Would ‘secure’ users lead to secure commons? : Surprisingly not!

Das Chowdhury, Partha and Renaud, Karen V. and Ott, Ingrid; (2025) Would ‘secure’ users lead to secure commons? : Surprisingly not! In: NSPW '25. Association for Computing Machinery (ACM), DEU. (In Press)

Text. Filename: Das-Chowdhury-etal-NSPW-2025-Would-secure-users-lead-to-secure-commons-Surprisingly-not.pdf Accepted Author Manuscript Restricted to Repository staff only until 1 January 2099. Download (1MB) | Request a copy

Abstract

Individuals are often held responsible when adverse cyber incidents occur. The ensuing narrative, explaining the occurrence, points to confounding factuals e.g., inability to act securely, a convincingly deceptive attack, or selfishness/laziness. The underlying assumption is that: if only humans were different (acted securely), such adverse events would not occur. In this paper, we use a game theoretic approach to investigate the counterfactual in cyber: what would happen if individuals were indeed different? To that end, we propose a generic framework drawing upon two games. Our proposed framework can help move the field towards judicious responsibilization of individuals and eliminate knee-jerk scapegoating. We use this framework to examine a specific social harm — data pollution. Our explorations show that even if individuals always behaved securely, this does not necessarily improve collective outcomes. We show that individuals are sometimes not in a position to change security outcomes, however secure their behaviours. The proposed framework can be applied to highlight those entities that are indeed in a position to influence security outcomes in the wider aggregate harm landscape. Future research should build on our work to assign responsibilities in the cyber domain, explore ways to operationalise the games to carry out empirical research, and contribute to novel paradigms such as ethical responsibilization in the context of data breaches.

ORCID iDs

Renaud, Karen V. ORCID: https://orcid.org/0000-0002-7187-6531

• Share and Export
  

  MODSSimple MetadataBibTeXEndNoteRefWorksOpenURL ContextObjectRIS (EndNote Online, Zotero, Ref manager, etc)HTML CitationRDF+N-TriplesRIOXX2 XMLRDF+N3JSONEP3 XMLMPEG-21 DIDLDublin CoreAtomRDF+XMLMultiline CSVData Cite XMLOpenURL ContextObject in SpanMETSASCII CitationRefer
• Item metadata

  Item type:	Book Section
  ID code:	94727
  Dates:	Date Event 30 May 2025 Published 30 May 2025 Accepted
  Subjects:	?? QA76-890 ??
  Department:	Faculty of Science > Computer and Information Sciences
  Depositing user:	Pure Administrator
  Date deposited:	13 Nov 2025 16:29
  Last modified:	22 Jan 2026 10:44
  Related URLs:	Event Publisher
  URI:	https://strathprints.strath.ac.uk/id/eprint/94727