For people more interested in last weeks class on Terms of Service here are three good articles on the topic:
Noticing notice: a large-scale experiment on the timing of software license agreements
Abstract:
Spyware is an increasing problem. Interestingly, many programs carrying spyware honestly disclose the activities of the software, but users install the software anyway. We report on a study of software installation to assess the effectiveness of different notices for helping people make better decisions on which software to install. Our study of 222 users showed that providing a short summary notice, in addition to the End User License Agreement (EULA), before the installation reduced the number of software installations significantly. We also found that providing the short summary notice after installation led to a significant number of uninstalls. However, even with the short notices, many users installed the program and later expressed regret for doing so. These results, along with a detailed analysis of installation, regret, and survey data about user behaviors informs our recommendations to policymakers and designers for assessing the “adequacy” of consent in the context of software that exhibits behaviors associated with spyware.
Nathaniel S. Good, Jens Grossklags, Deirdre K. Mulligan, Joseph A. Konstan
What Can Behavioral Economics Teach Us About Privacy? PDF
By AlessandroAcquisti and Jens Grossklags. In Alessandro Acquisti, Sabrina De Capitani di Vimercati, Stefanos Gritzalis, Costas Lambrinoudakis (eds)
Abstract:
Privacy decision making can be surprising or even appear contradictory: we feel entitled to protection of information about our- selves that we do not control, yet willingly trade away the same in- formation for small rewards; we worry about privacy invasions of little significance, yet overlook those that may cause significant damages. Di- chotomies between attitudes and behaviors, inconsistencies in discount- ing future costs or rewards, and other systematic behavioral biases have long been studied in the psychology and behavioral economics litera- tures. In this paper we draw from those literatures to discuss the role of uncertainty, ambiguity, and behavioral biases in privacy decision making.
The Cost of Reading Privacy Policies PDF by Aleecia M. McDonald and Lorrie Faith Cranor,
Abstract:
Companies collect personally identifiable information that website visitors are not always comfortable sharing. One proposed remedy is to use economics rather than legislation to address privacy risks by creating a market place for privacy where website visitors would choose to accept or reject offers for small payments in exchange for loss of privacy. The notion of micropayments for privacy has not been realized in practice, perhaps because advertisers might be willing to pay a penny per name and IP address, yet few people would sell their contact information for only a penny.1 In this paper we contend that the time to read privacy policies is, in and of itself, a form of payment. Instead of receiving payments to reveal information, website visitors must pay with their time to research policies in order to retain their privacy. We pose the question: if website users were to read the privacy policy for each site they visit just once a year, what would their time be worth?
Studies show privacy policies are hard to read, read infrequently, and do not support rational decision making. We calculated the average time to read privacy policies in two ways. First, we used a list of the 75 most popular websites and assumed an average reading rate of 250 words per minute to find an average reading time of 10 minutes per policy. Second, we conducted an online study of 212 participants to measure time to skim online privacy policies and respond to simple comprehension questions. We used data from Nielsen/Net Ratings to estimate the number of unique websites the average Internet user visits annually with a lower bound of 119 sites. We estimated the total number of Americans online based on Pew Internet & American Life data and Census data. Finally, we estimated the value of time as 25% of average hourly salary for leisure and twice wages for time at work. We present a range of values, and found the national opportunity cost for just the time to read policies is on the order of $781 billion. Additional time for comparing policies between multiple sites in order to make informed decisions about privacy brings the social cost well above the market for online advertising. Given that web users also have some value for their privacy on top of the time it takes to read policies, this suggests that under the current self-regulation framework, targeted online advertising may have negative social utility.
Thanks PK for the great references.
Post a Comment