Usable Security and Privacy

The Usable Security and Privacy Group examines how human factors impact privacy and security. Many of the privacy and security problems that plague today's online world are the result of a failure of system designers to consider their intended users. We perform basic research on human behavior to understand how people make decisions about their privacy and security, how they interact with privacy and security mechanisms, and ultimately how to design computer systems that result in improved privacy and security outcomes.

By its nature, the research that we perform is highly interdisciplinary. We apply techniques from human-computer interaction (HCI) to solve computer security and online privacy problems. Some of this work involves qualitative research methods, such as interviews and ethnography, to understand the breadth of problems. Other research involves quantitative methods, such as large-scale surveys, measurement studies, and controlled laboratory experiments. We maintain many robust collaborations with both social scientists (e.g., psychologists and behavioral economists) and computer scientists (e.g., systems designers and cryptographers).

Our research has examined:

  • Consumer perceptions of online privacy
  • Consumers' willingness to pay for privacy
  • Educating consumers about online privacy issues
  • Usability of privacy tools
  • Usability of web browser security warnings
  • Usability of online security indicators
  • Regulating how smartphone applications access sensitive data
  • Privacy and security surrounding wearable and IoT devices
  • Tailoring security messaging to individual users
  • Improving the adoption of security technologies

The Usable Security and Privacy Group is led by Dr. Serge Egelman, who also holds a joint appointment in the UC Berkeley Electrical Engineering and Computer Sciences Department. He also directs the Berkeley Laboratory for Usable and Experimental Security.

Group Members