Leona Lassak (Ruhr University Bochum), Hanna Püschel (TU Dortmund University), Oliver D. Reithmaier (Leibniz University Hannover), Tobias Gostomzyk (TU Dortmund University), Markus Dürmuth (Leibniz University Hannover)

In times of big data, connected devices, and increasing self-measurement, protecting consumer privacy remains a challenge despite ongoing technological and legislative efforts. Data trustees present a promising solution, aiming to balance data utilization with privacy concerns by facilitating secure data sharing and ensuring individual control. However, successful implementation hinges on user acceptance and trust.

We conducted a large-scale, vignette-based, census-representative online study examining factors influencing the acceptance of data trustees for medical, automotive, IoT, and online data. With n=714 participants from Germany and n=1036 from the US, our study reveals varied willingness to use data trustees across both countries, with notable skepticism and outright rejection from a significant portion of users.

We also identified significant domain-specific differences, including the influence of user anonymity, perceived personal and societal benefits, and the recipients of the data.

Contrary to common beliefs, organizational and regulatory decisions such as the storage location, the operator, and supervision appeared less relevant to users' decisions.

In conclusion, while there exists a potential user base for data trustees, achieving widespread acceptance will require explicit and targeted implementation strategies tailored to address diverse user expectations. Our findings underscore the importance of understanding these nuances for effectively deploying data trustee frameworks that meet both regulatory requirements and user preferences while upholding highest security and privacy standards.

View More Papers

Can a Cybersecurity Question Answering Assistant Help Change User...

Lea Duesterwald (Carnegie Mellon University), Ian Yang (Carnegie Mellon University), Norman Sadeh (Carnegie Mellon University)

Read More

Towards Establishing a Systematic Security Framework for Next Generation...

Tolga O. Atalay (A2 Labs LLC), Tianyuan Yu (UCLA), Lixia Zhang (UCLA), Angelos Stavrou (A2 Labs LLC)

Read More

Onion Franking: Abuse Reports for Mix-Based Private Messaging

Matthew Gregoire (University of North Carolina at Chapel Hill), Margaret Pierce (University of North Carolina at Chapel Hill), Saba Eskandarian (University of North Carolina at Chapel Hill)

Read More

What Makes Phishing Simulation Campaigns (Un)Acceptable? A Vignette Experiment

Jasmin Schwab (German Aerospace Center (DLR)), Alexander Nussbaum (University of the Bundeswehr Munich), Anastasia Sergeeva (University of Luxembourg), Florian Alt (University of the Bundeswehr Munich and Ludwig Maximilian University of Munich), and Verena Distler (Aalto University)

Read More