A Paradox of Privacy: Unravelling the Reasoning Behind Online Location Sharing
Total Page:16
File Type:pdf, Size:1020Kb
University of Southampton Research Repository ePrints Soton Copyright © and Moral Rights for this thesis are retained by the author and/or other copyright owners. A copy can be downloaded for personal non-commercial research or study, without prior permission or charge. This thesis cannot be reproduced or quoted extensively from without first obtaining permission in writing from the copyright holder/s. The content must not be changed in any way or sold commercially in any format or medium without the formal permission of the copyright holders. When referring to this work, full bibliographic details including the author, title, awarding institution and date of the thesis must be given e.g. AUTHOR (year of submission) "Full thesis title", University of Southampton, name of the University School or Department, PhD Thesis, pagination http://eprints.soton.ac.uk UNIVERSITY OF SOUTHAMPTON A Paradox of Privacy: Unravelling the Reasoning behind Online Location Sharing by Aristea Maria Zafeiropoulou A thesis submitted in partial fulfillment for the degree of Doctor of Philosophy in the Faculty of Physical Sciences and Engineering School of Electronics and Computer Science November 2014 UNIVERSITY OF SOUTHAMPTON ABSTRACT FACULTY OF PHYSICAL SCIENCES AND ENGINEERING SCHOOL OF ELECTRONICS AND COMPUTER SCIENCE Doctor of Philosophy by Aristea Maria Zafeiropoulou With the emergence of web applications that enabled user-generated content and social interactions, the Web became a place where people can engage in a number of new activities. With the success of smart enabled devices people now actively share their location data through various applications. However, as this thesis reveals, location plays a primal role in linking and inferring new information about people, often without their knowledge or consent. Due to this inferential power of location data new privacy concerns arise, as the actual affordances of their data are far greater than people are even aware of. Regardless of the numerous controversies around privacy, people keep on sharing their data on the Web. However, privacy systems themselves (and the ways in which individuals express their preferences) have changed very little. This thesis ar- gues that understanding the mechanisms that people employ in their privacy decisions can provide fundamental insight for the design of privacy systems. The main focus of this thesis is to understand the underlying reasons why people share their location and whether their disclosure behaviour is paradoxical when compared with their stated atti- tudes towards location sharing. The first part of this thesis involves a study comprising of an online survey that addresses these two issues. The findings provide supporting evidence that people's location sharing decisions are indeed paradoxical in comparison with their stated attitudes and that privacy decision-making can be seen as a process of structuration, in the sense that people's decisions are tempered by contextual factors (external structures). The second part comprises of a series of focus groups that act as a follow-up study and aim to explore in more detail the underlying reasons behind people's sharing decisions. The findings show that people's decisions are influenced by a number of different contextual factors, grouped together into three main categories; social capital, trust in the application and functionality. Based on the outcomes of the two studies, a conceptual model was developed, called the Isorropic Model, that points out the prominent role of context in privacy decision-making and stresses the need for more dynamic privacy systems. Contents Acknowledgements xiii 1 Introduction1 1.1 Focus of this thesis...............................3 1.2 Publications...................................5 1.3 Document outline................................6 2 Privacy Attitudes and Disclosure Behaviours9 2.1 Us and them.................................. 10 2.1.1 Concepts associated with privacy................... 12 2.2 Why is online privacy a subject of interest.................. 13 2.3 Privacy decision-making............................ 15 2.3.1 The privacy paradox.......................... 15 2.3.2 The privacy trade-off.......................... 17 2.3.3 Structuration theory and the privacy trade-off........... 20 2.3.4 Cognitive dissonance and the privacy trade-off........... 23 2.4 Conclusion................................... 25 3 Privacy and the Social Web 27 3.1 Interactions in the Social Web......................... 28 3.1.1 Self-presentation............................ 28 3.1.2 Social capital.............................. 30 3.2 The demographics of privacy......................... 32 3.2.1 Gender differences........................... 32 3.2.2 Young people.............................. 33 3.3 The role of trust in privacy decision-making................. 34 3.4 Privacy management issues.......................... 35 3.5 Approaches to privacy management..................... 36 3.5.1 Privacy settings............................. 37 3.5.2 Transparency and accountability................... 38 3.6 Conclusion................................... 40 4 Privacy and the Social Web: A Framework for Analysing Location Data 41 4.1 Location privacy and the Social Web..................... 41 4.1.1 Privacy attitudes towards location sharing.............. 43 4.1.2 The two roles of context in location sharing............. 44 4.1.2.1 Context as a technical concept............... 44 v vi CONTENTS 4.1.2.2 Context as a social concept................. 46 4.1.2.3 Combining the two approaches............... 47 4.2 Analysing location data and privacy..................... 48 4.2.1 Methodology.............................. 49 4.2.2 Data properties............................. 50 4.2.2.1 Data degree......................... 51 4.2.2.2 Personally identifiable data................. 53 4.2.2.3 User consent......................... 53 4.2.2.4 Data quality......................... 54 4.2.2.5 Data access.......................... 54 4.2.2.6 Data source.......................... 55 4.2.3 Analysis................................. 55 4.2.3.1 Personally identifiable data................. 56 4.2.3.2 User consent......................... 56 4.2.3.3 Data quality......................... 57 4.2.3.4 Data access.......................... 57 4.2.3.5 Data source.......................... 57 4.2.3.6 The role of location data.................. 58 4.2.4 Discussion................................ 58 4.3 A Distance Model of Belief, Behaviour and Affordance.......... 60 4.3.1 The Belief-Behaviour distance..................... 60 4.3.2 The Belief-Affordance distance.................... 61 4.4 Conclusion................................... 62 5 Uncovering Location-based Disclosure Decisions 65 5.1 Methodology.................................. 65 5.1.1 Analysis objectives........................... 67 5.2 Quantitative analysis.............................. 68 5.2.1 Demographics.............................. 68 5.2.2 Scenario-based questions........................ 69 5.2.3 Privacy attitudes............................ 70 5.2.4 The privacy paradox.......................... 74 5.2.5 Gender differences........................... 77 5.3 Qualitative analysis of survey results..................... 79 5.3.1 Interpreting the results of the qualitative analysis.......... 80 5.4 Conclusion................................... 85 6 An In-Depth Study into Disclosure Decisions 87 6.1 Using focus groups as a follow-up study................... 87 6.2 Initial Findings................................. 90 6.2.1 Scenario-based questions........................ 91 6.2.1.1 Analysis per application................... 92 6.3 Qualitative analysis.............................. 93 6.3.1 Social capital.............................. 94 6.3.2 Trust.................................. 98 6.3.3 Functionality.............................. 101 6.4 Revisiting the theory of cognitive dissonance................ 103 CONTENTS vii 6.5 Comparing the three groups.......................... 104 6.6 Discussion.................................... 105 6.7 Conclusion................................... 106 7 The Isorropic Model of Contextual Privacy Decisions 109 7.1 The matrix revisited.............................. 109 7.2 The Isorropic Model.............................. 113 7.2.1 The role of context in privacy decision-making........... 113 7.2.2 Case Study............................... 115 7.2.3 Comparing our model with others.................. 116 7.2.4 The need for dynamic privacy systems................ 118 7.3 Conclusion................................... 121 8 Conclusion 123 8.1 Summary.................................... 123 8.2 List of contributions.............................. 124 8.3 Publications................................... 127 8.4 Future work................................... 128 8.5 Final remarks.................................. 129 A Analysis of location data in the sample of systems 131 B The survey questionnaire 137 C Focus group supplementary material 147 C.1 The focus group handout........................... 147 C.2 Presentation................................... 152 References 157 List of Figures 2.1 Altman's Graph on hypothesised relationships between personal space and reactions................................... 12 4.1 Who has access to data............................. 54 4.2 Types of systems identified in the analysis.................. 55 4.3 Systems that make 3rd degree inferences................... 56 4.4 The Role of Location in the analysed systems................