410 likes | 433 Views
Delve into the economics of privacy with a critical analysis of research, attitudes, and behaviors surrounding privacy technologies and policies. Investigate the dichotomy between privacy concerns and actions, and explore the role of individuals, government, and self-regulation in protecting privacy. Examine rationality vs. bounded rationality in privacy decision-making and the impact of psychological biases on privacy behavior. Discover theoretical models, empirical studies, and policy debates shaping the evolving landscape of privacy economics.
E N D
The economics of privacy: (some of many) Open questions • Why have researchers created great privacy technologies… that almost nobody seems to use? • Do people care about privacy? • What explains the attitudes/behavior dichotomy? • Who should protect your privacy? • The government? • Samuelson 2003, the social cost of confusing privacy policies • Self regulation? • Fails under pressure • The individual? • Can individuals protect their own privacy?
GMail debate It is true that there are potential costs of using Gmail for email storage […] The question is whether consumers should have the right to make that choice and balance the tradeoffs, or whether it will be preemptively denied to them by privacy fundamentalists out to deny consumers that choice. -- (from Politech)
Privacy and rationality • Forward looking agent, utility maximizer, Bayesian updater, fully informed • Theoretical models • Empirical studies • Policy debate • Explanation of attitudes/behavior dichotomy “It's rational anyway” (Syverson 2003) “Only when it really matters” (Shostack 2003)
Goals • Critique the “rationality” approach to the study of privacy behavior • Propose alternative model based on bounded rationality and immediate gratification bias • Test the model through surveys and experimental approach • Theory: Acquisti ACM EC 04 • Empirical approach Acquisti and Grossklags WEIS 04
Privacy trade-offs • Protect: • Immediate costs or loss of immediate benefits • Future (uncertain) benefits • Do not protect: • Immediate benefits • Future (uncertain) costs (sometimes, the reverse may be true)
Why is this problematic? • Incomplete information • Bounded rationality • Psychological/behavioral distortions
1. Incomplete information • What information has the individual access to when she takes privacy sensitive decisions? • For instance, is she aware of privacy invasions and associated risks? • Is she aware of benefits she may miss by protecting her personal data? • What is her knowledge of the existence and characteristics of protective technologies? • Privacy: • Asymmetric information • Exacerbating: e.g., RFIDS, GPS • Material and immaterial costs and benefits • Uncertainty, ex post evaluations
2. Bounded rationality • Is the individual able to calculate all the parameters relevant to her choice? • Or is she limited by bounded rationality? • Privacy: • Decisions must be based on several stochastic assessments and intricate “anonymity sets” • Inability to process all the stochastic information related to risks and probabilities of events leading to privacy costs and benefits • E.g., HIPAA
3. Psychological/behavioral distortions • Privacy and deviations from rationality • Optimism bias • Complacency towards large risks • Inability to deal with prolonged accumulation of small risks • Coherent arbitrariness • “Hot/cold” theory • Hyperbolic discounting, immediate gratification
Hyperbolic discounting • Can explain: • Survey time vs. decision time dichotomies • Time consistency vs. time inconsistency • Sophisticated vs. naïve time inconsistent individuals • Laibson (1994), Rabin and O’Donoghue (2000, 2001)
Theory: hypotheses • Rationality model not appropriate to describe individual privacy behavior • Time inconsistencies lead to under protection and over release of personal information • Genuinely privacy concerned individuals may end up not protecting their privacy • Also sophisticated users will not protect themselves against risks • Large risks accumulate through small steps • Not knowing the risk is not the issue
Survey & experiment • Survey phase: ~100 questions, 119 subjects • Paid, online survey (CMU Berkman Fund) • Contrast three sets of data • Privacy attitudes Generic and specific • Privacy behavior Stated and actual past behavior • Market characteristics and psychological distortions Risk aversion, strategic behavior, hyperbolic discounting, etc. • Next: experiment phase
Demographics • Age: • 19-55 (average: 24) • Education: • College, then Masters degrees, PhD, JD or MD • Household income: • From <15,000 (35.54%) to >120,000 (6.61%) • Nationalities: • USA 83%, then China, India, Belgium, Venezuela, … • Jobs: • Student (full-time) (41.32%), then part-time, IT, medical, public sector, educational, unemployed, …
Knowledge of privacy risks (excerpts) “Nobody, assuming an SSL transaction, without which I would not commit an online transaction using my credit card”
Knowledge of privacy risks and bundles (excerpts) • Sweeney (CMU): 87% of the population of the United States is likely to be uniquely identified by 5-digit ZIP code, birth date, and sex
Knowledge of privacy protection (excerpts) • Privacy law: • 54% cannot quote a law or even just describe it • OECD Fair information principles: • 38% believe they include ”litigation against wrongful behavior” • Goal: browse anonymously • 51% would not know how • Goal: browse the Internet with warnings if a website has an incompatible privacy policy • 67% would not know how (but most use IE6!)
Knowledge of privacy risks and attitude (excerpts) Are you informed about the policy regarding monitoring activities of employees/students in your organization?
Economic rationality (excerpts) • Evidence of: • Risk aversion • Hyperbolic discounting • Non game strategic behavior (guessing game)
Password for chocolate? • InfoSec Europe 2004 experiment: • 71% of office workers at Liverpool Street Station (claimed) they were willing to reveal their (true?) password for a chocolate bar • Loewenstein “hot/cold” theory
“Buy” behavior • 74% adopted some strategy or technology or otherwise took some particular action to protect their privacy: • Encryption, PGP • Do-not-call list • Interrupt purchase • Provide fake information • […] • However, when you look at details, percentages go down… • 8% encrypt emails regularly • Similar results for shredders, do-not-call lists, caller-IDs, etc.
Clusters • Multivariate clustering techniques (k-means) • Privacy attitudes • 4 clusters: privacy fundamentalists with high concern towards all collection categories, two medium groups with concerns either focused on the accumulation of data belonging to online or offline identity, and a group with low concerns in all fields • Self reported behavior of privacy relevance • 2 clusters: group with a substantially high degree of information revelation and risk exposure, group with low revelation and exposure • Knowledge of privacy risks • 3 clusters: group with an average knowledge of privacy threats, group with high unawareness of even simple forms of risk, and “aware” group • Knowledge of privacy protection and security • 2 clusters: small group very knowledgeable about various technologies or strategies to protect themselves, larger group showing a blatant lack of awareness of even simple strategies to reduce leakage of personal information
Regressions • Fixed effects models • Logit/mLogit models • Dependent variables: • Privacy attitudes • Privacy behavior • Dichotomy attitudes vs. behavior • Explanatory variables: • Demographics • Knowledge • Economic variables (risk attitude, rational behavior, discounting behavior) • Ongoing
Conclusions • Theory • Time inconsistencies may lead to under-protection and over-release of personal information • Genuinely privacy concerned individuals may end up not protecting their privacy • Not knowing the risk is not always the issue • Preliminary evidence • Rationality model not appropriate to describe individual privacy behavior • Preliminary evidence of: • Incomplete information • Bounded rationality • Psychological distortions • Policy implications…