Rethinking the Prevailing Security Paradigm: Can User Empowerment with Traceability Reduce the Rate of Security Policy Circumvention?