research-article

Open access

“A Reasonable Thing to Ask For”: Towards a Unified Voice in Privacy Collective Action

Authors:

W. Keith Edwards,

Sauvik DasAuthors Info & Claims

CHI '22: Proceedings of the 2022 CHI Conference on Human Factors in Computing Systems

Article No.: 32, Pages 1 - 17

https://doi.org/10.1145/3491102.3517467

Published: 28 April 2022 Publication History

All formats PDF

Abstract

People feel concerned, angry, and powerless when subjected to surveillance, data breaches and other privacy-violating experiences with institutions (PVEIs). Collective action may empower groups of people affected by a PVEI to jointly demand redress, but a necessary first step is for the collective to agree on demands. We designed a sensitizing prototype to explore how to shepherd a collective to generate a unified set of demands for redress in response to a triggering PVEI. We found that collectives can converge on high-priority concerns and demands for redress, and that many of their demands indicated preferences for broad reform. We then gathered a panel of security and privacy experts to react to the collective’s demands. Experts were dismissive, preferring incremental measures that cleanly mapped onto existing legal structures. We argue this misalignment may help uphold the power chasm between data-harvesting institutions and the individuals whose personal data they monetize.

References

[1]

[n. d.]. Cybersecurity Resource Center: Cybersecurity Incidents. U.S. Office of Personnel Management([n. d.]). https://www.opm.gov/cybersecurity/cybersecurity-incidents/

[2]

[n. d.]. Stop Watching Us. StopWatching.Us ([n. d.]). https://optin.stopwatching.us/

[3]

2017. Don’t let EQUIFAX escape liability!Change.org (2017). https://www.change.org/p/don-t-let-equifax-escape-liability

[4]

2017. Equifax Releases Details on Cybersecurity Incident, Announces Personnel Changes. Equifax (Sep 2017). https://investor.equifax.com/news-and-events/press-releases/2017/09-15-2017-224018832

[5]

2020. Restore the Fourth - Opposing unconstitutional mass government surveillance. Restorethe4th.com (2020). https://restorethe4th.com/

[6]

2020. r/privacy - I think I accidentally started a movement - Policing the Police by scraping court data. https://www.reddit.com/r/privacy/comments/gr11aw/i_think_i_accidenta lly_started_a_movement/

[7]

2020. r/privacy - If cops can watch us, we should watch them. I scraped court records to find dirty cops.https://www.reddit.com/r/privacy/comments/gm8xfq/if_cops_can_watch _us_we_should_watch_them_i/

[8]

Rediet Abebe, Solon Barocas, Jon Kleinberg, Karen Levy, Manish Raghavan, and David G Robinson. 2020. Roles for computing in social change. In Proceedings of the 2020 Conference on Fairness, Accountability, and Transparency. 252–260.

Digital Library

[9]

Ben Adler. 2018. California Passes Strict Internet Privacy Law With Implications For The Country. NPR (Jun 2018). https://www.npr.org/2018/06/29/624336039/california-passes-strict-internet-privacy-law-with-implications-for-the-country

[10]

Brooke Auxier, Lee Rainie, Monica Anderson, Andrew Perrin, Madhu Kumar, and Erica Turner. 2019. Americans and Privacy: Concerned, Confused and Feeling Lack of Control Over Their Personal Information. Pew Research Center (Nov 2019).

[11]

W Lance Bennett and Alexandra Segerberg. 2012. The logic of connective action: Digital media and the personalization of contentious politics. Information, communication & society 15, 5 (2012), 739–768.

[12]

Michael S Bernstein, Greg Little, Robert C Miller, Björn Hartmann, Mark S Ackerman, David R Karger, David Crowell, and Katrina Panovich. 2010. Soylent: a word processor with a crowd inside. In Proceedings of the 23nd annual ACM symposium on User interface software and technology. 313–322.

Digital Library

[13]

Glenn A Bowen. 2006. Grounded theory and sensitizing concepts. International journal of qualitative methods 5, 3 (2006), 12–23.

[14]

Virginia Braun and Victoria Clarke. 2019. Reflecting on reflexive thematic analysis. Qualitative Research in Sport, Exercise and Health 11, 4 (2019), 589–597.

[15]

Victoria Clarke, Virginia Braun, and Nikki Hayfield. 2015. Thematic analysis. Qualitative psychology: A practical guide to research methods (2015), 222–248.

[16]

Sauvik Das, Laura A Dabbish, and Jason I Hong. 2019. A typology of perceived triggers for end-user security and privacy behaviors. In Fifteenth Symposium on Usable Privacy and Security ({SOUPS} 2019).

[17]

Sauvik Das, W Keith Edwards, DeBrae Kennedy-Mayo, Peter Swire, and Yuxi Wu. 2021. Privacy for the People? Exploring Collective Action as a Mechanism to Shift Power to Consumers in End-User Privacy. IEEE Security & Privacy 19, 5 (2021), 66–70.

[18]

Sauvik Das, Tiffany Hyun-Jin Kim, Laura A Dabbish, and Jason I Hong. 2014. The effect of social influence on security sensitivity. In 10th Symposium On Usable Privacy and Security ({SOUPS} 2014). 143–157.

[19]

Sauvik Das, Adam DI Kramer, Laura A Dabbish, and Jason I Hong. 2015. The role of social influence in security feature adoption. In Proceedings of the 18th ACM conference on computer supported cooperative work & social computing. 1416–1426.

Digital Library

[20]

Sauvik Das, Joanne Lo, Laura Dabbish, and Jason I Hong. 2018. Breaking! A Typology of Security and Privacy News and How It’s Shared. In Proceedings of the 2018 CHI Conference on Human Factors in Computing Systems. 1–12.

Digital Library

[21]

Jenny L Davis and Nathan Jurgenson. 2014. Context collapse: Theorizing context collusions and collisions. Information, communication & society 17, 4 (2014), 476–485.

[22]

Paul Ekman. [n. d.]. Basic emotions. Handbook of cognition and emotion 98, 45-60 ([n. d.]), 16.

[23]

Diana Freed, Sam Havron, Emily Tseng, Andrea Gallardo, Rahul Chatterjee, Thomas Ristenpart, and Nicola Dell. 2019. ” Is my phone hacked?” Analyzing Clinical Computer Security Interventions with Survivors of Intimate Partner Violence. Proceedings of the ACM on Human-Computer Interaction 3, CSCW(2019), 1–24.

Digital Library

[24]

Shirley Gaw and Edward W Felten. 2006. Password management strategies for online accounts. In Proceedings of the second symposium on Usable privacy and security. 44–55.

Digital Library

[25]

Carol Gilligan. 1993. In a different voice: Psychological theory and women’s development. Harvard University Press.

[26]

Maximilian Golla, Miranda Wei, Juliette Hainline, Lydia Filipe, Markus Dürmuth, Elissa Redmiles, and Blase Ur. 2018. “What was that site doing with my Facebook password?” Designing Password-Reuse Notifications. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. 1549–1566.

Digital Library

[27]

A. Gorz, M. Nicolaus, V. Ortiz, V.O. González, and Beacon Press (Boston).1967. Strategy for Labor: A Radical Proposal. Beacon Press. https://books.google.com/books?id=IPtAAAAAIAAJ

[28]

Joseph L Greenslade. 1988. Labor unions and the Sherman Act: rethinking labor’s nonstatutory exemption. Loy. LAL Rev. 22(1988), 151.

[29]

Cormac Herley. 2009. So long, and no thanks for the externalities: the rational rejection of security advice by users. In Proceedings of the 2009 workshop on New security paradigms workshop. 133–144.

Digital Library

[30]

Daniel C Howe and Helen Nissenbaum. 2017. Engineering Privacy and Protest: A Case Study of AdNauseam. In IWPE@ SP. 57–64.

[31]

Shih-Wen Huang, Minhyang Suh, Benjamin Mako Hill, and Gary Hsieh. 2015. How activists are both born and made: An analysis of users on Change.org. In Proceedings of the 33rd annual ACM conference on human factors in computing systems. 211–220.

Digital Library

[32]

Lilly Irani and M Six Silberman. 2014. From critical design to critical infrastructure: lessons from turkopticon. Interactions 21, 4 (2014), 32–35.

Digital Library

[33]

Lilly C Irani and M Six Silberman. 2016. Stories We Tell About Labor: Turkopticon and the Trouble with” Design”. In Proceedings of the 2016 CHI conference on human factors in computing systems. 4573–4586.

Digital Library

[34]

Haojian Jin, Hong Shen, Mayank Jain, Swarun Kumar, and Jason I. Hong. 2021. Lean Privacy Review: Collecting Users’ Privacy Concerns of Data Practices at a Low Cost. ACM Trans. Comput.-Hum. Interact. 28, 5, Article 34 (aug 2021), 55 pages. https://doi.org/10.1145/3463910

Digital Library

[35]

Brittany Kaiser. 2017. Tell Facebook: Our Data is our Property #OwnYourData. Change.org (2017). https://www.change.org/p/tell-facebook-our-data-is-our-property-ownyourdata

[36]

Ruogu Kang, Stephanie Brown, Laura Dabbish, and Sara Kiesler. 2014. Privacy attitudes of mechanical turk workers and the us public. In 10th Symposium On Usable Privacy and Security ({SOUPS} 2014). 37–49.

Digital Library

[37]

Travis Kriplean, Jonathan Morgan, Deen Freelon, Alan Borning, and Lance Bennett. 2012. Supporting reflective public thought with considerit. In Proceedings of the ACM 2012 conference on Computer Supported Cooperative Work. 265–274.

Digital Library

[38]

Gerald Marwell and Pamela Oliver. 1993. Cambridge University Press, i–iv.

[39]

Peter Mayer, Yixin Zou, Florian Schaub, and Adam J Aviv. 2021. ” Now I’m a bit angry:” Individuals’ Awareness, Perception, and Responses to Data Breaches that Affected Them. In 30th {USENIX} Security Symposium ({USENIX} Security 21).

[40]

Nora McDonald, Karla Badillo-Urquiola, Morgan G Ames, Nicola Dell, Elizabeth Keneski, Manya Sleeper, and Pamela J Wisniewski. 2020. Privacy and Power: Acknowledging the Importance of Privacy Research and Design for Vulnerable Populations. In Extended Abstracts of the 2020 CHI Conference on Human Factors in Computing Systems. 1–8.

[41]

Ellen Nakashima. 2019. Hacks of OPM databases compromised 22.1 million people, federal authorities say. The Washington Post (Apr 2019). https://www.washingtonpost.com/news/federal-eye/wp/2015/07/09/hack-of-security-clearance-system-affected-21-5-million-people-federal-authorities-say/

[42]

Helen Nissenbaum and Howe Daniel. 2009. TrackMeNot: Resisting surveillance in web search. (2009).

[43]

Nicole Perlroth. 2016. Yahoo Says Hackers Stole Data on 500 Million Users in 2014. The New York Times (Sep 2016). https://www.nytimes.com/2016/09/23/technology/yahoo-hackers.html

[44]

Emilee Rader, Rick Wash, and Brandon Brooks. 2012. Stories as informal lessons about security. In Proceedings of the Eighth Symposium on Usable Privacy and Security. 1–17.

Digital Library

[45]

Iyad Rahwan. 2018. Society-in-the-loop: programming the algorithmic social contract. Ethics and Information Technology 20, 1 (2018), 5–14.

Digital Library

[46]

Elissa M Redmiles, Sean Kross, and Michelle L Mazurek. 2019. How well do my results generalize? comparing security and privacy survey results from mturk, web, and telephone samples. In 2019 IEEE Symposium on Security and Privacy (SP). IEEE, 1326–1343.

[47]

Elissa M Redmiles, Amelia R Malone, and Michelle L Mazurek. 2016. I think they’re trying to tell me something: Advice sources and selection for digital security. In 2016 IEEE Symposium on Security and Privacy (SP). IEEE, 272–288.

[48]

Alan Rusbridger and Ewen MacAskill. 2014. Edward Snowden interview: the edited transcript. The Guardian (Jul 2014). https://www.theguardian.com/world/2014/jul/18/-sp-edward-snowden-nsa-whistleblower-interview-transcript

[49]

Niloufar Salehi, Lilly C Irani, Michael S Bernstein, Ali Alkhatib, Eva Ogbe, and Kristy Milland. 2015. We are dynamo: Overcoming stalling and friction in collective action for crowd workers. In Proceedings of the 33rd annual ACM conference on human factors in computing systems. 1621–1630.

Digital Library

[50]

Aaron Shaw, Haoqi Zhang, Andrés Monroy-Hernández, Sean Munson, Benjamin Mako Hill, Elizabeth Gerber, Peter Kinnaird, and Patrick Minder. 2014. Computer supported collective action. Interactions 21, 2 (2014), 74–77.

Digital Library

[51]

Erik Stolterman and Mikael Wiberg. 2010. Concept-driven interaction design research. Human–Computer Interaction 25, 2 (2010), 95–118.

[52]

Blase Ur, Pedro Giovanni Leon, Lorrie Faith Cranor, Richard Shay, and Yang Wang. 2012. Smart, useful, scary, creepy: perceptions of online behavioral advertising. In proceedings of the eighth symposium on usable privacy and security. 1–15.

Digital Library

[53]

Nicholas Vincent, Hanlin Li, Nicole Tilly, Stevie Chancellor, and Brent Hecht. 2021. Data Leverage: A Framework for Empowering the Public in its Relationship with Technology Companies. In Proceedings of the 2021 ACM Conference on Fairness, Accountability, and Transparency. 215–227.

Digital Library

[54]

David Watson and Lee Anna Clark. 1999. The PANAS-X: Manual for the positive and negative affect schedule, expanded form. (1999).

[55]

Sidney Webb and Beatrice Webb. 1920. The history of trade unionism. Longmans, Green.

[56]

Qian Yang, Nikola Banovic, and John Zimmerman. 2018. Mapping machine learning advances from hci research to reveal starting places for design innovation. In Proceedings of the 2018 CHI Conference on Human Factors in Computing Systems. 1–11.

Digital Library

[57]

Haoqi Zhang, Andrés Monroy-Hernández, Aaron Shaw, Sean Munson, Elizabeth Gerber, Benjamin Hill, Peter Kinnaird, Shelly Farnham, and Patrick Minder. 2014. WeDo: end-to-end computer supported collective action. In Proceedings of the International AAAI Conference on Web and Social Media, Vol. 8.

[58]

Yixin Zou, Abraham H Mhaidli, Austin McCall, and Florian Schaub. 2018. ”I’ve Got Nothing to Lose”: Consumers’ Risk Perceptions and Protective Actions after the Equifax Data Breach. In Fourteenth Symposium on Usable Privacy and Security ({SOUPS} 2018). 197–216.

Cited By

Lee HChiang YGao LYang SWinter PDas S(2025)Purpose Mode: Reducing Distraction Through Toggling Attention Capture Damaging Patterns on Social Media WebsitesACM Transactions on Computer-Human Interaction10.1145/3711841Online publication date: 10-Jan-2025
https://doi.org/10.1145/3711841
Song QMa RKou YGui X(2024)Collective Privacy Sensemaking on Social Media about Period and Fertility Tracking post Roe v. WadeProceedings of the ACM on Human-Computer Interaction10.1145/36410008:CSCW1(1-35)Online publication date: 26-Apr-2024
https://dl.acm.org/doi/10.1145/3641000
DeVrio AEslami MHolstein K(2024)Building, Shifting, & Employing Power: A Taxonomy of Responses From Below to Algorithmic HarmProceedings of the 2024 ACM Conference on Fairness, Accountability, and Transparency10.1145/3630106.3658958(1093-1106)Online publication date: 3-Jun-2024
https://dl.acm.org/doi/10.1145/3630106.3658958
Show More Cited By

Index Terms

“A Reasonable Thing to Ask For”: Towards a Unified Voice in Privacy Collective Action
1. Human-centered computing
  1. Collaborative and social computing
    1. Collaborative and social computing theory, concepts and paradigms
      1. Social navigation
2. Security and privacy
  1. Human and societal aspects of security and privacy
    1. Social aspects of security and privacy

Recommendations

Enabling Courageous Collective Action: Conversations from United Airlines Flight 93

On September 11, 2001, the passengers and crew members aboard Flight 93 responded to the hijacking of their airplane by organizing a counterattack against the hijackers. The airplane crashed into an unpopulated field, causing no damage to human lives or ...
Collective action in the age of the internet: mass communication and online mobilization
Special issue: Psychology and the internet

This article examines how the Internet transforms collective action. Current practices on the web bear witness to thriving collective action ranging from persuasive to confrontational, individual to collective, undertakings. Even more influential than ...
Collective Awareness for Collective Action in Socio-technical Systems
SASOW '14: Proceedings of the 2014 IEEE Eighth International Conference on Self-Adaptive and Self-Organizing Systems Workshops

Autonomous and autonomic systems have proved highly effective for self-management of resource allocation in open, distributed computer systems and networks. The operation of such systems is, not unexpectedly, hidden from human users. The key question is ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

CHI '22: Proceedings of the 2022 CHI Conference on Human Factors in Computing Systems

April 2022

10459 pages

ISBN:9781450391573

DOI:10.1145/3491102

Editors:
Simone Barbosa
PUC-Rio, Brazil
,
Cliff Lampe
University of Michigan, USA
,
Caroline Appert
Université Paris-Saclay, France
,
David A. Shamma
Toyota Research Institute, USA
,
Steven Drucker
Microsoft Research, USA
,
Julie Williamson
University of Glasgow, UK
,
Koji Yatani
University of Tokyo, Japan

Copyright © 2022 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGCHI: ACM Special Interest Group on Computer-Human Interaction

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 28 April 2022

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Funding Sources

NSF (National Science Foundation)

Conference

CHI '22

Sponsor:

SIGCHI

CHI '22: CHI Conference on Human Factors in Computing Systems

April 29 - May 5, 2022

LA, New Orleans, USA

Acceptance Rates

Overall Acceptance Rate 6,199 of 26,314 submissions, 24%

Upcoming Conference

CHI 2025

Sponsor:
sigchi

ACM CHI Conference on Human Factors in Computing Systems

April 26 - May 1, 2025

Yokohama , Japan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

9
Total Citations
View Citations
932
Total Downloads

Downloads (Last 12 months)339
Downloads (Last 6 weeks)55

Reflects downloads up to 03 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

Lee HChiang YGao LYang SWinter PDas S(2025)Purpose Mode: Reducing Distraction Through Toggling Attention Capture Damaging Patterns on Social Media WebsitesACM Transactions on Computer-Human Interaction10.1145/3711841Online publication date: 10-Jan-2025
https://doi.org/10.1145/3711841
Song QMa RKou YGui X(2024)Collective Privacy Sensemaking on Social Media about Period and Fertility Tracking post Roe v. WadeProceedings of the ACM on Human-Computer Interaction10.1145/36410008:CSCW1(1-35)Online publication date: 26-Apr-2024
https://dl.acm.org/doi/10.1145/3641000
DeVrio AEslami MHolstein K(2024)Building, Shifting, & Employing Power: A Taxonomy of Responses From Below to Algorithmic HarmProceedings of the 2024 ACM Conference on Fairness, Accountability, and Transparency10.1145/3630106.3658958(1093-1106)Online publication date: 3-Jun-2024
https://dl.acm.org/doi/10.1145/3630106.3658958
Do KDe Los Santos MMuller MSavage S(2024)Designing Gig Worker Sousveillance ToolsProceedings of the 2024 CHI Conference on Human Factors in Computing Systems10.1145/3613904.3642614(1-19)Online publication date: 11-May-2024
https://dl.acm.org/doi/10.1145/3613904.3642614
Yang YLi TJin H(2024)On the Feasibility of Predicting Users' Privacy Concerns using Contextual Labels and Personal PreferencesProceedings of the 2024 CHI Conference on Human Factors in Computing Systems10.1145/3613904.3642500(1-20)Online publication date: 11-May-2024
https://dl.acm.org/doi/10.1145/3613904.3642500
Zhang ARana RBoltz ADubal VLee M(2024)Data Probes as Boundary Objects for Technology Policy Design: Demystifying Technology for Policymakers and Aligning Stakeholder Objectives in Rideshare Gig WorkProceedings of the 2024 CHI Conference on Human Factors in Computing Systems10.1145/3613904.3642000(1-21)Online publication date: 11-May-2024
https://dl.acm.org/doi/10.1145/3613904.3642000
Gardner DTanenbaum T(2023)The access control double bind: How everyday interfaces regulate access and privacy, enable surveillance, and enforce identityConvergence: The International Journal of Research into New Media Technologies10.1177/1354856523119370630:3(1186-1218)Online publication date: 19-Aug-2023
https://doi.org/10.1177/13548565231193706
Wu YBice SEdwards WDas S(2023)The Slow Violence of Surveillance CapitalismProceedings of the 2023 ACM Conference on Fairness, Accountability, and Transparency10.1145/3593013.3594119(1826-1837)Online publication date: 12-Jun-2023
https://dl.acm.org/doi/10.1145/3593013.3594119
Mayer PZou YLowens BDyer HLe KSchaub FAviv A(2023)Awareness, Intention, (In)Action: Individuals’ Reactions to Data BreachesACM Transactions on Computer-Human Interaction10.1145/358995830:5(1-53)Online publication date: 23-Sep-2023
https://dl.acm.org/doi/10.1145/3589958

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

HTML Format

View this article in HTML Format.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Figures

Tables

Media

View Table of Conten