Abstract
People make numerous decisions that affect their own or others’ privacy, including the decisions to engage in certain activities, to reveal and share information or to allow access to information. These decisions depend on properties of the information to be revealed, the situation in which the decision is made, the possible recipients of the information, and characteristics of the individual person. System design should ideally protect users from unwanted consequences by allowing them to make informed decisions, at times blocking users’ ability to perform certain actions (e.g., when the user is a minor). The development of alerting and blocking mechanisms should be based on predictive models of user behavior, similar to engineering models in other domains. These models can be used to evaluate different design alternatives and to assess the required system specifications. Predictive models of privacy decisions will have to combine elements from normative decision making and from behavioral, descriptive research on decision making. Some major issues in the development and validation of such models are presented.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Acquisti, A., Grossklags, J.: Privacy and rationality in individual decision making. IEEE Secur. Priv. 3(1), 26–33 (2005)
AIAA (American Institute of Aeronautics and Astronautics): Guide for the verification and validation of computational fluid dynamics simulations, AIAA-G-077-1998. American Institute of Aeronautics and Astronautics Reston, VA (1998)
Ben-Asher, N., Meyer, J.: The triad of risk related behaviors. Unpublished Manuscript (2015)
Ben-Asher, N., Meyer, J., Parmet, Y., Möller, S., Englert, R.: An experimental microworld for evaluating the tradeoffs between usability and security. Usable Security Experiment Reports (USER) Workshop in the Symposium on Usable Privacy and Security (SOUPS), Redmond, WA, USA, 14–16 July 2010
Botzer, A., Meyer, J., Bak, P., Parmet, Y.: Cue threshold settings for binary categorization decision. J. Exp. Psychol. Appl. 16, 1–15 (2010)
Box, G.E.P., Draper, N.R.: Empirical Model Building and Response Surfaces. Wiley, New York (1987)
Gurses, S.: Privacy and security: Can you engineer privacy? Commun. ACM 57(8), 20–23 (2014)
Meyer, J., Wiczorek, R., Günzler, T.: Measures of reliance and compliance in aided visual scanning. Hum. Factors 56(5), 840–849 (2014)
Möller, S., Ben-Asher, N., Engelbrecht, K.-P., Englert, R., Meyer, J.: Modeling the behavior of users who are confronted with security mechanisms. Comput. Secur. 30(4), 242–256 (2011)
Spiekerman, S., Cranor, L.F.: Engineering privacy. IEEE Trans. Softw. Eng. 35(1), 67–82 (2009)
Vicente, K.: Cognitive Work Analysis. Lawrence Erlbaum Associates, Mahwah (1999)
Westin, A.: Privacy and Freedom. Atheneum, New York (1967)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 IFIP International Federation for Information Processing
About this paper
Cite this paper
Meyer, J. (2015). Towards an Engineering Model of Privacy-Related Decisions. In: Camenisch, J., Fischer-HĂĽbner, S., Hansen, M. (eds) Privacy and Identity Management for the Future Internet in the Age of Globalisation. Privacy and Identity 2014. IFIP Advances in Information and Communication Technology, vol 457. Springer, Cham. https://doi.org/10.1007/978-3-319-18621-4_2
Download citation
DOI: https://doi.org/10.1007/978-3-319-18621-4_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-18620-7
Online ISBN: 978-3-319-18621-4
eBook Packages: Computer ScienceComputer Science (R0)