[论文解读] Decentralized is not risk-free: Understanding public perceptions of privacy-utility trade-offs in COVID-19 contact-tracing apps
本论文报道了一项聚焦美国的调查(N=208),显示具备公共地点热点共享的集中式接触追踪应用对用户更可接受,挑战了去中心化总是更具隐私保护的假设,并提供提升采用率的设计建议。
Contact-tracing apps have potential benefits in helping health authorities to act swiftly to halt the spread of COVID-19. However, their effectiveness is heavily dependent on their installation rate, which may be influenced by people's perceptions of the utility of these apps and any potential privacy risks due to the collection and releasing of sensitive user data (e.g., user identity and location). In this paper, we present a survey study that examined people's willingness to install six different contact-tracing apps after informing them of the risks and benefits of each design option (with a U.S.-only sample on Amazon Mechanical Turk, $N=208$). The six app designs covered two major design dimensions (centralized vs decentralized, basic contact tracing vs. also providing hotspot information), grounded in our analysis of existing contact-tracing app proposals. Contrary to assumptions of some prior work, we found that the majority of people in our sample preferred to install apps that use a centralized server for contact tracing, as they are more willing to allow a centralized authority to access the identity of app users rather than allowing tech-savvy users to infer the identity of diagnosed users. We also found that the majority of our sample preferred to install apps that share diagnosed users' recent locations in public places to show hotspots of infection. Our results suggest that apps using a centralized architecture with strong security protection to do basic contact tracing and providing users with other useful information such as hotspots of infection in public places may achieve a high adoption rate in the U.S.
研究动机与目标
- 理解公众对COVID-19接触追踪应用设计中隐私-效用权衡的感知。
- 比较集中式与去中心化架构以及不同的位置数据共享选项。
- 识别在管理隐私风险的同时最大化采用率的设计选项。
- 为向公众传达风险与收益提供指导。
提出的方法
- 基于两个设计维度(集中式 vs 去中心化;地点共享范围:所有地点、公共场所,或无共享)设计六种具有代表性的应用选项。
- 用易于理解的术语向参与者描述每个选项的效用与隐私风险。
- 通过亚马逊Mechanical Turk招募美国参与者(有效样本N=208),并设置质量控制。
- 使用混合方法调查,包括成对比较、对安装意愿的绝对评分,以及关于隐私和效用的Likert量表问题。
- 分析不同设计下的采用偏好,并考察人口统计与态度相关因素。
实验结果
研究问题
- RQ1哪些设计特征(集中式 vs 去中心化;位置共享范围)最影响愿意安装COVID-19接触追踪应用?
- RQ2感知到的隐私风险(如身份和位置信息共享)在不同设计中如何影响采用?
- RQ3偏好是否因州的政治倾向或人口统计因素而异?
主要发现
- 具有公共地点热点共享的集中式设计对安装偏好显示出显著的正向影响。
- 总体而言,参与者更倾向于采用集中式架构而非去中心化架构,并更偏好共享公共地点数据来为热点提供信息。
- 约25%的参与者对隐私有强烈担忧,可能性较低安装任何应用;这一部分人群倾向于偏好去中心化设计。
- 最受欢迎的设计(集中式且带公共地点热点)约有55%的参与者愿意安装。
- 在蓝州中,集中式设计对安装偏好的正向影响高于红州。
- 存在一部分用户无论隐私保护如何都不会安装,與先前关于非 adopter 的研究一致。
更好的研究,从现在开始
从论文设计到论文写作,大幅缩短您的研究时间。
无需绑定信用卡
本解读由 AI 生成,并经人工编辑审核。