People candidly discuss sensitive topics online under the perceived safety of anonymity; yet, for many, this perceived safety is tenuous, as miscalibrated risk perceptions can lead to over-disclosure. Recent advances in Natural Language Processing (NLP) afford an unprecedented opportunity to present users with quantified disclosure-based re-identification risk — i.e., “population risk estimates” (PREs). How can PREs be presented to users in a way that promotes informed decision-making, mitigating risk without encouraging unnecessary self-censorship? Using design fictions and comic-boarding, we story-boarded five design concepts for presenting PREs to users and evaluated them through an online survey with 𝑁= 44 Reddit users. We found participants had detailed conceptions of how PREs may impact risk awareness and motivation, but envisioned needing additional context and support to effectively interpret and act on risks. We distill our findings into four key design recommendations for how best to present users with quantified privacy risks to support informed disclosure decision-making.
A growing body of qualitative research has identified contextual risk factors that elevate people’s chances of experiencing digital-safety attacks. However, the lack of quantitative data on the population-level distribution of these risk factors prevents policymakers and tech companies from developing targeted, evidence-based interventions to improve digital safety. To address this gap, we surveyed 5,001 adults in the United States to analyze: (1) the frequency of and relationship between digital-safety attacks (e.g., scams, harassment, account hacking), and (2) how these attacks align with 10 contextual risk factors. Nearly half of our respondents identify as resource constrained, which significantly correlates with higher likelihood of experiencing four common attacks. We also present qualitative insights to expand our understanding of the factors beyond the existing literature (e.g., “prominence” included high-visibility roles in local communities). This study provides the first large-scale quantitative analysis correlating digital-safety attacks with contextual risk factors and demographics.
We propose a harm-centric conceptualization of privacy and op- erationalize it in the context of using artificial intelligence (AI) in education and employment. In an online study (N=400), US college and university students reported their perceptions of 14 harms (e.g., manipulation) when AI infers personal data (e.g., demographics and personality traits) and use it in decision-making. We demonstrate that our approach can reliably and consistently measure privacy, sidesteps many limitations in existing frameworks, and captures harms from modern technology that would remain undetected by other frameworks. We surface nuanced perceptions of harms, both across the contexts and participants’ demographic factors. Based on these results, we discuss how privacy can be im- proved equitably and inclusively. This research extends privacy theory and provides practical guidance to improve privacy in vari- ous technology use domains.
The popularization of video security devices promises to improve security in and outside people’s home, yet they also expose their owners, neighbors and visitors to privacy risks. Most studies have focused on the primary users’ privacy, yet we know the implications of such technology span far beyond the individual into the wider neighborhood. Utilizing a combinatorial matrix survey, guided by Contextual Integrity Theory, we explore how people manage privacy in relation to these devices within the context of their own neighborhood. We demonstrate that in this neighborhood context, privacy management is socially situated, shaped primarily by transmission principles (e.g., whether footage is shared for security or gossip purposes), and nuanced by social factors related to the individual (e.g., social class), and their neighborhood (e.g., closeness to the neighborhood community). We highlight that privacy norms are not stable individual constructs but emergent, context-dependent, and collectively managed concepts, thereby contributing to work on Contextual Integrity Theory by applying it to a group-level context—neighborhoods.
With the shift to remote learning during the COVID-19 pandemic, educators turned to remote exam proctoring software to support integrity for online tests. However, due to the mechanisms used to surveil test-takers, these systems come with significant privacy and security tradeoffs. At the height of the pandemic, Balash et al. (SOUPS '21) found that test-takers had privacy concerns with remote proctoring but acquiesced due to a number of factors. We investigate how perceptions have changed four years later. To gain a fuller perspective on how users experience these tools now, we replicate Balash et al.'s study with 127 participants who have experienced exam proctoring. We found a significant shift in favor of proctoring software, with greater acceptance of all monitoring methods compared to 2020. This is likely due to the convenience of remote exams and a growing resignation to privacy trade-offs. We discuss these implications and suggest future directions.
Online behavioral advertising, heavily reliant on privacy-invasive third-party cookie tracking, faces a significant shift as browsers like Safari, Brave, and Firefox have already deprecated them. Google Chrome announced its parallel move with the “Privacy Sandbox Initiative” in 2019, proposing privacy-preserving advertising mechanisms. The extent to which Privacy Sandbox can deliver comparable ad effectiveness to the established third-party cookies system will likely determine its adoption as a widespread alternative. This paper presents the first user study evaluating the impact of Privacy Sandbox APIs on ad perception. Our findings show that users perceive Privacy Sandbox ads as less relevant and exhibit lower purchase intent compared to third-party cookie–based ads, without a corresponding increase in perceived privacy protection. These results contribute to the ongoing assessment of Privacy Sandbox as an alternative to third-party cookies.
Mobile phones, as simultaneously personal and shared technologies, complicate how partners manage digital privacy in intimate relationships. While prior research has examined device-access practices, explicit privacy-rule negotiation, and toxic practices (e.g., surveillance), little is known about how couples manage digital privacy without direct discussion in everyday relationships. To address this gap, we ask:How is digital privacy managed non-verbally and across different media in mobile phones? Drawing on 20 semi-structured interviews, we find that partners often regulate privacy practices of privacy silence —the intentional avoidance of privacy-related conversations.Five motivations for leaving boundaries unspoken: perceiving privacy as unnecessary in intimacy, assuming implicit respect for boundaries, signaling trust and closeness, avoiding potential conflict or harm, and responding to broader societal and cultural expectations that discourage explicit privacy talk. We also identify a hierarchical grouping of content-specific privacy sensitivities, ranging from highly private domains (e.g., financial data) to lower-risk domains (e.g., streaming accounts), and show how these priorities shift across relationship stages. These findings show how silence, culture, and content sensitivity shape everyday boundary-setting and underscore the relational and emotional dynamics underpinning mobile-phone privacy management.