No full-text available
To read the full-text of this research,
you can request a copy directly from the authors.
Re-Evaluating Internet Users' Information Privacy Concerns: The Case in Japan
Abstract
To expand the understanding of privacy concerns in the digital sphere, this paper makes use of the Internet Users' Information Privacy Concerns (IUIPC) model by Malhotra et al. (2004). The lack of empirical studies conducted in East-Asian societies makes it difficult, if not impossible, to shed light on multi-cultural differences in information privacy concerns of internet users. Therefore, we collected data of more than 9,000 Japanese respondents to conduct a conceptual replication of the IUIPC model. For our research goal, we reassess the validity and reliability of the IUIPC model for Japan and compare the results with internet users' privacy concerns in the USA. Our results indicate that the second-order IUIPC construct, measured reflectively through the constructs awareness, collection, and control, is reliable and valid. Furthermore, three out of the five structural paths of the IUIPC model were confirmed for our Japanese sample. In contrast to the original study, the impact of IUIPC on trusting beliefs, as well as that of trusting beliefs on risk beliefs was negligible. Statistically significant differences in the IUIPC could only be found for the covariate gender.
... IUIPC has roots in the earlier scale Concerns for Information Privacy (CFIP) [45], itself a popular scale measuring organizational information privacy concern and validated in independent studies [18,46]. IUPIC has been appraised by researchers as part of other studies [36,43] and undergone an independent empirical evaluation of the scale itself [16] and of the applicability of the full nomology in other cultures [39]. Even though the scale was originally created in a diligent, evolutionary fashion and founded on a sound underpinning for its content validity, construct validity and internal consistency reliability were not always found up to par for the purpose of human factors in privacy research. ...
... These validity and reliability problems were confirmed in an independent empirical evaluation of the scale [16]. Pape et al. [39] independently evaluated the full nomology of IUIPC-10 in Japan. ...
... At the same time, retest reliability (generalizability across times) and equivalence reliability (generalizability across forms) are still research areas to expand. In addition, the investigation of IUIPC in its full nomology is important, such as pursued by Pape et al. [39] in the case of the use of the scale in Japan. ...
Valid and reliable measurement instruments are crucial for human factors in privacy research. We expect them to measure what they purport to measure, yielding validity, and to measure this consistently, offering us reliability. While there is a range of privacy concern instruments available in the field and their investigation continues unabated, we shall focus on a brief form of the scale Internet users? Information privacy concerns (IUIPC-8) as an example. We not only present IUIPC-8 itself, but also consider methods for the evaluation of valid and reliable measurement instruments. In this, confirmatory factor analysis (CFA) serves us as a valuable tool. Our inquiry takes into account the ordinal and non-normal data yielded by the IUIPC questionnaire, compares multiple models to confirm the three-dimensionality is a fixed term, typically written with hyphen of the scale, examines global and local fit, and, finally, estimates construct validity and internal consistency reliability metrics. We offer a comparison between IUIPC-10 and IUIPC-8 drawing on two independent samples. In conclusion, we highlight properties of the scale and considerations for its use in practice.
... The researchers also added perceived ubiquity as an extended factor to the IUIPC. Pape et al. [17] re-applied the IUIPC in Japan and compared the results with results from the USA [7]. The results suggested that the IUIPC was still valid and reliable. ...
... For example, if they need to provide more personal information than the doctor needs or information that seems unrelated to the disease, they will have raised their concern. These results are consistent with Malhotra et al. [7], Sipior et al. [16], and Pape et al. [17]. Furthermore, the awareness of how the healthcare organization processes their personal health information also affects the privacy concerns. ...
... Surprisingly, the degree to which participants believe in protecting personal health information from the healthcare provider positively affects the behavioral intention to share health information. In accordance with the present results, previous studies have demonstrated that trusting beliefs were found to be a predictor of the user's intention to provide information [7,16,17], a finding that supported our results. ...
One of the most important industries that transforms into digital infrastructure is healthcare. Most healthcare organizations worldwide collect and process personal health information digitally. Personal health information is considered highly sensitive information. Hence, the increased collection of health information has raised concerns throughout society regarding potential privacy issues. Therefore, previous research paid attention to the study of privacy of health information in several contexts. In Thailand, Thai people are becoming more aware of privacy concerns than ever before. The reason is that the personal data protection act will become effective in May 2021. Hence, this study aims to understand the privacy concerns and behavioral intention to reveal Thais' personal health information. In this paper, we applied the Internet Users' Information Privacy Concerns model to the health information context. We collected data using an online questionnaire. The population consisted of Thai people who shared personal health information with the healthcare industry. The participants in this research were selected by the accidental sampling method. There were 84 participants in Thailand who were employed in the hypotheses testing using the linear regression equations. This study shows that personal health information collection and awareness directly influence personal health information privacy concerns. Furthermore, trusting belief is a factor that affects people's behavioral intention to share health information. The findings should help the healthcare industry to better understand the patients, so that they will offer their information willingly.
... These validity and reliability problems were confirmed in an independent empirical evaluation of the scale [16]. Pape et al. [39] independently evaluated the full nomology of IUIPC-10 in Japan. ...
... At the same time, retest reliability (generalizability across times) and equivalence reliability (generalizability across forms) are still research areas to expand. In addition, the investigation of IUIPC in its full nomology are important, such as pursued by Pape et al. [39] in the case of the use of the scale in Japan. ...
Valid and reliable measurement instruments are crucial for human factors in privacy research. We expect them to measure what they purport to measure, yielding validity, and to measure this consistently, offering us reliability. While there is a range of privacy concern instruments available in the field and their investigation continues unabated, we shall focus on a brief form of the scale Internet Users? Information Privacy Concerns (IUIPC-8) as an example. We not only present IUIPC-8 itself, but also consider methods for the evaluation of valid and reliable measurement instruments. In this, confirmatory factor analysis (CFA) serves us as a valuable tool. Our inquiry takes into account the ordinal and non-normal data yielded by the IUIPC questionnaire, compares multiple models to confirm the three-dimensionality of the scale, examines global and local fit and, finally, estimates construct validity and internal consistency reliability metrics. We offer a comparison between IUIPC-10 and IUIPC-8 drawing on two independent samples. In conclusion, we highlight properties of the scale and considerations for its use in practice.
... The IUIPC construct has been used in various contexts, such as Internet of Things [51], Internet transactions [39], and mobile apps [59]. Furthermore, it has recently been re-evaluated in several studies [54,55]. But so far it had not been applied to a PET such as an anonymization service. ...
This chapter provides information about acceptance factors of privacy-enhancing technologies (PETs) based on our research why users are using Tor and JonDonym, respectively. For that purpose, we surveyed 124 Tor users (Harborth and Pape 2020) and 142 JonDonym users (Harborth Pape 2020) and did a quantitative evaluation (PLS-SEM) on different user acceptance factors. We investigated trust in the PET and perceived anonymity (Harborth et al. 2021; Harborth et al. 2020; Harborth and Pape 2018), privacy concerns, and risk and trust beliefs (Harborth and Pape 2019) based on Internet Users Information Privacy Concerns (IUIPC) and privacy literacy (Harborth and Pape 2020). The result was that trust in the PET seems to be the major driver. Furthermore, we investigated the users’ willingness to pay or donate for/to the service (Harborth et al. 2019). In this case, risk propensity and the frequency of perceived improper invasions of users’ privacy were relevant factors besides trust in the PET. While these results were new in terms of the application of acceptance factors to PETs, none of the identified factors was surprising. To identify new factors and learn about differences in users’ perceptions between the two PETs, we also did a qualitative analysis of the questions if users have any concerns about using the PET, when they would be willing to pay or donate, which features they would like to have and why they would (not) recommend the PET (Harborth et al. 2021; Harborth et al. 2020). To also investigate the perspective of companies, we additionally interviewed 12 experts and managers dealing with privacy and PETs in their daily business and identified incentives and hindrances to implement PETs from a business perspective (Harborth et al. 2018).
... For the validation of instruments such as those mentioned above, different approaches have been taken: Mainly a new confirmatory factor analysis model is fit for the same item measures to a new sample based on the factor structure to be validated (but usually with new parameter estimates, e.g. [53,76]). Alternatively, an exploratory factor analysis is conducted to evaluate the underlying latent variables (e.g. ...
Concise instruments to determine privacy personas – typical privacy-related user groups – are not available at present. Consequently, we aimed to identify them on a privacy knowledge–privacy behavior ratio based on a self-developed instrument. To achieve this, we conducted an item analysis (N = 820) and a confirmatory factor analysis (CFA) (N = 656) of data based on an online study with German participants. Starting with 81 items, we reduced those to an eleven-item questionnaire with the two scales privacy knowledge and privacy behavior. A subsequent cluster analysis (N = 656) revealed three distinct user groups: (1) Fundamentalists scoring high in privacy knowledge and behavior, (2) Pragmatists scoring average in privacy knowledge and behavior and (3) Unconcerned scoring low in privacy knowledge and behavior. In a closer inspection of the questionnaire, the CFAs supported the model with a close global fit based on RMSEA in a training and to a lesser extent in a cross-validation sample. Deficient local fit as well as validity and reliability coefficients well below generally accepted thresholds, however, revealed that the questionnaire in its current form cannot be considered a suitable measurement instrument for determining privacy personas. The results are discussed in terms of related persona conceptualizations, the importance of a methodologically sound investigation of corresponding privacy dimensions and our lessons learned.
... That changed with a series of papers investigating reasons for the (non-)adoption of Tor [20] and JonDonym [17]. Based on the construct of internet users' information privacy concerns [42,43] Harborth and Pape found that trust beliefs in the anonymization service played a huge role for the adoption [18,19]. Further work [21] indicates that the providers' reputation, aka trust in the provider, played also a major role in the users' willingness to pay for or donate to these services. ...
Users report that they have regretted accidentally sharing personal information on social media. There have been proposals to help protect the privacy of these users, by providing tools which analyze text or images and detect personal information or privacy disclosure with the objective to alert the user of a privacy risk and transform the content. However, these proposals rely on having access to users’ data and users have reported that they have privacy concerns about the tools themselves. In this study, we investigate whether these privacy concerns are unique to privacy tools or whether they are comparable to privacy concerns about non-privacy tools that also process personal information. We conduct a user experiment to compare the level of privacy concern towards privacy tools and nonprivacy tools for text and image content, qualitatively analyze the reason for those privacy concerns, and evaluate which assurances are perceived to reduce that concern. The results show privacy tools are at a disadvantage: participants have a higher level of privacy concern about being surveilled by the privacy tools, and the same level concern about intrusion and secondary use of their personal information compared to non-privacy tools. In addition, the reasons for these concerns and assurances that are perceived to reduce privacy concern are also similar. We discuss what these results mean for the development of privacy tools that process user content.
... That changed with a series of papers investigating reasons for the (non-)adoption of Tor [20] and JonDonym [17]. Based on the construct of internet users' information privacy concerns [42,43] Harborth and Pape found that trust beliefs in the anonymization service played a huge role for the adoption [18,19]. Further work [21] indicates that the providers' reputation, aka trust in the provider, played also a major role in the users' willingness to pay for or donate to these services. ...
Users report that they have regretted accidentally sharing personal information on social media. There have been proposals to help protect the privacy of these users, by providing tools which analyze text or images and detect personal information or privacy disclosure with the objective to alert the user of a privacy risk and transform the content. However, these proposals rely on having access to users' data and users have reported that they have privacy concerns about the tools themselves. In this study, we investigate whether these privacy concerns are unique to privacy tools or whether they are comparable to privacy concerns about non-privacy tools that also process personal information. We conduct a user experiment to compare the level of privacy concern towards privacy tools and non-privacy tools for text and image content, qualitatively analyze the reason for those privacy concerns, and evaluate which assurances are perceived to reduce that concern. The results show privacy tools are at a disadvantage: participants have a higher level of privacy concern about being surveilled by the privacy tools, and the same level concern about intrusion and secondary use of their personal information compared to non-privacy tools. In addition, the reasons for these concerns and assurances that are perceived to reduce privacy concern are also similar. We discuss what these results mean for the development of privacy tools that process user content.
... For that purpose we used the IUIPC construct [125,159,160]. The IUIPC construct has been used in various contexts, such as internet of things [136], internet transactions [95] and mobile apps [174], but so far it had not been applied to a PET such as an anonymization service. ...
In order to address security and privacy problems in practice, it is very important to have a solid elicitation of requirements, before trying to address the problem. In this thesis, specific challenges of the areas of social engineering, security management and privacy enhancing technologies are analyzed:
Social Engineering: An overview of existing tools usable for social engineering is provided and defenses against social engineering are analyzed. Serious games are proposed as a more pleasant way to raise
employees’ awareness and to train them.
Security Management: Specific requirements for small and medium sized energy providers are analyzed and a set of tools to support them in assessing security risks and improving their security is proposed.
Larger enterprises are supported by a method to collect security key performance indicators for different subsidiaries and with a risk assessment method for apps on mobile devices. Furthermore, a method to select a secure cloud provider – the currently most popular form of outsourcing – is provided.
Privacy Enhancing Technologies: Relevant factors for the users’ adoption of privacy enhancing technologies are identified and economic incentives and hindrances for companies are discussed. Privacy by design is applied to integrate privacy into the use cases e-commerce and internet of things.
Background
Often lacking immediate access to care providers, pregnant individuals frequently turn to web-based sources for information to address their evolving physical and mental health needs. Social media has gained increasing prominence as a source of news and information despite privacy concerns and unique risks posed to the pregnant population.
Objectives
This study investigated the extent to which patients may be willing to disclose personal health information to social media companies in exchange for more personalized health content.
Methods
We designed and deployed an electronic survey to pregnant individuals worldwide electronically in 2023. We used the classical Internet Users’ Information Privacy Concerns (IUIPC) model to examine how privacy concerns modulate pregnant individuals’ behaviors and beliefs regarding risk and trust when using social media for health purposes. Results were analyzed using partial least squares structural equation modeling.
Results
Among 317 respondents who initiated the survey, 84% (265/317) of the respondents remained in the study, providing complete responses. Among them, 54.7% (145/265) indicated willingness to provide their personalized health information for receiving personalized health content via social media, while 26% (69/265) were uncertain and 19.3% (51/265) were opposed. Our estimated IUIPC model results are statistically significant and qualitatively align with the classic IUIPC model for the general population, which was previously found in an e-commerce context. The structural model revealed that privacy concerns (IUIPC) negatively affected trusting beliefs (β=−0.408; P <.001) and positively influenced risk beliefs (β=0.442; P <.001). Trusting beliefs negatively impacted risk beliefs (β=−o.362; P <.001) and positively affected the intention to disclose personal health information (β=o.266; P <.001). Risk beliefs negatively influenced the intention to disclose (β=−0.281; P <.001). The model explained 41.5% of the variance in the intention to disclose personal health information ( R ²=0.415). In parallel with pregnant individuals’ willingness to share, we find that they have heightened privacy concerns and their use of social media for information seeking is largely impacted by their trust in the platforms. This heightened concern significantly affects both their trusting beliefs, making them less inclined to trust social media companies, and their risk beliefs, leading them to perceive greater risks in sharing personal health information. However, within this population, an increase in trust toward social media companies leads to a more substantial decrease in perceived risks than what has been previously observed in the general population.
Conclusions
We find that more than half of the pregnant individuals are open to sharing their personal health information to receive personalized content about health via social media, although they have more privacy concerns than the general population. This study emphasizes the need for policy regarding the protection of health data on social media for the pregnant population and beyond.
One way to reduce privacy risks for consumers when using the internet is to inform them better about the privacy practices they will encounter. Tailored privacy information provision could outperform the current practice where information system providers do not much more than posting unwieldy privacy notices. Paradoxically, this would require additional collection of data about consumers’ privacy preferences—which constitute themselves sensitive information so that sharing them may expose consumers to additional privacy risks. This chapter presents insights on how this paradoxical interplay can be outmaneuvered. We discuss different approaches for privacy preference elicitation, the data required, and how to best protect the sensitive data inevitably to be shared with technical privacy-preserving mechanisms. The key takeaway of this chapter is that we should put more thought into what we are building and using our systems for to allow for privacy through human-centered design instead of static, predefined solutions which do not meet consumer needs.
Mobile computing devices have become ubiquitous; however, they are prone to observation and reconstruction attacks. In particular, shoulder surfing, where an adversary observes another user’s interaction without prior consent, remains a significant unresolved problem. In the past, researchers have primarily focused their research on making authentication more robust against shoulder surfing—with less emphasis on understanding the attacker or their behavior. Nonetheless, understanding these attacks is crucial for protecting smartphone users’ privacy. This chapter aims to bring more attention to research that promotes a deeper understanding of shoulder surfing attacks. While shoulder surfing attacks are difficult to study under natural conditions, researchers have proposed different approaches to overcome this challenge. We compare and discuss these approaches and extract lessons learned. Furthermore, we discuss different mitigation strategies of shoulder surfing attacks and cover algorithmic detection of attacks and proposed threat models as well. Finally, we conclude with an outlook of potential next steps for shoulder surfing research.
Users should always play a central role in the development of (software) solutions. The human-centered design (HCD) process in the ISO 9241-210 standard proposes a procedure for systematically involving users. However, due to its abstraction level, the HCD process provides little guidance for how it should be implemented in practice. In this chapter, we propose three concrete practical methods that enable the reader to develop usable security and privacy (USP) solutions using the HCD process. This chapter equips the reader with the procedural knowledge and recommendations to: (1) derive mental models with regard to security and privacy, (2) analyze USP needs and privacy-related requirements, and (3) collect user characteristics on privacy and structure them by user group profiles and into privacy personas. Together, these approaches help to design measures for a user-friendly implementation of security and privacy measures based on a firm understanding of the key stakeholders.
A variety of methods and techniques are used in usable privacy and security (UPS) to study users’ experiences and behaviors. When applying empirical methods, researchers in UPS face specific challenges, for instance, to represent risk to research participants. This chapter provides an overview of the empirical research methods used in UPS and highlights associated opportunities and challenges. This chapter also draws attention to important ethical considerations in UPS research with human participants and highlights possible biases in study design.
Os mecanismos de busca utilizam de estratégias para lidar com a sobrecarga de informações e disponibilizar resultados mais eficientes, tal como a busca personalizada, que ao coletar diversos dados dos participantes podem resultar em ameaças à privacidade. Este trabalho tem o objetivo de explicitar questões de privacidade, considerando aspectos de consciência e controle do usuário no processo de coleta de dados por parte dos mecanismos de busca. Realizou-se uma análise exploratória nas políticas de privacidade do Google e Bing para identificar possíveis dados coletados por esses mecanismos. Os dados foram agrupados em categorias e analisados tanto em relação à menção nas políticas quanto à possibilidade de controle do usuário. A menção à coleta de dados especificamente pelos mecanismos é pouca evidenciada, e embora haja possibilidade de controle, é necessário interpretar exaustivas políticas e configurações de privacidade para que o usuário tenha consciência sobre esse processo. Conclui-se que a díade privacidade-benefício pode implicar no controle sobre a coleta de dados, e a busca pela relevância nos resultados se sobrepõe à garantia de privacidade, pois quando usuários controlam suas configurações e limitam a coleta de dados, tornam menos relevantes os resultados, e ao personalizar, abrem portas de acesso a seus dados.
Due to an increasing collection of personal data by internet companies and several data breaches, research related to privacy gained importance in the last years in the information systems domain. Privacy concerns can strongly influence users' decision to use a service. The Internet Users Information Privacy Concerns (IUIPC) construct is one operationalization to measure the impact of privacy concerns on the use of technologies. However, when applied to a privacy enhancing technology (PET) such as an anonymization service the original rationales do not hold anymore. In particular, an inverted impact of trusting and risk beliefs on behavioral intentions can be expected. We show that the IUIPC model needs to be adapted for the case of PETs. In addition, we extend the original causal model by including trusting beliefs in the anonymization service itself as well as a measure for privacy literacy. A survey among 124 users of the anonymization service Tor shows that trust in Tor has a statistically significant effect on the actual use behavior of the PET. In addition, the results indicate that privacy literacy has a negative impact on trusting beliefs in general and a positive effect on trust in Tor.
Due to an increasing collection of personal data by internet companies and several data breaches, research related to privacy gained importance in the last years in the information systems domain. Privacy concerns can strongly influence users’ decision to use a service. The Internet Users Information Privacy Concerns (IUIPC) construct is one operationalization to measure the impact of privacy concerns on the use of technologies. However, when applied to a privacy enhancing technology (PET) such as an anonymization service the original rationales do not hold anymore. In particular, an inverted impact of trusting and risk beliefs on behavioral intentions can be expected. We show that the IUIPC model needs to be adapted for the case of PETs. In addition, we extend the original causal model by including trust beliefs in the anonymization service itself. A survey among 124 users of the anonymization service Tor shows that they have a significant effect on the actual use behavior of the PET.
Provides a nontechnical introduction to the partial least squares (PLS) approach. As a logical base for comparison, the PLS approach for structural path estimation is contrasted to the covariance-based approach. In so doing, a set of considerations are then provided with the goal of helping the reader understand the conditions under which it might be reasonable or even more appropriate to employ this technique. This chapter builds up from various simple 2 latent variable models to a more complex one. The formal PLS model is provided along with a discussion of the properties of its estimates. An empirical example is provided as a basis for highlighting the various analytic considerations when using PLS and the set of tests that one can employ is assessing the validity of a PLS-based model. (PsycINFO Database Record (c) 2012 APA, all rights reserved)
In light of the omnipresence of personal information exchange in the virtual world, this study examines the effects of Facebook use on privacy perceptions and self-disclosure behaviors across a 5-year period from 2010 to 2015. Findings at the global level support the socializing role of Facebook in cultivating more relaxed privacy attitudes, subsequently increasing self-disclosure in both offline and online contexts. However, longitudinal trends indicate that while risk perceptions increased for heavy users, they remained stable for light users. Furthermore, the negative relationship between privacy concerns and self-disclosure weakened across time. Implications for the application of cultivation theory to a contemporary social media context and the year-to-year changes in the impact of Facebook use on privacy attitudes and self-disclosure are discussed.
Internet privacy concerns (IPC) is an area of study that is receiving increased attention due to the huge amount of personal information being gathered, stored, transmitted, and published on the Internet. While there is an emerging literature on IPC, there is limited agreement about its conceptualization in terms of its key dimensions and its factor structure. Based on the multidimensional developmental theory and a review of the prior literature, we identify alternative conceptualizations of IPC. We examine the various conceptualizations of IPC with four online surveys involving nearly 4,000 Internet users. As a baseline, study 1 compares the integrated conceptualization of IPC to two existing conceptualizations in the literature. While the results provide support for the integrated conceptualization, the second-order factor model does not outperform the correlated first-order factor model. Study 2 replicates the study on a different sample and confirms the results of study 1. We also investigate whether the prior results are affected by the different perspectives adopted in the wording of items in the original instruments. In study 3, we find that focusing on one's concern for website behavior (rather than one's expectation of website behavior) and adopting a consistent perspective in the wording of the items help to improve the validity of the factor structure. We then examine the hypothesized third-order conceptualizations of IPC through a number of alternative higher-order models. The empirical results confirm that, in general, the third-order conceptualizations of IPC outperform their lower-order alternatives. In addition, the conceptualization of IPC that has the best fit with the data contains a third-order general IPC factor, two second-order factors of interaction management and information management, and six first-order factors (i.e., collection, secondary usage, errors, improper access, control, and awareness). Study 4 cross-validates the results with another data set and examines IPC within the context of a nomological network. The results confirm that the third-order conceptualization of IPC has nomological validity, and it is a significant determinant of both trusting beliefs and risk beliefs. Our research helps to resolve inconsistencies in the key underlying dimensions of IPC, the factor structure of IPC, and the wording of the original items in prior instruments of IPC. Finally, we discuss the implications of this research.
Structural equation models (SEM) are very popular in many disciplines. The par-tial least squares (PLS) approach to SEM offers an alternative to covariance-based SEM, which is especially suited for situations when data is not normally distributed. PLS path modelling is referred to as soft-modeling-technique with minimum demands regarding mea-surement scales, sample sizes and residual distributions. The semPLS package provides the capability to estimate PLS path models within the R programming environment. Dif-ferent setups for the estimation of factor scores can be used. Furthermore it contains modular methods for computation of bootstrap confidence intervals, model parameters and several quality indices. Various plot functions help to evaluate the model. The well known mobile phone dataset from marketing research is used to demonstrate the features of the package.
Purpose ‐ The purpose of this paper is to revisit the internet users' information privacy concerns (IUIPC) construct, a research model, and hypotheses based on Malhotra et al. (2004) to assess the continued applicability of this construct. The relationship among privacy concerns, trusting beliefs, and risk beliefs continues to be unclear. Empirical evidence about the impact of privacy concerns on behavior is mixed. Design/methodology/approach ‐ A paper-based questionnaire was distributed and collected from 63 part-time graduate students of a private university in the mid-Atlantic USA. These respondents have an average of six years of full-time professional work experience and the vast majority (88.9 percent) has over seven years of experience on the internet. Questionnaire items measured the constructs of the IUIPC instrument. All measurement scales were validated using factor analysis, Cronbach's a, and reliability analysis. For hypothesis testing, multiple regression analysis was used. Findings ‐ The results partially support those of Malhotra et al. (2004). Consistent are the findings that the higher the trust a consumer holds for an online company, the less likely that consumer is to view providing personal information as risky. Also consistent is that the higher the trust a consumer holds for an online company, the more likely is that consumer to intend to provide personal information online. Finally, the greater risk a consumer has for providing personal information, the less willing that consumer is to reveal such information online. However, the results did not support a negative relationship between the IUIPC construct and consumer trust in an online company or a positive relationship between IUIPC and consumer risk in providing personal information to an online company. The paper concludes that the IUIPC is not the valid scale to employ in measuring information privacy concerns. Research limitations/implications ‐ The main limitation of the findings is the use of a small convenience sample, limiting the insights into interrelationships between various dimensions of privacy concerns and the generalizability of the results. Practical implications ‐ The results may provide guidance to online retailers in addressing the dimensions of privacy concerns related to trusting beliefs and risk beliefs. Originality/value ‐ IUIPC were measured using the IUIPC instrument. This responds to Malhotra et al.'s (2004) call to use the IUIPC scale and the associated research framework to further investigate consumer privacy concerns and the suggestion by Belanger and Crossler (2011) that more studies should explore this scale. Further, both Westin (1967), and Smith et al. (1996) recognize that privacy attitudes and concerns may change over time, providing motivation to revisit IUIPC.
The real value of mobile applications is heavily dependent on consumers' trust in the privacy of their personal information and location data. However, research has generated few results based on actual information disclosure and even less that is based on longitudinal behavior. The purpose of this study is to execute a unique and authentic field experiment involving real risks and consumer behaviors regarding information disclosure over mobile devices. We compare two theoretical explanations of disclosure decisions: privacy calculus and prospect theory. Our results indicate that consumers are best modeled as "bounded" rational actors concerning their disclosure behavior. Also, actual information disclosure behavior over mobile applications is a more multifaceted issue than research has treated it thus far. For practice, mobile application providers should be aware that increasing the benefits of information disclosure via the app may have the counterintuitive effect of increasing perceived risk and reducing consumer disclosure.
This study explores the consequences of consumers' privacy concerns in the context of mobile advertising. Drawing on social contract theory, the proposed research model connects a series of psychological factors (prior negative experience, information privacy concerns, perceived ubiquity, trust, and perceived risk) and preference for degree of regulatory control. Data from a survey of 510 mobile phone users in Japan show that mobile users with prior negative experiences with information disclosure possess elevated privacy concerns and perceive stronger risk, which leads them to prefer stricter regulatory controls in mobile advertising. Both perceived ubiquity and sensitivity of the information request further the negative impact of privacy concerns on trust. No such effect occurs for the impact of privacy concerns on perceived risk, however. The authors discuss some theoretical and managerial implications.
Structural equation modeling (SEM) is a vast field and widely used by many applied researchers in the social and behavioral sciences. Over the years, many software pack-ages for structural equation modeling have been developed, both free and commercial. However, perhaps the best state-of-the-art software packages in this field are still closed-source and/or commercial. The R package lavaan has been developed to provide applied researchers, teachers, and statisticians, a free, fully open-source, but commercial-quality package for latent variable modeling. This paper explains the aims behind the develop-ment of the package, gives an overview of its most important features, and provides some examples to illustrate how lavaan works in practice.
Of late, the right to privacy seems to have been universally acknowledged. With the circulation of data in an information society, the importance of protecting personal data has been widely recognised. Many developed countries have enforced laws that protect the privacy and personal data of individuals. However, Japanese generally seem to differ from Westerners in their assessment of the importance of privacy. In general, Japanese society has not been very sensitive to the protection of privacy, which is probably due to the Japanese cultural and social environment.
Today, depending on topic, goal and budget, all kinds of sampling methods are being used, in order to collect consumer data for research in the wine business. However, it is questionable which survey method is able to generate data that does represent the entire population. A representative face-to-face survey with 2000 respondents and a telephone survey with 1000 respondents were compared with two online surveys, one based on quota sampling (2000) and the other on snowball sampling (3000) using identical questions. Due to the sampling method, three of the surveys were representative of the socio-demographic structure of the German population in terms of six demographic variables that were selected for the quota sampling. The online survey (based on the snowball sample) had large biases concerning representativeness. Regarding the behavioural characteristics of consumers, the face-to-face data delivered the best results, followed by the telephone interviews and finally the online quota survey. Face-to-face surveys still deliver the most representative results. Telephone surveys may provide a good alternative, but we would advise use of a larger sample. The online quota survey needs to be corrected, while in the case of snowball sampling, one should relinquish representativeness.
Drawing upon prior research on Internet information privacy concerns, this study examines the effects of perceived ubiquity on consumers’ acceptance of mobile advertising. We postulate that, due to increasing unethical information practice, ubiquity can be perceived both positively and negatively, exercising complex effects on trust, risk, attitude, and intention to delete the ad. With 510 Japanese general consumers, our findings indicate that perceived ubiquity significantly strengthens trust and attitude toward the ad, while none of the negative effects are confirmed. Perceived ubiquity is therefore generally accepted as a favorable utility of mobile communication, leading to more likely acceptance of the ad it delivers. In closing, theoretical and managerial implications are discussed, and important limitations are recognized.
The study reported here raises some questions about the conventional wisdom that the Internet creates a "level playing field" for large and small retailers and for retailers with and without an established reputation. In our study, consumers recognized differences in size and reputation among Internet stores, and those differences influenced their assessments of store trustworthiness and their perception of risk, as well as their willingness to patronize the store. After describing our research methods and results, we draw some implications for Internet merchants.
Factor analysis, path analysis, structural equation modeling, and related multivariate statistical methods are based on maximum likelihood or generalized least squares estimation developed for covariance structure models (CSMs). Large-sample theory provides a chi-square goodness-of-fit test for comparing a model (M) against a general alternative M based on correlated variables. It is suggested that this comparison is insufficient for M evaluation. A general null M based on modified independence among variables is proposed as an additional reference point for the statistical and scientific evaluation of CSMs. Use of the null M in the context of a procedure that sequentially evaluates the statistical necessity of various sets of parameters places statistical methods in covariance structure analysis into a more complete framework. The concepts of ideal Ms and pseudo chi-square tests are introduced, and their roles in hypothesis testing are developed. The importance of supplementing statistical evaluation with incremental fit indices associated with the comparison of hierarchical Ms is also emphasized. Normed and nonnormed fit indices are developed and illustrated. (43 ref) (PsycINFO Database Record (c) 2012 APA, all rights reserved)
The authors investigate the impact of Web site design investments on consumers' trusting beliefs and online pur-chase intentions. Such investments signal the component of trusting beliefs that is most strongly related to online purchase intentions: ability. These effects were strongest when consumers' goals were to search rather than to browse and when purchases involved risk.
It is sometimes suggested thatthere is no conception of privacy in Japan orthat, if there is, it is completely differentfrom Western conceptions of privacy. If thiswere so, finding common ground between Japanand the West on which to establish privacypolicies for the internet would be extremelydifficult if not impossible. In this paper wedelineate some of the distinctive differencesin privacy practices in Japan, but we maintainthat these differences do not prevent theestablishment of sound, shared, ethicalinformation privacy policies. We distinguishbetween a minimal conception of privacy that webelieve is shared by Japan and other societiesand richer conceptions of privacy that oftenreflect patterns of behavior distinctive ofparticular cultures. Although Japan and othersocieties share at least a minimal sense ofprivacy, a base on which to build, robustprivacy protection will not exist on theinternet until an internationally accepted richsense of privacy is developed.
Social computing systems are increasingly a part of people's social environment. Inherent to such communities is the collection and sharing of personal information, which in turn may raise concerns about privacy. In this study, we extend prior research on internet privacy to address questions about antecedents of privacy concerns in social computing communities, as well as the impact of privacy concerns in such communities. The results indicate that users' trust in other community members, and the community's information sharing norms have a negative impact on community-specific privacy concerns. We also find that community-specific privacy concerns not only lead users to adopt more restrictive information sharing settings, but also reduce the amount of information they share with the community. In addition, we find that information sharing is impacted by network centrality and the tenure of the user in the community. Implications of the study for research and practice are discussed. Author Keywords
One of the key factors affecting the growth of e-commerce is the lack of Internet users' confidence in online information privacy. Despite the importance of understanding the nature of the Internet users' concerns for information privacy, this topic is considered by many to be in the nascent stage. To fill the gap in the literature, this study examines the influence of demographic factors on Internet users' concerns for information privacy. Based on an empirical survey of 199 Internet users it was found that certain demographic factors, namely age, education and income level influence Internet users' concerns for information privacy. Others factors such as gender and Internet experience were found to have no influence. The implications of these and other findings are discussed.
We analyse the contention that privacy is an alien concept within Japanese society, put forward in various presentations of Japanese cultural norms at least as far back as Benedict (1946). In this paper we distinguish between information privacy and physical privacy. As we show, there is good evidence for social norms of limits on the sharing and use of personal in- formation (i.e. information privacy) from traditional interactions in Japanese society, as well as constitutional evidence from the late 19th century (in the Meiji Constitution of 1889). In this con- text the growing awareness of the Japanese public about problems with networked information processing by public sector and commercial organisations from the 1980s (when a law governing public sector use of personal information was first passed) to recent years (when that law was updated and a first law governing commercial use of personal information was adopted) are not the imposition or adoption of foreign practices nor solely an attempt to lead Japanese society into coherence with the rest of the OECD. Instead they are drawing on the experience of the rest of the developed world in developing legal responses to the breakdown of social norms governing interchange and use of personal information, stressed by the architectural changes wrought by networked information processing capabilities. This claim is supported by consideration of stan- dard models of Japanese social interactions as well as of Supreme Court judgements declaring reasonable expectations of protection of privacy to hold in Japan.
The lack of consumer confidence in information privacy has been identified as a major problem hampering the growth of e-commerce. Despite the importance of understanding the nature of online consumers' concerns for information privacy, this topic has received little attention in the information systems community. To fill the gap in the literature, this article focuses on three distinct, yet closely related, issues. First, drawing on social contract theory, we offer a theoretical framework on the dimensionality of Internet users' information privacy concerns (IUIPC). Second, we attempt to operationalize the multidimensional notion of IUIPC using a second-order construct, and we develop a scale for it. Third, we propose and test a causal model on the relationship between IUIPC and behavioral intention toward releasing personal information at the request of a marketer. We conducted two separate field surveys and collected data from 742 household respondents in one-on-one, face-to-face interviews. The results of this study indicate that the second-order IUIPC factor, which consists of three first-order dimensions--namely, collection, control, and awareness--exhibited desirable psychometric properties in the context of online privacy. In addition, we found that the causal model centering on IUIPC fits the data satisfactorily and explains a large amount of variance in behavioral intention, suggesting that the proposed model will serve as a useful tool for analyzing online consumers' reactions to various privacy threats on the Internet.
The arrival of the "information age" holds great promise in terms of providing organizations with access to a wealth of information stores. However, the free exchange of electronic information also brings the threat of providing easy, and many times unwanted, access to personal information. Given the potential backlash of consumers, it is imperative that both researchers and practitioners understand the nature of consumers' concern for information privacy and accurately model the construct within evolving research and business contexts. Drawing upon a sample of 355 consumers and working within the framework of confirmatory factor analysis, this study examines the factor structure of the concern for information privacy (CFIP) instrument posited by Smith et al. (1996). Consistent with prior findings, the results suggest that each dimension of this instrument is reliable and distinct. However, the results also suggest that CFIP may be more parsimoniously represented as a higher-order factor structure rather than a correlated set of first-order factors. The implication of these results is that each dimension of CFIP as well as the supra dimension derived from the associations among dimensions are important in capturing CFIP and associating the construct to other important antecedents and consequences.
The research examines the relationships between three common trust considerations (vendor, internet and third parties) and attitudes towards online purchasing. The study incorporates privacy and security concerns as a moderating variable and finds that these relationships vary depending on the level of concerns a consumer has when shopping online. Our study suggests that “fears” surrounding the Internet as a place to do business still hinders the use of it for e-commerce purposes, but that the presence of a reputable agent might in some manner mitigate this risk. In the context of business to consumer relationships trust in the vendor is important for the consumer to accept any risk associated with a transaction. Theoretical implications for online customer behaviour theory are also discussed.
Based on focus group interviews, we considered how young adults’ attitudes about privacy can be reconciled with their online behavior. The “privacy paradox” suggests that young people claim to care about privacy while simultaneously providing a great deal of personal information through social media. Our interviews revealed that young adults do understand and care about the potential risks associated with disclosing information online and engage in at least some privacy-protective behaviors on social media. However, they feel that once information is shared, it is ultimately out of their control. They attribute this to the opaque practices of institutions, the technological affordances of social media, and the concept of networked privacy, which acknowledges that individuals exist in social contexts where others can and do violate their privacy.
A Primer on Partial Least Squares Structural Equation Modeling (PLS-SEM), by Hair, Hult, Ringle, and Sarstedt, provides a concise yet very practical guide to understanding and using PLS structural equation modeling (PLS-SEM). PLS-SEM is evolving as a statistical modeling technique and its use has increased exponentially in recent years within a variety of disciplines, due to the recognition that PLS-SEM’s distinctive methodological features make it a viable alternative to the more popular covariance-based SEM approach. This text includes extensive examples on SmartPLS software, and is accompanied by multiple data sets that are available for download from the accompanying website (www.pls-sem.com).
Privacy and its protection is an important part of the culture in the USA and Europe. Literature in this field lacks empirical data from Japan. Thus, it is difficult– especially for foreign researchers – to understand the situation in Japan. To get a deeper understanding we examined the perception of a topic that is closely related to privacy: the perceived benefits of sharing data and the willingness to share in respect to the benefits for oneself, others and companies. We found a significant impact of the gender to each of the six analysed constructs.
How Japan has shaped and evolved the concept of data privacy is examined and how, in this context, it has overcome its culture
of respecting the community and the public at the cost of private interests.
The tradition and history of the Japanese culture of privacy is rooted in Bushi-do, which values public interests. After the right to protect private life was judicially recognized in the 1960s, the rapid
growth of technology which threatened privacy and personal data led to a new concept of privacy as controlling personal information,
as well as to new legislation on protecting personal information.
The Japanese Act of the Protection of Personal Information of 2003, and recent cutting-edge developments regarding privacy
are introduced (for example, regarding consumer protection, Google Street View, social networking, Juki-Net, and a new numbering system for social security and taxation in Japan).
Through a mixture of incorporating the Western way of protecting privacy and the Japanese way of respecting the relationship
between the ‘self’ and ‘others’, privacy protection in Japan is now regarded as the embodiment of society under ‘the ideal
of respecting the personality of the individual’.
This paper explores some of the issues surrounding the use of internet-base d methodologies, in particular the extent to which data from an online survey can be matched to data from a face-to-face survey. Some hypotheses about what causes differences in data from online panel surveys and nationally representative face-to-face surveys are discussed. These include: interviewer effect and social desirability bias in face-to-face methodologies; the mode effects of online and face-to-face survey methodologies, including how response scales are used; and differences in the profile of online panellists - both demographic and attitudinal. Parallel surveys were conducted using online panel and face-to-face (CAPI) methodologies, and data were compared before weighting, following demographic weighting and following 'propensity score weighting' - a technique developed by Harris Interactive to correct for attitudinal differences typically found in online respondents. This paper looks at the differences in data from online and face-to-face surveys and puts forward some theories about why these differences might exist. The varying degrees of success of the weighting are also examined.
A considerable amount of research has examined trust since our 1995 publication. We revisit some of the critical issues that we addressed and provide clarifications and extensions of the topics of levels of analysis, time, control systems, reciprocity, and measurement. We also recognize recent research in new areas of trust, such as affect, emotion, violation and repair, distrust, international and cross-cultural issues, and context-specific models, and we identify promising avenues for future research.
This paper deals with intercultural aspects of privacy, particularly with regard to important differences between Japanese
and the Western views. This paper is based on our discussions with Rafael Capurro – a dialogue now represented by two separate
but closely interrelated articles. The companion paper is broadly focused on the cultural and historical backgrounds of the
concepts of privacy and individualism in “Western” worlds; our main theme focuses on different concepts of privacy in Japan
and their sources in related aspects of Japanese culture. The interrelationship between our two papers is apparent in our
taking up identical or similar topics in each paper. Reading our two papers in conjunction with each other will bring about
deeper and broader insights into the diverse values and worldviews of Japan and Western cultures that underlie concepts of
privacy that at a surface level appear to be similar
There are several factors restricting the development of online-shopping in China, the imperfect privacy protection law and consumers' distrust are the main barriers. By using a sample of 759 Chinese students, our study examined the IUIPC instrument and analyzed the relationship between Internet users' information privacy concerns and their intention to transact online. Consistent with prior findings, the results suggest that IUIPC as a second-order factor structure instrument shows acceptable reliability and validity. The results also indicate that Internet users' trust in online companies' information practices fully moderate the relationship between their information privacy concerns and intentions to transact online. Our findings implicate that the key ways to improve the Chinese B-C commerce development are to reduce the Internet users' information privacy concern and promote their trust in Internet-management through privacy notices.
This study examines cultural factors which may facilitate or impede the sharing of informal information in the context of face-to-face meetings in Chinese compared to Anglo-American organizations. Both qualitative and quantitative data were collected through personally conducted interviews with middle level managers in a sample of Taiwanese and Australian manufacturing firms. The results suggest the importance of individual differences, individual assertiveness, and corporate culture in influencing informal information sharing in Australia; and the trade-off between collective interests, respect for hierarchical status and concern with face in Taiwan.
Understanding information sharing is an important challenge to modern organizations, and is likely to be increasingly considered when IT investment decisions are made world-wide. Our research study investigated the influence of cultural factors on information sharing in China. It was postulated that social network structures such as guanxi, Confucian dynamism, and collectivism could explain the degree to which information sharing took place between people in China. It was found that guanxi, Confucian dynamism, and collectivism all had a significant influence on information sharing.
We present a study that investigates American, Chinese, and Indian social networking site (SNS) users’ privacy attitudes and
practices. We conducted an online survey of users of three popular SNSs in these countries. Based on 924 valid responses from
the three countries, we found that generally American respondents were the most privacy concerned, followed by the Chinese
and Indians. However, the US sample exhibited the lowest level of desire to restrict the visibility of their SNS information
to certain people (e.g., co-workers). The Chinese respondents showed significantly higher concerns about identity issues on
SNS such as fake names and impersonation.
Information privacy has been called one of the most important ethical issues of the informa-tion age. Public opinion polls show rising levels of concern about privacy among Americans. Against this backdrop, research into issues associated with information privacy is increasing. Based on a number of preliminary studies, it has become apparent that organizational practices, individuals' perceptions of these practices, and societal responses are inextricably linked in many ways. Theories regarding these relationships are slowly emerging. Unfortunately, researchers attempting to examine such relationships through confirmatory empirical approaches may be impeded by the lack of validated instruments for measuring individuals' concerns about organizational information privacy practices. To enable future studies in the information privacy research stream, we developed and validated an instrument that identifies and measures the primary dimensions of individuals' concerns about organizational information privacy practices. The development process included examinations of privacy literature; experience surveys and focus groups; and the use of expert judges. The result was a parsimonious 15-item instrument with four sub-scales tapping into dimensions of individuals' concerns about organizational information privacy practices. The instrument was rigorously tested and validated across several heterogenous populations, providing a high degree of confidence in the scales' validity, reliability, and generalizability.
Information privacy refers to the desire of individuals to control or have some influence over data about themselves. Advances in information technology have raised concerns about information privacy and its impacts, and have motivated Information Systems researchers to explore information privacy issues, including technical solutions to address these concerns. In this paper, we inform researchers about the current state of information privacy research in IS through a critical analysis of the IS literature that considers information privacy as a key construct. The review of the literature reveals that information privacy is a multilevel concept, but rarely studied as such. We also find that information privacy research has been heavily reliant on studentbased and USA-centric samples, which results in findings of limited generalizability. Information privacy research focuses on explaining and predicting theoretical contributions, with few studies in journal articles focusing on design and action contributions. We recommend that future research should consider different levels of analysis as well as multilevel effects of information privacy. We illustrate this with a multilevel framework for information privacy concerns. We call for research on information privacy to use a broader diversity of sampling populations, and for more design and action information privacy research to be published in journal articles that can result in IT artifacts for protection or control of information privacy.
Existing constructs for privacy concerns and behaviors do not adequately
model deviations between user attitudes and behaviors. Although a number of
studies have examined supposed deviations from rationality by online users,
true explanations for these behaviors may lie in factors not previously
addressed in privacy concern constructs. In particular, privacy attitudes and
behavioral changes over time have not been examined within the context of an
empirical study. This paper presents the results of an Agile, sprint-based
longitudinal study of Social Media users conducted over a two year period
between April of 2009 and March of 2011. This study combined concepts drawn
from Privacy Regulation Theory with the constructs of the Internet Users'
Information and Privacy Concern model to create a series of online surveys that
examined changes of Social Media privacy attitudes and self-reported behaviors
over time. The main findings of this study are that, over a two year period
between 2009 and 2011, respondents' privacy concerns and distrust of Social
Media Sites increased significantly, while their disclosure of personal
information and willingness to connect with new online friends decreased
significantly. Further qualitative interviews of selected respondents
identified these changes as emblematic of users developing ad-hoc risk
mitigation strategies to address privacy threats.
A major inhibitor to e-commerce stems from the reluctance consumers have to complete transactions because of concern over the use of private information divulged in online transaction processing. Because e-commerce occurs in a global environment, cultural factors are likely to have a significant impact on this concern. Building on work done in the area of culture and privacy, and also trust and privacy, we explore the three way relationship between culture, privacy and trust. Better, more appropriate, and contemporary measures of culture have recently been espoused, and a better understanding and articulation of internet users information privacy concern has been developed. We present the results of an exploratory study that builds on the work of Milberg, Gefen, and Bellman to better understand and test the effect that national culture has on trust and internet privacy.
This study assesses the impact of economic ideology and national culture on the individual work values of managers in the United States, Russia, Japan, and China. The convergence-divergence-crossvergence (CDC) framework was used as theoretical framework for the study, while the Schwartz Value Survey (SVS) was used to operationalize over investigation of managerial work values across these four countries. The findings largely support the crossvergence prospective, while also confirming the role of national culture. Implications from the findings are drawn for the convergence-divergence-crossvergence of values, as well as for the feasibility of multidomestic or global strategies for a corporate culture.© 1997 JIBS. Journal of International Business Studies (1997) 28, 177–207
This study develops a culture-contingent model of trust formation in emergent relationships by comparing how trust-warranting signs shape attributions of trustworthiness to unfamiliar trustees in collectivist versus individualist cultures. We predict and find that the effectiveness of dispositional and contextual signs varies systematically depending on trustors’ national culture. Collectivists tend to rely less on dispositional signs and more on situational signs than individualists. This difference fosters distinct trust-building pathways. Individualists bestow trust based on a trustee’s perceived ability and integrity, collectivists’ trusting choices depend to a greater extent on predictable, benevolent interactions with a potential partner. These findings suggest that, in cross-cultural encounters, signs aligned with trustors’ cultural expectations hasten trust production. Mismatched signs are impotent, even off-putting.
Cyber crime: Number of breaches and records exposed
- J Clement
Clement, J. (2019). Cyber crime: Number of breaches and records exposed 2005-2018. Retrieved from
https://www.statista.com/statistics/273550/data-breaches-recorded-in-the-united-states-by-number-ofbreaches-and-records-exposed/.
JonDonym Users' Information Privacy Concerns
- D Harborth
- S Pape
Harborth, D. & Pape, S. (2018). JonDonym Users' Information Privacy Concerns. Paper presented at the
33rd IFIP International Conference on ICT Systems Security and Privacy Protection, Poznan, Poland.
Nonresponse in the requirement of an Internet panel based on probability sampling
- A W Hoogendorn
- J Daalmans
Hoogendorn, A.W., & Daalmans, J. (2009). Nonresponse in the requirement of an Internet panel based on
probability sampling. Survey Research Methods, 3(2), 59-72.
Adult education level (indicator)
- Oecd
OECD. (2016). Adult education level (indicator). Retrieved from https://data.oecd.org/eduatt/adulteducation-level.htm.
Distribution of internet users in Japan as of
- Ofcom
Ofcom. (2015). Distribution of internet users in Japan as of August 2015, by age group and gender.
Retrieved from https://www.statista.com/statistics/276045/age-distribution-of-internet-users-in-japan/.