X hits on this document





44 / 100

trust-building protocol in the real world, it is necessary to create “new traditions” and methods for computer-mediated communication. Management science has also explored the differences of meetings that are face-to-face versus using some form of telepresence, such as a phone or videoconference [41, 294]. These studies have generally concluded that for initial or intensive exchanges, in-person meetings are more effective at generating trust.

An interesting example of how social context affects the operation of IT can be seen with an experimental “office memory” project at an Electricité de France research lab [189]. The employees developed and used an audio-video recording system that continuously archived everything that was said and done in the lab. Access to the recordings was unrestricted to all researchers of the lab. The application was used sparingly and generally perceived as useful. An interesting privacy control was that every access to the recordings would be tracked, similar to the optimistic security protocol [241], and that each individual would be informed of the identity of the person looking up the recordings of her workstation. This feature reduced misuse by leveraging existing privacy practices.

Leveraging the social context of the office memory application was essential for its acceptance. Acceptance would likely have been very different if the technology had been introduced from the outside or to people who did not trust its management and operation. In fact, Want et al. reported resistance in the deployment of the Active Badge system roughly fifteen years earlier at Olivetti Research Labs [296].

It is also worth noting that many criticisms of the original work on ubiquitous computing at PARC came from researchers in a different lab than the one actually developing the systems [140]. Two explanations are possible. First, in some regards, the lab developing the ubiquitous computing systems was engaging in a form of participatory design with their own lab members, increasing adoption and overall acceptance. Second, some members of the other lab felt that the system was being imposed on them.

Persuasiveness is an important factor influencing user perceptions about a technology’s trustworthiness [110]. Given the power of perceptions in influencing decisions on privacy preferences, it should not be surprising that relatively weak items, such as the mere presence of a privacy policy or having a well-designed web site, can increase the confidence of users with respect to privacy. Privacy certification programs can increase user trust. There are various types of certification programs for privacy, targeting organizations as well as products (e.g., TRUSTe and BBBOnline). A good summary of these programs is provided by Anton and Earp [27].

Rannenberg proposed more stringent certification [248].8 The idea behind these efforts is that IT systems could be evaluated by independent underwriters and granted a “certificate,” which would promote the products in the marketplace and increase user confidence. This certification focuses on IT products. However, the management of IT is much more to blame for privacy infringements rather than the actual technical properties of the technology [155]. Iachello claims that sound personal information management practices should be included in security management standards such as IS17799 [161].

8 See also the Privacy Enhancing Technology Testing & Evaluation Project. http://www.ipc.on.ca/scripts/index_.asp?action=31&P_ID=15495 (Last visited 7/4/2006).

end-user-privacy-in-human-computer-interaction-v57.docPage 44 of 85

Document info
Document views308
Page views308
Page last viewedThu Jan 19 00:18:46 UTC 2017