Privacy - How Bad R U?

Worrying news from Ars Tech re Journal of Consumer Research* paper on making people hand over privacy data - we are not ratinal and and over more intimate details to (probably) riskier sites:

The researchers set up two survey web pages, one of which looked very official: it had the Carnegie Mellon University seal, and referred to a "Carnegie Mellon University Executive Council Survey on Ethical Behaviors." The other, well... Comic Sans featured heavily in the site design, and the survey page was entitled "How BAD Are U???" In a pre-test, far more people rated the official-looking page as a safer option for transmitting personal information.

When put to the test, however, the exact opposite occurred. Depending on the question, participants who used the How Bad ARE U version admitted to unethical or embarrassing activities at a rate of 1.74 to 1.98 times that of those who were given the professional version. In a separate survey, participants rated the same questions as less intrusive if they were presented in Comic Sans—even though there was no difference in the ratings of the activity's social desirability between the two survey populations. In short, an unprofessional-looking interface seemed to loosen participants up in the same manner that approaching a question indirectly did.

Also.....

[The researchers] collaborated with The New York Times to create a web survey entitled "Test your ethics," which asked participants to rate the ethicality of a set of actions. But, in the process, users were asked to indicate whether they had ever engaged in those activities, under the pretense that it might color their ratings.

Answers varied a great deal based on the perceived intrusiveness of the question, but one pattern became clear: it was possible to get more people to answer that they had engaged in a given behavior if their own behavior was approached indirectly. If participants were asked about their participation as part of the rating process, they were about 1.5 times more likely to admit an ethical misstep than if they were simply asked point blank as a separate question. This suggested that a casual approach, which puts a participant at ease, is more likely to get them to cough up personal details.

Add to that the way gaming reward functionality is increasingly used (Gaming rewarsd have been shown to be effective at getting people to divulge stuff as they rewad them for it) and you have a perfect culture for privacy raiding.

*There is no link to the paper unfortunately, so I haven't actually read it. Ars Technica is one of he more sanguine blogs however.