Cardiff University | Prifysgol Caerdydd ORCA
Online Research @ Cardiff 
WelshClear Cookie - decide language by browser settings

Reducing risk to security and privacy in the selection of trigger-action rules: Implicit vs. explicit priming for domestic smart devices

Morgan, Phillip L. ORCID: https://orcid.org/0000-0002-5672-0758, Collins, Emily I.M. ORCID: https://orcid.org/0000-0001-9607-3113, Spiliotopoulos, Tasos, Greeno, David ORCID: https://orcid.org/0000-0002-3544-7844 and Jones, Dylan M. ORCID: https://orcid.org/0000-0001-8783-5542 2022. Reducing risk to security and privacy in the selection of trigger-action rules: Implicit vs. explicit priming for domestic smart devices. International Journal of Human-Computer Studies 168 , 102902. 10.1016/j.ijhcs.2022.102902

[thumbnail of Morgan. Reducing risk to security and privacy.pdf]
Preview
 PDF - Published Version
Available under License Creative Commons Attribution.
Download (1MB) | Preview

Abstract

Smart home device usage is increasing, as is the diversity of users and range of devices. Additionally, it is becoming increasingly common to interconnect devices (e.g., via trigger-action rules) which, while bringing benefits, can bring unforeseen security and privacy risks. Developing strategies to protect users as well as understanding what biographical or attitudinal characteristics contribute to these risks is a critical step for ensuring empowered, but safe, interconnected smart device usage. Using narrative descriptions of domestic smart devices, two experiments explored how the prevailing security/privacy contexts—priming conditions—in which 20 trigger-action rules (developed via a Delphi Study) were presented influenced the adoption of rules favoring either security or privacy. Both experiments contrasted three priming conditions: no prime, security prime, privacy prime. Experiment 1 (n = 254) used explicit priming, giving direct instruction to maximize a security or privacy outcome while Experiment 2 (n = 325) used implicit priming, with an apparently unrelated security or privacy problem-solving puzzle. Across both experiments, priming promoted safer rule adoption, markedly so when explicit. Explicit priming produced an asymmetry however: privacy priming improved privacy scores with security scores unchanged and security primes improved security scores while worsening privacy scores. Across experiments, two dimensions of user attitudes shaped riskier rule choice: perceived benefits of technology and pre-existing trusting beliefs in online companies. Our novel findings reveal that implicit and explicit priming shape safe use of trigger-action rules in domestic settings and that age, perceived trust and perceived benefits should be considered when designing safety messaging.

Item Type: Article
Date Type: Publication
Status: Published
Schools: Psychology
Additional Information: This is an open access article under the CC BY license (http://creativecommons.org/licenses/by/4.0/)
Publisher: Elsevier
ISSN: 1071-5819
Funders: ESRC
Date of First Compliant Deposit: 23 August 2022
Date of Acceptance: 30 July 2022
Last Modified: 05 Jan 2024 03:21
URI: https://orca.cardiff.ac.uk/id/eprint/152111

Actions (repository staff only)

Edit Item Edit Item
Altmetric
Dimensions
Download Statistics

Downloads

Downloads per month over past year

View more statistics

CORE (COnnecting REpositories)


Maintained by Cardiff University Information Services