Privacy and Power Implications of Web Location of Personal Data Authenticators

摘要

Knowledge of personal data enjoys a long history of use in authentication. Given expanding personal data availability, authentication systems are at risk from sharing data online. This study explores the discoverability of the data - specifically, whether individuals tasked with finding the data were able to accurately identify it using public online sources. The location of successfully located data reveals patterns of data availability and demonstrates vulnerabilities of personal data, which inform current and future models of authentication from a human computer interaction (HCI) perspective. Data location suggests the control users exert of their personal data availability in the United States. The impact of personal control is vital to understanding privacy behaviors, human computer interaction around privacy and authentication, building usable authenticators, and providing meaningful advances in security and privacy.