Jump to Content
Sunny Consolvo

Sunny Consolvo

Sunny is a researcher at Google where she spends most of her time focusing on digital-safety topics.
Authored Publications
Google Publications
Other Publications
Sort By
  • Title
  • Title, desc
  • Year
  • Year, desc
    Preview abstract Online content creators---who create and share their content on platforms such as Instagram, TikTok, Twitch, and YouTube---are uniquely at-risk of increased digital-safety threats due to their public prominence, the diverse social norms of wide-ranging audiences, and their access to audience members as a valuable resource. We interviewed 23 creators to understand their digital-safety experiences. This includes the security, privacy, and abuse threats they have experienced across multiple platforms and how the threats have changed over time. We also examined the protective practices they have employed to stay safer, including tensions in how they adopt the practices. We found that creators have diverse threat models that take into consideration their emotional, physical, relational, and financial safety. Most adopted protections---including distancing from technology, moderating their communities, and seeking external or social support---only after experiencing a serious safety incident. Lessons from their experiences help us better prepare and protect creators and ensure a diversity of voices are present online. View details
    Preview abstract Online hate and harassment poses a threat to the digital safety of people globally. In light of this risk, there is a need to equip as many people as possible with advice to stay safer online. We interviewed 24 experts to understand what threats and advice internet users should prioritize to prevent or mitigate harm. As part of this, we asked experts to evaluate 45 pieces of existing hate-and-harassment-specific digital-safety advice to understand why they felt advice was viable or not. We find that experts frequently had competing perspectives for which threats and advice they would prioritize. We synthesize sources of disagreement, while also highlighting the primary threats and advice where experts concurred. Our results inform immediate efforts to protect users from online hate and harassment, as well as more expansive socio-technical efforts to establish enduring safety. View details
    Practicing Information Sensibility: How Gen Z Engages with Online Information
    Amelia Hassoun
    Ian Beacock
    Beth Goldberg
    Patrick Gage Kelley
    Daniel M. Russell
    ACM CHI Conference on Human Factors in Computing Systems (2023)
    Preview abstract Assessing the trustworthiness of information online is complicated. Literacy-based paradigms are both widely used to help and widely critiqued. We conducted a study with 35 Gen Zers from across the U.S. to understand how they assess information online. We found that they tended to encounter—rather than search for—information, and that those encounters were shaped more by social motivations than by truth-seeking queries. For them, information processing is fundamentally a social practice. Gen Zers interpreted online information together, as aspirational members of social groups. Our participants sought information sensibility: a socially-informed awareness of the value of information encountered online. We outline key challenges they faced and practices they used to make sense of information. Our findings suggest that like their information sensibility practices, solutions and strategies to address misinformation should be embedded in social contexts online. View details
    Understanding Digital-Safety Experiences of Youth in the U.S.
    Diana Freed
    Natalie N. Bazarova
    Eunice Han
    Patrick Gage Kelley
    Dan Cosley
    The ACM CHI Conference on Human Factors in Computing Systems, ACM (2023)
    Preview abstract The seamless integration of technology into the lives of youth has raised concerns about their digital safety. While prior work has explored youth experiences with physical, sexual, and emotional threats—such as bullying and trafficking—a comprehensive and in-depth understanding of the myriad threats that youth experience is needed. By synthesizing the perspectives of 36 youth and 65 adult participants from the U.S., we provide an overview of today’s complex digital-safety landscape. We describe attacks youth experienced, how these moved across platforms and into the physical world, and the resulting harms. We also describe protective practices the youth and the adults who support them took to prevent, mitigate, and recover from attacks, and key barriers to doing this effectively. Our findings provide a broad perspective to help improve digital safety for youth and set directions for future work. View details
    SoK: A Framework for Unifying At-Risk User Research
    Noel Warford
    Tara Matthews
    Kaitlyn Yang
    Omer Akgul
    Patrick Gage Kelley
    Nathan Malkin
    Michelle L. Mazurek
    (2022)
    Preview abstract At-risk users are people who experience risk factors that augment or amplify their chances of being digitally attacked and/or suffering disproportionate harms. In this systematization work, we present a framework for reasoning about at-risk users based on a wide-ranging meta-analysis of 95 papers. Across the varied populations that we examined (e.g., children, activists, people with disabilities), we identified 10 unifying contextual risk factors—such as marginalization and access to a sensitive resource—that augment or amplify digital-safety risks and their resulting harms. We also identified technical and non-technical practices that at-risk users adopt to attempt to protect themselves from digital-safety risks. We use this framework to discuss barriers that limit at-risk users’ ability or willingness to take protective actions. We believe that researchers and technology creators can use our framework to identify and shape research investments to benefit at-risk users, and to guide technology design to better support at-risk users. View details
    “I just wanted to triple check ... they were all vaccinated” — Supporting Risk Negotiation in the Context of COVID-19
    Jennifer Brown
    Jennifer C. Mankoff
    Margaret E. Morris
    Paula S. Nurius
    Savanna Yee
    ACM Transactions on Computer-Human Interaction (2022)
    Preview abstract During the COVID-19 pandemic, risk negotiation became an important precursor to in-person contact. For young adults, social planning generally occurs through computer-mediated communication. Given the importance of social connectedness for mental health and academic engagement, we sought to understand how young adults plan in-person meetups over computer-mediated communication in the context of the pandemic. We present a qualitative study that explores young adults’ risk negotiation during the COVID-19 pandemic, a period of conflicting public health guidance. Inspired by cultural probe studies, we invited participants to express their preferred precautions for one week as they planned in-person meetups. We interviewed and surveyed participants about their experiences. Through qualitative analysis, we identify strategies for risk negotiation, social complexities that impede risk negotiation, and emotional consequences of risk negotiation. Our findings have implications for AI-mediated support for risk negotiation and assertive communication more generally. We explore tensions between risks and potential benefits of such systems. View details
    Preview abstract Content creators—social media personalities with large audiences on platforms like Instagram, TikTok, and YouTube—face a heightened risk of online hate and harassment. We surveyed 135 creators to understand their personal experiences with attacks (including toxic comments, impersonation, stalking, and more), the coping practices they employ, and gaps they experience with existing solutions (such as moderation or reporting). We find that while a majority of creators view audience interactions favorably, nearly every creator could recall at least one incident of hate and harassment, and attacks are a regular occurrence for one in three creators. As a result of hate and harassment, creators report self-censoring their content and leaving platforms. Through their personal stories, their attitudes towards platform-provided tools, and their strategies for coping with attacks and harms, we inform the broader design space for how to better protect people online from hate and harassment. View details
    Preview abstract People who are involved with political campaigns face increased digital security threats from well-funded, sophisticated attackers, especially nation-states. Improving political campaign security is a vital part of protecting democracy. To identify campaign security issues, we conducted qualitative research with 28 participants across the U.S. political spectrum to understand the digital security practices, challenges, and perceptions of people involved in campaigns. A main, overarching finding is that a unique combination of threats, constraints, and work culture lead people involved with political campaigns to use technologies from across platforms and domains in ways that leave them—and democracy—vulnerable to security attacks. Sensitive data was kept in a plethora of personal and work accounts, with ad hoc adoption of strong passwords, two-factor authentication, encryption, and access controls. No individual company, committee, organization, campaign, or academic institution can solve the identified problems on their own. To this end, we provide an initial understanding of this complex problem space and recommendations for how a diverse group of experts can begin working together to improve security for political campaigns. View details
    SoK: Hate, Harassment, and the Changing Landscape of Online Abuse
    Devdatta Akhawe
    Michael Bailey
    Dan Boneh
    Nicola Dell
    Zakir Durumeric
    Patrick Gage Kelley
    Deepak Kumar
    Damon McCoy
    Sarah Meiklejohn
    Thomas Ristenpart
    Gianluca Stringhini
    (2021)
    Preview abstract We argue that existing security, privacy, and anti-abuse protections fail to address the growing threat of online hate and harassment. In order for our community to understand and address this gap, we propose a taxonomy for reasoning about online hate and harassment. Our taxonomy draws on over 150 interdisciplinary research papers that cover disparate threats ranging from intimate partner violence to coordinated mobs. In the process, we identify seven classes of attacks---such as toxic content and surveillance---that each stem from different attacker capabilities and intents. We also provide longitudinal evidence from a three-year survey that hate and harassment is a pervasive, growing experience for online users, particularly for at-risk communities like young adults and people who identify as LGBTQ+. Responding to each class of hate and harassment requires a unique strategy and we highlight five such potential research directions that ultimately empower individuals, communities, and platforms to do so. View details
    Designing Toxic Content Classification for a Diversity of Perspectives
    Deepak Kumar
    Patrick Gage Kelley
    Joshua Mason
    Zakir Durumeric
    Michael Bailey
    (2021)
    Preview abstract In this work, we demonstrate how existing classifiers for identifying toxic comments online fail to generalize to the diverse concerns of Internet users. We survey 17,280 participants to understand how user expectations for what constitutes toxic content differ across demographics, beliefs, and personal experiences. We find that groups historically at-risk of harassment—such as people who identify as LGBTQ+ or young adults—are more likely to to flag a random comment drawn from Reddit, Twitter, or 4chan as toxic, as are people who have personally experienced harassment in the past. Based on our findings, we show how current one-size-fits-all toxicity classification algorithms, like the Perspective API from Jigsaw, can improve in accuracy by 86% on average through personalized model tuning. Ultimately, we highlight current pitfalls and new design directions that can improve the equity and efficacy of toxic content classifiers for all users. View details
    College from home during COVID-19: A mixed-methods study of heterogeneous experiences
    Margaret E. Morris
    Kevin S. Kuehn
    Jennifer Brown
    Paula S. Nurius
    Han Zhang
    Yasaman S. Sefidgar
    Xuhai Xu
    Eve A. Riskin
    Anind K. Dey
    Jennifer C. Mankoff
    Proceedings of the ACM on Human Computer Interaction (PACM HCI), ACM (2021)
    Preview abstract This mixed-method study examined the experiences of college students during the COVID-19 pandemic through surveys, experience sampling data collected over two academic quarters (Spring 2019 n1 = 253; Spring 2020 n2 = 147), and semi-structured interviews with 27 undergraduate students. There were no marked changes in mean levels of depressive symptoms, anxiety, stress, or loneliness between 2019 and 2020, or over the course of the Spring 2020 term. Students in both the 2019 and 2020 cohort who indicated psychosocial vulnerability at the initial assessment showed worse psychosocial functioning throughout the entire Spring term relative to other students. However, rates of distress increased faster in 2020 than in 2019 for these individuals. Across individuals, homogeneity of variance tests and multi-level models revealed significant heterogeneity, suggesting the need to examine not just means but the variations in individuals’ experiences. Thematic analysis of interviews characterizes these varied experiences, describing the contexts for students' challenges and strategies. This analysis highlights the interweaving of psychosocial and academic distress: Challenges such as isolation from peers, lack of interactivity with instructors, and difficulty adjusting to family needs had both an emotional and academic toll. Strategies for adjusting to this new context included initiating remote study and hangout sessions with peers, as well as self-learning. In these and other strategies, students used technologies in different ways and for different purposes than they had previously. Supporting qualitative insight about adaptive responses were quantitative findings that students who used more problem-focused forms of coping reported fewer mental health symptoms over the course of the pandemic, even though they perceived their stress as more severe. These findings underline the need for interventions oriented towards problem-focused coping and suggest opportunities for peer role modeling. View details
    Tough Times at Transitional Homeless Shelters: Considering the Impact of Financial Insecurity on Digital Security and Privacy
    Tara Matthews
    Jill Palzkill Woelfer
    Martin Shelton
    Andrew Oplinger
    Andreas Schou
    Proceedings of the 2019 CHI Conference on Human Factors in Computing Systems
    Preview abstract Addressing digital security and privacy issues can be particularly difficult for users who face challenging circumstances. We performed semi-structured interviews with residents and staff at 4 transitional homeless shelters in the U.S. San Francisco Bay Area (n=15 residents, 3 staff) to explore their digital security and privacy challenges. Based on these interviews, we outline four tough times themes -- challenges experienced by our financially insecure participants that impacted their digital security and privacy -- which included: (1) limited financial resources, (2) limited access to reliable devices and Internet, (3) untrusted relationships, and (4) ongoing stress. We provide examples of how each theme impacts digital security and privacy practices and needs. We then use these themes to provide a framework outlining opportunities for technology creators to better support users facing security and privacy challenges related to financial insecurity. View details
    Preview abstract South Asia faces one of the largest gender gaps online globally, and online safety is one of the main barriers to gender-equitable Internet access [GSMA, 2015]. To better understand the gendered risks and coping practices online in South Asia, we present a qualitative study of the online abuse experiences and coping practices of 199 people who identified as women and 6 NGO staff from India, Pakistan, and Bangladesh, using a feminist analysis. We found that a majority of our participants regularly contended with online abuse, experiencing three major abuse types: cyberstalking, impersonation, and personal content leakages. Consequences of abuse included emotional harm, reputation damage, and physical and sexual violence. Participants coped through informal channels rather than through technological protections or law enforcement. Altogether, our findings point to opportunities for designs, policies, and algorithms to improve women's safety online in South Asia. View details
    Towards gender-equitable privacy and security in South Asia
    Amna Batool
    David Nemer
    Nithya Sambasivan
    Nova Ahmed
    Sane Gaytán
    Tara Matthews
    IEEE Security & Privacy (2019)
    Preview abstract 2017 marked the year when half the world went online. But women remain under-represented on the Internet. Nearly two-thirds of countries have more men than women online [1]. South Asia has one of the largest gender gaps when it comes to mobile and Internet access: 29% of users from India are women and they are 26% less likely than South Asian men to own a phone [2]. A large and growing population of nearly 760 million women live in India, Bangladesh, and Pakistan [3-5]. As a result a growing affordability and ease of access, women will comprise a significant proportion of new Internet users. As the gaps close online, there is enormous potential for security and privacy technologies to turn towards gender-equitable designs and enable women to equitably participate online. View details
    “Privacy is not for me, it’s for those rich women”: Performative Privacy Practices on Mobile Phones by Women in South Asia
    Amna Batool
    David Nemer
    Nithya Sambasivan
    Nova Ahmed
    Sane Gaytán
    Tara Matthews
    Symposium on Usable Privacy and Security (SOUPS) 2018 (2018)
    Preview abstract Women in South Asia own fewer personal devices like laptops and phones than women elsewhere in the world. Further, cultural expectations influence how mobile phones are shared with and digital activities are scrutinized by family members. In this paper, we report on a qualitative study conducted in India, Pakistan, and Bangladesh about how women perceive, manage, and control their personal privacy on shared phones. We describe a set of five performative practices our participants employed to maintain individuality and privacy, despite frequent borrowing and monitoring of their devices by family and social relations. These practices involved management of phone and app locks, content deletion, technology avoidance, and use of private modes. We present design opportunities for maintaining privacy on shared devices that are mindful of the social norms and values in the South Asian countries studied, including to improve discovery of privacy controls, offer content hiding, and provide algorithmic understanding of multiple-user use cases. Our suggestions have implications for enhancing the agency of user populations whose social norms shape their phone use. View details
    Preview abstract Web browser warnings should help protect people from malware, phishing, and network attacks. Adhering to warnings keeps people safer online. Recent improvements in warning design have raised adherence rates, but they could still be higher. And prior work suggests many people still do not understand them. Thus, two challenges remain: increasing both comprehension and adherence rates. To dig deeper into user decision making and comprehension of warnings, we performed an experience sampling study of web browser security warnings, which involved surveying over 6,000 Chrome and Firefox users in situ to gather reasons for adhering or not to real warnings. We find these reasons are many and vary with context. Contrary to older prior work, we do not find a single dominant failure in modern warning design---like habituation---that prevents effective decisions. We conclude that further improvements to warnings will require solving a range of smaller contextual misunderstandings. View details
    Stories from survivors: Privacy & security practices when coping with intimate partner abuse
    Tara Matthews
    Jill Palzkill Woelfer
    Martin Shelton
    Cori Manthorne
    CHI '17 Proceedings of the 2017 CHI Conference on Human Factors in Computing Systems, ACM, New York, NY, USA (2017), pp. 2189-2201
    Preview abstract We present a qualitative study of the digital privacy and security motivations, practices, and challenges of survivors of intimate partner abuse (IPA). This paper provides a framework for organizing survivors' technology practices and challenges into three phases: physical control, escape, and life apart. This three-phase framework combines technology practices with three phases of abuse to provide an empirically sound method for technology creators to consider how survivors of IPA can leverage new and existing technologies. Overall, our results suggest that the usability of and control over privacy and security functions should be or continue to be high priorities for technology creators seeking ways to better support survivors of IPA. View details
    Preview abstract Recognizing how intimate partner abuse’s three phases—physical control, escape from abuser, and life apart—affect survivors’ technology use can help technology creators better understand and support this population’s digital security and privacy needs. View details
    Preview abstract Users often don’t follow expert advice for staying secure online, but the reasons for users’ noncompliance are only partly understood. More than 200 security experts were asked for the top three pieces of advice they would give non-tech-savvy users. The results suggest that, although individual experts give thoughtful, reasonable answers, the expert community as a whole lacks consensus. View details
    Preview abstract We propose a new set of browser security indicators, based on user research and an understanding of the design challenges faced by browsers. To motivate the need for new security indicators, we critique existing browser security indicators and survey 1,329 people about Google Chrome's indicators. We then evaluate forty icons and seven complementary strings by surveying thousands of respondents about their perceptions of the candidates. Ultimately, we select and propose three indicators. Our proposed indicators have been adopted by Google Chrome, and we hope to motivate others to update their security indicators as well. View details
    “She’ll just grab any device that’s closer”: A Study of Everyday Device & Account Sharing in Households
    Tara Matthews
    Kerwell Liao
    Marianne Berkovich
    Proceedings of the ACM Conference on Human Factors in Computing Systems, ACM (2016) (to appear)
    Preview abstract Many technologies assume a single user will use an account or device. But account and device sharing situations (when 2+ people use a single device or account) may arise during everyday life. We present results from a multiple-methods study of device and account sharing practices among household members and their relations. Among our findings are that device and account sharing was common, and mobile phones were often shared despite being considered “personal” devices. Based on our study results, we organize sharing practices into a taxonomy of six sharing types — distinct patterns of what, why, and how people shared. We also present two themes that cut across sharing types: that (1) trust in sharees and (2) convenience highly influenced sharing practices. Based on these findings, implications for study and technology design. View details
    “...no one can hack my mind”: Comparing Expert and Non-Expert Security Practices
    Iulia Ion
    Proceedings of the Eleventh Symposium On Usable Privacy and Security, USENIX (2015), pp. 327-346
    Preview abstract The state of advice given to people today on how to stay safe online has plenty of room for improvement. Too many things are asked of them, which may be unrealistic, time consuming, or not really worth the effort. To improve the security advice, our community must find out what practices people use and what recommendations, if messaged well, are likely to bring the highest benefit while being realistic to ask of people. In this paper, we present the results of a study which aims to identify which practices people do that they consider most important at protecting their security online. We compare self-reported security practices of non-experts to those of security experts (i.e., participants who reported having five or more years of experience working in computer security). We report on the results of two online surveys—one with 231 security experts and one with 294 MTurk participants—on what the practices and attitudes of each group are. Our findings show a discrepancy between the security practices that experts and non-experts report taking. For instance, while experts most frequently report installing software updates, using two-factor authentication and using a password manager to stay safe online, non-experts report using antivirus software, visiting only known websites, and changing passwords frequently. View details
    A Comparison of Questionnaire Biases Across Sample Providers
    Victoria Sosik
    American Association for Public Opinion Research, 2015 Annual Conference (2015)
    Preview abstract Survey research, like all methods, is fraught with potential sources of error that can significantly affect the validity and reliability of results. There are four major types of error common to surveys as a data collection method: (1) coverage error arising from certain segments of a target population being excluded, (2) nonresponse error where not all those selected for a sample respond, (3) sampling error which results from the fact that surveys only collect data from a subset of the population being measured, and (4) measurement error. Measurement error can arise from the wording and design of survey questions (i.e., instrument error), as well as the variability in respondent ability and motivation (i.e., respondent error) [17]. This paper focuses primarily on measurement error as a source of bias in surveys. It is well established that instrument error [34, 40] and respondent error (e.g., [21]) can yield meaningful differences in results. For example, variations in response order, response scales, descriptive text, or images used in a survey can lead to instrument error which can result in skewed response distributions. Certain types of questions can trigger other instrument error biases, such as the tendency to agree with statements presented in an agree/disagree format (acquiescence bias) or the hesitancy to admit undesirable behaviors or overreport desirable behaviors (social desirability bias). Respondent error is largely related to the amount of cognitive effort required to answer a survey and arises when respondents are either unable or unwilling to exert the required effort [21]. Such measurement error has been compared across survey modes, such as face-to-face, telephone, and Internet (e.g., [9, 18]), but little work has compared different Internet samples, such as crowdsourcing task platforms (e.g., Amazon’s Mechanical Turk), paywall surveys (e.g., Google Consumer Surveys), opt-in panels (e.g., Survey Sampling International), and probability based panels (e.g., the Gfk KnowledgePanel). Because these samples differ in recruiting, context, and incentives, respondents may be more or less motivated to effortfully respond to questions, leading to different degrees of bias in different samples. The specific instruments deployed to respondents in these different modes can also exacerbate the situation by requiring more or less cognitive effort to answer satisfactorily. The present study has two goals: Investigate the impact of question wording on response distributions in order to measure the strength of common survey biases arising from instrument and respondent error Compare the variance in the degree of these biases across Internet survey samples with differing characteristics in order to determine whether certain types of samples are more susceptible to certain biases than others. View details
    Attitudes Toward Vehicle-Based Sensing and Recording
    Sebastian Schnorf
    Brian Kemler
    Proceedings of the 2015 ACM International Joint Conference on Pervasive and Ubiquitous Computing, ACM, pp. 1017-1028
    Preview abstract Vehicles increasingly include features that rely on hi-tech sensors and recording; however, little is known of public attitudes toward such recording. We use two studies, an online survey (n=349) and an interview-based study (n=15), to examine perceptions of vehicle-based sensing and recording. We focus on: 1) how vehicle-based recording and sensing may differ from perceptions of current recording; 2) factors that impact comfort with vehicle-based recording for hypothetical drivers versus bystanders; and 3) perceptions of potential privacy-preserving techniques. We find that vehicle-based recording challenges current mental models of recording awareness. Comfort tends to depend on perceived bene- fits, which can vary by stakeholder type. Perceived privacy in spaces near cars can also impact comfort and reflect mental models of private spaces as well as the range of potentially sensitive activities people perform in and near cars. Privacy-preserving techniques may increase perceived comfort but may require addressing trust and usability issues. View details
    Improving SSL Warnings: Comprehension and Adherence
    Somas Thyagaraja
    Alan Bettes
    Helen Harris
    Jeff Grimes
    Proceedings of the Conference on Human Factors and Computing Systems, ACM (2015)
    Preview abstract Browsers warn users when the privacy of an SSL/TLS connection might be at risk. An ideal SSL warning would empower users to make informed decisions and, failing that, guide confused users to safety. Unfortunately, users struggle to understand and often disregard real SSL warnings. We report on the task of designing a new SSL warning, with the goal of improving comprehension and adherence. We designed a new SSL warning based on recommendations from warning literature and tested our proposal with microsurveys and a field experiment. We ultimately failed at our goal of a well-understood warning. However, nearly 30% more total users chose to remain safe after seeing our warning. We attribute this success to opinionated design, which promotes safety with visual cues. Subsequently, our proposal was released as the new Google Chrome SSL warning. We raise questions about warning comprehension advice and recommend that other warning designers use opinionated design. View details
    Designing for Healthy Lifestyles: Design Considerations for Mobile Technologies to Encourage Consumer Health and Wellness
    Predrag Klasnja
    David W. McDonald
    James A. Landay
    Foundations and Trends® in Human-Computer Interaction, vol. 6 (2014), 167–315
    Preview abstract As the rates of lifestyle diseases such as obesity, diabetes, and heart disease continue to rise, the development of effective tools that can help people adopt and sustain healthier habits is becoming ever more important. Mobile computing holds great promise for providing effective support for helping people manage their health in everyday life. Yet, for this promise to be realized, mobile wellness systems need to be well designed, not only in terms of how they implement specific behavior-change techniques but also, among other factors, in terms of how much burden they put on the user, how well they integrate into the user’s daily life, and how they address the user’s privacy concerns. Designing for all of these constraints is difficult, and it is often not clear what tradeoffs particular design decisions have on how a wellness application is experienced and used. In this monograph, we provide an account of different design approaches to common features of mobile wellness applications and we discuss the tradeoffs inherent in those approaches. We also outline the key challenges that HCI researchers and designers will need to address to move the state of the art for mobile wellness technologies forward. View details
    “My religious aunt asked why I was trying to sell her viagra”: Experiences with account hijacking
    Richard Shay
    Iulia Ion
    Proceedings of the SIGCHI Conference on Human Factors in Computing Systems: CHI '14, ACM, New York, NY, USA (2014), pp. 2657-2666
    Preview abstract With so much of our lives digital, online, and not entirely under our control, we risk losing access to our communications, reputation, and data. Recent years have brought a rash of high-profile account compromises, but account hijacking is not limited to high-profile accounts. In this paper, we report results of a survey about people’s experiences with and attitudes toward account hijacking. The problem is widespread; 30% of our 294 participants had an email or social networking account accessed by an unauthorized party. Five themes emerged from our results: (1) compromised accounts are often valuable to victims, (2) attackers are mostly unknown, but sometimes known, to victims, (3) users acknowledge some responsibility for keeping their accounts secure, (4) users’ understanding of important security measures is incomplete, and (5) harm from account hijacking is concrete and emotional. We discuss implications for designing security mechanisms to improve chances for user adoption. View details
    Are You Ready to Lock? Understanding User Motivations for Smartphone Locking Behaviors
    Serge Egelman
    Sakshi Jain
    Rebecca Pottenger
    Kerwell Liao
    David Wagner
    Proceedings of the ACM Conference on Computer and Communications Security: CCS '14, ACM (2014)
    Preview
    Helping You Protect You
    M. Angela Sasse
    Charles C. Palmer
    Markus Jakobsson
    Rick Wash
    L. Jean Camp
    IEEE (2014), pp. 39-42
    Preview abstract Guest editors M. Angela Sasse and Charles C. Palmer speak with security practitioners (L. Jean Camp, Sunny Consolvo, Markus Jakobsson, and Rick Wash) about what companies are doing to keep customers secure, and what users can do to stay safe. View details
    Online Microsurveys for User Experience Research
    Victoria Schwanda Sosik
    Gueorgi Kossinets
    Kerwell Liao
    Paul McDonald
    CHI '14 Extended Abstracts on Human Factors in Computing Systems (2014)
    Preview
    Experimenting At Scale With Google Chrome's SSL Warning
    Hazim Almuhimedi
    ACM CHI Conference on Human Factors in Computing Systems (2014)
    Preview abstract Web browsers shown HTTPS authentication warnings (i.e., SSL warnings) when the integrity and confidentiality of users' interactions with websites are at risk. Our goal in this work is to decrease the number of users who click through the Google Chrome SSL warning. Prior research showed that the Mozilla Firefox SSL warning has a much lower click-through rate (CTR) than Chrome. We investigate several factors that could be responsible: the use of imagery, extra steps before the user can proceed, and style choices. To test these factors, we ran six experimental SSL warnings in Google Chrome 29 and measured 130,754 impressions. View details
    Your Reputation Precedes You: History, Reputation, and the Chrome Malware Warning
    Hazim Almuhimedi
    Proceedings of the Symposium On Usable Privacy and Security: SOUPS '14, USENIX (2014)
    Preview abstract Several web browsers, including Google Chrome and Mozilla Firefox, use malware warnings to stop people from visiting infectious websites. However, users can choose to click through (i.e., ignore) these malware warnings. In Google Chrome, users click through a fifth of malware warnings on average. We investigate factors that may contribute to why people ignore such warnings. First, we examine field data to see how browsing history affects click-through rates. We find that users consistently heed warnings about websites that they have not visited before. However, users respond unpredictably to warnings about websites that they have previously visited. On some days, users ignore more than half of warnings about websites they've visited in the past. Next, we present results of an online, survey-based experiment that we ran to gain more insight into the effects of reputation on warning adherence. Participants said that they trusted high-reputation websites more than the warnings; however, their responses suggest that a notable minority of people could be swayed by providing more information. We provide recommendations for warning designers and pose open questions about the design of malware warnings. View details
    Would a Privacy Fundamentalist Sell Their DNA for $1000...If Nothing Bad Happened as a Result? The Westin Categories, Behavioral Intentions, and Consequences
    Allison Woodruff
    Vasyl Pihur
    Lauren Schmidt
    Laura Brandimarte
    Alessandro Acquisti
    Proceedings of the Symposium On Usable Privacy and Security: SOUPS '14, USENIX (2014)
    Preview abstract Westin's Privacy Segmentation Index has been widely used to measure privacy attitudes and categorize individuals into three privacy groups: fundamentalists, pragmatists, and unconcerned. Previous research has failed to establish a robust correlation between the Westin categories and actual or intended behaviors. Unexplored however is the connection between the Westin categories and individuals' responses to the consequences of privacy behaviors. We use a survey of 884 Amazon Mechanical Turk participants to investigate the relationship between the Westin Privacy Segmentation Index and attitudes and behavioral intentions for both privacy-sensitive scenarios and privacy-sensitive consequences. Our results indicate a lack of correlation between the Westin categories and consequences. We discuss potential implications of this attitude-consequence gap. View details
    ShutEye: encouraging awareness of healthy sleep recommendations with a mobile, peripheral display
    Jared Bauer
    Benjamin Greenstein
    Jonathan W. Schooler
    Eric Wu
    Nathaniel F. Watson
    Julie A. Kientz
    CHI (2012), pp. 1401-1410
    Living in a glass house: a survey of private moments in the home
    Eun Kyoung Choe
    Jaeyeon Jung
    Beverly L. Harrison
    Julie A. Kientz
    Ubicomp (2011), pp. 41-44
    Facebook for health: opportunities and challenges for driving behavior change
    Margaret E. Morris
    Sean A. Munson
    Kevin Patrick
    Janice Y. Tsai
    Adam D. I. Kramer
    CHI Extended Abstracts (2011), pp. 443-446
    Attitudes toward online availability of US public records
    Sean A. Munson
    Daniel Avrahami
    James Fogarty
    Batya Friedman
    Ian E. Smith
    DG.O (2011), pp. 2-9
    How to evaluate technologies for health behavior change in HCI research
    Predrag V. Klasnja
    Wanda Pratt
    CHI (2011), pp. 3063-3072
    Opportunities for computing technologies to support healthy sleep behaviors
    Eun Kyoung Choe
    Nathaniel F. Watson
    Julie A. Kientz
    CHI (2011), pp. 3053-3062
    Barriers to Physical Activity: A Study of Self-Revelation in an Online Community
    Tammy Toscos
    David W. McDonald
    J. Medical Systems, vol. 35 (2011), pp. 1225-1242
    The Wi-Fi privacy ticker: improving awareness & control of personal information exposure on Wi-Fi
    Jaeyeon Jung
    Ben Greenstein
    Pauline Powledge
    Gabriel Maganis
    Daniel Avrahami
    UbiComp (2010), pp. 321-330
    "Is it normal to be this sore?": using an online forum to investigate barriers to physical activity
    Tammy Toscos
    David W. McDonald
    IHI (2010), pp. 346-355
    Interacting with eHealth: towards grand challenges for HCI
    m. c. schraefel
    Paul André
    Ryen White
    Desney S. Tan
    Tim Berners-Lee
    Robert Jacobs
    Isaac S. Kohane
    Christopher A. Le Dantec
    Lena Mamykina
    Gary Marsden
    Ben Shneiderman
    Peter Szolovits
    Daniel J. Weitzner
    CHI Extended Abstracts (2009), pp. 3309-3312
    Theory-driven design strategies for technologies that support behavior change in everyday life
    David W. McDonald
    James A. Landay
    CHI (2009), pp. 405-414
    "When I am on Wi-Fi, I am fearless": privacy concerns and practices in everyday Wi-Fi use
    Predrag V. Klasnja
    Jaeyeon Jung
    Benjamin Greenstein
    Louis LeGrand
    Pauline Powledge
    David Wetherall
    CHI (2009), pp. 1993-2002
    Exploring Privacy Concerns about Personal Sensing
    Predrag V. Klasnja
    Tanzeem Choudhury
    Richard Beckwith
    Jeffrey Hightower
    Pervasive (2009), pp. 176-183
    Engagement by design
    Timothy W. Bickmore
    Stephen S. Intille
    CHI Extended Abstracts (2009), pp. 4807-4810
    Designing for Behavior Change in Everyday Life
    James A. Landay
    David W. McDonald
    IEEE Computer, vol. 42 (2009), pp. 86-89
    Designing for persuasion: mobile services for health behavior change
    Kendra Markle
    Kevin Patrick
    Kara Chanasyk
    PERSUASIVE (2009), pp. 11
    UbiGreen: investigating a mobile tool for tracking and supporting green transportation habits
    Jon Froehlich
    Tawanna Dillahunt
    Predrag V. Klasnja
    Jennifer Mankoff
    Beverly L. Harrison
    James A. Landay
    CHI (2009), pp. 1043-1052
    Goal-setting considerations for persuasive technologies that encourage physical activity
    Predrag V. Klasnja
    David W. McDonald
    James A. Landay
    PERSUASIVE (2009), pp. 8
    The Mobile Sensing Platform: An Embedded Activity Recognition System
    Tanzeem Choudhury
    Gaetano Borriello
    Dirk Hähnel
    Beverly L. Harrison
    Bruce Hemingway
    Jeffrey Hightower
    Predrag V. Klasnja
    Karl Koscher
    Anthony LaMarca
    James A. Landay
    Louis LeGrand
    Jonathan Lester
    Ali Rahimi
    Adam D. Rea
    Danny Wyatt
    IEEE Pervasive Computing, vol. 7 (2008), pp. 32-41
    Flowers or a robot army?: encouraging awareness & activity with personal, mobile displays
    Predrag V. Klasnja
    David W. McDonald
    Daniel Avrahami
    Jon Froehlich
    Louis LeGrand
    Ryan Libby
    Keith Mosher
    James A. Landay
    UbiComp (2008), pp. 54-63
    Activity sensing in the wild: a field trial of ubifit garden
    David W. McDonald
    Tammy Toscos
    Mike Y. Chen
    Jon Froehlich
    Beverly L. Harrison
    Predrag V. Klasnja
    Anthony LaMarca
    Louis LeGrand
    Ryan Libby
    Ian E. Smith
    James A. Landay
    CHI (2008), pp. 1797-1806
    MyExperience: a system for in situ tracing and capturing of user feedback on mobile phones
    Jon Froehlich
    Mike Y. Chen
    Beverly L. Harrison
    James A. Landay
    MobiSys (2007), pp. 57-70
    Conducting In Situ Evaluations for and With Ubiquitous Computing Technologies
    Beverly L. Harrison
    Ian E. Smith
    Mike Y. Chen
    Katherine Everitt
    Jon Froehlich
    James A. Landay
    Int. J. Hum. Comput. Interaction, vol. 22 (2007), pp. 103-118
    Development of a Privacy Addendum for Open Source Licenses: Value Sensitive Design in Industry
    Batya Friedman
    Ian E. Smith
    Peter H. Kahn Jr.
    Jaina Selawski
    Ubicomp (2006), pp. 194-211
    Mobility Detection Using Everyday GSM Traces
    Timothy Sohn
    Alex Varshavsky
    Anthony LaMarca
    Mike Y. Chen
    Tanzeem Choudhury
    Ian E. Smith
    Jeffrey Hightower
    William G. Griswold
    Eyal de Lara
    Ubicomp (2006), pp. 212-224
    Design requirements for technologies that encourage physical activity
    Katherine Everitt
    Ian E. Smith
    James A. Landay
    CHI (2006), pp. 457-466
    Place Lab: Device Positioning Using Radio Beacons in the Wild
    Anthony LaMarca
    Yatin Chawathe
    Jeffrey Hightower
    Ian E. Smith
    James Scott
    Timothy Sohn
    James Howard
    Jeff Hughes
    Fred Potter
    Jason Tabert
    Pauline Powledge
    Gaetano Borriello
    Pervasive (2005), pp. 116-133
    Self-Mapping in 802.11 Location Systems
    Anthony LaMarca
    Jeffrey Hightower
    Ian E. Smith
    Ubicomp (2005), pp. 87-104
    The Drop: pragmatic problems in the design of a compelling, pervasive game
    Ian E. Smith
    Anthony LaMarca
    Computers in Entertainment, vol. 3 (2005), pp. 4
    Location disclosure to social relations: why, when, & what people want to share
    Ian E. Smith
    Tara Matthews
    Anthony LaMarca
    Jason Tabert
    Pauline Powledge
    CHI (2005), pp. 81-90
    Learning and Recognizing the Places We Go
    Jeffrey Hightower
    Anthony LaMarca
    Ian E. Smith
    Jeff Hughes
    Ubicomp (2005), pp. 159-176
    Evaluating an ambient display for the home
    Jeffrey Towle
    CHI Extended Abstracts (2005), pp. 1304-1307
    Developing privacy guidelines for social location disclosure applications and services
    Giovanni Iachello
    Ian E. Smith
    Mike Y. Chen
    Gregory D. Abowd
    SOUPS (2005), pp. 65-76
    Control, Deception, and Communication: Evaluating the Deployment of a Location-Enhanced Messaging Service
    Giovanni Iachello
    Ian E. Smith
    Gregory D. Abowd
    Jeff Hughes
    James Howard
    Fred Potter
    James Scott
    Timothy Sohn
    Jeffrey Hightower
    Anthony LaMarca
    Ubicomp (2005), pp. 213-231
    Social Disclosure of Place: From Location Technology to Communication Practices
    Ian E. Smith
    Anthony LaMarca
    Jeffrey Hightower
    James Scott
    Timothy Sohn
    Jeff Hughes
    Giovanni Iachello
    Gregory D. Abowd
    Pervasive (2005), pp. 134-151
    Toward a Framework for Evaluating Ubiquitous Computing Applications
    Jean Scholtz
    IEEE Pervasive Computing, vol. 3 (2004), pp. 82-88
    The CareNet Display: Lessons Learned from an In Home Evaluation of an Ambient Display
    Peter Roessler
    Brett E. Shelton
    Ubicomp (2004), pp. 1-17
    Technology for Care Networks of Elders
    Peter Roessler
    Brett E. Shelton
    Anthony LaMarca
    Sara A. Bly
    IEEE Pervasive Computing, vol. 3 (2004), pp. 22-29
    Some Assembly Required: Supporting End-User Sensor Installation in Domestic Ubiquitous Computing Environments
    Chris Beckmann
    Anthony LaMarca
    Ubicomp (2004), pp. 107-124
    User Study Techniques in the Design and Evaluation of a Ubicomp Environment
    Larry Arnstein
    B. Robert Franza
    Ubicomp (2002), pp. 73-90