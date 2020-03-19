Abstract:

Commitment devices are a technique from behavioral economics that have been shown to mitigate the effects of present bias-the tendency to discount future risks and gains in favor of immediate gratifications. In this paper, we explore the feasibility of using commitment devices to nudge users towards complying with varying online security mitigations. Using two online experiments, with over 1,000 participants total, we offered participants the option to be reminded or to schedule security tasks in the future. We find that both reminders and commitment nudges can increase users' intentions to install security updates and enable two-factor authentication, but not to configure automatic backups. Using qualitative data, we gain insights into the reasons for postponement and how to improve future nudges. We posit that current nudges may not live up to their full potential, as the timing options offered to users may be too rigid.

Bio:

Alisa Frik, Ph.D., is a postdoctoral researcher at the <http://www.icsi.berkeley.edu/ icsi/groups/privacy> Usable Security and Privacy research group at the International Computer Science Institute (ICSI) and the University of California, Berkeley. She is a member of the <https://blues.cs.berkeley.edu > Berkeley Laboratory for Usable and

Experimental Security (BLUES), under the direction of Dr. Serge Egelman, and the <https://peex.heinz.cmu.edu/> Privacy Economics Experiments Lab (PEEX) at Carnegie Mellon University, under the direction of Prof. Alessandro

Acquisti. She has obtained a Ph.D. degree in Economics at the School of Social Sciences, University of Trento, Italy.



Alisa applies her expertise in behavioral and experimental economics, decision-making, behavior change, and choice architecture, and experience in survey and interview design, online, lab and field experiments, and experience sampling to investigate privacy and security attitudes and behaviors of regular and vulnerable populations of online users (such as older adults, employees of civil society organizations, domestic workers and non-primary user groups). She explores how contextual and human factors, including trust, heuristics and biases, as well as behavioral interventions, such as personalized nudges, commitment devices, and privacy-enhancing tools, affect users' behaviors and decisions. She focuses not only on web and mobile privacy and security, but also on emerging technologies in healthcare, Internet of Things, digital advertising, and smart voice assistants.

