{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,10]],"date-time":"2026-03-10T14:55:50Z","timestamp":1773154550223,"version":"3.50.1"},"reference-count":28,"publisher":"Emerald","issue":"4","license":[{"start":{"date-parts":[[2021,6,22]],"date-time":"2021-06-22T00:00:00Z","timestamp":1624320000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.emerald.com\/insight\/site-policies"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["ICS"],"published-print":{"date-parts":[[2021,10,26]]},"abstract":"<jats:sec><jats:title content-type=\"abstract-subheading\">Purpose<\/jats:title><jats:p>The purpose of this paper is to propose practical and usable interactions that will allow more informed, risk-aware comparisons for individuals during app selections. The authors include an explicit argument for the role of human decision-making during app selection and close with a discussion of the strengths of a Bayesian approach to evaluating privacy and security interventions.<\/jats:p><\/jats:sec><jats:sec><jats:title content-type=\"abstract-subheading\">Design\/methodology\/approach<\/jats:title><jats:p>The authors focused on the risk communication in mobile marketplace\u2019s realm, examining how risk indicators can help people choose more secure and privacy-preserving apps. Combining canonical findings in risk perception with previous work in usable security, the authors designed indicators for each app to enable decisions that prioritize risk avoidance. Specifically, the authors performed a natural experiment with N = 60 participants, where they asked them to select applications on Android tablets with accurate real-time marketplace data.<\/jats:p><\/jats:sec><jats:sec><jats:title content-type=\"abstract-subheading\">Findings<\/jats:title><jats:p>In the aggregate, the authors found that app selections changed to be more risk-averse in the presence of a user-centered multi-level warning system using visual indicators that enabled a click-thru to the more detailed risk and permissions information.<\/jats:p><\/jats:sec><jats:sec><jats:title content-type=\"abstract-subheading\">Originality\/value<\/jats:title><jats:p>Privacy research in the laboratory is often in conflict with privacy decision-making in the marketplace, resulting in a privacy paradox. To better understand this, the authors implemented a research design based on clinical experimental approaches, testing the interaction in a noisy, confounded field environment.<\/jats:p><\/jats:sec>","DOI":"10.1108\/ics-11-2020-0182","type":"journal-article","created":{"date-parts":[[2021,6,21]],"date-time":"2021-06-21T07:39:51Z","timestamp":1624261191000},"page":"680-693","source":"Crossref","is-referenced-by-count":3,"title":["Bayesian evaluation of privacy-preserving risk communication for user android app preferences"],"prefix":"10.1108","volume":"29","author":[{"given":"Behnood","family":"Momenzadeh","sequence":"first","affiliation":[]},{"given":"Shakthidhar","family":"Gopavaram","sequence":"additional","affiliation":[]},{"given":"Sanchari","family":"Das","sequence":"additional","affiliation":[]},{"given":"L. Jean","family":"Camp","sequence":"additional","affiliation":[]}],"member":"140","published-online":{"date-parts":[[2021,6,22]]},"reference":[{"key":"key2021102306413385700_ref001","doi-asserted-by":"crossref","first-page":"97","DOI":"10.1145\/2462456.2464460","article-title":"ProtectMyPrivacy: detecting and mitigating privacy leaks on iOS devices using crowdsourcing","volume-title":"Proceeding of the 11th Annual International Conference on Mobile Systems, Applications, and Services","year":"2013"},{"key":"key2021102306413385700_ref002","article-title":"On the viability of privacy-enhancing technologies in a self-regulated business-to-consumer market: will privacy remain a luxury good?","volume-title":"6th Workshop on the Economics of Information Security (WEIS)","year":"2007"},{"issue":"3","key":"key2021102306413385700_ref003","doi-asserted-by":"crossref","first-page":"340","DOI":"10.1177\/1948550612455931","article-title":"Misplaced confidences privacy and the control paradox","volume":"4","year":"2013","journal-title":"Social Psychological and Personality Science"},{"key":"key2021102306413385700_ref004","first-page":"1","article-title":"Co-designing for community oversight: helping people make privacy and security decisions together","volume":"3","year":"2019","journal-title":"Proceedings of the ACM on Human-Computer Interaction"},{"key":"key2021102306413385700_ref005","unstructured":"Das, S. (2020), \u201cA risk-reduction-based incentivization model for human-centered multi-factor authentication\u201d, PhD thesis, Indiana University."},{"key":"key2021102306413385700_ref006","article-title":"User-centered risk communication for safer browsing","year":"2020"},{"key":"key2021102306413385700_ref007","article-title":"Change-point analysis of cyberbullying-related twitter discussions during covid-19","volume-title":"arXiv preprint arXiv:2008.13613","year":"2020"},{"key":"key2021102306413385700_ref008","first-page":"3:1","article-title":"Android permissions: user attention, comprehension, and behavior","volume-title":"8th Symposium on Usable Privacy and Security (SOUPS)","year":"2012"},{"issue":"2","key":"key2021102306413385700_ref009","first-page":"209","article-title":"A bayesian analysis of some nonparametric problems","volume":"1","year":"1973","journal-title":"The Annals of Statistics"},{"key":"key2021102306413385700_ref010","first-page":"3278","article-title":"End user perception of online risk under uncertainty","volume-title":"45th HI International Conference on System Science (HICSS)","year":"2012"},{"key":"key2021102306413385700_ref011","volume-title":"IoTMarketplace: Informing Purchase Decisions with Risk Communication","year":"2019"},{"key":"key2021102306413385700_ref012","doi-asserted-by":"crossref","first-page":"139","DOI":"10.1016\/S0166-4115(08)62386-9","article-title":"Development of NASA-TLX (task load index): results of empirical and theoretical research","volume":"52","year":"1988","journal-title":"Advances in Psychology"},{"issue":"1","key":"key2021102306413385700_ref013","doi-asserted-by":"crossref","first-page":"5","DOI":"10.1023\/A:1015044207315","article-title":"Defaults, framing and privacy: why opting in-opting out","volume":"13","year":"2002","journal-title":"Marketing Letters"},{"key":"key2021102306413385700_ref014","article-title":"Evaluating the impact of covid-19 on cyberbullying through bayesian trend analysis","year":"2020"},{"key":"key2021102306413385700_ref015","first-page":"68","article-title":"A conundrum of permissions: installing applications on an android smartphone","volume-title":"16th International Conference on Financial Cryptography and Data Security","year":"2012"},{"key":"key2021102306413385700_ref016","first-page":"253","article-title":"Internet opt-in and opt-out: investigating the roles of frames, defaults and privacy concerns","volume-title":"14th ACM SIGMIS CPR Conference on Computer Personnel Research: Forty Four Years of Computer Personnel Research: Achievements, Challenges and the Future","year":"2006"},{"key":"key2021102306413385700_ref017","first-page":"501","article-title":"Expectation and purpose: understanding users\u2019 mental models of mobile app privacy through crowdsourcing","volume-title":"14th ACM Conference on Ubiquitous Computing","year":"2012"},{"key":"key2021102306413385700_ref018","first-page":"199","article-title":"Modeling users\u2019 mobile app privacy preferences: restoring usability in a sea of permission settings","volume-title":"10th Symposium on Usable Privacy and Security (SOUPS)","year":"2014"},{"key":"key2021102306413385700_ref019","first-page":"211","article-title":"Bayesian evaluation of user app choices in the presence of risk communication on android devices","volume-title":"International Symposium on Human Aspects of Information Security and Assurance","year":"2020"},{"key":"key2021102306413385700_ref020","doi-asserted-by":"crossref","first-page":"259","DOI":"10.1007\/978-94-007-7540-4_13","article-title":"\u2018All my mates have got it, so it must be okay\u2019: constructing a richer understanding of privacy concerns \u2013 an exploratory focus group study","volume-title":"Reloading Data Protection","year":"2014"},{"key":"key2021102306413385700_ref021","doi-asserted-by":"crossref","first-page":"47","DOI":"10.1016\/j.cose.2012.11.004","article-title":"Delegate the smartphone user? Security awareness in smartphone platforms","volume":"34","year":"2013","journal-title":"Computers and Security"},{"key":"key2021102306413385700_ref022","first-page":"1058","article-title":"Smarper: context-aware and automatic runtime-permissions for mobile devices","volume-title":"38th IEEE Symposium on Security and Privacy (SP)","year":"2017"},{"key":"key2021102306413385700_ref023","article-title":"Influence of privacy attitude and privacy cue framing on android app choices","volume-title":"12th Symposium on Usable Privacy and Security (SOUPS)","year":"2016"},{"issue":"15","key":"key2021102306413385700_ref024","first-page":"262","article-title":"Types of study in medical research: part 3 of a series on evaluation of scientific publications","volume":"106","year":"2009","journal-title":"Deutsches Arzteblatt International"},{"issue":"2","key":"key2021102306413385700_ref025","first-page":"2","article-title":"Silent listeners: the evolution of privacy and disclosure on Facebook","volume":"4","year":"2013","journal-title":"Journal of Privacy and Confidentiality"},{"key":"key2021102306413385700_ref026","first-page":"1077","article-title":"The feasibility of dynamically granted permissions: aligning mobile privacy with user preferences","volume-title":"38th IEEE Symposium on Security and Privacy (SP)","year":"2017"},{"key":"key2021102306413385700_ref027","volume-title":"Warnings and Risk Communication","year":"1999"},{"key":"key2021102306413385700_ref028","first-page":"21","article-title":"Short paper: Enhancing users\u2019 comprehension of android permissions","volume-title":"2nd ACM Workshop on Security and Privacy in Smartphones and Mobile Devices","year":"2012"}],"container-title":["Information &amp; Computer Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/ICS-11-2020-0182\/full\/xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/ICS-11-2020-0182\/full\/html","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,25]],"date-time":"2025-07-25T01:23:20Z","timestamp":1753406600000},"score":1,"resource":{"primary":{"URL":"http:\/\/www.emerald.com\/ics\/article\/29\/4\/680-693\/105412"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,6,22]]},"references-count":28,"journal-issue":{"issue":"4","published-online":{"date-parts":[[2021,6,22]]},"published-print":{"date-parts":[[2021,10,26]]}},"alternative-id":["10.1108\/ICS-11-2020-0182"],"URL":"https:\/\/doi.org\/10.1108\/ics-11-2020-0182","relation":{},"ISSN":["2056-4961","2056-4961"],"issn-type":[{"value":"2056-4961","type":"print"},{"value":"2056-4961","type":"print"}],"subject":[],"published":{"date-parts":[[2021,6,22]]}}}