“Why would money protect me from cyber bullying ?”: A mixed-methods study of personal cyber insurance

Rachiyta Jain, Temima Hrle, Margherita Marinetti, Adam Jenkins, Rainer Böhme, Daniel W. Woods

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract / Description of output

Individuals can become victims of security incidents, privacy violations, online scams, and social media abuse. In addition to prevention, users should create response strategies in case misfortune strikes. To better understand response to digital harm, we conducted the first study of personal cyber insurance in the US and the UK.

We explored the supply-side via a content analysis of 24 cyber insurance policies. The results show personal cyber insurance compensates security, privacy and fraud incidents, with a slim majority also covering cyberbullying. Comparing these results to prior work, we find that coverage in the US and UK has significant differences to coverage in Germany. We study the demand-side via a survey distributed to 584 participants with an even US/UK split. Just 1.6% of respondents have cyber coverage and 8.5% are aware of the product. We introduce the concepts of risk uncertainty and coverage uncertainty, finding both are prevalent for personal cyber insurance. Studying coverage uncertainty, we discover a gap between insurers and participants, which is broadest for online fraud and narrowest for identity theft and cyberbullying. Turning to risk uncertainty, we discovered that in the aggregate users are relatively well calibrated regarding the frequency of different incidents. Individuals estimate that fraud incidents have the greatest impact, followed by security and privacy incidents. Cyberbullying has very low estimated impact. Regarding purchasing a policy, participants raised uncertainties about contractual details, reporting requirements, victimization statistics, and access to security solutions.
Original languageEnglish
Title of host publication2025 IEEE Symposium on Security and Privacy
PublisherInstitute of Electrical and Electronics Engineers
Publication statusAccepted/In press - 16 Sept 2024
Event46th IEEE Symposium on Security and Privacy - The Hyatt Regency San Francisco, San Francisco, United States
Duration: 12 May 202515 May 2025
https://sp2025.ieee-security.org/index.html

Publication series

NameIEEE Symposium on Security and Privacy
PublisherInstitute of Electrical and Electronics Engineers
ISSN (Print)1081-6011
ISSN (Electronic)2375-1207

Symposium

Symposium46th IEEE Symposium on Security and Privacy
Abbreviated titleIEEE S&P 2025
Country/TerritoryUnited States
CitySan Francisco
Period12/05/2515/05/25
Internet address

Fingerprint

Dive into the research topics of '“Why would money protect me from cyber bullying ?”: A mixed-methods study of personal cyber insurance'. Together they form a unique fingerprint.

Cite this