What Would It Take for You to Tell Your Secrets to a Cloud?

Studying Decision Factors When Disclosing Information to Cloud Services
  • Julio AnguloEmail author
  • Erik Wästlund
  • Johan Högberg
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8788)


We investigate the end users’ behaviours and attitudes with regards to the control they place in the personal information that they disclose to cloud storage services. Three controlled experiments were carried out to study the influence in users’ decisions to retain or surrender control over their personal information depending on different factors. The results of these experiments reveal, among other things, the users’ willingness to surrender control over personal information that is perceived as non-sensitive in exchange for valuable rewards, and that users would value the possibility of knowing and controlling the parties who are granted access to their data in the cloud. Based on the results from the experiments we provide implications for the design of end-user tools that can promote transparency and accountability in cloud computing environments.


Cloud computing mental models HCI UX privacy security accountability transparency psychology information control 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Wakefield Research: Partly cloudy – about cloud computing. Survey: Many believe ‘the cloud’ requires a rain coat. Technical report, Citrix (August 2012)Google Scholar
  2. 2.
    Barber, C.J., Oswalt, B., Smith, L.A.: Head in a cloud? A preliminary study of what business students know about cloud computing. Association of Business Information Systems, 63 (2013)Google Scholar
  3. 3.
    Xu, H.: The effects of self-construal and perceived control on privacy concerns. In: Twenty Eighth International Conference on Information Systems (ICIS), Montreal, Canada, p. 125. Citeseer (2007)Google Scholar
  4. 4.
    Hoadley, C.M., Xu, H., Lee, J.J., Rosson, M.B.: Privacy as information access and illusory control: The case of the facebook news feed privacy outcry. Electronic Commerce Research and Applications 9(1), 50–60 (2010)CrossRefGoogle Scholar
  5. 5.
    Brandimarte, L., Acquisti, A., Loewenstein, G.: Misplaced confidences privacy and the control paradox. Social Psychological and Personality Science 4(3), 340–347 (2013)CrossRefGoogle Scholar
  6. 6.
    Gross, R., Acquisti, A.: Information revelation and privacy in online social networks. In: Proceedings of the 2005 ACM Workshop on Privacy in the Electronic Society, WPES 2005, pp. 71–80. ACM, New York (2005)CrossRefGoogle Scholar
  7. 7.
    Barnes, S.B.: A privacy paradox: Social networking in the united states. First Monday 11(9) (2006)Google Scholar
  8. 8.
    Spiekermann, S., Grossklags, J., Berendt, B.: E-privacy in 2nd generation e-commerce: privacy preferences versus actual behavior. In: Proceedings of the 3rd ACM Conference on Electronic Commerce, EC 2001, pp. 38–47. ACM, New York (2001)Google Scholar
  9. 9.
    Tufekci, Z.: Can you see me now? audience and disclosure regulation in online social network sites. Bulletin of Science, Technology & Society 28(1), 20–36 (2008)CrossRefGoogle Scholar
  10. 10.
    Adjerid, I., Acquisti, A., Brandimarte, L., Loewenstein, G.: Sleights of privacy: framing, disclosures, and the limits of transparency. In: Proceedings of the Ninth Symposium on Usable Privacy and Security (SOUPS), Newcastle, UK, p. 9. ACM (July 2013)Google Scholar
  11. 11.
    Ion, I., Sachdeva, N., Kumaraguru, P., Čapkun, S.: Home is safer than the cloud!: privacy concerns for consumer cloud storage. In: Proceedings of the Seventh Symposium on Usable Privacy and Security, SOUPS 2011, pp. 13:1–13:20. ACM, New York (2011)Google Scholar
  12. 12.
    King, J., Lampinen, A., Smolen, A.: Privacy: Is there an app for that? In: Proceedings of the Seventh Symposium on Usable Privacy and Security, p. 12. ACM (2011)Google Scholar
  13. 13.
    Marshall, C., Tang, J.C.: That syncing feeling: Early user experiences with the cloud. In: Proceedings of the Designing Interactive Systems Conference, pp. 544–553. ACM (2012)Google Scholar
  14. 14.
    Danezis, G., Lewis, S., Anderson, R.J.: How much is location privacy worth? In: Proceedings of Fourth Workshop on Economics of Information Security (WEIS), Harvard, UK, vol. 5. Kennedy School of Government (2005)Google Scholar
  15. 15.
    Grossklags, J., Acquisti, A.: When 25 cents is too much: An experiment on willingness-to-sell and willingness-to-protect personal information. In: Proceedings of Sixth Workshop on the Economics of Information Security (WEIS 2007), Pittsburgh, PA, USA (June 2007)Google Scholar
  16. 16.
    Hann, I.H., Hui, K.L., Lee, S.Y.T., Png, I.P.: Online information privacy: Measuring the cost-benefit trade-off. In: International Conference on Information Systems (ICIS), Barcelona, Spain, p. 1 (December 2002)Google Scholar
  17. 17.
    Tversky, A., Kahneman, D.: The framing of decisions and the psychology of choice. Science 211(4481), 453–458 (1981)MathSciNetCrossRefzbMATHGoogle Scholar
  18. 18.
    Rogers, Y., Sharp, H., Preece, J.: Interaction Design: Beyond Human–Computer Interaction. In: Interaction Design: Beyond Human-computer Interaction. John Wiley & Sons (2011)Google Scholar
  19. 19.
    Angulo, J., Fischer-Hübner, S., Pettersson, J.S., Wästlund, E., Martucci, L.: D:C-7.1 General HCI principles and guidelines for accountability and transparency in the cloud. Project deliverable D:C-7.1, A4Cloud Project (September 2013)Google Scholar
  20. 20.
    Vetenskapsrådet: Forskningsetiska principer-inom humanistisk-samhällsvetenskaplig forskning (2002)Google Scholar
  21. 21.
    Sawilowsky, S.S.: Nonparametric tests of interaction in experimental design. Review of Educational Research 60(1), 91–126 (1990)CrossRefGoogle Scholar
  22. 22.
    Cohen, J.: Statistical power analysis for the behavioral sciences. Psychology Press (1988)Google Scholar
  23. 23.
    Brede Moe, N., Gilje Jaatun, M., Haugset, B., Niezen, M., Felizi, M.: D:b-2.4 stakeholder workshop 1 results (initial requirements). Technical report, A4Cloud Project (2013)Google Scholar
  24. 24.
    Whitten, A., Tygar, J.D.: Why Johnny Can’t Encrypt: A Usability Evaluation of PGP 5.0. In: Proceedings of the 8th USENIX Security Symposium (1999)Google Scholar
  25. 25.
    Mason, W., Watts, D.J.: Financial incentives and the performance of crowds. ACM SigKDD Explorations Newsletter 11(2), 100–108 (2010)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  1. 1.Dep. of Information ManagementKarlstad UniversityKarlstadSweden
  2. 2.Dep. of PsychologyKarlstad UniversityKarlstadSweden
  3. 3.Dep. of IT ManagementSwedish Consumer AgencyKarlstadSweden

Personalised recommendations