Privacy Bulleted List
Attitudes Towards Spamming
Graphs: [Location] [Age] [Gender]
- How exactly do people deal with unsolicited mass emailings (aka SPAM)? Turns out that the most popular response to being spammed is to simply delete the message, an action which 46.28% of the people apparently do. Surprisingly, one in five people claim that they have never received any mass emailings (these people probably do not post to usenet news, a popular feeding ground for spammers). A significant number of people reply back to the sender requesting to be removed from future mailings. Only 9.88% actually read the message, a number which may surprise those entities that send the messages. Close to 4% of the people claim to retaliate in one form or another (mail bombs, denial-of-service attacks, etc.).
- While there is less spamming in Europe (24.64% claim never to have been spammed), nearly twice as many Europeans retaliate when spammed (6.16%). Gender differences also exist, with over 30% of women claiming never to have been spammed compared to only 17% for men. This might be reflective of the bias towards male-focused products and services on the Web. As one might expect, the elder generation deletes more spam and retaliate less than the younger generation (49.83% 50+ delete vs 43.40% 19-25 and 1.49% 50+ retaliate vs 5.34% 19-25). This trend towards lack of acceptance of spamming among the younger generations does not paint a nice picture for the future of spammers.
Difference Page Request
[Graph]
- There is definitely a gap between what people think is logged versus that they think ought to be logged for each page requested on the WWW (see: What Information Ought To Be Collected Per Page Request for more information). The below graph illustrates where these differences occur and to what extent. There is rough agreement and knowledge that the requested page and time of the request are logged. However, when it comes to the ability to uniquely identify users across sessions (difference 36.93%) and the machine name issuing the request (difference 49.38%), users differ greatly with in what they'd want to be logged and what is common practice. The ability to record a user's email address (difference 37.37%) per page request also showed a great difference, but unlike the others, this is not possible in the straight-forward implementation of the HTTP 1.0 and 1.1 protocol. This reveals a common misconception amongst Web users, possibly attributed to earlier faulty security implementation by Netscape of Java and Javascript.
Opinions Of Anonymity
Graphs: [Location] [Age] [Gender]
- Privacy and anonymity go hand-in-hand, but exactly how does the Web community feel about the specific issues surround anonymity on the Internet? The below question asked people to rate their agreement/disagreement on a 5-point scale, with '1' representing strong disagreement, '5' representing strong agreement and '3' neutrality. Nearly everyone felt strongly that people ought to be able to have private communications over the Internet (4.70). People tend to seriously value the anonymous nature of the Internet (4.46). Most people prefer anonymous payment systems (3.93) and feel that the Internet needs new laws to protect privacy (3.79). While people tend to agree that they ought to be able to take on multiple roles/aliases on the Internet (3.67), the community seems to be all over the board on the use of key escrow systems (3.09), with nearly half stating agreement with a key escrow system and half expressing disagreement.
- There is considerable consensus across the strata on the issue of anonymity. Differences did occur between European and US users on the need for new laws to protect privacy (3.59 European vs 3.79 US). This is most likely the result of stronger privacy laws in Europe than the US. Females are more likely to prefer a key escrow systems (3.34) than men (2.89). The 19-25 yr old generation places more importance on anonymity overall and the ability to assume multiple aliases than the elder generation (3.87 19-25 vs 3.32 50+). The younger generation also felt more strongly that new laws are necessary to protect online privacy.
Opinions Of Direct Marketing
Graphs: [Location] [Age] [Gender]
- The revealing of demographic information and the subsequent use of the information for direct marketing is currently a hot issue on the Web and one that will remain so for a while it seems. There is very little deviation of response by people on the issue of who ought to have complete control over their demographic information -- most strongly agreed that they ought to control their demographic information (4.43). Less agreement was found for the statement that the collection of demographic information helps improve the marketing of sites (3.46). In order to gain an understanding of how the online medium differs from print, we asked users statements about each medium. While users tend not to like receiving mass postal mailings (aka junk-mail) (2.30), users were even more opposed to receiving mass emailings (1.69). Likewise, while users tend not agree that magazines have the right to resell collected demographic information (2.07), they disagree more so with respect to WWW sites reselling demographic information (1.76). This indicates a separate distinction between what's acceptable in each mediums by the users. The notion that people like to receive targeted marketing material, is not supported by the data, regardless of the medium. There is high agreement on these issues across strata.
Policies Towards Spamming
Graphs: [Location] [Age] [Gender]
- From this survey, people are very clear that they do not like to be receive mass emailings, i.e., be spammed, but what do they propose to do about it? The majority of people responded in favor of an opt-out system, where a registry would contain the addresses of people who do not wish to receive mass emailings. Note that is is similar to the system already in place in the US that exists to remove people from junk mailing lists. Over 16% responded in favor of imposing an 'impact' fee on the agencies sending the mail. Exactly what this impact fee would be or how it would be implemented was not specified in the question. Somewhat surprisingly, only 5.89% voted in favor of government regulation making spamming illegal. This suggests that the online community favors the co-existence of users and spammers, but with users having the final say. Women and the elder generation were more in favor of an opt-out registry than their counter-parts (59.38 female vs 47.38 male and 55.91 50+ vs 48.66 19-25).
Reasons For Not Registering
Graphs: [Location] [Age] [Gender]
- From this survey, it has been established that people falsify information of online registrations with some regularity and that online community very seriously values it's anonymity. This question attempt to understand why people resist online registration. The most widely cited reason for not registering is that the terms and conditions of how the collected information is going to be used is not clearly specified (70.15%). User also feel very strongly that revealing the requested information is not worth being able to access the site (69.95%). Thus, while the foremost problem of terms and conditions of user can be easily rectified, the latter problem of making the trade-off between demographic collected and accessing a site is not as straight forward (we address this issue of possible solutions in Terms and Conditions for Revealing Demographic Information). An equally difficult issue is building trust between entities. Over 62% report that they do not trust the collecting site. Efforts that attempt to help ensure the data privacy standards of sites, like E-Trust may be able to help alleviate this lack of trust.
- Turns out that the time it takes to complete the form is a factor (38.9%), but not as significant as the others. Much of the remaining difficulties reside in the type of information collected, with 45.33% not registering because of postal mail requirements, 30.74% because of name requirements, and 21.99% email requirements. Thus, proposals that call for business cards to be built into the browser and protocols which would enable them to be easily deposited at sites is not the cure-all for this problem but will help somewhat.
Terms And Conditions For Revealing Information
Graphs: [Location] [Age] [Gender]
- Seeing as people want control of their demographic information (see Opinions of Direct Marketing and have clearly specified reasons for not registering with sites (see Reasons For Not Registering, what do users propose as the terms for their revealing demographic information? As one would expect from these other questions, sites need to clearly specify how the information is going to be used (74.28%). Additionally, sites need to explicitly inform the users what information is going to be collected (56.86%). users would be more likely to reveal their information if it was only going to be used in aggregate form (55.53%), i.e., would not be able to uniquely identify an individual, only characteristics of the group. Incentives in the form of a value-added service (41.57%), access to the site (356.32%) and a discount at the site's store (25.87%) would help encourage user's to part with their demographic information as well. There is basic agreement on these issue across the strata, with an exception being that the elder generation prefers the data only to be used in aggregate form (63.61% 50+ vs 52.52% 19-25).
What Information Ought To Be Collected Per Page Request
Graphs: [Location] [Age] [Gender]
- If users where given their way, how would they implement the protocols with respect to what information is available to be logged per page requested over the WWW? Three out of four users agree that sites ought to be able to record the page that is requested (76.60%) and the time of the page request (74.42%). Under half (43.71%) feel that the browser that users are using ought to be loggable. The machine name/address (27.00%), the operating system the user operates (26.83%), the user's email address (21.03%), and the location of the user (19.70%) were all not high on people's list of this to record per page request. It is interesting to note that all of the above information except email and location can be reliably gathered for every page request by most users of the WWW. When asked about an identifier that would uniquely label users across sessions at a site, less than one out of every five (19.08%) thought that this should be possible. Yet, identifiers already exist and are widely supported by browsers, aka cookies. There is already evidence of controversy surrounding the use and lack of control over cookies by technically savvy portions of the user community and the advertising community that desires fine grain measurement of usage. Wonder how it will all pan out!