pith. sign in

arxiv: 2604.17270 · v2 · pith:DKWIZI7Enew · submitted 2026-04-19 · 💻 cs.HC · cs.AI· cs.CR· cs.CY

Understanding U.S. Users' Security and Privacy Transparency Needs for Consumer-Facing Generative AI

Pith reviewed 2026-05-10 06:16 UTC · model grok-4.3

classification 💻 cs.HC cs.AIcs.CRcs.CY
keywords generative AIsecurity and privacytransparencyuser interviewsadoption decisionsconsumer toolsusabilityhigh-stakes use
0
0 comments X

The pith

Users of consumer generative AI tools rarely let security and privacy information shape their adoption choices and instead rely on popularity as a proxy.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper examines how security and privacy communications in consumer-facing generative AI tools influence users' decisions to adopt and continue using these systems. Interviews and design sessions with 21 U.S. users revealed that existing information is typically viewed as incomplete, ineffective, or lacking credibility, so users turn to rough proxies such as popularity to judge practices. After adoption, ongoing uncertainty about security and privacy limits what tasks users will perform, especially in high-stakes settings, and sometimes prompts them to stop using the tools altogether. Participants expressed a desire for transparency that supports real decisions, including trustworthy sources like independent evaluations and usable formats such as on-demand disclosures. The authors organize these desires into five dimensions meant to guide systematic design work going forward.

Core claim

Participants reported that available security and privacy information rarely drove initial adoption because they saw it as incomplete, ineffective, or lacking credibility, leading them to rely instead on proxies such as popularity. After adoption, uncertainty about security and privacy practices constrained their willingness to use the tools in high-stakes contexts and contributed to discontinued use in some cases. They therefore called for transparency that supports decision-making and sustained use, including trustworthy information such as independent evaluations and usable interfaces such as on-demand disclosure, which the study synthesizes into five dimensions for future investigation.

What carries the argument

Five dimensions of user-desired security and privacy transparency practices that combine trustworthy information sources with usable on-demand interfaces.

If this is right

  • Transparency designs should emphasize independent evaluations rather than self-reported notices to increase credibility for adoption decisions.
  • On-demand disclosure interfaces could reduce post-adoption uncertainty and support continued use in high-stakes contexts.
  • Organizing transparency practices around the five dimensions could enable more systematic testing of what actually helps users.
  • Recommendations for designers and policymakers should focus on making security and privacy information both credible and immediately accessible.
  • If these features are adopted, users may shift away from popularity proxies toward evidence-based choices about generative AI tools.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

  • The same pattern of relying on popularity proxies may appear in other consumer AI products that are not generative.
  • Controlled experiments that deploy the five dimensions in live tools could measure whether they change actual usage patterns over time.
  • The findings imply that popularity rankings alone are unreliable signals of security and privacy quality across technology categories.
  • Users in different regions or with different risk tolerances might prioritize different elements within the five dimensions.

Load-bearing premise

That the experiences and needs described by these 21 U.S. participants reflect those of broader generative AI user populations and that implementing the suggested transparency features would meaningfully improve decision-making and continued use.

What would settle it

A follow-up study with a larger and more diverse sample that implements independent evaluations and on-demand disclosures yet finds no measurable increase in adoption driven by actual security and privacy details or reduction in discontinued use.

Figures

Figures reproduced from arXiv: 2604.17270 by Chunxi Zhan, Jiaxun Cao, Pardis Emami-Naeini, Rithvik Neti, Sai Teja Peddinti, Yu Dong.

Figure 1
Figure 1. Figure 1: Methodology overview of our main study. We conducted semi-structured interviews, followed by design sketching [PITH_FULL_IMAGE:figures/full_fig_p003_1.png] view at source ↗
Figure 2
Figure 2. Figure 2: We assemble participants’ representative design ideas across the five dimensions into a single prototype spanning [PITH_FULL_IMAGE:figures/full_fig_p010_2.png] view at source ↗
Figure 3
Figure 3. Figure 3: Examples showing traceability from participants’ original sketch concepts to corresponding prototype features, [PITH_FULL_IMAGE:figures/full_fig_p018_3.png] view at source ↗
read the original abstract

Users increasingly rely on consumer-facing generative AI (GenAI) for tasks ranging from everyday needs to sensitive use cases. Yet, it remains unclear whether and how existing security and privacy (S&P) communications in GenAI tools shape users' adoption decisions and experiences. Understanding how users seek, interpret, and evaluate S&P information is critical for designing usable transparency that users can trust and act on. We conducted semi-structured interviews and design sessions with 21 U.S. GenAI users. Our findings suggest that available S&P information rarely drove initial adoption in practice, as participants often perceived it as incomplete, ineffective, or not credible. Instead, they relied on rough proxies (e.g., popularity) to infer S&P practices. After adoption, S&P uncertainty constrained participants' willingness to use GenAI tools, especially for high-stakes purposes, and, in some cases, contributed to discontinued use. Participants therefore called for transparency that supports decisions and actions through trustworthy information (e.g., independent evaluations) and usable interfaces (e.g., on-demand disclosure). We categorize participants' desired design practices into five dimensions to facilitate systematic future investigation into best practices. We conclude with recommendations for researchers, designers, and policymakers to improve S&P transparency in consumer-facing GenAI.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Referee Report

3 major / 2 minor

Summary. The paper reports results from semi-structured interviews and design sessions with 21 U.S. GenAI users. It claims that existing S&P information rarely drove initial adoption decisions (users instead relied on proxies such as popularity), that post-adoption uncertainty about S&P practices constrained use especially in high-stakes contexts and sometimes led to discontinuation, and that participants desired trustworthy information (e.g., independent evaluations) and usable interfaces (e.g., on-demand disclosure). These desires are synthesized into five dimensions of design practices, with recommendations for researchers, designers, and policymakers.

Significance. If the empirical findings hold, the work is significant for usable security and privacy research in consumer AI: it documents a concrete gap between supplied S&P communications and actual user decision-making, identifies proxy-based inference as a common workaround, and supplies a five-dimension framework that can structure future design and evaluation work. The inclusion of design sessions alongside interviews is a strength that grounds the recommendations in user-generated ideas rather than researcher speculation alone.

major comments (3)
  1. Methods section: the manuscript supplies no information on recruitment strategy, participant demographics or selection criteria, interview protocol, or the thematic analysis procedure used to derive the five dimensions. Because the central claims rest entirely on these interview data, the absence of these details prevents verification that the reported patterns (proxy reliance, discontinued use) are not artifacts of sampling or analysis choices.
  2. Findings section: the strongest claims—that S&P information 'rarely drove initial adoption' and 'contributed to discontinued use'—are presented without tied participant quotes, frequency counts, or cross-case evidence from the 21 sessions. This weakens the evidential link between raw data and the synthesized dimensions.
  3. Discussion and conclusions: the generalization from a single-country, small, likely self-selected sample to statements about what 'users' need and how transparency features would improve decision-making is not accompanied by explicit scope limitations or tests for demographic variation, which is load-bearing for the policy and design recommendations.
minor comments (2)
  1. Abstract: the limitation of the 21-participant U.S. sample is not mentioned, which would help readers calibrate the scope of the claims.
  2. Terminology: 'GenAI tools' and 'consumer-facing generative AI' are used interchangeably without a clear definition or scope statement early in the paper.

Simulated Author's Rebuttal

3 responses · 0 unresolved

We thank the referee for their constructive and detailed review. We address each major comment below and describe the revisions we will make to strengthen the manuscript.

read point-by-point responses
  1. Referee: Methods section: the manuscript supplies no information on recruitment strategy, participant demographics or selection criteria, interview protocol, or the thematic analysis procedure used to derive the five dimensions. Because the central claims rest entirely on these interview data, the absence of these details prevents verification that the reported patterns (proxy reliance, discontinued use) are not artifacts of sampling or analysis choices.

    Authors: We agree that the current Methods section is insufficiently detailed. In the revised manuscript we will expand this section to specify the recruitment strategy (targeted online advertising and platform-based screening for U.S. adults with recent GenAI use), full participant demographics (age, gender, education, occupation, and frequency of GenAI use), explicit selection criteria, the semi-structured interview guide and design-session protocol, and the thematic analysis process (following Braun and Clarke’s reflexive thematic analysis with iterative coding by multiple researchers and member-checking). revision: yes

  2. Referee: Findings section: the strongest claims—that S&P information 'rarely drove initial adoption' and 'contributed to discontinued use'—are presented without tied participant quotes, frequency counts, or cross-case evidence from the 21 sessions. This weakens the evidential link between raw data and the synthesized dimensions.

    Authors: We accept that the evidential grounding can be strengthened. The revised Findings section will include additional verbatim participant quotes explicitly linked to each major claim, will note the number of participants who expressed each pattern (while preserving the qualitative character of the work), and will add cross-case summaries showing consistency across interviews and design sessions. These additions will make the path from raw data to the five design dimensions more transparent. revision: yes

  3. Referee: Discussion and conclusions: the generalization from a single-country, small, likely self-selected sample to statements about what 'users' need and how transparency features would improve decision-making is not accompanied by explicit scope limitations or tests for demographic variation, which is load-bearing for the policy and design recommendations.

    Authors: We agree that the Discussion and Conclusions require clearer scoping. We will insert a dedicated Limitations subsection that explicitly states the small sample size, U.S.-only recruitment, and potential self-selection effects. All general statements will be qualified to refer to “participants in our study” or “the users we interviewed,” and we will note the absence of demographic-variation testing while recommending such work in future studies. The five design dimensions will be presented as user-derived starting points rather than universal prescriptions. revision: yes

Circularity Check

0 steps flagged

No circularity: empirical claims derived directly from interview data

full rationale

This is a qualitative empirical study based on semi-structured interviews and design sessions with 21 participants. All central claims (e.g., S&P information rarely driving adoption, reliance on proxies like popularity, desire for trustworthy/on-demand transparency) are synthesized from participant responses rather than any equations, fitted parameters, self-referential definitions, or load-bearing self-citations. No derivation chain reduces to its own inputs by construction. The paper explicitly grounds findings in the collected data and presents design dimensions as a synthesis for future work, not as a closed logical loop. Generalizability concerns are a standard limitation of small-sample qualitative work but do not constitute circularity under the defined criteria.

Axiom & Free-Parameter Ledger

0 free parameters · 1 axioms · 0 invented entities

The central claims rest on standard qualitative research assumptions about the informativeness of a small user sample and the validity of self-reported preferences, without introducing fitted parameters or new postulated entities.

axioms (1)
  • domain assumption Semi-structured interviews with 21 U.S. GenAI users yield insights that generalize to wider user needs for S&P transparency.
    The study moves from specific participant statements to design recommendations and policy implications.

pith-pipeline@v0.9.0 · 5555 in / 1214 out tokens · 45702 ms · 2026-05-10T06:16:31.945241+00:00 · methodology

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.