Abstract

We consider the social context behind users' decisions about whether and when to encrypt email, interviewing a sample of users from an organization whose mission requires secrecy. Interview participants varied in their level of technical sophistication and in their involvement with secrets. We found that users saw universal, routine use of encryption as paranoid. Encryption flagged a message not only as confidential but also as urgent, so users found the encryption of mundane messages annoying. In general, decisions about encryption were driven not just by technical issues such as usability, but also by social factors. We argue that understanding these social factors is necessary to guide the design of encryption technologies that can be more widely adopted.