Minghong Chen,Xiumei Huang,Xianjun Qi

DOI: https://doi.org/10.1108/imds-05-2023-0337

IF: 4.803

2024-05-19

Industrial Management & Data Systems

Abstract:Purpose In the paradox of personalized services and privacy risks, what factors influence users' decisions is considered an interesting issue worth exploring. The current study aims to empirically explore privacy behavior of social media users by developing a theoretical model based on privacy calculus theory. Design/methodology/approach Privacy risks, conceptualized as natural risks and integrated risks, were proposed to affect the intention of privacy disclosure and protection. The model was validated through a hybrid approach of structural equation modeling (SEM)-artificial neural network (ANN) to analyze the data collected from 527 effective responses. Findings The results from the SEM analysis indicated that social interaction and perceived enjoyment were strong determinants of perceived benefits, which in turn played a dominant role in the intention to disclose the privacy in social media. Similarly, trust and privacy invasion experience were significantly related to perceived risks that had the most considerable effect on users' privacy protection intention. And the following ANN models revealed consistent relationships and rankings with the SEM results. Originality/value This study broadened the application perspective of privacy calculus theory to identify both linear and non-linear effects of privacy risks and privacy benefits on users' intention to disclose or protect their privacy by using a state-of-the-art methodological approach combining SEM and ANN.

computer science, interdisciplinary applications,engineering, industrial

Hichang Cho

DOI: https://doi.org/10.1108/intr-05-2020-0269

IF: 5.9

2021-05-14

Internet Research

Abstract:Purpose Many internet users exhibit signs of privacy helplessness and entirely give up online privacy management. However, we know little about what privacy helplessness is, when users are likely to experience it and its implications for privacy behavior. The objectives of this study were twofold: (a) the conceptual explication of privacy helplessness as a novel construct in privacy research and (b) the development of a theoretical model that specifies the antecedents and consequences of privacy helplessness. Design/methodology/approach A research model of privacy helplessness that contains three subcomponents of privacy helplessness, five antecedents and one outcome was developed. The model was empirically examined based on survey data collected from 589 Facebook users in the USA. Findings The results of exploratory and confirmatory factor analyses showed that privacy helplessness is adequately assessed by a three-factor model with affective, cognitive and motivational components. The results of structural equation modeling indicated that these three aspects of privacy helplessness are uniquely predicted by five theoretical factors: (a) prior experience of privacy risks, (b) personal mastery, (c) perceived costs of adaptive privacy actions, (d) perceived rewards of privacy inactions and (e) perceived vulnerability. Furthermore, it was found that helplessness as motivational deficits (and cognitive helplessness via this) impedes adaptive privacy actions, while cognitive helplessness promotes adaptive privacy actions when they do not result in motivational deficits. Originality/value This study pioneers investigation in understanding key constituents, attributes and processes underlying privacy helplessness. First, the present study developed the first theory-derived, successively validated measurement model of privacy helplessness. Second, this research proposed a theoretical model of privacy helplessness, specifying antecedents and consequences of privacy helplessness.

computer science, information systems,telecommunications,business

Ding Wu,Chao Min,Zhijie Li,Yuejun Wang

DOI: https://doi.org/10.1016/j.dss.2023.113961

IF: 6.969

2023-01-01

Decision Support Systems

Abstract:Internet users frequently encounter diverse data requests, and their privacy disclosure decisions have attracted massive practical and scholarly attention. Nevertheless, how the accumulation of users' disclosure-related ex-periences influences their future privacy disclosure decisions is still under-explored. In this paper, we theoreti-cally derive and examine the impacts of two types of disclosure-related experiences-privacy disclosure and privacy invasion experiences. These experiences respectively represent user experiences in the participation and feedback stages of privacy disclosure events. We draw on the systematic-heuristic model of information pro-cessing and the privacy calculus model to raise the core speculation that users' disclosure-related experiences exert multiple forms of effects on their privacy disclosure decisions through multiple theoretical routes (i.e., polymorphic experience effects). To test this speculation, we conducted two online survey studies (N = 485, N = 324) and yielded three major findings: (1) users' privacy disclosure experiences can promote their information disclosure intentions through direct and mediation routes (i.e., habituation effects); (2) users' privacy invasion experiences can deter their information disclosure intentions through mediation and moderation routes, yet the latter varied across the investigated contexts (i.e., vigilance effects); (3) the moderating role of privacy disclosure experiences and the directly influencing role of privacy invasion experiences were largely insignificant. Our research reveals the polymorphic impacts of disclosure-related experiences on Internet users' privacy disclosure decisions and lays the foundation for future theoretical and practical work.

Lu Yu,Li He,Jian Du,Xiaobo Wu

DOI: https://doi.org/10.1007/s10796-024-10531-9

2024-09-03

Information Systems Frontiers

Abstract:Dealing with privacy threats and adopting appropriate strategies to manage personal information have become crucial challenges for internet users. While adaptive problem-focused coping (APFC) has been extensively discussed in the literature on information privacy, little is known about maladaptive emotion-focused coping (MEFC). This paper proposes that individuals employ privacy protection motivation (a form of APFC) and privacy cynicism (a form of MEFC), according to their threat and coping appraisals. These two coping strategies will then influence their behaviour regarding the disclosure of personal information on the internet. Offering an empirical analysis of 346 samples of survey data from China, this paper reveals that privacy cynicism, which is mainly affected by deep concerns about privacy and high self-efficacy but low response efficacy, and inconsistency between users' motivations for protecting their privacy and their actual disclosure behavior are the reasons for the privacy paradox. This study provides crucial theoretical support and practical guidance for the privacy management of internet users' information.

computer science, information systems, theory & methods

Xiao Zhou Liu,Shuang Ling,Ying Liu

DOI: https://doi.org/10.1108/oir-02-2023-0078

2023-11-20

Online Information Review

Abstract:Purpose This study aims to empirically examine the relationship between Internet use and personal privacy risk perceptions, the mediating effect of trust and the moderating effect of satisfaction on that relationship, which is exactly conducive to the practice of personal information protection. Design/methodology/approach A moderated mediation model will be employed to test the hypothesized relationships using the 2017 Chinese Society Survey data. Findings The authors find that Internet use positively relates to citizens' risk perceptions toward privacy security, and trust partially mediates the relationship between Internet use and privacy risk perception. In addition, the analysis of moderating effects showed that satisfaction with social life significantly enhances the negative impact on individuals' privacy risk perceptions of interpersonal trust. The positively moderating effect of satisfaction with local governments' work mainly reveals the relationship between interpersonal trust (or institutional trust) and citizens' privacy risk perception. Moreover, satisfaction with Internet platforms positively moderates the relationship between consumer trust and privacy risk perception. Originality/value This article contributes to the social risk amplification framework by applying it to the personal privacy information protection field, which was rarely discussed before. It also enriches privacy research by identifying the internal mechanism of how Internet use influences citizens' risk perceptions towards privacy information leakage.

information science & library science,computer science, information systems

Feng Xu,Katina Michael,Xi Chen

DOI: https://doi.org/10.1007/s10660-013-9111-6

2013-01-01

Electronic Commerce Research

Abstract:The self-disclosure of personal information by users on social network sites (SNSs) play a vital role in the self-sustainability of online social networking service provider platforms. However, people’s levels of privacy concern increases as a direct result of unauthorized procurement and exploitation of personal information from the use of social networks which in turn discourages users from disclosing their information or encourages users to submit fake information online. After a review of the Theory of Planned Behavior (TPB) and the privacy calculus model, an integrated model is proposed to explain privacy disclosure behaviors on social network sites. Thus, the aim of this paper is to find the key factors affecting users’ self-disclosure of personal information. Using privacy calculus, the perceived benefit was combined into the Theory of Planned Behavior, and after some modifications, an integrated model was prescribed specifically for the context of social network sites. The constructs of information sensitivity and perceived benefit were redefined after reviewing the literature. Through a study on the constructs of privacy concern and self-disclosure, this article aims at reducing the levels of privacy concern, while sustaining online transactions and further stimulating the development of social network sites.

Reza Ghaiumy Anaraky,Yao Li,Hichang Cho,Danny Yuxing Huang,Kaileigh A. Byrne,Bart Knijnenburg,Oded Nov

DOI: https://doi.org/10.1145/3613904.3642640

2024-02-28

Abstract:In this study, we explore the effectiveness of persuasive messages endorsing the adoption of a privacy protection technology (IoT Inspector) tailored to individuals' regulatory focus (promotion or prevention). We explore if and how regulatory fit (i.e., tuning the goal-pursuit mechanism to individuals' internal regulatory focus) can increase persuasion and adoption. We conducted a between-subject experiment (N = 236) presenting participants with the IoT Inspector in gain ("Privacy Enhancing Technology" -- PET) or loss ("Privacy Preserving Technology" -- PPT) framing. Results show that the effect of regulatory fit on adoption is mediated by trust and privacy calculus processes: prevention-focused users who read the PPT message trust the tool more. Furthermore, privacy calculus favors using the tool when promotion-focused individuals read the PET message. We discuss the contribution of understanding the cognitive mechanisms behind regulatory fit in privacy decision-making to support privacy protection.

Human-Computer Interaction

Jana Korunovska,Bernadette Kamleitner,Sarah Spiekermann

DOI: https://doi.org/10.48550/arXiv.2005.08967

2020-05-18

Abstract:The new information and communication technology providers collect increasing amounts of personal data, a lot of which is user generated. Unless use policies are privacy-friendly, this leaves users vulnerable to privacy risks such as exposure through public data visibility or intrusive commercialisation of their data through secondary data use. Due to complex privacy policies, many users of online services unwillingly agree to privacy-intruding practices. To give users more control over their privacy, scholars and regulators have pushed for short, simple, and prominent privacy policies. The premise has been that users will see and comprehend such policies, and then rationally adjust their disclosure behaviour. In this paper, on a use case of social network service site, we show that this premise does not hold. We invited 214 regular Facebook users to join a new fictitious social network. We experimentally manipulated the privacy-friendliness of an unavoidable and simple privacy policy. Half of our participants miscomprehended even this transparent privacy policy. When privacy threats of secondary data use were present, users remembered the policies as more privacy-friendly than they actually were and unwittingly uploaded more data. To mitigate such behavioural pitfalls we present design recommendations to improve the quality of informed consent.

Computers and Society

Y.E. Sinyavskaya

DOI: https://doi.org/10.17759/sps.2022130103

2022-01-01

Social Psychology and Society

Abstract:Objective. To analyze the effect of privacy violation experience on privacy-protective behaviorsBackground. In the era of rapid development of Internet technologies, privacy issues call for scientific reflection. Understanding the factors that regulate online user behavior might assist in elaborating the adequate privacy policy.Study design. Regression analysis provides a parametric evaluation of the effect of privacy experience on usage of privacy settings. Various matching technics were applied for preliminary balancing of the control (N=215) and treatment groups (N=160) by a set of key covariates.Participants. Users of the largest Russian online social network VKontakte from the Russian city Vologda. The sample size is 375 respondents (55% female) from 16 to 83 age (Mean=32,5; Med.=31; SD=12,9).Measurements. Both survey data on privacy experience and observed behavioral data on privacy settings from users’ online accounts were used. Additionally, the scale of P. Totterdell & D. Holman on propensity to make social connection and M. Rosenberg’s self-esteem scale were adopted in the studyResults. The experience of privacy violation does not lead to the cautious behavior online: the users tend to regulate only the access to the public posts on profile due to past bad experience. The privacy settings literacy turns significantly affect the usage of privacy settings.Conclusions. The findings support the “privacy paradox” hypothesis. As having specific online privacy management skills encourages more cautious behavior online, digital literacy interventions can improve the safety of social networking sites.

Tamara Dinev,Heng Xu,Jeff H Smith,Paul Hart

DOI: https://doi.org/10.1057/ejis.2012.23

2013-05-01

European Journal of Information Systems

Abstract:Privacy is one of the few concepts that has been studied across many disciplines, but is still difficult to grasp. The current understanding of privacy is largely fragmented and discipline-dependent. This study develops and tests a framework of information privacy and its correlates, the latter often being confused with or built into definitions of information privacy per se. Our framework development was based on the privacy theories of Westin and Altman, the economic view of the privacy calculus, and the identity management framework of Zwick and Dholakia. The dependent variable of the model is perceived information privacy. The particularly relevant correlates to information privacy are anonymity, secrecy, confidentiality, and control. We posit that the first three are tactics for information control; perceived information control and perceived risk are salient determinants of perceived information privacy; and perceived risk is a function of perceived benefits of information disclosure, information sensitivity, importance of information transparency, and regulatory expectations. The research model was empirically tested and validated in the Web 2.0 context, using a survey of Web 2.0 users. Our study enhances the theoretical understanding of information privacy and is useful for privacy advocates, and legal, management information systems, marketing, and social science scholars.

information science & library science,management,computer science, information systems

Luyao Wang,Qi Li

DOI: https://doi.org/10.3969/j.issn.1002-1965.2016.12.013

IF: 3.1759

2016-01-01

Journal of Intelligence

Abstract:Purpose/Significance] While Social network taking user a series problems of privacy information security, research on the fear appeals information about security has great significance in encouraging user to adopt privacy protection measures. [ Method/Process] Based on the fear appeals theory, this article proposes a protecting intention influence model to explore factors that influence userˊs adop-ting security measures behavior. [ Result/Conclusion] Results showed that: threat severity of fear appeals information has positive influ-ence on userˊs efficacy and no significant direct effect behavioral intent of security;threat susceptibility has positive influence on behavioral intent, but no significant impact on userˊs efficacy; userˊs efficacy and social influence have positive influence on their actions.

Luyao Wang,Qi Li,Zhilin Qiao,Shuai Liu

DOI: https://doi.org/10.3969/j.issn.1002-1965.2019.10.016

IF: 3.1759

2019-01-01

Journal of Intelligence

Abstract:This paper aims to guarantee SNS users' enthusiasm and activity via focusing on strengthening users' privacy protection motivation and privacy security protection behaviors. [ Method/Process] Based on protection motivation theory, this study builds the theoretical models and hypotheses by using threat appraisal and coping appraisal as antecedents of SNS users'privacy con-cerns and privacy protection behavior. We collect data of Sina Weibo users by questionnaire survey and use SPSS and AMOS for the SEM and Mediation effect analysis to verify the hypotheses. [ Result/Conclusion] The empirical results indicate that both threat appraisal and coping appraisal positively impact SNS users' privacy protection behaviors, SNS users' privacy concerns are positively affected by threat appraisal, and privacy concerns have a direct and mediation effect on SNS users'privacy security protection behaviors.

Baobao Song,Mengyue Deng,Shiva Raj Pokhrel,Qiujun Lan,Robin Doss,Gang Li

DOI: https://doi.org/10.48550/arXiv.2302.09258

2023-02-18

Cryptography and Security

Abstract:Users have renewed interest in protecting their private data in the digital space. When they don't believe that their privacy is sufficiently covered by one platform, they will readily switch to another. Such an increasing level of privacy awareness has made privacy preservation an essential research topic. Nevertheless, new privacy attacks are emerging day by day. Therefore, a holistic survey to compare the discovered techniques on attacks over privacy preservation and their mitigation schemes is essential in the literature. We develop a study to fill this gap by assessing the resilience of privacy-preserving methods to various attacks and conducting a comprehensive review of countermeasures from a broader perspective. First, we introduce the fundamental concepts and critical components of privacy attacks. Second, we comprehensively cover major privacy attacks targeted at anonymous data, statistical aggregate data, and privacy-preserving models. We also summarize popular countermeasures to mitigate these attacks. Finally, some promising future research directions and related issues in the privacy community are envisaged. We believe this survey will successfully shed some light on privacy research and encourage researchers to entirely understand the resilience of different existing privacy-preserving approaches.

Yun Zhang,Chuan Luo,Hongyan Wang,Yang Chen,Yue Chen

DOI: https://doi.org/10.1080/0144929x.2022.2046162

2022-01-01

Behaviour and Information Technology

Abstract:To gain a heuristic understanding of the temporal dimension of privacy, we propose the concept of retrospective privacy concerns and explore its antecedents, through the lens of contextual integrity framework. We collected 276 respondents and then conducted partial least squares to test our hypotheses. The results show life change experiences and information relevance impact retrospective impression management concerns, which, in turn, exert an effect on retrospective privacy concerns. Information dissemination regarding sharing information to only selected friends perceived higher level of control than sharing information to all friends, while perceived control could enhance retrospective privacy concerns. Also, users who feel under surveillance would be concerned about their retrospective privacy. Moreover, we verify the effect of time on retrospective privacy concerns and information relevance. This work provides new insight into the temporal dimension of privacy and offers practical implications for designing temporal privacy tools to mitigate users' concerns.

Carrie D. Kennedy-Lightsey,Brandi N. Frisby

DOI: https://doi.org/10.1080/08934215.2015.1048477

2015-09-18

Communication Reports

Abstract:Communication privacy management (CPM) theory guides the current study of parents’ self-reported privacy invasion behaviors. Participants (N = 113) completed measures of their general privacy invasion behaviors, their perceptions of ownership, and their family communication patterns. Results indicate that parents’ privacy invasion behaviors are positively associated with perceived ownership of emerging adults’ private information and conformity orientation. Moreover, perceived ownership mediated the association between conformity orientation and privacy invasion. Conversation orientation, however, was not significantly associated with privacy invasion. The current study supports and extends CPM.

Mohsen Jozani,Emmanuel Ayaburi,Myung Ko,Kim-Kwang Raymond Choo

DOI: https://doi.org/10.1016/j.chb.2020.106260

IF: 9.9

2020-06-01

Computers in Human Behavior

Abstract:Privacy threats in a social media-enabled application (app) can originate from either the institution or other app users. Although privacy in social media is well studied, the role of social (peer) privacy concerns is largely unknown and most privacy studies on mobile apps focus on initial adoption and ignore long-term behavioral outcomes. Drawing on the privacy calculus theory, this study examines the impact of both institutional and social privacy concerns on long-term user engagement with social media-enabled apps. Findings from the analysis of 354 survey responses reveal that both institutional and social privacy concerns decrease engagement. Regarding the antecedents, the perceived sensitivity of information increases institutional privacy concerns. However, social privacy concerns is influenced by the perception of risk and control. Moreover, while the impacts of social and enjoyment benefits are expectedly positive, the perception of efficiency benefits decreases engagement. These findings are further investigated and validated through a follow-up text analysis study, suggesting that users who enjoy the functionality of these apps are more likely to express social privacy concerns and minimize their engagement. This study contributes to the literature of privacy on mobile apps by unraveling the intricate dynamics of privacy concerns and benefits in the social mobile era.

psychology, multidisciplinary, experimental

Varun Shiri,Maggie Xiong,Jinghui Cheng,Jin L.C. Guo

DOI: https://doi.org/10.1145/3643834.3661544

2024-05-07

Abstract:In modern technology environments, raising users' privacy awareness is crucial. Existing efforts largely focused on privacy policy presentation and failed to systematically address a radical challenge of user motivation for initiating privacy awareness. Leveraging the Protection Motivation Theory (PMT), we proposed design ideas and categories dedicated to motivating users to engage with privacy-related information. Using these design ideas, we created a conceptual prototype, enhancing the current App Store product page. Results from an online experiment and follow-up interviews showed that our design effectively motivated participants to attend to privacy issues, raising both the threat appraisal and coping appraisal, two main factors in PMT. Our work indicated that effective design should consider combining PMT components, calibrating information content, and integrating other design elements, such as visual cues and user familiarity. Overall, our study contributes valuable design considerations driven by the PMT to amplify the motivational aspect of privacy communication.

Human-Computer Interaction

Yinhao Jiang,Mir Ali Rezazadeh Baee,Leonie Ruth Simpson,Praveen Gauravaram,Josef Pieprzyk,Tanveer Zia,Zhen Zhao,Zung Le

DOI: https://doi.org/10.3390/cryptography8010005

2024-01-31

Cryptography

Abstract:The increasing use of technologies, particularly computing and communication paradigms, has significantly influenced our daily lives. Interconnecting devices and networks provides convenient platforms for information exchange and facilitates pervasive user data collection. This new environment presents serious privacy challenges. User activities can be continuously monitored in both digital and physical realms. Gathered data can be aggregated and analysed, revealing aspects of user behaviour that may not be apparent from a single data point. The very items that facilitate connectivity simultaneously increase the risk of privacy breaches. The data gathered to provide services can also be used for monitoring and surveillance. This paper discerns three novel categories of privacy concerns relating to pervasive user data collection: privacy and user activity in cyberspace, privacy in personal cyber–physical systems, and privacy in proactive user-driven data collection. We emphasise the primary challenges, ranging from identity tracking in browsing histories to intricate issues in opportunistic networks, situating each within practical, real-world scenarios. Furthermore, we assess the effectiveness of current countermeasures, investigating their strengths and limitations. This paper explores the challenges in preserving privacy in user interactions with dynamic interconnected systems and suggests countermeasures to mitigate identified privacy risks.

V. S. Prakash Attili,Saji K. Mathew,Vijayan Sugumaran

DOI: https://doi.org/10.1007/s10796-021-10158-0

2021-06-22

Information Systems Frontiers

Abstract:Information privacy concerns have been rising over a few decades. As per the recent General Data Protection Regulation, organizations need to implement the highest-possible privacy settings by design and default. Following the neo-institutional theory, this study develops a model for understanding the mechanism of information privacy assimilation in Information Technology (IT) organizations. This study treats information privacy as a distinct dimension separate from security. After analyzing a sample survey data of 214 respondents from the IT industry, privacy capability and organizational culture emerged as influencing factors with a statistically significant influence on information privacy assimilation. The findings from this study support the mediating role of senior management participation between the external coercive forces and privacy-related business strategy. Business strategy also plays a mediating role between coercive/normative forces and privacy-related activities within an organization. Here the mimetic forces show a direct influence on privacy-related activities. A positive moderating effect of organizational culture on normative forces and privacy-related activities relationship; and a negative moderating effect of privacy capability on mimetic forces and privacy-related activities relationship are observed. These findings could enable senior managers to respond to institutional pressures by focusing on appropriate factors within an organization for developing effective privacy strategies and actions. This work is an extension of the pilot work that was published in Communications of the Association for Information Systems (CAIS), 2018. The prior work focuses on developing the propositions qualitatively. Building on that, we have formally defined the hypotheses, developed the appropriate survey instrument and collected the primary data which is large enough to do adequate analysis. Adopted a quantitative approach using an extensive sample survey of IT organizations, followed a more rigorous process for data collection, analysis, and discussion of the results. In addition, based on the lessons learned from the pilot study, we have updated the research model and hypotheses with a focus on privacy-related business strategy and activities.

computer science, information systems, theory & methods

Akash Deep Singh,Brian Wang,Luis Garcia,Xiang Chen,Mani Srivastava

2024-03-04

Abstract:While IoT sensors in physical spaces have provided utility and comfort in our lives, their instrumentation in private and personal spaces has led to growing concerns regarding privacy. The existing notion behind IoT privacy is that the sensors whose data can easily be understood and interpreted by humans (such as cameras) are more privacy-invasive than sensors that are not human-understandable, such as RF (radio-frequency) sensors. However, given recent advancements in machine learning, we can not only make sensitive inferences on RF data but also translate between modalities. Thus, the existing notions of privacy for IoT sensors need to be revisited. In this paper, our goal is to understand what factors affect the privacy notions of a non-expert user (someone who is not well-versed in privacy concepts). To this regard, we conduct an online study of 162 participants from the USA to find out what factors affect the privacy perception of a user regarding an RF-based device or a sensor. Our findings show that a user's perception of privacy not only depends upon the data collected by the sensor but also on the inferences that can be made on that data, familiarity with the device and its form factor as well as the control a user has over the device design and its data policies. When the data collected by the sensor is not human-interpretable, it is the inferences that can be made on the data and not the data itself that users care about when making informed decisions regarding device privacy.

Human-Computer Interaction