apply these four dimensions to the notice, choice and access concepts to then develop four perceived privacy empowerment items [22], we directly adapted Spreitzer’s scale [20] for online [privacy/sharing] activities. We used the four cognitions of the model to create a task assessment questionnaire directed towards the purpose of either privacy or sharing online.

We set the [privacy/sharing] questions as follows:
‘Purpose’ refers to that of achieving [privacy/sharing] online as detailed above.
‘Actions’ are those that one would take with the aim to accomplish that purpose, that is [privacy/sharing] online.
Please provide your responses on the scale from 1 to 100.

(1) How do you perceive the impact of the actions you have taken online in the past to accomplish the purpose detailed above?
(2) How do you perceive your skills to successfully achieve the purpose detailed above?
(3) To what extent is the purpose detailed above meaningful to you?
(4) How do you perceive your choice to determine what actions to take to successfully accomplish the purpose detailed above?

We used a Visual Analogue Scale (VAS) [23] with boundaries from to . The minimum value was set to ‘no impact at all’, ‘not skilled at all’, ‘not meaningful at all’ or ‘I have no choice at all’, pertainig to the four questions above. The maximum value was set to very ‘big impact’, ‘very skillful’, ‘very meaningful” or ‘I have lots of choices.

Compared to Likert-type scales which have coarse-grained discrete measurement data produced by only three to seven categories, the line continuum of a VAS enables the rater to make more fine-grained responses [4]. This aspect of VAS helps to avoid the systematic bias of values resulting from scale coarseness [2] and facilitates collection of measurement data with higher variability, which theoretically enhances their reliability [5].

3.3.2 Privacy & Sharing Behavior

We queried participants on the individual privacy and sharing methods they most often use, eliciting participants’ own methods via open-ended question in the first study and requesting preference report from the compiled list in the second study. In the second study, we asked participants to rate the list of privacy and sharing methods provided with whether they use them ‘very often’ or ‘very rarely/not at all’.

In addition, we compute privacy behavior as the total number of different methods participants employ to protect their privacy online.

4 Results

4.1 Empowerment Perception

We investigate RQ1 with respect to the US, UK and DE samples in the second study, “How do individuals’ perception of privacy versus sharing empowerment differ?” We conduct a paired-samples -test for privacy and sharing for each of the four cognitions for the three countries. We summarize the differences in perception of privacy and sharing empowerment cognitions in Table 2 below.

Assessment Component Difference CI
LL UL
United States
Meaningfulness ***
Competency ***
Choice ***
Impact
United Kingdom
Meaningfulness ***
Competence ***
Choice ***
Impact
Germany
Meaningfulness ***
Competence **
Choice ***
Impact *

CI

refers to the Confidence Interval, LL to the Lower Limit, UL to the Upper Limit.


Table 2: Task Assessment Differences between Privacy Activities & Sharing Activities

4.2 Privacy & Sharing Methods

We provide the full list of privacy methods compiled in the first study in Table 3, with the sample. This list of privacy methods was then used to query participants in the second study. We loosely categorise the privacy methods into four possible protection categories, namely (1) anonymity (ANO), (2) browsing history and tracking prevention (BHP), (3) communication privacy & filtering (COP), and (4) preventing leaking and stealing of data (PLS).

We also compile participants’ responses of to most used sharing methods in the first study. We end up with sharing methods coded across the three countries. We categorize the sharing methods across five themes, as shown in Table 4. The ‘Community’ theme includes social networks or community sharing. With respect to Facebook, some participants referred to Facebook in general, while others specified updates or photos. The ‘Messaging’ theme includes email and instant messaging methods, referring to a particular tool or instant messaging in general. The other sharing themes are ‘Photos’, ‘File-Sharing’ and ‘Streaming’.

The rest of the results section pertains to the second and main study.

Privacy Protection Built-in Standalone User-Defined
Anonymity Encryption Erasery Not Store Info
Clear/Delete info/history TOR Anonymous profile names
Pseudonyms/Onion Proxy NotGivePI / LimitSharing / MinimalInfo
IPHider Several/Bogus / LimitedUse Emails
Virtual machine Fake Info
Limit Use of SNS Accounts
SwitchOffCamera/Devices/PortableHD
No Access Acc In Public Place/Networks
Not use FB
Not Engaging Online/Careful/Not Signing Up
Private Browsing/incognito DuckDuckGo
Browsing History & Anti-tracking addon Ghostery
Tracking Prevention No location tracking NoScript
Clear/Limit cookies
Communication & Adblock Firewall
Filtering HTTPS VPN
Privacy settings Password manager Not save or reuse password
Prevent Leaking & Opt out Paypal Read terms of service
Stealing of Data Private profiles Anti-spyware Request data collected, GDPR
Anti-malware no newsletter, think twice
Kapersky Website care/No suspicious sites
Table 3: Privacy Methods Categorised by Design Type and Privacy Protection.
Community Photos Messaging File-Sharing Streaming
Discord Facebook photos Email box.com Twitch
Facebook Flickr Facebook messenger cloud Vimeo
Facebook updates Google photos Instant messaging dropbox YouTube
Forums iCloud photos Telegram FTP
Google hangouts Instagram WhatsApp Google Drive
LinkedIn Social network photos Microsoft OneDrive
News site comments Pinterest
Personal blog Photo blog
Reddit Snapchat
Skype
Slack
Social networks
Social network updates
Teamviewer
Tumblr
Twitter
Table 4: Sharing Methods Categorised by Theme.

We investigate RQ2 “What methods are mostly used to protect one’s privacy and to share information online?” How similar are individuals’ [privacy/sharing] methods usage and preference? What patterns of use emerge? Are there similarities or differences between countries?”

Table 5 shows a depiction of the top privacy methods preferences across the three countries, where we observe that of the privacy methods appear in the top most reported methods in all three countries. These methods are (1) privacy settings, (2) limit sharing, (3) website care, and (4) no newsletter.

In addition, we find privacy methods similarities in the top most reported methods for both the UK and US, methods similarities between the UK and DE, and methods similarities between the US and DE.

United States United Kingdom Germany
Method Design CAT Method Design CAT Method Design CAT
1 Website care UD PLS 1 Website care UD PLS 1 AdBlock BI COP
2 Privacy settings BI PLS 2 Limit Sharing UD ANO 2 Bogus Emails UD ANO
3 Limit Sharing UD ANO 3 Privacy settings BI PLS 3 Privacy settings BI PLS
4 Research before engaging UD ANO 4 Clear Info/History BI ANO 4 Limit Sharing UD ANO
5 Anti-Malware ST PLS 5 Paypal ST PLS 5 No Newsletter UD PLS
6 No Newsletter UD PLS 6 Research before engaging UD ANO 5 Paypal ST PLS
7 AdBlock BI COP 7 No Newsletter UD PLS 5 Website care UD PLS
8 Clear Info/History BI ANO 8 Firewall ST COP 5 Firewall ST COP
9 Clear/Limit Cookies BI BHP 9 Anti-Malware ST PLS 9 HTTPS BI COP
10 Not Access Accts in Public Place UD ANO 10 Not Access Accts in Public Place UD ANO 10 Pseudonyms BI ANO

BI, ST & UD refer to design type of built-in, standalone and user-defined respectively.
ANO, BHP, COP & PLS refer to privacy protection categories of anonymity, browsing history and tracking prevention, communication privacy & filtering, and preventing leaking & stealing of data respectively.

Table 5: Top 10 Privacy Methods by Country starting with most frequently mentioned

Table 6 shows a depiction of the top sharing methods preferences across the three countries, where we observe that of the sharing methods appear in the top of all three countries, and appear in the top most reported methods for both the US and the UK.

United States United Kingdom Germany
1 Email 1 Email 1 Email
2 Youtube 2 WhatsApp 2 WhatsApp
3 Google Drive 3 Facebook Messenger 3 YouTube
4 Facebook Messenger 4 YouTube 4 Reddit
5 Reddit 5 Instant Messaging 5 Instagram
6 Instant Messaging 6 Facebook updates & newsfeed 6 Google Drive
7 Forums 7 Google Drive 7 DropBox
8 Instagram 8 Instagram 8 Instant Messaging
9 Facebook updates & newsfeed 9 Twitter 9 Discord
10 Facebook photos 10 Facebook photos 10 Forums
10 Social network sites (exclu. FB)
10 Twitter

Table 6: Top 10 Sharing Methods by Country starting with most frequently mentioned

We investigate whether there is a difference in privacy method preference between countries. On average, participants reported to protect their privacy with different ways (, ). DE and US participants reported using and more privacy methods on average than UK participants respectively

We compute a Chi Square test on each of the privacy methods. We find that for privacy methods, there is a statistically significant association between privacy method employed and country of residence, after multiple comparisons correction, as detailed in Table 7 in the Appendix. The table shows both the percentage of participants within each country who listed the privacy method, as well as the percentage taken by each country for each listed method. It also shows the privacy protection category of the method.

In addition, the table provides a measure of association in privacy method preference across country of residence, with effect size Cramer depicting the magnitude of association between the privacy method and the country, where corresponds to a weak association, corresponds to a moderate association and corresponds to a strong association.

We investigate the second part of RQ-T1

with respect to sharing methods, that is, “Is there a difference in [sharing] method preference between the two countries?” We compute a Fisher Exact test on each of the

sharing methods. We find that for sharing methods, there is a statistically significant association between sharing method employed and country of residence, as detailed in Table LABEL:tab:differencessharing. A significantly higher number of participants from the US sample reported using Discord, forums, Google Drive, Google Hangout, Reddit, Tumblr, Twitch, Vimeo and YouTube compared to the UK sample. In addition, a higher number of participants from the UK sample reported using Facebook messenger, instant messenger in general and WhatsApp compared to the US sample. From the Cramer effect sizes, we find that the differences for Reddit and Twitch refer to medium effects where as that for WhatsApp refers to a strong effect. The rest of the methods with differences show a weak effect.

We therefore reject the null hypothesis

that “There is no difference in [sharing] methods preference between the two countries” for the sharing methods listed in Table LABEL:tab:differencessharing.

5 Discussion

Privacy vs Sharing Empowerment: That participants perceive privacy to be more meaningful than sharing across the three countries, yet perceive lower competency and choice with regards to privacy can be expected given the looming sense of privacy dis-empowerment online users are habituated to. However by providing statistical evidence from a relatively large representative sample, we demonstrate that privacy dis-empowerment is not just a passing or one-time feeling but is perceived across countries and demographics. This finding can contribute to explaining the privacy paradox, that although individuals are concerned about their privacy, their observed behavior differ, as they have poor perceptions of competency and choice.

In addition, although the internet is thought to empower individuals, we do not observe a positive difference in perceived sharing impact versus perceived privacy impact. This aspect requires further investigation in eliciting users’ understanding of the results of their sharing. Only DE shows a higher perceived impact for privacy.

5.1 Methods Preference & Behavior

DE and US participants reported using and more privacy methods on average than UK participants respectively, where although there are similarities in that items are among the top most used privacy methods in countries, they differ across methods. DE shows a higher use of methods, a higher portion of which are more technologically advanced PETs rather than simpler builtin PETs. This may indicate higher awareness of and skill to use PETs, as well as an outcome of privacy culture and regulation.

Among the similarities, we find that user-defined or non-technology methods (1) of being careful of websites, (2) to limit sharing, (3) research before engaging (2 out of 3 countries), (4) not subscribe to newsletters, and (5) not access accounts in public places appear in the most used methods in both countries. For the three countries, these non-technology methods made up to of the top most preferred privacy methods, while advanced, dedicated and standalone PETs such as Tor, Ghostery or NoScript are among the least used privacy methods. This demonstrates that users rely more on their own non-technology means to protect themselves than privacy technologies.

Questions can be raised for future research following these usage patterns. In particular, “what are reasons for reliance on non-technology methods rather than advanced PETs?”, “are users concerned enough and aware of PETs to use them?” , “how were their previous experience with PETs?”, “how can we encourage users to adopt more advanced and dedicated PETs?”

Privacy settings, clear information/history and anti-malware are also in the common topmost preferred methods. It will be valuable to further understand users’ perception of the effectiveness of these preferred methods, to investigate the human-computer interaction involved, as well as possibly find ways to offer technology alternatives.

There is also a similarity in most preferred sharing methods between the two countries. [……how do these compare with the most preferred privacy methods - UD and BI privacy settings & clear info/history are common in both countries. ……]

A higher number of US participants reported use compared to the UK with statistical significance for privacy methods, with the UK only reporting higher use for Paypal instead of online banking. […to discuss why US participants claim to use more privacy methods? …] However, overall the privacy methods differences between the two samples only range between to of participants.

For example, about more US () participants chose not to use Facebook as privacy method compared to the UK (32.7%), indicating that Americans may have responded slightly more to the abandon Facebook campaign (‘#DeleteFacebook’), following the Cambridge Analytica scandal [https://www.nytimes.com/2018/03/21/technology/users-abandon-facebook.html] in . However, in both countries participants use this approach as privacy method, for example, the UK reports a drop of Facebook users in summer  [https://www.telegraph.co.uk/technology/2019/07/06/exclusive-britons-abandon-facebook-usage-plummets-third/].

There is a statistical difference in preference for sharing method between the two countries, where the difference range between to participants, except for Reddit with more US participants and WhatsApp with more UK participants.

6 Conclusion

This paper provides an initial investigation of a mapping between perceived privacy dis-empowerment online and preferences for privacy and sharing methods, as well as offers a cross-national investigation. We identify a few non-technology privacy methods that are preferred over more advanced and standalone privacy-enhancing technologies. This raises questions for future research, in particular why individuals prefer methods that seem more accessible and integrated within non-privacy focused environments and non-technology methods, rather than more advanced and more technical privacy technologies.

References

  • [1] Abu-Salma, R., Sasse, M.A., Bonneau, J., Danilova, A., Naiakshina, A., Smith, M.: Obstacles to the adoption of secure communication tools. In: 2017 IEEE Symposium on Security and Privacy (SP). pp. 137–153. IEEE (2017)
  • [2] Aguinis, H., Pierce, C.A., Culpepper, S.A.: Scale coarseness as a methodological artifact: Correcting correlation coefficients attenuated from using coarse scales. Organizational Research Methods 12(4), 623–652 (2009)
  • [3] Benenson, Z., Girard, A., Krontiris, I.: User acceptance factors for anonymous credentials: An empirical investigation. In: WEIS (2015)
  • [4] Chimi, C.J., Russell, D.L.: The likert scale: A proposal for improvement using quasi-continuous variables. In: Information Systems Education Conference, Washington, DC. pp. 1–10 (2009)
  • [5] Cook, C., Heath, F., Thompson, R.L., Thompson, B.: Score reliability in webor internet-based surveys: Unnumbered graphic rating scales versus likert-type scales. Educational and Psychological Measurement 61(4), 697–706 (2001)
  • [6] Coopamootoo, K.P.: Towards empowering the human for privacy online. In: IFIP International Summer School on Privacy and Identity Management. pp. 67–80. Springer (2018)
  • [7] Coopamootoo, K.P., Groß, T.: Evidence-based methods for privacy and identity management. In: IFIP Privacy and Identity Management. Facing up to Next Steps. pp. 105–121. Springer (2016)
  • [8] Coopamootoo, K.P., Groß, T.: Cyber security & privacy experiments: A design & reporting toolset. In: Privacy and Identity Management. The Smart World Revolution. Springer (2017), under Publication at IFIP Privacy and Identity Management. The Smart World Revolution
  • [9] Coopamootoo, K.P., Groß, T.: Why privacy is all but forgotten - an empirical study of privacy and sharing attitude. Proceedings on Privacy Enhancing Technologies 4, 39–60 (2017)
  • [10] Harborth, D., Pape, S.: Examining technology use factors of privacy-enhancing technologies: the role of perceived anonymity and trust (2018)
  • [11] Kraimer, M.L., Seibert, S.E., Liden, R.C.: Psychological empowerment as a multidimensional construct: A test of construct validity. Educational and psychological measurement 59(1), 127–142 (1999)
  • [12] Mansell, R.: Empowerment and/or disempowerment: the politics of digital media. Popular Communication 12(4), 223–236 (2014)
  • [13] Menon, S.T.: Psychological empowerment: Definition, measurement, and validation. Canadian Journal of Behavioural Science/Revue canadienne des sciences du comportement 31(3),  161 (1999)
  • [14] Nikiforakis, N., Kapravelos, A., Joosen, W., Kruegel, C., Piessens, F., Vigna, G.: Cookieless monster: Exploring the ecosystem of web-based device fingerprinting. In: 2013 IEEE Symposium on Security and Privacy. pp. 541–555. IEEE (2013)
  • [15] O’Hara, K., Tuffield, M.M., Shadbolt, N.: Lifelogging: Privacy and empowerment with memories for life. Identity in the Information Society 1(1), 155–172 (2008)
  • [16] Peer, E., Brandimarte, L., Samat, S., Acquisti, A.: Beyond the turk: Alternative platforms for crowdsourcing behavioral research. Journal of Experimental Social Psychology 70, 153–163 (2017)
  • [17] Pierson, J.: Online privacy in social media: a conceptual exploration of empowerment and vulnerability. Communications & Strategies (88), 99–120 (2012)
  • [18] Rainie, L., Kiesler, S., Kang, R., Madden, M., Duggan, M., Brown, S., Dabbish, L.: Anonymity, privacy, and security online. Pew Research Center 5 (2013)
  • [19] Seibert, S.E., Wang, G., Courtright, S.H.: Antecedents and consequences of psychological and team empowerment in organizations: a meta-analytic review. (2011)
  • [20] Spreitzer, G.M.: Psychological empowerment in the workplace: Dimensions, measurement, and validation. Academy of management Journal 38(5), 1442–1465 (1995)
  • [21] Thomas, K.W., Velthouse, B.A.: Cognitive elements of empowerment: An interpretive model of intrinsic task motivation. Academy of management review 15(4), 666–681 (1990)
  • [22] Van Dyke, T.P., Midha, V., Nemati, H.: The effect of consumer privacy empowerment on trust and privacy concerns in e-commerce. Electronic Markets 17(1), 68–81 (2007)
  • [23] Wewers, M.E., Lowe, N.K.: A critical review of visual analogue scales in the measurement of clinical phenomena. Research in nursing & health 13(4), 227–236 (1990)

7 Appendix

Privacy Method CAT % Participants % in Country % in Method Cramer
US UK DE US UK DE
1 Pseudonyms ANO 53.1 47.2 36.6 76.1 29.6 23.0 47.4 101.087 .000 *** .334
2 Anonymous Profiles ANO 59.2 57.8 44.2 75.7 32.6 25.0 42.5 65.522 .000 *** .263
3 Have several emails ANO 72.5 70.6 60.4 86.7 32.5 27.8 39.7 53.343 .000 *** .243
4 NoScript BHP 15.9 12.9 6.9 27.9 27.1 14.6 58.3 52.823 .000 *** .241
5 Give fake info ANO 45.3 42.2 33.7 60.1 31.1 24.8 44.0 44.234 .000 *** .221
6 Adblock COP 76.5 77.6 65.0 87.0 33.9 28.4 37.8 41.045 .000 *** .213
7 VPN COP 37.7 32.7 28.4 52.2 28.9 25.1 45.9 41.250 .000 *** .213
8 HTTPS COP 68.1 69.0 56.8 78.7 33.8 27.8 38.3 33.724 .000 *** .193
9 TOR ANO 13.5 10.6 7.6 22.3 26.2 18.9 54.9 31.172 .000 *** .185
10 Virtual Machines ANO 13.8 12.2 6.9 22.3 29.6 16.8 53.6 30.803 .000 *** .184
11 Anti-tracking extension BHP 31.2 30.7 21.1 41.9 32.9 22.6 44.5 30.308 .000 *** .183
12 Not use Facebook ANO 43.0 43.2 32.7 53.2 33.6 25.4 41.0 25.857 .000 *** .169
13 Paypal instead of online banking PLS 74.6 66.3 74.6 83.1 29.7 33.4 36.9 22.302 .000 *** .157
14 Proxy ANO 26.7 22.1 21.5 36.5 27.7 26.9 45.5 22.438 .000 *** .157
15 Read terms of service PLS 44.2 50.8 48.5 33.2 38.4 36.7 24.9 22.385 .000 *** .157
16 Not access accts in public place ANO 66.7 73.9 69.3 56.8 37.0 34.7 28.3 21.308 .000 *** .153
17 Request data collected PLS 19.1 17.8 12.5 26.9 31.2 22.0 46.8 20.660 .000 *** .151
18 DuckDuckGo BHP 21.5 26.1 12.9 25.6 40.5 20.0 39.5 20.092 .000 *** .149
19 Ghostery BHP 11.8 10.2 6.9 18.3 29.0 19.6 51.4 19.739 .000 *** .148
20 Kapersky PLS 14.1 9.9 11.6 20.9 23.4 27.3 49.2 17.617 .000 *** .139
21 Firewall COP 74.9 69.6 71.9 83.1 31.1 32.1 36.8 16.504 .000 *** .135
22 Switch off camera ANO 34.7 68.0 56.8 69.4 35.1 29.3 35.6 12.743 .002 ** .119
23 Anti-spyware PLS 65.3 72.9 62.7 60.1 37.3 32.1 30.6 12.241 .002 ** .116

These differences are statistically significant under Bonferroni correction.
Effect size Cramer corresponds to a weak effect, corresponds to a moderate effect.

Table 7: Privacy Method Differences across Countries with Chi Square Test, sorted by effect size