Search results

Research on online user privacy shows that empirical evidence on how privacy literacy relates to users' information privacy empowerment is missing. To fill this gap, this paper investigated the respective influence of two primary dimensions of online privacy literacy – namely declarative and procedural knowledge – on online users' information privacy empowerment.

An empirical analysis is conducted using a dataset collected in Europe. This survey was conducted in 2019 among 27,524 representative respondents of the European population.

The main results show that users' procedural knowledge is positively linked to users' privacy empowerment. The relationship between users' declarative knowledge and users' privacy empowerment is partially supported. While greater awareness about firms and organizations practices in terms of data collections and further uses conditions was found to be significantly associated with increased users' privacy empowerment, unpredictably, results revealed that the awareness about the GDPR and user’s privacy empowerment are negatively associated. The empirical findings reveal also that greater online privacy literacy is associated with heightened users' information privacy empowerment.

While few advanced studies made systematic efforts to measure changes occurred on websites since the GDPR enforcement, it remains unclear, however, how individuals perceive, understand and apply the GDPR rights/guarantees and their likelihood to strengthen users' information privacy control. Therefore, this paper contributes empirically to understanding how online users' privacy literacy shaped by both users' declarative and procedural knowledge is likely to affect users' information privacy empowerment. The study empirically investigates the effectiveness of the GDPR in raising users' information privacy empowerment from user-based perspective. Results stress the importance of greater transparency of data tracking and processing decisions made by online businesses and services to strengthen users' control over information privacy. Study findings also put emphasis on the crucial need for more educational efforts to raise users' awareness about the GDPR rights/guarantees related to data protection. Empirical findings also show that users who are more likely to adopt self-protective approaches to reinforce personal data privacy are more likely to perceive greater control over personal data. A broad implication of this finding for practitioners and E-businesses stresses the need for empowering users with adequate privacy protection tools to ensure more confidential transactions.

In response to food supply constraints resulting from coronavirus disease 2019 (COVID-19) restrictions, in the year 2020, the project developed automated household Aquaponics units to guarantee food self-sufficiency. However, the automated aquaponics solution did not fully comply with data privacy and portability best practices to protect the data of household owners. The purpose of this study is to develop a data privacy and portability layer on top of the previously developed automated Aquaponics units.

Design Science Research (DSR) is the research method implemented in this study.

General Data Protection and Privacy Regulations (GDPR)-inspired principles empowering data subjects including data minimisation, purpose limitation, storage limitation as well as integrity and confidentiality can be implemented in a federated learning (FL) architecture using Pinecone Matrix home servers and edge devices.

The literature reviewed for this study demonstrates that the GDPR right to data portability can have a positive impact on data protection by giving individuals more control over their own data. This is achieved by allowing data subjects to obtain their personal information from a data controller in a format that makes it simple to reuse it in another context and to transmit this information freely to any other data controller of their choice. Data portability is not strictly governed or enforced by data protection laws in the developing world, such as Zimbabwe's Data Protection Act of 2021.

Privacy requirements can be implemented in end-point technology such as smartphones, microcontrollers and single board computer clusters enabling data subjects to be incentivised whilst unlocking the value of their own data in the process fostering competition among data controllers and processors.

The use of end-to-end encryption with Matrix Pinecone on edge endpoints and fog servers, as well as the practical implementation of data portability, are currently not adequately covered in the literature. The study acts as a springboard for a future conversation on the topic.

Since the European Union’s (EU) Charter of Fundamental Rights became binding in 2009, data protection has attained the status of a fundamental right (Article 8) throughout the EU. This chapter discusses the relevance of data protection in the context of security. It shows that data protection has been of particular relevance in the German context – not only against the backdrop of rapidly evolving information technology, but also of the historical experiences with political regimes collecting information in order to oppress citizens.

Increasing incidents of privacy invasion on social networking sites (SNS) are intensifying the concerns among stakeholders about the misuse of personal data. However, there seems to be limited research on exploring the impact of specific privacy concerns on users’ intention to engage in various privacy protection behaviors. This study aims to examine the role of social privacy concerns, institutional privacy concerns and privacy self-efficacy as antecedents of privacy protection–related control activities intention among young adults active on SNS.

Data collected from 284 young adults active on SNS was analyzed through partial least squares structural equation modeling using Smart PLS.

The results indicate that institutional privacy concerns, social privacy concerns and privacy self-efficacy positively influence the control activities intention of SNS users. The extent of privacy self-efficacy and privacy protection-related control activities intention differs among users based on gender.

This study is limited to a population of young adults in the age group of 18–25 years.

The findings of this study form the basis for specific recommendations addressing the different types of privacy concerns experienced by social media users, promoting responsible privacy control behaviors on online platforms and discouraging the possible misuse of information by third parties.

This study validates a theoretical framework that can contribute to future investigations concerning the use of SNS. The study findings form the basis for a set of practical recommendations for policymakers, SNS platforms and users.

Perpetrators of technology-facilitated gender-based violence are taking advantage of increasingly automated and sophisticated privacy-invasive tools to carry out their abuse. Whether this be monitoring movements through stalkerware, using drones to nonconsensually film or harass, or manipulating and distributing intimate images online such as deepfakes and creepshots, invasions of privacy have become a significant form of gender-based violence. Accordingly, our normative and legal concepts of privacy must evolve to counter the harms arising from this misuse of new technology. Canada's Supreme Court recently addressed technology-facilitated violations of privacy in the context of voyeurism in R v Jarvis (2019) . The discussion of privacy in this decision appears to be a good first step toward a more equitable conceptualization of privacy protection. Building on existing privacy theories, this chapter examines what the reasoning in Jarvis might mean for “reasonable expectations of privacy” in other areas of law, and how this concept might be interpreted in response to gender-based technology-facilitated violence. The authors argue the courts in Canada and elsewhere must take the analysis in Jarvis further to fully realize a notion of privacy that protects the autonomy, dignity, and liberty of all.

The purpose of this paper is to improve the understanding of cloud service users’ privacy concerns, which are anticipated to considerably hinder cloud service market growth. The researchers have explored privacy concerns from dimensions that were identified as relevant in the cloud context.

Content analysis was used to identify privacy problems that were most often raised in previous cloud research. Multidimensional developmental theory (MDT) was used to build a conceptual model of cloud privacy concerns. Literature review was made to identify the privacy-related constructs used to measure privacy concerns in previous cloud research.

The paper provides systematization of recent cloud privacy research, proposal of a conceptual model of cloud privacy concerns, identification of measuring instruments that were used to measure privacy concerns in previous cloud research and identification of categories of problems that need to be addressed in future cloud research.

This paper has identified the categories of privacy problems and dimensions that have not yet been measured in the cloud context, to the best of the authors’ knowledge. Their simultaneous examination could clarify the effects of different dimensions on the privacy concerns of cloud users. The conceptual model of cloud privacy concerns will allow cloud service providers to focus on key cloud problems affecting users’ privacy concerns and use the most appropriate privacy protection communication and preservation approaches.

To cope with the COVID-19 pandemic, contact tracing mobile apps (CTMAs) have been developed to trace contact among infected individuals and alert people at risk of infection. To disrupt virus transmission until the majority of the population has been vaccinated, achieving the herd immunity threshold, CTMA continuance usage is essential in managing the COVID-19 pandemic. This study seeks to examine what motivates individuals to continue using CTMAs.

Following the coping theory, this study proposes a research model to examine CTMA continuance usage, conceptualizing opportunity appraisals (perceived usefulness and perceived distress relief), threat appraisals (privacy concerns) and secondary appraisals (perceived response efficacy) as the predictors of individuals' CTMA continuance usage during the pandemic. In the United States, an online survey was administered to 551 respondents.

The results revealed that perceived usefulness and response efficacy motivate CTMA continuance usage, while privacy concerns do not.

This study enriches the understanding of CTMA continuance usage during a public health crisis, and it offers practical recommendations for authorities.

The General Data Protection Regulation (GDPR) introduces significant data protection obligations on all organizations within the European Union (EU) and those transacting with EU citizens. This paper presents the GDPR privacy label and uses two empirical studies to examine the effectiveness of this approach in influencing consumers' privacy perceptions and related behavioral intentions.

The paper tests the efficacy of two GDPR privacy label designs, a consent-based label and a static label. Study 1 examines the effects of each label on perceptions of risk, control and privacy. Study 2 investigates the influence of consumers' privacy perceptions on perceived trustworthiness and willingness to interact with the organization.

The findings support the potential of GDPR privacy labels for positively influencing perceptions of risk, control, privacy and trustworthiness and enhancing consumers' willingness to transact and disclose data to online organizations.

The findings are useful for organizations required to comply with the GDPR and present a solution to requirements for transparent communications and explicit consent.

This study examines and demonstrates the efficacy of visualized privacy policies in impacting consumer privacy perceptions and behavioral intentions.

It has become increasingly clear that the objectives of privacy and competition policy are in conflict with one another with regard to platform data. While privacy policies aim at limiting the use of platform data for purposes other than those for which the data were collected in order to protect the privacy of platform users, competition policy aims at making such data widely available in order to curb the power of platforms.

We draw on Commons' Institutional Economics to contrast the current control-based approaches to ensuring the protection as well as the sharing of platform data with an ownership approach. We also propose the novel category of platform use data and contrast this with the dichotomy of personal/non-personal data which underlies current regulatory initiatives.

We find that current control- and ownership-based approaches are ineffective with regard to their capacity to balance these conflicting objectives and propose an alternative approach which makes platform data saleable. We discuss this approach in view of its capacity to balance the conflicting objectives of privacy and competition policy and its effectiveness in supporting each separately.

Our approach clarifies the fundamental difference between data markets and other concepts such as data exchanges.