Miguel Malheiros

Too close for comfort: a study of the effectiveness and acceptability of rich-media personalized advertising

Online display advertising is predicted to make

Fairly truthful: The impact of perceived effort, fairness, relevance, and sensitivity on personal data disclosure

29.53 billion this year. Advertisers believe targeted and personalized ads to be more effective, but many users are concerned about their privacy. We conducted a study where 30 participants completed a simulated holiday booking task; each page showing ads with different degrees of personalization. Participants fixated twice as long when ads contained their photo. Participants reported being more likely to notice ads with their photo, holiday destination, and name, but also increasing levels of discomfort with increasing personalization. We conclude that greater personalization in ad content may achieve higher levels of attention, but that the most personalized ads are also the least acceptable. The noticeability benefit in using someones photo to make them look at an ad may be offset by the privacy cost. As more personal data becomes available to advertisers, it becomes important that these trade-offs are considered.

Would You Sell Your Mother’s Data? Personal Data Disclosure in a Simulated Credit Card Application

While personal data is a source of competitive advantage, businesses should consider the potential reaction of individuals to certain types of data requests. Privacy research has identified some factors that impact privacy perceptions, but these have not yet been linked to actual disclosure behaviour. We describe a field-experiment investigating the effect of different factors on online disclosure behaviour. 2720 US participants were invited to participate in an Amazon Mechanical Turk survey advertised as a marketing study for a credit card company. Participants were asked to disclose several items of personal data. In a follow-up UCL branded survey, a subset (N=1851) of the same participants rated how they perceived the effort, fairness, relevance, and sensitivity of the first phase personal data requests and how truthful their answers had been. Findings show that fairness has a consistent and significant effect on the disclosure and truthfulness of data items such as weekly spending or occupation. Partial support was found for the effect of effort and sensitivity. Privacy researchers are advised to take into account the under-investigated fairness construct in their research. Businesses should focus on non-sensitive data items which are perceived as fair in the context they are collected; otherwise they risk obtaining low-quality or incomplete data from their customers.

Federated identity to access e-government services: are citizens ready for this?

To assess the risk of a loan applicant defaulting, lenders feed applicants’ data into credit scoring algorithms. They are always looking to improve the effectiveness of their predictions, which means improving the algorithms and/or collecting different data. Research on financial behavior found that elements of a person’s family history and social ties can be good predictors of financial responsibility and control. Our study investigated how loan applicants applying for a credit card would respond to questions such as “Did any of your loved ones die while you were growing up?” 48 participants were asked to complete a new type of credit card application form containing such requests as part of a “Consumer Acceptance Test” of a credit card with lower interest rates, but only available to “financially responsible customers.” This was a double-blind study—the experimenters processing participants were told exactly the same. We found that: (1) more sensitive items are disclosed less often—e.g., friends’ names and contact had only a 69 % answer rate; (2) privacy fundamentalists are 5.6 times less likely to disclose data; and (3) providing a justification for a question has no effect on its answer rate. Discrepancies between acceptability and disclosure were observed—e.g., 43 % provided names and contact of friends, having said they found the question unacceptable. We conclude that collecting data items not traditionally seen as relevant could be made acceptable if lenders can credibly establish relevance, and assure applicants they will be assessed fairly. More research needs to be done on how to best communicate these qualities.

Privacy for Loan Applicants Versus Predictive Power for Loan Providers: Is It Possible to Bridge the Gap?

Both the US & UK government have decided that citizens will to authenticate to government using Federated Identity (FedID) solutions: governments do not want to be Identity providers (IdPs), but leverage accounts that citizens have with other service providers instead. We investigated how citizens react to their first encounter FedID authentication in this context. We performed 2 studies using low fidelity prototypes with: in study 1, 44 citizen participants, & in study 2, 22 small business owners, employees & agents. We recorded their reactions during their user journey authenticating with 3rd party providers they already had accounts with. In study 1, 50% of participants said they would not continue to use the system on reaching the hub page, & 45% believed they were being asked to make a payment. 25% of those continuing said they would stop when they reached the consent page, where they were asked by their IdP to authorise the release of their identifying information to the government service. 34% of the participants felt threatened rather than reassured by the privacy protection statement. With study 2s improved prototype, only 14% of participants said they would not continue on reaching the hub page, & 6% abandoned at the consent page. Our results show that usability & acceptance of FedID can be greatly improved by the application of standard HCI techniques, but trust in the ID Provider is essential. We finally report results from a survey of which ID providers UK citizens would trust, & found significant differences between age groups.

Data after death: User requirements and design challenges for SNSs and email providers

Loan providers manage risk by assessing applicants’ ability and willingness to re-pay. The loan application is the most visible aspect of credit scoring. To prevent gaming of the process, loan providers do not reveal why they ask for certain information. This lack of transparency leads applicants to perceive some questions as invasive. We investigated this phenomenon in three studies. The first survey revealed that applicants were least comfortable with providing their work phone number, value of other assets, and total number of investments. Ten interviews with loan applicants indicated that loan application forms do not allow them to adequately describe their financial situation. In the second survey 12% of participants reported they had not applied for credit because of the information requested. Results suggest that loan providers should explain why information is requested and how it will be used. Applicants’ satisfaction with credit scoring can be improved by: (1) letting applicants specify how/when they want to be contacted; (2) obtaining informed consent for data sharing with third parties; and (3) making some data items optional.