Noticing notice

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

Noticing notice: a large-scale experiment on the timing of software license agreements

Full text

Pdf (419 KB)

Source

Conference on Human Factors in Computing Systems archive
Proceedings of the SIGCHI conference on Human factors in computing systems table of contents

San Jose, California, USA

SESSION: Web usability table of contents

Pages: 607 - 616

Year of Publication: 2007

ISBN:978-1-59593-593-9

Authors

Nathaniel S. Good	University of California, Berkeley, Berkeley, CA
Jens Grossklags	University of California, Berkeley, Berkeley, CA
Deirdre K. Mulligan	Boalt School of Law, UC Berkeley, Berkeley, CA
Joseph A. Konstan	University of Minnesota, Minneapolis, MN

Sponsors

ACM: Association for Computing Machinery
SIGCHI: ACM Special Interest Group on Computer-Human Interaction

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 12, Downloads (12 Months): 87, Citation Count: 2

Additional Information:

abstract references cited by index terms collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/1240624.1240720 What is a DOI?

Warning: The download time has expired please click on the item to try again.

ABSTRACT

Spyware is an increasing problem. Interestingly, many programs carrying spyware honestly disclose the activities of the software, but users install the software anyway. We report on a study of software installation to assess the effectiveness of different notices for helping people make better decisions on which software to install. Our study of 222 users showed that providing a short summary notice, in addition to the End User License Agreement (EULA), before the installation reduced the number of software installations significantly. We also found that providing the short summary notice after installation led to a significant number of uninstalls. However, even with the short notices, many users installed the program and later expressed regret for doing so. These results, along with a detailed analysis of installation, regret, and survey data about user behaviors informs our recommendations to policymakers and designers for assessing the "adequacy" of consent in the context of software that exhibits behaviors associated with spyware.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Abrams, M., M. P. Eisenhauer, and L.J. Sotto Letter to Federal Trade Commission. March 29, 2004. Re: alternative forms of privacy notices, project no. P034815. Hunton & Williams: The Center for Information Policy Leadership.
	2	Alessandro Acquisti , Jens Grossklags, Privacy and Rationality in Individual Decision Making, IEEE Security and Privacy, v.3 n.1, p.26-33, January 2005 [doi>10.1109/MSP.2005.22]
	3	Anti Spyware Coalition, Anti Spyware Coalition Definitions and Supporting Documents, Working Report (June 29, 2006), available at http://www.antispywarecoalition.org/documents/documents/ASCDefinitionsWorkingReport20060622.pdf
	4	AOL and National Cyber Security Alliance. 2004. AOL/NCSA online safety study, (October). http://www.security.iia.net.au/downloads/safety_study_v04.pdf
	5	Bellia, P. L. Spyware and the Limits of Surveillance Law, 20 Berkeley Tech. L.J. 1283 (2005)
	6	Victoria Bellotti , Abigail Sellen, Design for privacy in ubiquitous computing environments, Proceedings of the third conference on European Conference on Computer-Supported Cooperative Work, p.77-92, September 13-17, 1993, Milan, Italy
	7	Blanke, J. M. "Robust Notice" and "informed Consent:" the Keys to Successful Spyware Legilsation, 7 Coum. Sci & Tech. L. Rev. 2 (2006).
	8	Buenaventura, M. A. Teaching a Man to Fish: Why National Legislation Anchored in Notice and Consent Provisions is the Most Effective Solution to the Spyware Problem, 13 Rich. J.L. & Tech. 1 (2006).
	9	Calinski, R.B. and Harabasz, J. 1974. "A Dendrite Method for Cluster Analysis," Comm. in Statistics, vol. 3, pp. 1--27.
	10	Cranor, L.F., J. Reagle, and M. S. Ackerman.1999. Beyond concern: Understanding net users' attitudes about online privacy. In Ingo Vogelsang and Benjamin M. Compaine, eds. The Internet Upheaval: Raising Questions, Seeking Answers in Communications Policy. Cambridge, Massachusetts: The MIT Press, p. 47--70.
	11	Cutrell, E., M. Czerwinski, and E. Horvitz. 2001. Notification, disruption, and memory: Effects of messaging interruptions on memory and performance. Proceedings of Interact 2001: IFIP Conference on Human-Computer Interaction, Tokyo, Japan. http://research.microsoft.com/~cutrell/interact2001messaging.pdf.
	12	Rachna Dhamija , J. D. Tygar , Marti Hearst, Why phishing works, Proceedings of the SIGCHI conference on Human Factors in computing systems, April 22-27, 2006, Montréal, Québec, Canada [doi>10.1145/1124772.1124861]
	13	Earthlink. 2005. Earthlink spy audit: Results complied from Webroot's and Earthlink's Spy Audit programs, http://www.earthlink.net/spyaudit/press.
	14	Federal Trade Commission, Monitoring Software on Your PC: Spyware, Adware, and Other Software, http:www.ftc.gov/os/2005/03/050307spywarerpt.pdf
	15	B. Friedman , D. Howe , E. Felten, Informed Consent in the Mozilla Browser: Implementing Value Sensitive Design, Proceedings of the 35th Annual Hawaii International Conference on System Sciences (HICSS'02)-Volume 8, p.247, January 07-10, 2002
	16	Goecks, J. and Mynatt., E.D. 2005. Supporting Privacy Management via Community Experience and Expertise, Proceedings of 2005 Conference on Communities and Technology, p. 397--418.
	17	Nathaniel S. Good , Aaron Krekelberg, Usability and privacy: a study of Kazaa P2P file-sharing, Proceedings of the SIGCHI conference on Human factors in computing systems, April 05-10, 2003, Ft. Lauderdale, Florida, USA [doi>10.1145/642611.642636]
	18	Nathaniel Good , Rachna Dhamija , Jens Grossklags , David Thaw , Steven Aronowitz , Deirdre Mulligan , Joseph Konstan, Stopping spyware at the gate: a user study of privacy, notice and spyware, Proceedings of the 2005 symposium on Usable privacy and security, p.43-52, July 06-08, 2005, Pittsburgh, Pennsylvania [doi>10.1145/1073001.1073006]
	19	Kirstie Hawkey , Kori M. Inkpen, Keeping up appearances: understanding the dimensions of incidental information privacy, Proceedings of the SIGCHI conference on Human Factors in computing systems, April 22-27, 2006, Montréal, Québec, Canada [doi>10.1145/1124772.1124893]
	20	Carlos Jensen , Colin Potts, Privacy policies as decision-making tools: an evaluation of online privacy notices, Proceedings of the SIGCHI conference on Human factors in computing systems, p.471-478, April 24-29, 2004, Vienna, Austria [doi>10.1145/985692.985752]
	21	Clare-Marie Karat , John Karat , Carolyn Brodie , Jinjuan Feng, Evaluating interfaces for privacy policy rule authoring, Proceedings of the SIGCHI conference on Human Factors in computing systems, April 22-27, 2006, Montréal, Québec, Canada [doi>10.1145/1124772.1124787]
	22	Norman, D. A. The Design of Everyday Things, 1988.
	23	Sarah Spiekermann , Jens Grossklags , Bettina Berendt, E-privacy in 2nd generation E-commerce: privacy preferences versus actual behavior, Proceedings of the 3rd ACM conference on Electronic Commerce, p.38-47, October 14-17, 2001, Tampa, Florida, USA [doi>10.1145/501158.501163]
	24	Marc Stiegler , Alan H. Karp , Ka-Ping Yee , Tyler Close , Mark S. Miller, Polaris: virus-safe computing for Windows XP, Communications of the ACM, v.49 n.9, p.83-88, September 2006 [doi>10.1145/1151030.1151033]
	25	J. Gregory Trafton , Erik M. Altmann , Derek P. Brock , Farilee E. Mintz, Preparing to resume an interrupted task: effects of prospective goal encoding and retrospective rehearsal, International Journal of Human-Computer Studies, v.58 n.5, p.583-603, May 2003 [doi>10.1016/S1071-5819(03)00023-5]
	26	Van Dantzich, M., R. Daniel, E. Horvitz, and M. Czerwinski. 2002. Scope: Providing awareness of multiple notifications at a glance. Proceedings of Advanced Visual Interfaces 2002, Trento, Italy.
	27	Vila, T., R. Greenstadt, and D. Molnar. 2004. Why we can't be bothered to read privacy policies: Models of privacy economics as a lemons market. In Economics of Information Security. Vol 12 of Advances in Information Security, eds. L.J. Camp and S. Lewis, 143--154. Boston: Kluwer Academic Publishers.
	28	Wayne R. Barnes, Rethinking Spyware: Questioning the Propriety of Contractual Consent to Online Surveillance, 39 U.C. Davis L. Rev 1545 (2006).
	29	Winn, J. Contracting Spyware by Contract, 20 Berkeley Tech. L.J. 1345 (2005).

CITED BY 2

	Jens Grossklags, Experimental economics and experimental computer science: a survey, Proceedings of the 2007 workshop on Experimental computer science, p.11-es, June 13-14, 2007, San Diego, California
	Serge Egelman , Janice Tsai , Lorrie Faith Cranor , Alessandro Acquisti, Timing is everything?: the effects of timing and placement of online privacy indicators, Proceedings of the 27th international conference on Human factors in computing systems, April 04-09, 2009, Boston, MA, USA