Empirical Studies on Software Notices to Inform Policy Makers and Usability Designers

  • Jens Grossklags
  • Nathan Good
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4886)

Abstract

We evaluate the usability of End User License Agreements (EULAs) of popular consumer programs. Results from an empirical evaluation of 50 popular programs show the lack of accessibility and readability of notices. Our data from a recent study with 64 users involved in installation tasks confirms the public perception that notice to and consent by the user is not achieved.

Keywords

HCI privacy security legal issues End User License Agreement notice 
This is a preview of subscription content, log in to check access

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Good, N., Krekelberg, A.: Usability and privacy: A study of Kazaa P2P file-sharing. In: CHI 2003. Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, pp. 137–144 (2003)Google Scholar
  2. 2.
    Dhamija, R., Tygar, J.D., Hearst, M.: Why Phishing Works. In: CHI 2006. Proceedings of the SIGCHI conference on Human factors in computing systems, pp. 581–590 (2006)Google Scholar
  3. 3.
    Bederson, B.B., Lee, B., Sherman, R.M., Herrnson, P.S., Niemi, R.G.: Electronic voting system usability issues. In: CHI 2003. Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, pp. 145–152 (2003)Google Scholar
  4. 4.
    Whitten, A., Tygar, J.D.: Why Johnny can’t encrypt: A usability evaluation of PGP 5.0. In: Proceedings of the 8th USENIX Security Symposium, pp. 169–184 (1999)Google Scholar
  5. 5.
    AOL and National Cyber Security Alliance: AOL/NCSA online safety study (December 2005), http://www.staysafeonline.info/pdf/safety_study_2005.pdf
  6. 6.
    Earthlink: Earthlink spy audit: Results complied from Webroot’s and Earthlink’s Spy Audit programs (2005), http://www.earthlink.net/about/press/pr_spyAuditReport/
  7. 7.
    Delio, M.: Spyware on My Machine? So What? Wired News (December 06, 2004) http://www.wired.com/news/technology/0,1282,65906,00.html
  8. 8.
    Good, N., Dhamija, R., Grossklags, J., Aronovitz, S., Thaw, D., Mulligan, D., Konstan, J.: Stopping Spyware at the Gate: A User Study of Privacy, Notice and Spyware. In: SOUPS 2005. Proceedings of the Symposium On Usable Privacy and Security, Pittsburgh, PA , pp. 43–52 (July 6-8, 2005)Google Scholar
  9. 9.
    Slawson, W.D.: Standard Form Contracts and Democratic Control of Law Making Power. Harvard Law Review 84, 529–566 (1971)CrossRefGoogle Scholar
  10. 10.
    Overly, M., Kalyvas, J.R.: Software Agreements Line by Line: A Detailed Look at Software Contracts and Licenses & How to Change Them to Fit Your Needs. Aspatore Books (2004)Google Scholar
  11. 11.
    Marotta-Wurgler, F.: Competition and the quality of standard form contracts: An empirical analysis of software license agreements. New York University working paper (2005)Google Scholar
  12. 12.
    Good, N., Grossklags, J., Mulligan, D., Konstan, J.: Noticing Notice: A large-scale experiment on the timing of software license agreements. In: CHI 2007. Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, pp. 607–616 (2007)Google Scholar
  13. 13.
    Kucera, K., Plaisent, M., Bernard, P., Maguiraga, L.: An empirical investigation of the prevalence of spyware in internet shareware and freeware distributions. Journal of Enterprise Information Management 18(6), 697–708 (2005)CrossRefGoogle Scholar
  14. 14.
    Schechter, R.E.: The Unfairness of Click-On Software Licenses. Wayne Law Review 46, 1735–1803 (2000)Google Scholar
  15. 15.
    Microsoft Corporation: Privacy Guidelines for Developing Software Products and Services (October 10, 2006)Google Scholar
  16. 16.
    Casamiquela, R.J.: Contractual Assent and Enforceability in Cyberspace. Berkeley Tech. L.J. 17, 475–495 (2002)Google Scholar
  17. 17.
    Lewandowski, L.J., Codding, R.S., Kleinmann, A.E., Tucker, K.L.: Assessment of Reading Rate in Postsecondary Students. Journal of Psychoeducational Assessment 21(2), 134–144 (2003)CrossRefGoogle Scholar
  18. 18.
    Kincaid, J., Fishburn, R., Rogers Jr., R., Chissom, B.: Derivation of New Readability Formulas for Navy Enlisted Personnel. CNTECHTRA Research Branch Report , 8–75 (1975)Google Scholar
  19. 19.
    Flesch, R.: A new readability yardstick. Journal of Applied Psychology 32, 221–233 (1948)CrossRefGoogle Scholar
  20. 20.
    Jensen, C., Potts, C.: Privacy policies as decision-making tools: An evaluation on online privacy notices. In: CHI 2004. Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, pp. 471–478 (2004)Google Scholar
  21. 21.
    Breese, P., Burman, W.: Readability of Notice of Privacy Forms Used by Major Health Care Institutions. Journal of the American Medical Association 293, 1593–1594 (2005)Google Scholar
  22. 22.
    Hochhauser, M.: Lost in the Fine Print: Readability of Financial Privacy Notices (2001), http://www.privacyrights.org/ar/GLB-Reading.htm
  23. 23.
    Hochhauser, M.: Readability of HIPAA Privacy Notices (2003), http://benefitslink.com/articles/hipaareadability.pdf
  24. 24.
    Masson, M.E.J., Waldron, M.A.: Comprehension of legal contracts by non-experts: Effectiveness of plain language redrafting. Applied Cognitive Psychology 8, 67–85 (1994)CrossRefGoogle Scholar
  25. 25.
    Acquisti, A., Grossklags, J.: Privacy and Rationality in Individual Decision Making. IEEE Security and Privacy 3(1), 26–33 (2005)CrossRefGoogle Scholar
  26. 26.
    Vila, T., Greenstadt, R., Molnar, D.: Why We Can’t Be Bothered To Read Privacy Policies: Models of Privacy Economics as a Lemons Market. In: Camp, L.J., Lewis, S. (eds.) Economics of Information Security, pp. 143–153. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  27. 27.
    Hillman, R.A.: Online Boilerplate: Would Mandatory Website Disclosure of E-Standard Terms Backfire. Michigan Law Review 104, 837–856 (2006)Google Scholar
  28. 28.
    PC Pitstop: It pays to read EULAs (2007), http://www.pcpitstop.com/spycheck/eula.asp
  29. 29.
    Kreuter, M.W., Brennan, L.K., Scharff, D.P., Lukwago, S.N.: Do nutrition label readers eat healthier diets? Behavioral correlates of adults’ use of food labels. American Journal of Preventive Medicine 13(4), 277–283 (1997)Google Scholar
  30. 30.
    Hochhauser, M.: Compliance v Communication. Clarity: Journal of the International Movement to simplify legal language 50, 11–19 (2003)Google Scholar
  31. 31.
    Turow, J., Hoofnagle, C., Mulligan, D., Good, N., Grossklags, J.: Consumers & Privacy In the Coming Decade, Session on Communicating with Consumers in the Next Tech-ade - The Impact of Demographics and Shifting Consumer Attitudes. In: Public Hearings on Protecting Consumers in the Next Tech-ade, Federal Trade Commission, Washington D.C (November 6-8, 2006)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2007

Authors and Affiliations

  • Jens Grossklags
    • 1
  • Nathan Good
    • 1
  1. 1.School of InformationUniversity of CaliforniaBerkeleyUSA

Personalised recommendations