ArticlePDF Available

Internet Users' Information Privacy Concerns (IUIPC): The Construct, the Scale, and a Causal Model

Article

Internet Users' Information Privacy Concerns (IUIPC): The Construct, the Scale, and a Causal Model

Abstract

The lack of consumer confidence in information privacy has been identified as a major problem hampering the growth of e-commerce. Despite the importance of understanding the nature of online consumers' concerns for information privacy, this topic has received little attention in the information systems community. To fill the gap in the literature, this article focuses on three distinct, yet closely related, issues. First, drawing on social contract theory, we offer a theoretical framework on the dimensionality of Internet users' information privacy concerns (IUIPC). Second, we attempt to operationalize the multidimensional notion of IUIPC using a second-order construct, and we develop a scale for it. Third, we propose and test a causal model on the relationship between IUIPC and behavioral intention toward releasing personal information at the request of a marketer. We conducted two separate field surveys and collected data from 742 household respondents in one-on-one, face-to-face interviews. The results of this study indicate that the second-order IUIPC factor, which consists of three first-order dimensions--namely, collection, control, and awareness--exhibited desirable psychometric properties in the context of online privacy. In addition, we found that the causal model centering on IUIPC fits the data satisfactorily and explains a large amount of variance in behavioral intention, suggesting that the proposed model will serve as a useful tool for analyzing online consumers' reactions to various privacy threats on the Internet.
Reproduced with permission of the copyright owner. Further reproduction prohibited without permission.
Internet Users' Information Privacy Concerns (IUIPC): The Construct, the Scal...
Naresh K Malhotra; Sung S Kim; James Agarwal
Information Systems Research; Dec 2004; 15, 4; ABI/INFORM Global
pg. 336
Reproduced with permission of the copyright owner. Further reproduction prohibited without permission.
Reproduced with permission of the copyright owner. Further reproduction prohibited without permission.
Reproduced with permission of the copyright owner. Further reproduction prohibited without permission.
Reproduced with permission of the copyright owner. Further reproduction prohibited without permission.
Reproduced with permission of the copyright owner. Further reproduction prohibited without permission.
Reproduced with permission of the copyright owner. Further reproduction prohibited without permission.
Reproduced with permission of the copyright owner. Further reproduction prohibited without permission.
Reproduced with permission of the copyright owner. Further reproduction prohibited without permission.
Reproduced with permission of the copyright owner. Further reproduction prohibited without permission.
Reproduced with permission of the copyright owner. Further reproduction prohibited without permission.
Reproduced with permission of the copyright owner. Further reproduction prohibited without permission.
Reproduced with permission of the copyright owner. Further reproduction prohibited without permission.
Reproduced with permission of the copyright owner. Further reproduction prohibited without permission.
Reproduced with permission of the copyright owner. Further reproduction prohibited without permission.
Reproduced with permission of the copyright owner. Further reproduction prohibited without permission.
Reproduced with permission of the copyright owner. Further reproduction prohibited without permission.
Reproduced with permission of the copyright owner. Further reproduction prohibited without permission.
Reproduced with permission of the copyright owner. Further reproduction prohibited without permission.
Reproduced with permission of the copyright owner. Further reproduction prohibited without permission.
... Based on the core constructs of EPPM, i.e., perceived threat and perceived efficacy, combined with the elements of internet user's information privacy concerns (Malhotra et al., 2004) and coping theory (Folkman et al., 1986), we synthesize a new model (Figure 1). The model explains an individual's potential coping behavior when faced with a privacy breach of one's fitness data. ...
... The term privacy concern is defined as a concern arising due to the unconsented use of personally identifiable information. Malhotra et al. (2004) developed and tested the Internet Users' Information Privacy Concern (IUIPC) model to measure the intention to disclose personal information online. They conceptualized IUIPC as a second-order construct consisting of three factors: collection, control, and awareness. ...
... We used Risk based diagnostic scale (Witte, 1996), Ways of Coping Questionnaire (WCQ) (Folkman et al., 1986), and the COPE inventory (Carver et al., 1989) to capture the perceptions and coping behavior. Individuals' privacy concern was measured using the IUIPC scale (Malhotra et al., 2004). All the items were operationalized using a seven-point Likert scale and the survey was drawn out in English. ...
Article
Full-text available
A rapid increase in violations of health information privacy in the context of ubiquitous technology has prompted the paramount importance of academic attention to users' behavior post data breaches. This research explores the impact of privacy concerns and perceived threats to privacy violations on fitness tracker users' coping behaviors. A model was synthesized by combining the core dimensions of the Extended Parallel Process Model, Internet Users' Information Privacy Concern, and Coping Theory. A survey was conducted among 260 fitness tracker users. The Structural Equation Modeling results indicate privacy concern strongly influences an individual's perceived threat, affecting one's choice of post-privacy violation coping behavior. Further, results confirm the fear of losing one's data privacy, resulting in a shift in the attitude towards the technology itself. Manufacturers and policymakers need to reexamine privacy policies and post data breach protocols keeping in mind consumer coping behaviors.
... Previous studies have demonstrated that users' intention to disclose privacy can reflect their behavioral results. Malhotra et al. [39] pointed out that the intention of privacy disclosure of Internet users has a positive impact on privacy disclosure behavior. Hajli and Lin [40] also found that sharing information intention on SNS has a positive correlation with users' actual information disclosure. ...
... Perceived risks refer to the possible loss caused by users' personal information disclosure due to illegal behavior or improper use of information, and is the expectation of users for the worst result [39]. The risks perceived by users mainly come from the abuse of information and the illegal use of third-party organizations, such as the online tracking and recording of information, the dissemination of information on the Internet, and the selling of users' personal information by third-party organizations. ...
Article
Full-text available
Interaction is the main feature of social media, while in recent years, frequent privacy disclosure events of the social media user affect users’ privacy disclosure behavior. In this paper, we explore the mechanism of interaction characteristics by social media apps on users’ privacy disclosure behavior. Using SOR theoretical models and the privacy calculus theory, the effects of privacy disclosures on TikTok are examined. Structural equation modeling is used to analyze the data from 326 questionnaires. We concluded that human–computer interaction (perceived personalization, perceived control) and interpersonal interaction (perceived similarity) positively and negatively affected perceived benefits and perceived risks, respectively, and had positive effects on intention to disclose privacy through perceived benefits and perceived risks, respectively, except that perceived personalization had no effect on perceived risk and intention to disclose privacy. In addition, perceived benefits and perceived risks played an intermediary role in interactivity and privacy disclosure intention. Finally, we provided countermeasures and suggestions for social media operators and policy makers.
... An additional item for error-proneness was included. Technological affinity was measured with the "Affinity for Technology Interaction" (ATI) scale [22], privacy concerns were measured using a scale for global information privacy concerns from Smith et al. [59] and adapted by Malhotra et al. [43]. ...
Preprint
Full-text available
Choosing authentication schemes for a specific purpose is challenging for service providers, developers, and researchers. Previous ratings of technical and objective aspects showed that available schemes all have strengths and limitations. Yet, the security of authentication also relies on user perceptions which affect acceptance and user behaviour and can deviate from technical aspects. To shine light on the issue and support researchers, developers, and service-providers confronted with authentication choice, we conducted an in-depth analysis of user perceptions of the password, fingerprint, and a smartphone-based scheme in an online study with 201 participants. As authentication is a secondary task that needs to be evaluated in the context of authentication purpose, we also compared perceptions across four contexts of use with varying sensitivity levels: email accounts, online banking, social networks, and smart homes. The results revealed how perceptions of usability, security, privacy, trust, effort, and qualitative features of the schemes are related to user preferences. The results increase awareness for the influence of subjective perceptions and have practical implications for decision-makers. They can inform a) the choice between several adequate schemes, b) the authentication design to reduce concerns or security-related misconceptions, and c) the development of context-dependent authentication.
Chapter
With the prevalence of working from home, more and more organizations are adopting monitoring methods to keep track of their employees’ work activities electronically. Understanding how employees respond to various monitoring methods and what factors affect their attitudes and perceptions towards monitoring is important to maintain a healthy employee-employer relationship and productivity in workplaces. To explore employees’ perceptions, concerns, attitudes and knowledge of commonly used monitoring methods, we conducted an online survey with 197 remote workers. We found that the use of cameras, microphones and screen recorders were among the most disapproved monitoring methods that would cause participants to refuse a job offer, promotion or even quit their current job. Our qualitative findings indicated that the most commonly cited reasons behind their disapproval were concerns about invasion of privacy and safety. Participants were found to be more opposed to remote monitoring than monitoring at office/location. We also identified factors influencing employee satisfaction, employee loyalty, faith in intentions of management, intention to disclose, trust in employers, and openness to employer monitoring. Implications of our findings towards better monitoring practices are also discussed in the paper.
Article
Full-text available
The purpose of this paper was to provide understanding about the strategic use of information privacy for organizational sustainability and also examine the relationship between information privacy and organizational sustainability. The baseline theory for this study was the restricted access and limited control theory (RALC), while the method used was the secondary methods where literatures were reviewed. The study findings revealed that, the strategic use of information privacy is vital for organizational sustainability as it protect individual's personal information from malicious users and boosts the confidence and trust the customers have for the organization. The study also found that administrative control and technical control have huge impact on building information privacy protection to achieve organizations sustainability that was measured by corporate reputation and stakeholder's satisfaction. The study concluded that there is a significant relationship between information privacy and organizational sustainability as well as the dimensions to the measures of the study. Based on the findings and conclusion, the study suggested that organizations and business firms should adopt strong administrative control and technical control as their strategies of ensuring information privacy protection in organization as it positively influence organizational sustainability, which can enable them achieved corporate reputation and stakeholder satisfaction.
Article
Mobility as a Service (MaaS) refers to the concept of integrating new mobility services electronically, thereby enabling users to access various public and private transport services via a single digital platform. Through MaaS, service providers aim at developing an integrated service that caters to various demands by mobility users. Personal data such as travel behavior is key in this context, because it allows the development, customization, and personalization of mobility services. Hence, for MaaS to become successful, service providers need to collect users' personal information, and users need to accept data collection. In turn, privacy concerns represent a potential hurdle for the success of MaaS. Therefore, understanding privacy concerns from the users' side can help MaaS providers to increase the users' willingness to share their information. This study aims to add on to earlier research findings on privacy concerns by shedding light on new dimensions emerging from the MaaS service. Understanding privacy concerns from the users' side is key in that regard, as it may enable improved service and system development. A sequential mixed-methods approach is used to collect, analyze, and “mix” both quantitative and qualitative research methods. The primary findings are as follows: (1) Privacy concerns specific to the mobility data collection context exist; (2) users are not necessarily personally worried about their privacy even though they claim privacy is an issue; (3) in contrast to traditional privacy thinking, users' trust in mobility service providers may override their privacy concerns. The study's results indicate trust is the key to MaaS adoption. Policy recommendations are explored in the end.
Article
Digital advertising provides great advantages such as lower advertising costs, fast and reliable feedbacks from customers, increased efficiency, and the ability to create detailed databases of customers, which make it increasingly more important for companies. Production of contents is mainly based on intuition and experience for conventional advertising, while it based on data for digital advertising. This makes it possible to offer targeted advertisements that are customized according to the digital trails of consumers. Targeted advertising has become the focus of digital advertising, and methods that have been developed in this field open new horizons for both companies and researchers. To provide targeted advertisements for digital advertising, bidding machines or pricing engines that offer customized prices and promotions are typically generated by means of a machine learning algorithm. Machine learning provides companies with more power to control advertisements; but the most important matter of debate is the customization of advertisements and, as a result thereof, the possibility that data privacy is compromised. This paper discusses the matter with a holistic approach by means of focusing on the concerns of data privacy in addition to the benefits of targeted advertisements and machine learning algorithms for businesses. This paper also discusses the steps that would prevent consumers from not proceeding with a purchase due to concerns about data privacy, while maintaining the high level of profitability gained thanks to targeted advertisements.
Article
As ubiquitous computing brings sensors and actuators directly into our homes, they introduce privacy concerns for the owners and bystanders. However, privacy concerns may vary among devices and depend on the bystanders' social relation to the owner. In this work, we hypothesize 1) that bystanders assign more privacy concerns to smart home devices than personal computing devices, such as smartphones, even though they have the same capabilities, and 2) that a stronger social relationship mitigates some of the bystanders' privacy concerns. By conducting an online survey (n=170), we found that personal computing devices are perceived as significantly less privacy-concerning than smart home devices while having equal capabilities. By varying the assumed social relationship, we further found that a stronger connection to the owner reduces privacy concerns. Thus, as bystanders underestimate the risk of personal computing devices and are generally concerned about smart home devices, it is essential to alert the user about the presence of both. We argue that bystanders have to be informed about the privacy risks while entering a new space, in the best case, already in the entrance area.
Article
Full-text available
Provides a nontechnical introduction to the partial least squares (PLS) approach. As a logical base for comparison, the PLS approach for structural path estimation is contrasted to the covariance-based approach. In so doing, a set of considerations are then provided with the goal of helping the reader understand the conditions under which it might be reasonable or even more appropriate to employ this technique. This chapter builds up from various simple 2 latent variable models to a more complex one. The formal PLS model is provided along with a discussion of the properties of its estimates. An empirical example is provided as a basis for highlighting the various analytic considerations when using PLS and the set of tests that one can employ is assessing the validity of a PLS-based model. (PsycINFO Database Record (c) 2012 APA, all rights reserved)
Article
Full-text available
Research dealing with various aspects of* the theory of planned behavior (Ajzen, 1985, 1987) is reviewed, and some unresolved issues are discussed. In broad terms, the theory is found to be well supported by empirical evidence. Intentions to perform behaviors of different kinds can be predicted with high accuracy from attitudes toward the behavior, subjective norms, and perceived behavioral control; and these intentions, together with perceptions of behavioral control, account for considerable variance in actual behavior. Attitudes, subjective norms, and perceived behavioral control are shown to be related to appropriate sets of salient behavioral, normative, and control beliefs about the behavior, but the exact nature of these relations is still uncertain. Expectancy— value formulations are found to be only partly successful in dealing with these relations. Optimal rescaling of expectancy and value measures is offered as a means of dealing with measurement limitations. Finally, inclusion of past behavior in the prediction equation is shown to provide a means of testing the theory*s sufficiency, another issue that remains unresolved. The limited available evidence concerning this question shows that the theory is predicting behavior quite well in comparison to the ceiling imposed by behavioral reliability.
Article
Full-text available
Arguably, the most critical time frame for organizational participants to develop trust is at the beginning of their relationship. Using primarily a cognitive approach, we address factors and processes that enable two organizational parties to form relatively high trust initially. We propose a model of specific relationships among several trust-related constructs and two cognitive processes. The model helps explain the paradoxical finding of high initial trust levels in new organizational relationships.
Article
The authors conceptualize direct mail as an implied social contract between marketers and consumers. Four attributes constitute the direct mail social contract: volume, targeting, compensation, and permission. Several proposals have been advanced in an effort to protect consumer privacy in the direct mail environment. These proposals would directly or indirectly result in changes in the levels of the social contract attributes. The authors use a conjoint study to measure the trade-offs consumers make among these attributes. The results suggest consumers want improved targeting efficiency and lower mail volume, and they are not willing to pay for these improvements. These findings suggest that consumers consider several attributes in their evaluation of direct mail social contracts. Proposals to alter the direct mail environment must consider all these attributes in concert.
Article
This paper presents an overview of consumer privacy that integrates the public policy and behavioral literatures. Consumer privacy is defined in terms of control over information disclosure and the environment in which a consumer transaction occurs. These two dimensions generate a 2×2 matrix, identifying four states of privacy based on control over environment, information disclosure, both, or neither. For each state, managerial and policy implications can be derived.
Article
Marketers’ use of the new information technologies has provided the opportunity for improved market segmentation and target marketing. However, the profession faces ethical conflicts because application of these technologies commonly invades consumer privacy. The authors examine the ethical dimensions of marketing practice in relation to consumer privacy. The meaning of privacy in a marketing context is explored and specific marketing threats to consumer privacy are described. After examining current and potential mechanisms to safeguard consumer privacy, the authors conclude that marketers must make an active commitment to ethical behavior in this area if restrictive legislation is to be avoided.
Article
Transaction cost analysis is rapidly becoming an important theoretical paradigm in marketing. However, the accumulation of transaction cost studies has been accompanied by a growing body of criticism, primarily directed toward its underlying behavioral norm of opportunism. That norm is a serious theoretical deficiency, not only because it may be descriptively inaccurate, but also because it limits the applicability of the theoretical framework. The authors show that norms play a very significant role in structuring economically efficient relationships between independent firms. In the absence of supportive norms, it is not possible for parties whose specific assets are at risk to acquire vertical control as per the transaction cost prescription. Instead, those parties lose control because of their dependence. An empirical test of the conceptual model in a sample of manufacturer-supplier relationships shows good support for the authors' hypotheses.
Article
In this article, we provide guidance for substantive researchers on the use of structural equation modeling in practice for theory testing and development. We present a comprehensive, two-step modeling approach that employs a series of nested models and sequential chi-square difference tests. We discuss the comparative advantages of this approach over a one-step approach. Considerations in specification, assessment of fit, and respecification of measurement models using confirmatory factor analysis are reviewed. As background to the two-step approach, the distinction between exploratory and confirmatory analysis, the distinction between complementary approaches for theory testing versus predictive application, and some developments in estimation methods also are discussed.