{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,27]],"date-time":"2026-03-27T18:09:32Z","timestamp":1774634972745,"version":"3.50.1"},"reference-count":100,"publisher":"Privacy Enhancing Technologies Symposium Advisory Board","issue":"3","license":[{"start":{"date-parts":[[2021,4,27]],"date-time":"2021-04-27T00:00:00Z","timestamp":1619481600000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/creativecommons.org\/licenses\/by-nc-nd\/3.0"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2021,7,1]]},"abstract":"<jats:title>Abstract<\/jats:title>\n               <jats:p>Privacy and security tools can help users protect themselves online. Unfortunately, people are often unaware of such tools, and have potentially harmful misconceptions about the protections provided by the tools they know about. Effectively encouraging the adoption of privacy tools requires insights into people\u2019s tool awareness and understanding. Towards that end, we conducted a demographically-stratified survey of 500 US participants to measure their use of and perceptions about five web browsing-related tools: private browsing, VPNs, Tor Browser, ad blockers, and antivirus software. We asked about participants\u2019 perceptions of the protections provided by these tools across twelve realistic scenarios. Our thematic analysis of participants\u2019 responses revealed diverse forms of misconceptions. Some types of misconceptions were common across tools and scenarios, while others were associated with particular combinations of tools and scenarios. For example, some participants suggested that the privacy protections offered by private browsing, VPNs, and Tor Browser would also protect them from security threats \u2013 a misconception that might expose them to preventable risks. We anticipate that our findings will help researchers, tool designers, and privacy advocates educate the public about privacy- and security-enhancing technologies.<\/jats:p>","DOI":"10.2478\/popets-2021-0049","type":"journal-article","created":{"date-parts":[[2021,4,29]],"date-time":"2021-04-29T01:10:53Z","timestamp":1619658653000},"page":"308-333","source":"Crossref","is-referenced-by-count":34,"title":["Awareness, Adoption, and Misconceptions of Web Privacy Tools"],"prefix":"10.56553","volume":"2021","author":[{"given":"Peter","family":"Story","sequence":"first","affiliation":[{"name":"School of Computer Science , Carnegie Mellon University"}]},{"given":"Daniel","family":"Smullen","sequence":"additional","affiliation":[{"name":"School of Computer Science , Carnegie Mellon University"}]},{"given":"Yaxing","family":"Yao","sequence":"additional","affiliation":[{"name":"Department of Information Systems , University of Maryland, Baltimore County. Previously a postdoctoral associate at Carnegie Mellon University\u2019s School of Computer Science ."}]},{"given":"Alessandro","family":"Acquisti","sequence":"additional","affiliation":[{"name":"Heinz College of Information Systems and Public Policy , Carnegie Mellon University"}]},{"given":"Lorrie Faith","family":"Cranor","sequence":"additional","affiliation":[{"name":"School of Computer Science , Carnegie Mellon University"}]},{"given":"Norman","family":"Sadeh","sequence":"additional","affiliation":[{"name":"School of Computer Science , Carnegie Mellon University"}]},{"given":"Florian","family":"Schaub","sequence":"additional","affiliation":[{"name":"School of Information , University of Michigan"}]}],"member":"35752","published-online":{"date-parts":[[2021,4,27]]},"reference":[{"key":"2022043009104101748_j_popets-2021-0049_ref_001_w2aab3b7c32b1b6b1ab1ab1Aa","doi-asserted-by":"crossref","unstructured":"[1] Ruba Abu-Salma and Benjamin Livshits. Evaluating the End-User Experience of Private Browsing Mode. CHI \u201920: CHI Conference on Human Factors in Computing Systems, April 2020.10.1145\/3313831.3376440","DOI":"10.1145\/3313831.3376440"},{"key":"2022043009104101748_j_popets-2021-0049_ref_002_w2aab3b7c32b1b6b1ab1ab2Aa","doi-asserted-by":"crossref","unstructured":"[2] Alessandro Acquisti, Manya Sleeper, Yang Wang, Shomir Wilson, Idris Adjerid, Rebecca Balebako, Laura Brandimarte, Lorrie Faith Cranor, Saranga Komanduri, Pedro Giovanni Leon, Norman Sadeh, and Florian Schaub. Nudges for Privacy and Security. ACM Computing Surveys, 50(3):1\u201341, August 2017.10.1145\/3054926","DOI":"10.1145\/3054926"},{"key":"2022043009104101748_j_popets-2021-0049_ref_003_w2aab3b7c32b1b6b1ab1ab3Aa","unstructured":"[3] Yusuf Albayram, Mohammad Maifi Hasan Khan, Theodore Jensen, and Nhan Nguyen. \u201c...better to use a lock screen than to worry about saving a few seconds of time\u201d - Effect of Fear Appeal in the Context of Smartphone Locking Behavior. Symposium on Usable Privacy and Security, 2017."},{"key":"2022043009104101748_j_popets-2021-0049_ref_004_w2aab3b7c32b1b6b1ab1ab4Aa","doi-asserted-by":"crossref","unstructured":"[4] Hazim Almuhimedi, Florian Schaub, Norman Sadeh, Idris Adjerid, Alessandro Acquisti, Joshua Gluck, Lorrie Cranor, and Yuvraj Agarwal. Your location has been shared 5,398 times!: A field study on mobile app privacy nudging. Proceedings of the 33rd Annual ACM Conference on Human Factors in Computing Systems, 2015.10.1145\/2702123.2702210","DOI":"10.1145\/2702123.2702210"},{"key":"2022043009104101748_j_popets-2021-0049_ref_005_w2aab3b7c32b1b6b1ab1ab5Aa","unstructured":"[5] Brooke Auxier, Lee Rainie, Monica Anderson, Andrew Perrin, Madhu Kumar, and Erica Turner. Americans and Privacy: Concerned, Confused and Feeling Lack of Control Over Their Personal Information: Pew Research Center. November 2019."},{"key":"2022043009104101748_j_popets-2021-0049_ref_006_w2aab3b7c32b1b6b1ab1ab6Aa","unstructured":"[6] Maria Bada, Angela M. Sasse, and Jason R. C. Nurse. Cyber Security Awareness Campaigns: Why do they fail to change behaviour? arXiv preprint, January 2019."},{"key":"2022043009104101748_j_popets-2021-0049_ref_007_w2aab3b7c32b1b6b1ab1ab7Aa","doi-asserted-by":"crossref","unstructured":"[7] Matthew Ball, Roderic Broadhurst, Alexander Niven, and Harshit Trivedi. Data Capture and Analysis of Darknet Markets. SSRN Electronic Journal, 2019. https:\/\/www.ssrn.com\/abstract=3344936.10.2139\/ssrn.3344936","DOI":"10.2139\/ssrn.3344936"},{"key":"2022043009104101748_j_popets-2021-0049_ref_008_w2aab3b7c32b1b6b1ab1ab8Aa","unstructured":"[8] Sean Barnum, Michael Gegick, and C.C. Michael. Defense in Depth | CISA. https:\/\/us-cert.cisa.gov\/bsi\/articles\/knowledge\/principles\/defense-in-depth, September 2005."},{"key":"2022043009104101748_j_popets-2021-0049_ref_009_w2aab3b7c32b1b6b1ab1ab9Aa","doi-asserted-by":"crossref","unstructured":"[9] Adam Beautement, M. Angela Sasse, and Mike Wonham. The compliance budget: Managing security behaviour in organisations. In Proceedings of the 2008 Workshop on New Security Paradigms - NSPW \u201908, pages 47\u201358, Lake Tahoe, California, USA, 2008. ACM Press. http:\/\/portal.acm.org\/citation.cfm?doid=1595676.1595684.10.1145\/1595676.1595684","DOI":"10.1145\/1595676.1595684"},{"key":"2022043009104101748_j_popets-2021-0049_ref_010_w2aab3b7c32b1b6b1ab1ac10Aa","doi-asserted-by":"crossref","unstructured":"[10] Laura Brandimarte, Alessandro Acquisti, and George Loewenstein. Misplaced Confidences: Privacy and the Control Paradox. Social Psychological and Personality Science, 4(3):340\u2013347, May 2013. https:\/\/doi.org\/10.1177\/1948550612455931.10.1177\/1948550612455931","DOI":"10.1177\/1948550612455931"},{"key":"2022043009104101748_j_popets-2021-0049_ref_011_w2aab3b7c32b1b6b1ab1ac11Aa","unstructured":"[11] Jon Brodkin. Fake tech support scam is trouble for legitimate remote help company. https:\/\/arstechnica.com\/information-technology\/2013\/11\/fake-tech-support-scamis-trouble-for-legitimate-remote-help-company\/, November 2013."},{"key":"2022043009104101748_j_popets-2021-0049_ref_012_w2aab3b7c32b1b6b1ab1ac12Aa","unstructured":"[12] Dalvin Brown. Is streaming video from sketchy web-sites illegal? https:\/\/www.usatoday.com\/story\/tech\/2019\/12\/16\/can-get-arrested-streaming-illicit-movies-its-complicated\/2662072001\/, December 2019."},{"key":"2022043009104101748_j_popets-2021-0049_ref_013_w2aab3b7c32b1b6b1ab1ac13Aa","unstructured":"[13] United States Census Bureau. Current Population Survey (CPS), 2018. https:\/\/www.census.gov\/cps\/data\/cpstablecreator.html."},{"key":"2022043009104101748_j_popets-2021-0049_ref_014_w2aab3b7c32b1b6b1ab1ac14Aa","unstructured":"[14] Karoline Busse, Julia Sch\u00e4fer, and Matthew Smith. Replication: No One Can Hack My Mind Revisiting a Study on Expert and Non-Expert Security Practices and Advice. Symposium on Usable Privacy and Security, pages 116\u2013136, August 2019."},{"key":"2022043009104101748_j_popets-2021-0049_ref_015_w2aab3b7c32b1b6b1ab1ac15Aa","doi-asserted-by":"crossref","unstructured":"[15] Yinzhi Cao, Song Li, and Erik Wijmans. (Cross-)Browser Fingerprinting via OS and Hardware Level Features. Network and Distributed System Security Symposium, March 2017.10.14722\/ndss.2017.23152","DOI":"10.14722\/ndss.2017.23152"},{"key":"2022043009104101748_j_popets-2021-0049_ref_016_w2aab3b7c32b1b6b1ab1ac16Aa","unstructured":"[16] CISA. Tips | CISA. https:\/\/us-cert.cisa.gov\/ncas\/tips."},{"key":"2022043009104101748_j_popets-2021-0049_ref_017_w2aab3b7c32b1b6b1ab1ac17Aa","unstructured":"[17] Cisco. 2013 Cisco Annual Security Report. January 2013."},{"key":"2022043009104101748_j_popets-2021-0049_ref_018_w2aab3b7c32b1b6b1ab1ac18Aa","doi-asserted-by":"crossref","unstructured":"[18] Jessica Colnago, Yuanyuan Feng, Tharangini Palanivel, Sarah Pearman, Megan Ung, Alessandro Acquisti, Lorrie Faith Cranor, and Norman Sadeh. Informing the Design of a Personalized Privacy Assistant for the Internet of Things. In Proceedings of the 2020 CHI Conference on Human Factors in Computing Systems, pages 1\u201313, Honolulu HI USA, April 2020. ACM. https:\/\/dl.acm.org\/doi\/10.1145\/3313831.3376389.10.1145\/3313831.3376389","DOI":"10.1145\/3313831.3376389"},{"key":"2022043009104101748_j_popets-2021-0049_ref_019_w2aab3b7c32b1b6b1ab1ac19Aa","unstructured":"[19] Cyrus Farivar and Andrew Blankstein. Feds take down the world\u2019s \u2019largest dark web child porn marketplace\u2019. https:\/\/www.nbcnews.com\/news\/crime-courts\/feds-take-down-world-s-largest-dark-web-child-porn-n1066511, October 2019."},{"key":"2022043009104101748_j_popets-2021-0049_ref_020_w2aab3b7c32b1b6b1ab1ac20Aa","unstructured":"[20] Roger Dingledine. [tor-announce] Tor security advisory: Old Tor Browser Bundles vulnerable. https:\/\/lists.torproject.org\/pipermail\/tor-announce\/2013-August\/000089.html, August 2013."},{"key":"2022043009104101748_j_popets-2021-0049_ref_021_w2aab3b7c32b1b6b1ab1ac21Aa","unstructured":"[21] Disconnect. Best privacy VPN app for iOS and Mac. Powerful protection with one tap., Sep 2020. https:\/\/disconnect.me."},{"key":"2022043009104101748_j_popets-2021-0049_ref_022_w2aab3b7c32b1b6b1ab1ac22Aa","unstructured":"[22] DuckDuckGo. A Study on Private Browsing: Consumer Usage, Knowledge, and Thoughts. Whitepaper, January 2017."},{"key":"2022043009104101748_j_popets-2021-0049_ref_023_w2aab3b7c32b1b6b1ab1ac23Aa","unstructured":"[23] Agnieszka Dutkowska-Zuk, Austin Hounsel, Andre Xiong, Marshini Chetty, Nick Feamster, Molly Roberts, and Brandon Stewart. Practicing Safe Browsing: Understanding How and Why University Students Use Virtual Private Networks. arXiv preprint, cs.HC, February 2020."},{"key":"2022043009104101748_j_popets-2021-0049_ref_024_w2aab3b7c32b1b6b1ab1ac24Aa","unstructured":"[24] EFF. The Playpen Cases: Frequently Asked Questions. https:\/\/www.eff.org\/pages\/playpen-cases-frequently-asked-questions, August 2016."},{"key":"2022043009104101748_j_popets-2021-0049_ref_025_w2aab3b7c32b1b6b1ab1ac25Aa","unstructured":"[25] EFF. Choosing the VPN That\u2019s Right for You. https:\/\/ssd.eff.org\/en\/module\/choosing-vpn-thats-right-you, March 2019."},{"key":"2022043009104101748_j_popets-2021-0049_ref_026_w2aab3b7c32b1b6b1ab1ac26Aa","doi-asserted-by":"crossref","unstructured":"[26] E. Erdin, C. Zachor, and M. H. Gunes. How to Find Hidden Users: A Survey of Attacks on Anonymity Networks. IEEE Communications Surveys Tutorials, 17(4):2296\u20132316, Fourthquarter 2015.10.1109\/COMST.2015.2453434","DOI":"10.1109\/COMST.2015.2453434"},{"key":"2022043009104101748_j_popets-2021-0049_ref_027_w2aab3b7c32b1b6b1ab1ac27Aa","unstructured":"[27] ExpressVPN. How to Combine a VPN and Tor Browser for Online Anonymity. https:\/\/www.expressvpn.com\/, October 2020."},{"key":"2022043009104101748_j_popets-2021-0049_ref_028_w2aab3b7c32b1b6b1ab1ac28Aa","unstructured":"[28] FTC. Tech Support Scams. https:\/\/www.ftc.gov\/tips-advice\/business-center\/small-businesses\/cybersecurity\/tech-support-scams, October 2018."},{"key":"2022043009104101748_j_popets-2021-0049_ref_029_w2aab3b7c32b1b6b1ab1ac29Aa","unstructured":"[29] Kevin Gallagher, Sameer Patil, and Nasir D. Memon. New Me - Understanding Expert and Non-Expert Perceptions and Usage of the Tor Anonymity Network. Symposium on Usable Privacy and Security, 2017."},{"key":"2022043009104101748_j_popets-2021-0049_ref_030_w2aab3b7c32b1b6b1ab1ac30Aa","unstructured":"[30] Samuel Gibbs. Antivirus software is dead, says security expert at Symantec. http:\/\/www.theguardian.com\/technology\/2014\/may\/06\/antivirus-software-fails-catch-attacks-security-expert-symantec, May 2014."},{"key":"2022043009104101748_j_popets-2021-0049_ref_031_w2aab3b7c32b1b6b1ab1ac31Aa","unstructured":"[31] Dan Goodin. Millions exposed to malvertising that hid attack code in banner pixels. https:\/\/arstechnica.com\/information-technology\/2016\/12\/millions-exposed-tomalvertising-that-hid-attack-code-in-banner-pixels\/, December 2016."},{"key":"2022043009104101748_j_popets-2021-0049_ref_032_w2aab3b7c32b1b6b1ab1ac32Aa","unstructured":"[32] Dan Goodin. Malvertisers target Mac users with stegano-graphic code stashed in images. https:\/\/arstechnica.com\/information-technology\/2019\/01\/malvertisers-target-mac-uses-with-stenographic-code-stashed-in-images\/, January 2019."},{"key":"2022043009104101748_j_popets-2021-0049_ref_033_w2aab3b7c32b1b6b1ab1ac33Aa","unstructured":"[33] Yael Grauer. The impossible task of creating a \u201cBest VPNs\u201d list today | Ars Technica. https:\/\/arstechnica.com\/information-technology\/2016\/06\/aiming-for-anonymity-ars-assesses-the-state-of-vpns-in-2016\/, June 2016."},{"key":"2022043009104101748_j_popets-2021-0049_ref_034_w2aab3b7c32b1b6b1ab1ac34Aa","unstructured":"[34] Glenn Greenwald and Ewen MacAskill. NSA Prism program taps in to user data of Apple, Google and others. The Guardian, June 2013. https:\/\/www.theguardian.com\/world\/2013\/jun\/06\/us-tech-giants-nsa-data."},{"key":"2022043009104101748_j_popets-2021-0049_ref_035_w2aab3b7c32b1b6b1ab1ac35Aa","unstructured":"[35] Hana Habib, Jessica Colnago, Vidya Gopalakrishnan, Sarah Pearman, Jeremy Thomas, Alessandro Acquisti, Nicolas Christin, and Lorrie Faith Cranor. Away From Prying Eyes - Analyzing Usage and Understanding of Private Browsing. SOUPS @ USENIX Security Symposium, 2018."},{"key":"2022043009104101748_j_popets-2021-0049_ref_036_w2aab3b7c32b1b6b1ab1ac36Aa","doi-asserted-by":"crossref","unstructured":"[36] Cormac Herley. So long, and no thanks for the externalities - the rational rejection of security advice by users. NSPW, pages 133\u2013144, 2009.10.1145\/1719030.1719050","DOI":"10.1145\/1719030.1719050"},{"key":"2022043009104101748_j_popets-2021-0049_ref_037_w2aab3b7c32b1b6b1ab1ac37Aa","doi-asserted-by":"crossref","unstructured":"[37] Cormac Herley. More Is Not the Answer. IEEE Security & Privacy, 12(1):14\u201319, 2014.10.1109\/MSP.2013.134","DOI":"10.1109\/MSP.2013.134"},{"key":"2022043009104101748_j_popets-2021-0049_ref_038_w2aab3b7c32b1b6b1ab1ac38Aa","unstructured":"[38] Aaron Holmes. The dark web turns 20 this month \u2014 here\u2019s how it changed the world - Business Insider. https:\/\/www.businessinsider.com\/dark-web-changed-the-world-black-markets-arab-spring-2020-3, March 2020."},{"key":"2022043009104101748_j_popets-2021-0049_ref_039_w2aab3b7c32b1b6b1ab1ac39Aa","unstructured":"[39] Bryan Horling and Matthew Kulick. Personalized Search for everyone. https:\/\/googleblog.blogspot.com\/2009\/12\/personalized-search-for-everyone.html, December 2009."},{"key":"2022043009104101748_j_popets-2021-0049_ref_040_w2aab3b7c32b1b6b1ab1ac40Aa","doi-asserted-by":"crossref","unstructured":"[40] Muhammad Ikram, Narseo Vallina-Rodriguez, Suranga Seneviratne, Mohamed Ali Kaafar, and Vern Paxson. An Analysis of the Privacy and Security Risks of Android VPN Permission-enabled Apps. IMC 2016, 2016.10.1145\/2987443.2987471","DOI":"10.1145\/2987443.2987471"},{"key":"2022043009104101748_j_popets-2021-0049_ref_041_w2aab3b7c32b1b6b1ab1ac41Aa","unstructured":"[41] Iulia Ion, Rob Reeder, and Sunny Consolvo. \u201c...No one Can Hack My Mind\u201d - Comparing Expert and Non-Expert Security Practices. Symposium on Usable Privacy and Security, 2015."},{"key":"2022043009104101748_j_popets-2021-0049_ref_042_w2aab3b7c32b1b6b1ab1ac42Aa","unstructured":"[42] Ruogu Kang, Laura Dabbish, Nathaniel Fruchter, and Sara B. Kiesler. \u201cMy Data Just Goes Everywhere - \u201c User Mental Models of the Internet and Implications for Privacy and Security. Symposium on Usable Privacy and Security, 2015."},{"key":"2022043009104101748_j_popets-2021-0049_ref_043_w2aab3b7c32b1b6b1ab1ac43Aa","unstructured":"[43] Kaspersky. Disk and File Encryption, Sep 2020. https:\/\/www.kaspersky.com\/enterprise-security\/wiki-section\/products\/encryption."},{"key":"2022043009104101748_j_popets-2021-0049_ref_044_w2aab3b7c32b1b6b1ab1ac44Aa","unstructured":"[44] Kaspersky Lab. The main sources of malware infection. https:\/\/web.archive.org\/web\/20201127210358\/https:\/\/support.kaspersky.com\/789, November 2018."},{"key":"2022043009104101748_j_popets-2021-0049_ref_045_w2aab3b7c32b1b6b1ab1ac45Aa","unstructured":"[45] Katie Kasunic. How To Use Tor Browser: Everything You MUST Know (2020). https:\/\/www.vpnmentor.com\/blog\/tor-browser-work-relate-using-vpn\/, August 2020."},{"key":"2022043009104101748_j_popets-2021-0049_ref_046_w2aab3b7c32b1b6b1ab1ac46Aa","unstructured":"[46] Brian Krebs. Tools for a Safer PC \u2014 Krebs on Security. https:\/\/krebsonsecurity.com\/tools-for-a-safer-pc\/."},{"key":"2022043009104101748_j_popets-2021-0049_ref_047_w2aab3b7c32b1b6b1ab1ac47Aa","unstructured":"[47] Brian Krebs. Krebs\u2019s 3 Basic Rules for Online Safety \u2014 Krebs on Security. https:\/\/krebsonsecurity.com\/2011\/05\/krebss-3-basic-rules-for-online-safety\/, May 2011."},{"key":"2022043009104101748_j_popets-2021-0049_ref_048_w2aab3b7c32b1b6b1ab1ac48Aa","unstructured":"[48] Brian Krebs. Post-FCC Privacy Rules, Should You VPN? \u2014 Krebs on Security, March 2017."},{"key":"2022043009104101748_j_popets-2021-0049_ref_049_w2aab3b7c32b1b6b1ab1ac49Aa","doi-asserted-by":"crossref","unstructured":"[49] Ponnurangam Kumaraguru, Justin Cranshaw, Alessandro Acquisti, Lorrie Cranor, Jason Hong, Mary Ann Blair, and Theodore Pham. School of phish: A real-word evaluation of anti-phishing training. In Proceedings of the 5th Symposium on Usable Privacy and Security - SOUPS \u201909, Mountain View, California, 2009. ACM Press. http:\/\/portal.acm.org\/citation.cfm?doid=1572532.1572536.10.1145\/1572532.1572536","DOI":"10.1145\/1572532.1572536"},{"key":"2022043009104101748_j_popets-2021-0049_ref_050_w2aab3b7c32b1b6b1ab1ac50Aa","doi-asserted-by":"crossref","unstructured":"[50] Ozan Kuru and Josh Pasek. Improving social media measurement in surveys: Avoiding acquiescence bias in Face-book research. Computers in Human Behavior, 57:82\u201392, April 2016. https:\/\/linkinghub.elsevier.com\/retrieve\/pii\/S0747563215302788.10.1016\/j.chb.2015.12.008","DOI":"10.1016\/j.chb.2015.12.008"},{"key":"2022043009104101748_j_popets-2021-0049_ref_051_w2aab3b7c32b1b6b1ab1ac51Aa","unstructured":"[51] Pierre Laperdrix. Browser Fingerprinting: An Introduction and the Challenges Ahead | Tor Blog. https:\/\/blog.torproject.org\/browser-fingerprinting-introduction-and-challenges-ahead, September 2019."},{"key":"2022043009104101748_j_popets-2021-0049_ref_052_w2aab3b7c32b1b6b1ab1ac52Aa","unstructured":"[52] Selena Larson. Infant Social Security numbers are for sale on the dark web. https:\/\/money.cnn.com\/2018\/01\/22\/technology\/infant-data-dark-web-identity-theft\/index.html, January 2018."},{"key":"2022043009104101748_j_popets-2021-0049_ref_053_w2aab3b7c32b1b6b1ab1ac53Aa","doi-asserted-by":"crossref","unstructured":"[53] Josephine Lau, Benjamin Zimmerman, and Florian Schaub. Alexa, Are You Listening?: Privacy Perceptions, Concerns and Privacy-seeking Behaviors with Smart Speakers. Proceedings of the ACM on Human-Computer Interaction, 2(CSCW):1\u201331, November 2018. https:\/\/dl.acm.org\/doi\/10.1145\/3274371.10.1145\/3274371","DOI":"10.1145\/3274371"},{"key":"2022043009104101748_j_popets-2021-0049_ref_054_w2aab3b7c32b1b6b1ab1ac54Aa","doi-asserted-by":"crossref","unstructured":"[54] Monica G. Maceli. Encouraging patron adoption of privacy-protection technologies: Challenges for public libraries. IFLA Journal, 44(3):195\u2013202, August 2018.10.1177\/0340035218773786","DOI":"10.1177\/0340035218773786"},{"key":"2022043009104101748_j_popets-2021-0049_ref_055_w2aab3b7c32b1b6b1ab1ac55Aa","doi-asserted-by":"crossref","unstructured":"[55] James E Maddux and Ronald W Rogers. Protection motivation and self-efficacy: A revised theory of fear appeals and attitude change. Journal of experimental social psychology, 19(5):469\u2013479, 1983.","DOI":"10.1016\/0022-1031(83)90023-9"},{"key":"2022043009104101748_j_popets-2021-0049_ref_056_w2aab3b7c32b1b6b1ab1ac56Aa","doi-asserted-by":"crossref","unstructured":"[56] Nathan Malkin, Julia Bernd, Maritza Johnson, and Serge Egelman. \u201cWhat Can\u2019t Data Be Used For?\u201d: Privacy Expectations about Smart TVs in the U.S. In Proceedings 3rd European Workshop on Usable Security, London, England, 2018. Internet Society. https:\/\/www.ndss-symposium.org\/wp-content\/uploads\/2018\/06\/eurousec2018_16_Malkin_paper.pdf.10.14722\/eurousec.2018.23016","DOI":"10.14722\/eurousec.2018.23016"},{"key":"2022043009104101748_j_popets-2021-0049_ref_057_w2aab3b7c32b1b6b1ab1ac57Aa","unstructured":"[57] Jonathan R. Mayer and John C. Mitchell. Third-Party Web Tracking: Policy and Technology. 2012 IEEE Symposium on Security and Privacy, 2012."},{"key":"2022043009104101748_j_popets-2021-0049_ref_058_w2aab3b7c32b1b6b1ab1ac58Aa","doi-asserted-by":"crossref","unstructured":"[58] Nora McDonald, Sarita Schoenebeck, and Andrea Forte. Reliability and Inter-rater Reliability in Qualitative Research: Norms and Guidelines for CSCW and HCI Practice. Proceedings of the ACM Human-Computer Interaction, August 2019.10.1145\/3359174","DOI":"10.1145\/3359174"},{"key":"2022043009104101748_j_popets-2021-0049_ref_059_w2aab3b7c32b1b6b1ab1ac59Aa","doi-asserted-by":"crossref","unstructured":"[59] Georg Merzdovnik, Markus Huber, Damjan Buhov, Nick Nikiforakis, Sebastian Neuner, Martin Schmiedecker, and Edgar Weippl. Block Me If You Can: A Large-Scale Study of Tracker-Blocking Tools. 2017 IEEE European Symposium on Security and Privacy (EuroS&P), March 2017.","DOI":"10.1109\/EuroSP.2017.26"},{"key":"2022043009104101748_j_popets-2021-0049_ref_060_w2aab3b7c32b1b6b1ab1ac60Aa","doi-asserted-by":"crossref","unstructured":"[60] Moses Namara, Daricia Wilkinson, Kelly Caine, and Bart P. Knijnenburg. Emotional and Practical Considerations Towards the Adoption and Abandonment of VPNs as a Privacy-Enhancing Technology. Proceedings on Privacy Enhancing Technologies, 2020(1):83\u2013102, December 2019.10.2478\/popets-2020-0006","DOI":"10.2478\/popets-2020-0006"},{"key":"2022043009104101748_j_popets-2021-0049_ref_061_w2aab3b7c32b1b6b1ab1ac61Aa","doi-asserted-by":"crossref","unstructured":"[61] Greg Norcie, Jim Blythe, Kelly Caine, and L. Jean Camp. Why Johnny Can\u2019t Blow the Whistle: Identifying and Reducing Usability Issues in Anonymity Systems. Workshop on Usable Security, February 2014.10.14722\/usec.2014.23022","DOI":"10.14722\/usec.2014.23022"},{"key":"2022043009104101748_j_popets-2021-0049_ref_062_w2aab3b7c32b1b6b1ab1ac62Aa","unstructured":"[62] NordVPN. Block ads and malicious websites with Cyber-Sec, Sep 2020. https:\/\/nordvpn.com\/features\/cybersec\/."},{"key":"2022043009104101748_j_popets-2021-0049_ref_063_w2aab3b7c32b1b6b1ab1ac63Aa","unstructured":"[63] Norton. Norton Privacy Manager | How it works, Mar 2019. https:\/\/www.youtube.com\/watch?v=iKsHl-uzVrU."},{"key":"2022043009104101748_j_popets-2021-0049_ref_064_w2aab3b7c32b1b6b1ab1ac64Aa","unstructured":"[64] Norton. Browse the Internet securely with Norton Safe Web, Oct 2020. https:\/\/support.norton.com\/sp\/en\/us\/home\/current\/solutions\/v19116982."},{"key":"2022043009104101748_j_popets-2021-0049_ref_065_w2aab3b7c32b1b6b1ab1ac65Aa","unstructured":"[65] Norton. Norton Privacy Manager, Sep 2020. https:\/\/us.norton.com\/norton-privacy-manager."},{"key":"2022043009104101748_j_popets-2021-0049_ref_066_w2aab3b7c32b1b6b1ab1ac66Aa","unstructured":"[66] Norton. Norton Secure VPN, Sep 2020. https:\/\/us.norton.com\/products\/norton-secure-vpn."},{"key":"2022043009104101748_j_popets-2021-0049_ref_067_w2aab3b7c32b1b6b1ab1ac67Aa","doi-asserted-by":"crossref","unstructured":"[67] Eyal Peer, Laura Brandimarte, Sonam Samat, and Alessandro Acquisti. Beyond the Turk: Alternative platforms for crowdsourcing behavioral research. Journal of Experimental Social Psychology, 70(C):153\u2013163, May 2017.10.1016\/j.jesp.2017.01.006","DOI":"10.1016\/j.jesp.2017.01.006"},{"key":"2022043009104101748_j_popets-2021-0049_ref_068_w2aab3b7c32b1b6b1ab1ac68Aa","unstructured":"[68] Nicole Perlroth. Tor Project, a Digital Privacy Group, Reboots With New Board (Published 2016). The New York Times, July 2016. https:\/\/www.nytimes.com\/2016\/07\/14\/technology\/tor-project-a-digital-privacy-group-reboots-with-new-board.html."},{"key":"2022043009104101748_j_popets-2021-0049_ref_069_w2aab3b7c32b1b6b1ab1ac69Aa","unstructured":"[69] Nathaniel Popper. The Tax Sleuth Who Took Down a Drug Lord. The New York Times, December 2015. https:\/\/www.nytimes.com\/2015\/12\/27\/business\/dealbook\/theunsung-tax-agent-who-put-a-face-on-the-silk-road.html."},{"key":"2022043009104101748_j_popets-2021-0049_ref_070_w2aab3b7c32b1b6b1ab1ac70Aa","unstructured":"[70] Prolific Team. Representative Samples on Prolific. https:\/\/researcher-help.prolific.co\/hc\/en-gb\/articles\/360019236753-Representative-Samples-on-Prolific, March 2019."},{"key":"2022043009104101748_j_popets-2021-0049_ref_071_w2aab3b7c32b1b6b1ab1ac71Aa","unstructured":"[71] Prolific Team. Reviewing submissions: How do I decide who to accept\/reject?, May 2020. https:\/\/researcher-help.prolific.co\/hc\/en-gb\/articles\/360009092394-Reviewing-submissions-How-do-I-decide-who-to-accept-reject-."},{"key":"2022043009104101748_j_popets-2021-0049_ref_072_w2aab3b7c32b1b6b1ab1ac72Aa","unstructured":"[72] ProtonVPN. Why use Tor over VPN. https:\/\/protonvpn.com\/blog\/tor-vpn\/, July 2018."},{"key":"2022043009104101748_j_popets-2021-0049_ref_073_w2aab3b7c32b1b6b1ab1ac73Aa","unstructured":"[73] E. Racine, P. Skeba, E. P. S. Baumer, and A. Forte. What are PETs for Privacy Experts and Non-experts? Symposium on Usable Privacy and Security, August 2020."},{"key":"2022043009104101748_j_popets-2021-0049_ref_074_w2aab3b7c32b1b6b1ab1ac74Aa","unstructured":"[74] L. Rainie, S. Kiesler, R. Kang, and Mary Madden. Anonymity, Privacy, and Security Online. Pew Research Internet Project. 2013."},{"key":"2022043009104101748_j_popets-2021-0049_ref_075_w2aab3b7c32b1b6b1ab1ac75Aa","doi-asserted-by":"crossref","unstructured":"[75] Elissa M. Redmiles, Sean Kross, and Michelle L. Mazurek. How Well Do My Results Generalize? Comparing Security and Privacy Survey Results from MTurk, Web, and Telephone Samples. IEEE SP, 2019.10.1109\/SP.2019.00014","DOI":"10.1109\/SP.2019.00014"},{"key":"2022043009104101748_j_popets-2021-0049_ref_076_w2aab3b7c32b1b6b1ab1ac76Aa","unstructured":"[76] Elissa M Redmiles, Noel Warford, Amritha Jayanti, Aravind Koneru, Sean Kross, Miraida Morales, Rock Stevens, and Michelle L Mazurek. A Comprehensive Quality Evaluation of Security and Privacy Advice on the Web. USENIX Security Symposium, pages 88\u2013108, August 2020."},{"key":"2022043009104101748_j_popets-2021-0049_ref_077_w2aab3b7c32b1b6b1ab1ac77Aa","doi-asserted-by":"crossref","unstructured":"[77] Robert W. Reeder, Iulia Ion, and Sunny Consolvo. 152 Simple Steps to Stay Safe Online - Security Advice for Non-Tech-Savvy Users. IEEE Secur. Priv., 15(5):55\u201364, 2017.10.1109\/MSP.2017.3681050","DOI":"10.1109\/MSP.2017.3681050"},{"key":"2022043009104101748_j_popets-2021-0049_ref_078_w2aab3b7c32b1b6b1ab1ac78Aa","unstructured":"[78] Consumer Reports. 66 Ways to Protect Your Privacy Right Now, February 2017."},{"key":"2022043009104101748_j_popets-2021-0049_ref_079_w2aab3b7c32b1b6b1ab1ac79Aa","doi-asserted-by":"crossref","unstructured":"[79] Ronald W Rogers. A Protection Motivation Theory of Fear Appeals and Attitude Change. The Journal of Psychology, 91(1):93\u2013114, 1975.10.1080\/00223980.1975.991580328136248","DOI":"10.1080\/00223980.1975.9915803"},{"key":"2022043009104101748_j_popets-2021-0049_ref_080_w2aab3b7c32b1b6b1ab1ac80Aa","unstructured":"[80] Ronald W Rogers and Steven Prentice-Dunn. Protection motivation theory. 1997."},{"key":"2022043009104101748_j_popets-2021-0049_ref_081_w2aab3b7c32b1b6b1ab1ac81Aa","doi-asserted-by":"crossref","unstructured":"[81] Florian Schaub, Aditya Marella, Pranshu Kalvani, Blase Ur, Chao Pan, Emily Forney, and Lorrie Faith Cranor. Watching Them Watching Me: Browser Extensions Impact on User Privacy Awareness and Concern. Workshop on Usable Security, February 2016.10.14722\/usec.2016.23017","DOI":"10.14722\/usec.2016.23017"},{"key":"2022043009104101748_j_popets-2021-0049_ref_082_w2aab3b7c32b1b6b1ab1ac82Aa","doi-asserted-by":"crossref","unstructured":"[82] Daniel Smullen, Yuanyuan Feng, and Norman Sadeh. The Best of Both Worlds: Mitigating Trade-offs Between Accuracy and User Burden in Capturing Mobile App Privacy Preferences. Proceedings on Privacy Enhancing Technologies, 1:195\u2013215, 2020.","DOI":"10.2478\/popets-2020-0011"},{"key":"2022043009104101748_j_popets-2021-0049_ref_083_w2aab3b7c32b1b6b1ab1ac83Aa","unstructured":"[83] Ben Stegner. How to Avoid Fake Ads Disguised as Fake Download Links. https:\/\/www.makeuseof.com\/tag\/spot-avoid-ads-disguised-download-buttons\/, July 2019."},{"key":"2022043009104101748_j_popets-2021-0049_ref_084_w2aab3b7c32b1b6b1ab1ac84Aa","doi-asserted-by":"crossref","unstructured":"[84] Geordie Stewart and David Lacey. Death by a Thousand Facts - Criticising the Technocratic Approach to Information Security Awareness. HAISA, 2011.10.1108\/09685221211219182","DOI":"10.1108\/09685221211219182"},{"key":"2022043009104101748_j_popets-2021-0049_ref_085_w2aab3b7c32b1b6b1ab1ac85Aa","unstructured":"[85] Peter Story, Daniel Smullen, Alessandro Acquisti, Lorrie Faith Cranor, Norman M Sadeh, and Florian Schaub. From Intent to Action - Nudging Users Towards Secure Mobile Payments. SOUPS @ USENIX Security Symposium, 2020."},{"key":"2022043009104101748_j_popets-2021-0049_ref_086_w2aab3b7c32b1b6b1ab1ac86Aa","doi-asserted-by":"crossref","unstructured":"[86] O. Sukwong, H. S. Kim, and J. C. Hoe. Commercial Antivirus Software Effectiveness - An Empirical Study. Computer, 44(3):63\u201370, 2011.10.1109\/MC.2010.187","DOI":"10.1109\/MC.2010.187"},{"key":"2022043009104101748_j_popets-2021-0049_ref_087_w2aab3b7c32b1b6b1ab1ac87Aa","unstructured":"[87] Xiao Hui Tai, Kyle Soska, and Nicolas Christin. Adversarial Matching of Dark Net Market Vendor Accounts. In Proceedings of the 25th ACM SIGKDD International Conference on Knowledge Discovery & Data Mining, pages 1871\u20131880, Anchorage AK USA, July 2019. ACM. https:\/\/dl.acm.org\/doi\/10.1145\/3292500.3330763."},{"key":"2022043009104101748_j_popets-2021-0049_ref_088_w2aab3b7c32b1b6b1ab1ac88Aa","unstructured":"[88] Karyn A. Temple. U.S. Copyright Office Responses To Specific Questions. https:\/\/troypoint.com\/wp-content\/uploads\/2019\/07\/letter-to-senators-tillis-and-coons-on-felony-streaming-from-copyright-office.pdf, July 2019."},{"key":"2022043009104101748_j_popets-2021-0049_ref_089_w2aab3b7c32b1b6b1ab1ac89Aa","unstructured":"[89] Richard H Thaler and Cass R Sunstein. Nudge: Improving Decisions About Health, Wealth, and Happiness. J. Wiley and Sons, 2008."},{"key":"2022043009104101748_j_popets-2021-0049_ref_090_w2aab3b7c32b1b6b1ab1ac90Aa","unstructured":"[90] The Tor Project. Doc\/TorPlusVPN \u2013 Tor Bug Tracker & Wiki. https:\/\/trac.torproject.org\/projects\/tor\/wiki\/doc\/TorPlusVPN, October 2019."},{"key":"2022043009104101748_j_popets-2021-0049_ref_091_w2aab3b7c32b1b6b1ab1ac91Aa","unstructured":"[91] Matt Traudt. VPN + Tor: Not Necessarily a Net Gain -Matt Traudt. https:\/\/matt.traudt.xyz\/posts\/vpn-tor-notmRikAa4h.html, November 2016."},{"key":"2022043009104101748_j_popets-2021-0049_ref_092_w2aab3b7c32b1b6b1ab1ac92Aa","doi-asserted-by":"crossref","unstructured":"[92] Rick Wash. Folk models of home computer security. Symposium on Usable Privacy and Security, pages 1\u201316, 2010.10.1145\/1837110.1837125","DOI":"10.1145\/1837110.1837125"},{"key":"2022043009104101748_j_popets-2021-0049_ref_093_w2aab3b7c32b1b6b1ab1ac93Aa","unstructured":"[93] Rick Wash and Emilee Rader. Too Much Knowledge? Security Beliefs and Protective Behaviors Among United States Internet Users. Eleventh Symposium On Usable Privacy and Security, pages 309\u2013325, 2015."},{"key":"2022043009104101748_j_popets-2021-0049_ref_094_w2aab3b7c32b1b6b1ab1ac94Aa","doi-asserted-by":"crossref","unstructured":"[94] Zachary Weinberg, Shinyoung Cho, Nicolas Christin, Vyas Sekar, and Phillipa Gill. How to Catch when Proxies Lie. IMC \u201918: Internet Measurement Conference, October 2018.10.1145\/3278532.3278551","DOI":"10.1145\/3278532.3278551"},{"key":"2022043009104101748_j_popets-2021-0049_ref_095_w2aab3b7c32b1b6b1ab1ac95Aa","unstructured":"[95] WhatIsMyIPAddress.com. How does geolocation work? https:\/\/whatismyipaddress.com\/geolocation, November 2020."},{"key":"2022043009104101748_j_popets-2021-0049_ref_096_w2aab3b7c32b1b6b1ab1ac96Aa","unstructured":"[96] Wikipedia. Google Personalized Search. Wikipedia, April 2020. https:\/\/en.wikipedia.org\/w\/index.php?title=Google_Personalized_Search&oldid=952991366."},{"key":"2022043009104101748_j_popets-2021-0049_ref_097_w2aab3b7c32b1b6b1ab1ac97Aa","unstructured":"[97] Wikipedia. Internet geolocation. Wikipedia, September 2020. https:\/\/en.wikipedia.org\/w\/index.php?title=Internet_geolocation&oldid=980936345."},{"key":"2022043009104101748_j_popets-2021-0049_ref_098_w2aab3b7c32b1b6b1ab1ac98Aa","unstructured":"[98] Wikipedia. PRISM (surveillance program). Wikipedia, September 2020. https:\/\/en.wikipedia.org\/w\/index.php?title=PRISM_(surveillance_program)&oldid=978695563."},{"key":"2022043009104101748_j_popets-2021-0049_ref_099_w2aab3b7c32b1b6b1ab1ac99Aa","unstructured":"[99] Jakob Wirth, Christian Maier, Sven Laumer, and Friedrich-Alexander Universit\u00e4t Erlangen-N\u00fcrnberg. The Influence Of Resignation On The Privacy Calculus In The Context Of Social Networking Sites: An Empirical Analysis. Twenty-Sixth European Conference on Information Systems, 2018."},{"key":"2022043009104101748_j_popets-2021-0049_ref_100_w2aab3b7c32b1b6b1ab1ad100Aa","doi-asserted-by":"crossref","unstructured":"[100] Yixin Zou, Kevin Roundy, Acar Tamersoy, Saurabh Shintre, Johann Roturier, and Florian Schaub. Examining the Adoption and Abandonment of Security, Privacy, and Identity Theft Protection Practices. CHI, pages 1\u201315, April 2020.10.1145\/3313831.3376570","DOI":"10.1145\/3313831.3376570"}],"container-title":["Proceedings on Privacy Enhancing Technologies"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.sciendo.com\/pdf\/10.2478\/popets-2021-0049","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,7,20]],"date-time":"2022-07-20T16:31:34Z","timestamp":1658334694000},"score":1,"resource":{"primary":{"URL":"https:\/\/petsymposium.org\/popets\/2021\/popets-2021-0049.php"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,4,27]]},"references-count":100,"journal-issue":{"issue":"3","published-online":{"date-parts":[[2021,4,27]]},"published-print":{"date-parts":[[2021,7,1]]}},"alternative-id":["10.2478\/popets-2021-0049"],"URL":"https:\/\/doi.org\/10.2478\/popets-2021-0049","relation":{},"ISSN":["2299-0984"],"issn-type":[{"value":"2299-0984","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021,4,27]]}}}