survey

Open access

Nudges for Privacy and Security: Understanding and Assisting Users’ Choices Online

Authors:

Alessandro Acquisti,

Rebecca Balebako,

Laura Brandimarte,

Lorrie Faith Cranor,

Saranga Komanduri,

Pedro Giovanni Leon,

Florian Schaub,

Shomir WilsonAuthors Info & Claims

ACM Computing Surveys (CSUR), Volume 50, Issue 3

Article No.: 44, Pages 1 - 41

https://doi.org/10.1145/3054926

Published: 08 August 2017 Publication History

Abstract

Advancements in information technology often task users with complex and consequential privacy and security decisions. A growing body of research has investigated individuals’ choices in the presence of privacy and information security tradeoffs, the decision-making hurdles affecting those choices, and ways to mitigate such hurdles. This article provides a multi-disciplinary assessment of the literature pertaining to privacy and security decision making. It focuses on research on assisting individuals’ privacy and security choices with soft paternalistic interventions that nudge users toward more beneficial choices. The article discusses potential benefits of those interventions, highlights their shortcomings, and identifies key ethical, design, and research challenges.

References

[1]

Alessandro Acquisti. 2004. Privacy in electronic commerce and the economics of immediate gratification. In Proceedings of the 5th ACM Conference on Electronic Commerce. ACM, New York, NY, 21--29.

Digital Library

[2]

Alessandro Acquisti. 2009. Nudging privacy: The behavioral economics of personal information. IEEE Secur. Priv. 7, 6 (2009), 82--85.

Digital Library

[3]

Alessandro Acquisti, Laura Brandimarte, and George Loewenstein. 2015. Privacy and human behavior in the age of information. Science 347, 6221 (2015), 509--514.

[4]

Alessandro Acquisti and Christina M. Fong. 2014. An experiment in hiring discrimination via online social networks. Available at SSRN 2031979 (2014), 1--81.

[5]

Alessandro Acquisti and Ralph Gross. 2006. Imagined communities: Awareness, information sharing, and privacy on the Facebook. In Proceedings of the 6th International Workshop Privacy Enhancing Technology (PET’06). Springer, 36--58.

Digital Library

[6]

Alessandro Acquisti and Jens Grossklags. 2005. Privacy and rationality in individual decision making. IEEE Secur. Priv. 2 (2005), 24--30.

Digital Library

[7]

Alessandro Acquisti and Jens Grossklags. 2007. What can behavioral economics teach us about privacy. In Digital Privacy: Theory, Technologies and Practices, Sabrina De Capitani di Vimercati, Stefanos Gritzalis, Costas Lambrinoudakis, and Alessandro Acquisti (Eds.). Auerbach Publications, 363--377.

[8]

Alessandro Acquisti, Leslie K. John, and George Loewenstein. 2012. The impact of relative standards on the propensity to disclose. J. Market. Res. 49, 2 (2012), 160--174.

[9]

Alessandro Acquisti, Leslie K. John, and George Loewenstein. 2013. What is privacy worth? J. Legal Stud. 42, 2 (2013), 249--274.

[10]

Alessandro Acquisti, Curtis R. Taylor, and Liad Wagman. 2016. The economics of privacy. J. Econ. Lit. 52, 2 (2016).

[11]

Anne Adams and Martina Angela Sasse. 1999. Users are not the enemy. Commun. ACM 42, 12 (1999), 40--46.

Digital Library

[12]

Idris Adjerid, Alessandro Acquisti, Laura Brandimarte, and George Loewenstein. 2013. Sleights of privacy: Framing, disclosures, and the limits of transparency. In Proceedings of the Symposium on Usable Privacy and Security (SOUPS’13). ACM, 1--11.

Digital Library

[13]

George Ainslie and Nick Haslam. 1992. Hyperbolic discounting. In Choice Over Time, G. Loewenstein and J. Elster (Eds.). Russell Sage Foundation, New York, NY, 57--92.

[14]

George A. Akerlof. 1970. The market for “lemons”: Quality uncertainty and the market mechanism. Quarter. J. Econ. 84, 3 (1970), 488--500.

[15]

Reed Albergotti. 2014. Facebook’s Blue Dino Wants You to Mind Your Posting. WSJ Blog. (April 2014). Retrieved from http://blogs.wsj.com/digits/2014/04/01/facebooks-blue-dino-wants-you-to-mind-your-posting.

[16]

Hazim Almuhimedi, Florian Schaub, Norman Sadeh, Idris Adjerid, Alessandro Acquisti, Joshua Gluck, Lorrie Faith Cranor, and Yuvraj Agarwal. 2015. Your location has been shared 5,398 times&excl; A field study on mobile app privacy nudging. In Proceedings of the Conference on Human Factors in Computing Systems (CHI’15). ACM, 1--10.

[17]

Adil Alsaid and David Martin. 2003. Detecting web bugs with Bugnosis: Privacy advocacy through education. In Proceedings of the 2nd International Conference on Privacy Enhancing Technologies. Springer, 27--31.

[18]

Christopher J. Anderson. 2003. The psychology of doing nothing: Forms of decision avoidance result from reason and emotion. Psychol. Bull. 129, 1 (2003), 139--167.

[19]

Ross Anderson. 2001. Why information security is hard: An economic perspective. In Proceedings of the 17th Annual Computer Security Applications Conference (ACSAC’01). IEEE, New York, NY, 358--365.

[20]

Ross Anderson, Chris Barton, Rainer Böhme, Richard Clayton, Michel van Eeten, Michael Levi, Tyler Moore, and Stefan Savage. 2013. Measuring the cost of cybercrime. In The Economics of Information Security and Privacy. Springer-Verlag, Berlin, 265--300.

[21]

Julia Angwin. 2012. Microsoft’s “Do Not Track” Move Angers Advertising Industry. Wall Street Journal Blog (2012). Retrieved from http://blogs.wsj.com/digits/2012/05/31/microsofts-do-not-track-move-angers-advertising-industry/.

[22]

Apple Inc. 2014. Mac Basics: Time Machine backs up your Mac (2014). Retrieved from http://support.apple.com/kb/ht1427.

[23]

Dan Ariely, George Loewenstein, and Drazen Prelec. 2003. “Coherent arbitrariness”: Stable demand curves without stable preferences. Quarter. J. Econ. 118, 1 (2003), 73--106.

[24]

Rebecca Balebako, Pedro G. Leon, Hazim Almuhimedi, Patrick Gage Kelley, Jonathan Mugan, Alessandro Acquisti, Lorrie Faith Cranor, and Norman Sadeh. 2011. Nudging users towards privacy on mobile devices. In Proceedings of the CHI 2011 Workshop on Persuasion, Nudge, Influence and Coercion. ACM, 1--4.

[25]

Rebecca Balebako, Florian Schaub, Idris Adjerid, Alessandro Acquisti, and Lorrie Cranor. 2015. The impact of timing on the salience of smartphone app privacy notices. In Proceedings of the CCS Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM’15). ACM, New York, NY, 63--74.

Digital Library

[26]

Scott Beaulier and Bryan Caplan. 2007. Behavioral economics and perverse effects of the welfare state. Kyklos 60, 4 (2007), 485--507.

[27]

Gary S. Becker. 1976. The Economic Approach to Human Behavior. University of Chicago Press, Chicago, IL.

[28]

Omri Ben-Shahar and Carl E. Schneider. 2010. The failure of mandated discourse. U. Pa. Law Rev. 159, 3 (2010, 647).

[29]

John Beshears, James J. Choi, David Laibson, and Brigitte C. Madrian. 2009. The importance of default options for retirement saving outcomes: Evidence from the united states. In Social Security Policy in a Changing Environment. University of Chicago Press, Chicago, IL, USA, 167--195.

[30]

Andrew Besmer and Heather Richter Lipford. 2010. Moving beyond untagging: Photo privacy in a tagged world. In Proceedings of the Conference on Human Factors in Computing Systems (CHI’10). ACM, 1563--1572.

Digital Library

[31]

Andrew Besmer, Jason Watson, and Heather Richter Lipford. 2010. The impact of social navigation on privacy policy configuration. In Proceedings of the Symposium on Usable Privacy and Security (SOUPS’10). ACM, 1--10.

Digital Library

[32]

Matt Bishop. 2000. Education in information security. IEEE Concurr. 8, 4 (2000), 4--8.

Digital Library

[33]

Garrick Blalock, Vrinda Kadiyali, and Daniel H. Simon. 2007. The impact of post-9/11 airport security measures on the demand for air travel. J. Law Econ. 50, 4 (2007), 731--755.

[34]

Christoph Bösch, Benjamin Erb, Frank Kargl, Henning Kopp, and Stefan Pfattheicher. 2016. Tales from the dark side: Privacy dark strategies and privacy dark patterns. Proceedings of the Privacy Enhancing Technologies, 4 (2016), 237--254.

[35]

Luc Bovens. 2009. The ethics of nudge. In Preference Change: Approaches from Philosophy, Economics and Psychology, Till Grne-Yanoff and S. O. Hansson, (Eds.). Springer, Berlin, 207--220.

[36]

Laura Brandimarte, Alessandro Acquisti, and George Loewenstein. 2013. Misplaced confidences: Privacy and the control paradox. Soc. Psychol. Personal. Sci. 4, 3 (2013), 340--347.

[37]

Alex Braunstein, Laura Granka, and Jessica Staddon. 2011. Indirect content privacy surveys: Measuring privacy without asking about it. In Proceedings of the Symposium on Usable Privacy and Security (SOUPS’11). ACM, 1--14.

Digital Library

[38]

Cristian Bravo-Lillo, Saranga Komanduri, Lorrie Faith Cranor, Robert W. Reeder, Manya Sleeper, Julie Downs, and Stuart Schechter. 2013. Your attention please: Designing security-decision UIs to make genuine risks harder to ignore. In Proceedings of the Symposium on Usable Privacy and Security (SOUPS’13). ACM, 1--12.

Digital Library

[39]

Patricia C. Brennan, Poornima Madhavan, Cleotilde Gonzalez, and Frank C. Lacson. 2009. The impact of performance incentives during training on transfer of learning. Proc. Hum. Fact. Ergon. Soc. Ann. Meet. 53, 26 (2009), 1979--1983.

[40]

José Carlos Brustoloni and Ricardo Villamarín-Salomón. 2007. Improving security decisions with polymorphic and audited dialogs. In Proceedings of the Symposium on Usable Privacy and Security (SOUPS’07). ACM, 76--85.

Digital Library

[41]

Frank H. Buckley. 2005. Perfectionism. Supr. Court Econ. Rev. 13 (2005), 133--163.

[42]

Federico Cabitza and Marco Loregian. 2008. Much undo about nothing?: Investigating why email retraction is less popular than apologizing. In Proceedings of the Nordic Conference on HCI (NordiCHI’08). ACM, 431--434.

Digital Library

[43]

Ryan Calo. 2010. The boundaries of privacy harm. Ind. Law J. 86, 3 (2010), 1--31.

[44]

Ryan Calo. 2012. Against notice skepticism in privacy (and elsewhere). Notre Dame Law Rev. 87, 3 (2012), 1027--1072.

[45]

Colin Camerer, Samuel Issacharoff, George Loewenstein, Ted O’Donoghue, and Matthew Rabin. 2003. Regulation for conservatives: Behavioral economics and the case for ‘asymmetric paternalism’. U. Penn. Law Rev. 151, 3 (2003), 1211--1254.

[46]

Colin F. Camerer, George Loewenstein, and Matthew Rabin. 2011. Advances in Behavioral Economics. Princeton University Press, Princeton, NJ, USA.

[47]

Ann Cavoukian. 2009. Privacy by Design: Take the Challenge. Information and Privacy Commissioner of Ontario, Canada, Toronto, ON, Canada. Retrieved from http://privacybydesign.ca.

[48]

Daphne Chang, Erin L. Krupka, Eytan Adar, and Alessandro Acquisti. 2016. Engineering information disclosure: Norm shaping designs. In Proceedings of the Conference on Human Factors in Computing Systems (CHI’16). ACM, 587--597.

Digital Library

[49]

Avi Charkham. 2012. 5 design tricks Facebook uses to affect your privacy decisions. TechCrunch. (Aug. 2012). Retrieved from https://techcrunch.com/2012/08/25/5-design-tricks-facebook-uses-to-affect-your-privacy-decisions/.

[50]

Sonia Chiasson, Alain Forget, Robert Biddle, and Paul C. van Oorschot. 2008. Influencing users towards better passwords: Persuasive cued click-points. In Proceedings of the 22nd British HCI Group Annual Conference on People and Computers. British Computer Society, Swinton, UK, 121--130.

[51]

James J. Choi, David Laibson, Brigitte Madrian, and Andrew Metrick. 2004. For better or for worse: Default effects and 401(K) savings behavior. In Perspectives on the Economics of Aging, David Wise (Ed.). University of Chicago Press, Chicago, IL, 81--121.

[52]

Brian Christian. 2012. The A/B test: Inside the technology that’s changing the rules of business. Wired (April 2012). Retrieved from http://www.wired.com/business/2012/04/ff_abtesting/.

[53]

Nicolas Christin, Serge Egelman, Timothy Vidas, and Jens Grossklags. 2012. It’s all about the Benjamins: An empirical study on incentivizing users to ignore security advice. In Proceedings of the Conference on Financial Cryptography and Data Security (FC’12). Springer-Verlag, Berlin, 16--30.

Digital Library

[54]

Sandy Clark, Travis Goodspeed, Perry Metzger, Zachary Wasserman, Kevin Xu, and Matt Blaze. 2011. Why (special agent) Johnny (still) can’t encrypt: A security analysis of the APCO Project 25 two-way radio system. In Proceedings of the USENIX Security Symposium. USENIX Association, Berkeley, CA.

[55]

Sunny Consolvo, Katherine Everitt, Ian Smith, and James A. Landay. 2006. Design requirements for technologies that encourage physical activity. In Proceedings of the Conference on Human Factors in Computing Systems (CHI’06). ACM, 457--466.

Digital Library

[56]

Lorrie Faith Cranor and Simson Garfinkel. 2005. Security and Usability: Designing Secure Systems that People Can Use. O’Reilly Media, Inc., Sebastopol, CA.

[57]

Lorrie Faith Cranor, Praveen Guduru, and Manjula Arjula. 2006. User interfaces for privacy agents. ACM Trans. Comput.-Hum. Interact. (TOCHI) 13, 2 (2006), 135--178.

Digital Library

[58]

Paul Curzon and Ann Blandford. 2004. Formally justifying user-centred design rules: A case study on post-completion errors. In Proceedings of the 4th International Conference on Integrated Formal Methods. Springer, 461--480.

[59]

Nikhil Dhingra, Zach Gorn, Andrew Kener, and Jason Dana. 2012. The default pull: An experimental demonstration of subtle default effects on preferences. Judgm. Decis. Mak. 7, 1 (2012), 69--76.

[60]

Isaac Dinner, Eric J. Johnson, Daniel G. Goldstein, and Kaiya Liu. 2011. Partitioning default effects: Why people choose not to choose. J. Exper. Psychol.: Appl. 17, 4 (2011), 332--341.

[61]

Paul Dolan, Michael Hallsworth, David Halpern, D. King, R. Metcalfe, and Ivo Vlaev. 2012. Influencing behaviour: The mindspace way. J. Econ. Psychol. 33, 1 (2012), 264--277.

[62]

Julie S. Downs, George Loewenstein, and Jessica Wisdom. 2009. Strategies for promoting healthier food choices. Amer. Econ. Rev. 99, 2 (2009), 159--164.

[63]

Andreas C. Drichoutis, Panagiotis Lazaridis, and Rodolfo M. Nayga. 2006. Consumers’ use of nutritional labels: A review of research studies and issues. Acad. Market. Sci. Rev. 10, 9 (2006), 1--25.

[64]

Serge Egelman, David Molnar, Nicolas Christin, Alessandro Acquisti, Cormac Herley, and Shriram Krishnamurthi. 2010. Please continue to hold: An empirical study on user tolerance of security delays. In Proceedings of the Workshop on the Economics of Information Security (WEIS’10).

[65]

Serge Egelman, Adrienne Porter Felt, and David Wagner. 2013. Choice architecture and smartphone privacy: There’s a price for that. In The Economics of Information Security. Springer, 211--236.

[66]

Serge Egelman and Eyal Peer. 2015. The myth of the average user: Improving privacy and security systems through individualization. In Proceedings of the 2015 New Security Paradigms Workshop. ACM, 16--28.

Digital Library

[67]

Serge Egelman, Janice Tsai, Lorrie Faith Cranor, and Alessandro Acquisti. 2009. Timing is everything?: The effects of timing and placement of online privacy indicators. In Proceedings of the 27th International Conference on Human Factors in Computing Systems (CHI’09). ACM, New York, NY, 319--328.

Digital Library

[68]

Lujun Fang and Kristen LeFevre. 2010. Privacy wizards for social networking sites. In Proceedings of the 19th International Conference on World Wide Web (WWW’10). ACM, New York, NY, 351--360.

Digital Library

[69]

Federal Register. 2004. 16 Code of Federal Regulation Part 429. Retrieved from http://www.archives.gov/federal-register/cfr/subject-title-16.html (2004).

[70]

Financial Consumer Agency of Canada. 2014. Credit Card Selector Tool. Retrieved from http://itools-ioutils.fcac-acfc.gc.ca/stcv-osvc/ccst-oscc-eng.aspx (April 2014).

[71]

Baruch Fischoff. 1981. Debiasing. Technical Report. DTIC Document.

[72]

Myron F. Floyd, Heather Gibson, Lori Pennington-Gray, and Brijesh Thapa. 2004. The effect of risk perceptions on intentions to travel in the aftermath of September 11, 2001. J. Trav. Tour. Market. 15, 2--3 (2004), 19--38.

[73]

B. J. Fogg. 2002. Persuasive Technology (1st ed.). Morgan Kaufmann, Burlington, MA.

[74]

Shane Frederick, George Loewenstein, and Ted O’Donoghue. 2002. Time discounting and time preference: A critical review. J. Econ. Lit. 40, 2 (2002), 351--401.

[75]

Milton Friedman and Leonard J. Savage. 1948. The utility analysis of choices involving risk. J. Pol. Econ. 56, 4 (1948), 279--304.

[76]

Bo Gao, Bettina Berendt, Dave Clarke, Ralf De Wolf, Thomas Peetz, Jo Pierson, and Rula Sayaf. 2012. Interactive grouping of friends in OSN: Towards online context management. In Proceedings of the International Conference on Data Mining Workshops. IEEE, 555--562.

Digital Library

[77]

Simson Garfinkel and Heather Richter Lipford. 2014. Usable security: History, themes, and challenges. Synth. Lect. Info. Sec. Priv. Trust 5, 2 (2014), 1--124.

[78]

Gartner Group. 2014. Magic Quadrant for Security Awareness Computer-based Training Vendors. Technical Report. Gartner Group.

[79]

Edward L. Glaeser. 2005. Paternalism and Psychology. NBER Working Paper No. 11789. National Bureau of Economic Research.

[80]

Jeremy Goecks and Elizabeth Mynatt. 2005. Social approaches to end-user privacy management. In Security and Usability: Designing Secure Systems that People can use, L. F. Cranor and S. Garfinkel (Eds.). O’Reilly, Sebastopol, CA, 523--547.

[81]

Daniel G. Goldstein, Eric J. Johnson, Andreas Herrmann, and Mark Heitmann. 2008. Nudge your customers toward better choices. Harv. Bus. Rev. 86, 12 (2008), 99--105.

[82]

Nathaniel S. Good, Jens Grossklags, Deirdre K. Mulligan, and Joseph A. Konstan. 2007. Noticing notice: A large-scale experiment on the timing of software license agreements. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems (CHI’07). ACM, New York, NY, 607--616.

Digital Library

[83]

Nathaniel S. Good, Jens Grossklags, David Thaw, Aaron Perzanowski, Deirdre K. Mulligan, and Joseph A. Konstan. 2006. User choices and regret: Understanding users’ decision process about consensually acquired spyware. I/S: J. LawPolicy 2, 2 (2006), 283--344.

[84]

Connor Graham, Peter Benda, Steve Howard, James Balmford, Nicole Bishop, and Ron Borland. 2006. Heh—keeps me off the smokes&ldot;: Probing technology support for personal change. In Proceedings of the 18th Australia Conference on Computer-Human Interaction (OzCHI’06). ACM, New York, NY, 221--228.

[85]

Victoria Groom and Ryan Calo. 2011. Reversing the privacy paradox: An experimental study. Available at SSRN 1993125 (2011).

[86]

Jens Grossklags and Alessandro Acquisti. 2007. When 25 cents is too much: An experiment on willingness-to-sell and willingness-to-protect personal information. In Proceedings of the Workshop on the Economics of Information Security (WEIS’07). 1--22.

[87]

Jens Grossklags, Benjamin Johnson, and Nicolas Christin. 2010. When information improves information security. In Proceedings of the International Conference on Financial Cryptography and Data Security (FC’10). Springer, 416--423.

Digital Library

[88]

Scott D. Halpern, Peter A. Ubel, and David A. Asch. 2007. Harnessing the power of default options to improve health care. New Engl. J. Med. 357 (2007), 1340--1344.

[89]

Pelle Guldborg Hansen. 2012. Nudging traffic safety by visual illusions. iNudgeYou. (2012). Retrieved from http://inudgeyou.com/en/archives/504.

[90]

Pelle Guldborg Hansen. 2016. The definition of nudge and libertarian paternalism: Does the hand fit the glove?. Eur. J. Risk Reg. 7, 1 (2016), 155--174.

[91]

Marian Harbach, Markus Hettig, Susanne Weber, and Matthew Smith. 2014. Using personal examples to improve risk communication for security 8 privacy decisions. In Proceedings of the 32nd Annual ACM Conference on Human Factors in Computing Systems. ACM, 2647--2656.

Digital Library

[92]

Tejaswini Herath and H. Raghav Rao. 2009. Encouraging information security behaviors in organizations: Role of penalties, pressures and perceived effectiveness. Decis. Supp. Syst. 47, 2 (2009), 154--165.

Digital Library

[93]

Cormac Herley. 2009. So long, and no thanks for the externalities: The rational rejection of security advice by users. In Proceedings of the Workshop on New Security Paradigms (NSPW’09). ACM, New York, NY, 133--144.

Digital Library

[94]

Donna L. Hoffman and Thomas P. Novak. 1997. A new marketing paradigm for electronic commerce. Info. Soc.: Int. J. 13, 1 (1997), 43--54.

[95]

Chris Hoofnagle and Jennifer King. 2008. What Californians understand about privacy online. Available at SSRN 1262130 (2008), 1--33.

[96]

Leonie Huddy, Stanley Feldman, Gallya Lahav, and Charles Taber. 2003. Fear and terrorism: Psychological reactions to 9/11. In Framing Terrorism: The News Media, the Government and the Public, Pippa Norris, Montague Kern, and Marion Just (Eds.). Routeledge, New York, NY, USA, 255--278.

[97]

Giovanni Iachello, Ian Smith, Sunny Consolvo, Mike Chen, and Gregory D. Abowd. 2005. Developing privacy guidelines for social location disclosure applications and services. In Proceedings of the Symposium on Usable Privacy and Security (SOUPS’05). ACM, New York, NY, 65--76.

Digital Library

[98]

Lukasz Jedrzejczyk, Blaine A. Price, Arosha K. Bandara, and Bashar Nuseibeh. 2010. On the impact of real-time feedback on users’ behaviour in mobile location-sharing applications. In Proceedings of the 6th Symposium on Usable Privacy and Security (SOUPS’10). ACM, New York, NY, 1--12.

Digital Library

[99]

Nicola Jentzsch, Sören Preibusch, and Andreas Harasser. 2012. Study on Monetising Privacy: An Economic Model for Pricing Personal Information. European Union Agency for Network and Inf. Sec. (ENISA).

[100]

Leslie K. John, Alessandro Acquisti, and George Loewenstein. 2011. Strangers on a plane: Context-dependent willingness to divulge sensitive information. J. Consum. Res. 37, 5 (2011), 858--873.

[101]

Eric J. Johnson and Daniel G. Goldstein. 2004. Defaults and donation decisions. Transplantation 78, 12 (2004), 1713--1716.

[102]

Eric J. Johnson, Suzanne B. Shu, Benedict G. C. Dellaert, Craig Fox, Daniel G. Goldstein, Gerald Häubl, Richard P. Larrick, John W. Payne, Ellen Peters, David Schkade, Brian Wansink, and Elke U. Weber. 2012. Beyond nudges: Tools of a choice architecture. Market. Lett. 23, 2 (2012), 487--504.

[103]

Daniel Kahneman, Jack L. Knetsch, and Richard H. Thaler. 1990. Experimental tests of the endowment effect and the Coase theorem. J. Pol. Econ. 98, 6 (1990), 1325--1348.

[104]

Daniel Kahneman, Jack L. Knetsch, and Richard H. Thaler. 1991. Anomalies: The endowment effect, loss aversion, and status quo bias. J. Econ. Perspec. 5, 1 (1991), 193--206.

[105]

Daniel Kahneman and Dale T. Miller. 1986. Norm theory: Comparing reality to its alternatives. Psychol. Rev. 93, 2 (1986), 136--153.

[106]

Daniel Kahneman and Amos Tversky. 1979. Prospect theory: An analysis of decision under risk. Econometrica 47, 2 (1979), 263--291.

[107]

Patrick Gage Kelley, Lucian Cesca, Joanna Bresee, and Lorrie Faith Cranor. 2010. Standardizing privacy notices: An online study of the nutrition label approach. In Proceedings of the Conference on Human Factors in Computing Systems (CHI’10). ACM, 1573--1582.

Digital Library

[108]

Patrick Gage Kelley, Lorrie Faith Cranor, and Norman Sadeh. 2013. Privacy as part of the app decision-making process. In Proceedings of the Conference on Human Factors in Computing Systems (CHI’13). ACM, 3393--3402.

Digital Library

[109]

Saranga Komanduri, Richard Shay, Lorrie Faith Cranor, Cormac Herley, and Stuart Schechter. 2014. Telepathwords: Preventing weak passwords by reading Users minds. In Proceedings of the 23rd USENIX Security Symposium. USENIX Association, Berkeley, CA, 591--606.

[110]

Ulrich König and Jan Schallaböck. 2011. Privacy preferences for e-mail messages. IETF draft (2011). Retrieved from http://tools.ietf.org/html/draft-koenig-privicons-01.

[111]

Bastian Könings, David Piendl, Florian Schaub, and Michael Weber. 2011. PrivacyJudge: Effective privacy controls for online published information. In Proceedings of the Conference on Privacy, Security, Risk and Trust (PASSAT’11). IEEE, 935--941.

[112]

Bastian Könings, Sebastian Thoma, Florian Schaub, and Michael Weber. 2014. PriPref broadcaster: Enabling users to broadcast privacy preferences in their physical proximity. In Proceedings of the 13th International Conference on Mobile and Ubiquitous Multimedia (MUM’14). ACM, New York, NY, USA, 133--142.

Digital Library

[113]

Ponnurangam Kumaraguru, Yong Rhee, Alessandro Acquisti, Lorrie Faith Cranor, Jason Hong, and Elizabeth Nunge. 2007. Protecting people from phishing: The design and evaluation of an embedded training email system. In Proceedings of the Conference on Human Factors in Computing Systems (CHI’07). ACM, 905--914.

Digital Library

[114]

Yee-Lin Lai and Kai-Lung Hui. 2006. Internet opt-in and opt-out: Investigating the roles of frames, defaults and privacy concerns. In Proceedings of the Conference on Computer Personnel Research (CPR’06). ACM, 253--263.

Digital Library

[115]

David Laibson. 1997. Golden eggs and hyperbolic discounting. Quart. J. Econ. 112, 2 (1997), 443--478.

[116]

Marc Langheinrich. 2002. A privacy awareness system for ubiquitous computing environments. In Proceedings of the Conference on Ubiquitous Computing (UbiComp’02). Springer-Verlag, London, 237--245.

[117]

Robert S. Laufer and Maxine Wolfe. 1977. Privacy as a concept and a social issue: A multidimensional developmental theory. J. Soc. Issues 33, 3 (1977), 22--42.

[118]

Scott Lederer, Jason I. Hong, Anind K. Dey, and James A. Landay. 2004. Personal privacy through understanding and action: Five pitfalls for designers. Person. Ubiq. Comp. 8, 6 (2004), 440--454.

[119]

Pedro Giovanni Leon, Blase Ur, Rebecca Balebako, Lorrie Faith Cranor, Richard Shay, and Yang Wang. 2012. Why Johnny can’t opt out: A usability evaluation of tools to limit online behavioral advertising. In Proceedings of the Conference on Human Factors in Computing Systems (CHI’12). ACM, 589--598.

Digital Library

[120]

Irwin P. Levin, Sandra L. Schneider, and Gary J. Gaeth. 1998. All frames are not created equal: A typology and critical analysis of framing effects. Organ. Behav. Hum. Dec. 76, 2 (1998), 149--188.

[121]

Han Li, Rathindra Sarathy, and Heng Xu. 2011. The role of affect and cognition on online consumers’ decision to disclose personal information to unfamiliar online vendors. Decis. Support Syst. 51, 3 (2011), 434--445.

Digital Library

[122]

Han Li, Rathindra Sarathy, and Jie Zhang. 2008. The role of emotions in shaping consumers’ privacy beliefs about unfamiliar online vendors. J. Info. Priv. Sec. 4, 3 (2008), 36--62.

[123]

Simon Y. W. Li, Ann Blandford, Paul Cairns, and Richard M. Young. 2005. Post-completion errors in problem solving. In Proceedings of the 27th Annual Conference of the Cognitive Science Society. 1--6.

[124]

Sarah Lichtenstein, Baruch Fischhoff, and Lawrence D. Phillips. 1982. Calibration of probabilities: The state of the art to 1980. In Judgment Under Uncertainty: Heuristics and Biases, Daniel Kahneman, Paul Slovic, and Amos Tversky, (Eds.). Cambridge University Press, UK, 306--334.

[125]

Assar Lindbeck. 1997. Incentices and social norms in household behavior. Am. Econ. Rev. 87, 2 (1997), 370--377.

[126]

Janne Lindqvist, Justin Cranshaw, Jason Wiese, Jason Hong, and John Zimmerman. 2011. I’m the mayor of my house: Examining why people use foursquare—a social-driven location sharing application. In Proceedings of the Conf. Human Factors in Computing Systems (CHI’11). ACM, 2409--2418.

Digital Library

[127]

Bin Liu, Mads Schaarup Andersen, Florian Schaub, Hazim Almuhimedi, Shikun Zhang, Norman Sadeh, Alessandro Acquisti, and Yuvraj Agarwal. 2016. Follow my recommendations: A personalized privacy assistant for mobile app permissions. In Proceedings of the Symposium on Usable Privacy and Security (SOUPS’16). USENIX Association, Denver, CO, 27--41.

[128]

George Loewenstein and Emily Celia Haisley. 2007. The economist as therapist: Methodological ramifications of ’light’ paternalism. Available at SSRN 962472 (2007), 1--50.

[129]

George Loewenstein and Drazen Prelec. 1992. Anomalies in intertemporal choice: Evidence and an interpretation. Quart. J. Econ. 107, 2 (1992), 573--597.

[130]

Marco Loregian and Marco P. Locatelli. 2008. An experimental analysis of undo in ubiquitous computing environments. In Proceedings of the Conference on Ubiquitous Intelligence and Computing. Springer, 505--519.

Digital Library

[131]

Kim Ly, Nina Mazăr, Min Zhao, and Dilip Soman. 2013. A practiotioner’s guide to nudging. Rotman School of Management. University of Toronto. (March 2013).

[132]

Wendy E. Mackay. 1991. Triggers and barriers to customizing software. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems (CHI’91). ACM, New York, NY, 153--160.

Digital Library

[133]

Brigitte C. Madrian and Dennis F. Shea. 2001. The power of suggestion: Inertia in 401(K) participation and savings behavior. Quart. J. Econ. 116, 4 (2001), 1149--1187.

[134]

Alessandra Mazzia, Kristen LeFevre, and Eytan Adar. 2012. The PViz comprehension tool for social network privacy settings. In Proceedings of the Symposium on Usable Privacy and Security (SOUPS’12). ACM, 1--12.

Digital Library

[135]

Aleecia M. McDonald and Lorrie Faith Cranor. 2008. The cost of reading privacy policies. I/S: J. Law Policy 4, 3 (2008), 540--565.

[136]

Miriam J. Metzger. 2006. Effects of site, vendor, and consumer characteristics on web site trust and disclosure. Commun. Res. 33, 3 (2006), 155--179.

[137]

Microsoft. 2008. Privacy guidelines for developing software products and services (2008).

[138]

Microsoft. 2014. What are the system recovery options in Windows? (2014). Retrieved from http://windows.microsoft.com/en-us/windows/what-are-system-recovery-options.

[139]

Tyler Moore and Ross Anderson. 2011. Economics and Internet Security: A Survey of Recent Analytical, Empirical and Behavioral Research. Tech. Rep. TR-03-11. Dept. Computer Science, Harvard Univ.

[140]

M. Granger Morgan and Max Henrion. 1992. Uncertainty: A Guide to Dealing with Uncertainty in Quantitative Risk and Policy Analysis. Cambridge University Press, New York, NY.

[141]

Maggie Mullane and Steven Sheffrin. 2012. Regulatory Nudges in Practice. White paper. Department of Economics and Murphy Institute, Tulane University.

[142]

Donald A. Norman. 2013. The Design of Everyday Things: Revised and Expanded. Basic Books, New York.

[143]

Joon S. Park, Kevin A. Kwiat, Charles A. Kamhoua, Jonathan White, and Sookyung Kim. 2014. Trusted online social network (OSN) services with optimal data management. Comput. Secur. 42 (2014), 116--136.

[144]

Sameer Patil, Xinru Page, and Alfred Kobsa. 2011. With a little help from my friends: Can social navigation inform interpersonal privacy preferences? In Proceedings of the Conference on Computer Supported Cooperative Work (CSCW’11). ACM, 391--394.

Digital Library

[145]

Andrew S. Patrick and Steve Kenny. 2003. From privacy legislation to interface design: Implementing information privacy in human-computer interactions. In Proceedings of the Workshop on Privacy Enhancing Technology (PET’03). Springer, 107--124.

[146]

Eyal Pe’er. 2011. The time-saving bias, speed choices and driving behavior. Transport. Res. Part F: Traffic Psychol. Behav. 14, 6 (2011), 543--554.

[147]

Pennsylvania Department of Transportation. 2013. PA Driver’s manual. Chapter 3—Learning to drive. (March 2013).

[148]

Jon Perlow. 2008. New in Labs: Stop sending mail you later regret. Official Gmail Blog (October 2008). Retrieved from http://gmailblog.blogspot.com/2008/10/new-in-labs-stop-sending-mail-you-later.html.

[149]

John E. Petersen, Vladislav Shunturov, Kathryn Janda, Gavin Platt, and Kate Weinberger. 2007. Dormitory residents reduce electricity consumption when exposed to real-time visual feedback and incentives. Int. J. Sustain. Higher Edu. 8, 1 (2007), 16--33.

[150]

Pew Research Internet Project. 2013. Anonymity, Privacy, and Security Online. Retrieved from http://www.pewinternet.org/2013/09/05/anonymity-privacy-and-security-online/(September 2013).

[151]

Richard A. Posner. 1978. The right of privacy. Georgia Law Rev. 12, 3 (1978), 393--422.

[152]

Richard A. Posner. 1981. The economics of privacy. Amer. Econ. Rev. 71, 2 (1981), 405--509.

[153]

Matthew Rabin. 1998. Psychology and economics. J. Econ. Lit. 36, 1 (1998), 11--46.

[154]

Mika Raento and Antti Oulasvirta. 2005. Privacy management for social awareness applications. In Proceedings of the Workshop on Context Awareness for Proactive Systems. 105--114.

[155]

Fahimeh Raja, Kirstie Hawkey, Steven Hsu, Kai-Le Clement Wang, and Konstantin Beznosov. 2011. A brick wall, a locked door, and a bandit: A physical security metaphor for firewall warnings. In Proceedings of the 7th Symposium on Usable Privacy and Security (SOUPS’11). ACM, New York, NY, 1--20.

Digital Library

[156]

Norman Sadeh, Jason Hong, Lorrie Faith Cranor, Ian Fette, Patrick Gage Kelley, Madhu Prabaker, and Jinghai Rao. 2009. Understanding and capturing people’s privacy policies in a mobile social networking application. Person. Ubiq. Comput. 13, 6 (2009), 401--412.

Digital Library

[157]

M. Angela Sasse, Sacha Brostoff, and Dirk Weirich. 2001. Transforming the “weakest link”: A human/computer interaction approach to usable and effective security. BT Technol. J. 19, 3 (2001), 122--131.

Digital Library

[158]

Florian Schaub, Rebecca Balebako, Adam L. Durity, and Lorrie Faith Cranor. 2015. A design space for effective privacy notices. In Proceedings of the Symposium on Usable Privacy and Security (SOUPS’15). USENIX Association.

[159]

Stuart E. Schechter, Rachna Dhamija, Andy Ozment, and Ian Fischer. 2007. The emperor’s new security indicators. In Proceedings of the IEEE Symposium on Security and Privacy. IEEE, New York, NY, 51--65.

Digital Library

[160]

Bruce Schneier. 2007. The psychology of security. Commun. ACM 50, 5 (2007), 128.

Digital Library

[161]

Katarina Segerstahl and Harri Oinas-Kukkonen. 2007. Distributed user experience in persuasive technology environments. In Proceedings of the 2nd International Conference on Persuasive Technology. Springer, 80--91.

[162]

Evan Selinger and Kyle Whyte. 2011. Is there a right way to nudge? The practice and ethics of choice architecture. Sociol. Compass 5, 10 (2011), 923--935.

[163]

Jesse M. Shapiro. 2005. Is there a daily discount rate? Evidence from the food stamp nutrition cycle. J. Public Econ. 89, 2 (2005), 303--325.

[164]

David Sharek, Cameron Swofford, and Michael Wogalter. 2008. Failure to recognize fake internet popup warning messages. Proceedings of the Human Factors and Erg. Society Ann. Meeting 52, 6 (2008), 557--560.

[165]

Fuming Shih, Ilaria Liccardi, and Daniel J. Weitzner. 2015. Privacy tipping points in smartphones privacy preferences. In Proceedings of the Conference on Human Factors in Computing Systems (CHI’15). ACM, 807--816.

Digital Library

[166]

Katie Shilton, Jeffrey A. Burke, Deborah Estrin, Mark Hansen, and Mani Srivastava. 2008. Participatory Privacy in Urban Sensing. Technical Report. Center for Embedded Network Sensing.

[167]

Adam Shostack. 2003. Paying for privacy: Consumers and infrastructures. In Proceedings of the 2nd Annual Workshop on Economics and Information Security.

[168]

Herbert A. Simon. 1957. Models of Man, Social and Rational: Mathematical Essays on Rational Human Behavior in a Social Setting. Wiley, New York, NY, USA.

[169]

Herbert A Simon. 1982. Models of Bounded Rationality: Empirically Grounded Economic Reason. MIT Press.

[170]

Manya Sleeper, Justin Cranshaw, Patrick Gage Kelley, Blase Ur, Alessandro Acquisti, Lorrie Faith Cranor, and Norman Sadeh. 2013. “I read my Twitter the next morning and was astonished”: A conversational perspective on Twitter regrets. In Proceedings of the Conference on Human Factors in Computimg Systems (CHI’13). ACM, 3277--3286.

Digital Library

[171]

H. Jeff Smith, Tamara Dinev, and Heng Xu. 2011. Information privacy research: An interdisciplinary review. MIS Quart. 35, 4 (2011), 989--1015.

Digital Library

[172]

Sarah Spiekermann, Jens Grossklags, and Bettina Berendt. 2001. E-privacy in 2nd generation e-commerce: Privacy preferences versus actual behavior. In Proceedings of the Conference on Electronic Commerce (EC’01). ACM, 38--47.

Digital Library

[173]

Frank Stajano and Paul Wilson. 2011. Understanding scam victims: Seven principles for systems security. Commun. ACM 54, 3 (March 2011), 70--75.

Digital Library

[174]

George J. Stigler. 1980. An introduction to privacy in economics and politics. J. Legal Stud. 9, 4 (1980), 623--644.

[175]

Fred Stutzman, Ralph Gross, and Alessandro Acquisti. 2013. Silent listeners: The evolution of privacy and disclosure on Facebook. J. Priv. Confident. 4, 2 (2013), 7--41.

[176]

Cass R. Sunstein. 2012. The Storrs Lectures: Behavioral economics and paternalism. Yale Law J. 122, 7 (2012), 1826.

[177]

Joshua Tan, Khanh Nguyen, Michael Theodorides, Heidi Negrón-Arroyo, Christopher Thompson, Serge Egelman, and David Wagner. 2014. The effect of developer-specified explanations for permission requests on smartphone user behavior. In Proceedings of the Conference on Human Factors in Computing Systems (CHI’14). ACM, 91--100.

Digital Library

[178]

David G. Taylor, Donna F. Davis, and Ravi Jillapalli. 2009. Privacy concern and online personalization: The moderating effects of information control and compensation. Electr. Commer. Res. 9, 3 (2009), 203--223.

Digital Library

[179]

Humphrey Taylor. 2003. Most People are “Privacy Pragmatists” Who, While Concerned about Privacy, will Sometimes Trade it off for Other Benefits. Technical Report. Harris Interactive.

[180]

Tennessee Department of Transportation. 2014. Tennessee Highway Fatalities. Retrieved from http://www.tdot.state.tn.us/ghso/thf.htm (June 2014).

[181]

Richard H. Thaler. 1981. Some empirical evidence on dynamic inconsistency. Econ. Lett. 8, 3 (1981), 201--207.

[182]

Richard H. Thaler and Cass R. Sunstein. 2008. Nudge: Improving Decisions About Health, Wealth, and Happiness. Yale University Press, New Haven, CT.

[183]

Janice Y. Tsai, Serge Egelman, Lorrie Faith Cranor, and Alessandro Acquisti. 2011. The effect of online privacy information on purchasing behavior: An experimental study. Info. Syst. Res. 22, 2 (2011), 254--268.

Digital Library

[184]

Janice Y. Tsai, Patrick Gage Kelley, Paul Drielsma, Lorrie Faith Cranor, Jason Hong, and Norman Sadeh. 2009. Who’s viewed you?: The impact of feedback in a mobile location-sharing application. In Proceedings of the Conference on Human Factors in Computing Systems (CHI’09). ACM, 2003--2012.

Digital Library

[185]

Amos Tversky and Daniel Kahneman. 1975. Judgment under uncertainty: Heuristics and biases. In Utility, Probability, and Human Decision Making, Dirk Wendt and Charles Vlek (Eds.). Springer, 141--162.

[186]

Amos Tversky and Daniel Kahneman. 1981. The framing of decisions and the psychology of choice. Science 211, 4481 (1981), 453--458.

[187]

Blase Ur, Patrick Gage Kelley, Saranga Komanduri, Joel Lee, Michael Maass, Michelle Mazurek, Timothy Passaro, Richard Shay, Timothy Vidas, Lujo Bauer, Nicholas Christin, and Lorrie Faith Cranor. 2012a. How does your password measure up? The effect of strength meters on password creation. In Proceedings of the USENIX Security Symposium. USENIX Association, Berkeley, CA, 1--16.

[188]

Blase Ur, Pedro Giovanni Leon, Lorrie Faith Cranor, Richard Shay, and Yang Wang. 2012b. Smart, useful, scary, creepy: Perceptions of online behavioral advertising. In Proceedings of the 8th Symposium on Usable Privacy and Security (SOUPS’12). ACM, New York, NY, 1--15.

Digital Library

[189]

Hal R. Varian. 1996. Economic aspects of personal privacy. In Privacy and Self-regulation in the Information Age. U.S. Department of Commerce.

[190]

Hal R. Varian. 2000. Economic scene: Managing online security risks. New York Times (June 2000).

[191]

Tony Vila, Rachel Greenstadt, and David Molnar. 2003. Why we can’t be bothered to read privacy policies: Models of privacy economics as a lemons market. In Proceedings of the Conference on Electronic Commerce (EC’03). ACM, 403--407.

Digital Library

[192]

Yang Wang, Gregory Norcie, Saranga Komanduri, Alessandro Acquisti, Pedro Giovanni Leon, and Lorrie Faith Cranor. 2011. I regretted the minute I pressed share: A qualitative study of regrets on Facebook. In Proceedings of the Symposium on Usable Privacy and Security (SOUPS’11). ACM, 1--16.

Digital Library

[193]

Yang Wang, Pedro Giovanni Leon, Alessandro Acquisti, Lorrie Faith Cranor, Alain Forget, and Norman Sadeh. 2014. A field trial of privacy nudges for Facebook. In Proceedings of the 32nd Annual ACM Conference on Human Factors in Computing Systems (CHI’14). ACM, New York, NY, 2367--2376.

Digital Library

[194]

Webroot. 2010. Social media sobriety test. Retrieved from http://www.webroot.com/En_US/sites/sobrietytest/ (2010).

[195]

Alma Whitten and J. Doug Tygar. 1999. Why Johnny can’t encrypt: A usability evaluation of PGP 5.0. In Proceedings of the USENIX Security Symposium. USENIX Association, Berkeley, CA, 1--16.

[196]

Lauren E. Willis. 2014. Why not privacy by default? Berkeley Technol. Law J. 29, 1 (2014), 1--57.

[197]

Shomir Wilson, Justin Cranshaw, Norman Sadeh, Alessandro Acquisti, Lorrie Faith Cranor, Jay Springfield, Sae Young Jeong, and Arun Balasubramanian. 2013. Privacy manipulation and acclimation in a location sharing application. In Proceedings of the Conference on Pervasive and Ubiquitous Computing (Ubicomp’13). ACM, 549--558.

Digital Library

[198]

Jessica Wisdom, Julie S. Downs, and George Loewenstein. 2010. Promoting healthy choices: Information versus convenience. Amer. Econ. J.: Appl. Econ. 2, 2 (2010), 164--178.

[199]

Evan Wondrasek. 2010. Take control of your Facebook privacy with PrivacyDefender. (June 2010). Retrieved from http://www.makeuseof.com/tag/control-facebook-privacy-privacydefender/.

[200]

Joshua D. Wright and Douglas H. Ginsburg. 2012. Behavioral law and economics: Its origins, fatal flaws, and implications for liberty. Northwest. Univ. Law Rev. 106, 3 (2012), 12--63.

[201]

Haidong Xia and José Carlos Brustoloni. 2005. Hardening Web browsers against man-in-the-middle and eavesdropping attacks. In Proceedings of the Conference on the World Wide Web (WWW’05). ACM, 489--498.

Cited By

D’Assergio CManchanda PMontaguti EValentini S(2025)The Race for Data: Utilizing Informative or Persuasive Cues to Gain Opt-In?Journal of Marketing10.1177/00222429241288456Online publication date: 24-Jan-2025
https://doi.org/10.1177/00222429241288456
Dalmia MDiehl K(2025)Privacy is Important, but When is it Thought About?Journal of the Association for Consumer Research10.1086/735023Online publication date: 29-Jan-2025
https://doi.org/10.1086/735023
Sallaku KAvloniti AMagrizos SVilamová ŠMassis A(2025)Consumer Behaviour in Growth Hacking: Developing and Validating the Shareability ConstructJournal of Business Research10.1016/j.jbusres.2025.115181189(115181)Online publication date: Mar-2025
https://doi.org/10.1016/j.jbusres.2025.115181
Show More Cited By

Index Terms

Nudges for Privacy and Security: Understanding and Assisting Users’ Choices Online
1. Human-centered computing
  1. Human computer interaction (HCI)
  2. Interaction design
2. Security and privacy
  1. Human and societal aspects of security and privacy

Recommendations

Privacy nudges for social media: an exploratory Facebook study
WWW '13 Companion: Proceedings of the 22nd International Conference on World Wide Web

Anecdotal evidence and scholarly research have shown that a significant portion of Internet users experience regrets over their online disclosures. To help individuals avoid regrettable online disclosures, we employed lessons from behavioral decision ...
RFID system with fairness within the framework of security and privacy
ESAS'05: Proceedings of the Second European conference on Security and Privacy in Ad-Hoc and Sensor Networks

Radio Frequency Identification (RFID) systems are expected to be widely deployed in automated identification and supply-chain applications. Although RFID systems have several advantages, the technology may also create new threats to user privacy. In ...
Are RNGs Achilles' Heel of RFID Security and Privacy Protocols?

Security and privacy concerns have been growing with the increased utilisation of RFID technology in our daily lives. To mitigate these issues, numerous privacy-friendly authentication protocols have been published in the last decade. Random number ...

Comments

Information & Contributors

Information

Published In

cover image ACM Computing Surveys

ACM Computing Surveys Volume 50, Issue 3

May 2018

550 pages

ISSN:0360-0300

EISSN:1557-7341

DOI:10.1145/3101309

Editor:
Sartaj Sahni
Department of Computer and Information Science and Engineering / University of Florida / Gainesville, FL 32611

Issue’s Table of Contents

Copyright © 2017 Owner/Author.

Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 08 August 2017

Accepted: 01 January 2017

Revised: 01 September 2016

Received: 01 October 2015

Published in CSUR Volume 50, Issue 3

Check for updates

Author Tags

Qualifiers

Survey
Research
Refereed

Funding Sources

NSF

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

360
Total Citations
View Citations
18,703
Total Downloads

Downloads (Last 12 months)3,327
Downloads (Last 6 weeks)295

Reflects downloads up to 28 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

D’Assergio CManchanda PMontaguti EValentini S(2025)The Race for Data: Utilizing Informative or Persuasive Cues to Gain Opt-In?Journal of Marketing10.1177/00222429241288456Online publication date: 24-Jan-2025
https://doi.org/10.1177/00222429241288456
Dalmia MDiehl K(2025)Privacy is Important, but When is it Thought About?Journal of the Association for Consumer Research10.1086/735023Online publication date: 29-Jan-2025
https://doi.org/10.1086/735023
Sallaku KAvloniti AMagrizos SVilamová ŠMassis A(2025)Consumer Behaviour in Growth Hacking: Developing and Validating the Shareability ConstructJournal of Business Research10.1016/j.jbusres.2025.115181189(115181)Online publication date: Mar-2025
https://doi.org/10.1016/j.jbusres.2025.115181
Agha ZAli NPark JWisniewski P(2025)A systematic review on design-based nudges for adolescent online safetyInternational Journal of Child-Computer Interaction10.1016/j.ijcci.2024.10070243(100702)Online publication date: Mar-2025
https://doi.org/10.1016/j.ijcci.2024.100702
Jung YBao JNorman MSundar S(2025)Privacy concerns in mobile technology: Can interactivity reduce friction?Computers in Human Behavior10.1016/j.chb.2024.108421162(108421)Online publication date: Jan-2025
https://doi.org/10.1016/j.chb.2024.108421
Kokolakis S(2025)Privacy NudgingEncyclopedia of Cryptography, Security and Privacy10.1007/978-3-030-71522-9_1640(1907-1909)Online publication date: 8-Jan-2025
https://doi.org/10.1007/978-3-030-71522-9_1640
Flowerday SBhana B(2025)Security NudgesEncyclopedia of Cryptography, Security and Privacy10.1007/978-3-030-71522-9_1592(2313-2317)Online publication date: 8-Jan-2025
https://doi.org/10.1007/978-3-030-71522-9_1592
Liaqat MMushtaq MJamil AMushtaq MAli HAnwar RRaza AAslam ATariq THussain MBakht DBokhari S(2024)Mobile Health Interventions: A Frontier for Mitigating the Global Burden of Cardiovascular DiseaseCureus10.7759/cureus.62157Online publication date: 11-Jun-2024
https://doi.org/10.7759/cureus.62157
Hasegawa AInoue DAkiyama MBalzarotti DXu W(2024)How WEIRD is usable privacy and security research?Proceedings of the 33rd USENIX Conference on Security Symposium10.5555/3698900.3699082(3241-3258)Online publication date: 14-Aug-2024
https://dl.acm.org/doi/10.5555/3698900.3699082
Kehat RHirschprung RAlkoby S(2024)Enhancing User Acceptance of an AI Agent’s Recommendation in Information-Sharing EnvironmentsApplied Sciences10.3390/app1417787414:17(7874)Online publication date: 4-Sep-2024
https://doi.org/10.3390/app14177874
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Figures

Tables

Media

View Issue’s Table of Contents