Exploratory factor analysis for cybersecurity regulation and consumer data in autonomous vehicle acceptance: Insights from four OECD countries

Abstract

No study has systematically investigated the public's perceptions of cybersecurity regulation, data generated by Autonomous Vehicles (AVs), and their relationship with the acceptance of AVs. To fill this knowledge gap, we conducted an exploratory study on public perceptions of cybersecurity regulation and consumer data in AVs acceptance by surveying nationally representative individuals from four OECD countries (US, UK, Australia, and New Zealand). A total of 2062 responses collected from the survey underwent Exploratory Factor Analysis (EFA) to examine constructs such as Cybersecurity Regulation, Data Sharing, Data Usage, Data Concerns, and intention to use AVs. Correlation analysis further explored the relationships between these constructs, while Mann-Whitney U and Kruskal-Wallis H tests assessed the significance of differences across participant groups.

The empirical findings indicate that 80% of respondents agreed on the necessity of cybersecurity regulation for AV operations, with 67% perceiving it as a means to enhance AV safety. Surprisingly, 66% supported cybersecurity regulation despite the potential risk of exposing their personal information. Individuals who are more willing to share AV data also expressed a higher likelihood of using AVs. Furthermore, those who agreed more with cybersecurity regulations were more inclined to be compensated for their data transmission while expressing concerns about data storage and processing. Moreover, around 53% of participants feel they should be compensated for sharing their AV data, with 68% expressing concern about AVs' data storage and processing and 71% supporting the destruction of AV data post-sale. Regarding data privacy concerns, “In-vehicle Private Conversation” draws notable attention, rated very important or extremely important by 64% of the participants. The findings highlight the importance of cybersecurity regulation, data sharing, and data concerns in shaping individuals' intentions to use AVs, as well as the influence of socio-technological attributes.

Full text

Transportation Research Interdisciplinary Perspectives 25 (2024) 101084
Available online 9 April 2024
2590-1982/© 2024 The Authors. Published by Elsevier Ltd. This is an open access article under the CC BY license (http://creativecommons.org/licenses/by/4.0/).
Exploratory factor analysis for cybersecurity regulation and consumer data
in autonomous vehicle acceptance: Insights from four OECD countries
Shah Khalid Khan
a
,
b
,
*
, Nirajan Shiwakoti
b
, Peter Stasinopoulos
b
, Yilun Chen
b
,
c
,
Matthew Warren
a
,
d
a
Center of Cyber Security Research & Innovation, RMIT University Melbourne, Australia
b
School of Engineering, RMIT University Melbourne, Australia
c
Simulation and Modelling Team, Transport for New South Wales, Sydney, Australia
d
RMIT University Australia & University of Johannesburg, South Africa
ABSTRACT
No study has systematically investigated the public’s perceptions of cybersecurity regulation, data generated by Autonomous Vehicles (AVs), and their relationship
with the acceptance of AVs. To ll this knowledge gap, we conducted an exploratory study on public perceptions of cybersecurity regulation and consumer data in
AVs acceptance by surveying nationally representative individuals from four OECD countries (US, UK, Australia, and New Zealand). A total of 2062 responses
collected from the survey underwent Exploratory Factor Analysis (EFA) to examine constructs such as Cybersecurity Regulation, Data Sharing, Data Usage, Data
Concerns, and intention to use AVs. Correlation analysis further explored the relationships between these constructs, while Mann-Whitney U and Kruskal-Wallis H
tests assessed the signicance of differences across participant groups.
The empirical ndings indicate that 80% of respondents agreed on the necessity of cybersecurity regulation for AV operations, with 67% perceiving it as a means to
enhance AV safety. Surprisingly, 66% supported cybersecurity regulation despite the potential risk of exposing their personal information. Individuals who are more
willing to share AV data also expressed a higher likelihood of using AVs. Furthermore, those who agreed more with cybersecurity regulations were more inclined to
be compensated for their data transmission while expressing concerns about data storage and processing. Moreover, around 53% of participants feel they should be
compensated for sharing their AV data, with 68% expressing concern about AVs’ data storage and processing and 71% supporting the destruction of AV data post-
sale. Regarding data privacy concerns, “In-vehicle Private Conversation” draws notable attention, rated very important or extremely important by 64% of the
participants. The ndings highlight the importance of cybersecurity regulation, data sharing, and data concerns in shaping individuals’ intentions to use AVs, as well
as the inuence of socio-technological attributes.
1. Introduction
The emergence of innovative automotive solutions designed to
improve road transportation safety, comfort, and sustainability has
given consumers more options, including the potential adoption of
Autonomous Vehicles (AVs). The Society of Automotive Engineers (SAE)
classies driving automation into six stages: Level 0 is no automation,
Level 1 and 2 is assisted driving, and Level 3 is conditional automation.
Similarly, Level 4 is high automation, and Level 5 is full automation
(SAE-International, 2018). The transition of automotive systems from
electromechanical to electronic and software-driven components has
enabled AV real-time connectivity while integrating technology rms,
software developers, and sensor manufacturers into AV operations
(Khan et al., 2020).
The digital transition (AVs operating at Levels 4 and 5), the incor-
poration of many stakeholders (Leminen et al., 2022; Leon and Aoyama,
2022), and the emergence of new economic opportunities have all
generated new legal challenges (Waltermann and Henkel, 2023). The
most important task is to lessen illegal activity in both the digital and
physical spheres, level the playing eld for all parties involved, and
protect the rights and privileges of consumers. This necessitates the
formulation of AV cybersecurity regulation and its application to ensure
adequate cybersecurity compliance. The cybersecurity regulation is a
blueprint for dening and documenting cybersecurity goals, standards,
and recommendations for a cyber-safe AV-based Intelligent Trans-
portation System (ITS) (Katrakazas et al., 2020).
The cybersecurity regulation is of utmost importance because the
established legal frameworks are unable to keep up with the disruptive
nature of AV technology, and the public is concerned about the lack of
regulation. For example, there is a worry that Personal Identiable In-
formation (PII) (such as geolocation information and travel patterns)
produced in AV operations may be exploited (Yu and Cai, 2022; Khan
* Corresponding author.
E-mail addresses: shah.khalid.khan2@student.rmit.edu.au, shahkhalid_k@yahoo.com (S. Khalid Khan).
Contents lists available at ScienceDirect
Transportation Research Interdisciplinary Perspectives
journal homepage: www.sciencedirect.com/journal/transportation-
research-interdisciplinary-perspectives
https://doi.org/10.1016/j.trip.2024.101084
Received 8 August 2023; Received in revised form 22 December 2023; Accepted 27 March 2024

Transportation Research Interdisciplinary Perspectives 25 (2024) 101084
2
et al., 2023a,b,c). Consumers need to be aware of and able to exercise
choice about the collection, processing, and storage of their PII in
accordance with compliance regulations such as the General Data Pro-
tection Regulation (GDPR). However, there are still certain gaps in
consumer protection, notwithstanding the improvements made by
GDPR. For instance, internet advertising is riddled with potential abu-
ses, and data brokers continue to acquire and sell customer data
(Burgess, 2022). Therefore, assessing consumer perception regarding
the necessity of cybersecurity regulation to safeguard AVs, its potential
to enhance AV operations safety, and consumer comfort in supporting
cybersecurity regulation, even if it may disclose PII, becomes crucial.
Moreover, the rise in cybercrime, its frequent discussion, its impact on
PII, and its consequences have heightened these worries.
In recent years, regulations governing the operation of AVs in cy-
berspace and consumer AV-generated data have garnered the interest of
academics, automakers, and decision-makers. Despite not being factored
in conventional acceptance models, the literature demonstrates that
these dimensions and their associated concerns are major determinants
of AV adoption (Penmetsa et al., 2019; Nair and Bhat, 2021). There are,
nonetheless, signicant knowledge gaps in this domain. First, research is
scarce on the psychological underpinnings of public acceptance of AVs
in the context of cybersecurity regulation (Cohen et al., 2020). There is a
paucity of empirical studies that assess the public’s perception of the
importance of cybersecurity regulation in AV operations and its efcacy
in improving safety. Second, the literature lacks empirical research to
quantify public support for cybersecurity regulation. Similarly, addi-
tional research is required to determine how consumers perceive the
collection, sharing, and storage of AV-generated data and its associated
concerns.
The current state of AV technology and the regulatory landscape
underscores the urgent need to ll the aforementioned knowledge gaps.
As AVs become increasingly integrated into our lives, cybersecurity
regulations will be essential for ensuring safe operations. Addressing the
public’s psychological concerns and quantifying their support for these
regulations is crucial for fostering trust and widespread adoption. Ulti-
mately, lling these knowledge gaps will pave the way for safer and
more secure AV technology and contribute valuable insights to the
broader elds of human–computer interaction, data governance, and
public policy. Moreover, it enables decision-makers and automakers to
consider the formal scope of consumer data in various aspects of AV
adoption, including AV design and manufacturing, sales and marketing,
AV operation, and urban architecture.
The primary goal of this study is to conduct an exploratory investi-
gation into public perceptions concerning cybersecurity regulation and
consumer data in the acceptance of AVs. The study encompasses three
key objectives. Firstly, it delves into the dimensions of critical con-
structs, namely cybersecurity regulation, data sharing, data usage, and
data concerns. This exploration is centred on understanding public
perspectives regarding the adoption and deployment of AVs. Secondly,
the study aims to analyse the interrelationships among these ve con-
structs, shedding light on the complex dynamics that inuence percep-
tions in this domain. Thirdly, the research delves into the statistical
signicance of variations in socio-demographic attributes, including
age, gender, geographic location, income level, and technological
knowledge (related to AVs or cybersecurity), with the aim of uncovering
potential inuencers on these constructs. Through this comprehensive
approach, the study strives to contribute valuable insights into the
nuanced landscape of public attitudes toward cybersecurity and data-
related aspects in the context of embracing AVs.
A nationally representative sample of 2062 individuals of 2062 in-
dividuals from four OECD countries (US, UK, Australia, and New Zea-
land) underwent statistical analysis to achieve the research objectives.
Exploratory Factor Analysis (EFA) was employed to identify underlying
patterns and relationships among the constructs. This facilitated
dimension reduction, latent variable discovery, and construct validity
assessment. Spearman’s rank correlation analysis then investigated the
strength and direction of associations between these constructs. Addi-
tionally, socio-demographic, and technological knowledge attributes
were assessed through Mann-Whitney U and Kruskal-Wallis tests to
identify potential differences in their inuence on the constructs across
various demographic groups.
Understanding the public’s perception of cybersecurity regulation
and AV-generated data is crucial for policymakers, industry stake-
holders, and society. Firstly, grasping public concerns and support for
cybersecurity regulation frameworks guides policymakers in formu-
lating effective regulations, thereby increasing compliance. Identifying
public anxieties about AV technology and data practices allows proac-
tive risk management. Secondly, understanding public preferences on
data privacy informs industry stakeholders, aligning AV technology with
expectations. This insight aids AV automakers and technology de-
velopers in tailored consumer AV data proling under the umbrella of
cybersecurity regulation across AV adoption stages. Thirdly, identifying
signicant relationships among the constructs provides valuable insights
into how different aspects of data and regulation inuence the public’s
perception of AVs. Additionally, it will unveil crucial information for
tailoring communication strategies and promoting the broader accep-
tance of AVs.
2. Theoretical background
This section presents a theoretical background for the ve proposed
constructs: cybersecurity regulation, data sharing, data usage, data
concerns, and intention to use AVs. These constructs were systematically
derived through “meta-synthesis”, which refers to the in-depth review
and integration of ndings from qualitative AV literature (Walsh and
Downe, 2005; Lachal et al., 2017). A total of 172 publications were
selected to document the development of AV technology and the
emergence of cyber regulation in relation to AV deployment. The au-
thors’ previous work on cyber-attacks on AVs (Khan et al., 2020; Khan
et al., 2023a,b,c), cybersecurity assessment models for AVs (Khan et al.,
2021; Khan et al., 2023a,b,c), and the empirical investigation of
perceived cyber hurdles to AV deployment (Chen et al., 2023; Khan
et al., 2023a,b,c) played a considerable role in identifying these
dimensions.
2.1. Av’s cybersecurity regulations
The cybersecurity regulation can be envisioned as a stock of cyber-
security goals for the cyber-safe operation in ITS and processes that
should be used to ensure cybersecurity compliance (Khan et al., 2020).
In essence, the most important effect on the requirement (or lack of
necessity) for infrastructure transformation in ITS is the substance of
regulatory choices made, both nationally and internationally, on how
AVs will be accommodated and what kind of vehicle autonomy will be
enabled (Wu et al., 2023). The legal landscape is becoming more com-
plex and dynamic as AV intelligence advances. Although there is a
paucity of explicit empirical studies assessing the impact of cyberse-
curity regulation on the adoption of AVs, regulation is an important
topic frequently discussed in AV literature (Stoma et al., 2021). Public
perception studies focus more on AV regulation in general (Nair and
Bhat, 2021) rather than cybersecurity regulation, particularly in light of
the public’s rapid digital sophistication.
2.2. Customer-Centric contextualisation of AV’s cybersecurity regulations
Based on a meta-exploratory literature review, the assessment of the
public’s perception of cybersecurity regulation can be categorised into
three stages, as illustrated in Figure 1. First is the pre-deployment phase,
which focuses on the design of the AVs, road testing, and deployment
preparedness. This involves extensive testing of the vehicle’s sensors and
algorithms and its ability to navigate various environments and trafc
conditions currently happening across the globe (UK_Govt; Austroads,
S. Khalid Khan et al.

Transportation Research Interdisciplinary Perspectives 25 (2024) 101084
3
2021; Vicroads, 2021). In this stage, an assessment can be conducted to
gauge customers’ perceptions regarding the signicance of introducing
cybersecurity regulations specically designed to safeguard AVs. This
involves evaluating how customers perceive the importance of imple-
menting regulatory measures to enhance AVs’ cybersecurity.
In the deployment stage, the AV is released and put into use. This
involves deploying the vehicle in a limited or controlled setting, such as
a designated testing area or a pilot program, to monitor its performance
and ensure that it is safe and reliable. Once the vehicle has been proven
to be safe and reliable, it may be deployed more widely for use on public
roads. In this stage, an examination is carried out to delve into cus-
tomers’ perspectives on the effectiveness of cybersecurity regulations in
ensuring AV safety and security (Khan et al., 2023a,b,c). This involves
assessing how customers perceive the efcacy of cybersecurity regula-
tions in safeguarding AVs from potential cyber threats and
vulnerabilities.
The post-deployment phase evaluates consumers’ perceptions about
the potential support for cybersecurity regulation. During this phase,
customers would thoroughly understand that cybersecurity regulation
may enable the disclosure of PII (Yu and Cai, 2022), such as location
tracking, travel patterns, speed, vehicle identication, and daily
schedules, to various stakeholders: communication providers, technol-
ogy (software and hardware) vendors, and government institutions.
Consequently, this stage will assess the consumer perspective of cyber-
security regulation despite the potential risk of exposing their PIIs.
Nevertheless, there is a general agreement in the literature about the
importance of regulation in AV operations. For instance, Fagnant and
Kockelman (2015) argued that security threats should be addressed
from a legislative perspective to safeguard the travelling public.
Furthermore, Waung et al. (2021) examined regulation from the con-
sumers’ perspective, focusing on trust in AV regulation, security risk,
and AV adoption. The authors found a positive correlation between trust
in AV regulation and behavioural intention. They also explored the
mediating role of trust in AV regulation between security risk and AV
adoption. Contrary to this notion, Khan et al. (2021) presented a system-
dynamic model for assessing the breadth of cybersecurity regulation in
AV operations. The authors demonstrated the “shifting the burden”
system archetype in which policymakers respond to perceived cyber
threats by updating legislation and reducing AV adaptation through
imitation.
Subsequently, it is essential to investigate the empirical relationship be-
tween these cyber-regulation dimensions and AV use intent.
2.3. Av-generated data sharing and Usage
The levels of data generated (camera 20–40 KB/sec, RADAR 10–100
KB/sec, GPS 50 KB/sec, and LIDAR 10–70 KB/sec) are more valuable
than the vehicle itself, enabling the creation of new revenue streams in
AV-based ITS in addition to enabling AVs operations (Velde et al., 2017;
Nicole McMillan and Papworth, 2023). Simultaneously, key stake-
holders, such as other AVs or ITS infrastructure service providers,
require this data to enable AV operation. Automakers need AV data to
train and improve the articial intelligence and machine learning al-
gorithms as well as ethical programming that enables autonomous
driving. In order to evaluate vehicle performance in real-world condi-
tions and identify areas for improvement, automakers may need to
transfer data to overseas manufacturing facilities.
Similarly, insurance providers need AV data to assess and price risk
accurately and develop new services to meet customers’ changing needs
in a world of autonomous mobility. Insurers can also use the data to
identify trends and patterns to improve underwriting and claims man-
agement. Moreover, the availability of AV data to government entities
such as tax authorities plays a crucial role in combating fraud and tax
evasion within the constantly evolving and complex mobility services
industry. For instance, when individuals or businesses seek to claim
motor vehicle expenses or deductions for parking fees and tolls, as
specied by the Australian Taxation Ofce (Australian_Taxation_Ofce,
2023), it is essential to ensure that these claims are consistent with the
actual usage of AVs. On the other hand, consumers are becoming aware
of the relevance of AV data as digital savagery develops. The intent is
growing for individuals to be aware of and able to exercise choice about
collecting, processing, and storing their PII.
Nonetheless, it is critical to investigate the relationship between AV
intention and consumer comfort of AV data sharing with other AVs, ITS
infrastructure service providers, automakers, insurers, tax authorities, and
overseas locations.
2.4. AV-generated data concerns
Massive AV data containing PII is a potential source of concern for
consumers. PII containing geographic information may be used to gain
consumer insights regarding their location and travel frequency. Simi-
larly, in-vehicle conversations may allow unauthorised individuals to
listen in on occupants’ conversations and collect sensitive personal in-
formation, jeopardising their privacy and security (Zhou et al., 2019;
Miller et al., 2020). Furthermore, if the in-vehicle communication sys-
tem is compromised, unauthorised access and control of the vehicle’s
systems may occur, endangering the vehicle’s and its occupants’ safety.
In-vehicle entertainment search terms like “website used”,
“preferred new channels”, “favourite movies”, and “social media pro-
les” can reveal sensitive personal information that hackers or other
malicious actors could use for identity theft, fraud, or other nefarious
purposes. If not properly secured, this information could also be used for
targeted advertising or intrusive marketing, compromising user privacy
(Seuwou et al., 2020). Moreover, consumers may perceive the vehicle’s
specications and status as potential privacy concerns; disclosing such
sensitive information could compromise their privacy. Vehicle data
could be misused in various ways, including identity theft or targeted
advertising. Additionally, it opens avenues for criminals to access and
misuse vehicle data, enabling actions such as unlocking a car or taking
control of its systems.
Consequently, it is necessary to investigate the relationship between the
intention to use AVs and concerns regarding location tracking, travel pattern,
in-vehicle conversation, in-vehicle entertainment, and vehicle specication
and status.
Table 1 demonstrates the sources and operationalisation of the scale
items.
Based on the above discussion, the following hypotheses are
formulated:
H1: Survey items related to cybersecurity regulation (PCR1, PCR2, and
PCR3) will load onto a factor representing “Perceived Cybersecurity Regu-
lation (PCR).”.
Fig. 1. Three deployment stages for customer-centric contextualisation of AV’s
cybersecurity regulations.
S. Khalid Khan et al.

Transportation Research Interdisciplinary Perspectives 25 (2024) 101084
4
H2: Survey items related to AV data sharing (PDS1, PDS2, PDS3, PDS4,
PDS5, and PDS6) will load onto a factor representing “Perceived Data
Sharing (PDS).”.
H3: Survey items related to AV data usage (PDU1, PDU2, and PDU3)
will load onto a factor representing “Perceived Data Usage (PDU).”.
H4: Survey items related to AV data concerns (PDC1, PDC2, PDC3,
PDC4, and PDC5) will load onto a factor representing “Perceived Data
Concerns (PDC).”.
Moreover, to assess the relationship among the various constructs,
the following hypothesis is formulated:
H5: There is a signicant correlation between:
a. PCR and the intention to adopt AVs. f. PCR and PDU.
b. PDS and the intention to adopt AVs. g. PCR and PDC.
c. PDU and the intention to adopt AVs. h. PDS and PDU.
d. PDC and the intention to adopt AV. i. PDS and PDC.
e. PCR and PDS j. PDU and PDC.
2.5. Socio-demographic and technological attributes and AV acceptance
A substantial body of literature has investigated how socio-
demographic and technological characteristics inuence perceptions
of AV adoption. These studies provide a solid framework for assessing
public opinion and lay the groundwork for multivariate analysis. The
study undertaken by Panagiotopoulos and Dimitrakopoulos (2018) on
individuals of various ages and genders demonstrates a range of worries
about data privacy while using AVs. Older and middle-aged people are
more concerned than younger generations about disclosing personal
information (Van den Broeck et al., 2015). To summarise, there is
widespread agreement that men, young adults, well-educated people,
and people from wealthy families who live in cities are more accepting
of AVs (Nair and Bhat, 2021). However, a study by Lavieri and Bhat
(2019) in a US metropolitan area found no signicant effect of gender on
individuals’ privacy sensitivity levels.
Similarly, previous research has demonstrated the importance of
technical attributes such as AV comprehension and cybersecurity
expertise in explaining AV adoption. According to Zmud and Sener
(2017), technology-savvy people are more likely to use AVs. Chang et al.
(2009) stated that the public’s lack of knowledge and awareness of risk
factors impedes effective barrier prevention. In addition, the capability
of individuals to accurately classify cybersecurity risks varies consider-
ably. For instance, a study conducted by Yan et al. (2018) with college
students illustrates that only 23 % can correctly navigate less than 50 %
of all cybersecurity scenarios, while only 4 % can manage more than 90
%. Moreover, cybersecurity expertise is crucial for safeguarding AVs
against cyber threats (Khan et al., 2021).
Therefore, it is essential to investigate the statistical signicance of
differences among socio-demographic characteristics such as age, gender,
geographic location, income level, and technological knowledge (about AVs
and cybersecurity) on factors including cybersecurity regulation, data
sharing, data usage, data concerns, and intention to use AVs.
Based on the above discussion, the following hypothesis is
formulated:
H6: There is a signicant difference in the perception of PCR, PDS, PDU,
PDC, and intention to adopt AVs among different:
a. Gender groups. e. Levels of AV understanding.
b. Age groups. g. Levels of cybersecurity understanding.
c. Income levels. h. Geographic locations (US, UK, New Zealand, Australia).
d. Education levels.
3. Methodology
This section explains the questionnaire and its components, partici-
pant proles, and methods for data processing.
3.1. Questionnaire survey
The study design is a structure for gathering, interpreting, and con-
necting data to the research goals. The literature distinguishes between
ve levels of automation (SAE-International, 2018); this study focuses
Table 1
Items and measurement scales.
Constructs Items and
Coding
Questions
Perceived Cybersecurity
Regulation (PCR)
PCR1 I believe that it is essential to introduce
cyber regulations aimed at safeguarding
self-driving vehicles.
PCR2 I believe that potential AV cyber
regulations will make self-driving
vehicles safer.
PCR3 I would support cybersecurity
regulations aimed at preventing hacking
of self-driving vehicles, even it’s about
the disclosure of privacy of my
personally identiable information such
as location tracking, travel patterns, and
daily schedules etc.
Perceived Data-Sharing
(PDS)
PDS1 I am comfortable with sharing my
vehicle transmitting data (including my
location and travel pattern) to other
vehicles.
PDS2 I am comfortable with sharing my
vehicle transmitting data (including my
location and travel pattern) to
automakers.
PDS3 I am comfortable with sharing my
vehicle transmitting data (including my
location and travel pattern) to insurance
providers.
PDS4 I am comfortable with sharing my
vehicle transmitting data (including my
location and travel pattern) to road
infrastructure service providers.
PDS5 I am comfortable with sharing my
vehicle transmitting data (including my
location and travel pattern) to
government entities, such as tax
authorities.
PDS6 I am comfortable with sharing my
vehicle transmitting data to an overseas
location.
Perceived Data Usage
(PDU)
PDU1 I would like to be paid for sharing my
vehicle transmitting data.
PDU2 I am concerned where my self-driving
data is stored and how it’s processed.
PDU3 When I sell my self-driving vehicle, I
want to destroy all data associated with
it
Perceived Data Concerns PDC1 I considered location tracking a worry
regarding my self-driving vehicle data.
PDC2 I considered the travel pattern a worry
regarding my self-driving vehicle data.
PDC3 I considered the in-vehicle conversation
a worry regarding my self-driving
vehicle data.
PDC4 I considered in-vehicle entertainment
search terms like “website used,”
“preferred new channels,” “favourite
movies,” or “social media proles” as a
worry regarding my self-driving vehicle
data.
PDC5 I considered vehicle specication and
status as a worry regarding my self-
driving vehicle data.
Intention to Use (IU)
Based on (Davis et al.,
1989; Choi and Ji, 2015)
IU1 I intend to use the self-driving vehicle.
IU2 I will spread positive words about self-
driving vehicles.
IU3 I will advocate self-driving vehicles to
others.
S. Khalid Khan et al.

Transportation Research Interdisciplinary Perspectives 25 (2024) 101084
5
on road motor vehicles with Level 4 or 5 functionality. The question-
naire is divided into three sections. The consent block and participant
information sheet are in the rst section, which also contains a brief
project description and an overview of AVs: “This project aims to explore
how the public perceives driverless cars. It is anticipated that driverless cars
will be on the road by 2030. Driverless cars use advanced sensors, commu-
nication, and software to automate driving tasks such as steering, accelera-
tion, lane changing, parking, and braking. For example, a driverless car can
transport you from home to your workplace without you driving the car. You
can relax inside the car and do your other work on your laptop or watch the
scenery outside while the driverless car drives you towards your destination.”.
The second section includes participants’ socio-demographic and
technological attributes. The nal section of the questionnaire included
scales for measuring the proposed model’s constructs. The survey was
designed based on a knowledge-mapping approach to innovation man-
agement theory (Hidalgo and Albors, 2008) that involves conducting a
meta-exploratory literature analysis. Some of the measuring items are
revised based on the expert review, which includes contributions from
four cybersecurity professionals, three automotive industry pro-
fessionals, three human factors specialists, ve PhD researchers (inter-
disciplinary), and ve undergraduate students. Table 1 demonstrates the
sources and operationalisation of the scale items. Due to the dearth of
constructs and measures specic to perceived cybersecurity regulation
and consumer data, the constructs and measures presented in this study
will substantially contribute to the literature on AV adoption.
Most items were rated on a seven-point scale that ranged from
“strongly disagree” (=1) to “strongly agree” (=7). The only exception
was that the AV-generated data concerns were rated on a ve-point scale
that ranged from “Not at all important” (=1) to “Extremely important”
(=5). In addition, all procedures were conducted in compliance with
applicable rules and regulations, and the Science, Technology, Engi-
neering, and Mathematics College of Human Ethics Advisory Network
approved the ethics application for this research (Reference Number
25065). The pilot study revealed that completing the questionnaire
takes approximately 13–16 min.
3.2. Participants
Qualtrics collected the online survey data. Qualtrics is a reputable
research service provider utilised by numerous academic institutions
and organisations worldwide to conduct research (QUALTRICS, 2023).
A written contract conveyed the requirement and quality check to
Qualtrics. Qualtrics has a record of interested participants who are
reimbursed under the terms agreed upon with them. The research
included individuals at least 18 years old, and all respondents provided
informed consent.
The study utilized a simple random sampling technique for data
collection, ensuring each element in the population had an equal chance
of being included in the sample. Several specic measures were imple-
mented to ensure the quality of the survey. Firstly, a clear introduction
was provided regarding the introduction of AVs. Secondly, the
completion of all questions was made mandatory. Thirdly, quality
checks, including speed checkers and CAPTCHAs, were utilised to
enhance response reliability. Finally, GeoIP verication was employed
to conrm the sample’s origin in the respective region. Individuals
meeting the study’s eligibility criteria were directed to the next survey
page, and a soft launch involving 200 responses helped verify the pilot
test. A total of 2,500 individuals ultimately participated in the survey.
Outliers, which are observations that deviate signicantly from the
majority of the dataset, can substantially impact statistical analysis and
data interpretation. Therefore, their identication and appropriate
handling were necessary to ensure accurate and reliable results.
Consequently, the nal dataset consisted of 2,062 respondents, distrib-
uted as follows: 525 from the United States, 511 from New Zealand, 524
from Australia, and 502 from the United Kingdom. These countries are
part of the Organisation for Economic Cooperation and Development
(OECD). In the literature, the recommended minimum sample size
ranges from 200 to 400 (Molwus et al., 2013); nevertheless, to ensure
robustness in the data, we have considered more than 500 for each
country. Therefore, the sample size in this study is considered sufcient
for survey-based research (Memon et al., 2020).
The collection of data from these nations holds paramount impor-
tance for several compelling reasons. Firstly, the Global Cybersecurity
Index (ITU), a recognized metric assessing countries’ dedication to
cybersecurity on a global scale, underscores the cybersecurity commit-
ment of all four countries with scores surpassing 80 (SEON, 2022).
Secondly, they exhibit a notable trajectory of AV adoption, characterised
by compelling AV initiatives backed by substantial investments
(UK_Govt; Austroads, 2021; Vicroads, 2021). Thirdly, a substantial
portion of the population in these nations engages in extensive road
travel, emphasizing the societal relevance of studying perceptions and
behaviours related to AVs. Lastly, the collaborative efforts among reg-
ulatory bodies in these countries are evident in the establishment of
Cybersecurity Best Practices for Smart Cities. These guidelines specif-
ically address emerging risks associated with the expansion and inter-
connection of attack surfaces, vulnerabilities in the ICT supply chain,
and the growing automation of infrastructure operations (Tabone et al.,
2021; CISA, 2023), underlining the proactive approach taken to ensure
the security of smart city technologies.
Table 1 (in the Appendix) illustrates the socio-demographic and
technological characteristics of the respondents. Additionally, Fig. 2
depicts the socio-demographic and technological features of the entire
dataset. In contrast, Fig. 3 presents the representative sample of in-
dividuals from four OECD countries.
3.3. Data analysis
The study utilizes an exploratory approach to assess the evolving
dimensions of cybersecurity regulation and consumer data in the
acceptance of AVs. Given the recent emergence of these dimensions, an
exploratory methodology is deemed essential to comprehensively
investigate their impact. The statistical analysis utilised various tech-
niques, such as descriptive statistics, Exploratory Factor Analysis (EFA),
correlation analysis, Mann-Whitney U, and Kruskal-Wallis H tests.
Descriptive statistics offer a concise overview of the data, highlighting
key features and patterns, enabling comparisons, and supporting
informed decision-making.
EFA was employed to ascertain the factor structure of the constructs
(Fabrigar and Wegener, 2011). In the initial step, Communalities were
calculated to assess the level of variation for each item. Communalities
above 0.50 conrmed the inclusion of items for further analysis. The
subsequent phase involved Kaiser-Meyer-Olkin Sampling Adequacy
(MSA) and Bartlett’s test. If MSA is equal to or greater than 0.60, and
Bartlett’s test of Sphericity is signicant (p <0.05), the data is consid-
ered suitable for proceeding with EFA. Following this, EFA utilised
principal component analysis and the varimax rotation approach to
determine the Eigen Values and Scree plot, illustrating the number of
factors in the data. Moving forward, the rotated component matrix in
EFA shows the correlations (factor loadings) between the original vari-
ables and the identied factors after rotation, aiding in interpreting and
simplifying the underlying factor structure. Moreover, several mea-
surements were conducted to assess the constructs’ robustness based on
their items, including Cronbach’s Alpha, Composite Reliability, and
Average Variance Extracted (AVE) (Shrestha, 2021).
Thirdly, Spearman-Rho correlations were conducted to examine the
relationships among the ve constructs. Spearman’s rank correlation
coefcient, commonly known as Spearman’s rho, is applied to assess the
strength and direction of a relationship between two variables, partic-
ularly used when the data is ordinal. Lastly, the survey results under-
went statistical analysis using Mann-Whitney U and Kruskal-Wallis H
tests to assess the signicance of differences across grouping factors, as
indicated by the preference scale. The Mann-Whitney U test is employed
S. Khalid Khan et al.

Transportation Research Interdisciplinary Perspectives 25 (2024) 101084
6
for demographics with two groups (such as gender), while the Kruskal-
Wallis test is suitable for more than two grouping variables (such as age)
(Liljamo et al., 2018; Liu et al., 2022). Before conducting these tests,
several assumptions were validated: the dependent variables were
assessed ordinally, the independent variables were divided into two
groups for the Mann-Whitney U test, and more than two groups for the
Kruskal-Wallis test, and each observation was treated as independent.
Tests were carried out individually for each dimension assessment. The
data analysis was performed using IBM SPSS Version 28.0.1.1.
Fig. 2. Socio-demographic and technological characteristics of the respondents.
S. Khalid Khan et al.

Transportation Research Interdisciplinary Perspectives 25 (2024) 101084
7
4. Empirical results
4.1. Descriptive analysis
The descriptive statistics for each survey item are summarised in
Table 2 of the Appendix. A brief description is provided below.
Perceived Cybersecurity Regulation: In general, participants are
increasingly aware of the need for cybersecurity regulation to ensure the
security and integrity of the operation of AVs (median: 6.00). The ma-
jority of respondents (80 %) agreed (somewhat agree, agree, and
strongly agree), indicating a generally positive sentiment toward regu-
latory measures. The perception that cybersecurity regulation will make
AVs safer was rated lower than the importance of cybersecurity regu-
lation (median: 5.00); the agreement decreased to 67 %. The perception
Fig. 3. Socio-demographic and technological characteristics of the respondents (country-wise).
S. Khalid Khan et al.

Transportation Research Interdisciplinary Perspectives 25 (2024) 101084
8
of support for cybersecurity regulation, not a worry, is still optimistic
(median: 5.00) but lower than the two preceding items, dropping to 66
%. Moreover, Figure 4 depicts the descriptive statistics of each item of
PCR for different levels of agreement.
Perceived Data Sharing: The tendency to share data with various
ITS stakeholders appear relatively low, with median scores between
4.00 and 3.00. The participants’ agreement (somewhat agree, agree, and
strongly agree) to share their vehicle data with different stakeholders is
as follows: 36 % with other AVs, 36 % with automakers, 39 % with in-
surance providers, and 41 % with ITS road infrastructure. However, the
agreement to share data with tax authorities dropped to 33 %, and
sharing data with overseas locations was the least preferred, with only
26 % in agreement. Moreover, Figure 5 depicts the descriptive statistics
of each item of PDS for different levels of agreement.
Perceived Data usage: About half (53 %) of the participants concur
that they should be compensated for using their vehicle’s data to enable
AVs’ operation. Substantial proportion of participants (68 %) have
expressed worry about the storage and processing of AVs’ data. Addi-
tionally, a signicant portion, 71 %, agreed to the destruction of AV data
following the sale of AVs. Moreover, Figure 6 depicts the descriptive
statistics of each item of PDU for different levels of agreement.
Intention to use AVs: the participants’ agreement to use AVs,
spread positive sentiment, and advocate.
for AVs was around 33 %. This suggests signicant uncertainty or
ambivalence among participants about their personal adoption of AVs.
Moreover, Figure 7 depicts the descriptive statistics of each item of IU
for different levels of agreement.
Perceived Data Concern: The primary trend observed in the survey
results is exhibiting varying degrees of concern regarding different types
of data related to privacy. Specically, “In-vehicle Private Conversation”
and “Vehicle Specication and Status” garner notable attention, with 64
% and 52 % rating them as very important or extremely important. On
the other hand, “Location tracking” and “Travel pattern” received a
combined 50 % rating, indicating their signicance in participants’
considerations as either very important or extremely important.
Table 2
Rotated Component Matrix
a
Component
1 2 3 4 5
PCR1 −0.14 0.16 −0.16 0.73 0.31
PCR2 0.15 0.11 0.17 0.80 0.07
PCR3 0.15 0.05 0.06 0.79 0.02
PDS1 0.82 −0.05 0.20 0.07 0.08
PDS2 0.87 −0.06 0.20 0.08 0.05
PDS3 0.84 −0.06 0.13 0.14 0.08
PDS4 0.84 −0.07 0.15 0.14 0.11
PDS5 0.85 0.02 0.20 −0.02 −0.06
PDS6 0.76 0.06 0.27 −0.16 −0.11
PDU1 0.45 0.00 0.15 0.10 0.54
PDU2 0.04 0.12 −0.01 0.05 0.86
PDU3 −0.04 0.11 −0.06 0.17 0.82
IU1 0.33 0.07 0.84 0.02 −0.01
IU2 0.30 0.06 0.89 0.06 0.02
IU3 0.33 0.07 0.88 0.05 −0.01
PDC1 −0.07 0.80 0.02 0.05 0.13
PDC2 −0.01 0.83 0.03 −0.03 0.06
PDC3 −0.06 0.68 −0.04 0.14 0.16
PDC4 0.03 0.73 0.08 0.07 −0.06
PDC5 0.00 0.70 0.07 0.07 0.01
Extraction Method: Principal Component Analysis. Rotation Method: Varimax
with Kaiser Normalization.
Fig. 4. Perceived Cybersecurity Regulation: Descriptive Statistics.
S. Khalid Khan et al.

Transportation Research Interdisciplinary Perspectives 25 (2024) 101084
9
Moreover, “In-car Entertainment search terms” were rated by 40 % as
either very important or extremely important. These ndings highlight
the nuanced nature of privacy concerns among participants, emphasis-
ing the need for targeted approaches in addressing different data types.
Moreover, Figure 8 depicts the descriptive statistics of each item of PDC
for different levels of agreement.
4.2. Exploratory factor analysis
The EFA utilised principal component analysis and the varimax
rotation approach. A minimum factor loading criterion of 0.50 was
employed. Table 3 (of the Appendix) showed Communalities above
0.50, conrming the inclusion of items for further analysis. Bartlett’s
test of Sphericity evaluated the overall signicance of the correlation
matrix, with signicant results observed (X
2
(n =2062) =23,096 (p
0.000), supporting the appropriateness of factor analysis. The Kaiser-
Meyer-Olkin Sampling Adequacy (MSA) value was 0.8723 (illustrated
in Table 4 of the Appendix), indicating suitability for factor analysis
(MSA >0.800). Based on Eigenvalues (greater than 1) and Scree plot
results, the factor solution derived from this analysis revealed ve scale
factors, explaining 70.59 % of the variance in the data (Fabrigar and
Wegener, 2011). Moreover, Table 2 displays the Rotated Component
Matrix
a
for observed variables after rotation. This aids in interpreting
the underlying factors and their relationships with the variables. Vari-
ables with high loadings on a specic factor are considered to be
strongly related to that factor, while variables with low loadings on a
factor are less associated with it.
Cronbach’s alpha and composite reliability for each construct was
determined using SPSS, presented in Table 5 of the Appendix; all values
were above 0.7, indicating satisfactory reliability, providing further
evidence of construct reliability (Taber, 2018). Similarly, the AVE
quanties the amount of variance in observed variables explained by the
underlying construct in factor analysis was 0.5 (and above), indicating
that the underlying factor should account for at least 50 % of the
Fig. 5. Perceived Data Sharing: Descriptive Statistics.
S. Khalid Khan et al.

Transportation Research Interdisciplinary Perspectives 25 (2024) 101084
10
variance in the observed variables, establishing convergent validity (Ab
Hamid et al., 2017).
The Furnell locker criterion was employed to establish discriminant
validity. The square root of the AVE for each factor was calculated and
compared with the constructs. The diagonal values in Table 6 (of the
Appendix) represent the square root of AVE, which are higher than the
pair-wise correlations, conrming discriminant validity and indicating
that the constructs measure distinct and separate concepts.
4.3. Correlational analysis
Although Likert scale data is typically treated as ordinal categorical
data (Wu and Leung, 2017), it does not assume a normal distribution. It
is important to note that responses are ranked in a specic order, indi-
cating the relative strength of agreement or disagreement with a state-
ment. However, it is worth mentioning that in certain cases, when the
number of response options is substantial and the sample size is also
large, the distribution of the aggregated Likert scale data may approach
a normal distribution. Therefore, we conducted a Kolmogorov-Smirnov
test and conrmed that all variables were not normally distributed.
Fig. 6. Perceived Data Usage: Descriptive Statistics.
Fig. 7. Intention to use AVs: Descriptive Statistics.
S. Khalid Khan et al.

Transportation Research Interdisciplinary Perspectives 25 (2024) 101084
11
Table 3 presents Spearman’s Rho correlations among the ve vari-
ables. Initially, composite scores for each construct were calculated by
taking the mean of the aggregated values of all items within the
construct (Song et al., 2013). These items were selected based on the
outcome of factor analysis (using principal component analysis) in EFA.
IU (Variable 1) shows a weak positive correlation of 0.08 with PCR
(Variable 2), indicating a slight relationship between the two (Akoglu,
2018). Moving on to PDS (Variable 3), there is a strong positive corre-
lation of.51 with IU, indicating a signicant and positive association
between these variables. PDU (Variable 4) shows a weak positive cor-
relation of.06 with IU and a moderate positive correlation of.33 with
PCR. This suggests a weaker relationship between PDU and IU and a
more moderate relationship between PDU and PCR. Lastly, PDC (Vari-
able 5) exhibits a signicant positive correlation of.11 with IU,0.20 with
PCR, and.22 with PDU. However, the correlation between PDC and PDS
is not statistically signicant. These results provide insights into the
relationships and associations among the variables under study.
4.4. Mann-Whitney U test and Kruskal-Wallis tests
This section provides an overview of the results obtained from the
Mann-Whitney U test and Kruskal-Wallis tests. Table 4 summarises the
statistical signicance of differences in various socio-demographic and
technological attributes concerning the perception of all ve constructs.
A difference is considered signicant if the Asymp. Sig value is less than
0.05.
Table 7 (of the Appendix) illustrates the Mann-Whitney U test re-
sults, assessing the statistical signicance of gender on the perception of
all ve constructs. The results reveal signicant differences between
male and female respondents on PDS and PDU; females were less
comfortable, as indicated by the mean ranks.
Table 8 (of the Appendix) presents the Kruskal-Wallis H ndings to
establish the statistical signicance of the age effect. The ndings
demonstrate a signicant difference in all ve constructs. A trend in-
dicates that agreement with PCR and PDU increases with age, while PDS
and IU decrease with age. However, middle-aged ranks show high
agreement with PDC.
Table 9 (of the Appendix) displays the Kruskal-Wallis H results to
determine the statistical signicance of income differences between
groups. The results reveal a signicant difference in PDS, PDU, and IU.
Lower-income groups exhibit the least agreement with PDS and PDU.
The impact of education level was analysed using the Kruskal-Wallis
H test, with the results shown in Table 10 (of the Appendix). The par-
ticipants’ agreement varied signicantly for PCR, PDS, and IU. The
bachelor’s and master’s degree participants exhibit high agreement with
PDS and PDU, while the master’s and Doctoral degree cohorts show the
highest intent towards AVs and the least agreement with the PCR.
The Kruskal-Wallis H results in Table 11 (of the Appendix) establish
the statistical signicance of individuals’ different understandings of
AVs’ operations. Participant perception signicantly differs on PDS,
PDU, IU, and PDC, with a corresponding increase in agreement as the
understanding of AVs increases.
Similarly, Table 2 (of the Appendix) presents the Kruskal-Wallis H
results, demonstrating the difference among individuals with different
levels of cybersecurity understanding. A higher level of understanding
regarding cybersecurity corresponds to a higher level of agreement on
PCR, PDS, PDU, IU, and PDC.
Table 13 (of the Appendix) shows the ndings of the Kruskal-Wallis
H test based on a grouping of four distinct nations: the UK, the US, New
Zealand, and Australia. The agreement to PCR has a statistically
Fig. 8. Perceived Data Concerns: Descriptive Statistics.
Table 3
Spearman’s Rho Correlations.
IU PCR PDS PDU PDC
IU 1.00
PCR 0.08
**
1.00
PDS 0.51
**
0.13
**
1.00
PDU 0.06
**
0.33
**
0.17
**
1.00
PDC 0.11
**
0.20
**
−0.04 0.22
**
1.00
** Correlation is signicant at the 0.01 level (2-tailed).
S. Khalid Khan et al.

Transportation Research Interdisciplinary Perspectives 25 (2024) 101084
12
signicant difference, with participants from New Zealand showing the
highest agreement, followed by Australia, the UK, and the US. Similarly,
for PDS, participants from the UK exhibit the highest agreement, fol-
lowed by Australians. Regarding IU, New Zealanders show the least
inclination, while the UK displays the highest agreement.
Table 5 summarises the results of the hypotheses.
5. Discussion
The existing literature acknowledges the qualitative signicance of
cybersecurity regulation and AV data concerns on adopting AVs. How-
ever, there is a noticeable gap in the research, as no study has system-
atically explored the public’s perceptions of cybersecurity regulation,
the data generated by AVs, and how these perceptions relate to the
acceptance of AVs. To bridge this gap, our study offers an empirical and
statistically grounded analysis of key elements such as Cybersecurity
Regulation, Data Sharing, Data Usage, and Data Concerns within the
context of AV adoption. The dataset used is culturally and geographi-
cally diverse, allowing for a comprehensive understanding of the sub-
ject. The implications of our ndings are broad, contributing to
theoretical insights, practical applications, and policy considerations,
providing a nuanced perspective on an essential aspect of AV technology
adoption.
5.1. Implications for theory
The study makes a signicant contribution to theoretical knowledge
by conducting a thorough analysis of the constructs associated with
adopting AVs, namely Perceived Cybersecurity Regulation (PCR),
Perceived Data Sharing (PDS), Perceived Data Usage (PDU), and
Perceived Data Concerns (PDC). EFA is a valuable method for uncov-
ering underlying dimensions and structures, providing insights into
patterns, and generating hypotheses. Moreover, the empirical ndings
related to these constructs contribute substantially to theoretical
knowledge. Notably, the study reveals that a considerable 66 % of re-
spondents support cybersecurity regulation despite the potential expo-
sure of PII. This nding aligns with previous research by Chen et al.
(2020) and Jardim et al. (2013), where regulation was considered ur-
gent for AV operations, ranking second in priority after safety in con-
sumer perceptions. However, the current study distinguishes itself by
offering more empirical analysis and explicitly addressing PII concerns.
It refutes the argument that potential cybersecurity regulation might
impede AV proliferation due to PII concerns in the “internet-on-vehicle
(AV)” context.
Similarly, Spearman’s Rho correlation analysis provides valuable
insights into the association between the ve constructs. For example,
individuals who are more willing to share AV data also express a greater
likelihood of using AVs. Moreover, those who agree more with CR also
exhibit a stronger agreement to be compensated for their vehicle’s
transmitting data. While the current literature lacks specic insights into
the association between public perception, AV data, regulation, and AV
adoption, it offers empirical analyses on related aspects, such as public
concerns regarding AV safety, privacy, and data security (Lee and Hess,
2022). Furthermore, Rahman et al. (2023) conducted a study and re-
ported a noteworthy nding. According to their research, respondents
with a stricter attitude towards AV regulations tend to perceive road
sharing with AVs as less safe. This suggests a connection between reg-
ulatory attitudes and perceptions of safety in the context of AVs.
This study makes a noteworthy contribution by providing insights by
assessing the differences in socio-technical attributes across the ve
constructs, which can serve as a springboard for more advanced research
techniques and policy development. For instance, the results indicate
signicant differences between male and female respondents concerning
data-sharing and usage, with females exhibiting less comfort. These
ndings are consistent with a study conducted by Sørum et al. (2022) on
data protection legislation synthesis, which revealed that women were
less likely than men to disclose sensitive information but more willing to
disclose their birthdate, television viewing history, and shopping his-
tory. Weigl et al. (2022) reported that women show less acceptance of
AVs and have a lower desire for control compared to men. Furthermore,
according to Lee and Hess (2022), women exhibit higher levels of
concern about safety compared to men; therefore, it is essential to
consider gender bias in decision-making processes.
5.2. Implications for practice and policy
It is essential to emphasise that factors beyond facts and objective
information, including media coverage and personal experiences, shape
perceptions and attitudes about AVs. As AV technology evolves, tailored
regulation will be in place, and attitudes towards AVs may change over
time. Consequently, recognising these perceptions is crucial for stake-
holders, given their multifaceted involvement in risk and innovation
(Urban, 2021). Additionally, understanding these perceptions will lay
the groundwork for future mobility choices. In light of this dynamic
relationship, our research delves into the perception of cybersecurity
regulation and data sharing in the context of AVs. These insights have
profound theoretical and policy implications, opening doors to a richer
comprehension of the challenges and opportunities for AV adoption.
A notable trend emerges in the results of the Kruskal-Wallis test
regarding the impact of age. It indicates that agreement with cyberse-
curity regulation and data usage tends to increase with age, while data
sharing and intention to use show a decline. While the perceived benets
of AVs are more lucrative for older cohorts, the literature presents a
mixed response to the effect of age on AV acceptance (Thomas et al.,
2020). For instance, the ndings of Eby et al. (2018) suggest a cautious
attitude toward vehicle automation among older adults. However, it is
Table 4
Mann-Whitney U test and Kruskal-Wallis tests (Asymp. Sig.).
Construct Asymp. Sig.
Gender Age Income Education AVs Understanding Cybersecurity level Country
PCR 0.84 <0.001 0.49 0.00 0.53 0.04 <0.001
PDS 0.00 <0.001 0.00 <0.001 <0.001 <0.001 <0.001
PDU 0.02 <0.001 0.00 0.37 0.00 <0.001 0.27
IU 0.06 <0.001 <0.001 <0.001 <0.001 <0.001 0.00
PDC 0.64 0.02 0.29 0.92 <0.001 <0.001 0.16
Table 5
Hypotheses results.
Hypothesis Result Hypothesis Result Hypothesis Result
H1 Accepted H5a
H5b
H5c
H5e
H5f
H5g
H5h
H5i
H5j
Accepted
Accepted
Accepted
Accepted
Accepted
Accepted
Accepted
Accepted
Accepted
H6a
H6b
H6c
H6e
H6f
H6g
H6h
Partially
Accepted
Accepted
Accepted
Partially
Accepted
Partially
Accepted
Accepted
Partially
Accepted
H2 Accepted
H3 Accepted
H4 Accepted
S. Khalid Khan et al.

Transportation Research Interdisciplinary Perspectives 25 (2024) 101084
13
crucial to note that older individuals are not a homogenous group; they
encompass diverse life experiences and unique requirements that should
be considered when developing and implementing new technologies
(Isbel et al., 2022). Moreover, in terms of education, the Master and
Doctoral degree cohorts show the highest intent towards AVs. This could
be attributed to the notion that people with higher education are more
optimistic about the potential of AVs than those with lower education
(Liljamo et al., 2018). Moreover, Thomas et al. (2020) reported that
younger respondents and those with higher levels of education generally
exhibited positive reactions to AV developments, demonstrating a
greater understanding of AV functionality.
The empirical ndings of this study contribute to the literature by
highlighting the signicant differences in individuals’ levels of AV un-
derstanding. Notably, there is a corresponding increase in agreement as
the understanding of AVs improves. This observation suggests that as
AVs become more prevalent and the public gains more understanding
and exposure, their perception of cybersecurity regulation will likely
evolve. For instance, Mohammed and Horv´
ath (2023) found that
increasing awareness and education among the population about the
meaning of the term ’autonomous vehicles’ and enhancing their un-
derstanding of the new features offered by these vehicles can lead to an
increase in the number of trips. Similarly, the study conducted by Oth-
man (2023) emphasizes the signicance of educating the public about
autonomous vehicles to ensure the highest level of acceptance.
Likewise, the ndings of this study underscore the importance of
cybersecurity knowledge in shaping perceptions. As individuals’ level of
cybersecurity knowledge increases, their agreement levels regarding
cybersecurity regulation and intention to use AVs also increase. This
empirical evidence aligns with the qualitative analysis of existing liter-
ature, indicating that AV adoption benets from cyber knowledge.
Nevertheless, the study’s ndings show that the level of agreement
for cybersecurity regulation is highest in New Zealand and Australia,
followed by the UK, and lowest in the US. Likewise, in terms of data-
sharing and intention to use, participants from the UK exhibit a strong
inclination, possibly due to the presence of prominent AV projects in the
region (UK_Govt). This supports the notion that geographic locations
can inuence the level of agreement on cybersecurity regulation. For
example, Lee and Hess (2022) assessed public concerns about AV and
reported that Hispanics (Latinx) tend to express more concerns about
privacy than non-Hispanics.
6. Conclusion, Limitations, and future directions
The goal-oriented CR is crucial for keeping up with the rapid
advancement of AV technology. AV-CR can potentially lessen criminal
activity in both the real and virtual worlds, level the playing eld for all
ITS stakeholders, and protect AV consumers’ rights and liberties.
Currently, no study has systematically investigated the public’s per-
ceptions of CR, consumers’ AV-generated data, and their relationship
with AV acceptance. In this context, this study investigates the re-
lationships between socio-demographic characteristics, the potential
scope of CR, AV-generated data, and its acceptability within this context.
Specically, the study investigates the perception of three customer-
centric AV-CR dimensions: the signicance of CR in AV operation, the
extent to which CR can improve safety, and support for CR despite the
fact that its use may permit consumers’ PII. The impact of socio-
demographic and technological attributes on these dimensions as well
the impact of perceived trust in CR to AV adoption, is statistically
evaluated using a nationally representative sample of 2062 adults from
the US, UK, New Zealand, and Australia. Moreover, the relationship
between these three dimensions of CR, consumer’s AV-generated data,
and intention to use AVs is statistically evaluated.
Key ndings from the study include the following:
•80 % of respondents acknowledged the essential role of CR for AV
operation, with 67 % believing it enhances safety, and 66 % sup-
porting it despite potential risks to consumers’ PII.
•Participants of older age, middle-income, low-middle education, and
high cybersecurity knowledge exhibited strong agreement with CR.
•The highest agreement with CR among the four countries studied
was in New Zealand and Australia, followed by the UK, with the
lowest in the US, indicating regional variations in AV-CR acceptance.
•53 % of participants expressed the expectation of compensation for
their vehicle’s data used in AV operation, while 68 % expressed
concerns about the storage and processing of AV data. Moreover, 71
% supported the destruction of AV data after the sale of vehicles.
•Notably, 64 % of participants emphasized the signicance of “In-
vehicle Private Conversation” as a data privacy concern.
The study successfully achieved its research objective, which
involved assessing the public’s perceptions of cyber regulation, con-
sumer data, and their connection to AV acceptance. The research
included the development of a novel questionnaire, the formulation of
ve constructs (cybersecurity regulation, data sharing, data usage, data
concerns, and intention to use AVs), and the demonstration of the reli-
ability and validity of these constructs for future analysis by researchers.
The study analysed the associations between these ve constructs.
Furthermore, it underscored the necessity of cybersecurity regulation
for AV operations through empirical analysis, shedding light on issues
related to consumers’ Personally Identiable Information (PII). Addi-
tionally, it emphasized the signicance of consumer data. Moreover, the
study investigated the statistical signicance of differences in socio-
demographic attributes, such as age, gender, geographic location, in-
come level, and technological knowledge (about AVs and cyberse-
curity), on these constructs.
The study’s ndings carry signicant implications across three
crucial domains: legislation, AV technology, and consumer safety.
Addressing concerns about Personally Identiable Information (PII), the
study dispels fears that cybersecurity regulations might hinder AV
adoption, emphasizing the need for tailored regulations alongside
deployment to ensure both security and public trust. In the realm of AV
technology, the study underscores the importance of prioritizing
cybersecurity measures, advocating for a proactive approach embedded
in design and development to create robust and resilient systems that
balance functionality with security. Consumer safety concerns, partic-
ularly regarding data compensation and privacy, emerge with half of the
participants expecting compensation for their AV-generated data. This
prompts potential implementation of data monitoring and tailored
compensation models. The overwhelming agreement on the necessity
for data destruction post-sale emphasizes the urgency for strong legal
frameworks protecting consumer data privacy. Lastly, preferences for
data localization, reected in the lowest support for overseas data
sharing, underscore a potential demand for AV data centres within
manufacturing countries, urging legal frameworks to address consumer
concerns and foster trust in the emerging AV landscape.
While the Mann-Whitney U and Kruskal-Wallis H tests are well-
suited for analysing ordinal data, it is crucial to critically appraise
their limitations to accurately interpret the study’s ndings. Despite
their robustness, these tests can be sensitive to tied ranks, potentially
masking subtle differences, and necessitating the assumption of inde-
pendent observations within groups. Moreover, they may not offer
detailed insights into the nature of the detected differences. Similarly,
Spearman’s rank correlation coefcient (Spearman’s rho) provides
valuable insights into associations between ranked variables. However,
its reliance on the assumption of monotonic relationships limits its
ability to capture complex non-monotonic patterns. Additionally, it
cannot establish causal relationships between variables, demanding
careful caution in drawing conclusions about causation.
Future research endeavours could benet from employing Conr-
matory Factor Analysis (CFA) to delve into the relationships among the
S. Khalid Khan et al.

Transportation Research Interdisciplinary Perspectives 25 (2024) 101084
14
key elements identied in the study. It’s crucial to consider that statis-
tical advice cautions against conducting both Exploratory Factor Anal-
ysis (EFA) and CFA on the same dataset (Hurley et al., 1997; Thompson,
2004). While the EFA in the current study successfully unveiled un-
derlying factors inuencing public perceptions of AVs, a CFA would
enable testing specic hypotheses about the structure and relationships
between these factors, providing a deeper understanding of the causal
relationships within each factor. Additionally, it is essential to examine
the inuence of the perceived value of transportation services on AV
adoption. Differentiating perceived value across various transport ser-
vice types would allow for tailoring AV development and implementa-
tion to better align with public needs and preferences. Further research
could explore trade-offs between factors such as convenience, safety,
accessibility, and environmental impact, elucidating how individuals
perceive the value of different transport options, including AVs. More-
over, there is a need to analysed participants’ perceptions in European
countries, considering a meticulous examination of data protection laws.
This approach would facilitate comprehensive cross-comparisons
among participants from diverse geographic locations across the
continents.
Nevertheless, the study assessed the impact of perceived cyber
regulation, data sharing, data usage, and data concerns on public
perception regarding the adoption and deployment of AVs. This
assessment was conducted through a questionnaire administered in four
nations of the Organization for Economic Cooperation and Development
(OECD): Australia, New Zealand, the United Kingdom, and the United
States. Through the comprehensive statistical analysis, we have
endeavoured to provide valuable insights into the associations within
constructs. Similarly, the study illustrates the statistical signicance of
differences among socio-demographic characteristics, such as age,
gender, geographic location, income level, and technological knowledge
(about AVs or cybersecurity), in relation to these constructs. These
ndings carry signicant theoretical and policy implications, expanding
avenues for a deeper understanding of the challenges and opportunities
associated with the adoption of AVs.
CRediT authorship contribution statement
Shah Khalid Khan: Conceptualization, Data curation, Formal
analysis, Investigation, Methodology, Software, Validation, Writing –
original draft, Writing – review & editing. Nirajan Shiwakoti:
Conceptualization, Formal analysis, Supervision, Writing – review &
editing. Peter Stasinopoulos: Conceptualization, Supervision. Yilun
Chen: Data curation, Validation. Matthew Warren: Supervision.
Declaration of competing interest
The authors declare that they have no known competing nancial
interests or personal relationships that could have appeared to inuence
the work reported in this paper.
Data availability
Data will be made available on request.
Appendix
Table 1
Socio-demographic and technological characteristics of the respondents.
Category Variable Frequency Percentage
Gender Male 946 45.9 %
Female 1097 53.2 %
Others 7 0.6 %
Prefer not to say 12 0.3 %
Age 18–24 296 14.4 %
25–35 384 18.6 %
36–45 374 18.1 %
46–55 346 16.8 %
55–65 325 15.8 %
65 and above 337 16.3 %
Country US 525 25.5 %
New Zealand 511 24.8 %
Australia 524 25.4 %
United Kingdom 502 24.4 %
Australia Region
Victoria 150 28.6 %
Queensland 118 22.5 %
Western Australia 49 9.4 %
Tasmania / Northern Territory / Australian Capital
Territory
28 5.3 %
New South Wales 141 26.9 %
South Australia 38 7.3 %
Gender
Male 228 43.51 %
Female 294 56.11 %
Others 2 0.38 %
Prefer not to say 0 0
Age
18–24 60 11.45 %
25–35 101 19.27 %
36–45 107 20.42 %
46–55 83 15.84 %
55–65 80 15.27 %
65 and above 93 17.75 %
UK Region
Greater London 67 13.4 %
(continued on next page)
S. Khalid Khan et al.

Transportation Research Interdisciplinary Perspectives 25 (2024) 101084
15
Table 1 (continued )
Category Variable Frequency Percentage
Mid England (West Midlands, East Midlands & East of
England)
134 26.7 %
Southern England (Southwest & Southeast) 117 23.3 %
Northern England (Northwest, Northeast, Yorkshire & the
Humber
125 24.9 %
Northern Ireland 15 3.0 %
Wales 27 5.4 %
Scotland 17 3.4 %
Gender
Male 249 49.6 %
Female 252 50.20 %
Others 0 0.0 %
Prefer not to say 1 0.2 %
Age
18–24 62 12.35 %
25–35 109 21.71 %
36–45 102 20.32 %
46–55 97 19.32 %
55–65 80 15.94 %
65 and above 52 10.36 %
New Zealand Region
Lower North Island 114 22.3 %
Upper North Island 94 18.4 %
Auckland 196 38.4 %
South Island 107 20.9 %
Gender
Male 225 44.03 %
Female 279 54.60 %
Others 3 0.59 %
Prefer not to say 4 0.78 %
Age
18–24 91 17.81 %
25–35 81 15.85 %
36–45 89 17.42 %
46–55 81 15.85 %
55–65 79 15.46 %
65 and above 90 17.61 %
US Region
West 116 22.1 %
Northeast 83 15.8 %
South 214 40.8 %
Midwest 112 21.3 %
Gender
Male 244 46.48 %
Female 272 51.81 %
Others 7 1.33 %
Prefer not to say 2 0.38 %
Age
18–24 83 15.81 %
25–35 93 17.71 %
36–45 76 14.48 %
46–55 85 16.19 %
55–65 86 16.38 %
65 and above 102 19.43 %
Income (AU$) 0 - $25,000 345 16.7 %
25,001 - $50,000 535 25.9 %
$50,001 - $75,000 397 19.3 %
$75,001 - $100,000 293 14.2 %
$100,001 - $125,000 163 7.9 %
$125,001 - $150,000 128 6.2 %
$150,001 - $175,000 77 3.7 %
$175,001 - $200,000 53 2.6 %
$200,001 - $225,000 32 1.6 %
$225,001+39 1.9 %
Education High School Certicates or Equivalent 1039 50.4 %
Bachelor’s degree or Equivalent 776 37.6 %
Master’s degree 199 9.7 %
Doctoral degree 48 2.3 %
Have you heard of AVs Yes 1866 90.5 %
No 147 7.1 %
Not sure 49 2.4 %
How well do you understand AVs? (Follow-up question based on previous
question)
Not well at all 375 19.6 %
slightly well 694 36.2 %
Moderately well 566 29.6 %
Very well 197 10.3 %
Extremely well 83 4.3 %
(continued on next page)
S. Khalid Khan et al.

Transportation Research Interdisciplinary Perspectives 25 (2024) 101084
16
Table 1 (continued )
Category Variable Frequency Percentage
Are you familiar with cybercrime and cybersecurity? Yes 1699 82.4 %
No 264 12.8 %
Not sure 99 4.8 %
How well do you understand cybercrime/cybersecurity? (Based on the preceding
question)
Not well at all 251 14.0 %
Slightly well 681 37.9 %
Moderately well 565 31.4 %
Very well 218 12.1 %
Extremely well 83 4.6 %
Table 2
Descriptive Statistics.
PCR1 Median 6
Interquartile Range 2
PCR2 Median 5
Interquartile Range 2
PCR3 Median 5
Interquartile Range 2
PDS1 Median 4
Interquartile Range 3
PDS2 Median 4
Interquartile Range 2
PDS3 Median 4
Interquartile Range 2
PDS4 Median 4
Interquartile Range 2
PDS5 Median 4
Interquartile Range 3
PDS6 Median 3
Interquartile Range 4
PDU1 Median 5
Interquartile Range 2
PDU2 Median 5
Interquartile Range 2
PDU3 Median 6
Interquartile Range 3
IU1 Median 4
Interquartile Range 3
IU2 Median 4
Interquartile Range 2
IU3 Median 4
Interquartile Range 2
PDC1 Median 3
Interquartile Range 1
PDC2 Median 3
Interquartile Range 1
PDC3 Median 4
Interquartile Range 2
PDC4 Median 3
Interquartile Range 2
PDC5 Median 4
Interquartile Range 1
Table 3
Communalities
Items Initial Extraction
PCR1 1.000 0.696
PCR2 1.000 0.707
PCR3 1.000 0.658
PDS1 1.000 0.719
PDS2 1.000 0.801
PDS3 1.000 0.754
PDS4 1.000 0.760
PDS5 1.000 0.758
PDS6 1.000 0.697
PDU1 1.000 0.530
PDU2 1.000 0.763
PDU3 1.000 0.725
IU1 1.000 0.826
IU2 1.000 0.884
IU3 1.000 0.894
PDC1 1.000 0.671
PDC2 1.000 0.694
PDC3 1.000 0.511
PDC4 1.000 0.554
PDC5 1.000 0.506
S. Khalid Khan et al.

Transportation Research Interdisciplinary Perspectives 25 (2024) 101084
17
Extraction Method: Principal Component Analysis.
Table 4
KMO and Bartlett’s Test.
Kaiser-Meyer-Olkin Measure of Sampling Adequacy. 0.872
Bartlett’s Test of Sphericity Approx. Chi-Square 23,096
df 190
Sig. 0.000
Table 5
Cronbach’s alpha, Composite Reliability and Average Variance Extracted.
Construct Item Loadings (>0.5) Cronbach’s alpha (>0.7) Composite reliability (>0.7) Average variance extracted (>0.5)
PCR PCR1 0.73 0.72 0.82 0.60
PCR2 0.80
PCR3 0.79
PDS PDS1 0.82 0.93 0.93 0.69
PDS2 0.87
PDS3 0.84
PDS4 0.84
PDS5 0.85
PDS6 0.76
PDU PDU1 0.54 0.70 0.79 0.57
PDU2 0.86
PDU3 0.82
IU IU1 0.84 0.92 0.90 0.76
IU2 0.89
IU3 0.88
PDC PDC1 0.80 0.81 0.87 0.57
PDC2 0.83
PDC3 0.68
PDC4 0.73
PDC5 0.70
Table 6
Discriminant validity.
Constructs IU PCR PDS PDU PDC
IU 0.78
PCR 0.08 0.83
PDS 0.512 0.131
**
0.76
PDU 0.067 0.334
**
0.176
**
0.87
PDC 0.118 0.208
**
−0.041 0.226
**
0.75
Table 7
Mann-Whitney U test results on differences based on gender.
Constructs Grouping Variable: Gender Ranks Test statistics
N Mean Rank Mann-Whitney U Wilcoxon W Z Asymp. Sig.
Perceived Cybersecurity regulation Male 946 1,024 515,620 1,117,873 −0.21 0.84
Female 1097 1,019
Perceived Data-Sharing Male 946 1,067 475,345 1,077,598 −3.24 0.00
Female 1097 982
Perceived Data Usage Male 946 1,053 488,550 1,090,803 −2.25 0.02
Female 1097 994
Intention to Use Male 946 1,027 512,888 1,115,141 −0.41 0.68
Female 1097 1,017
Perceived Data Concerns Male 946 1,015 512,194 959,179 −0.41 0.64
Female 1097 1,027
Table 8
Kruskal-Wallis H test results based on age groups.
Grouping Variable: Age N Mean Rank Kruskal-Wallis H df Asymp. Sig.
Perceived Cybersecurity regulation
18–24 296 822 64.68 5 <0.001
25–35 384 973
36–45 374 1,026
46–55 346 1,077
55–65 325 1,115
65 and above 337 1,158
– – Perceived Data-Sharing
18–24 296 1,081 69.59 5 <0.001
25–35 384 1,168
36–45 374 1,109
46–55 346 1,030
55–65 325 912
65 and above 337 861
(continued on next page)
S. Khalid Khan et al.

Transportation Research Interdisciplinary Perspectives 25 (2024) 101084
18
Table 8 (continued )
Grouping Variable: Age N Mean Rank Kruskal-Wallis H df Asymp. Sig.
Perceived Cybersecurity regulation
– – Perceived Data Usage
18–24 296 928 21.76 5 <0.001
25–35 384 985
36–45 374 1,033
46–55 346 1,033
55–65 325 1,081
65 and above 337 1,123
– – Intention to Use
18–24 296 1,210 217.29 5 <0.001
25–35 384 1,238
36–45 374 1,179
46–55 346 927
55–65 325 877
65 and above 337 730
– – Perceived Data Concerns
18–24 296 961.12 12.83204176 5 0.02
25–35 384 1071.22
36–45 374 1080.87
46–55 346 1051.50
55–65 325 1034.27
65 and above 337 967.16
Table 9
Kruskal-Wallis H test results based on income.
Grouping Variable: Gender N Mean Rank Kruskal-Wallis H df Asymp. Sig.
Perceived Cybersecurity regulation
0 - $25,000 345 972 8.45 9 0.49
25,001 - $50,000 535 1,045
$50,001 - $75,000 397 1,043
$75,001 - $100,000 293 1,035
$100,001 - $125,000 163 1,058
$125,001 - $150,000 128 1,068
$150,001 - $175,000 77 1,084
$175,001 - $200,000 53 992
$200,001 - $225,000 32 1,079
$225,001+39 876
Perceived Data-Sharing
0 - $25,000 345 976 25.46 9 0.00
25,001 - $50,000 535 968
$50,001 - $75,000 397 1,055
$75,001 - $100,000 293 1,032
$100,001 - $125,000 163 1,156
$125,001 - $150,000 128 1,027
$150,001 - $175,000 77 1,195
$175,001 - $200,000 53 1,104
$200,001 - $225,000 32 1,169
$225,001+39 1,080
Perceived Data Usage
0 - $25,000 345 897 26.94 9 0.00
25,001 - $50,000 535 1,049
$50,001 - $75,000 397 1,052
$75,001 - $100,000 293 1,039
$100,001 - $125,000 163 1,024
$125,001 - $150,000 128 1,085
$150,001 - $175,000 77 1,196
$175,001 - $200,000 53 1,091
$200,001 - $225,000 32 1,097
$225,001+39 1,073
Intention to Use
0 - $25,000 345 1,019 30.95 9 <0.001
25,001 - $50,000 535 944
$50,001 - $75,000 397 1,041
$75,001 - $100,000 293 1,015
$100,001 - $125,000 163 1,158
$125,001 - $150,000 128 1,071
$150,001 - $175,000 77 1,214
$175,001 - $200,000 53 1,108
$200,001 - $225,000 32 1,101
$225,001+39 1,167
Perceived Data Concerns
0 - $25,000 345 1,073 10.82 9 0.29
25,001 - $50,000 535 1,043
$50,001 - $75,000 397 1,021
(continued on next page)
S. Khalid Khan et al.

Transportation Research Interdisciplinary Perspectives 25 (2024) 101084
19
Table 9 (continued )
Grouping Variable: Gender N Mean Rank Kruskal-Wallis H df Asymp. Sig.
$75,001 - $100,000 293 1,005
$100,001 - $125,000 163 1,025
$125,001 - $150,000 128 943
$150,001 - $175,000 77 1,160
$175,001 - $200,000 53 993
$200,001 - $225,000 32 1,002
$225,001+39 919
Table 10
Kruskal-Wallis H test results on differences based on education level.
Grouping Variable: Education N Mean Rank Kruskal-Wallis H df Asymp. Sig.
Perceived Cybersecurity regulation
High School Certicates or Equivalent 1039 1012.55 14.60 3 0.00
Bachelor’s degree or Equivalent 776 1086.23
Master’s degree 199 923.96
Doctoral degree 48 980.77
Perceived Data-Sharing
High School Certicates or Equivalent 1039 990.49 17.14 3 <0.001
Bachelor’s degree or Equivalent 776 1051.17
Master’s degree 199 1172.32
Doctoral degree 48 995.02
Perceived Data Usage
High School Certicates or Equivalent 1039 1015.73 3.16 3 0.37
Bachelor’s degree or Equivalent 776 1053.67
Master’s degree 199 1045.06
Doctoral degree 48 936.48
1039 Intention to Use
High School Certicates or Equivalent 1038 965.84 35.76 3 <0.001
Bachelor’s degree or Equivalent 776 1063.86
Master’s degree 199 1210.82
Doctoral degree 48 1163.34
Perceived Data Concerns
High School Certicates or Equivalent 1039 1023.21 0.48 3 0.92
Bachelor’s degree or Equivalent 776 1040.84
Master’s degree 199 1027.26
Doctoral degree 48 1055.82
Table 11
Kruskal-Wallis H test results based on the understanding of AVs.
Grouping Variable: Understanding AVs N Mean Rank Kruskal-Wallis H df Asymp. Sig.
Perceived Cybersecurity regulation
Not well at all 375 923 3.20 4 0.53
slightly well 694 945
Moderately well 566 907
Very well 197 979
Extremely well 83 946
Perceived Data-Sharing
Not well at all 375 763 89.61 4 <0.001
slightly well 694 921
Moderately well 566 940
Very well 197 1,116
Extremely well 83 1,266
Perceived Data Usage
Not well at all 375 879 14.94 4 0.00
slightly well 694 942
Moderately well 566 925
Very well 197 937
Extremely well 83 1,129
Intention to Use
Not well at all 375 740 125.52 4 <0.001
slightly well 694 895
Moderately well 566 966
Very well 197 1,158
Extremely well 83 1,306
Perceived Data Concerns
Not well at all 375 921 45.21 4 <0.001
slightly well 694 894
Moderately well 566 905
Very well 197 1,026
Extremely well 83 1,276
S. Khalid Khan et al.

Transportation Research Interdisciplinary Perspectives 25 (2024) 101084
20
Table 12
Kruskal-Wallis H test results on differences based on cybersecurity level.
Grouping Variable: Cybersecurity level N Mean Rank Kruskal-Wallis H df Asymp. Sig.
Perceived Cybersecurity regulation
Not well at all 251 826 9.82 4 0.04
slightly well 681 836
Moderately well 565 832
Very well 218 928
Extremely well 83 934
Perceived Data-Sharing
Not well at all 251 753 59.86 4 <0.001
slightly well 681 808
Moderately well 565 836
Very well 218 987
Extremely well 83 1,145
Perceived Data Usage
Not well at all 251 747 34.79 4 <0.001
slightly well 681 841
Moderately well 565 834
Very well 218 916
Extremely well 83 1,098
Intention to Use
Not well at all 251 690 102.84 4 <0.001
slightly well 681 788
Moderately well 565 866
Very well 218 988
Extremely well 83 1,242
Perceived Data Concerns
Not well at all 251 779 77.59 4 <0.001
slightly well 681 818
Moderately well 565 808
Very well 218 962
Extremely well 83 1,250
Table 13
Kruskal-Wallis H test results on differences based the country.
Grouping Variable: Country N Mean Rank Kruskal-Wallis H df Asymp. Sig.
Perceived Cybersecurity regulation
Australia 524 1,070 23.41 3 <0.001
United Kingdom 502 1,050
New Zealand 511 1,082
US 525 925
Perceived Data-Sharing
Australia 524 1,024 26.30 3 <0.001
United Kingdom 502 1,145
New Zealand 511 977
US 525 982
Perceived Data Usage
Australia 524 1,043 3.88 3 0.27
United Kingdom 502 1,041
New Zealand 511 1,054
US 525 988
Intention to Use
Australia 524 1,012 15.11 3 0.00
United Kingdom 502 1,113
New Zealand 511 972
US 525 1,029
Perceived Data Concerns
Australia 524 1,044 5.17 3 0.16
United Kingdom 502 1,038
New Zealand 511 981
US 525 1,060
References
Ab Hamid, M., Sami, W., Sidek, M.M., 2017. Discriminant validity assessment: use of
Fornell & Larcker criterion versus HTMT criterion. J. Phys. Conf. Ser.. IOP
Publishing, 012163.
Akoglu, H., 2018. User’s guide to correlation coefcients. Turkish J. Emergency Med. 18
(3), 91–93.
Australian_Taxation_Ofce, 2023. Motor vehicle and car expenses. https://www.ato.gov.
au/individuals/income-deductions-offsets-and-records/deductions-you-can-claim/cars-
transport-and-travel/motor-vehicle-and-car-expenses/, accessed on July, 5,2023.
Austroads, 2021. Austroads’ Future Vehicles & Technology Program. Austroads, accessed
on July 22, 2022(https://austroads.com.au/drivers-and-vehicles/future-vehicles-
and-technology/trials).
Burgess, M., 2022. How GDPR Is Failing. https://www.wired.co.uk/article/gdpr-2022,
accessed on June 21, 2023.
Chang, A.L., Grossman, J.D., Spezio, T.S., Weiskel, H.W., Blum, J.C., Burt, J.W., Muir, A.
A., Piovia-Scott, J., Veblen, K.E., Grosholz, E.D., 2009. Tackling aquatic invasions:
risks and opportunities for the aquarium sh industry. Biol. Invasions 11 (4),
773–785.
Chen, Y., Shiwakoti, N., Stasinopoulos, P., Khan, S.K., Aghabayk, K., 2023. Exploring the
association between socio-demographic factors and public acceptance towards fully
automated vehicles: Insights from a survey in Australia. IET Intelligent Transport
Systems.
S. Khalid Khan et al.

Transportation Research Interdisciplinary Perspectives 25 (2024) 101084
21
Chen, S.-Y., Kuo, H.-Y., Lee, C., 2020. Preparing society for automated vehicles:
perceptions of the importance and urgency of emerging issues of governance,
regulations, and wider impacts. Sustainability 12 (19), 7844.
Choi, J.K., Ji, Y.G., 2015. Investigating the importance of trust on adopting an
autonomous vehicle. Int. J. Human-Computer Interaction 31 (10), 692–702.
CISA, 2023. Cybersecurity best practices for smart cities. https://www.cisa.gov/
resources-tools/resources/cybersecurity-best-practices-smart-cities, accessed on
June 20, 2023.
Cohen, T., Stilgoe, J., Stares, S., Akyelken, N., Cavoli, C., Day, J., Dickinson, J., Fors, V.,
Hopkins, D., Lyons, G., 2020. A constructive role for social science in the
development of automated vehicles. Transp. Res. Interdisciplinary Perspectives 6,
100133.
Davis, F.D., Bagozzi, R.P., Warshaw, P.R., 1989. User acceptance of computer
technology: a comparison of two theoretical models. Manag. Sci. 35 (8), 982–1003.
Eby, D.W., Molnar, L.J., Stanciu, S.C., 2018. Older adults’ attitudes and opinions about
automated vehicles: A literature review.
Fabrigar, L.R., Wegener, D.T., 2011. Exploratory factor analysis. Oxford University Press.
Fagnant, D.J., Kockelman, K., 2015. Preparing a nation for autonomous vehicles:
opportunities, barriers and policy recommendations. Transportation Research Part a:
Policy Practice 77, 167–181.
Hidalgo, A., Albors, J., 2008. Innovation management techniques and tools: a review
from theory and practice. R&D Manag. 38 (2), 113–127.
Hurley, A.E., Scandura, T.A., Schriesheim, C.A., Brannick, M.T., Seers, A.,
Vandenberg, R.J., Williams, L., 1997. Exploratory and conrmatory factor analysis:
guidelines, issues, and alternatives. J. Organ. Behav. 667–683.
Isbel, S., Mulhall, S., Gibson, D., 2022. Using Automated Vehicle Technologies With
Older Adults: A Mixed-Methods Study. OTJR: Occupation, Participation Health,
15394492221082493.
ITU, Global Cybersecurity Index. https://www.itu.int/en/ITU-D/Cybersecurity/Pages/
global-cybersecurity-index.aspx, accessed on June 23, 2023.
Jardim, A.S., Quartulli, A.M., Casley, S.V., 2013. A study of public acceptance of
autonomous cars. Worcester Polytechnic Institute, Worcester, MA, USA, p. 156.
Katrakazas, C., Theolatos, A., Papastefanatos, G., H¨
arri, J., Antoniou, C., 2020. Cyber
security and its impact on CAV safety: overview, policy needs and challenges. Policy
Implications of Autonomous Vehicles. Elsevier, The Netherlands, pp. 73–94.
Khan, S.K., Shiwakoti, N., Stasinopoulos, P., Chen, Y., 2020. Cyber-attacks in the next-
generation cars, mitigation techniques, anticipated readiness and future directions.
Accid. Anal. Prev. 148, 105837.
Khan, S.K., Shiwakoti, N., Stasinopoulos, P., 2021. A conceptual system dynamics model
for cybersecurity assessment of connected and autonomous vehicles. Accid. Anal.
Prev.
Khan, S.K., Shiwakoti, N., Stasinopoulos, P., Warren, M., 2023a. Cybersecurity
regulatory challenges for connected and automated vehicles–state-of-the-art and
future directions. Transp. Policy.
Khan, S.K., Shiwakoti, N., Stasinopoulos, P., Warren, M., 2023b. Modelling cybersecurity
regulations for automated vehicles. Accident Analysis Prevention 186, 107054.
Khan, S.K., Shiwakoti, N., Stasinopoulos, P., Warren, M., 2023c. A multinational
empirical study of perceived cyber barriers to automated vehicles deployment. Sci.
Rep. 13 (1), 1842.
Lachal, J., Revah-Levy, A., Orri, M., Moro, M.R., 2017. Metasynthesis: an original
method to synthesize qualitative literature in psychiatry. Front. Psych. 8, 269.
Lavieri, P.S., Bhat, C.R., 2019. Modeling individuals’ willingness to share trips with
strangers in an autonomous vehicle future. Transp. Res. Part a: Policy Practice 124,
242–261.
Lee, D., Hess, D., 2022. Public concerns and connected and automated vehicles: safety,
privacy, and data security. Humanities Social Sci. Commun. 9 (1), 1–13.
Leminen, S., Rajahonka, M., Wendelin, R., Westerlund, M., Nystr¨
om, A.-G.-J.-T.-F.,
Change, S., 2022. Autonomous vehicle solutions and their digital servitization
business models. Technol. Forecasting Social Change 185, 122070.
Leon, L.F.A., Aoyama, Y., 2022. Industry emergence and market capture: the rise of
autonomous vehicles. Technol. Forecasting Social Change 180, 121661.
Liljamo, T., Liimatainen, H., P¨
oll¨
anen, M., 2018. Attitudes and concerns on automated
vehicles. Transp. Res. Part F: Trafc Psychol. Behaviour 59, 24–44.
Liu, J., Ma, S., Xu, W., Zhu, L., 2022. A generalized wilcoxon–Mann–Whitney type test
for multivariate data through pairwise distance. J. Multivar. Anal. 190, 104946.
Memon, M.A., Ting, H., Cheah, J.-H., Thurasamy, R., Chuah, F., Cham, T.H., 2020.
Sample size for survey research: review and recommendations. J. Appl. Struct.
Equation Modeling 4 (2), 1–20.
Miller, M.R., Herrera, F., Jun, H., Landay, J.A., Bailenson, J.N., 2020. Personal
identiability of user tracking data during observation of 360-degree VR video. Sci.
Rep. 10 (1), 1–10.
Mohammed, D., Horv´
ath, B., 2023. Travel demand increment due to the use of
autonomous vehicles. Sustainability 15 (11), 8937.
Molwus, J.J., Erdogan, B., & Ogunlana, S. O, 2013. Sample size and model t indices for
structural equation modelling (SEM): The case of construction management
research.
Nair, G.S., Bhat, C.R., 2021. Sharing the road with autonomous vehicles: perceived safety
and regulatory preferences. Transp. Res. Part c: Emerging Technol. 122, 102885.
Nicole McMillan, J.W., Harrison Papworth, 2023. The Investment Case for Digital
Infrastructure. https://www.patrizia.ag/leadmin/user_upload/The_Investment_Case_
for_Digital_Infrastructure.pdf.
Othman, K., 2023. Public attitude towards autonomous vehicles before and after crashes:
a detailed analysis based on the demographic characteristics. Cogent Engineering 10
(1), 2156063.
Panagiotopoulos, I., Dimitrakopoulos, G., 2018. An empirical investigation on
consumers’ intentions towards autonomous driving. Transp. Res. Part c: Emerging
Technol. 95, 773–784.
Penmetsa, P., Adanu, E.K., Wood, D., Wang, T., Jones, S.L., 2019. Perceptions and
expectations of autonomous vehicles–a snapshot of vulnerable road user opinion.
Technol. Forecasting Social Change 143, 9–13.
QUALTRICS, 2023. https://www.qualtrics.com/, accsed on 27 oct, 2023.
Rahman, M.T., Dey, K., Pyrialakou, V.D., Das, S., 2023. Factors inuencing safety
perceptions of sharing roadways with autonomous vehicles among vulnerable
roadway users. J. Saf. Res. 85, 266–277.
SAE-International, 2018. Taxonomy and denitions for terms related to driving
automation systems for on-road motor vehicles.
SEON, 2022. Global cybercrime report: Which countries are most at risk? https://
resources.cdn.seon.io/uploads/2023/04/Cybersecurity_countries-min.pdf, accessed on
June 23, 2023.
Seuwou, P., Banissi, E., Ubakanma, G., 2020. The future of mobility with connected and
autonomous vehicles in Smart cities. In: Digital Twin Technologies AND Smart
Cities. Springer, pp. 37–52.
Shrestha, N., 2021. Factor analysis as a tool for survey analysis. Am. J. Appl. Math. Stat.
9 (1), 4–11.
Song, M.-K., Lin, F.-C., Ward, S.E., Fine, J.P., 2013. Composite variables: when and how.
Nurs. Res. 62 (1), 45.
Sørum, H., Eg, R., Presthus, W., 2022. A gender perspective on GDPR and information
privacy. Procedia Comput. Sci. 196, 175–182.
Stoma, M., Dudziak, A., Caban, J., Dro´
zdziel, P., 2021. The future of autonomous
vehicles in the opinion of automotive market users. Energies 14 (16), 4777.
Taber, K.S., 2018. The use of cronbach’s alpha when developing and reporting research
instruments in science education. Res. Sci. Educ. 48, 1273–1296.
Tabone, W., De Winter, J., Ackermann, C., B¨
argman, J., Baumann, M., Deb, S.,
Emmenegger, C., Habibovic, A., Hagenzieker, M., Hancock, P.A., 2021. Vulnerable
road users and the coming wave of automated vehicles: expert perspectives. Transp.
Res. Interdisciplinary Perspectives 9, 100293.
Thomas, E., McCrudden, C., Wharton, Z., Behera, A., 2020. Perception of autonomous
vehicles by the modern society: a survey. IET Intel. Transport Syst. 14 (10),
1228–1239.
Thompson, B.J.W., DC, 2004. Exploratory and conrmatory factor analysis:
Understanding concepts and applications. 10694(000).
UK_Govt, Self-driving revolution to boost economy and improve road safety. https://
www.gov.uk/government/news/self-driving-revolution-to-boost-economy-and-improve-
road-safety, accessed on 19 August 2022.
Urban, E., 2021. The past, the present and the potential future of autonomous vehicles in
the EU and in the USA. University of Twente.
Van den Broeck, E., Poels, K., Walrave, M., 2015. Older and wiser? Facebook use, privacy
concern, and privacy protection in the life stages of emerging, young, and middle
adulthood. Social Media+Society 1(2), 2056305115616149.
Velde, R., Vries, M., Boer, A., Das, A., Narain, A., 2017. Self-driving vehicles (SDVs) &
geo-information. https://www.geonovum.nl/uploads/documents/Self-
DrivingVehiclesReport.pdf.
Vicroads, 2021. Connected and automated vehicle technology. Vicroads, accessed on July
22, 2022(https://www.vicroads.vic.gov.au/safety-and-road-rules/vehicle-safety/
automated-and-connected-vehicles/grants-trials-and-partnerships).
Walsh, D., Downe, S., 2005. Meta-synthesis method for qualitative research: a literature
review. J. Adv. Nurs. 50 (2), 204–211.
Waltermann, J., Henkel, S., 2023. Public discourse on automated vehicles in online
discussion forums: a social constructionist perspective. Transp. Res. Interdisciplinary
Perspectives 17, 100743.
Waung, M., McAuslan, P., Lakshmanan, S., 2021. Trust and intention to use autonomous
vehicles: Manufacturer focus and passenger control. Transp. Res. Part F: Trafc
Psychol. Behaviour 80, 328–340.
Weigl, K., Nees, M.A., Eisele, D., Riener, A., 2022. Acceptance of automated vehicles:
gender effects, but lack of meaningful association with desire for control in Germany
and in the US. Transp. Res. Interdisciplinary Perspectives 13, 100563.
Wu, H., Leung, S.-O., 2017. Can likert scales be treated as interval scales?—A simulation
study. J. Soc. Serv. Res. 43 (4), 527–532.
Wu, M., Wang, N., Yuen, K.F., 2023. Can autonomy level and anthropomorphic
characteristics affect public acceptance and trust towards shared autonomous
vehicles? Technol. Forecasting Social Change 189, 122384.
Yan, Z., Robertson, T., Yan, R., Park, S.Y., Bordoff, S., Chen, Q., Sprissler, E., 2018.
Finding the weakest links in the weakest link: how well do undergraduate students
make cybersecurity judgment? Comput. Hum. Behav. 84, 375–382.
Yu, Z., Cai, K., 2022. Perceived risks toward in-vehicle infotainment data services on
intelligent connected vehicles. Systems 10 (5), 162.
Zhou, M., Qin, Z., Lin, X., Hu, S., Wang, Q., Ren, K., 2019. Hidden voice commands:
attacks and defenses on the vcs of autonomous driving cars. IEEE Wirel. Commun. 26
(5), 128–133.
Zmud, J.P., Sener, I., 2017. Towards an understanding of the travel behavior impact of
autonomous vehicles. 25, 2500-2519.
S. Khalid Khan et al.