People Swap Their Sensitive Information For Cookies

People love their sweets and some will even give up sensitive information, such as fingerprints or partial Social Security numbers, for just one cookie.

A performance artist in Brooklyn, New York conducted an unscientific experiment to see what information people would willingly give up for one cookie, according to ProPublica. The artist Risa Puno asked 380 attendees at a Brooklyn arts festival offered her sweet treats to anyone willing to have their picture taken, give up their fingerprints or answer security questions such as a person's address or phone number.

"It is crazy what people were willing to give me," the artist Risa Puno told Mashable and ProPublica. Puno called her experiment "Please Enable Cookies" and the cookie flavors included "Chocolate Chili Fleur de Sel" and "Pink Pistachio Peppercorn."

More than half of respondents allowed for Puno to take their picture. Less than half (162 people) gave the last four digits of their Social Security number and about a third allowed Puno to fingerprint them. Many also showed the artist their driver's license so she could verify some of the information.

Puno refused to answer what she would do with the information. She instead referred them to her terms of service and other legal documentation written in tiny script that give her the right to publish the information as well as share it with others.

She still possesses the data she collected and has not decided whether to destroy it or simply hold onto it. Puno called the disclosure forms her customers signed as "precious artifacts of what people are willing to do. I kind of want to hold onto them forever."

The cookie customers' may have been more willing to give up the sensitive information because it was only for an artistic performance, and "it was very low-risk to provide information," Alessandro Acquisti, a Carnegie Mellon privacy expert, told ProPublica.

Puno's customers walked away with a cool-looking cookie (many were decorated with different social network logos) and little doubt that their personal info wouldn't be used for nefarious reasons.

Puno made some cookies worth more "points" depending on what information people would give up. She found it surprising that people easily gave up security questions - pet's name, mother's maiden name, place of birth or the name of your first teacher - that could be used to hack into online accounts.

"They didn't recognize them as security questions, or they didn't care ... but that's how people 'hack' into celebrity iClouds, by guessing their security questions," the artist said.

Tags
Security, Online, Fingerprints
Real Time Analytics