Challenges in Supporting End-User Privacy and Security Management with Social Navigation
advertisement
Challenges in Supporting End-User Privacy and Security Management with Social Navigation Jeremy Goecks, W. Keith Edwards, and Elizabeth D. Mynatt Decision Making in End-User Privacy and Security Management Privacy and security management often about boundary management (Palen and Dourish, 2003; Dourish et al. 200?) » make decisions about what to allow across boundary » “hard on the outside, soft on the inside” » often cannot automate privacy and security management (Edwards et al., 2007) Users must make decisions, but: » minimal knowledge » low motivation » prefer to delegate (Dourish et al. 200?) 2 Social Navigation Collects, aggregates, and displays community data Many kinds of community data » actions, choices » tags » free text Supports socially-aided choices and decision making 3 Matching Social Nav to DecisionMaking Problems Problem How Social Navigation Helps technical information difficult to understand lack of motivation social information easier to understand also (Herzog & Shahmehri, 2007 ) easy to integrate and use also (DiGioia & Dourish, 2005 ) preference for delegation enables delegation 4 Outline Introduction Acumen and Bonfire Challenges Summary 5 Acumen 6 Acumen Mavens (experts) data shown inside of community data » promote good herding Automatic cookie management via rules » balance automation with control » make clear whether cookies blocked manually or via rule 7 Reflections on Acumen Approach » support for “in the moment” decision making for privacy management with social navigation » promote good herding, mitigate bad herding Preliminary deployment: 9 people, 6 weeks, ~2650 websites Observations » difficult to evaluate decisions multiple information sources » herding behavior observed; difficult to manage experts not trusted, so not possible to promote “good” herding 8 Bonfire 9 Bonfire Approach » mitigate herding by answering “what” and “why” » complementary sources of social navigation data Lessons Learned » providing “what” and “why” makes it easier to use community data » cost of wrong answers is high, so preventing wrong answers is critical 10 Outline Introduction Acumen and Bonfire Challenges Summary 11 Challenges Raised by Acumen & Bonfire Supporting use of multiple information sources for decision making » information that individual already has » community data Managing herding » general lack of knowledge & ranges of expertise » desire to delegate » undesirable feedback loop that can lead to false majority 12 Traditional & Non-Traditional, Incomplete Information Social navigation traditionally applied to decisions for books, movies, music » information is relatively complete » clear grasp of personal preferences Privacy and many security decisions often different » use of incomplete and potentially inaccurate information » potentially unclear grasp of personal preferences 13 Model for Decision Making with Social Navigation My Choice! 1. go with observations, knowledge, or facts 2. go with community consensus Preferences, Incentives, Biases Observations, knowledge, facts Community data 14 Informational Cascades Informational cascades - herding that arises when people ignoring their own information and go with the community (Banerjee 1992; Bikhchandani, Hirshleifer et al. 1992) Lack of Info or Uncertainty Real-world examples: financial markets (Devenow and Welch 1996; Walden and Browne 2002), movies & fads (Walden and Browne 2002), IT adoption (Bikhchandani, S., D. Hirshleifer, et al. 1998), politics (Bartels 1988), medicine (Robin 1984, Taubes 2007) Follow Misrepresentation Majority of Info “False” Majority 15 Informational Cascades in Social Navigation Systems Social nav systems meet cascades criteria » sequential decision making » can see what others have done » discrete set of choices Cascade behavior has been shown to occur in social nav systems (Goecks 2009) Cascades occur regardless of system functionality » CF vs. simple aggregation » activity data collection vs. ratings 16 Info Cascades + Social Nav + Privacy and Security Management Cascades are especially likely in social nav systems for privacy and security management Because » general lack of expertise & knowledge » limited interest in providing additional data » desire to delegate 17 Mitigation via Algorithms Methods for » limiting malicious ratings in a social nav system (Resnick and Sami, 2007) » starting cascades (Domingos & Richardson, 2001) » identifying cascades (Leskovec et al., 2007) Challenges » unclear how to mitigate cascades cascades often started by accident, different people » substantial data required for modeling early adopters hurt users must maintain stable identities 18 Mitigation via UI Techniques Balance competing goals » use of community data » capture user knowledge and expertise Implicit/Explicit User Burden Aggregation Expressiveness Activity Data Implicit Low Easy Low Ratings Explicit Low-Moderate Easy Low-Moderate Free Text Explicit High Hard High Tagging Explicit Moderate Moderate Moderate-High 19 Future Work Quantifying cascades impact » how often do cascades occur? » what is the cost of a “bad” decision? of many “bad” decisions? true, false positives / true, false negatives Bridging social navigation research with crowd wisdom research » when is a choice considered “correct”? » when can a choice be automatically acted on? 20 Summary Acumen and Bonfire demonstrate how simple social navigation systems can be applied to privacy and security management activities Info cascades can be quite problematic for social nav systems applied to privacy and security management » much use of incomplete, inaccurate information » much potential herding Going forward » mitigating cascades via algorithms & user interaction » understanding the prevalence and cost of cascades » when to automatically act on community data 21 Thanks! Contact Information http://www.cc.gatech.edu/~jeremy jeremy@cc.gatech.edu Jeremy Goecks Everyday Computing Lab & GVU Center School of Interactive Computing, College of Computing Georgia Institute of Technology 22 Understanding Individual & Group Behavior in Social Nav Systems Social Influence Individual Normative Influence Informational Influence Herding Group Irrational Herding Informational Cascades 23
