Why doesn't Jane protect her privacy?

Karen Renaud; Melanie Volkamer; Arne Renkema-Padmos

doi:10.1007/978-3-319-08506-7_13

Why doesn't Jane protect her privacy?

Karen Renaud, Melanie Volkamer, Arne Renkema-Padmos

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

49 Citations (Scopus)

Abstract

End-to-end encryption has been heralded by privacy and security researchers as an effective defence against dragnet surveillance, but there is no evidence of widespread end-user uptake. We argue that the non-adoption of end-to-end encryption might not be entirely due to usability issues identified by Whitten and Tygar in their seminal paper "Why Johnny Can't Encrypt". Our investigation revealed a number of fundamental issues such as incomplete threat models, misaligned incentives, and a general absence of understanding of the email architecture. From our data and related research literature we found evidence of a number of potential explanations for the low uptake of end-to-end encryption. This suggests that merely increasing the availability and usability of encryption functionality in email clients will not automatically encourage increased deployment by email users. We shall have to focus, first, on building comprehensive end-user mental models related to email, and email security. We conclude by suggesting directions for future research.

Original language	English
Title of host publication	Privacy enhancing technologies
Subtitle of host publication	14th International Symposium, PETS 2014, Amsterdam, The Netherlands, July 16-18, 2014, proceedings
Editors	Emiliano De Cristofaro, Steven J. Murdoch
Place of Publication	Cham
Publisher	Springer
Pages	244-262
Number of pages	19
ISBN (Electronic)	9783319085067
ISBN (Print)	9783319085050
DOIs	https://doi.org/10.1007/978-3-319-08506-7_13
Publication status	Published - 20 Jun 2014
Externally published	Yes
Event	14th International Symposium on Privacy Enhancing Technologies - Amsterdam, Netherlands Duration: 16 Jul 2014 → 18 Jul 2014 Conference number: 14th https://petsymposium.org/2014/index.php

Publication series

Name	Lecture Notes in Computer Science (LNCS)
Publisher	Springer
Volume	8555
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	14th International Symposium on Privacy Enhancing Technologies
Abbreviated title	PETS 2014
Country/Territory	Netherlands
City	Amsterdam
Period	16/07/14 → 18/07/14
Internet address	https://petsymposium.org/2014/index.php

Keywords

Email
Ento-to-end encryption
Privacy
Security
Mental model

Access to Document

10.1007/978-3-319-08506-7_13

https://petsymposium.org/2014/papers/Renkema.pdf

Cite this

Renaud, K., Volkamer, M., & Renkema-Padmos, A. (2014). Why doesn't Jane protect her privacy? In E. De Cristofaro, & S. J. Murdoch (Eds.), Privacy enhancing technologies: 14th International Symposium, PETS 2014, Amsterdam, The Netherlands, July 16-18, 2014, proceedings (pp. 244-262). (Lecture Notes in Computer Science (LNCS); Vol. 8555). Springer. https://doi.org/10.1007/978-3-319-08506-7_13

@inproceedings{0a5bd7f6f712488490dd4cc156ad70f1,

title = "Why doesn't Jane protect her privacy?",

abstract = "End-to-end encryption has been heralded by privacy and security researchers as an effective defence against dragnet surveillance, but there is no evidence of widespread end-user uptake. We argue that the non-adoption of end-to-end encryption might not be entirely due to usability issues identified by Whitten and Tygar in their seminal paper {"}Why Johnny Can't Encrypt{"}. Our investigation revealed a number of fundamental issues such as incomplete threat models, misaligned incentives, and a general absence of understanding of the email architecture. From our data and related research literature we found evidence of a number of potential explanations for the low uptake of end-to-end encryption. This suggests that merely increasing the availability and usability of encryption functionality in email clients will not automatically encourage increased deployment by email users. We shall have to focus, first, on building comprehensive end-user mental models related to email, and email security. We conclude by suggesting directions for future research.",

author = "Karen Renaud and Melanie Volkamer and Arne Renkema-Padmos",

year = "2014",

month = jun,

day = "20",

doi = "10.1007/978-3-319-08506-7_13",

language = "English",

isbn = "9783319085050",

series = "Lecture Notes in Computer Science (LNCS)",

publisher = "Springer",

pages = "244--262",

editor = "{De Cristofaro}, Emiliano and Murdoch, {Steven J.}",

booktitle = "Privacy enhancing technologies",

note = "14th International Symposium on Privacy Enhancing Technologies, PETS 2014 ; Conference date: 16-07-2014 Through 18-07-2014",

url = "https://petsymposium.org/2014/index.php",

}

Renaud, K, Volkamer, M & Renkema-Padmos, A 2014, Why doesn't Jane protect her privacy? in E De Cristofaro & SJ Murdoch (eds), Privacy enhancing technologies: 14th International Symposium, PETS 2014, Amsterdam, The Netherlands, July 16-18, 2014, proceedings. Lecture Notes in Computer Science (LNCS), vol. 8555, Springer, Cham, pp. 244-262, 14th International Symposium on Privacy Enhancing Technologies, Amsterdam, Netherlands, 16/07/14. https://doi.org/10.1007/978-3-319-08506-7_13

Why doesn't Jane protect her privacy? / Renaud, Karen; Volkamer, Melanie; Renkema-Padmos, Arne.

Privacy enhancing technologies: 14th International Symposium, PETS 2014, Amsterdam, The Netherlands, July 16-18, 2014, proceedings. ed. / Emiliano De Cristofaro; Steven J. Murdoch. Cham : Springer, 2014. p. 244-262 (Lecture Notes in Computer Science (LNCS); Vol. 8555).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution