Characterizing Digital Native's approaches to mobile privacy and security

Many studies have proven that digital natives are not as tech-savvy as previously thought, and possibly vulnerable in terms of privacy and security. My focus was to characterise how this generation interacted with mobile privacy and security. We provide evidence from a cohort of South African students, using this to discuss areas in which they need to be protected. We employed a web-based survey of 77 students, supplemented by in-depth interviews with 10 additional students. In both cases, we enquired about knowledge of permissions, encryption and application installation practices. With the in-depth interviews we also observed students as they installed two applications, one of which over-requested permissions. Our findings showed that most students (80%) did not look for- or understand permissions, did not understand or look for encryption, and used location-based services unsafely. Based on these results, we argue that digital natives lack the technical skills to properly engage with mobile privacy and security. Furthermore, digital natives do not understand mobile security and privacy features and therefore ignore them. Digital natives trust the authors of software and fail to act securely when security and privacy features are requested out of context. We further argue that this generation of digital natives has been so overexposed to mobile requests that violate their privacy and security that they have become desensitised to them. We further argue that digital natives’ definition of privacy is different from that of previous generations. Lastly, we discuss the implications of our findings for Higher Education Institutions, Higher Education Policy and mobile application design

A Characterization of Digital Native Approaches To Mobile Privacy and Security

Despite their familiarity with the digital, so-called 'digital natives' are not tech-savvy, particularly with respect to privacy and security. In this study we characterize this problem by looking at a cohort of South African students. We employ a web-based survey of 100 students, supplemented by in-depth interviews with 10 additional students. In both cases we inquired about, and observed knowledge of permissions, encryption and application installation practices. Our findings show that most students (80%) do not look for or understand permissions or encryption, and use location-based services unsafely. Based on these results we argue that digital natives lack the technical skills and understanding to properly engage with mobile privacy and security. We further argue that this generation has been so over-exposed to mobile requests that violate their privacy and security that they have become desensitized and their definition of privacy and security has changed. Lastly, we discuss the implications of our findings for higher education institutions, policy, and mobile application design