Digital Security Perceptions and Practices Around the World: A WEIRD Versus Non-WEIRD Comparison

Abstract

Existing usable security and privacy research remains skewed toward WEIRD (Western, Educated, Industrialized, Rich, and Democratic) societies, whereas studies on non-WEIRD societies are scarce and mostly qualitative. The lack of large-scale cross-country comparisons makes it difficult to understand how people’s security needs, perceptions, and practices vary across contexts and cultures. To fill this gap, we surveyed participants (N=12,351) from 12 countries across four continents – with seven WEIRD and five non-WEIRD countries – to examine participants’ perceptions (e.g., regarding importance of different data types and risks posed by possible attackers) and practices (e.g., adoption of protective measures and prior negative experiences). We found significant differences between WEIRD versus non-WEIRD countries across almost all variables, with varying effect sizes. For instance, participants from non-WEIRD countries relied more on friends and family for advice on digital security than their WEIRD counterparts, but they also viewed friends and family as more likely attackers. We provide our interpretations of the cross-country differences, discuss how our findings inform security interventions and education, and summarize lessons learned from conducting cross-country research.