Gina Maria Schmidbauer-Wolf , M.Sc.
ehem. Mitarbeiterin
Technische Universität Darmstadt, Fachbereich Informatik,
Wissenschaft und Technik für Frieden und Sicherheit (PEASEC)
Gina Maria Schmidbauer-Wolf, M.Sc. warwissenschaftliche Mitarbeiterin am Lehrstuhl Wissenschaft und Technik für Frieden und Sicherheit (PEASEC) im Fachbereich Informatik der Technischen Universität Darmstadt.
Sie studierte Medieninformatik an der Hochschule Hof (B.Sc.) und an der Universität Regensburg (M.Sc.). Neben dem Studium arbeitete sie sowohl in der Softwareentwicklung als auch in der Quality Assurance digitaler Produkte. Während Ihres Masterstudiums war sie zudem als Tutorin für das Medieninformatik-Bachelor-Studium tätig. In Ihrer Freizeit engagierte Sie sich für Studierende in der Hochschulpolitik oder bei der Unterstützung studentischer Veranstaltungen.
Publikationen
[BibTeX] [Abstract] [Download PDF]
Concise instruments to determine privacy personas – typical privacy-related user groups – are not available at present. Consequently, we aimed to identify them on a privacy knowledge–privacy behavior ratio based on a self-developed instrument. To achieve this, we conducted an item analysis (N = 820) and a confirmatory factor analysis (CFA) (N = 656) of data based on an online study with German participants. Starting with 81 items, we reduced those to an eleven-item questionnaire with the two scales privacy knowledge and privacy behavior. A subsequent cluster analysis (N = 656) revealed three distinct user groups: (1) Fundamentalists scoring high in privacy knowledge and behavior, (2) Pragmatists scoring average in privacy knowledge and behavior and (3) Unconcerned scoring low in privacy knowledge and behavior. In a closer inspection of the questionnaire, the CFAs supported the model with a close global fit based on RMSEA in a training and to a lesser extent in a cross-validation sample. Deficient local fit as well as validity and reliability coefficients well below generally accepted thresholds, however, revealed that the questionnaire in its current form cannot be considered a suitable measurement instrument for determining privacy personas. The results are discussed in terms of related persona conceptualizations, the importance of a methodologically sound investigation of corresponding privacy dimensions and our lessons learned.
@article{biselli_challenges_2022,
title = {On the {Challenges} of {Developing} a {Concise} {Questionnaire} to {Identify} {Privacy} {Personas}},
url = {https://petsymposium.org/2022/files/papers/issue4/popets-2022-0126.pdf},
doi = {10.56553/popets-2022-0126},
abstract = {Concise instruments to determine privacy personas – typical privacy-related user groups – are not available at present. Consequently, we aimed to identify them on a privacy knowledge–privacy behavior ratio based on a self-developed instrument. To achieve this, we conducted an item analysis (N = 820) and a confirmatory factor analysis (CFA) (N = 656) of data based on an online study with German participants. Starting with 81 items, we reduced those to an eleven-item questionnaire with the two scales privacy knowledge and privacy behavior. A subsequent cluster analysis (N = 656) revealed three distinct user groups: (1) Fundamentalists scoring high in privacy knowledge and behavior, (2) Pragmatists scoring average in privacy knowledge and behavior and (3) Unconcerned scoring low in privacy knowledge and behavior. In a closer inspection of the questionnaire, the CFAs supported the model with a close global fit based on RMSEA in a training and to a lesser extent in a cross-validation sample. Deficient local fit as well as validity and reliability coefficients well below generally accepted thresholds, however, revealed that the questionnaire in its current form cannot be considered a suitable measurement instrument for determining privacy personas. The results are discussed in terms of related persona conceptualizations, the importance of a methodologically sound investigation of corresponding privacy dimensions and our lessons learned.},
number = {4},
journal = {Proceedings on Privacy Enhancing Technologies (PoPETs)},
author = {Biselli, Tom and Steinbrink, Enno and Herbert, Franziska and Schmidbauer-Wolf, Gina Maria and Reuter, Christian},
year = {2022},
keywords = {Security, UsableSec, HCI, Projekt-ATHENE-FANCY, Projekt-CROSSING, A-Paper, AuswahlUsableSec, Ranking-CORE-A, Projekt-GRKPrivacy},
pages = {645--669},
}
[BibTeX] [Abstract] [Download PDF]
As a result of the ongoing digitalization of our everyday lives, the amount of data produced by everyone is steadily increasing. This happens through personal decisions and items, such as the use of social media or smartphones, but also through more and more data acquisition in public spaces, such as e.g., Closed Circuit Television. Are people aware of the data they are sharing? What kind of data do people want to share with whom? Are people aware if they have Wi-Fi, GPS, or Bluetooth activated as potential data sharing functionalities on their phone? To answer these questions, we conducted a representative online survey as well as face-to-face interviews with users in Germany. We found that most users wanted to share private data on premise with most entities, indicating that willingness to share data depends on who has access to the data. Almost half of the participants would be more willing to share data with specific entities (state bodies & rescue forces) in the event that an acquaintance is endangered. For Wi-Fi and GPS the frequencies of self-reported and actual activation on the smartphone are almost equal, but 17\% of participants were unaware of the Bluetooth status on their smartphone. Our research is therefore in line with other studies suggesting relatively low privacy awareness of users.
@inproceedings{herbert_who_2021,
address = {New York},
title = {Who {Should} {Get} {My} {Private} {Data} in {Which} {Case}? {Evidence} in the {Wild}},
url = {http://www.peasec.de/paper/2021/2021_Herbert_SchmidbauerWolfReuter_WhoShouldGetMyPrivateDateinWhichCase_MuC.pdf},
doi = {10.1145/3473856.3473879},
abstract = {As a result of the ongoing digitalization of our everyday lives, the amount of data produced by everyone is steadily increasing. This happens through personal decisions and items, such as the use of social media or smartphones, but also through more and more data acquisition in public spaces, such as e.g., Closed Circuit Television. Are people aware of the data they are sharing? What kind of data do people want to share with whom? Are people aware if they have Wi-Fi, GPS, or Bluetooth activated as potential data sharing functionalities on their phone? To answer these questions, we conducted a representative online survey as well as face-to-face interviews with users in Germany. We found that most users wanted to share private data on premise with most entities, indicating that willingness to share data depends on who has access to the data. Almost half of the participants would be more willing to share data with specific entities (state bodies \& rescue forces) in the event that an acquaintance is endangered. For Wi-Fi and GPS the frequencies of self-reported and actual activation on the smartphone are almost equal, but 17\% of participants were unaware of the Bluetooth status on their smartphone. Our research is therefore in line with other studies suggesting relatively low privacy awareness of users.},
booktitle = {Mensch und {Computer} - {Tagungsband}},
publisher = {ACM},
author = {Herbert, Franziska and Schmidbauer-Wolf, Gina Maria and Reuter, Christian},
year = {2021},
keywords = {Security, UsableSec, Projekt-ATHENE-FANCY},
}
[BibTeX] [Abstract] [Download PDF]
The German Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik) offers advice and recommendations for private users on how to behave securely. Based on these recommendations we investigate the IT security knowledge and behavior of private users with a rep- resentative study of the German population (N = 1.219). Additionally, we ana- lyze the role of socio-demographic factors (gender, age, education, political ori- entation) for security knowledge and behavior. Results show that German pri- vate users have only moderate IT security knowledge and behavior, with as- pects as gender, age, education and political orientation partly having an influ- ence. Men, higher educated and politically moderately oriented participants show higher security knowledge, whereas young people and those less knowl- edgeable about security behave less security-conscious. Additionally, security knowledge and behavior correlate moderately. Therefore, to increase private users‘ IT security we suggest to increase education and training especially for users being young, politically right-wing or female.
@inproceedings{herbert_differences_2020,
address = {Potsdam, Germany},
title = {Differences in {IT} {Security} {Behavior} and {Knowledge} of {Private} {Users} in {Germany}},
url = {https://library.gito.de/wp-content/uploads/2021/08/V3_Herbert-Differences_in_IT_Security_Behavior_and_Knowledge-541_c.pdf},
doi = {10.30844/wi_2020_v3-herbert},
abstract = {The German Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik) offers advice and recommendations for private users on how to behave securely. Based on these recommendations we investigate the IT security knowledge and behavior of private users with a rep- resentative study of the German population (N = 1.219). Additionally, we ana- lyze the role of socio-demographic factors (gender, age, education, political ori- entation) for security knowledge and behavior. Results show that German pri- vate users have only moderate IT security knowledge and behavior, with as- pects as gender, age, education and political orientation partly having an influ- ence. Men, higher educated and politically moderately oriented participants show higher security knowledge, whereas young people and those less knowl- edgeable about security behave less security-conscious. Additionally, security knowledge and behavior correlate moderately. Therefore, to increase private users' IT security we suggest to increase education and training especially for users being young, politically right-wing or female.},
booktitle = {Proceedings of the {International} {Conference} on {Wirtschaftsinformatik} ({WI})},
author = {Herbert, Franziska and Schmidbauer-Wolf, Gina Maria and Reuter, Christian},
year = {2020},
keywords = {Security, UsableSec, Projekt-ATHENE-FANCY, Ranking-CORE-C, Ranking-VHB-C, Ranking-WKWI-A},
pages = {1--16},
}
[BibTeX] [Abstract] [Download PDF]
Digitalization, which proceeds in all branches, as well in agriculture, by using new technology, sensors and networking, requires responsible usage of data. One possibility to manage data and use them to create value is the blockchain-technology. It is primary enforced by the food industries and consumers to ensure traceability and transparency. To put blockchain-technology into beneficial use in agriculture, this domain has to be analyzed regarding social and business aspects. This paper presents the results of a qualitative study where 41 actors from the agricultural do-main participated in focus groups and delivered a written statement. It was found that farmers are interested in adapting new markets and technologies early to get an economic advantage. On the other hand, the fear of losing traditional local business partners and the social surroundings of the farmers must be considered
@inproceedings{linsner_blockchain_2019,
address = {Hamburg, Germany},
title = {Blockchain in der {Landwirtschaft} 4.0 - {Empirische} {Studie} zu {Erwartungen} von {Landwirt}\_innen gegenüber dezentralen {Services} auf {Basis} von {Distributed} {Ledger} {Technology}},
url = {https://dl.acm.org/citation.cfm?id=3340799},
doi = {10.1145/3340764.3340799},
abstract = {Digitalization, which proceeds in all branches, as well in agriculture, by using new technology, sensors and networking, requires responsible usage of data. One possibility to manage data and use them to create value is the blockchain-technology. It is primary enforced by the food industries and consumers to ensure traceability and transparency. To put blockchain-technology into beneficial use in agriculture, this domain has to be analyzed regarding social and business aspects. This paper presents the results of a qualitative study where 41 actors from the agricultural do-main participated in focus groups and delivered a written statement. It was found that farmers are interested in adapting new markets and technologies early to get an economic advantage. On the other hand, the fear of losing traditional local business partners and the social surroundings of the farmers must be considered},
booktitle = {Mensch und {Computer} - {Tagungsband}},
publisher = {ACM},
author = {Linsner, Sebastian and Kuntke, Franz and Schmidbauer-Wolf, Gina Maria and Reuter, Christian},
editor = {Alt, Florian and Bulling, Andreas and Döring, Tanja},
year = {2019},
keywords = {Projekt-GeoBox, HCI, Projekt-CROSSING, Projekt-CRISP, Projekt-MAKI, Projekt-HyServ, Cooperation},
pages = {103--113},
}
[BibTeX] [Abstract] [Download PDF]
Input modalities generally as well as in cars are evolving quickly regarding their spread and reliability. One possible input technique is gaze interaction, a topic still being researched. What are the front seat passengers‘ feelings towards gaze interaction, are they comfortable using it and do they think it is necessary? A laboratory experiment was conducted with 13 student participants, using a driving simulator, eye tracker, lamp and a driving wheel. Qualitative data was collected during and after the experiment through observation and a semi-structured interview. Quantitative data was collected through questionnaires (ATI, CTAM, SUS). The results were that the usability of the system was high but participants did not feel well using it.
@inproceedings{schmidbauer-wolf_usability_2019,
address = {Hamburg, Germany},
title = {Usability and {UX} of a {Gaze} {Interaction} {Tool} for {Front} {Seat} {Passengers}: {Evaluation} of a {Gaze} {Controlled} {Optical} {Feedback} {System} in a {Car}},
url = {www.peasec.de/paper/2019/2019_SchmidbauerWolfGuder_UsabilityUXGazeInteractionTool.pdf},
doi = {10.1145/3340764.3344890},
abstract = {Input modalities generally as well as in cars are evolving quickly regarding their spread and reliability. One possible input technique is gaze interaction, a topic still being researched. What are the front seat passengers' feelings towards gaze interaction, are they comfortable using it and do they think it is necessary? A laboratory experiment was conducted with 13 student participants, using a driving simulator, eye tracker, lamp and a driving wheel. Qualitative data was collected during and after the experiment through observation and a semi-structured interview. Quantitative data was collected through questionnaires (ATI, CTAM, SUS). The results were that the usability of the system was high but participants did not feel well using it.},
booktitle = {{MuC}’19: {Proceedings} of {Mensch} und {Computer} 2019},
publisher = {Gesellschaft für Informatik e.V.},
author = {Schmidbauer-Wolf, Gina Maria and Guder, Markus},
year = {2019},
keywords = {Student, HCI},
pages = {677--681},
}
[BibTeX] [Abstract] [Download PDF]
Smart cities want to provide a better life to their citizens, e.g. regarding health care, infrastruc- ture, better safety and security. This can be achieved by using more and new technology and by interconnecting and analysing new and existent devices. Thus, public spaces and buildings will be equipped with more interconnected input and output modalities. This ongoing technolo- gization of public spaces creates opportunities for making everyone’s life more secure, while at the same time everyone’s personal privacy is endangered. So how is this balancing act tackled and dealt with right now? What fears do citizens have regarding their security as well as their privacy? This paper provides first insights into the topic privacy in smart cities regarding that smart cities need data which can be provided by and of people. The paper raises the question if collecting people’s data, and thus enabling smart cities, is ethical and if not, how it can be assured to be ethical.
@inproceedings{schmidbauer-wolf_responsible_2019,
address = {Darmstadt, Germany},
title = {Responsible {Data} {Usage} in {Smart} {Cities}: {Privacy} in {Everyday} {Life} vs. {Reacting} to {Emergency} {Situations}},
url = {https://tuprints.ulb.tu-darmstadt.de/id/eprint/9164},
abstract = {Smart cities want to provide a better life to their citizens, e.g. regarding health care, infrastruc- ture, better safety and security. This can be achieved by using more and new technology and by interconnecting and analysing new and existent devices. Thus, public spaces and buildings will be equipped with more interconnected input and output modalities. This ongoing technolo- gization of public spaces creates opportunities for making everyone's life more secure, while at the same time everyone's personal privacy is endangered. So how is this balancing act tackled and dealt with right now? What fears do citizens have regarding their security as well as their privacy? This paper provides first insights into the topic privacy in smart cities regarding that smart cities need data which can be provided by and of people. The paper raises the question if collecting people's data, and thus enabling smart cities, is ethical and if not, how it can be assured to be ethical.},
booktitle = {{SCIENCE} {PEACE} {SECURITY} '19 - {Proceedings} of the {Interdisciplinary} {Conference} on {Technical} {Peace} and {Security} {Research}},
publisher = {TUprints},
author = {Schmidbauer-Wolf, Gina Maria and Herbert, Franziska and Reuter, Christian},
editor = {Reuter, Christian and Altmann, Jürgen and Göttsche, Malte and Himmel, Mirko},
year = {2019},
keywords = {Security, UsableSec, HCI, Projekt-ATHENE-FANCY, Projekt-CRISP},
pages = {70--74},
}
[BibTeX] [Abstract] [Download PDF]
Wie werden eigene private Daten geschützt? Um dieser Frage nachzugehen, wurde in einer qualitativen Studie mit sechs Informatikabsolvent_innen erfragt, wie diese die Privatheit ihrer Daten schützen. Das Ziel der teilstrukturierten Inter- views war es einen möglichst breiten Überblick über tatsäch- lich verwendete Techniken und Technologien zum Schutz der privaten Daten zu gewinnen. Während sich die Vermu- tung bestätigte, dass alle Teilnehmer_innen ein Bewusstsein für die Brisanz ihrer privaten Daten hatten, unterschieden sich die Definitionen ebendieser privaten Daten sowie das Verhalten, um diese zu schützen. Es konnte beobachtet wer- den, dass viel Wissen in diesem Bereich nicht zwangsläufig zu einem vorsichtigeren Handeln führt. Mögliche genannte Strategien zum Schutz der eigenen Daten sind: Informiert bleiben, Datensparsamkeit, Vermeidung der Produkte be- stimmter Konzerne sowie Resignation. Als Motivation für das jeweilige Verhalten wurden sowohl politische, philoso- phische, utilitaristische, als auch angstgetriebene Gründe genannt. Letztere können in Angst vor Diebstahl und Angst vor Andersbehandlung unterschieden werden.
@inproceedings{schmidbauer-wolf_kampf_2019,
address = {Hamburg, Germany},
title = {Ein {Kampf} gegen {Windmühlen}: qualitative {Studie} über {Informatikabsolvent}\_innen und ihre {Datenprivatheit}},
url = {https://dl.gi.de/bitstream/handle/20.500.12116/25168/302-06.pdf},
doi = {10.18420/muc2019-ws-302-06},
abstract = {Wie werden eigene private Daten geschützt? Um dieser Frage nachzugehen, wurde in einer qualitativen Studie mit sechs Informatikabsolvent\_innen erfragt, wie diese die Privatheit ihrer Daten schützen. Das Ziel der teilstrukturierten Inter- views war es einen möglichst breiten Überblick über tatsäch- lich verwendete Techniken und Technologien zum Schutz der privaten Daten zu gewinnen. Während sich die Vermu- tung bestätigte, dass alle Teilnehmer\_innen ein Bewusstsein für die Brisanz ihrer privaten Daten hatten, unterschieden sich die Definitionen ebendieser privaten Daten sowie das Verhalten, um diese zu schützen. Es konnte beobachtet wer- den, dass viel Wissen in diesem Bereich nicht zwangsläufig zu einem vorsichtigeren Handeln führt. Mögliche genannte Strategien zum Schutz der eigenen Daten sind: Informiert bleiben, Datensparsamkeit, Vermeidung der Produkte be- stimmter Konzerne sowie Resignation. Als Motivation für das jeweilige Verhalten wurden sowohl politische, philoso- phische, utilitaristische, als auch angstgetriebene Gründe genannt. Letztere können in Angst vor Diebstahl und Angst vor Andersbehandlung unterschieden werden.},
booktitle = {Mensch und {Computer} 2019 - {Workshopband}},
publisher = {Gesellschaft für Informatik e.V.},
author = {Schmidbauer-Wolf, Gina Maria and Herbert, Franziska and Reuter, Christian},
year = {2019},
keywords = {Security, Projekt-ATHENE-FANCY},
pages = {256--264},
}