Heng Xu

Heng Xu
Pennsylvania State University | Penn State · College of Information Sciences and Technology

About

123
Publications
114,957
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
7,942
Citations

Publications

Publications (123)
Article
Full-text available
This study seeks to clarify the nature of control in the context of information privacy to generate insights into the effects of different privacy assurance approaches on context-specific concerns for information privacy. We theorize that such effects are exhibited through mediation by perceived control over personal information and develop argumen...
Article
Full-text available
Increasingly, millions of people, especially youth, post personal information in online social networks (OSNs). In September 2006, one of the most popular sites-Facebook.com-introduced the features of News Feed and Mini Feed, revealing no more information than before, but resulting in immediate criticism from users. To investigate the privacy contr...
Article
Full-text available
Despite the vast opportunities offered by location-aware marketing (LAM), mobile customers' privacy concerns appear to be a major inhibiting factor in their acceptance of LAM. This study extends the privacy calculus model to explore the personalization–privacy paradox in LAM, with considerations of personal characteristics and two personalization a...
Article
Full-text available
Location-based services (LBS) use positioning technologies to provide individual users with reachability and accessibility that would otherwise not be available in the conventional commercial realm. While LBS confer greater connectivity and personalization on consumers, they also threaten users’ information privacy through granular tracking of thei...
Article
Full-text available
To date, many important threads of information privacy research have developed, but these threads have not been woven together into a cohesive fabric. This paper provides an interdisciplinary review of privacy-related research in order to enable a more cohesive treatment. With a sample of 320 privacy articles and 128 books and book sections, we cla...
Article
Full-text available
Prior information security studies have largely focused on understanding employee security behavior from a policy compliance perspective. We contend that there is a pressing need to develop a comprehensive understanding of the circumstances that lead to employee commitment of deliberate and malicious acts against organizational digital assets. Draw...
Conference Paper
Adoption rates of parental control applications ("apps") for teens' mobile devices are low, but little is known about the characteristics of parents (or teens) who use these apps. We conducted a web-based survey of 215 parents and their teens (ages 13-17) using two separate logistic regression models (parent and teen) to examine the factors that pr...
Article
Cross-sectional research suggests that online risk exposure (e.g., cyberbullying, sexual solicitations, and explicit content) may negatively impact teens, increasing concerns over the risks teens are exposed to online. Yet, there has been little research as to how these experiences impact teens' mood over time, or how long these effects may last. T...
Conference Paper
We present a comprehensive and structured review of 132 peer-reviewed publications between the years of 2008 and 2015 to inform Human-Computer Interaction (HCI) researchers and interaction designers about the current and multi-disciplinary knowledge on the topic of adolescent online safety and risks. Overall, we found that the existing literature h...
Conference Paper
Introduction: Past evidence suggests parental mediation may influence their children’s online exchanges with others; for example, parental mediation of adolescents’ technology and internet use buffers against cyberbullying (Collier et al. 2016). Yet, no research has investigated how parental mediation and adolescents’ social capital relates to cybe...
Conference Paper
Past research has shown that parents tend to underestimate the frequency with which their teens experience online risks. However, little is known about whether and how teens communicate with their parents when online risks do occur. In a two-month, web-based diary study of 68 teen-parent pairs, participants provided separate accounts of the teens'...
Conference Paper
We conducted a structured, qualitative feature analysis of 75 Android mobile apps designed for the purpose of promoting adolescent online safety. Through this analysis we identified 42 unique features that mapped to a theoretically derived conceptual framework of teen online safety strategies balanced between parental control strategies (through mo...
Conference Paper
Parental control software has been one approach for promoting adolescent online safety, but there is still some ambiguity in the adoption patterns and perceptions of technical mediation for teens' mobile devices. We have collected empirical data from a paired sample of 215 parents and teens. We found that overall usage of technical mediation for mo...
Article
Research shows that despite organisational efforts to achieve privacy compliance, privacy breaches continue to rise. The extant studies on organisational privacy compliance concentrate on the extent to which privacy threats can be alleviated through a combination of technical and human controls and the positive (and often intended) influences of th...
Article
Security concerns have thwarted the widespread adoption of mobile banking in India. To respond to the concerns of Indian banks and their customers, we present in this paper our exploratory attempts to understand how the levels of security affect perceived risk and control and ultimately, adoption of mobile banking by Indian customers. This study al...
Article
In the mobile age, protecting users' information from privacy-invasive apps becomes increasingly critical. To precaution users against possible privacy risks, a few Android app stores prominently disclose app permission requests on app download pages. Focusing on this emerging practice, this study investigates the effects of contextual cues (percei...
Conference Paper
In our study, 68 teens spend two months reflecting on their weekly online experiences and report 207 separate risk events involving information breaches, online harassment, sexual solicitations, and exposure to explicit content. We conduct a structured, qualitative analysis to characterize the salient dimensions of their risk experiences, such as s...
Conference Paper
Full-text available
Although information sharing on social networking sites (SNSs) usually involves multiple stakeholders, limited attention has been paid so far to conceptualizing users' information practices as a collaborative process. To fill this gap in the literature, we develop a survey study to examine collaborative privacy management strategies involving co-ow...
Article
Full-text available
With the rise of social networking sites (SNSs), individuals not only disclose personal information but also share private information concerning others online. While shared information is co-constructed by self and others, personal and collective privacy boundaries become blurred. Thus there is an increasing concern over information privacy beyond...
Conference Paper
To assist users'€™ privacy decision-making with mobile applications, prior research has investigated ways of enhancing information transparency, via improving privacy permission interfaces. This study takes a soft paternalism approach by proposing two interface cues as "€œprivacy nudges"€ in a mobile permission interface: the frequency nudge indic...
Chapter
National adoption of Electronic Health Records (EHRs) is considered an essential component of the health care system overhaul sought by policy makers and health care professionals, in both U.S. and Europe, to cut costs and increase benefits. And yet, along with the technological aspects, the human factor consistently proves to be a critical compone...
Article
Full-text available
Purpose: We examined the role of privacy in collaborative clinical work and how it is understood by hospital IT staff. The purpose of our study was to identify the gaps between hospital IT staff members' perceptions of how electronic health record (EHR) users' protect the privacy of patient information and how users actually protect patients' priv...
Article
The increasing popularity of the Internet and social media is creating new and unique challenges for parents and adolescents regarding the boundaries between parental control and adolescent autonomy in virtual spaces. Drawing on developmental psychology and Communication Privacy Management (CPM) theory, we conduct a qualitative study to examine the...
Article
The use of social network sites offers many potential social benefits, but also raises privacy concerns and challenges for users. The trade-off users have to make between using sites such as Facebook to connect with their friends versus protecting their personal privacy is not well understood. Furthermore, very little behavioral research has focuse...
Conference Paper
Full-text available
We cannot fully protect adolescents from experiencing online risks; however, we can aim to better understand how online risk experiences impact teens, factors that contribute to or prevent teens from exposure to risk, as well as factors that can protect teens from psychological harm in spite of online risk exposure. Through a web-based survey study...
Conference Paper
As birds of a feather flock together, so do people with similar interests and preferences befriend with each other. Numerous Social Network Analysis (SNA) researchers have investigated how individuals’ identification affects their behaviors, such as ethnicity, education, political opinions and even musical tastes. What about one’s fashion style? Th...
Article
The prevalence of mobile applications poses a new challenge in privacy protection. To address privacy concerns, prior studies have identified the direct effects of contextual cues but few have revealed their interaction effects. In reality, contextual cues do not appear in isolation, existence of multiple contextual cues introduces an extra complex...
Article
Various fashion theories have been proposed to explain how fashion works and why it works that way. However, there is little research empirically examining fashion designers' influences even though the benefit of understanding this field is significant. Unlike many other innovation domains such as patents where citations are explicit, a fashion des...
Conference Paper
Through an empirical, secondary analysis of 588 teens (ages 12 - 17) and one of their parents living in the USA, we present useful insights into how parental privacy concerns for their teens and different parental mediation strategies (direct intervention versus active mediation) influence teen privacy concerns and privacy risk-taking and risk-copi...
Article
Full-text available
This paper applies coping theory to understand user adaptation strategies to major interface changes on Social Networking Sites (SNSs). Specifically, we qualitatively examine 1,149 user comments posted to the Facebook's official Timeline blog in order to get a large and unobtrusive sample of real Facebook users' perceptions about the launch of Time...
Conference Paper
Adolescence is characterized by heightened risk-taking and independence from parents; these tendencies seem to be magnified by the opportunities afforded through online interactions. Drawing on Kohlberg's Cognitive Moral Development (CMD) theory, we conduct a qualitative study of 12 parent-adolescent dyads that examines the interplay between parent...
Conference Paper
Full-text available
We frame privacy from the perspective of contextual integrity. Through an online experiment, we explore how the alignment of default privacy settings with the context of an information request would impact a user's information disclosure behavior and privacy perceptions. The field experiment is designed as a between-subject experiment with four con...
Conference Paper
Full-text available
Privacy research has long focused on the individual. Yet most organizations are highly collaborative where teamwork is the norm. To examine privacy practices in collaborative settings, we conducted an ethnographic study of a highly collaborative and information-intensive setting -- an emergency Dept. (ED). We found that ED staff's work practices di...
Article
Full-text available
Our electronic society is making fast progress for offering users greater comfort in their daily activities. Users can benefit from fast access to services; better reactivity of their physical, computing and networking environments to their own needs and habits, and preselection of information flows and relationships in which they are interested. O...
Article
Full-text available
Through a secondary data analysis of a nationally representative Pew survey [35-36], we empirically test the validity of two contrasting theoretical models of adolescent information privacy behaviors. Our results suggest that in seeking to understand the underlying processes of teens’ privacy risk-taking and risk-coping behaviors within social medi...
Article
Full-text available
Through an empirical, secondary analysis of 588 teens (ages 12 – 17) and one of their parents living in the United States, we present useful insights into how parental privacy concerns for their teens and different parental mediation strategies (direct intervention versus active mediation) influence teen privacy concerns and privacy risk-taking and...
Conference Paper
There is a rising concern among parents that mobile advertisements may contain violent and sexual content even when the app itself is safe for children. Because mobile advertisements are not controlled by the content rating of apps, unexpected objectionable contents may occur and be harmful to children's mental health. This study is the first to ex...
Conference Paper
To better understand end users' security compliance behaviors, we designed an experimental study to investigate how fear appeals and point of reference manipulations could influence end users' security behavioral intentions. The findings suggest that fear appeals and point of reference collectively influence users' perceived persuasiveness of the I...
Conference Paper
There is a rising concern among parents who have experienced unreliable content maturity ratings for mobile applications (apps) that result in inappropriate risk exposure for their children and adolescents. In reality, there is no consistent maturity rating policy for mobile applications. The maturity ratings of Android apps are provided purely by...
Article
Privacy is one of the few concepts that has been studied across many disciplines, but is still difficult to grasp. The current understanding of privacy is largely fragmented and discipline-dependent. This study develops and tests a framework of information privacy and its correlates, the latter often being confused with or built into definitions of...
Conference Paper
Although privacy problems in Social Network Sites (SNS) have become more salient than ever in recent years, interpersonal privacy issues in SNS remain understudied. This study aims to generate insights in understanding users' interpersonal privacy concerns by expounding interpersonal privacy boundaries in SNS. Through a case analysis of Friendship...
Article
Full-text available
The effectiveness of policy and law is severely limited, when it comes to the online activities of adolescents. While laws such as the Children’s Online Privacy Protection Act (COPPA) have been enacted as a means for protecting children, this particular law only applies to children under the age of thirteen. However, other laws that apply to adoles...
Conference Paper
Several studies have documented the constantly evolving privacy practices of social networking sites and users' misunderstandings about them. Researchers have criticized the interfaces to "configure" privacy preferences as opaque, uninformative, and ineffective. The same problems have also plagued the constant growth of third-party applications and...
Conference Paper
Recent wide adoption of Electronic Medical Record (EMR) systems provides health practitioners with easy access to patient private information. However, there is a dilemma between the easy access to patient information and the potential privacy infringement brought by such easy access. This paper elaborates three types of group dynamics that identif...
Chapter
Full-text available
Integrative analysis and modeling of the omics data using systems biology have led to growing interests in the development of predictive and personalized medicine. Personalized medicine enables future physicians to prescribe the right drug to the right patient at the right dosage, by helping them link each patient’s genotype to their specific disea...
Article
Privacy concern has been identified as a major factor hindering the growth of e-business. Recently, various privacy-enhancing tools (PETs) have been proposed to protect the online privacy of Internet users. However, most of these PETs have been designed using an ad hoc approach rather than a systematic design. In this paper, we present an explorato...
Conference Paper
Since the textual contents on online social media are highly unstructured, informal, and often misspelled, existing research on message-level offensive language detection cannot accurately detect offensive content. Meanwhile, user-level offensiveness detection seems a more feasible approach but it is an under researched area. To bridge this gap, we...
Article
To develop a general mathematical model for social networks is one of the fundamental tasks currently on demand within social network research. Ignoring the strength of the relationships, existing social network models simply use a Boolean value to describe the existence of relationships between peers. This shortage can be overcome by importing rep...
Conference Paper
While the body of privacy research on online social networks has been growing over the past several years, privacy problems emerged from the dynamism inherent in the launch of new features or interfaces have not been widely discussed. Drawing on the grounded theory approach, we aim to fill this gap by investigating the trigger conditions under whic...
Article
In the Security-Liberty balance, individuals would weigh the benefits of government surveillance against what the cost would be to our civil liberties. Drawing on Social Cognitive Theory (SCT), this study empirically operationalises and tests citizens' attitudes towards internet government surveillance and discusses predictors of these attitudes th...
Article
In online social networks, the aggressive way of data access and transmission by thirdparty applications (apps) has made privacy concerns particularly salient. Users' private information can be easily revealed by their and even their friends' use of apps. A heightened need for empowering user control for third-party apps arises due to the inability...
Article
When online vendors have gained a strong user base through a flagship product, the basic principles of competitive strategy dictate that they seek to extend their product lines. Taking advantage of existing traffic to introduce a new product presents a critical opportunity for these vendors. Since users increasingly emphasize cross-product integrat...
Article
The evolution of mobile network technologies and smartphones has provided mobile consumers with unprecedented access to Internet and value-added services while on the move. Privacy issues in such context become critically important because vendors may access a large volume of personal information. Although several pioneering studies have examined g...
Article
Full-text available
Little research examines the privacy threats associated with the use of third-party apps on Facebook. To address this gap in the literature, we systematically study third-party apps' current practices for privacy notice and consent by: i) collecting data from the 1800 most popular Facebook apps to record their data collection practices concerning u...
Article
Organizational information practices can result in a variety of privacy problems that can increase consumers' concerns for information privacy. To explore the link between individuals and organizations regarding privacy, we study how institutional privacy assurances such as privacy policies and industry self-regulation can contribute to reducing in...
Article
Full-text available
Social computing and online communities are changing the fundamental way people share information and communicate with each other. Social computing focuses on how users may have more autonomy to express their ideas and participate in social exchanges in various ways, one of which may be peer-to-peer (P2P) file sharing. Given the greater risk of opp...
Article
To deal with the problem of information modeling of product design process module(DPM), with the object-oriented (O-O)method, an integrated information model of DPM is proposed. This paper, firstly, presents the information necessity of DPM in product design process management. Then, focusing on design task, the information structure of DPM is prop...
Article
The continuous development of information technology provides a joint opportunity of manufacturing and service industry. For the present, modularity thinking has make a more mature application in manufacturing industry, however, the modularity research in service industry is still lagged. This paper, firstly, gives the concepts and attributes of se...
Article
Product design process is a complex system engineering. To improve the management efficiency of product design process, this paper, presents a new mode of product design process management from the perspective of modularization. Firstly, the related concepts and attributes of product design process module (DPM) are put forward. Then, the structure...
Article
With a substantial amount of resources being spent on online advertising, examining the effectiveness of online advertising is now an important subject for scholarly investigation. Cross-product integration has become a source of market advantage and a strategic necessity for online advertising. The issue of product integration has not been suffici...
Article
Full-text available
Adoption of an information system could be reflected in two ways: through the adoption intentions of the non-adopters and the extent of adoption for the adopters. This study seeks to identify the motivational factors influencing individuals' adoption intentions and the extent of a system adoption within the context of Open Source Software (OSS). Bu...
Article
Online Social Networks (OSNs) facilitate the creation and maintenance of interpersonal online relationships. Unfortunately, the availability of personal data on social networks may unwittingly expose users to numerous privacy risks. As a result, establishing effective meth-ods to control personal data and maintain privacy within these OSNs have bec...
Article
Location-Based Services (LBSs) bring unprecedented mobility and personalisation value to nomadic customers and hence have great commercial potential. However, the commercial potential of LBS is obscured by consumer's privacy concerns whereby the LBS provider can misuse confidential personal information and in extreme circumstances jeopardise an ind...
Conference Paper
In this paper, we aim at providing conceptual and empirical insights to the design of security indicators in web browsers. In examining why security indicators in web browsers fail to warn users about web frauds, we propose affordance-based principles for our new design of web authentication indicators. Following these principles, we present a new...
Conference Paper
The proliferation of e-health holds great promises in sharing medical data, improving healthcare quality, saving patient lives and reducing costs. However, these potential benefits also bring much attention to the issues of information privacy. Given that medical data disclosure is the second highest reported breaches, it is imperative to understan...
Conference Paper
Full-text available
This research adopts a grounded theory approach to examine the drivers, safeguards and operational outcomes of organizational information privacy responses in the healthcare context. Semi-structured interviews with key healthcare stakeholders were conducted. The findings are sobering. First, privacy safeguards are driven by legal compliance, compet...
Article
Integrative analysis and modeling of the omics data using systems biology have led to growing interests in the development of predictive and personalized medicine. Personalized medicine enables future physicians to prescribe the right drug to the right patient at the right dosage, by helping them link each patient's genotype to their specific disea...
Article
Full-text available
The emergence of mobile communication and positioning technologies has presented advertisers and marketers with a new type of advertising approach: location-based advertising (LBA). Advertisers could deliver contextually appropriate advertising messages through wireless devices on a geographically targeted basis and could reach mobile consumers whe...