Melanie Volkamer scite author profile

Abstract. End-to-end encryption has been heralded by privacy and security researchers as an effective defence against dragnet surveillance, but there is no evidence of widespread end-user uptake. We argue that the non-adoption of end-toend encryption might not be entirely due to usability issues identified by Whitten and Tygar in their seminal paper "Why Johnny Can't Encrypt". Our investigation revealed a number of fundamental issues such as incomplete threat models, misaligned incentives, and a general absence of understanding of the email architecture. From our data and related research literature we found evidence of a number of potential explanations for the low uptake of end-to-end encryption. This suggests that merely increasing the availability and usability of encryption functionality in email clients will not automatically encourage increased deployment by email users. We shall have to focus, first, on building comprehensive end-user mental models related to email, and email security. We conclude by suggesting directions for future research.

show abstract

NoPhish: An Anti-Phishing Education App

Canova

Volkamer

Bergmann

et al. 2014

View full text Add to dashboard Cite

Phishing is still a prevalent issue in today's Internet. It can have financial or personal consequences. Attacks continue to become more and more sophisticated and the advanced ones (including spear phishing) can only be detected if people carefully check URLs. We developed a game based smartphone app -NoPhish -to educate people in accessing, parsing and checking URLs; i.e. enabling them to distinguish trustworthy and non-trustworthy websites. Throughout several levels information is provided and phishing detection is exercised.

show abstract

Investigating People’s Privacy Risk Perception

Gerber

Reinheimer

Volkamer

2019

View full text Add to dashboard Cite

Although media reports often warn about risks associated with using privacy-threatening technologies, most lay users lack awareness of particular adverse consequences that could result from this usage. Since this might lead them to underestimate the risks of data collection, we investigate how lay users perceive different abstract and specific privacy risks. To this end, we conducted a survey with 942 participants in which we asked them to rate nine different privacy risk scenarios in terms of probability and severity. The survey included abstract risk scenarios as well as specific risk scenarios, which describe specifically how collected data can be abused, e.g., to stalk someone or to plan burglaries. To gain broad insights into people’s risk perception, we considered three use cases: Online Social Networks (OSN), smart home, and smart health devices. Our results suggest that abstract and specific risk scenarios are perceived differently, with abstract risk scenarios being evaluated as likely, but only moderately severe, whereas specific risk scenarios are considered to be rather severe, but only moderately likely. People, thus, do not seem to be aware of specific privacy risks when confronted with an abstract risk scenario. Hence, privacy researchers or activists should make people aware of what collected and analyzed data can be used for when abused (by the service or even an unauthorized third party).

show abstract

"This Website Uses Cookies": Users' Perceptions and Reactions to the Cookie Disclaimer

Kulyk¹,

Hilt²,

Gerber³

et al. 2018

View full text Add to dashboard Cite

For many years, cookies have been widely used by websites, storing information about users' behaviour. While enabling additional functionality and potentially improving user experience, cookies, especially cookies used by third parties for data analysis, can be a threat to users' privacy. The EU data protection directive, among other prescriptions, require that the website providers inform the users about cookie use on their websites by displaying a so-called cookie disclaimer. It remains an open question, however, what effect does the cookie disclaimer have on the behaviour of users and whether it succeeds in providing them with sufficient information for making an informed decision. We have conducted an explorative user study in order to investigate the users' perceptions of cookies when seeing the cookie disclaimer, the users' reactions to such a disclaimer and different factors that influence the users' decision to leave or continue using the website. In this paper we report on the study results and furthermore discuss the implications of the study results for research into methods for ensuring informed privacy-related decisions of users.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.