Sharing Information with Web Services – A Mental Model Approach in the Context of Optional Information
Web forms are a common way for web service providers to collect data from their users. Usually, the users are asked for a lot of information while some items are labeled as optional and others as mandatory. When filling in the web form, users have to decide, which data, often of personal and sensitive nature, they want to share. The factors that influence the decision whether or not to share some information has been studied in the literature in various contexts. However, it is unclear to which extent their results can be transferred to other contexts. In this work we conduct a qualitative user study to verify, whether the reasons for sharing optional information from previous studies  are relevant for the context of interacting with a commercial website. We found, that only a few of them were named by the participants of our study.
KeywordsWeb forms Optional fields Mental models Interviews
This work has been co-funded by the DFG as part of project D.1 within the RTG 2050 “Privacy and Trust for Mobile Users”. This research has also received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 653454. It has also been supported by the German Federal Ministry of Education and Research (BMBF) as well as by the Hessen State Ministry for Higher Education, Research and the Arts within CRISP.
- 1.Ackerman, M.S., Cranor, L.F., Reagle, J.: Privacy in e-commerce: examining user scenarios and privacy preferences. In: 1st ACM Conference on Electronic Commerce, pp. 1–8. ACM (1999)Google Scholar
- 3.Alkaldi, N., Renaud, K.: Why do people adopt, or reject, smartphone password managers? In: EuroUSEC 2016: European Workshop on Usable Security, vol. 18, pp. 1–14 (2016)Google Scholar
- 6.Knijnenburg, B.P., Kobsa, A., Jin, H.: Counteracting the negative effect of form auto-completion on the privacy calculus. In: ICIS 2013: International Conference on Information Systems. AIS eLibrary (2013)Google Scholar
- 7.Korff, S., Böhme, R.: Too much choice: end-user privacy decisions in the context of choice proliferation. In: SOUpPS 2014: Symposium on Usable Privacy and Security, pp. 69–87. USENIX (2014)Google Scholar
- 9.Krol, K., Preibusch, S.: Control versus effort in privacy warnings for webforms. In: WPES 2016: ACM on Workshop on Privacy in the Electronic Society, pp. 13–23. ACM (2016)Google Scholar
- 10.Kulyk, O., Gerber, P., El Hanafi, M., Reinheimer, B., Renaud, K., Volkamer, M.: Encouraging privacy-aware smartphone app. installation: what would the technically-adept do. In: USEC 2016: Usable Security Workshop. Internet Society (2016)Google Scholar
- 11.Malheiros, M., Preibusch, S., Sasse, M.A.: “Fairly truthful”: the impact of perceived effort, fairness, relevance, and sensitivity on personal data disclosure. In: Huth, M., Asokan, N., Čapkun, S., Flechais, I., Coles-Kemp, L. (eds.) Trust 2013. LNCS, vol. 7904, pp. 250–266. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-38908-5_19 CrossRefGoogle Scholar
- 14.The European Parliament and of the Council of European Union: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (2016), http://eur-lex.europa.eu/legal-content/EN/ALL/?uri=CELEX:32016R0679, last accessed on 10.02.2017
- 15.Volkamer, M., Renaud, K.: Mental models – general introduction and review of their application to human-centred security. In: Fischlin, M., Katzenbeisser, S. (eds.) Number Theory and Cryptography. LNCS, vol. 8260, pp. 255–280. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-42001-6_18 Google Scholar