Search

Your search keyword '"Cranor, Lorrie"' showing total 600 results
Start Over Author "Cranor, Lorrie"

Refine your results

more »

more »

more »

more »
600 results on '"Cranor, Lorrie"'

1. Conference Submission and Review Policies to Foster Responsible Computing Research

Author

Cranor, Lorrie, Hazelwood, Kim, Lopresti, Daniel, and Stent, Amanda

Subjects
Computer Science - Computers and Society
Abstract

This report by the CRA Working Group on Socially Responsible Computing outlines guidelines for ethical and responsible research practices in computing conferences. Key areas include avoiding harm, responsible vulnerability disclosure, ethics board review, obtaining consent, accurate reporting, managing financial conflicts of interest, and the use of generative AI. The report emphasizes the need for conference organizers to adopt clear policies to ensure responsible computing research and publication, highlighting the evolving nature of these guidelines as understanding and practices in the field advance., Comment: Computing Research Association (CRA)

Published
2024

2. Detection and Impact of Debit/Credit Card Fraud: Victims' Experiences

Author

Alashwali, Eman, Chandrashekar, Ragashree Mysuru, Lanyon, Mandy, and Cranor, Lorrie Faith

Subjects
Computer Science - Cryptography and Security
Abstract

It might be intuitive to expect that small or reimbursed financial loss resulting from credit or debit card fraud would have low or no financial impact on victims. However, little is known about the extent to which financial fraud impacts victims psychologically, how victims detect the fraud, which detection methods are most efficient, and how the fraud detection and reporting processes can be improved. To answer these questions, we conducted a 150-participant survey of debit/credit card fraud victims in the US. Our results show that significantly more participants reported that they were impacted psychologically than financially. However, we found no relationship between the amount of direct financial loss and psychological impact, suggesting that people are at risk of being psychologically impacted regardless of the amount lost to fraud. Despite the fact that bank or card issuer notifications were related to faster detection of fraud, more participants reported detecting the fraud after reviewing their card or account statements rather than from notifications. This suggests that notifications may be underutilized. Finally, we provide a set of recommendations distilled from victims' experiences to improve the debit/credit card fraud detection and reporting processes., Comment: This document is the author's manuscript for a paper to appear in Proceedings of the European Symposium on Usable Security (EuroUSEC), 2024

Published
2024

3. Recruiting Teenage Participants for an Online Security Experiment: A Case Study Using Peachjar

Author

Bouma-Sims, Elijah, Klucinec, Lily, Lanyon, Mandy, Cranor, Lorrie Faith, and Downs, Julie

Subjects
Computer Science - Human-Computer Interaction
Abstract

The recruitment of teenagers for usable privacy and security research is challenging, but essential. This case study presents our experience using the online flier distribution service Peachjar to recruit minor teenagers for an online security experiment. By distributing fliers to 90 K-12 schools, we recruited a diverse sample of 55 participants at an estimated cost per participant of $43.18. We discuss the benefits and drawbacks of Peachjar, concluding that it can facilitate the recruitment of a geographically diverse sample of teens for online studies, but it requires careful design to protect against spam and may be more expensive than other online methods. We conclude by proposing ways of using Peachjar more effectively., Comment: To be presented at the 9th Workshop on Inclusive Privacy and Security (WIPS 2024) at the Twentieth Symposium on Usable Privacy and Security (SOUPS 2024)

Published
2024

4. Work-From-Home and Privacy: What Do Workers Face and What are They Doing About it?

Author

Alashwali, Eman, Peca, Joanne, Lanyon, Mandy, and Cranor, Lorrie

Subjects
Computer Science - Human-Computer Interaction
Abstract

The COVID-19 pandemic has reshaped the way people work, normalizing the practice of working from home (WFH). However, WFH can cause a blurring of personal and professional boundaries, surfacing new privacy issues, especially when workers take work meetings from their homes. As WFH arrangements are now standard practice in many organizations, addressing the associated privacy concerns should be a key part of creating healthy work environments for workers. To this end, we conducted a scenario-based survey with 214 US-based workers who currently work from home regularly. Our results suggest that privacy invasions are commonly experienced while working from home and cause discomfort to many workers. However, only a minority said that the discomfort escalated to cause harm to them or others, and the harm was almost always psychological. While scenarios that restrict worker autonomy (prohibit turning off camera or microphone) are the least experienced scenarios, they are associated with the highest reported discomfort. In addition, participants reported measures that violated or would violate their employer's autonomy-restricting rules to protect their privacy. We also find that conference tool settings that can prevent privacy invasions are not widely used compared to manual privacy-protective measures. Our findings provide better understanding of the privacy challenges landscape that WFH workers face and how they address them. Furthermore, our discussion raised open questions that can inspire future work., Comment: This document is the author's manuscript for a paper under review

Published
2024

5. What Do Privacy Advertisements Communicate to Consumers?

Author

Shen, Xiaoxin, Alashwali, Eman, and Cranor, Lorrie Faith

Subjects
Computer Science - Cryptography and Security, Computer Science - Computers and Society, Computer Science - Human-Computer Interaction
Abstract

When companies release marketing materials aimed at promoting their privacy practices or highlighting specific privacy features, what do they actually communicate to consumers? In this paper, we explore the impact of privacy marketing on: (1) consumers' attitudes toward the organizations providing the campaigns, (2) overall privacy awareness, and (3) the actionability of suggested privacy advice. To this end, we investigated the impact of four privacy advertising videos and one privacy game published by five different technology companies. We conducted 24 semi-structured interviews with participants randomly assigned to view one or two of the videos or play the game. Our findings suggest that awareness of privacy features can contribute to positive perceptions of a company or its products. The ads we tested were more successful in communicating the advertised privacy features than the game we tested. We observed that advertising a single privacy feature using a single metaphor in a short ad increased awareness of the advertised feature. The game failed to communicate privacy features or motivate study participants to use the features. Our results also suggest that privacy campaigns can be useful for raising awareness about privacy features and improving brand image, but may not be the most effective way to teach viewers how to use privacy features., Comment: This document is the author's manuscript for a paper appeared at the Proceedings on Privacy Enhancing Technologies 2024(4)

Published
2024

6. Matcha: An IDE Plugin for Creating Accurate Privacy Nutrition Labels

Author

Li, Tianshi, Cranor, Lorrie Faith, Agarwal, Yuvraj, and Hong, Jason I.

Subjects
Computer Science - Human-Computer Interaction, Computer Science - Cryptography and Security
Abstract

Apple and Google introduced their versions of privacy nutrition labels to the mobile app stores to better inform users of the apps' data practices. However, these labels are self-reported by developers and have been found to contain many inaccuracies due to misunderstandings of the label taxonomy. In this work, we present Matcha, an IDE plugin that uses automated code analysis to help developers create accurate Google Play data safety labels. Developers can benefit from Matcha's ability to detect user data accesses and transmissions while staying in control of the generated label by adding custom Java annotations and modifying an auto-generated XML specification. Our evaluation with 12 developers showed that Matcha helped our participants improved the accuracy of a label they created with Google's official tool for a real-world app they developed. We found that participants preferred Matcha for its accuracy benefits. Drawing on Matcha, we discuss general design recommendations for developer tools used to create accurate standardized privacy notices., Comment: 38 pages

Published
2024
Full Text
View/download PDF

7. Data Safety vs. App Privacy: Comparing the Usability of Android and iOS Privacy Labels

Author

Lin, Yanzi, Juneja, Jaideep, Birrell, Eleanor, and Cranor, Lorrie Faith

Subjects
Computer Science - Human-Computer Interaction
Abstract

Privacy labels -- standardized, compact representations of data collection and data use practices -- are often presented as a solution to the shortcomings of privacy policies. Apple introduced mandatory privacy labels for apps in its App Store in December 2020; Google introduced mandatory labels for Android apps in July 2022. iOS app privacy labels have been evaluated and critiqued in prior work. In this work, we evaluated Android Data Safety Labels and explored how differences between the two label designs impact user comprehension and label utility. We conducted a between-subjects, semi-structured interview study with 12 Android users and 12 iOS users. While some users found Android Data Safety Labels informative and helpful, other users found them too vague. Compared to iOS App Privacy Labels, Android users found the distinction between data collection groups more intuitive and found explicit inclusion of omitted data collection groups more salient. However, some users expressed skepticism regarding elided information about collected data type categories. Most users missed critical information due to not expanding the accordion interface, and they were surprised by collection practices excluded from Android's definitions. Our findings also revealed that Android users generally appreciated information about security practices included in the labels, and iOS users wanted that information added., Comment: This paper has been accepted to Privacy Enhancing Technologies Symposium (PETS) 2024

Published
2023

8. User Experiences with Third-Party SIM Cards and ID Registration in Kenya and Tanzania

Author

Luhanga, Edith, Sowon, Karen, Cranor, Lorrie Faith, Fanti, Giulia, Tucker, Conrad, and Gueye, Assane

Subjects
Computer Science - Human-Computer Interaction
Abstract

Mobile money services in Sub-Saharan Africa (SSA) have increased access to financial services. To ensure proper identification of users, countries have put in place Know-Your-Customer (KYC) measures such as SIM registration using an official identification. However, half of the 850 million people without IDs globally live in SSA, and the use of SIM cards registered in another person's name (third-party SIM) is prevalent. In this study, we explore challenges that contribute to and arise from the use of third-party SIM cards. We interviewed 36 participants in Kenya and Tanzania. Our results highlight great strides in ID accessibility, but also highlight numerous institutional and social factors that contribute to the use of third-party SIM cards. While privacy concerns contribute to the use of third-party SIM cards, third-party SIM card users are exposed to significant security and privacy risks, including scams, financial loss, and wrongful arrest.

Published
2023

9. The Role of User-Agent Interactions on Mobile Money Practices in Kenya and Tanzania

Author

Sowon, Karen, Luhanga, Edith, Cranor, Lorrie Faith, Fanti, Giulia, Tucker, Conrad, and Gueye, Assane

Subjects
Computer Science - Human-Computer Interaction, H.1.2
Abstract

Digital financial services have catalyzed financial inclusion in Africa. Commonly implemented as a mobile wallet service referred to as mobile money (MoMo), the technology provides enormous benefits to its users, some of whom have long been unbanked. While the benefits of mobile money services have largely been documented, the challenges that arise -- especially in the interactions between human stakeholders -- remain relatively unexplored. In this study, we investigate the practices of mobile money users in their interactions with mobile money agents. We conduct 72 structured interviews in Kenya and Tanzania (n=36 per country). The results show that users and agents design workarounds in response to limitations and challenges that users face within the ecosystem. These include advances or loans from agents, relying on the user-agent relationships in place of legal identification requirements, and altering the intended transaction execution to improve convenience. Overall, the workarounds modify one or more of what we see as the core components of mobile money: the user, the agent, and the transaction itself. The workarounds pose new risks and challenges for users and the overall ecosystem. The results suggest a need for rethinking privacy and security of various components of the ecosystem, as well as policy and regulatory controls to safeguard interactions while ensuring the usability of mobile money., Comment: To be published in IEEE Symposium on Security and Privacy 2024

Published
2023

10. Privacy Perceptions and Behaviors of Google Personal Account Holders in Saudi Arabia

Author

Alashwali, Eman and Cranor, Lorrie Faith

Subjects
Computer Science - Computers and Society, Computer Science - Cryptography and Security, Computer Science - Human-Computer Interaction
Abstract

While privacy perceptions and behaviors have been investigated in Western societies, little is known about these issues in non-Western societies. To bridge this gap, we interviewed 30 Google personal account holders in Saudi Arabia about their privacy perceptions and behaviors regarding the activity data that Google saves about them. Our study focuses on Google's Activity Controls, which enable users to control whether, and how, Google saves their Web \& App Activity, Location History, and YouTube History. Our results show that although most participants have some level of awareness about Google's data practices and the Activity Controls, many have only vague awareness, and the majority have not used the available controls. When participants viewed their saved activity data, many were surprised by what had been saved. While many participants find Google's use of their data to improve the services provided to them acceptable, the majority find the use of their data for ad purposes unacceptable. We observe that our Saudi participants exhibit similar trends and patterns in privacy awareness, attitudes, preferences, concerns, and behaviors to what has been found in studies in the US. Our results emphasize the need for: 1) improved techniques to inform users about privacy settings during account sign-up, to remind users about their settings, and to raise awareness about privacy settings; 2) improved privacy setting interfaces to reduce the costs that deter many users from changing the settings; and 3) further research to explore privacy concerns in non-Western cultures., Comment: Appeared in Proceedings of Human-Computer Interaction International (HCII), 2024. Changes from prev. version: correct a typo in author country name

Published
2023

11. Privacy Perceptions and Behaviors of Google Personal Account Holders in Saudi Arabia

Author

Alashwali, Eman, Cranor, Lorrie, Goos, Gerhard, Series Editor, Hartmanis, Juris, Founding Editor, van Leeuwen, Jan, Series Editor, Hutchison, David, Editorial Board Member, Kanade, Takeo, Editorial Board Member, Kittler, Josef, Editorial Board Member, Kleinberg, Jon M., Editorial Board Member, Kobsa, Alfred, Series Editor, Mattern, Friedemann, Editorial Board Member, Mitchell, John C., Editorial Board Member, Naor, Moni, Editorial Board Member, Nierstrasz, Oscar, Series Editor, Pandu Rangan, C., Editorial Board Member, Sudan, Madhu, Series Editor, Terzopoulos, Demetri, Editorial Board Member, Tygar, Doug, Editorial Board Member, Weikum, Gerhard, Series Editor, Vardi, Moshe Y, Series Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Woeginger, Gerhard, Editorial Board Member, and Moallem, Abbas, editor

Published
2024
Full Text
View/download PDF

14. Ask the Experts: What Should Be on an IoT Privacy and Security Label?

Author

Emami-Naeini, Pardis, Agarwal, Yuvraj, Cranor, Lorrie Faith, and Hibshi, Hanan

Subjects
Computer Science - Computers and Society, Computer Science - Cryptography and Security, Computer Science - Human-Computer Interaction
Abstract

Information about the privacy and security of Internet of Things (IoT) devices is not readily available to consumers who want to consider it before making purchase decisions. While legislators have proposed adding succinct, consumer accessible, labels, they do not provide guidance on the content of these labels. In this paper, we report on the results of a series of interviews and surveys with privacy and security experts, as well as consumers, where we explore and test the design space of the content to include on an IoT privacy and security label. We conduct an expert elicitation study by following a three-round Delphi process with 22 privacy and security experts to identify the factors that experts believed are important for consumers when comparing the privacy and security of IoT devices to inform their purchase decisions. Based on how critical experts believed each factor is in conveying risk to consumers, we distributed these factors across two layers---a primary layer to display on the product package itself or prominently on a website, and a secondary layer available online through a web link or a QR code. We report on the experts' rationale and arguments used to support their choice of factors. Moreover, to study how consumers would perceive the privacy and security information specified by experts, we conducted a series of semi-structured interviews with 15 participants, who had purchased at least one IoT device (smart home device or wearable). Based on the results of our expert elicitation and consumer studies, we propose a prototype privacy and security label to help consumers make more informed IoT-related purchase decisions., Comment: To appear at the 41st IEEE Symposium on Security and Privacy (S&P'20)

Published
2020

15. Disposition toward privacy and information disclosure in the context of emerging health technologies

Author

Schairer, Cynthia E, Cheung, Cynthia, Rubanovich, Caryn Kseniya, Cho, Mildred, Cranor, Lorrie Faith, and Bloss, Cinnamon S

Subjects
Genetics, Basic Behavioral and Social Science, Clinical Research, Behavioral and Social Science, Generic health relevance, Adolescent, Adult, Aged, Aged, 80 and over, Attitude, Confidentiality, Disclosure, Female, Focus Groups, Humans, Information Dissemination, Interviews as Topic, Male, Medical Informatics Applications, Middle Aged, Motivation, Privacy, Qualitative Research, Young Adult, privacy, confidentiality, patient data privacy, disclosure, social values, Information and Computing Sciences, Engineering, Medical and Health Sciences, Medical Informatics
Abstract

ObjectiveWe sought to present a model of privacy disposition and its development based on qualitative research on privacy considerations in the context of emerging health technologies.Materials and methodsWe spoke to 108 participants across 44 interviews and 9 focus groups to understand the range of ways in which individuals value (or do not value) control over their health information. Transcripts of interviews and focus groups were systematically coded and analyzed in ATLAS.ti for privacy considerations expressed by respondents.ResultsThree key findings from the qualitative data suggest a model of privacy disposition. First, participants described privacy related behavior as both contextual and habitual. Second, there are motivations for and deterrents to sharing personal information that do not fit into the analytical categories of risks and benefits. Third, philosophies of privacy, often described as attitudes toward privacy, should be classified as a subtype of motivation or deterrent.DiscussionThis qualitative analysis suggests a simple but potentially powerful conceptual model of privacy disposition, or what makes a person more or less private. Components of privacy disposition are identifiable and measurable through self-report and therefore amenable to operationalization and further quantitative inquiry.ConclusionsWe propose this model as the basis for a psychometric instrument that can be used to identify types of privacy dispositions, with potential applications in research, clinical practice, system design, and policy.

Published
2019

16. Internet of Things Security and Privacy Labels Should Empower Consumers.

Author

Cranor, Lorrie Faith, Agarwal, Yuvraj, and Emami-Naeini, Pardis

Subjects
*INTERNET of things, *DATA privacy, *DATA security, *CONSUMER preferences, *TWO-dimensional bar codes, *LABELS
Abstract

The article discusses the need for security and privacy labels on Internet of Things (IoT) products to empower consumers. The U.S. Cyber Trust Mark was introduced in July 2023, and the article emphasizes the importance of including meaningful information on product packaging alongside the trust mark. Consumer research conducted by Carnegie Mellon University (CMU) revealed that consumers prefer detailed labels over minimal ones, and they find scanning QR codes inconvenient. The study suggests that including information on the package itself is crucial, especially regarding data privacy factors such as sensor details, data sharing practices, and security features. The article recommends a mandatory labeling program to ensure transparency and improve the overall security of IoT devices, emphasizing the importance of including data privacy factors in the labeling requirements.

Published
2024
Full Text
View/download PDF

19. Matcha

Author

Li, Tianshi, primary, Cranor, Lorrie Faith, additional, Agarwal, Yuvraj, additional, and Hong, Jason I., additional

Published
2024
Full Text
View/download PDF

20. Towards a Privacy Research Roadmap for the Computing Community

Author

Cranor, Lorrie, Rabin, Tal, Shmatikov, Vitaly, Vadhan, Salil, and Weitzner, Daniel

Subjects
Computer Science - Computers and Society
Abstract

Great advances in computing and communication technology are bringing many benefits to society, with transformative changes and financial opportunities being created in health care, transportation, education, law enforcement, national security, commerce, and social interactions. Many of these benefits, however, involve the use of sensitive personal data, and thereby raise concerns about privacy. Failure to address these concerns can lead to a loss of trust in the private and public institutions that handle personal data, and can stifle the independent thought and expression that is needed for our democracy to flourish. This report, sponsored by the Computing Community Consortium (CCC), suggests a roadmap for privacy research over the next decade, aimed at enabling society to appropriately control threats to privacy while enjoying the benefits of information technology and data science. We hope that it will be useful to the agencies of the Federal Networking and Information Technology Research and Development (NITRD) Program as they develop a joint National Privacy Research Strategy over the coming months. The report synthesizes input drawn from the privacy and computing communities submitted to both the CCC and NITRD, as well as past reports on the topic., Comment: A Computing Community Consortium (CCC) white paper, 23 pages

Published
2016

21. Spaced Repetition and Mnemonics Enable Recall of Multiple Strong Passwords

Author

Blocki, Jeremiah, Komanduri, Saranga, Cranor, Lorrie, and Datta, Anupam

Subjects
Computer Science - Cryptography and Security, Computer Science - Human-Computer Interaction
Abstract

We report on a user study that provides evidence that spaced repetition and a specific mnemonic technique enable users to successfully recall multiple strong passwords over time. Remote research participants were asked to memorize 4 Person-Action-Object (PAO) stories where they chose a famous person from a drop-down list and were given machine-generated random action-object pairs. Users were also shown a photo of a scene and asked to imagine the PAO story taking place in the scene (e.g., Bill Gates---swallowing---bike on a beach). Subsequently, they were asked to recall the action-object pairs when prompted with the associated scene-person pairs following a spaced repetition schedule over a period of 127+ days. While we evaluated several spaced repetition schedules, the best results were obtained when users initially returned after 12 hours and then in $1.5\times$ increasing intervals: 77% of the participants successfully recalled all 4 stories in 10 tests over a period of 158 days. Much of the forgetting happened in the first test period (12 hours): 89% of participants who remembered their stories during the first test period successfully remembered them in every subsequent round. These findings, coupled with recent results on naturally rehearsing password schemes, suggest that 4 PAO stories could be used to create usable and strong passwords for 14 sensitive accounts following this spaced repetition schedule, possibly with a few extra upfront rehearsals. In addition, we find that there is an interference effect across multiple PAO stories: the recall rate of 100% (resp. 90%) for participants who were asked to memorize 1 PAO story (resp. 2 PAO stories) is significantly better than the recall rate for participants who were asked to memorize 4 PAO stories. These findings yield concrete advice for improving constructions of password management schemes and future user studies.

Published
2014
Full Text
View/download PDF

24. Agents of Choice: Tools that Facilitate Notice and Choice about Web Site Data Practices

Author

Cranor, Lorrie Faith

Subjects
Computer Science - Computers and Society, K.4.1
Abstract

A variety of tools have been introduced recently that are designed to help people protect their privacy on the Internet. These tools perform many different functions in-cluding encrypting and/or anonymizing communications, preventing the use of persistent identifiers such as cookies, automatically fetching and analyzing web site privacy policies, and displaying privacy-related information to users. This paper discusses the set of privacy tools that aim specifically at facilitating notice and choice about Web site data practices. While these tools may also have components that perform other functions such as encryption, or they may be able to work in conjunction with other privacy tools, the primary pur-pose of these tools is to help make users aware of web site privacy practices and to make it easier for users to make informed choices about when to provide data to web sites. Examples of such tools include the Platform for Privacy Preferences (P3P) and various infomediary services., Comment: 8 pages

Published
2000

25. Beyond Concern: Understanding Net Users' Attitudes About Online Privacy

Author

Cranor, Lorrie Faith, Reagle, Joseph, and Ackerman, Mark S.

Subjects
Computer Science - Computers and Society, Computer Science - Human-Computer Interaction, K.4.1
Abstract

People are concerned about privacy, particularly on the Internet. While many studies have provided evidence of this concern, few have explored the nature of the concern in detail, especially for the online environment. With this study, we have tried to better understand the nature of online privacy concerns; we look beyond the fact that people are concerned and attempt to understand how they are concerned. We hope our results will help inform both policy decisions as well as the development of technology tools that can assist Internet users in protecting their privacy. We present results here from the analysis of 381 questionnaires completed between November 6 and November 13, 1998 by American Internet users. The sample was drawn from the FamilyPC magazine/Digital Research, Inc. Family Panel. While this is not a statistically representative sample of US Internet users, our respondents are heavy Internet users, and quite possibly lead innovators. As such, we believe that this sample is important for understanding the future Internet user population., Comment: 5 figures and appendix

Published
1999

26. Influencing Software Usage

Author

Cranor, Lorrie Faith and Wright, Rebecca N.

Subjects
Computer Science - Computers and Society, K.4.0, K.6.3
Abstract

Technology designers often strive to design systems that are flexible enough to be used in a wide range of situations. Software engineers, in particular, are trained to seek general solutions to problems. General solutions can be used not only to address the problem at hand, but also to address a wide range of problems that the designers may not have even anticipated. Sometimes designers wish to provide general solutions, while encouraging certain uses of their technology and discouraging or precluding others. They may attempt to influence the use of technology by ``hard-wiring'' it so that it only can be used in certain ways, licensing it so that those who use it are legally obligated to use it in certain ways, issuing guidelines for how it should be used, or providing resources that make it easier to use the technology as the designers intended than to use it in any other way. This paper examines several cases where designers have attempted to influence the use of technology through one of these mechanisms. Such cases include key recovery encryption, Pegasus Mail, Platform for Internet Content Selection (PICS) Guidelines, Java, Platform for Privacy Preferences Project (P3P) Implementation Guide, Apple's style guidelines, and Microsoft Foundation Classes. In some of these cases, the designers sought to influence the use of technology for competitive reasons or in order to promote standardization or interoperability. However, in other cases designers were motivated by policy-related goals such as protecting privacy or free speech. As new technologies are introduced with the express purpose of advancing policy-related goals (for example, PICS and P3P), it is especially important to understand the roles designers might play in influencing the use of technology., Comment: Prepared for the 26th Telecommunications Policy Research Conference, October 3-5, 1998, Alexandria, VA

Published
1998

27. Metrics for Success: Why and How to Evaluate Privacy Choice Usability: Assessing the usability of choice and consent mechanisms.

Author

Cranor, Lorrie Faith and Habib, Hana

Subjects
*RIGHT of privacy, *INFORMED consent (Law), *USER interfaces, *CHOICE (Psychology), *USER experience, *CONSUMER protection
Abstract

The article discusses privacy choice and consent mechanisms and user interface design. Topics include the need for usability metrics in order to assess the mechanisms to determine user intention and comprehension. The authors present information on research they performed on the usability of privacy consent and choice interfaces with the goal of defining relevant metrics and creating a structure of methods to evaluate them.

Published
2023
Full Text
View/download PDF

31. Privacy: Is a Privacy Crisis Experienced, a Privacy Crisis Avoided? Exploring immersive theatre as a way to educate audiences and study their perceptions of privacy and technology ethics.

Author

Skirpan, Michael, Oates, Maggie, Byrne, Daragh, Cunningham, Robert, and Cranor, Lorrie Faith

Subjects
PRIVACY, ARTIFICIAL intelligence
Abstract

The article reviews performances in Pittsburgh, Pennsylvania of Michael Skirpan's immersive theatrical production "Project Amelia" with a focus on its use as a didactic tool to educate audiences on computer ethics and the interplay between privacy and technology.

Published
2022
Full Text
View/download PDF

37. The Impact of Length and Mathematical Operators on the Usability and Security of System-Assigned One-Time PINs

Author

Kelley, Patrick Gage, Komanduri, Saranga, Mazurek, Michelle L., Shay, Richard, Vidas, Timothy, Bauer, Lujo, Christin, Nicolas, Cranor, Lorrie Faith, Hutchison, David, editor, Kanade, Takeo, editor, Kittler, Josef, editor, Kleinberg, Jon M., editor, Mattern, Friedemann, editor, Mitchell, John C., editor, Naor, Moni, editor, Nierstrasz, Oscar, editor, Pandu Rangan, C., editor, Steffen, Bernhard, editor, Sudan, Madhu, editor, Terzopoulos, Demetri, editor, Tygar, Doug, editor, Vardi, Moshe Y., editor, Weikum, Gerhard, editor, Adams, Andrew A., editor, Brenner, Michael, editor, and Smith, Matthew, editor

Published
2013
Full Text
View/download PDF

38. QRishing: The Susceptibility of Smartphone Users to QR Code Phishing Attacks

Author

Vidas, Timothy, Owusu, Emmanuel, Wang, Shuai, Zeng, Cheng, Cranor, Lorrie Faith, Christin, Nicolas, Hutchison, David, editor, Kanade, Takeo, editor, Kittler, Josef, editor, Kleinberg, Jon M., editor, Mattern, Friedemann, editor, Mitchell, John C., editor, Naor, Moni, editor, Nierstrasz, Oscar, editor, Pandu Rangan, C., editor, Steffen, Bernhard, editor, Sudan, Madhu, editor, Terzopoulos, Demetri, editor, Tygar, Doug, editor, Vardi, Moshe Y., editor, Weikum, Gerhard, editor, Adams, Andrew A., editor, Brenner, Michael, editor, and Smith, Matthew, editor

Published
2013
Full Text
View/download PDF

39. Mobile-App Privacy Nutrition Labels Missing Key Ingredients for Success: Android and iOS privacy labels confuse developers and end users.

Author

Cranor, Lorrie Faith

Subjects
*RIGHT of privacy, *MOBILE apps, *CONSUMER education, *TECHNICAL language, NUTRITION tables
Abstract

The article analyzes the attempt of the Android and iOS mobile operating systems to format mobile app privacy notices in a simple format resembling nutrition labels, in order to provide consumers with the information they need to make informed decisions. Topics include confusing language, and the challenge for app developers to accurately represent their data practices. The author offers recommendations for improvement, including automating systems, standardizing terminology, and increasing ease of access.

Published
2022
Full Text
View/download PDF

40. A Conundrum of Permissions: Installing Applications on an Android Smartphone

Author

Kelley, Patrick Gage, Consolvo, Sunny, Cranor, Lorrie Faith, Jung, Jaeyeon, Sadeh, Norman, Wetherall, David, Hutchison, David, editor, Kanade, Takeo, editor, Kittler, Josef, editor, Kleinberg, Jon M., editor, Mattern, Friedemann, editor, Mitchell, John C., editor, Naor, Moni, editor, Nierstrasz, Oscar, editor, Pandu Rangan, C., editor, Steffen, Bernhard, editor, Sudan, Madhu, editor, Terzopoulos, Demetri, editor, Tygar, Doug, editor, Vardi, Moshe Y., editor, Weikum, Gerhard, editor, Blyth, Jim, editor, Dietrich, Sven, editor, and Camp, L. Jean, editor

Published
2012
Full Text
View/download PDF

41. Improving Computer Security Dialogs

Author

Bravo-Lillo, Cristian, Cranor, Lorrie Faith, Downs, Julie, Komanduri, Saranga, Sleeper, Manya, Hutchison, David, editor, Kanade, Takeo, editor, Kittler, Josef, editor, Kleinberg, Jon M., editor, Mattern, Friedemann, editor, Mitchell, John C., editor, Naor, Moni, editor, Nierstrasz, Oscar, editor, Pandu Rangan, C., editor, Steffen, Bernhard, editor, Sudan, Madhu, editor, Terzopoulos, Demetri, editor, Tygar, Doug, editor, Vardi, Moshe Y., editor, Weikum, Gerhard, editor, Campos, Pedro, editor, Graham, Nicholas, editor, Jorge, Joaquim, editor, Nunes, Nuno, editor, Palanque, Philippe, editor, and Winckler, Marco, editor

Published
2011
Full Text
View/download PDF

42. An Investigation into Facebook Friend Grouping

Author

Kelley, Patrick Gage, Brewer, Robin, Mayer, Yael, Cranor, Lorrie Faith, Sadeh, Norman, Hutchison, David, editor, Kanade, Takeo, editor, Kittler, Josef, editor, Kleinberg, Jon M., editor, Mattern, Friedemann, editor, Mitchell, John C., editor, Naor, Moni, editor, Nierstrasz, Oscar, editor, Pandu Rangan, C., editor, Steffen, Bernhard, editor, Sudan, Madhu, editor, Terzopoulos, Demetri, editor, Tygar, Doug, editor, Vardi, Moshe Y., editor, Weikum, Gerhard, editor, Campos, Pedro, editor, Graham, Nicholas, editor, Jorge, Joaquim, editor, Nunes, Nuno, editor, Palanque, Philippe, editor, and Winckler, Marco, editor

Published
2011
Full Text
View/download PDF

43. Who Is Concerned about What? A Study of American, Chinese and Indian Users’ Privacy Concerns on Social Network Sites : (Short Paper)

Author

Wang, Yang, Norice, Gregory, Cranor, Lorrie Faith, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Nierstrasz, Oscar, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Sudan, Madhu, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Vardi, Moshe Y., Series editor, Weikum, Gerhard, Series editor, McCune, Jonathan M., editor, Balacheff, Boris, editor, Perrig, Adrian, editor, Sadeghi, Ahmad-Reza, editor, Sasse, Angela, editor, and Beres, Yolanta, editor

Published
2011
Full Text
View/download PDF

45. A Comparative Study of Online Privacy Policies and Formats

Author

McDonald, Aleecia M., Reeder, Robert W., Kelley, Patrick Gage, Cranor, Lorrie Faith, Hutchison, David, editor, Kanade, Takeo, editor, Kittler, Josef, editor, Kleinberg, Jon M., editor, Mattern, Friedemann, editor, Mitchell, John C., editor, Naor, Moni, editor, Nierstrasz, Oscar, editor, Pandu Rangan, C., editor, Steffen, Bernhard, editor, Sudan, Madhu, editor, Terzopoulos, Demetri, editor, Tygar, Doug, editor, Vardi, Moshe Y., editor, Weikum, Gerhard, editor, Goldberg, Ian, editor, and Atallah, Mikhail J., editor

Published
2009
Full Text
View/download PDF

46. Privacy: Cookie Monster.

Author

Cranor, Lorrie Faith

Subjects
*COOKIES (Computer science), *INTERNET privacy, *GENERAL Data Protection Regulation, 2016, *INFORMED consent (Law), *INTERNET users
Abstract

The article criticizes the implementation of online cookie warnings required under European internet privacy law. A study comparing the impact of various cookie banners on the internet browsing behavior of 1,000 U.S. users is described with a focus on informed consent and the website of the ACM itself.

Published
2022
Full Text
View/download PDF

47. Privacy in India: Attitudes and Awareness

Author

Kumaraguru, Ponnurangam, Cranor, Lorrie, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Nierstrasz, Oscar, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Sudan, Madhu, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Dough, Series editor, Vardi, Moshe Y., Series editor, Weikum, Gerhard, Series editor, Danezis, George, editor, and Martin, David, editor

Published
2006
Full Text
View/download PDF

48. Searching for Privacy: Design and Implementation of a P3P-Enabled Search Engine

Author

Byers, Simon, Cranor, Lorrie Faith, Kormann, Dave, McDaniel, Patrick, Hutchison, David, editor, Kanade, Takeo, editor, Kittler, Josef, editor, Kleinberg, Jon M., editor, Mattern, Friedemann, editor, Mitchell, John C., editor, Naor, Moni, editor, Nierstrasz, Oscar, editor, Pandu Rangan, C., editor, Steffen, Bernhard, editor, Sudan, Madhu, editor, Terzopoulos, Demetri, editor, Tygar, Dough, editor, Vardi, Moshe Y., editor, Weikum, Gerhard, editor, Martin, David, editor, and Serjantov, Andrei, editor

Published
2005
Full Text
View/download PDF

49. Privacy: Informing California Privacy Regulations with Evidence from Research.

Author

Cranor, Lorrie Faith

Subjects
*DATA privacy, *ICONS (Computer graphics), *INTERNET privacy laws, *TECHNOLOGY & state
Abstract

The article offers information on the design and testing of computer icons for "Do Not Sell My Personal Information" computer privacy settings in compliance with the California Consumer Privacy Act. Details of testing of icon designs within fictional websites are provided and the eventual issuance of proposed regulations for icon design from the California Office of the Attorney General.

Published
2021
Full Text
View/download PDF

Catalog

Books, media, physical & digital resources
See catalog results