…continued from Session 1 – Deception.
Michelle Baddeley (Cambridge) asked “Why aren’t people trying to protect their privacy & security?” She described security as a public good, making me instantly connect computer users’ nonchalantness towards harming others with their actions (network externalities of unsafe behaviour in a networked world) with the Tragedy of the Commons.
Michelle mentioned further concepts that affect how people make security decisions:
- Quasi-rational economics
- Present bias (manifested by procrastination – e.g. we’re happy to pay yearly gym memberships, when we realistically scarcely visit the gym)
- Our trait of being disproportionately impatient
- The need for a “strategy-proof design”.
Terence Taylor talked about Natural Security, a concept captured in the book he co-edited titled “Natural Security –
A Darwinian Approach to a Dangerous World”. He talked about the National Centre for Ecological Analysis and Synthesis (NCEAS) and the Darwinian Security Working Group.
Rick Wash (Michigan State) took the stage and wondered about people’s motivation. Why do people do what they do? He conducted interviews with home PC users and asked them about the security-related problems. Turns out that most answers can be categorised in one of the following two buckets:
- “Viruses”, which includes all bad software
- “Hackers” which includes all bad people
Refer to “Folk Models of Home Computer Security” for the details.
Wolfram Schultz (Cambridge) demonstrated graphical images of the brain as decisions were being made. He pointed out that humans have a subjective probability perception. Also, we take a different risk attitude depending on the stakes involved.
Mark Levine (Lancaster) eloquently explained that aggression is difficult to turn to violence. He quoted Dave Grossman’s “On Killing” where the argument is made that most people studying violence are like “A world of virgins studying sex” – the assumption apparently being that modern societies do not expose their members to real violence, hence making it very difficult to understand true violence.
Mark demonstrated research on bystander behaviour and noted that an increase in group size usually leads to the de-escalation of aggression. This appears to happen because third parties bring “natural conflict resolution”. He made the counter-intuitive (but compelling) argument that groups bring peace. Hence, groups are not necessarily detrimental to the security of individuals.
At that point I scribbled in my notepad Note: Sensationalism leads perception of risk/threat and Risk can be used to manipulate population – which is a bit like stating the obvious. The establishment uses media to threaten people into submission.
The paper “The Social Amplification of Risk – A Framework” was mentioned at this point, which begins with:
One of the most perplexing problems in risk analysis is why some relatively minor risks or
risk events, as assessed by technical experts, often elicit strong public concerns and result in
substantial impacts upon society and economy.
Session 3 of the workshop to follow…