How Safe Is Your Online Behavior?Carnegie Mellon researchers say the safety of your online behavior depends on where you're from.
PITTSBURGH – Selecting a password or deciding whether an email is a phishing email or not are among countless security decisions you make on a regular basis. Are you making the right decisions? Do you consider your online behavior safe? According to the latest research out of Carnegie Mellon University’s CyLab, it actually depends on where you’re from.
"By and large, users are working primarily with security tools that are designed by and for western users,” says Nicolas Christin, a professor in the departments of Engineering and Public Policy and the Institute for Software Research. “What we wanted to find out was: does that matter? How does your country of origin affect your online security behavior?"
The study was presented at last month’s ACM CHI 2017 conference in Denver, CO.
"We found that people from different countries exhibit significantly different security behaviors," Christin said. "For example, participants from some Asian countries – especially Japan – tend to exhibit less secure behavior."
The researchers are unsure why Japanese users are particularly more relaxed when it comes to security, but hypothesize that it may have to do with overall security in Japan.
"Japan has had for many, many years one of the lowest crime rates in the world," Christin says. "We speculate that this may cause them to be a lot less concerned in security than some of their counterparts like France or the USA."
Participants from the USA and France exhibited the highest security scores in the study.
These findings help pave the way towards designing more personalized security tools. Information about users’ location, for example, could help set more effective default system security settings. Christin offers an analogy.
"When you go to a doctor, they can give you pretty good advice on fighting a cold," Christin says. "… but their advice is a lot better if they know what kind of diet you follow or what kind of exercise you routinely do."
In the study, Christin and his team created an online survey to collect information about security behavior of participants in seven different countries: China, France, Japan, Korea, Russia, the United Arab Emirates (UAE), and the United States (US). These countries were chosen, the authors say because they represent five different geographical regions and consist of nearly one-third of the total world population.
After overcoming various challenges in translating the survey into six other languages (e.g. the use of double-negatives does not translate well into Japanese), the survey was sent to and taken by 3,500 participants – 500 from each of the seven countries under focus.
Other authors on the study included Electrical and Computer Engineering Ph.D. student Mahmood Sharif and KDDI Research, Inc. researchers Yukiko Sawaya, Ayumu Kubota, Akihiro Nakari and Akira Yamada.