Kholekile L. Gwebu,Jing Wang,Li Wang

DOI: https://doi.org/10.1080/07421222.2018.1451962

IF: 7.582

2018-01-01

Journal of Management Information Systems

Abstract:Despite the significant financial losses associated with data breaches, little is known about the (in)effectiveness of the tools that firms have to protect their value following a breach. Drawing on cognitive dissonance theory and the research on cue diagnosticity and crisis management, this study examines the relative efficacy of firm reputation and a range of post-breach response strategies. The results indicate that firm reputation is an important asset in protecting firm value. However, only certain response strategies are found to mitigate the negative financial impact of a breach on lower-reputation firms, and response strategies are found to matter less for high-reputation firms. These findings offer practitioners evidence-based guidance for protecting firm value following data breaches and underscore the need for developing more nuanced strategies for managing breaches. The theoretical arguments developed here serve as a conceptual base for examining the efficacy of various data breach response strategies.

Kholekile L. Gwebu,Jing Wang,Wenjuan Xie

2014-01-01

Abstract:To estimate the cost of a data breach to the inflicted firm, this study examines the relationship between a breach incident and changes in the inflicted firm’s profitability, perceived risk, and the inflicted firms’ information environment transparency. Profitability is measured as reported earnings and analysts’ earnings forecasts. Perceived risk is measured as reported stock return volatility and dispersion among analysts’ forecasts. Although a number of studies have investigated the stock market reaction surrounding the disclosure of a breach incident to quantify the cost associated with breaches, we argue that there exists information uncertainty and deficiency in the disclosure of the breach incident and stock market reaction surrounding a security breach announcement date may not be the best measure for the cost of security breaches. And research using other complementary measures is warranted. Our preliminary finding suggests that data breaches negatively impact firm profitability, perceived risk and information transparency. Nevertheless, the damage of a breach most likely stems from direct costs such as compensation and litigation costs rather than indirect costs such as tarnished reputation and a decrease in market share and sales. More sophisticated analysts are also found to add value in estimating the real cost of a security breach.

Shuili Du,Jing Wang,Kholekile L. Gwebu

DOI: https://doi.org/10.1109/CyberSA.2017.8073393

2017-01-01

Abstract:This study explores the potential role of corporate social responsibility (CSR) in mitigating the damage of data breach, a topic that has received scant attention from the literature. Drawing upon the literatures on CSR, stakeholder theory, and the resource-based view (cites), we conceptualize that firms with greater CSR activities accumulate goodwill and cultivate stronger stakeholder relationships, and thus during times of a crisis, such as a data breach, stakeholders are more likely to give the socially responsible firm "the benefit of doubt" and temper their sanctions, mitigating the damage of the breach.

Fei Bu,Nengmin Wang,Qi Jiang,Xiang Tian

DOI: https://doi.org/10.3390/systems12070250

2024-01-01

Systems

Abstract:Privacy by design (PbD) has attracted considerable attention from researchers and information security experts due to its enormous potential for protecting private information and improving the privacy and security quality of information technology products. The adoption of PbD among information engineers is currently limited owing to its innovativeness and the distinctive traits of the information technology industry. Utilising the Technology Acceptance Model as a framework, this study innovatively explores the pivotal factors and mechanisms that influence information engineers’ decision-making in the adoption of PbD from the viewpoint of the perceived work risk. In this empirical research, professional information engineers were invited to complete a questionnaire survey. After analysing the data using partial least squares structural equation modelling, the results reveal that information engineers’ perceived work risk in PbD (PWRP) negatively affects their perceptions of the usefulness and ease of use of PbD. This negative perception subsequently reduces their intention to implement PbD (INTP) and adversely impacts their attitudes towards implementing PbD (ATTP). Furthermore, the study findings reveal that a positive ATTP among engineers boosts their INTP and positively influences their behaviours regarding information security. This study provides an in-depth examination of these findings and lays a solid theoretical groundwork for the further promotion and implementation of PbD in information technology enterprises. Moreover, the findings offer invaluable support for management decisions in both information technology companies and information security regulatory authorities, significantly contributing to the expansion and deepening of research in the field of PbD.

Reza Ghaiumy Anaraky,Yao Li,Hichang Cho,Danny Yuxing Huang,Kaileigh A. Byrne,Bart Knijnenburg,Oded Nov

DOI: https://doi.org/10.1145/3613904.3642640

2024-02-28

Abstract:In this study, we explore the effectiveness of persuasive messages endorsing the adoption of a privacy protection technology (IoT Inspector) tailored to individuals' regulatory focus (promotion or prevention). We explore if and how regulatory fit (i.e., tuning the goal-pursuit mechanism to individuals' internal regulatory focus) can increase persuasion and adoption. We conducted a between-subject experiment (N = 236) presenting participants with the IoT Inspector in gain ("Privacy Enhancing Technology" -- PET) or loss ("Privacy Preserving Technology" -- PPT) framing. Results show that the effect of regulatory fit on adoption is mediated by trust and privacy calculus processes: prevention-focused users who read the PPT message trust the tool more. Furthermore, privacy calculus favors using the tool when promotion-focused individuals read the PET message. We discuss the contribution of understanding the cognitive mechanisms behind regulatory fit in privacy decision-making to support privacy protection.

Human-Computer Interaction

Kovila P.L. Coopamootoo

DOI: https://doi.org/10.1145/3372297.3423347

2020-10-30

Abstract:The steady reports of privacy invasions online paints a picture of the Internet growing into a more dangerous place. This is supported by reports of the potential scale for online harms facilitated by the mass deployment of online technology and by the data-intensive web. While Internet users often express concern about privacy, some report taking actions to protect their privacy online. We investigate the methods and technologies that individuals employ to protect their privacy online. We conduct two studies, of N=180 and N=907, to elicit individuals' use of privacy methods, within the US, the UK and Germany. We find that non-technology methods are among the most used methods in the three countries. We identify distinct groupings of privacy methods usage in a cluster map. The map shows that together with non-technology methods of privacy protection, simple PETs that are integrated in services, form the most used cluster, whereas more advanced PETs form a different, least used cluster. We further investigate user perception and reasoning for mostly using one set of PETs, in a third study with N=183 participants. We do not find a difference in perceived competency in protecting privacy online between advanced and simpler PETs users. We compare use perceptions between advanced and simpler PETs and report on user reasoning for not using advanced PETs, as well as support needed for potential use. This paper contributes to privacy research by eliciting use and perception of use across 43 privacy methods, including 26 PETs across three countries and provides a map of PETs usage. The cluster map provides a systematic and reliable point of reference for future user-centric investigations across PETs. Overall, this research provides a broad understanding of use and perceptions across a collection of PETs, and can lead to future research for scaling use of PETs.

Daeun Lee,Harjinder Singh Lallie,Nadine Michaelides

2023-07-06

Abstract:Despite the rapid rise in social engineering attacks, not all employees are as compliant with information security policies (ISPs) to the extent that organisations expect them to be. ISP non-compliance is caused by a variety of psychological motivation. This study investigates the effect of psychological contract breach (PCB) of employees on ISP compliance intention (ICI) by dividing them into intrinsic and extrinsic motivation using the theory of planned behaviour (TPB) and the general deterrence theory (GDT). Data analysis from UK employees (\textit{n=206}) showed that the higher the PCB, the lower the ICI. The study also found that PCBs significantly reduced intrinsic motivation (attitude and perceived fairness) for ICI, whereas PCBs did not moderate the relationship between extrinsic motivation (sanction severity and sanctions certainty) and ICI. As a result, this study successfully addresses the risks of PCBs in the field of IS security and proposes effective solutions for employees with high PCBs.

Computers and Society

Andreas Skalkos,Aggeliki Tsohou,Maria Karyda,Spyros Kokolakis

DOI: https://doi.org/10.1108/ics-08-2022-0142

2023-11-30

Information and Computer Security

Abstract:Purpose Search engines, the most popular online services, are associated with several concerns. Users are concerned about the unauthorized processing of their personal data, as well as about search engines keeping track of their search preferences. Various search engines have been introduced to address these concerns, claiming that they protect users' privacy. The authors call these search engines privacy-preserving search engines (PPSEs). This paper aims to investigate the factors that motivate search engine users to use PPSEs. Design/methodology/approach This study adopted protection motivation theory (PMT) and associated its constructs with subjective norms to build a comprehensive research model. The authors tested the research model using survey data from 830 search engine users worldwide. Findings The results confirm the interpretive power of PMT in privacy-related decision-making and show that users are more inclined to take protective measures when they consider that data abuse is a more severe risk and that they are more vulnerable to data abuse. Furthermore, the results highlight the importance of subjective norms in predicting and determining PPSE use. Because subjective norms refer to perceived social influences from important others to engage or refrain from protective behavior, the authors reveal that the recommendation from people that users consider important motivates them to take protective measures and use PPSE. Research limitations/implications Despite its interesting results, this research also has some limitations. First, because the survey was conducted online, the study environment was less controlled. Participants may have been disrupted or affected, for example, by the presence of others or background noise during the session. Second, some of the survey items could possibly be misinterpreted by the respondents in the study questionnaire, as they did not have access to clarifications that a researcher could possibly provide. Third, another limitation refers to the use of the Amazon Turk tool. According Paolacci and Chandler (2014) in comparison to the US population, the MTurk workers are more educated, younger and less religiously and politically diverse. Fourth, another limitation of this study could be that Actual Use of PPSE is self-reported by the participants. This could cause bias because it is argued that internet users' statements may be in contrast with their actions in real life or in an experimental scenario (Berendt et al., 2005, Jensen et al., 2005); Moreover, some limitations of this study emerge from the use of PMT as the background theory of the study. PMT identifies the main factors that affect protection motivation, but other environmental and cognitive factors can also have a significant role in determining the way an individual's attitude is formed. As Rogers (1975) argued, PMT as proposed does not attempt to specify all of the possible factors in a fear appeal that may affect persuasion, but rather a systematic exposition of a limited set of components and cognitive mediational processes that may account for a significant portion of the variance in acceptance by users. In addition, as Tanner et al. (1991) argue, the 'PMT's assumption that the subjects have not already developed a coping mechanism is one of its limitations. Finally, another limitation is that the sample does not include users from China, which is the second most populated country. Unfortunately, DuckDuckGo has been blocked in China, so it has not been feasible to include users from China in this study. Practical implications The proposed model and, specifically, the subjective norms construct proved to be successful in predicting PPSE use. This study demonstrates the need for PPSE to exhibit and advertise the technology and measures they use to protect users' privacy. This will contribute to the effort to persuade internet users to use these tools. Social implications This study sought to explore the privacy attitudes of search engine users using PMT and its constructs' association with subjective norms. It used the PMT to elucidate users' perceptions that motivate them to privacy adoption behavior, as well as how these perceptions influence the type of search engine they use. This research is a first step toward gaining a better understanding of the processes that drive people's motivation to, or not to, protect their privacy online by means of using PPSE. At the same time, this study contributes to search engine vendors by revealing that users' need to be persuaded not only about their policy toward privacy but also by considering and implementing new strategies of diffusion that could enhance the use of the PPSE. Originality/value This research is a first step toward gaining a better understanding of the processes that drive people's motivation to, or not to, protect their privacy online -Abstract Truncated-

Paul Benjamin Lowry,Clay Posey,Rebecca J. Bennett,Tom L. Roberts,Rebecca Becky J. Bennett

DOI: https://doi.org/10.1111/isj.12063

IF: 7.767

2015-02-24

Information Systems Journal

Abstract:Research shows that organisational efforts to protect their information assets from employee security threats do not always reach their full potential and may actually encourage the behaviours they attempt to thwart, such as reactive computer abuse (CA). To better understand this dilemma, we use fairness theory (FT) and reactance theory (RT) to explain why employees may blame organisations for and retaliate against enhanced information security policies (ISPs). We tested our model with 553 working professionals and found support for most of it. Our results show that organisational trust can decrease reactive CA. FT suggests that explanation adequacy (EA) is an important factor that builds trust after an event. Our results also suggest that trust both fully mediates the relationship between EA and CA and partially mediates the relationship between perceived freedom restrictions related to enhanced ISPs and reactive CA. EA also had a strong negative relationship with freedom restrictions. Moreover, organisational security education, training and awareness (SETA) initiatives decreased the perceptions of external control and freedom restrictions and increased EA, and advance notification of changes increased EA. We also included 14 control variables and rival explanations to determine with more confidence what drove reactive CA in our context. Notably, the deterrence theory (DT)‐based constructs of sanction severity, certainty and celerity had no significant influence on reactive CA. We provide support for the importance of respectful communication efforts and SETA programmes, coupled with maximising employee rights and promoting trust and fairness to decrease reactive CA. These efforts can protect organisations from falling victim to their own organisational security efforts.

information science & library science

Yusuf Albayram,Jaden Walker

DOI: https://doi.org/10.1080/10447318.2024.2404721

IF: 4.92

2024-10-05

International Journal of Human-Computer Interaction

Abstract:The ever-increasing number of data breaches targeting user credentials has become undeniable reality in our digital age. Although there are third-party breach notification services (e.g., Have I Been Pwned, Firefox Monitor) that allow users to check whether their credentials have been involved in data breaches, the number of users who are aware of or use such services may be limited. To better inform users about the breach status of their accounts, we designed a prototype registration system where the website uses readily available information (e.g., email address) to check whether this account was involved in a data breach, and then inform the user about the breach status of the email address while signing up for a website. We investigated the effectiveness of this system by performing an online study ( n = 373) in which participants were asked to register to a mock-up website that presented them with a data breach notification based on Protection Motivation Theory (PMT). We found that 64% of participants were exposed in one or more breaches. A follow-up survey, 3 days after the initial survey, was conducted to determine if there were any behavior changes (e.g., changing passwords) of participants whose accounts were involved in some data breaches. We found that 40% of the participants changed their passwords on their some accounts. Finally, we present our qualitative data analysis to shed light on participants' motivations behind their decisions as well as their perceptions of the integration of our prototype registration system.

computer science, cybernetics,ergonomics

Philip Menard,Gregory J. Bott,Robert E. Crossler

DOI: https://doi.org/10.1080/07421222.2017.1394083

IF: 7.582

2017-10-02

Journal of Management Information Systems

Abstract:Managers desiring to protect information systems must understand how to most effectively motivate users to engage in secure behaviors. Information security researchers have frequently studied individuals’ performance of secure behaviors in response to threats. Protection motivation theory (PMT) has been used to explain individuals’ propensity to engage in voluntary secure behaviors, but the adaptation of this theory has yielded inconsistent results. Motivation as a measurable construct, as derived from self-determination theory (SDT), has never been included in or compared against PMT. In this study, we construct security messages that appeal to individuals’ intrinsic motivation, rather than fear, as a way to elicit secure responses. Using three sets of respondents, we integrated the SDT and PMT models and compared the native models in the context of security behaviors. We demonstrate that by using data- and individual-focused appeals and providing choices for users, managers may observe greater intention to engage in secure behavior among employees.

information science & library science,management,computer science, information systems

Enid Montague,Jie Xu,Erin Chiou

DOI: https://doi.org/10.1109/thms.2014.2325859

2014-01-01

IEEE Transactions on Human-Machine Systems

Abstract:The aim of this study is to examine the utility of physiological compliance (PC) to understand shared experience in a multiuser technological environment involving active and passive users. Common ground is critical for effective collaboration and important for multiuser technological systems that include passive users since this kind of user typically does not have control over the technology being used. An experiment was conducted with 48 participants who worked in two-person groups in a multitask environment under varied task and technology conditions. Indicators of PC were measured from participants' cardiovascular and electrodermal activities. The relationship between these PC indicators and collaboration outcomes, such as performance and subjective perception of the system, was explored. Results indicate that PC is related to group performance after controlling for task/technology conditions. PC is also correlated with shared perceptions of trust in technology among group members. PC is a useful tool for monitoring group processes and, thus, can be valuable for the design of collaborative systems. This study has implications for understanding effective collaboration.

Mike Nkongolo,Jahrad Sewnath

DOI: https://doi.org/10.48550/arXiv.2402.07905

IF: 6.4588

2024-01-03

Human-Computer Interaction

Abstract:The research aims to explore how individuals perceive and interact with data protection practices in an era of increasing reliance on technology and the widespread availability of personal data. The study employs a game theoretical approach to investigate the psychological factors that influence individuals' awareness and comprehension of data protection measures. This involves using strategies, moves, rewards, and observations within the game to gain comprehensive insights into these psychological factors. Through the analysis of player strategies and moves within the game, the research identifies several psychological factors that impact awareness of data protection. These factors include levels of knowledge, attitudes, perceived risks, and individual differences among participants. The findings highlight the intricate nature of human cognition and behavior concerning data protection, offering insights crucial for developing effective awareness games and educational initiatives in this domain.

Chi-Hoon Song,Ji-Hwan Lee,Taewoo Roh

DOI: https://doi.org/10.1080/10447318.2024.2327219

IF: 4.92

2024-03-19

International Journal of Human-Computer Interaction

Abstract:Cloud computing is spreading rapidly, but little research has been conducted to understand the effects of the protective perspective on acceptance by individuals. The goal of this study was to explore the impact of protective behavior on individuals' adoption of cloud computing. Specifically, the study will concentrate on personal cloud storage service (CSS), widely recognized as a protective technology. Our theoretical framework endeavored to combine protection motivation theory with the extended unified theory of acceptance and use of technology and focused on the effect of threat in the context of CSS. This study tested two proposed models (Model A, Model B) by structural equation modeling using data from 392 individuals. Data were collected for people in voluntary CSS-usage settings through an online survey. Model A and model B explained 61.0% and 60.4% of the variance in the behavioral intention to accept CSS, respectively. Results showed that CSS adoption is a protective measure against data loss and identified that threat influence CSS adoption. Threat elements directly do not influence behavioral intention to adopt CSS. Threat elements mostly acted as antecedents of independent variables; perceived severity and perceived vulnerability directly influenced technology attributes (performance expectancy, effort expectancy), and showed slightly different results in contextual attributes (facilitating conditions, social influence) and consumer attributes (hedonic motivation, habits). Our study offers a unique perspective for researchers and professionals in understanding the impact of threat factors on information technology domains where protective technologies are operated. Thus, we recommend that academics and business practitioners in the realm of cloud computing should consider user's protective motivation view of adopting CSS when designing, developing, delivering and spreading it.

computer science, cybernetics,ergonomics

Aaron R. Brough,David A. Norton,Shannon L. Sciarappa,Leslie K. John

DOI: https://doi.org/10.1177/00222437211069093

IF: 6.1

2022-02-18

Journal of Marketing Research

Abstract:Drawing from a content analysis of publicly traded companies’ privacy notices, a survey of managers, a field study, and five online experiments, this research investigates how consumers respond to privacy notices. A privacy notice, by placing legally enforceable limits on a firm's data practices, communicating safeguards, and signaling transparency, might be expected to promote confidence that personal data will not be misused. Indeed, most managers expected a privacy notice to make customers feel more secure (Study 1). Yet, consistent with the analogy that bulletproof glass can increase feelings of vulnerability despite the protection offered, formal privacy notices undermined consumer trust and decreased purchase interest even when they emphasized objective protection (Studies 2, 3, and 5) or omitted any mention of potentially concerning data practices (Study 6). These unintended consequences did not occur, however, when consumers had an a priori reason to be distrustful (Study 4) or when benevolence cues were added to privacy notices (Studies 5 and 6). Finally, Study 7 showed that both the presence and conspicuous absence of privacy information are sufficient to trigger decreased purchase intent. Together, these results provide actionable guidance to managers on how to effectively convey privacy information (without hurting purchase interest).

business

James Pavur,Casey Knerr

DOI: https://doi.org/10.48550/arXiv.1912.00731

2019-12-02

Abstract:The General Data Protection Regulation (GDPR) has become a touchstone model for modern privacy law, in part because it empowers consumers with unprecedented control over the use of their personal information. However, this same power may be susceptible to abuse by malicious attackers. In this paper, we consider how legal ambiguity surrounding the "Right of Access" process may be abused by social engineers. This hypothesis is tested through an adversarial case study of more than 150 businesses. We find that many organizations fail to employ adequate safeguards against Right of Access abuse and thus risk exposing sensitive information to unauthorized third parties. This information varied in sensitivity from simple public records to Social Security Numbers and account passwords. These findings suggest a critical need to improve the implementation of the subject access request process. To this end, we propose possible remediations which may be appropriate for further consideration by government, industry and individuals.

Cryptography and Security,Computers and Society

Bailing Liu,Paul A. Pavlou,Xiufeng Cheng

DOI: https://doi.org/10.1287/isre.2021.1045

IF: 4.9

2022-03-01

Information Systems Research

Abstract:Companies face a trade-off between creating stronger privacy protection policies for consumers and employing more sophisticated data collection methods. Justice-driven privacy protection outlines a method to manage this trade-off. We built on the theoretical lens of justice theory to integrate justice provision with two key privacy protection features, negotiation and active-recommendation, and proposed an information technology (IT) solution to balance the trade-off between privacy protection and consumer data collection. In the context of mobile banking applications, we prototyped a theory-driven IT solution, referred to as negotiation, active-recommendation privacy policy application, which enables customer service agents to interact with and actively recommend personalized privacy policies to consumers. We benchmarked our solution through a field experiment relative to two conventional applications: an online privacy statement and a privacy policy with only a simple negotiation feature. The results showed that the proposed IT solution improved consumers’ perceived procedural justice, interactive justice, and distributive justice and increased their psychological comfort in using our application design and in turn reduced their privacy concerns, enhanced their privacy awareness, and increased their information disclosure intentions and actual disclosure behavior in practice. Our proposed design can provide consumers better privacy protection while ensuring that consumers voluntarily disclose personal information desirable for companies.

information science & library science,management

Le Wang,Zao Sun,Xiaoyong Dai,Yixin Zhang,Hai-hua Hu

DOI: https://doi.org/10.1108/itp-01-2018-0020

2019-01-01

Abstract:Purpose The purpose of this paper is to facilitate understanding of how to mitigate the privacy concerns of users who have experienced privacy invasions. Design/methodology/approach Drawing on the communication privacy management theory, the authors developed a model suggesting that privacy concerns form through a cognitive process involving threat-coping appraisals, institutional privacy assurances and privacy experiences. The model was tested using data from an empirical survey with 913 randomly selected social media users. Findings Privacy concerns are jointly determined by perceived privacy risks and privacy self-efficacy. The perceived effectiveness of institutional privacy assurances in terms of established privacy policies and privacy protection technology influences the perceptions of privacy risks and privacy self-efficacy. More specifically, privacy invasion experiences are negatively associated with the perceived effectiveness of institutional privacy assurances. Research limitations/implications - Privacy concerns are conceptualized as general concerns that reflect an individual's worry about the possible loss of private information. The specific types of private information were not differentiated. Originality/value This paper is among the first to clarify the specific mechanisms through which privacy invasion experiences influence privacy concerns. Privacy concerns have long been viewed as resulting from individual actions. The study contributes to literature by linking privacy concerns with institutional privacy practice.

Mohamed Abomhara,Livinus Obiora Nweke,Sule Yildirim Yayilgan,Debora Comparin,Kristel Teyras,Stéphanie de Labriolle

DOI: https://doi.org/10.1007/s10207-024-00905-0

2024-09-04

International Journal of Information Security

Abstract:Privacy by Design (PbD) is a well-known concept that aims to provide a high level of protection for privacy throughout the entire life cycle of systems development. Despite the considerable attention from stakeholders such as researchers, government agencies, and system suppliers, the widespread adoption of PbD faces obstacles due to a lack of knowledge, insufficient awareness of PbD benefits, and the absence of specific implementation guidelines. In this study, stakeholders are identified primarily as diverse participants from government agencies and system suppliers engaged in National Identification Systems (NIDS). Specifically, government agencies representing regulatory bodies and administrators of NIDS, setting the legal framework that governs the NIDS's privacy aspects. The NIDS system suppliers includes private companies playing a crucial role in the development and implementation of NIDS with a focus on privacy considerations. Through the perspectives of NIDS stakeholders, this study aimed to examine the Knowledge, Attitudes and Practices (KAP) of PbD principles and its integration in NIDS. A survey involving 203 participants from government agencies and NIDS system suppliers engaged in NIDS development was conducted. Subsequently, a focus group discussion was held with 11 members to provide qualitative insights into the KAP of PbD. The survey results revealed a significant correlation between attitudes and practices but a weak correlation between knowledge and attitudes or practices. The focus group discussion assured these findings, emphasizing the role of positive attitudes in facilitating PbD practices and highlighting knowledge-practice gaps. In conclusion, this study offers tailored recommendations for improving the integration of PbD in NIDS development. The recommendations includes strategies such as developing training programs, establishing clear guidelines and standards and creating awareness campaigns.

computer science, information systems, theory & methods, software engineering

Neethu Mohan,Zakkariya K.A.,Rexy Ros Bobby

DOI: https://doi.org/10.26668/businessreview/2023.v8i6.2297

2023-06-19

International Journal of Professional Business Review

Abstract:Purpose: The present research intended to find whether the technology readiness motivators, Optimism, and innovativeness, impact the user's intention to accept Online Behavioural Advertising (OBA), an area that requires additional research. Theoretical framework: Even though these personalized advertisements provide an enhanced user experience, they provide users with advertisements based on their online surfing behavior, and unfortunately, at the same time, it also creates privacy concerns. At the same time, Privacy Calculus Theory (PCT) is considered an appropriate theory when it comes to a rational benefits-costs assessment of the privacy-centred decision-making by internet users. Design/Methodology: Based on an extensive literature review, a conceptual model is being proposed, and a scenario-based questionnaire was developed and pursued on internet users' experience of the subject matter. Six hundred ten valid responses were received, and PLS-SEM was used to analyze the results. Findings: The results show that Optimism and innovativeness have a direct and indirect effect on the intention to accept Online Behavioural Advertising (OBA). Technology readiness Motivators have a detrimental impact on the intention to accept OBA. Research, Practical and Social implications: Based on our findings, we may be able to gain a deeper understanding of the theory behind targeted, data-driven digital advertising and the way in which it pertains to online shopping. Presented here is evidence to support the theory that the predisposition of users toward new technology could be the reason for users ranking perceived benefits higher than risk. Originality/Value: This study attributes original work in the sense that it is the first time that an individual’s predisposition towards technology has been taken into consideration while analysing the acceptance of OBA grounded on the Privacy Calculus framework.