Emilee Rader

"I didn't know I was that much of a bad boy": Surprise about Driving Data

2025-08-11T00:00:00+00:00

Driving a car is an important part of daily life for most people in the United States. However, people have a limited understanding of the privacy risks associated with data collected in an automotive context. The goal of this research was to investigate people’s awareness and perceptions of data collected about them by their cars, to better understand how their existing knowledge might affect how they think about driving data privacy. This poster presents preliminary findings from interviews focusing on participants’ reactions to data collected about their driving over a 12 week period. Participants were surprised by their driving data when it did not match what they remembered about their driving, and when it revealed broader patterns about their lives beyond their cars. Surprise signals an expectation violation due to unexpected data practices, which indicates data collection and use that participants did not anticipate. People cannot make informed privacy decisions about data and inferences they are not aware of, and so identifying when and why surprise occurs can help privacy designers create interventions targeted towards gaps in user knowledge.

"I didn't know I was that much of a bad boy": Surprise about Driving Data was originally published by Emilee Rader at Emilee Rader on August 11, 2025.

The future of personal information management in the age of ubiquitous personal data

2025-03-27T00:00:00+00:00

Personal Information Management (PIM) is integral to our daily lives, encompassing the collection, retrieval, consumption, and management of personal data such as e-mails, messages, files, photos, music, social media and web information. PIM is enacted for work, study, and entertainment purposes. While some PIM technologies like files and folders have been around for decades, others like cloud storage, music recommendations, and photo search are more recent. These technological shifts bring new challenges to PIM, which this special issue aims to address. The proliferation of mobile phones and social media has increased the taking and sharing of photos, while AI technologies are transforming our music and video consumption habits. Additionally, regulations like General Data Protection Regulation (GDPR) impose legal requirements on technology providers, while users are becoming increasingly concerned about the privacy of their personal information. This special issue seeks both to enhance our understanding of PIM behaviors with mature technologies and also to identify emerging research topics related to new technologies and regulations.

The future of personal information management in the age of ubiquitous personal data was originally published by Emilee Rader at Emilee Rader on March 27, 2025.

Speculating About Multi-user Conversational Interfaces and LLMs: What If Chating Wasn’t So Lonely?

2024-07-01T00:00:00+00:00

The advent of LLMs means that CUIs are cool again, but what isn’t so cool is that we’re doomed to use them alone. The one user, one account, one device paradigm has dominated the design of CUIs and is not going away as new conversational technologies emerge. In this provocation we explore some of the technical, legal, and design difficulties that seem to make multi-user CUIs so difficult to implement. Drawing inspiration from the ways that people manage messy group discussions, such as parliamentary and consensus-based paradigms, we show how LLM-based CUIs might be well suited to bridging the gap. With any luck, this might even result in everyone having to sit through fewer poorly run meetings and agonising group discussions—truly a laudable goal!

Speculating About Multi-user Conversational Interfaces and LLMs: What If Chating Wasn’t So Lonely? was originally published by Emilee Rader at Emilee Rader on July 01, 2024.

Data Privacy and Pluralistic Ignorance

2023-06-28T00:00:00+00:00

This paper presents the results of an online survey experiment with 746 participants that investigated whether social norms influence people’s choices about using technologies that can infer information they might not want to disclose. The results show both correlational and causal evidence that empirical expectations (beliefs about what others do) and normative expectations (beliefs about what others believe) influence choices to use mobile devices in ways that generate data that could be used to make sensitive inferences. However, participants also reported concern about data privacy, and lower behavioral intentions for vignettes involving more invasive inferences. Pluralistic ignorance is a phenomenon where indi- viduals behave in ways they privately disagree with, because they see others around them behaving the same way and assume this is evidence most people approve of the behavior. These results are consistent with the existence of pluralistic ignorance related to data privacy, and suggest that interventions focused on transparency about data practices are not enough to encourage people to make different privacy choices.

Data Privacy and Pluralistic Ignorance was originally published by Emilee Rader at Emilee Rader on June 28, 2023.

Normative and Non-Social Beliefs about Sensor Data: Implications for Collective Privacy Management

2022-06-28T00:00:00+00:00

Sensors embedded in wearable and smart home devices collect data that can be used to infer sensitive, private details about people’s lives. Privacy norms have been proposed as a foundation upon which people might coordinate to set and enforce preferences for acceptable or unacceptable data practices. Through a qualitative study, this research explored whether normative beliefs influenced participants’ reactions to plausible but unexpected inferences that could be made from sensor data collected by everyday wearable and smart home devices. Some reactions were grounded in normative beliefs involving existing disclosure taboos, while others stigmatized the choice to limit one’s use of technologies to preserve one’s privacy. The visible nature of others’ technology use contradicts individual concern about sensor data privacy, which may lead to an incorrect assumption that privacy is not important to other people. Findings suggest that this is a barrier to collective privacy management, and that awareness interventions focused on information about the beliefs of other users may be helpful for collective action related to data privacy.

Normative and Non-Social Beliefs about Sensor Data: Implications for Collective Privacy Management was originally published by Emilee Rader at Emilee Rader on June 28, 2022.

You have to be hyperaware: PhD students' management of boundary turbulence when posting research-related information on social media

2022-06-28T00:00:00+00:00

What informs the disclosure decisions made by early-career scientists when they share their research on social network sites, such as social media? We conducted 14 interviews to investigate how science PhD students in the United States and the Philippines perceive and manage boundary turbulence when they share research-related information online. Through a qualitative analysis that applied Petronio’s theory of Communication Privacy Management (CPM) we identify major themes from our interviews. These themes include participants’ perceptions of the risks, benefits, and ways of minmizing risks when sharing research-related information on social media. We discuss the implications of these findings for our interviewee population, and connect it to broader implications for stakeholders in science communication and CPM.

You have to be hyperaware: PhD students' management of boundary turbulence when posting research-related information on social media was originally published by Emilee Rader at Emilee Rader on June 28, 2022.

Replication: Stories as Informal Lessons about Security

2022-06-27T00:00:00+00:00

Anecdotal stories about security threats told to non-experts by friends, peers, or the media have been shown to be important in forming mental models and secure behaviors. In 2012, Rader et al. conducted a survey (n=301) of security stories with a student sample to determine factors that influence security perceptions and behavior. We replicated this survey with a more diverse sample (n=299), including different age groups and educational backgrounds. We were able to confirm many of the original findings, providing further evidence that certain characteristics of stories increase the likelihood of learning and retelling. Moreover, we contribute new insights into how people learn from stories, such as that younger and higher educated people are less likely to change their thinking or be emotionally influenced by stories. We (re)discovered all of the threat themes found by Rader et al., suggesting that these threats have not been eliminated in the last decade, and found new ones such as ransomware and data breaches. Our findings help to improve the design of security advise and education for non-experts.

Replication: Stories as Informal Lessons about Security was originally published by Emilee Rader at Emilee Rader on June 27, 2022.

"Assertive driver, I can imagine that": Interpretations of Inferences from Driving Data

2021-06-28T00:00:00+00:00

Privacy in sensor-based systems must be studied in the context of lived experiences to understand how behavior may differ from stated preferences. In this study, we showed participants inferences about their driving style that we generated from data about their actual driving behavior, and qualitatively analyzed their reactions. Preliminary findings suggest most participants rationalized the inferences by making them fit within their positive image of their own driving. This suggests that people may find it difficult to conceptualize uses of inferences that run counter to their self-interest, making it hard to make informed privacy choices. We argue that the process for seeking consent for the collection of sensor data should communicate not only how inferences were generated and what they are, but also specifically how they are to be used.

"Assertive driver, I can imagine that": Interpretations of Inferences from Driving Data was originally published by Emilee Rader at Emilee Rader on June 28, 2021.

Prioritizing security over usability: Strategies for how people choose passwords

2021-06-28T00:00:00+00:00

Prioritizing security over usability: Strategies for how people choose passwords was originally published by Emilee Rader at Emilee Rader on June 28, 2021.

Knowledge and Capabilities that Non-Expert Users Bring to Phishing Detection

2021-05-26T00:00:00+00:00

Phishing emails are scam communications that pretend to be something they are not in order to get people to take actions they otherwise would not. We surveyed a demographically matched sample of 297 people from across the United States and asked them to share their descriptions of a specific experience with a phishing email. Analyzing these experiences, we found that email users’ experiences detecting phishing messages have many properties in common with how IT experts identify phishing. We also found that email users bring unique knowledge and valuable capabilities to this identification process that neither technical controls nor IT experts have. We suggest that targeting training toward how to use this uniqueness is likely to improve phishing prevention.

Knowledge and Capabilities that Non-Expert Users Bring to Phishing Detection was originally published by Emilee Rader at Emilee Rader on May 26, 2021.

Prioritizing Security over Usability: Strategies for How People Choose Passwords

2021-04-28T00:00:00+00:00

Passwords are one of the most common security technologies that people use ev- eryday. Choosing a new password is a security decision that can have important consequences for end users. Passwords can be long and complex, which prioritizes the security-focused aspects of a password. They can also be simple — easy to create, remember and use — which prioritizes the usability aspects of the password. The trade-off between password security versus usability represents competing constraints that shape password creation and use. We examined an ecologically valid dataset of 853 passwords entered a total of 2533 times by 134 users into 1010 websites, to test hypotheses about the impact of these constraints. We found evidence that choices about password complexity reflect an emphasis on security needs, but little support for the hypothesis that users take day-to-day ease of use of the password into account when creating it. There was also little evidence that password creation policies drive password choices.

Prioritizing Security over Usability: Strategies for How People Choose Passwords was originally published by Emilee Rader at Emilee Rader on April 28, 2021.

Towards a Conceptual Model for Provoking Privacy Speculation

2020-08-10T00:00:00+00:00

The proliferation of ubiquitous computing introduces several challenges to user privacy. Data from multiple sensors and users is aggregated at various scales to produce new, fine- grained inferences about people. Users of these systems are asked to consent to sharing their data without full knowledge of what data are recorded, how the data are and might be used, who has access to the data, and most importantly risks associated with sharing. Recent work has shown that provok- ing privacy speculation among system users, by visualizing these various aspects, improves user knowledge and enables them to make informed decisions about their data. This paper presents a conceptual model of how researchers can make inferences that provoke privacy speculation among system users and a case study applying the model.

Towards a Conceptual Model for Provoking Privacy Speculation was originally published by Emilee Rader at Emilee Rader on August 10, 2020.

I Have a Narrow Thought Process: Constraints on Explanations Connecting Inferences and Self-Perceptions

2020-05-22T00:00:00+00:00

Most people are unfamiliar with the kinds of inferences that platforms like Facebook and Google can automatically associate with them, despite the existence of interfaces designed to provide transparency to end users. We conducted a study to investigate people’s reactions upon being exposed to these inferences, to learn if and how they perceived the inferences to be connected to themselves. Through qualitative analysis, we found that the evidence participants used to relate the inferences with their self-perceptions was bounded by what they remembered about their own past behaviors in connection with the platform. Inferences that participants felt were implausible given their own behavior were rationalized as being related to family members, outdated, or could fit anyone with similar demographic characteristics. Participants also identified some inferences they believed had no connection with themselves whatsoever. We discuss implications for how participants’ reasoning might lead to expectations about what kinds of inferences are possible, and what this means for people’s ability to make informed privacy decisions regarding consent and disclosure.

I Have a Narrow Thought Process: Constraints on Explanations Connecting Inferences and Self-Perceptions was originally published by Emilee Rader at Emilee Rader on May 22, 2020.

It's the Wild, Wild West: Lessons Learned From IRB Members' Risk Perceptions Toward Digital Research Data

2020-04-08T00:00:00+00:00

Digital technology that is prevalent in people’s everyday lives, including smart home devices, mobile apps and social media, increasingly lack regulations for how the user data can be collected, used or disseminated. The CSCW and the larger computing community continue to evaluate and understand the potential negative impacts of research involving digital technologies. As more research involves digital data, Institutional Review Boards (IRBs) take on the difficult task of evaluating and determining risks—likelihood of potential harms— from digital research. Learning more about IRBs’ role in concretizing harm and its likelihood will help us critically examine the current approach to regulating digital research, and has implications for how researchers can reflect on their own data practices. We interviewed 22 U.S.-based IRB members and found that, for the interviewees, “being digital” added a risk. Being digital meant increasing possibilities of confidentiality breach, unintended collection of sensitive information, and unauthorized data reuse. Concurrently, interviewees found it difficult to pinpoint the direct harms that come out of those risks. The ambiguous, messy, and situated contexts of digital research data did not fit neatly into current human subjects research protection protocols. We discuss potential solutions for understanding risks and harms of digital technology and implications for the responsibilities of the CSCW and the larger computing community in conducting digital research.

It's the Wild, Wild West: Lessons Learned From IRB Members' Risk Perceptions Toward Digital Research Data was originally published by Emilee Rader at Emilee Rader on April 08, 2020.

The Role of Conversational Grounding in Supporting Symbiosis Between People and Digital Assistants

2020-04-08T00:00:00+00:00

In “smart speaker” digital assistant systems such as Google Home, there is no visual user interface, so people must learn about the system’s capabilities and limitations by experimenting with different questions and commands. However, many new users give up quickly and limit their use to a few simple tasks. This is a problem for both the user and the system. Users who stop trying out new things cannot learn about new features and functionality, and the system receives less data upon which to base future improvements. Symbiosis—a mutually beneficial relationship—between AI systems like digital assistants and people is an important aspect of developing systems that are partners to humans and not just tools. In order to better understand requirements for symbiosis, we investigated the relationship between the types of digital assistant responses and users’ subsequent questions, focusing on identifying interactions that were discouraging to users when speaking with a digital assistant. We conducted a user study with 20 participants who completed a series of information seeking tasks using the Google Home, and analyzed transcripts using a method based on applied conversation analysis. We found that the most common response from the Google Home, a version of “Sorry, I’m not sure how to help”, provided no feedback for participants to build on when forming their next question. However, responses that provided somewhat strange but tangentially related answers were actually more helpful for conversational grounding, which extended the interaction. We discuss the connection between grounding and symbiosis, and present recommendations for requirements for forming partnerships with digital assistants.

The Role of Conversational Grounding in Supporting Symbiosis Between People and Digital Assistants was originally published by Emilee Rader at Emilee Rader on April 08, 2020.

That's Not Me: Surprising Algorithmic Inferences

2020-02-15T00:00:00+00:00

Online platforms such as Google and Facebook make inferences about users based on data from their online and offline behavior that can be used for various purposes. Though some of these inferences are available for users to view, there exists a gap between what platforms are actually able to infer from collected data and what inferences users are expecting or believe to be possible. Studying users’ reactions to inferences made about them, espe- cially what surprises them, allows us to better understand this gap. We interviewed users of Google and Facebook to learn their current beliefs and expectations about how these platforms use their data to make inferences, and identified four common sources of surprise for participants: irrelevant inferences, outdated inferences, inferences with no connection to online activity, and inferences related to friends or family. We discuss the implications for designing inference-generating systems.

That's Not Me: Surprising Algorithmic Inferences was originally published by Emilee Rader at Emilee Rader on February 15, 2020.

Towards a Conceptual Model for Provoking Privacy Speculation

2020-02-15T00:00:00+00:00

The proliferation of ubiquitous computing introduces several challenges to user privacy. Data from multiple sensors and users is aggregated at various scales to produce new, fine-grained inferences about people. Users of these systems are asked to consent to sharing their data without full knowledge of what data are recorded, how the data are used, who has access to the data, and most importantly risks associated with sharing. Recent work has shown that provoking privacy speculation among system users, by visualizing these various aspects, improves user knowledge and enables them to make informed decisions about their data. This paper presents a conceptual model of how researchers can make inferences that provoke privacy speculation among system users and a case study applying the model.

Towards a Conceptual Model for Provoking Privacy Speculation was originally published by Emilee Rader at Emilee Rader on February 15, 2020.

Why Johnny Can't Unsubscribe: Barriers to Stopping Unwanted Email

2020-01-18T00:00:00+00:00

A large proportion of email messages in an average Internet user’s inbox are unwanted commercial messages from mailing lists, bots, and so on. Although such messages often include instructions to unsubscribe, people still struggle with stopping unwanted email. We investigated the user experience of un- subscribing from unwanted email messages by recruiting 18 individuals for via a lab study followed by semi-structured interviews. Based on unsubscribing practices of the study participants, we synthesized eight common unsubscription mechanisms and identified the corresponding user experience challenges. We further uncovered alternative practices aimed at circumventing the need to unsubscribe. Our findings reveal frustration with the prevailing options for limiting access to the self by managing email boundaries. We apply our insight to offer design suggestions that could help commercial providers improve the user experience of unsubscribing and provide users more control over the email they receive.

Why Johnny Can't Unsubscribe: Barriers to Stopping Unwanted Email was originally published by Emilee Rader at Emilee Rader on January 18, 2020.

Wait, Do I Know This Person? Understanding Misdirected Email

2019-01-08T00:00:00+00:00

Email is an essential tool for communication and social interaction. It also functions as a broadcast medium connecting businesses with their customers, as an authentication mechanism, and as a vector for scams and security threats. These uses are enabled by the fact that the only barrier to reaching someone by email is knowing his or her email address. This feature has given rise to the spam email industry but also has another side-effect that is becoming increasingly common: misdirected email, or legitimate emails that are intended for somebody else but are sent to the wrong recipient. In this paper we present findings from an interview study and survey focusing on characteristics of misdirected email messages, possible reasons why they happen, and how people manage these messages when they receive them. Misdirected email arises as a result of signifiers (usernames) which were selected by people for social and self-representation purposes, that are also used by machines for addressing. Because there is no mechanism for dealing with misdirected emails in a systematic way, individual recipients must choose whether to take action and how much effort to put forth to prevent potential negative consequences for themselves and others.

Wait, Do I Know This Person? Understanding Misdirected Email was originally published by Emilee Rader at Emilee Rader on January 08, 2019.

Ontogeny of alkaline phosphatase activity in infant intestines and breast milk

2018-12-20T00:00:00+00:00

Background: Necrotizing enterocolitis (NEC) is a devastating disease of intestinal inflammation that primarily affects premature infants. A potential risk factor for necrotizing enterocolitis is exposure of the premature neonatal intestine to environmental bacteria and their proinflammatory products such as lipopolysaccharide. The metalloenzyme alkaline phosphatase (ALP) has been shown to reduce lipopolysaccharide-mediated inflammation. Additionally, premature rat pups have reduced alkaline phosphatase activity and expression as compared to full term pups. To explore the possibility that the human premature neonatal intestine has a paucity of alkaline phosphatase activity, we measured endogenously produced intestinal alkaline phosphatase activity in meconium as a function of gestational age. To test whether breast milk could serve as a source of exogenous alkaline phosphatase to the neonatal intestine through ingestion, we measured alkaline phosphatase activity in breast milk across a range of time points post-birth.

Methods: Alkaline phosphatase activity was quantified in 122 meconium samples from infants of gestational ages ranging from 24 to 40 weeks and in 289 breast milk samples collected from 78 individual mothers between days 2–49 post-birth.

Results: We observed a strong positive correlation between the meconium alkaline phosphatase activity and gestational age, with preterm infants having lower meconium alkaline phosphatase activities than early term or term infants. Breast milk alkaline phosphatase activity was highest in the first week post-birth, with peak alkaline phosphatase activity at day 2 post-birth, followed by relatively low alkaline phosphatase activity in weeks 2–7.

Conclusions: Our results are consistent with the two major risk factors for necrotizing enterocolitis development, preterm birth and lack of breast milk feeding, both contributing to a paucity of alkaline phosphatase activity and impaired capacity to detoxify proinflammatory bacterial products such as lipopolysaccharide.

Keywords: Necrotizing enterocolitis (NEC), Meconium, LPS detoxification, Gestational age

Ontogeny of alkaline phosphatase activity in infant intestines and breast milk was originally published by Emilee Rader at Emilee Rader on December 20, 2018.