TU Darmstadt / ULB / TUbiblio

Why doesn't Jane protect her privacy?

Volkamer, Melanie and Renaud, Karen and Renkema-Padmos, Arne (2014):
Why doesn't Jane protect her privacy?
In: Privacy Enhancing Technologies - 14th International Symposium, PETS, Springer, Amsterdam, The Netherlands, In: Lecture Notes in Computer Science, ISBN 978-3-319-08505-0,
DOI: 10.1007/978-3-319-08506-7_13,
[Conference or Workshop Item]

Abstract

End-to-end encryption has been heralded by privacy and security researchers as an effective defence against dragnet surveillance, but there is no evidence of widespread end-user uptake. We argue that the non-adoption of end-to-end encryption might not be entirely due to usability issues identified by Whitten and Tygar in their seminal paper “Why Johnny Can’t Encrypt”. Our investigation revealed a number of fundamental issues such as incomplete threat models, misaligned incentives, and a general absence of understanding of the email architecture. From our data and related research literature we found evidence of a number of potential explanations for the low uptake of end-to-end encryption. This suggests that merely increasing the availability and usability of encryption functionality in email clients will not automatically encourage increased deployment by email users. We shall have to focus, first, on building comprehensive end-user mental models related to email, and email security. We conclude by suggesting directions for future research.

Item Type: Conference or Workshop Item
Erschienen: 2014
Creators: Volkamer, Melanie and Renaud, Karen and Renkema-Padmos, Arne
Title: Why doesn't Jane protect her privacy?
Language: English
Abstract:

End-to-end encryption has been heralded by privacy and security researchers as an effective defence against dragnet surveillance, but there is no evidence of widespread end-user uptake. We argue that the non-adoption of end-to-end encryption might not be entirely due to usability issues identified by Whitten and Tygar in their seminal paper “Why Johnny Can’t Encrypt”. Our investigation revealed a number of fundamental issues such as incomplete threat models, misaligned incentives, and a general absence of understanding of the email architecture. From our data and related research literature we found evidence of a number of potential explanations for the low uptake of end-to-end encryption. This suggests that merely increasing the availability and usability of encryption functionality in email clients will not automatically encourage increased deployment by email users. We shall have to focus, first, on building comprehensive end-user mental models related to email, and email security. We conclude by suggesting directions for future research.

Title of Book: Privacy Enhancing Technologies - 14th International Symposium, PETS
Series Name: Lecture Notes in Computer Science
Publisher: Springer
ISBN: 978-3-319-08505-0
Uncontrolled Keywords: Security, Usability and Society;Secure Data
Divisions: LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt
20 Department of Computer Science > SECUSO - Security, Usability and Society
Profile Areas > Cybersecurity (CYSEC)
LOEWE > LOEWE-Zentren
20 Department of Computer Science
Profile Areas
LOEWE
Event Location: Amsterdam, The Netherlands
Date Deposited: 28 Jul 2016 18:35
DOI: 10.1007/978-3-319-08506-7_13
Identification Number: TUD-CS-2014-0826
Related URLs:
Export:

Optionen (nur für Redakteure)

View Item View Item