Heng Xu

• Pennsylvania State University

This study seeks to clarify the nature of control in the context of information privacy to generate insights into the effects of different privacy assurance approaches on context-specific concerns for information privacy. We theorize that such effects are exhibited through mediation by perceived control over personal information and develop argumen...

Increasingly, millions of people, especially youth, post personal information in online social networks (OSNs). In September 2006, one of the most popular sites-Facebook.com-introduced the features of News Feed and Mini Feed, revealing no more information than before, but resulting in immediate criticism from users. To investigate the privacy contr...

Despite the vast opportunities offered by location-aware marketing (LAM), mobile customers' privacy concerns appear to be a major inhibiting factor in their acceptance of LAM. This study extends the privacy calculus model to explore the personalization–privacy paradox in LAM, with considerations of personal characteristics and two personalization a...

Location-based services (LBS) use positioning technologies to provide individual users with reachability and accessibility that would otherwise not be available in the conventional commercial realm. While LBS confer greater connectivity and personalization on consumers, they also threaten users’ information privacy through granular tracking of thei...

To date, many important threads of information privacy research have developed, but these threads have not been woven together into a cohesive fabric. This paper provides an interdisciplinary review of privacy-related research in order to enable a more cohesive treatment. With a sample of 320 privacy articles and 128 books and book sections, we cla...

Prior information security studies have largely focused on understanding employee security behavior from a policy compliance perspective. We contend that there is a pressing need to develop a comprehensive understanding of the circumstances that lead to employee commitment of deliberate and malicious acts against organizational digital assets. Draw...

Adoption rates of parental control applications ("apps") for teens' mobile devices are low, but little is known about the characteristics of parents (or teens) who use these apps. We conducted a web-based survey of 215 parents and their teens (ages 13-17) using two separate logistic regression models (parent and teen) to examine the factors that pr...

Cross-sectional research suggests that online risk exposure (e.g., cyberbullying, sexual solicitations, and explicit content) may negatively impact teens, increasing concerns over the risks teens are exposed to online. Yet, there has been little research as to how these experiences impact teens' mood over time, or how long these effects may last. T...

We present a comprehensive and structured review of 132 peer-reviewed publications between the years of 2008 and 2015 to inform Human-Computer Interaction (HCI) researchers and interaction designers about the current and multi-disciplinary knowledge on the topic of adolescent online safety and risks. Overall, we found that the existing literature h...

Introduction: Past evidence suggests parental mediation may influence their children’s online exchanges with others; for example, parental mediation of adolescents’ technology and internet use buffers against cyberbullying (Collier et al. 2016). Yet, no research has investigated how parental mediation and adolescents’ social capital relates to cybe...

Past research has shown that parents tend to underestimate the frequency with which their teens experience online risks. However, little is known about whether and how teens communicate with their parents when online risks do occur. In a two-month, web-based diary study of 68 teen-parent pairs, participants provided separate accounts of the teens'...

We conducted a structured, qualitative feature analysis of 75 Android mobile apps designed for the purpose of promoting adolescent online safety. Through this analysis we identified 42 unique features that mapped to a theoretically derived conceptual framework of teen online safety strategies balanced between parental control strategies (through mo...

Parental control software has been one approach for promoting adolescent online safety, but there is still some ambiguity in the adoption patterns and perceptions of technical mediation for teens' mobile devices. We have collected empirical data from a paired sample of 215 parents and teens. We found that overall usage of technical mediation for mo...

Research shows that despite organisational efforts to achieve privacy compliance, privacy breaches continue to rise. The extant studies on organisational privacy compliance concentrate on the extent to which privacy threats can be alleviated through a combination of technical and human controls and the positive (and often intended) influences of th...

Security concerns have thwarted the widespread adoption of mobile banking in India. To respond to the concerns of Indian banks and their customers, we present in this paper our exploratory attempts to understand how the levels of security affect perceived risk and control and ultimately, adoption of mobile banking by Indian customers. This study al...

In the mobile age, protecting users' information from privacy-invasive apps becomes increasingly critical. To precaution users against possible privacy risks, a few Android app stores prominently disclose app permission requests on app download pages. Focusing on this emerging practice, this study investigates the effects of contextual cues (percei...

In our study, 68 teens spend two months reflecting on their weekly online experiences and report 207 separate risk events involving information breaches, online harassment, sexual solicitations, and exposure to explicit content. We conduct a structured, qualitative analysis to characterize the salient dimensions of their risk experiences, such as s...

Although information sharing on social networking sites (SNSs) usually involves multiple stakeholders, limited attention has been paid so far to conceptualizing users' information practices as a collaborative process. To fill this gap in the literature, we develop a survey study to examine collaborative privacy management strategies involving co-ow...

With the rise of social networking sites (SNSs), individuals not only disclose personal information but also share private information concerning others online. While shared information is co-constructed by self and others, personal and collective privacy boundaries become blurred. Thus there is an increasing concern over information privacy beyond...

To assist users'€™ privacy decision-making with mobile applications, prior research has investigated ways of enhancing information transparency, via improving privacy permission interfaces. This study takes a soft paternalism approach by proposing two interface cues as "€œprivacy nudges"€ in a mobile permission interface: the frequency nudge indic...

National adoption of Electronic Health Records (EHRs) is considered an essential component of the health care system overhaul sought by policy makers and health care professionals, in both U.S. and Europe, to cut costs and increase benefits. And yet, along with the technological aspects, the human factor consistently proves to be a critical compone...

Purpose: We examined the role of privacy in collaborative clinical work and how it is understood by hospital IT staff. The purpose of our study was to identify the gaps between hospital IT staff members' perceptions of how electronic health record (EHR) users' protect the privacy of patient information and how users actually protect patients' priv...

The increasing popularity of the Internet and social media is creating new and unique challenges for parents and adolescents regarding the boundaries between parental control and adolescent autonomy in virtual spaces. Drawing on developmental psychology and Communication Privacy Management (CPM) theory, we conduct a qualitative study to examine the...

The use of social network sites offers many potential social benefits, but also raises privacy concerns and challenges for users. The trade-off users have to make between using sites such as Facebook to connect with their friends versus protecting their personal privacy is not well understood. Furthermore, very little behavioral research has focuse...

We cannot fully protect adolescents from experiencing online risks; however, we can aim to better understand how online risk experiences impact teens, factors that contribute to or prevent teens from exposure to risk, as well as factors that can protect teens from psychological harm in spite of online risk exposure. Through a web-based survey study...

As birds of a feather flock together, so do people with similar interests and preferences befriend with each other. Numerous Social Network Analysis (SNA) researchers have investigated how individuals’ identification affects their behaviors, such as ethnicity, education, political opinions and even musical tastes. What about one’s fashion style? Th...

The prevalence of mobile applications poses a new challenge in privacy protection. To address privacy concerns, prior studies have identified the direct effects of contextual cues but few have revealed their interaction effects. In reality, contextual cues do not appear in isolation, existence of multiple contextual cues introduces an extra complex...

Various fashion theories have been proposed to explain how fashion works and why it works that way. However, there is little research empirically examining fashion designers' influences even though the benefit of understanding this field is significant. Unlike many other innovation domains such as patents where citations are explicit, a fashion des...

Through an empirical, secondary analysis of 588 teens (ages 12 - 17) and one of their parents living in the USA, we present useful insights into how parental privacy concerns for their teens and different parental mediation strategies (direct intervention versus active mediation) influence teen privacy concerns and privacy risk-taking and risk-copi...

This paper applies coping theory to understand user adaptation strategies to major interface changes on Social Networking Sites (SNSs). Specifically, we qualitatively examine 1,149 user comments posted to the Facebook's official Timeline blog in order to get a large and unobtrusive sample of real Facebook users' perceptions about the launch of Time...

Adolescence is characterized by heightened risk-taking and independence from parents; these tendencies seem to be magnified by the opportunities afforded through online interactions. Drawing on Kohlberg's Cognitive Moral Development (CMD) theory, we conduct a qualitative study of 12 parent-adolescent dyads that examines the interplay between parent...

We frame privacy from the perspective of contextual integrity. Through an online experiment, we explore how the alignment of default privacy settings with the context of an information request would impact a user's information disclosure behavior and privacy perceptions. The field experiment is designed as a between-subject experiment with four con...

Privacy research has long focused on the individual. Yet most organizations are highly collaborative where teamwork is the norm. To examine privacy practices in collaborative settings, we conducted an ethnographic study of a highly collaborative and information-intensive setting -- an emergency Dept. (ED). We found that ED staff's work practices di...

Our electronic society is making fast progress for offering users greater comfort in their daily activities. Users can benefit from fast access to services; better reactivity of their physical, computing and networking environments to their own needs and habits, and preselection of information flows and relationships in which they are interested. O...

Through a secondary data analysis of a nationally representative Pew survey [35-36], we empirically test the validity of two contrasting theoretical models of adolescent information privacy behaviors. Our results suggest that in seeking to understand the underlying processes of teens’ privacy risk-taking and risk-coping behaviors within social medi...

Through an empirical, secondary analysis of 588 teens (ages 12 – 17) and one of their parents living in the United States, we present useful insights into how parental privacy concerns for their teens and different parental mediation strategies (direct intervention versus active mediation) influence teen privacy concerns and privacy risk-taking and...

There is a rising concern among parents that mobile advertisements may contain violent and sexual content even when the app itself is safe for children. Because mobile advertisements are not controlled by the content rating of apps, unexpected objectionable contents may occur and be harmful to children's mental health. This study is the first to ex...

To better understand end users' security compliance behaviors, we designed an experimental study to investigate how fear appeals and point of reference manipulations could influence end users' security behavioral intentions. The findings suggest that fear appeals and point of reference collectively influence users' perceived persuasiveness of the I...

There is a rising concern among parents who have experienced unreliable content maturity ratings for mobile applications (apps) that result in inappropriate risk exposure for their children and adolescents. In reality, there is no consistent maturity rating policy for mobile applications. The maturity ratings of Android apps are provided purely by...

Privacy is one of the few concepts that has been studied across many disciplines, but is still difficult to grasp. The current understanding of privacy is largely fragmented and discipline-dependent. This study develops and tests a framework of information privacy and its correlates, the latter often being confused with or built into definitions of...

Although privacy problems in Social Network Sites (SNS) have become more salient than ever in recent years, interpersonal privacy issues in SNS remain understudied. This study aims to generate insights in understanding users' interpersonal privacy concerns by expounding interpersonal privacy boundaries in SNS. Through a case analysis of Friendship...

The effectiveness of policy and law is severely limited, when it comes to the online activities of adolescents. While laws such as the Children’s Online Privacy Protection Act (COPPA) have been enacted as a means for protecting children, this particular law only applies to children under the age of thirteen. However, other laws that apply to adoles...

Several studies have documented the constantly evolving privacy practices of social networking sites and users' misunderstandings about them. Researchers have criticized the interfaces to "configure" privacy preferences as opaque, uninformative, and ineffective. The same problems have also plagued the constant growth of third-party applications and...

Recent wide adoption of Electronic Medical Record (EMR) systems provides health practitioners with easy access to patient private information. However, there is a dilemma between the easy access to patient information and the potential privacy infringement brought by such easy access. This paper elaborates three types of group dynamics that identif...

Integrative analysis and modeling of the omics data using systems biology have led to growing interests in the development of predictive and personalized medicine. Personalized medicine enables future physicians to prescribe the right drug to the right patient at the right dosage, by helping them link each patient’s genotype to their specific disea...

Privacy concern has been identified as a major factor hindering the growth of e-business. Recently, various privacy-enhancing tools (PETs) have been proposed to protect the online privacy of Internet users. However, most of these PETs have been designed using an ad hoc approach rather than a systematic design. In this paper, we present an explorato...

Since the textual contents on online social media are highly unstructured, informal, and often misspelled, existing research on message-level offensive language detection cannot accurately detect offensive content. Meanwhile, user-level offensiveness detection seems a more feasible approach but it is an under researched area. To bridge this gap, we...

To develop a general mathematical model for social networks is one of the fundamental tasks currently on demand within social network research. Ignoring the strength of the relationships, existing social network models simply use a Boolean value to describe the existence of relationships between peers. This shortage can be overcome by importing rep...

While the body of privacy research on online social networks has been growing over the past several years, privacy problems emerged from the dynamism inherent in the launch of new features or interfaces have not been widely discussed. Drawing on the grounded theory approach, we aim to fill this gap by investigating the trigger conditions under whic...

In the Security-Liberty balance, individuals would weigh the benefits of government surveillance against what the cost would be to our civil liberties. Drawing on Social Cognitive Theory (SCT), this study empirically operationalises and tests citizens' attitudes towards internet government surveillance and discusses predictors of these attitudes th...

In online social networks, the aggressive way of data access and transmission by thirdparty applications (apps) has made privacy concerns particularly salient. Users' private information can be easily revealed by their and even their friends' use of apps. A heightened need for empowering user control for third-party apps arises due to the inability...

When online vendors have gained a strong user base through a flagship product, the basic principles of competitive strategy dictate that they seek to extend their product lines. Taking advantage of existing traffic to introduce a new product presents a critical opportunity for these vendors. Since users increasingly emphasize cross-product integrat...

The evolution of mobile network technologies and smartphones has provided mobile consumers with unprecedented access to Internet and value-added services while on the move. Privacy issues in such context become critically important because vendors may access a large volume of personal information. Although several pioneering studies have examined g...

Little research examines the privacy threats associated with the use of third-party apps on Facebook. To address this gap in the literature, we systematically study third-party apps' current practices for privacy notice and consent by: i) collecting data from the 1800 most popular Facebook apps to record their data collection practices concerning u...

Organizational information practices can result in a variety of privacy problems that can increase consumers' concerns for information privacy. To explore the link between individuals and organizations regarding privacy, we study how institutional privacy assurances such as privacy policies and industry self-regulation can contribute to reducing in...

Social computing and online communities are changing the fundamental way people share information and communicate with each other. Social computing focuses on how users may have more autonomy to express their ideas and participate in social exchanges in various ways, one of which may be peer-to-peer (P2P) file sharing. Given the greater risk of opp...

To deal with the problem of information modeling of product design process module(DPM), with the object-oriented (O-O)method, an integrated information model of DPM is proposed. This paper, firstly, presents the information necessity of DPM in product design process management. Then, focusing on design task, the information structure of DPM is prop...

The continuous development of information technology provides a joint opportunity of manufacturing and service industry. For the present, modularity thinking has make a more mature application in manufacturing industry, however, the modularity research in service industry is still lagged. This paper, firstly, gives the concepts and attributes of se...

Product design process is a complex system engineering. To improve the management efficiency of product design process, this paper, presents a new mode of product design process management from the perspective of modularization. Firstly, the related concepts and attributes of product design process module (DPM) are put forward. Then, the structure...

With a substantial amount of resources being spent on online advertising, examining the effectiveness of online advertising is now an important subject for scholarly investigation. Cross-product integration has become a source of market advantage and a strategic necessity for online advertising. The issue of product integration has not been suffici...

Adoption of an information system could be reflected in two ways: through the adoption intentions of the non-adopters and the extent of adoption for the adopters. This study seeks to identify the motivational factors influencing individuals' adoption intentions and the extent of a system adoption within the context of Open Source Software (OSS). Bu...

Online Social Networks (OSNs) facilitate the creation and maintenance of interpersonal online relationships. Unfortunately, the availability of personal data on social networks may unwittingly expose users to numerous privacy risks. As a result, establishing effective meth-ods to control personal data and maintain privacy within these OSNs have bec...

Location-Based Services (LBSs) bring unprecedented mobility and personalisation value to nomadic customers and hence have great commercial potential. However, the commercial potential of LBS is obscured by consumer's privacy concerns whereby the LBS provider can misuse confidential personal information and in extreme circumstances jeopardise an ind...

In this paper, we aim at providing conceptual and empirical insights to the design of security indicators in web browsers. In examining why security indicators in web browsers fail to warn users about web frauds, we propose affordance-based principles for our new design of web authentication indicators. Following these principles, we present a new...

The proliferation of e-health holds great promises in sharing medical data, improving healthcare quality, saving patient lives and reducing costs. However, these potential benefits also bring much attention to the issues of information privacy. Given that medical data disclosure is the second highest reported breaches, it is imperative to understan...

This research adopts a grounded theory approach to examine the drivers, safeguards and operational outcomes of organizational information privacy responses in the healthcare context. Semi-structured interviews with key healthcare stakeholders were conducted. The findings are sobering. First, privacy safeguards are driven by legal compliance, compet...

Integrative analysis and modeling of the omics data using systems biology have led to growing interests in the development of predictive and personalized medicine. Personalized medicine enables future physicians to prescribe the right drug to the right patient at the right dosage, by helping them link each patient's genotype to their specific disea...

The emergence of mobile communication and positioning technologies has presented advertisers and marketers with a new type of advertising approach: location-based advertising (LBA). Advertisers could deliver contextually appropriate advertising messages through wireless devices on a geographically targeted basis and could reach mobile consumers whe...

Mobile TV is a fledgling industry which has high profit expectations while with low adoption rates. To advance this line of research, this paper presents a comprehensive review on literatures related to mobile TV adoption, including traditional adoption theories, uses and gratification research, domestication research, cognitive research, service r...

For technologies such as electronic commerce, mobile payments, internet and mobile banking etc. customers are concerned about security issues that arise as a result of adoption of these technologies. However, in practice, we find that customers forgo their considerations of risk in the technology, if the benefits of using the technology overpower t...

The effect of situational factors is largely ignored by current studies on information privacy. This paper theorized and empirically tested how an individual's decision-making on information disclosure is driven by competing situational benefits and risk factors. The results of this study indicate that, in the context of an e-commerce transaction w...

With the deployment and use of Radio Frequency Identification (RFID) technology in the healthcare domain, there are increasing privacy concerns regarding the technical designs of RFID systems vis-à-vis the requirements of the healthcare regulations. This paper reviews and analyzes the impact of privacy issues in the RFID adoption in the healthcare...

We propose COP, a client-side system for protecting children’s online privacy and empowering parental control over children’s information disclosure with little manual effort. COP is compliant with the Children’s Online Privacy Protection Act (COPPA) in the United States and it implements acquisition of parental consent before any private informati...

We adopted a game-theoretic approach to studying competition in the software market that is dependent on the network effect, i.e., where the success of the software product is mainly affected by the size of its installed base. The primary goals of our research were: to provide insights into competition between a new entrant with a significant prese...

This study seeks to the answer the question of how an individual would trade off between listing fee (i.e., cost of listing an auction item) and transaction probability (i.e., the chance that a product will be sold). Applying the trade-off decision-making paradigm into the auction context, we examine a seller’s choice of online auction outlet and s...

Based on the insights learned from the case analysis of the Facebook News Feed outcry, we develop a theoretical understanding that identifies major drivers and impediments of information disclosure in Online Social Networks (OSNs). Research propositions are derived to highlight the roles of privacy behavioral responses, privacy concerns, perceived...

The last decade has seen dramatic increase in offshoring activities motivated by the drive to cut operation cost, focus on core competencies, speed to market and to stay globally competitive. The emergence of internet as an enabling technology has further accelerated the pace of offshoring activity. In this paper, we attempt to study the offshoring...

Based on the literature review of design chain, the framework of collaborative product design towards design chain was established. This framework included two phases of knowledge acquisition and product design which subjected to operation process, also included three aspects of customer and design team of manufacturing enterprise and supplier whic...

Supply chains have become increasingly complex and interdependent in the globalization era. Regulatory authorities are demanding stricter customer compliance, and customers are demanding real-time data for better decision making. At the same time, customer demand is becoming more erratic thus the need for enhanced supply chain coordination with an...

This research analyzes consumer privacy issues pertaining to the newly developing wireless marketing context, specifically, wireless advertising messaging (WAM). We develop a conceptual framework named as DIGs (Design innovation/Industry self-regulation/Government regulation/Standards) to assess the efficacy of industry self-regulation, government...

Location-Based Services (LBS) use positioning technology to provide individual users the capability of being constantly reachable and accessing network services while ‘on the move’. However, privacy concerns associated with the use of LBS may ultimately prevent consumers from gaining the convenience of ‘anytime anywhere’ personalized services. We e...

The article presents the results of research on location awareness marketing, using methods such as global positioning systems and cellular triangulation techniques. Trade-offs between privacy and marketing effectiveness are addressed. An overview of related previous studies is provided, along with details of the research protocol, which involved a...

Information privacy is at the center of discussion and controversy among multiple stakeholders including business leaders, privacy activists, and government regulators. However, conceptualizations of information privacy have been somewhat patchy in current privacy literature. In this article, we review the conceptualizations of information privacy...

The commercial potential and rapid growth of Web 2.0 phenomenon have been accompanied by concerns regarding the collection, dissemination, and re-identification of personal information by Web site operators, marketers, and other users on the social networks. To address critical and acute concerns for information privacy, this study investigated use...

The emergence of mobile communication and positioning technologies has presented advertisers and marketers with a radically innovative advertising channel: Location-Based Advertising (LBA). Despite the growing attention given to LBA, little is understood about the differential effects of text and multimedia advertising formats on the mobile consume...

Social computing and online communities are changing the fundamental way people communicate and share information. Social computing focuses on how users may have more autonomy to express their ideas and participate in social exchanges in various ways, one of which may be Peer-to-Peer (P2P) file sharing. Given the risk of opportunistic behavior by m...

Radio Frequency IDentification (RFID) is a technology of automatic object identification. Retailers and manufacturers have created compelling business cases for deploying RFID in their supply chains. Yet, the uniquely identifiable objects pose a privacy threat to individuals. In this paper, we study the privacy threats caused by publishing RFID dat...