Where It Goes Is More Important Than How It Gets There, Part 2
Further reporting on how people send important documents.
People often have to send an important document to someone they do not already know at least once or twice per year, such as financial documents to a new tax preparer, medical forms to a specialist’s office, or something else. However, it is not always clear how to do this in a way that is safe and protects one’s privacy. Most work in this field focuses on day-to-day communication, using tools like Signal or Telegram, rather than these one-off transfers of important information.
To investigate how people handle this situation, we reported on a survey last year that showed users tend to care more about data at rest vs. data in transit when sending documents like these. This was a small survey using free-response questions to explore user strategies for sending information. Since then, we have used what we learned in that survey to reach more participants and get a broader picture by building on the responses to the first survey. We are glad to report that we confirmed most of our findings!
In the first survey, we used open-ended questions where participants could just type their responses in order to collect the range of possibilities for the questions we wanted to ask. In our most recent work, we took those answers and used them to form multiple choice questions in order to expand both the reach of our survey and provide some new ways to analyze the data.
In our first survey, we reported that users commonly sent important documents using unsecured methods, like email, or delivered them by hand to assuage security concerns. One question we were left with, however, was whether this was because they chose these methods over others or because they simply weren’t aware of other options. In our newest study, we asked participants to indicate whether or not they had heard of the various methods reported in the first survey and found that, despite different levels of use, all of the methods were familiar. Email, online portals provided by the recipient, or taking the documents in person were still the most common, and direct messaging was the least common transmission method.
Satisfaction with Delivery Methods
In the first survey, we observed that participants were overall very satisfied with their methods of sending important documents from a privacy perspective. We used a mathematical model to see which answers predicted higher satisfaction with privacy and learned that some methods — email, physical mail, phone calls, and fax — were seen as more private. In addition, we confirmed that trust in the recipients was an important element in predicting whether or not someone was satisfied with the privacy of their chosen method.
Risks of Sending Important Information
One surprising result from the first study was that a significant concern for participants was the security of the documents once they arrive at their destinations. We asked about this directly in our second survey, confirming this result more conclusively. Additionally, we found that the risks people were most concerned about were, perhaps unsurprisingly, identity theft and financial harm. However, in general, people rated these as “low risk” or “no risk”, as opposed to “high risk”, so even though they were more prevalent than the other options — like harassment or physical harm — they were still not huge concerns.
In this work, we confirmed that users are, in general, satisfied with the ways they send important documents, even amongst a variety of options. However, this opens an important new line of work: given that this is not something people do every day, how can we encourage them to try more secure methods to protect sensitive information? Additionally, we think it is important to consider the security of user information after the communication has already happened, since this was a concern we uncovered in these surveys. We hope our work continues to expand the conversation on secure communication to cover more important facets of daily life.