skip to main content
US FlagAn official website of the United States government
dot gov icon
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
https lock icon
Secure .gov websites use HTTPS
A lock ( lock ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Explore Research Products in the PAR
It may take a few hours for recently added research products to appear in PAR search results.


This content will become publicly available on July 21, 2026

Title: Data Wiping Behaviors for End-of-First-Use Electronics: Insights from a survey of U.S. consumers
When a consumer is finished using an electronic device (End-of- First-Use), they might recycle, resell, donate/give away, trade-in or throw it in the trash. There are security threats if a hostile party obtains the device and extracts data. Data wiping at End- of-First-Use is thus an important security behavior, one that has received scant analytical attention. To explore consumer behavior and reasoning behind data wiping practices, we undertake a survey of the U.S. population. One key result is that 31% of the population did not wipe data when dispositioning a device. When asked why not, 44% replied that they did not find data wiping important or that it did not occur to them. 33% replied the device was broken and data could not be wiped, 12% reported difficulty in wiping and 11% could not find a way to wipe. The 44% who thought data wiping was not important showed lower awareness of the security threat, 23% had heard that data can be recovered from discarded devices, versus 44% for the general population. The most prevalent device types for which data wiping was reported as unimportant are smart TVs, kitchen appliances, streaming, and gaming devices, suggesting that consumers may not be aware that private information is being stored on these devices. To inform future interventions that aim to raise awareness, we queried respondents where they obtained security knowledge. 47% replied that they learned about security threats from a single venue; social media was this single venue 43% of the time. This suggests that social media is a key channel for security education  more » « less
Award ID(s):
2037535
PAR ID:
10618749
Author(s) / Creator(s):
; ; ; ;
Publisher / Repository:
ACM SIGCAS/SIGCHI Conference on Computing and Sustainable Societies (COMPASS ’25)
Date Published:
ISBN:
9798400714849
Page Range / eLocation ID:
733 to 738
Subject(s) / Keyword(s):
e-waste, consumer electronics, data, privacy
Format(s):
Medium: X
Location:
Toronto ON Canada
Sponsoring Org:
National Science Foundation
More Like this
  1. ; ; ; ; (, Educational technology society)
    Cyber bullying, digital identity, impact of digital footprints, and use of inappropriate social media are topics that are gaining attention in K-12 schools. As more schools and school districts are implementing 1-1 and “bring your own technology” initiatives, attention to these topics is becoming increasingly important. A total of 593 middle school students were surveyed about digital footprints and concerns about social media. The results show that 17% started using social media at age nine or younger, 40% accepted friend requests from people they do not know, and 40% reported that their parents did not monitor their social media use, which calls for the needs of cyber-security education. These middle school students reported using social media most often to connect with their friends, share pictures, and find out what others are doing. They indicated that Instagram (27%), SnapChat (25%) and YouTube (25%) were their most used social media sites. These students have concerns about social media due to inappropriate postings, getting hacked, getting their feelings hurt, lack of privacy, inappropriate pictures, bullying, negativity, and stalkers. This study informs teachers, administrators, technology facilitators and parents on social media use by students. 
    more » « less
  2. ; ; ; ; (, 2025 IEEE Conference on Technologies for Sustainability (SusTech))
    The goal of this study is to find patterns in how consumers disposition electronic devices at End-of-First-Use, i.e. store, recycle, resell, trade in, donate/give or and throw in the trash. K-means clustering was used on survey data from 3,747 U.S. respondents across 10 device categories to divide the population into three clusters of consumers based on stated attitudes and knowledge of data privacy, environmental benefits, convenience and other aspects of End-of-First-Use options. We then measure the reported intended disposition of devices for each cluster and compare with the general population. Cluster 1 has higher data security concerns when recycling, reselling or donating, and less knowledge and trust in End-of-First-Use options overall. The intended behavior of cluster 1 shows higher than average uncertainty in what to do at End-of-First-Use and more intent to store (lower values for other options - recycling, reselling and donating). Cluster 2 shows higher knowledge and trust in recycling, reselling, and donation, and slightly higher than average concern about data security of these options. The intended behavior of cluster 2 shows higher intent to resell, trade-in or donate, and lower levels of being uncertain of what to do and of storing. Cluster 3 expresses much less concern about data security, and lower utility of a stored device. Their intended behavior shows less storage and higher levels of other End-of- First-Use" options. While cluster analysis does not yield causal connections, the groups show consistent trends in stated knowledge and attitudes towards different End-of-First-Use options and corresponding planned behaviors. These results indicate there are subgroups of the general population with similar reported attitudes, knowledge and behaviors. The three subgroups do not have distinct demographic characteristics, i.e. knowledge and attitudes regarding disposition of electronics does not depend strongly on age, education level, income and similar factors. Understanding segmentation is useful to investigate more effective interventions to influence behavior for better sustainability outcomes. 
    more » « less
  3. ; ; ; (, 2023 IEEE Symposium on Security and Privacy (SP))
    Consumer Internet of Things (IoT) devices are increasingly common, from smart speakers to security cameras, in homes. Along with their benefits come potential privacy and security threats. To limit these threats a number of commercial services have become available (IoT safeguards). The safeguards claim to provide protection against IoT privacy risks and security threats. However, the effectiveness and the associated privacy risks of these safeguards remains a key open question. In this paper, we investigate the threat detection capabilities of IoT safeguards for the first time. We develop and release an approach for automated safeguards experimentation to reveal their response to common security threats and privacy risks. We perform thousands of automated experiments using popular commercial IoT safeguards when deployed in a large IoT testbed. Our results indicate not only that these devices may be ineffective in preventing risks, but also their cloud interactions and data collection operations may introduce privacy risks for the households that adopt them. 
    more » « less
  4. (, Big-Data Analytics (BDA))
    Massive amounts of data today are being generated from users engaging on social media. Despite knowing that whatever they post on social media can be viewed, downloaded and analyzed by unauthorized entities, a large number of people are still willing to compromise their privacy today. On the other hand though, this trend may change. Improved awareness on protecting content on social media, coupled with governments creating and enforcing data protection laws, mean that in the near future, users may become increasingly protective of what they share. Furthermore, new laws could limit what data social media companies can use without explicit consent from users. In this paper, we present and address a relatively new problem in privacy-preserved mining of social media logs. Specifically, the problem here is the feasibility of deriving the topology of network communications (i.e., match senders and receivers in a social network), but with only meta-data of conversational files that are shared by users, after anonymizing all identities and content. More explicitly, if users are willing to share only (a) whether a message was sent or received, (b) the temporal ordering of messages and (c) the length of each message (after anonymizing everything else, including usernames from their social media logs), how can the underlying topology of sender-receiver patterns be generated. To address this problem, we present a Dynamic Time Warping based solution that models the meta-data as a time series sequence. We present a formal algorithm and interesting results in multiple scenarios wherein users may or may not delete content arbitrarily before sharing. Our performance results are very favorable when applied in the context of Twitter. Towards the end of the paper, we also present interesting practical applications of our problem and solutions. To the best of our knowledge, the problem we address and the solution we propose are unique, and could provide important future perspectives on learning from privacy-preserving mining of social media logs. 
    more » « less
  5. ; (, 2019 IEEE 10th Annual Ubiquitous Computing, Electronics & Mobile Communication Conference (UEMCON))
    null (Ed.)
    In recent years, the addition of billions of Internet of Thing (IoT) device spawned a massive demand for computing service near the edge of the network. Due to latency, limited mobility, and location awareness, cloud computing is not capable enough to serve these devices. As a result, the focus is shifting more towards distributed platform service to put ample computing power near the edge of the networks. Thus, paradigms such as Fog and Edge computing are gaining attention from researchers as well as business stakeholders. Fog computing is a new computing paradigm, which places computing nodes in between the Cloud and the end user to reduce latency and increase availability. As an emerging technology, Fog computing also brings newer security challenges for the stakeholders to solve. Before designing the security models for Fog computing, it is better to understand the existing threats to Fog computing. In this regard, a thorough threat model can significantly help to identify these threats. Threat modeling is a sophisticated engineering process by which a computer-based system is analyzed to discover security flaws. In this paper, we applied two popular security threat modeling processes - CIAA and STRIDE - to identify and analyze attackers, their capabilities and motivations, and a list of potential threats in the context of Fog computing. We posit that such a systematic and thorough discussion of a threat model for Fog computing will help security researchers and professionals to design secure and reliable Fog computing systems. 
    more » « less
  • Citation Formats
  • MLA
  • APA
  • Chicago
  • BibTeX
  • Save / Share this Record
  • Send to Email