Episode 15: How to Make Users Ignore Privacy Warnings


Let’s pretend I’m an evil version of Google that cares nothing about privacy (is this an allegory about the real Alphabet… you be the judge). Anti-Google. And my slogan is “Always Be Evil”.

What I want to do is get customers to disclose all of their private information to me. I want to have access to all of their social media accounts, emails, basically I want them to tell me, or disclose, all sorts of information.

But I also have to do so legally, and there are (pesky) laws that require me to get consent; laws that require the user to authorize me to use their information. So, what can I do? I can use behavioral science!

One behavioral science trick is to limit the number of disclosure events. You’ll get more compliance if you only ask the user once. Multiple decision points are more opportunities for the user to restrict their data.

I want to focus on another strategy using a paper on this exact topic. In “Slights of privacy”, by Adjerid, Acquisti, Brandimarte, and Loewenstein, they try to figure out the effect of privacy notices.

In the first experiment they manipulated changes in privacy notices by increasing or decreasing protections. The idea is that you can change behavior by changing the notices.

People were asked to give up (disclose) various information about themselves.

In the low protection condition people were informed that their responses would be actively linked to their university email accounts. This is more “big brothery” because personal information could be more easily gathered.

In the high protection condition people were told the accounts would not be actively linked to their university email addresses. Not being linked to an email address gives the user more privacy by protecting from the aggregation of personal data.

What they found was a 10% increase in the propensity to disclose other information when participants were given increasing (high) protections. And I quote from the paper:

“Similarly for decreasing protections conditions, we found that participants were, on average, 14% less likely to disclose, with some questions having as high as a 40% reduction in the propensity to disclose.”

This is not a surprising result. People are more likely to speak up if they feel a certain level of anonymity. If you’re trying to get specific information out of someone, make really strong protections to not use or attach that info to other information you don’t care about. That’s a great takeaway. Further, people care about privacy, and people don’t want to disclose all of their personal information.

That’s why, in Experiment 2, the researchers tried to get people to disclose lots of personal information.

Today the game is often that companies are trying to get people to disclose personal information, and people try to resist doing so.

Participants were told they were participating in a research study to create an online social network and were asked to create a profile in a college setting. They would have to disclose lots of personal information about themselves (exactly what Anti-Google would want). All the juicy details.

In the control case, people were taken (online) straight to the disclosure decisions after reading the privacy notice in a regular way.

In the other conditions, people were played with. Instead of going straight to the disclosure decisions, they were presented with one of four different mis-directions after the privacy notice before filling out the same profile fields.

For example, the first misdirection was a simple 15 second delay between the privacy notice and the disclosures (author note – 15 seconds is forever when browsing the internet).

What were the results? In the control, the disclosure rate was significantly less when presented with a riskier privacy notice (disclosure rate of about 0.5 for more risky vs. 0.7 for less risky). This was the same result that occurred in Experiment 1.

However, that difference almost completely went away with a slight misdirection, I quote from the study:

“In our second experiment, we found that the downward impact of riskier privacy notices on disclosure can be muted or significantly reduced by a slight misdirection which does not alter the objective risk of disclosure.”

With a little bit of misdirection, the entire effect of people wanting to disclose less disappears! People didn’t care. For the vast majority, privacy disclosures are simply not that important if they have to spend the inconvenience of kicking up into System 2 mode to actually think and follow through on a decision.

After waiting 15 seconds, they got bored, and just went ahead and filled out the stupid profile to be done with it. The ideas about “oh privacy and what does this mean for my future”… it’s too hard to make a calculated decision on, and it certainly doesn’t affect people in the present, so they don’t make the calculation and they just do what the form asks.

The author’s hunch is that this strategy works well in all sorts of situations. When people complain, or are worried about taking an action that affects them in the far future, all that is needed for most of them to put down the pitchfork and become docile sheep is a simple 15 second misdirection. It is so unconformable to stay in System 2 thinking mode for 15 seconds, that the majority of people would rather not care and face the consequences to jump back into System 1, than to sit in System 2 and continue to care strongly.

The other misdirections all worked just as well, like having them make some other decision that was perhaps important but not related to their disclosure risk at all. Think of waiving a dog toy in front of a puppy to distract it from whatever and you get the idea.

Evil Anti-Googles of the world rejoice! It’s easy to get people to waive their principles. All it takes is a little bit of behavioral science and you’ll be on your way.

 

Adjerid, I., Acquisti, A., Brandimarte, L., & Loewenstein, G. (2013). Sleights of privacy. Proceedings of the Ninth Symposium on Usable Privacy and Security – SOUPS ’13. doi:10.1145/2501604.2501613