Search results

Mobile device users are frequently faced with a decision to allow access to their personal information that resides on their devices in order to install mobile applications (apps) and use their features. This paper examines the impact of satisfaction on the intention to allow access to personal information. The paper achieves this by acknowledging the affective and cognitive components of satisfaction derived from affect heuristic and privacy calculus theories, respectively.

Survey data was collected from mobile device users who download and install mobile apps on their devices. Overall, 489 responses were collected and analyzed using LISREL 8.80.

The findings suggest that personal information disclosure decision is mainly a matter of being satisfied with the mobile app or not. We show that perceived benefits are more critical than perceived risks in determining satisfaction, and that perceived benefits influence intention to allow access to personal information indirectly through satisfaction.

This study offers a more nuanced analysis of the influence of satisfaction by examining the role of its two components: the cognitive (represented in perceived benefits and perceived risks) and the affective (represented in affect). We show that information disclosure decision is a complicated process that combines both rational and emotional elements.

In the Web 2.0 era, users massively communicate through social networking services (SNS), often under false expectations that their communications and personal data are private. This paper aims to analyze privacy requirements of personal communications over a public medium.

This paper systematically analyzes SNS services as communication models and considers privacy as an attribute of users’ communication. A privacy threat analysis for each communication model is performed, based on misuse scenarios, to elicit privacy requirements per communication type.

This paper identifies all communication attributes and privacy threats and provides a comprehensive list of privacy requirements concerning all stakeholders: platform providers, users and third parties.

Elicitation of privacy requirements focuses on the protection of both the communication’s message and metadata and takes into account the public–private character of the medium (SNS platform). The paper proposes a model of SNS functionality as communication patterns, along with a method to analyze privacy threats. Moreover, a comprehensive set of privacy requirements for SNS designers, third parties and users involved in SNS is identified, including voluntary sharing of personal data, the role of the SNS platforms and the various types of communications instantiating in SNS.

To effectively develop privacy policies and practices for cloud computing, organizations need to define a set of guiding privacy objectives that can be applied across their organization. It is argued that it is important to understand individuals’ privacy values with respect to cloud computing to define cloud privacy objectives.

For the purpose of this study, the authors adopted Keeney’s (1994) value-focused thinking approach to identify privacy objectives with respect to cloud computing.

The results of this study identified the following six fundamental cloud privacy objectives: to increase trust with cloud provider, to maximize identity management controls, to maximize responsibility of information stewardship, to maximize individual’s understanding of cloud service functionality, to maximize protection of rights to privacy, and to maintain the integrity of data.

One limitation is generalizability of the cloud privacy objectives, and the second is research bias. As this study focused on cloud privacy, the authors felt that the research participants’ increased knowledge of technology usage, including that of cloud technology, was a benefit that outweighed risks associated with not having a random selection of the general population. The newness and unique qualities of privacy issues in cloud computing are better fitted to a qualitative study where issues can emerge naturally through a holistic approach opposed to trying to force fit an existing set of variables or constructs into the context of privacy and cloud computing.

The findings of this research study can be used to assist management in the process of formulating a cloud privacy policy, develop cloud privacy evaluation criteria as well as assist auditors in developing their privacy audit work plans.

Currently, there is little to no guidance in the literature or in practice as to what organizations need to do to ensure they protect their stakeholders privacy in a cloud computing environment. This study works at closing this knowledge gap by identifying cloud privacy objectives.

The purpose of this paper is to build a research model that examines social media privacy concerns (SMPC) in relation to users’ trusting beliefs and risk beliefs.

An instrument with eight constructs (SMPC: collection, SMPC: secondary usage, SMPC: errors, SMPC: improper access, SMPC: control, SMPC: awareness, trusting beliefs and risk beliefs) was developed and administered to subjects from a mid-sized university in the USA. Collected data were analyzed using partial least square structural equation modeling.

The results showed that three of the six SMPC (i.e. secondary usage, improper access and awareness) were negatively and significantly associated with users’ trusting beliefs. In addition, three of the six SMPC (i.e. collection, errors and improper access) were positively and significantly associated with users’ risk beliefs.

Practical implications were aimed at the social media sites to design simple and straightforward privacy policy statements that are easy to understand; to safeguard users’ online privacy behaviors; and to develop mechanisms to protect personal information.

This study enhances the literature by contributing to a generalized knowledge of SMPC of users as they relate to their trusting beliefs and risk beliefs.

The purpose of this study is to explore and identify the privacy concerns of smartphone app users pertinent to app usage.

Adopting a qualitative phenomenological approach, the authors conducted semi-structured interviews with app users to explore the app users' privacy concerns.

Credibility concerns, unauthorised secondary use and vulnerability concerns are the three major privacy concerns of app users, under which these concerns have sub-concerns, i.e. popularity, privacy policy, stalking, data sharing, hacking and personal harm.

The findings are useful to app marketers, app developers and app stores. App marketers, app developers and app stores can use the findings to understand and properly address app users' privacy concerns, thereby increasing the apps usage.

By exploring the privacy concerns of app users, the authors' study extends the literature and provides a theoretical development of individuals' privacy concerns in the context of a widely used technology, i.e. smartphone applications. Accordingly, this study contributes to the consumer privacy literature.

The purpose of this paper is to examine how users in an anonymous virtual environment react to an offer to trade in access to their social network profile.

The experiment was conducted in Second Life (SL). Participants were offered varied sums of money in exchange for access to their Facebook profile, effectively undermining their anonymity.

Even in an anonymous environment, money plays a role in users’ decisions to disclose their offline identity, but a closer look at the findings reveals that users also use deception to enjoy the benefits of the offer without paying the costs. The results illustrate three types of users according to the strategies they employ: abstainers, traders, and deceivers.

The implications to the field of online information disclosure lie at the ability to illustrate and distinguish between the different strategies users choose with regard to online information disclosure, as the study design simulates a common information disclosure trade offer in online environments.

Unlike previous studies that focussed on trades with specific pieces of information, this study examines willingness to sell access to a user’s entire profile, by thus better simulating online services conduct. This is also the first privacy experiment conducted in the anonymous environment of SL, and the first to study deception as a privacy protection strategy.

In this research, the authors focus on mobile cloud computing (MCC) collaboration apps that are multiplatform and send the users’ data to the cloud. Despite their benefits, MCC collaboration apps raise privacy concerns, as the users’ information is sent to the cloud where users lack direct control. This study aims to investigate why users disclose information to MCC apps despite privacy concerns and examine the effect of security and assurance mechanisms (i.e. privacy policies and ISO/IEC 27018 certification) on users’ perceptions and information disclosure. Based on three surveys conducted in 2016 (n = 515), 2017 (n = 505) and 2018 (n = 543), this study finds mixed results regarding the relationships among security, assurance mechanisms, utilitarian benefits and information disclosure.

This study conducted three scenario-based surveys in the USA in 2016 (n = 515), 2017 (n = 505) and 2018 (n = 543).

This study finds mixed results of relationships among security, assurance mechanisms, utilitarian benefit and information disclosure.

With proliferation of MCC apps, the investigation of how users make privacy decision to disclose personal information to these apps is sparse. This study, for the first time, investigates whether the signals of assurance mechanism decrease users’ privacy concerns. This study also examines the interplay between security and privacy within information disclosure behavior. Finally, this study was conducted in 3 years to enhance the generalizability and robustness of findings.

This research attempts to evaluate the effects of personal innovativeness and the perceived value of disclosure on the hierarchical nature of privacy concerns under the contingency of self-control when using proximity Bluetooth-beacon technology (PBBT) service in proximity marketing.

The field study takes place in areas where PBBT service is installed in Taipei, Taiwan. A quota sampling approach is used, with 401 qualified respondents participating. The data are analyzed using the partial least square method.

The results confirm the importance of personal innovativeness and perceived value of disclosure as an important determinant to influence privacy concerns about data collection. It is also found that self-control plays a negative moderating role in these two relationships. Moreover, data collection is found to be a fundamental concern leading to other privacy concern facets.

This research represents a pioneer work in proximity marketing regarding how privacy concerns are influenced and how privacy concerns facets are causal-related when using a PBBT platform. More detailed, conditional insight is given as the research is studied under the contingency of self-control. A set of applicable guidelines with empirical evidence is thus provided.

The purpose of this paper is to reconsider the concept of the right to information privacy and to propose, from a Japanese perspective, a revised conception of this right that is suitable for the modern information society.

First, the concept of privacy and personal information protection in the information society is briefly explained. After that, confused situations in Japan caused by the enforcement of Act on the Protection of Personal Information are described followed by the analysis of the Japanese socio‐cultural circumstances surrounding privacy. Based on these, the effectiveness of the concept of the right to information privacy in the Japanese socio‐cultural and economic context is examined and the need to rethink the concept of the right to information privacy discussed. Finally, a revised conception of the right is proposed.

In view of the circumstances in Japan, the concept of the right to information privacy, defined as “an individual's right to control the circulation of information relating to him/herself”, as well as the Organisation for Economic Co‐operation and Development's eight principles already become outdated in today's sophisticated information‐communication society. There is a need to control/restrict use of personal information so that individuals' autonomy and freedom is ensured in the current situation and to revise the concept of the right to information privacy based on this idea.

This paper proposes a revision of the concept of the right to information privacy focused on control of, not access to, use of personal information. The revised concept is defined so that individuals' autonomy and freedom is ensured even in the “informational transparent” society.

Mobile devices (smartphones, tables etc.) have become the de facto means of accessing the internet. While traditional Web browsing is still quite popular, significant interaction takes place via native mobile apps that can be downloaded either freely or at a cost. This has opened the door to a number of issues related to privacy protection since the smartphone stores and processes personal data. The purpose of this paper is to examine the extent of access to personal data, required by the most popular mobile apps available in Google Play store. In addition, it is examined whether the relevant procedure is in accordance with the provisions of the new EU Regulation.

The paper examines more than a thousand mobile apps, available from the Google Play store, with respect to the extent of the requests for access to personal data. In particular, for each available category in Google Play store, the most popular mobile apps have been examined both for free and paid apps. In addition, the permissions required by free and paid mobile apps are compared. Furthermore, a correlation analysis is carried out aiming to reveal any correlation between the extent of required access to personal data and the popularity and the rating of each mobile app.

The findings of this paper suggest that the majority of examined mobile apps require access to personal data to a high extent. In addition, it is found that free mobile apps request access to personal data in a higher extent compared to the relevant requests by paid apps, which indicates strongly that the business model of free mobile apps is based on personal data exploitation. The most popular types of access permissions are revealed for both free and paid apps. In addition, important questions are raised in relation to user awareness and behavior, data minimization and purpose limitation for free and paid mobile apps.

In this study, the process and the extent of access to personal data through mobile apps are analyzed. Although several studies analyzed relevant issues in the past, the originality of this research is mainly based on the following facts: first, this work took into account the recent Regulation of the EU in relation to personal data (GDPR); second, the authors analyzed a high number of the most popular mobile apps (more than a thousand); and third, the authors compare and analyze the different approaches followed between free and paid mobile apps.