"I need to know I'm safe and protected and will check" : users want cues to signal data custodians' trustworthiness

Kulyk, Oksana and Renaud, Karen (2021) "I need to know I'm safe and protected and will check" : users want cues to signal data custodians' trustworthiness. In: 2021 Workshop on Human Centric Software Engineering and Cyber Security, 2021-11-15 - 2021-11-15, Online.

[thumbnail of Kulyk-Renaud-WHCSECS-2021-I-need-to-know-I-am-safe-and-protected-and-will-check]
Text. Filename: Kulyk_Renaud_WHCSECS_2021_I_need_to_know_I_am_safe_and_protected_and_will_check.pdf
Accepted Author Manuscript

Download (309kB)| Preview


Privacy-related decisions are complex and nuanced, and consume extensive cognitive resources. Yet, people make these kinds of decisions many times a day. This means that they might not be able to invest significant cognitive resources in making each and every decision. We tested the extent to which the statements displayed to the users with the purpose of assuring them that their security and privacy is protected would resonate with people when they were considering whether or not to divulge their personal health information to an online service. We carried out two empirical investigations: (1) we used scenarios of health data being transmitted securely to a health provider, and asked participants to tell us what would convince them to divulge their personal information. (2) We then used these statements in a Q-sort to gauge subjective opinions of the persuasiveness of the statements, and to reveal 'ways of thinking' engaged in by our participants in this respect. We discovered that our participants wanted to see evidence that the organisation was implementing required security measures. Thus, our study suggests, despite a common assumption, that people do care, and that they want reassurance that companies are trustworthy custodians of their health data.


Kulyk, Oksana and Renaud, Karen ORCID logoORCID: https://orcid.org/0000-0002-7187-6531;