To find out why people adopt and then sometimes abandon online safety measures, researchers from the School of Information surveyed more than 900 people about their use of 30 commonly recommended practices to guard against security, privacy, and identity theft risks. The team found that security practices like avoiding clicking on unknown links or emails were much more adopted than privacy or ID theft practices.
The potential reason behind this might be that the damage from security risks is much more tangible, the researchers said. When it comes to privacy and the information companies collect about people, the harms are more difficult to visualize.
“The argument we want to make is that all of those practices are actually interconnected; for experts, their job is to make wise recommendations about optimization and prioritization so that people don’t end up having to adopt 300 different practices,” said lead author Yixin Zou, a doctoral candidate at the School of Information.