{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,13]],"date-time":"2026-04-13T22:53:55Z","timestamp":1776120835044,"version":"3.50.1"},"publisher-location":"Cham","reference-count":52,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783319085050","type":"print"},{"value":"9783319085067","type":"electronic"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2014]]},"DOI":"10.1007\/978-3-319-08506-7_13","type":"book-chapter","created":{"date-parts":[[2014,6,20]],"date-time":"2014-06-20T01:39:22Z","timestamp":1403228362000},"page":"244-262","source":"Crossref","is-referenced-by-count":62,"title":["Why Doesn\u2019t Jane Protect Her Privacy?"],"prefix":"10.1007","author":[{"given":"Karen","family":"Renaud","sequence":"first","affiliation":[]},{"given":"Melanie","family":"Volkamer","sequence":"additional","affiliation":[]},{"given":"Arne","family":"Renkema-Padmos","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"13_CR1","doi-asserted-by":"crossref","unstructured":"Acquisti, A.: Privacy in electronic commerce and the economics of immediate gratification. In: Proceedings of the 5th ACM Conference on Electronic Commerce EC 2004, pp. 21\u201329. ACM, New York (2004)","DOI":"10.1145\/988772.988777"},{"key":"13_CR2","first-page":"24","volume":"2","author":"A. Acquisti","year":"2005","unstructured":"Acquisti, A., Grossklags, J.: Privacy and rationality in individual decision making. IEEE Security & Privacy\u00a02, 24\u201330 (2005)","journal-title":"IEEE Security & Privacy"},{"issue":"5799","key":"13_CR3","doi-asserted-by":"publisher","first-page":"610","DOI":"10.1126\/science.1130992","volume":"314","author":"R. Anderson","year":"2006","unstructured":"Anderson, R., Moore, T.: The economics of information security. Science\u00a0314(5799), 610\u2013613 (2006)","journal-title":"Science"},{"key":"13_CR4","doi-asserted-by":"crossref","unstructured":"Atkins, D., Stallings, W., Zimmermann, P.: PGP Message Exchange Formats. RFC 1991 (Informational), obsoleted by RFC 4880 (August 1996), \n \n http:\/\/www.ietf.org\/rfc\/rfc1991.txt","DOI":"10.17487\/rfc1991"},{"key":"13_CR5","unstructured":"Bhattacherjee, A.: Social science research: principles, methods, and practices (2012)"},{"issue":"2","key":"13_CR6","doi-asserted-by":"publisher","first-page":"18","DOI":"10.1109\/MSP.2010.198","volume":"9","author":"C. Bravo-Lillo","year":"2011","unstructured":"Bravo-Lillo, C., Cranor, L.F., Downs, J.S., Komanduri, S.: Bridging the gap in computer security warnings: A mental model approach. Security & Privacy\u00a09(2), 18\u201326 (2011)","journal-title":"Security & Privacy"},{"key":"13_CR7","unstructured":"Bright, P., Goodin, D.: Encrypted e-mail: How much annoyance will you tolerate to keep the NSA away?, aRS Technica (June 2013), \n \n http:\/\/arstechnica.com\/security\/2013\/06\/encrypted-e-mail-how-much-annoyance-will-you-tolerate-to-keep-the-nsa-away\/"},{"key":"13_CR8","unstructured":"Burghardt, T., Buchmann, E., B\u00f6hm, K.: Why do privacy-enhancement mechanisms fail, after all? a survey of both, the user and the provider perspective. In: Workshop W2Trust, in Conjunction with IFIPTM, vol.\u00a08 (2008)"},{"key":"13_CR9","doi-asserted-by":"crossref","unstructured":"Callas, J., Donnerhacke, L., Finney, H., Shaw, D., Thayer, R.: OpenPGP Message Format. RFC 4880 (Proposed Standard), updated by RFC 5581 (November 2007), \n \n http:\/\/www.ietf.org\/rfc\/rfc4880.txt","DOI":"10.17487\/rfc4880"},{"key":"13_CR10","doi-asserted-by":"crossref","unstructured":"Callas, J., Donnerhacke, L., Finney, H., Thayer, R.: OpenPGP Message Format. RFC 2440 (Proposed Standard), obsoleted by RFC 4880 (November 1998), \n \n http:\/\/www.ietf.org\/rfc\/rfc2440.txt","DOI":"10.17487\/rfc2440"},{"key":"13_CR11","unstructured":"Clark, S., Goodspeed, T., Metzger, P., Wasserman, Z., Xu, K., Blaze, M.: Why (special agent) Johnny (still) can\u2019t encrypt: a security analysis of the APCO project 25 two-way radio system. In: Proceedings of the 20th USENIX Conference on Security, p. 4. USENIX Association (2011)"},{"key":"13_CR12","first-page":"112","volume-title":"Proceedings of the 3rd Symposium on Usable Privacy and Security, SOUPS 2007","author":"G. Conti","year":"2007","unstructured":"Conti, G., Sobiesk, E.: An honest man has nothing to fear: User perceptions on web-based information disclosure. In: Proceedings of the 3rd Symposium on Usable Privacy and Security, SOUPS 2007, pp. 112\u2013121. ACM, New York (2007), \n \n http:\/\/doi.acm.org\/10.1145\/1280680.1280695"},{"key":"13_CR13","doi-asserted-by":"crossref","unstructured":"Crocker, S., Freed, N., Galvin, J., Murphy, S.: MIME Object Security Services. RFC 1848 (Historic) (October 1995), \n \n http:\/\/www.ietf.org\/rfc\/rfc1848.txt","DOI":"10.17487\/rfc1848"},{"key":"13_CR14","unstructured":"Davis, D.: Defective sign & encrypt in S\/MIME, PKCS# 7, MOSS, PEM, PGP, and XML. In: USENIX Annual Technical Conference, General Track, pp. 65\u201378 (2001)"},{"key":"13_CR15","unstructured":"Diesner, J., Kumaraguru, P., Carley, K.M.: Mental models of data privacy and security extracted from interviews with Indians. In: 55th Annual Conference of the International Communication Association (ICA), New York, May 26-30 (2005)"},{"key":"13_CR16","unstructured":"Dingledine, R., Mathewson, N.: Anonymity Loves Company: Usability and the Network Effect. In: The Fifth Workshop on the Economics of Information Security (WEIS 2006), June 26-28 (2006)"},{"key":"13_CR17","doi-asserted-by":"crossref","unstructured":"Fahl, S., Harbach, M., Muders, T., Smith, M., Sander, U.: Helping Johnny 2.0 to Encrypt His Facebook Conversations. In: Proceedings of the Eighth Symposium on Usable Privacy and Security, SOUPS 2012, pp. 11:1\u201311:17 (2012)","DOI":"10.1145\/2335356.2335371"},{"key":"13_CR18","doi-asserted-by":"crossref","unstructured":"Friedman, B., Hurley, D., Howe, D.C., Felten, E., Nissenbaum, H.: Users\u2019 conceptions of web security: A comparative study. In: CHI 2002 Extended Abstracts on Human Factors in Computing Systems, pp. 746\u2013747. ACM (2002)","DOI":"10.1145\/506443.506577"},{"issue":"2","key":"13_CR19","doi-asserted-by":"publisher","first-page":"40","DOI":"10.1109\/MSP.2011.180","volume":"10","author":"S.M. Furman","year":"2012","unstructured":"Furman, S.M., Theofanos, M.F., Choong, Y.Y., Stanton, B.: Basing cybersecurity training on user perceptions. IEEE Security & Privacy\u00a010(2), 40\u201349 (2012)","journal-title":"IEEE Security & Privacy"},{"issue":"4","key":"13_CR20","doi-asserted-by":"publisher","first-page":"274","DOI":"10.1016\/j.cose.2005.04.003","volume":"24","author":"S. Furnell","year":"2005","unstructured":"Furnell, S.: Why users cannot use security. Computers & Security\u00a024(4), 274\u2013279 (2005)","journal-title":"Computers & Security"},{"key":"13_CR21","doi-asserted-by":"crossref","unstructured":"Garfinkel, S.L., Miller, R.C.: Johnny 2: A user test of key continuity management with s\/mime and outlook express. In: Proceedings of the 2005 Symposium on Usable Privacy and Security, pp. 13\u201324. ACM (2005)","DOI":"10.1145\/1073001.1073003"},{"key":"13_CR22","doi-asserted-by":"crossref","unstructured":"Gaw, S., Felten, E.W., Fernandez-Kelly, P.: Secrecy, flagging, and paranoia: adoption criteria in encrypted email. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, pp. 591\u2013600. ACM (2006)","DOI":"10.1145\/1124772.1124862"},{"key":"13_CR23","unstructured":"Greenwald, G., MacAskill, E., Poitras, L.: Edward Snowden: the whistleblower behind the NSA surveillance revelations. The Guardian 9 (2013)"},{"key":"13_CR24","doi-asserted-by":"crossref","unstructured":"Gross, J.B., Rosson, M.B.: Looking for trouble: understanding end-user security management. In: Proceedings of the 2007 Symposium on Computer Human Interaction for the Management of information Technology, p. 10. ACM (2007)","DOI":"10.1145\/1234772.1234786"},{"key":"13_CR25","doi-asserted-by":"crossref","unstructured":"Hoffman, P.: SMTP Service Extension for Secure SMTP over Transport Layer Security. RFC 3207 (Proposed Standard) (February 2002), \n \n http:\/\/www.ietf.org\/rfc\/rfc3207.txt","DOI":"10.17487\/rfc3207"},{"key":"13_CR26","doi-asserted-by":"crossref","unstructured":"Kaliski, B.: PKCS #7: Cryptographic Message Syntax Version 1.5. RFC 2315 (Informational) (March 1998), \n \n http:\/\/www.ietf.org\/rfc\/rfc2315.txt","DOI":"10.17487\/rfc2315"},{"key":"13_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"112","DOI":"10.1007\/978-3-642-11376-5_11","volume-title":"Teaching Fundamentals Concepts of Informatics","author":"L. Keller","year":"2010","unstructured":"Keller, L., Komm, D., Serafini, G., Sprock, A., Steffen, B.: Teaching public-key\u00a0cryptography in school. In: Hromkovi\u010d, J., Kr\u00e1lovi\u010d, R., Vahrenhold, J. (eds.) ISSEP 2010. LNCS, vol.\u00a05941, pp. 112\u2013123. Springer, Heidelberg (2010)"},{"issue":"11","key":"13_CR28","doi-asserted-by":"publisher","first-page":"25","DOI":"10.1145\/1592761.1592773","volume":"52","author":"B. Lampson","year":"2009","unstructured":"Lampson, B.: Privacy and security: Usable security: How to get it. Commun. ACM\u00a052(11), 25\u201327 (2009)","journal-title":"Commun. ACM"},{"key":"13_CR29","doi-asserted-by":"publisher","first-page":"501","DOI":"10.1145\/2370216.2370290","volume-title":"Proceedings of the 2012 ACM Conference on Ubiquitous Computing, UbiComp 2012","author":"J. Lin","year":"2012","unstructured":"Lin, J., Amini, S., Hong, J.I., Sadeh, N., Lindqvist, J., Zhang, J.: Expectation and purpose: understanding users\u2019 mental models of mobile app privacy through crowdsourcing. In: Proceedings of the 2012 ACM Conference on Ubiquitous Computing, UbiComp 2012, pp. 501\u2013510. ACM, New York (2012)"},{"key":"13_CR30","doi-asserted-by":"crossref","unstructured":"Linn, J.: Privacy enhancement for Internet electronic mail: Part I: Message encipherment and authentication procedures. RFC 989, obsoleted by RFCs 1040, 1113 (February 1987), \n \n http:\/\/www.ietf.org\/rfc\/rfc989.txt","DOI":"10.17487\/rfc0989"},{"key":"13_CR31","doi-asserted-by":"crossref","unstructured":"Linn, J.: Privacy enhancement for Internet electronic mail: Part I: Message encipherment and authentication procedures. RFC 1040, obsoleted by RFC 1113 (1988), \n \n http:\/\/www.ietf.org\/rfc\/rfc1040.txt","DOI":"10.17487\/rfc1040"},{"key":"13_CR32","doi-asserted-by":"crossref","unstructured":"Linn, J.: Privacy enhancement for Internet electronic mail: Part I - message encipherment and authentication procedures. RFC 1113 (Historic), obsoleted by RFC 1421 (August 1989), \n \n http:\/\/www.ietf.org\/rfc\/rfc1113.txt","DOI":"10.17487\/rfc1113"},{"key":"13_CR33","doi-asserted-by":"crossref","unstructured":"Linn, J.: Privacy Enhancement for Internet Electronic Mail: Part I: Message Encryption and Authentication Procedures. RFC 1421 (Historic) (February 1993), \n \n http:\/\/www.ietf.org\/rfc\/rfc1421.txt","DOI":"10.17487\/rfc1421"},{"issue":"1","key":"13_CR34","doi-asserted-by":"publisher","first-page":"41","DOI":"10.1108\/09685221311314419","volume":"21","author":"C.T. Moecke","year":"2013","unstructured":"Moecke, C.T., Volkamer, M.: Usable secure email communications: criteria and evaluation of existing approaches. Information Management & Computer Security\u00a021(1), 41\u201352 (2013)","journal-title":"Information Management & Computer Security"},{"key":"13_CR35","doi-asserted-by":"crossref","unstructured":"Muslukhov, I., Boshmaf, Y., Kuo, C., Lester, J., Beznosov, K.: Understanding users\u2019 requirements for data protection in smartphones. In: 2012 IEEE 28th International Conference on Data Engineering Workshops (ICDEW), pp. 228\u2013235. IEEE (2012)","DOI":"10.1109\/ICDEW.2012.83"},{"key":"13_CR36","doi-asserted-by":"crossref","unstructured":"Newman, C.: Using TLS with IMAP, POP3 and ACAP. RFC 2595 (Proposed Standard), updated by RFC 4616 (June 1999), \n \n http:\/\/www.ietf.org\/rfc\/rfc2595.txt","DOI":"10.17487\/rfc2595"},{"issue":"5","key":"13_CR37","doi-asserted-by":"publisher","first-page":"533","DOI":"10.1002\/bdm.565","volume":"20","author":"L.F. Nordgren","year":"2007","unstructured":"Nordgren, L.F., Van Der Pligt, J., Van Harreveld, F.: Unpacking perceived control in risk perception: The mediating role of anticipated regret. Journal of Behavioral Decision Making\u00a020(5), 533\u2013544 (2007)","journal-title":"Journal of Behavioral Decision Making"},{"key":"13_CR38","first-page":"1585","volume-title":"CHI 2011 Extended Abstracts on Human Factors in Computing Systems, CHI EA 2011","author":"F. Raja","year":"2011","unstructured":"Raja, F., Hawkey, K., Hsu, S., Wang, K., Beznosov, K.: Promoting a physical security mental model for personal firewall warnings. In: CHI 2011 Extended Abstracts on Human Factors in Computing Systems, CHI EA 2011, pp. 1585\u20131590. ACM, New York (2011)"},{"key":"13_CR39","doi-asserted-by":"crossref","unstructured":"Ramsdell, B.: S\/MIME Version 3 Message Specification. RFC 2633 (Proposed Standard), obsoleted by RFC 3851 (June 1999), \n \n http:\/\/www.ietf.org\/rfc\/rfc2633.txt","DOI":"10.17487\/rfc2633"},{"key":"13_CR40","doi-asserted-by":"crossref","unstructured":"Ramsdell, B.: Secure\/Multipurpose Internet Mail Extensions (S\/MIME) Version 3.1 Message Specification. RFC 3851 (Proposed Standard), obsoleted by RFC 5751 (July 2004), \n \n http:\/\/www.ietf.org\/rfc\/rfc3851.txt","DOI":"10.17487\/rfc3851"},{"key":"13_CR41","doi-asserted-by":"crossref","unstructured":"Ramsdell, B., Turner, S.: Secure\/Multipurpose Internet Mail Extensions (S\/MIME) Version 3.2 Message Specification. RFC 5751 (Proposed Standard) (January 2010), \n \n http:\/\/www.ietf.org\/rfc\/rfc5751.txt","DOI":"10.17487\/rfc5751"},{"key":"13_CR42","unstructured":"Rhee, H.S., Ryu, Y.U., Kim, C.T.: I am fine but you are not: Optimistic bias and illusion of control on information security. In: Avison, D.E., Galletta, D.F. (eds.) ICIS. Association for Information Systems (2005), \n \n http:\/\/dblp.uni-trier.de\/db\/conf\/icis\/icis2005.html#RheeRK05"},{"key":"13_CR43","doi-asserted-by":"crossref","unstructured":"Ruoti, S., Kim, N., Burgon, B., van der Horst, T., Seamons, K.: Confused Johnny: When Automatic Encryption Leads to Confusion and Mistakes. In: Proceedings of the Ninth Symposium on Usable Privacy and Security, SOUPS 2013, pp. 5:1\u20135:12. ACM, New York (2013)","DOI":"10.1145\/2501604.2501609"},{"key":"13_CR44","unstructured":"Sheng, S., Broderick, L., Koranda, C.A., Hyland, J.J.: Why Johnny still can\u2019t encrypt: Evaluating the usability of email encryption software. In: Symposium On Usable Privacy and Security (2006)"},{"key":"13_CR45","first-page":"745","volume":"44","author":"D.J. Solove","year":"2007","unstructured":"Solove, D.J.: I\u2019ve got nothing to hide and other misunderstandings of privacy. San Diego L. Rev.\u00a044, 745 (2007)","journal-title":"San Diego L. Rev."},{"issue":"1","key":"13_CR46","doi-asserted-by":"publisher","first-page":"4","DOI":"10.1109\/MAHC.2012.6","volume":"34","author":"T. Vleck Van","year":"2012","unstructured":"Van Vleck, T.: Electronic mail and text messaging in CTSS, 1965-1973. IEEE Annals of the History of Computing\u00a034(1), 4\u20136 (2012)","journal-title":"IEEE Annals of the History of Computing"},{"key":"13_CR47","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"255","DOI":"10.1007\/978-3-642-42001-6_18","volume-title":"Number Theory and Cryptography","author":"M. Volkamer","year":"2013","unstructured":"Volkamer, M., Renaud, K.: Mental models \u2013 general introduction and review of their application to human-centred security. In: Fischlin, M., Katzenbeisser, S. (eds.) Buchmann Festschrift. LNCS, vol.\u00a08260, pp. 255\u2013280. Springer, Heidelberg (2013)"},{"key":"13_CR48","doi-asserted-by":"crossref","unstructured":"Wash, R.: Folk Models of Home Computer Security. In: Proceedings of the Sixth Symposium on Usable Privacy and Security, SOUPS 2010, pp. 11:1\u201311:16. ACM, New York (2010)","DOI":"10.1145\/1837110.1837125"},{"key":"13_CR49","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-642-27585-2_1","volume-title":"Open Problems in Network Security","author":"E. W\u00e4stlund","year":"2012","unstructured":"W\u00e4stlund, E., Angulo, J., Fischer-H\u00fcbner, S.: Evoking comprehensive mental models of anonymous credentials. In: Camenisch, J., Kesdogan, D. (eds.) iNetSec 2011. LNCS, vol.\u00a07039, pp. 1\u201314. Springer, Heidelberg (2012)"},{"key":"13_CR50","unstructured":"Whitten, A., Tygar, J.D.: Why Johnny cant encrypt: A usability evaluation of PGP 5.0. In: Proceedings of the 8th USENIX Security Symposium, vol.\u00a099, McGraw-Hill (1999)"},{"issue":"2","key":"13_CR51","doi-asserted-by":"publisher","first-page":"209","DOI":"10.1177\/S0038038500000146","volume":"34","author":"M. Williams","year":"2000","unstructured":"Williams, M.: Interpretivism and generalisation. Sociology\u00a034(2), 209\u2013224 (2000)","journal-title":"Sociology"},{"key":"13_CR52","unstructured":"Woo, W.K.: How to Exchange Email Securely with Johnny who Still Can\u2019t Encrypt. Master\u2019s thesis, University of British Columbia (2006)"}],"container-title":["Lecture Notes in Computer Science","Privacy Enhancing Technologies"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-08506-7_13","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,27]],"date-time":"2019-05-27T03:57:51Z","timestamp":1558929471000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-08506-7_13"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2014]]},"ISBN":["9783319085050","9783319085067"],"references-count":52,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-08506-7_13","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2014]]}}}