Taking data exposure into account: how does it affect the choice of sign-in accounts?

Authors:
Shahar Ronen;Oriana Riva;Maritza Johnson;Donald Thompson
Affiliations:
Massachusetts Institute of Technology, Cambridge, MA, USA;Microsoft Research, Redmond, Washington, USA;University of California - Berkeley, Berkeley, CA, USA;Microsoft Research, Redmond, Washington, USA
Venue:
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Year:
2013

Citing 11
Cited 0

Stopping spyware at the gate: a user study of privacy, notice and spyware

SOUPS '05 Proceedings of the 2005 symposium on Usable privacy and security
Federated Identity Management

Computer
The Venn of Identity: Options and Issues in Federated Identity Management

IEEE Security and Privacy
The Seven Flaws of Identity Management: Usability and Security Challenges

IEEE Security and Privacy
Standardizing privacy notices: an online study of the nutrition label approach

Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Empirical studies on software notices to inform policy makers and usability designers

FC'07/USEC'07 Proceedings of the 11th International Conference on Financial cryptography and 1st International conference on Usable Security
What makes users refuse web single sign-on?: an empirical investigation of OpenID

Proceedings of the Seventh Symposium on Usable Privacy and Security
ROAuth: recommendation based open authorization

Proceedings of the Seventh Symposium on Usable Privacy and Security
Privacy: is there an app for that?

Proceedings of the Seventh Symposium on Usable Privacy and Security
Indirect content privacy surveys: measuring privacy without asking about it

Proceedings of the Seventh Symposium on Usable Privacy and Security
The mismeasurement of privacy: using contextual integrity to reconsider privacy in HCI

Proceedings of the SIGCHI Conference on Human Factors in Computing Systems

Quantified Score

Hi-index	0.01

Visualization

Abstract

Online services collect personal data from their users, sometimes with no clear need. We studied how users sign-in to web sites using federated IDs, and found that most survey respondents were not aware of the data they expose. However, when presented with the tradeoffs behind each sign-in option, respondents reported a willingness to change how they sign-in to reduce their data exposure or, in fewer cases, to increase it to receive more benefits from the service. Our findings suggest that data exposure is a concern for users, and that there is a need for finding clearer ways for communicating it for each sign-in option.