More Web Proxy on the site http://driver.im/

research-article

"I agree to the terms and conditions"

Author:

Nili SteinfeldAuthors Info & Claims

Computers in Human Behavior, Volume 55, Issue PB

Pages 992 - 1000

https://doi.org/10.1016/j.chb.2015.09.038

Published: 01 February 2016 Publication History

Abstract

Privacy policies are widely used by online service providers to regulate the use of personal data they collect, but users often skip on reading them and are unaware of the way information about them is being treated, and how they can control the ways in which that information is collected, stored or shared. Eye tracking methodology was used to test if a default presentation of a policy encourages reading it, and how the document is being read by users. Results show that when a privacy policy is presented by default, participants tend to read it quite carefully, while when given the option to sign their agreement without reading the policy, most participants skip the policy altogether. Surprisingly, participants who actively choose to read the policy spend significantly less time and effort on reading it than participants in the default condition. Finally, default policy presentation was significantly related to understanding user rights and restrictions on the use of personal data. When a privacy policy is presented by default, users read it quite carefully.Most users who are not presented with a policy by default never click to read it.Users who clicked to read policy ended up merely skimming through its text.Default presentation increased users' knowledge regarding use of personal data.Default presentation encouraged reading with no relation to privacy attitudes.

References

[1]

A. Acquisti, J. Grossklags, Privacy and rationality in individual decision making, IEEE Security and Privacy, 2 (2005) 24-30.

[2]

Alexa, Alexa top 500 global sites, 2012. http://www.alexa.com/topsites/global

[3]

J. Angulo, S. Fischer-Hübner, T. Pulls, E. Wästlund, Towards usable privacy policy display and management-The primelife approach, in: Proceedings of HAISA 2011: The fifth international symposium on human aspects of information security & assurance, University of Plymouth, Plymouth, 2011, pp. 108-117.

[4]

A.I. Antón, J.B. Earp, R. Carter, Precluding incongruous behavior by aligning software requirements with security and privacy policies, Information and Software Technology, 45 (2003) 967-977.

[5]

D. Ariely, Predictably irrational: The hidden forces that shape our decisions, HarperCollins, New York, 2008.

[6]

BBC, Google fined over Safari cookie privacy row, 2012, August 9. http://www.bbc.co.uk/news/technology-19200279

[7]

BBC, European data watchdogs target Google over privacy, BBC, 2013, April 2. http://www.bbc.co.uk/news/technology-22003551

[8]

BBC, EU 'may take action' against Google over privacy policy, BBC, 2013, February 18. http://www.bbc.co.uk/news/technology-21499190

[9]

F. Belanger, J.S. Hiller, W.J. Smith, Trustworthiness in electronic commerce: the role of privacy, security, and site attributes, Journal of Strategic Information Systems, 11 (2002) 245-270.

[10]

S. Bellman, E.J. Johnson, G.L. Lohse, To opt-in or opt-out? it depends on the question, Communications of the ACM, 44 (2001) 25-27.

Digital Library

[11]

K. Chellel, J. Hodges, Facebook suit over subscriber tracking seeks $15 billion, Bloomberg, 2012, May 19. http://www.bloomberg.com/news/2012-05-18/facebook-sued-for-15-billion-in-suit-over-user-tracking.html

[12]

J.B. Earp, A.I. Antón, L. Aiman-Smith, W.H. Stufflebeam, Examining Internet privacy policies within the context of user privacy values, IEEE Transactions on Engineering Management, 52 (2005) 227-237.

[13]

J.B. Earp, D. Baumer, Innovative web use to learn about consumer behavior and online privacy, Communications of the ACM, 46 (2003) 81-83. https://www.facebook.com/policy.php

Digital Library

[14]

Facebook, Updating our terms and policies: Helping you understand how Facebook works and how to control your information, 2015. https://www.facebook.com/about/terms-updates

[15]

Federal Trade Commission, Mobile privacy disclosures: Building trust through transparency, 2013, February. www.ftc.gov/os/2013/02/130201mobileprivacyreport.pdf

[16]

Federal Trade Commission, Privacy Online: Fair Information Practices in the Electronic Marketplace, 2000, May. http://www.ftc.gov/reports/privacy-online-fair-information-practices-electronic-marketplace-federal-trade-commission

[17]

V. Goel, E. Wyatt, Facebook privacy change is subject of F.T.C. inquiry, The New York Times, 2013, September 11. http://www.nytimes.com/2013/09/12/technology/personaltech/ftc-looking-into-facebook-privacy-policy.html Google

[18]

K.L. Hui, H.H. Teo, S.Y.T. Lee, The value of privacy assurance: an exploratory field experiment, MIS Quarterly, 31 (2007) 19-33.

Digital Library

[19]

N. Jentzsch, S. Preibusch, A. Harasser, Study on monetising privacy: An economic model for pricing personal information, Enisa, 2012.

[20]

E.J. Johnson, S. Bellman, G.L. Lohse, Defaults, framing and privacy: why opting in-opting out, Marketing Letters, 13 (2002) 5-15.

[21]

E.J. Johnson, D. Goldstein, Do defaults save lives?, Science, 302 (2003) 1338-1339.

[22]

D. Kahneman, J.L. Knetsch, R.H. Thaler, Anomalies: the endowment effect, loss aversion, and status quo bias, The Journal of Economic Perspectives, 5 (1991) 193-206.

[23]

D. Kahneman, A. Tversky, Choices, values, and frames, American Psychologist, 39 (1984) 341-350.

[24]

J. Kesan, C. Hayes, M. Bashir, Consumer privacy choices, informed consent, and baseline protections to facilitate market transactions in the cloud, Illinois Program in Law, Behavior and Social Science (2012) 11-20.

[25]

R. Korobkin, The status quo bias and contract default rules, Cornell Law Review, 83 (1998) 608-687.

[26]

D. Kravets, Judge approves $20M Facebook 'sponsored stories' settlement, Wired, 2013, August 26. http://www.wired.com/threatlevel/2013/08/judge-approves-20-million-facebook-sponsored-stories-settlement/

[27]

A.M. McDonald, L.F. Cranor, The cost of reading privacy policies, I/S: A Journal of Law and Policy for the Information Society, 4 (2008) 540-565.

[28]

D.B. Meinert, D.K. Peterson, J.R. Criswell, M.D. Crossland, Privacy policy statements and consumer willingness to provide personal information, Journal of Electronic Commerce in Organizations, 4 (2006) 1-17.

[29]

G.R. Milne, Privacy and ethical issues in database/interactive marketing and public policy: a research framework and overview of the special issue, Journal of Public Policy & Marketing, 19 (2000) 1-6.

[30]

G.R. Milne, M.J. Culnan, Strategies for reducing online privacy risks: why consumers read (or don't read) online privacy notices, Journal of Interactive Marketing, 18 (2004) 15-29.

[31]

H. Nissenbaum, A¿contextual approach to privacy online, Daedalus, 140 (2011) 32-48.

[32]

Pew Research Center, Privacy and data management on Mobile devices, 2012.

[33]

Pew Research Center, Teens and mobile apps privacy, 2013.

[34]

Pew Research Center, Americans' privacy strategies post-snowden, 2015.

[35]

E. Pfanner, France says Google privacy plan likely violates European law, The New York Times, 2012, February 29. http://www.nytimes.com/2012/02/29/technology/france-says-google-privacy-plan-likely-violates-european-law.html

[36]

J. Phelps, G. Nowak, E. Ferrell, Privacy concerns and consumer willingness to provide personal information, Journal of Public Policy & Marketing, 19 (2000) 27-41.

[37]

J. Rosenblatt, Facebook seeks dismissal of $15 billion privacy suit, Bloomberg, 2012, October 5. http://www.bloomberg.com/news/2012-10-05/facebook-seeks-dismissal-of-15-billion-privacy-suit.html

[38]

W. Samuelson, R. Zeckhauser, Status quo bias in decision making, Journal of Risk and Uncertainty, 1 (1988) 7-59.

[39]

A. Seshagiri, Claims that Google violates Gmail user privacy, The New York Times, 2013, October 1. http://www.nytimes.com/interactive/2013/10/02/technology/google-email- case.html SMI

[40]

D.J. Solove, The digital person: Technology and privacy in the information age, New York University Press, New York, 2004. http://tosdr.org

[41]

TRUSTe (n.d.)2015 http://www.truste.com.

[42]

J.Y. Tsai, S. Egelman, L. Cranor, A. Acquisti, The effect of online privacy information on purchasing behavior: an experimental study, Information Systems Research, 22 (2011) 254-268.

Digital Library

[43]

B. Womack, Facebook seeks to clarify how it uses member data for ads, Bloomberg, 2013, August 29. http://www.bloomberg.com/news/2013-08-29/facebook-seeks-to-clarify-how-it-uses-member-data-for-ads.html

Cited By

Marialva Yvano MColeti TDella Mura WFioravante CMoreira de Souza MAmadeu Teixeira LMorandini M(2024)Towards the access to information regarding the Personal Data Handling: A proposal for improvement and simplification of Privacy and Security PoliciesProceedings of the XXIII Brazilian Symposium on Human Factors in Computing Systems10.1145/3702038.3702078(1-11)Online publication date: 7-Oct-2024
https://dl.acm.org/doi/10.1145/3702038.3702078
Javed YSajid A(2024)A Systematic Review of Privacy Policy LiteratureACM Computing Surveys10.1145/369839357:2(1-43)Online publication date: 1-Oct-2024
https://dl.acm.org/doi/10.1145/3698393
Pickering BFair NPhillips SShearer D(2024)The Clash of Service Provider and Service User ExpectationsHCI International 2024 – Late Breaking Papers10.1007/978-3-031-76821-7_22(314-326)Online publication date: 29-Jun-2024
https://dl.acm.org/doi/10.1007/978-3-031-76821-7_22
Show More Cited By

Recommendations

Privacy policy enforcement in enterprises with identity management solutions
Privacy, Security and Trust (PST) Technologies: Evolution and Challenges

People are usually asked by enterprises to disclose their personal information to access web services and engage in business interactions. Enterprises need this information to enable their business processes. This is unlikely to change, at least in the ...
A Gap in Perceived Importance of Privacy Policies between Individuals and Companies
CONGRESS '09: Proceedings of the 2009 World Congress on Privacy, Security, Trust and the Management of e-Business

Although several studies have examined individuals’ privacy concerns and companies’ privacy policy disclosures, only a few studies examined whether customers’ privacy concerns are adequately addressed in companies’ privacy policy disclosures. This study ...
Privacy Policy Specification Framework for Addressing End-Users’ Privacy Requirements
Trust, Privacy and Security in Digital Business
Abstract
Privacy policies are a widely used approach in informing end-users about the processing of their data and collecting consent to such processing. These policies are defined by the service providers and end-users do not have any control over them. ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image Computers in Human Behavior

Computers in Human Behavior Volume 55, Issue PB

February 2016

645 pages

ISSN:0747-5632

Issue’s Table of Contents

Copyright © Elsevier Ltd.

Publisher

Elsevier Science Publishers B. V.

Netherlands

Publication History

Published: 01 February 2016

Author Tags

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

21
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 03 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Marialva Yvano MColeti TDella Mura WFioravante CMoreira de Souza MAmadeu Teixeira LMorandini M(2024)Towards the access to information regarding the Personal Data Handling: A proposal for improvement and simplification of Privacy and Security PoliciesProceedings of the XXIII Brazilian Symposium on Human Factors in Computing Systems10.1145/3702038.3702078(1-11)Online publication date: 7-Oct-2024
https://dl.acm.org/doi/10.1145/3702038.3702078
Javed YSajid A(2024)A Systematic Review of Privacy Policy LiteratureACM Computing Surveys10.1145/369839357:2(1-43)Online publication date: 1-Oct-2024
https://dl.acm.org/doi/10.1145/3698393
Pickering BFair NPhillips SShearer D(2024)The Clash of Service Provider and Service User ExpectationsHCI International 2024 – Late Breaking Papers10.1007/978-3-031-76821-7_22(314-326)Online publication date: 29-Jun-2024
https://dl.acm.org/doi/10.1007/978-3-031-76821-7_22
Theis SStellmacher CPütz SArend MNitsch V(2023)Understanding Fitness Tracker Users’ and Non-Users’ Requirements for Interactive and Transparent Privacy InformationExtended Abstracts of the 2023 CHI Conference on Human Factors in Computing Systems10.1145/3544549.3585698(1-7)Online publication date: 19-Apr-2023
https://dl.acm.org/doi/10.1145/3544549.3585698
Kaiser JMarianski TJung FWoźniak MBoll S(2022)Informed ShoppAR - Visualizing Privacy Information in Augmented RealityProceedings of Mensch und Computer 202210.1145/3543758.3549884(394-398)Online publication date: 4-Sep-2022
https://dl.acm.org/doi/10.1145/3543758.3549884
Brunotte WChazette LKohler LKlunder JSchneider K(2022)What About My Privacy?Helping Users Understand Online Privacy PoliciesProceedings of the International Conference on Software and System Processes and International Conference on Global Software Engineering10.1145/3529320.3529327(56-65)Online publication date: 19-May-2022
https://dl.acm.org/doi/10.1145/3529320.3529327
Kitkowska AHögberg JWästlund E(2022)Online Terms and Conditions: Improving User Engagement, Awareness, and Satisfaction through UI DesignProceedings of the 2022 CHI Conference on Human Factors in Computing Systems10.1145/3491102.3517720(1-22)Online publication date: 29-Apr-2022
https://dl.acm.org/doi/10.1145/3491102.3517720
Chaparro Osman MNakushian ARebensky SPrior TCarroll M(2022)User Experience, Knowledge, Perceptions, and Behaviors Associated with Internet of Things (IoT) Device Information PrivacyHCI for Cybersecurity, Privacy and Trust10.1007/978-3-031-05563-8_8(107-123)Online publication date: 26-Jun-2022
https://dl.acm.org/doi/10.1007/978-3-031-05563-8_8
Meurisch CMühlhäuser M(2021)Data Protection in AI ServicesACM Computing Surveys10.1145/344075454:2(1-38)Online publication date: 5-Mar-2021
https://dl.acm.org/doi/10.1145/3440754
Ebert NAlexander Ackermann KScheppler BKitamura YQuigley AIsbister KIgarashi TBjørn PDrucker S(2021)Bolder is Better: Raising User Awareness through Salient and Concise Privacy NoticesProceedings of the 2021 CHI Conference on Human Factors in Computing Systems10.1145/3411764.3445516(1-12)Online publication date: 6-May-2021
https://dl.acm.org/doi/10.1145/3411764.3445516
Show More Cited By

View Options

View options

Media

Figures

Other

Tables

View Issue’s Table of Contents