Socio-technical systems, or online communities, often depend on the participation and contributions of large sets of users.  This study examines the case of Everything2.com users from the theoretical perspectives of Uses and Gratifications and organizational commitment to create models of why both anonymous and registered users of the site participate.  We find evidence that users may continue to participate in a site for different reasons than those that led them to the site.  Feelings of belonging to a site are important for both anonymous and registered users across different types of uses.  Social and cognitive factors seem to be more important than issues of usability in predicting contribution to the site.

Cliff Lampe, Rick Wash, Alcides Velasquez, and Elif Ozkaya. “Motivations to Participate in Online Communities.” ACM Conference on Human Factors in Computing (CHI) (2010).

Download: PDF

First, more information is needed about the knowledge and skills that home computer users currently possess. I conducted an interview study of home computer users and identified eight distinct mental models of security threats; four are models of “viruses,” and four are models of “hackers.”  The respondents in this study use the models to decide which security precautions should be used and which can be ignored.

Second, to share information, users need an incentive to exert the time and effort required for sharing. I describe two mechanisms that can be used in social computing systems to encourage contribution.   I illustrate the first mechanism, the side effect mechanism, by describing how it is used in a popular social bookmarking website.  I also illustrate a design feature that is important when applying this mechanism: incentive alignment. The second mechanism that I describe is technically simple: set a minimum threshold and exclude users who don’t contribute enough.  I develop a theory of how users are likely to respond to such a mechanism and use that theory to characterize when such a mechanism should be used.

Finally, I bring all of these findings together to suggest some preliminary design features for a socio-technical security system to help home computer users.  While there are many unanswered questions, these design features can serve as a starting point for future work in the area.

Download: PDF

Rick Wash.  ”Folk Models of Home Computer Security.” Symposium on Usable Privacy and Security (SOUPS) 2010.

Download: PDF

Hackers have learned to leverage the enormous number of poorly protected home computers by turning them into a large distributed system (known as a botnet), making home computers an important frontier for security research. They present special problems: owners are unsophisticated, and usage profiles are varied making onesize-fits-all firewall policies ineffective. We propose a social firewall that collects security decisions and both user and usage characteristics, and provides users with personalized information to assist with allow/deny recommendations. To succeed, a social firewall must deal with at least three user behavior issues: why contribute private information? why make effort to provide quality information? and, how to prevent manipulation by adversaries? We sketch an incentive-centered design approach to each problem. We provide an economic model and some analytic results for a solution to the fundamental problem: why contribute? We show that an excludable public goods mechanism can achieve a better outcome than a system without social motivators.

Rick Wash and Jeff MacKie-Mason. “A Social Mechanism for Home Computer Security,” Presented at the Workshop on Information Systems and Economics (WISE), December 2008.

Download: PDF

Collaborative tagging systems have the potential to produce socially constructed information organization schemes. The effectiveness of tags for finding and re-finding information depends upon how individual users choose tags; however, influences on users’ tag choices are poorly understood. We quantitatively test competing hypotheses from the literature concerning these choices, using data from del.icio.us (a collaborative tagging system for organizing web bookmarks) and a computer model of possible tag choice strategies. We find evidence that users choose tags in a pattern consistent with personal information management goals, rather than as a result of social influence.

Emilee Rader and Rick Wash. “Influences on Tag Choices in del.icio.us,” Proceedings of Computer Supported Cooperative Work (CSCW), November 2008

Download: PDF (Appendix)

Users of home computer systems are becoming increasingly aware of the need for computer and information security systems. The market for security software for home users is growing rapidly, and includes anti-virus software, anti-spyware software, personal rewall software, personal intrusion detection / prevention systems, computer login / password / fingerprint systems, and intrusion recovery software. This software often requires security-relevant decisions be made by the home users, though most home users have little of the technical training and knowledge needed to make those decisions.

Though home computer users have little technical training, they do have some idea of the security threats they face and the potential countermeasures; indeed, the market for home security software is quite active. I conducted a series of 23 semi-interviews to better understand how home computer users think about security threats and security software. While home computer users did not have the complex, sophisticated mental models of computer security experts, they did have a couple of simple models that helped them make security-related decisions. These models led to a number of good security choices, but also led to a number of vulnerabilities that have been exploited by modern botnets. By understanding these mental models, home computer security technologies can be designed to address the vulnerabilities left by these models, and to take advantage of the knowledge that home users actually do possess.

Rick Wash. “Mental Models of Home Computer Security,” Extended Abstract at SOUPS (Symposium on Usable Privacy and Security) 2008 Poster Session. May 2008.

Download: PDF

Understanding how users choose tags can help researchers better understand how tagging systems can be used and how to design better tagging systems for the future. We developed a simulation of del.icio.us, a popular social bookmarking tool, that allowed us to simulate users choosing tags using one of four possible strategies for tag choice found in the literature. We then compared the resulting tag choices with empirical data retrieved from del.icio.us to determine which tag choice strategies would result in choices most similar to those seen in the real world. We were able to rule out three of the strategies as unlikely to be the primary means by which tags are chosen on del.icio.us.

Rick Wash and Emilee Rader, “Understanding del.icio.us Tag Choice Using Simulations,” Presented at iConference 2008, Paper Track. February 2008

Download: PDF

If communication involves some transactions cost to both sender and recipient, what policy ensures that correct messages – those with positive social surplus — get sent? Filters block messages that harm recipients but benefit senders by more than transactions costs. Taxes can block positive value messages, and allow harmful messages through. In contrast, we propose an “Attention Bond,” allowing recipients to define a price that senders must risk to deliver the initial message.

The underlying problem is first-contact information asymmetry with negative externalities. Uninformed senders waste recipient attention through message pollution. Requiring attention bonds creates an attention market, effectively applying the Coase Theorem to price this scarce resource. In this market, screening mechanisms shift the burden of message classification from recipients to senders, who know message content. Price signals can also facilitate decentralized two-sided matching. In certain limited cases, this leads to greater welfare than use of even “perfect” filters.

Thede Loder, Marshall Van Alstyne, and Rick Wash. “An Economic Solution to Unsolicited Communications,” Advances in Economic Analysis and Policy, vol. 6, no. 1, Berkeley Electronic Press 2006

Download: Journal page (Cached PDF)

Users of social computing websites are both producers and consumers of the information found on the site. This creates a novel problem for web-based software applications: how can website designers induce users to produce information that is useful for others? We study this question by interviewing users of the social bookmarking website del.icio.us. We find that for the users in our sample, metadata reflecting who bookmarked a webpage better supports information seeking than free-form keyword metadata (tags). We explain this finding by describing differences in the way that the design of del.icio.us motivates users to contribute by providing personal benefits for bookmarking and tagging.

Rick Wash and Emilee Rader. “Public Bookmarks and Private Benefits: An Analysis of Incentives in Social Computing,“ Proceedings of the ASIS&T Annual Meeting. December 2007

Download: PDF

Humans are “smart components” in a system, but cannot be directly programmed to perform; rather, their autonomy must be respected as a design constraint and incentives provided to induce desired behavior. Sometimes these incentives are properly aligned, and the humans don’t represent a vulnerability. But often, a misalignment of incentives causes a weakness in the system that can be exploited by clever attackers. Incentive-centered design tools help us understand these problems, and provide design principles to alleviate them. We describe incentive-centered design and some tools it provides. We provide a number of examples of security problems for which Incentive Centered Design might be helpful. We elaborate with a general screening model that offers strong design principles for a class of security problems.

Rick Wash and Jeffrey K. MacKie-Mason. “Security When People Matter: Structuring Incentives for User Behavior.” Proceedings of the International Conference on Electronic Commerce, August 2007.

Download: PDF