The interpersonal privacy identity (IPI): development of a privacy as control model

The Internet and social computing technology have revolutionized our ability to gather information as well as enabled new modes of communication and forms of self-expression. As the popularity of social computing technologies has increased, our society has begun to witness modifications in socialization behaviors. Social psychology theory suggests that technological changes can influence an individual’s expectation of privacy, through adaptive behaviors resulting from use (Laufer and Wolfe in J Soc Issues 33(3): 22–42 (1977)). We adapt traditional privacy theory to explore the influence of developmental and environmental factors on the individual’s inner privacy identity, which is comprised of the individual’s belief in his or her right to control (1) personal information and (2) interactions with others, and is continuously shaped by privacy experiences. We then use the inner privacy identity to examine interpersonal behaviors in the online context. We find that individuals’ belief in their right to control their information impacts their information disclosure practices when consequences are implied and that their belief in their right to control the interaction impacts their online information sharing practices. We do not find support for a relationship between the interaction management component of the IPI and online interaction behavior, which considered in the presence of the relationship between interaction management and online information sharing, suggests that interaction behavior is more complicated in the online context. Insights from the model developed in this study can inform future studies of situational privacy behaviors.     

The role of privacy assurance mechanisms in building trust and the moderating role of privacy concern

Privacy policy statements and privacy assurance cues are among the most important website features that online providers use to increase individuals’ trust and willingness to disclose private information online. The focus of this study is a comprehensive examination of the process by which privacy assurance mechanisms influence trust and the moderating role of privacy concern in this process. We use the lens of the Elaboration Likelihood Model to investigate the way different individuals perceive and process privacy assurance mechanisms. We argue that the trust-enhancing role of these mechanisms depends on the individual’s privacy concern. The results of this study articulate the process by which various privacy assurance mechanisms operate in enhancing an individual’s trust, and show that there are distinct behavioral differences between individuals with high- vs low-privacy concern when forming their trust to disclose private information. The paper sheds new light on the role of elaboration in the trust building process, and shows why privacy assurance mechanisms have different impacts depending on individuals’ privacy concerns.     

Better Safe than Sorry: A Study of Investigating Individuals’ Protection of Privacy in the Use of Storage as a Cloud Computing Service

Since the use of network-based storage as a cloud computing service [Storage as a Service (StaaS)] becomes ubiquitous, users who store data in the cloud are exposed to risk and potentially severe consequences. Therefore, individuals should carefully consider security and privacy issues when using StaaS. Drawing upon the principle of self-preservation and the theory of protection motivation, this study develops a research model explaining the mechanisms leading to the development of a protection strategy for individuals’ safe use of StaaS and empirically tests the proposed model. The results show that the natural propensity to trust, an individual trait, influences an individual’s need for privacy. This, in turn, along with perception of privacy risk, significantly affects individuals’ perception of the need to protect themselves. Three coping appraisal factors, preventive measures, self-efficacy, and willingness to incur cost of prevention, together with the individual perceived need to protect self, directly and positively affect users’ need to develop a protection strategy in a cloud computing environment. Theoretical and practical implications are discussed.     

大数据隐私管理

信息化和网络化的高速发展使得大数据成为当前学术界和工业界的研究热点,是IT业正在发生的深刻技术变革.但它在提高经济和社会效益的同时,也为个人和团体的隐私保护以及数据安全带来极大风险与挑战.当前,隐私成为大数据应用领域亟待突破的重要问题,其紧迫性已不容忽视.描述了大数据的分类、隐私特征与隐私类别,分析了大数据管理中存在的隐私风险和隐私管理关键技术;提出大数据隐私主动式管理建议框架以及该框架下关于隐私管理技术的主要研究内容,并指出相应的技术挑战.     

A multi-level model of individual information privacy beliefs

Several types of individual information privacy beliefs have been studied in literature, but their distinctions, relationships, and behavioral impacts have yet been systematically analyzed, causing difficulties in comparing and consolidating results across literature. Based on a review on various types of privacy beliefs, this study develops a multi-level model to strengthen this concept. The model consists of three levels of privacy beliefs, including: disposition to privacy, representing a person’s fundamental beliefs and overall propensity to value privacy across contexts; online privacy concern, representing a person’s overall perception of privacy risks in the online environment; and website privacy concern, representing a person’s perception of privacy risks on a particular website. An empirical test reveals that disposition to privacy has a positive impact on both online privacy concern and website privacy concern, and website privacy concern is the only significant predictor of intentions to disclose information and transact on a website. The study helps to synthesize individual information privacy beliefs and assists in understanding their impacts on online behavior.     

Privacy and Commercial Use of Personal Data: Policy Developments in the United States

In the online and offline worlds, the value of personal information – especially information about commercial purchases and preferences – has long been recognised. Exchanges and uses of personal information have also long sparked concerns about privacy. Public opinion surveys consistently indicate that overwhelming majorities of the American public are concerned that they have lost all control over information about themselves and do not trust organisations to protect the privacy of their information. Somewhat smaller majorities favour federal legislation to protect privacy. Despite public support for stronger privacy protection, the prevailing policy stance for over thirty years has been one of reluctance to legislate and a preference for self‐regulation by business to protect privacy. Although some privacy legislation has been adopted, policy debates about the commercial uses of personal information have been dominated largely by business concerns about intrusive government regulation, free speech and the flow of commercial information, costs, and effectiveness. Public concerns about privacy, reflected in public opinion surveys and voiced by a number of public interest groups, are often discredited because individuals seem to behave as though privacy is not important. Although people express concern about privacy, they routinely disclose personal information because of convenience, discounts and other incentives, or a lack of understanding of the consequences. This disconnect between public opinion and public behaviour has been interpreted to support a self‐regulatory approach to privacy protections with emphasis on giving individuals notice and choice about information practices. In theory the self‐regulatory approach also entails some enforcement mechanism to ensure that organisations are doing what they claim, and a redress mechanism by which individuals can seek compensation if they are wronged. This article analyses the course of policy formulation over the last twenty years with particular attention on how policymakers and stakeholders have used public opinion about the commercial use of personal information in formulating policy to protect privacy. The article considers policy activities in both Congress and the Federal Trade Commission that have resulted in an emphasis on “notice and consent.” The article concludes that both individual behaviour and organisational behaviour are skewed in a privacy invasive direction. People are less likely to make choices to protect their privacy unless these choices are relatively easy, obvious, and low cost. If a privacy protection choice entails additional steps, most rational people will not take those steps. This appears logically to be true and to be supported by behaviour in the physical world. Organisations are unlikely to act unilaterally to make their practices less privacy invasive because such actions will impose costs on them that are not imposed on their competitors. Overall then, the privacy level available is less than what the norms of society and the stated preferences of people require. A consent scheme that is most protective of privacy imposes the largest burden on the individual, as well as costs to the individual, while a consent scheme that is least protective of privacy imposes the least burden on the individual, as well as fewer costs to the individual. Recent experience with privacy notices that resulted from the financial privacy provisions in Gramm‐Leach‐Bliley supports this conclusion. Finally, the article will consider whether the terrorist attacks of 11 September have changed public opinion about privacy and what the policy implications of any changes in public opinion are likely to be.     

Risky behaviour at traffic signals: a traffic engineer's view

Abstract

Road accidents are reasonably predictable from a knowledge of traffic behaviour, although individual accident involvement is far less predictable. How do individuals perceive the relationship between their own involvement and objective accident risk? This question is explored in relation to Danish case studies of drivers' behaviour at traffic lights and different categories of pedestrians' ‘jay-walking’. On this evidence, it seems unlikely that road users perceive accidents as random negative outcomes of everyday risk taking. Thus it also appears improbable that overall traffic accident risk in any society is a major function of deliberate risk taking by its individual road users.     

Assessing Disclosure Risk and Data Utility Trade-off in Transaction Data Anonymization

Organizations and businesses, including financial institutions and healthcare providers, are increasingly collecting and disseminating information about individuals in the form of transactions. A transaction associates an individual with a set of items, each representing a potentially confidential activity, such as the purchase of a stock or the diagnosis of a disease. Thus, transaction data need to be shared in a way that preserves individuals'' privacy, while remaining useful in intended tasks. While algorithms for anonymizing transaction data have been developed, the issue of how to achieve a "desired" balance between disclosure risk and data utility has not been investigated. In this paper, we assess the balance offered by popular algorithms using the R-U confidentiality map. Our analysis and experiments shed light on how the joint impact on disclosure risk and data utility can be examined, which allows the production of high-quality anonymization solutions.     

If someone is watching,I'll do what I'm asked: mandatoriness,control, and information security

Information security has become increasingly important to organizations. Despite the prevalence of technical security measures, individual employees remain the key link – and frequently the weakest link – in corporate defenses. When individuals choose to disregard security policies and procedures, the organization is at risk. How, then, can organizations motivate their employees to follow security guidelines? Using an organizational control lens, we build a model to explain individual information security precaution-taking behavior. Specific hypotheses are developed and tested using a field survey. We examine elements of control and introduce the concept of ‘mandatoriness,’ which we define as the degree to which individuals perceive that compliance with existing security policies and procedures is compulsory or expected by organizational management. We find that the acts of specifying policies and evaluating behaviors are effective in convincing individuals that security policies are mandatory. The perception of mandatoriness is effective in motivating individuals to take security precautions, thus if individuals believe that management watches, they will comply.     

大规模手机位置数据研究中的个体重识别风险 及其与数据可用性的关系

手机位置数据是一种新兴的轨迹数据源,在支持人类移动研究方面具有巨大的潜力。近期研究指出,基于手机用户独特的活动特征,许多用户能够被轻易地重识别。然而,隐私保护处理对原始数据的改变会导致数据可用性的损失。因此,使用详细位置数据进行活动分析的同时避免隐私风险成为一个挑战。本研究旨在揭示中国一个大型城市的手机用户重识别风险,以及将该数据用于人群移动分析时,用户重识别风险和数据可用性之间的量化关系。首先,以深圳市为例,评估全市某一主要运营商手机用户的重识别风险;然后,提出并实现一种空间泛化方法以保护用户隐私;最后,使用人群移动分析为例,评估隐私保护后数据可用性的损失。结果显示,深圳市的重识别风险不同于西方城市,证明了基于手机位置数据的重识别风险具有空间异质性。其次,发现了重识别风险(x)和数据可用性(y)之间的数学关系y＝－axb＋c(a,b,c＞0;0＜x＜1)。该关系的发现,为数据发布者在权衡隐私风险和数据可用性之间的关系时提供了科学依据。本研究有助于更好地理解大规模轨迹数据中的个体重识别风险,以及隐私风险与数据可用性之间的权衡基准,有助于降低共享轨迹数据时的隐私风险。     

Internet users’ perceptions of ‘privacy concerns’ and ‘privacy actions’

A consistent finding reported in online privacy research is that an overwhelming majority of people are ‘concerned’ about their privacy when they use the Internet. Therefore, it is important to understand the discourse of Internet users’ privacy concerns, and any actions they take to guard against these concerns. A Dynamic Interviewing Programme (DIP) was employed in order to survey users of an instant messaging ICQ (‘I seek you’) client using both closed and open question formats. Analysis of 530 respondents’ data illustrates the importance of establishing users’ privacy concerns and the reasoning behind these concerns. Results indicate that Internet users are concerned about a wider range of privacy issues than surveys have typically covered. The results do not provide final definitions for the areas of online privacy, but provide information that is useful to gain a better understanding of privacy concerns and actions.     

Rationality-based beliefs affecting individual’s attitude and intention to use privacy controls on Facebook: An empirical investigation

Online social networking sites like Facebook provides a fast and easy way to connect with friends and family. Users need to post and share their personal information in order to get the best possible experiences on Facebook. However, the spreading of private information can also lead to serious and harmful issues. Therefore, privacy becomes an important component in the use of Facebook and it is the user’s responsibility to protect his or her profile. This study draws upon the theory of planned behavior and the rational choice theory to investigate the rationality-based beliefs affecting individual’s attitude and intention to use privacy controls on Facebook. The results show that individual’s attitude toward using privacy controls is influenced by benefit of using privacy controls, cost of using privacy controls, and cost of not using privacy controls. Further, benefits of using privacy controls is shaped by beliefs regarding intrinsic benefit and resource safety; cost of not using privacy controls is shaped by beliefs regarding resource vulnerability, threat severity, privacy risk and privacy intrusion; and cost of using privacy controls is shaped by beliefs about intrinsic cost and work impediment. Theoretical and practical implications of the findings are discussed in the paper.     

Repacking ‘Privacy’ for a Networked World

In this paper we examine the notion of privacy as promoted in the digital economy and how it has been taken up as a design challenge in the fields of CSCW, HCI and Ubiquitous Computing. Against these prevalent views we present an ethnomethodological study of digital privacy practices in 20 homes in the UK and France, concentrating in particular upon people’s use of passwords, their management of digital content, and the controls they exercise over the extent to which the online world at large can penetrate their everyday lives. In explicating digital privacy practices in the home we find an abiding methodological concern amongst members to manage the potential ‘attack surface’ of the digital on everyday life occasioned by interaction in and with the networked world. We also find, as a feature of this methodological preoccupation, that privacy dissolves into a heterogeneous array of relationship management practices. Accordingly we propose that ‘privacy’ has little utility as a focus for design, and suggest instead that a more productive way forward would be to concentrate on supporting people’s evident interest in managing their relationships in and with the networked world.     

Optimistic bias about online privacy risks: Testing the moderating effects of perceived controllability and prior experience

This study examined the ways in which Internet users construct their risk judgments about online privacy. The results, based on telephone survey data from a national probability sample in Singapore (n = 910), revealed that (a) individuals distinguish between two separate dimensions of risk judgment (personal level and societal level), (b) individuals display a strong optimistic bias about online privacy risks, judging themselves to be significantly less vulnerable than others to these risks, and (c) internal belief (perceived controllability) and individual difference (prior experience) significantly moderate optimistic bias by increasing or decreasing the gap between personal- and societal-level risk estimates. The implications of the findings for research and practice are discussed.     

A framework for comparing perspectives on privacy and pervasive technologies

Pervasive computing research has evolved, investigating mechanisms for supporting some predefined notion of privacy, typically favoring individual rights over the rights of the community. We offer a framework to consider individual and group rights so that technology developers can more effectively reason about concerns for existing technology as well as generate new technologies that respect a well-defined set of social norms. We outline a framework designed to help developers understand the conflict between privacy and pervasive computing technologies, particularly those technologies that deal with sensing and storage. Pervasive computing technologies, especially those that can automate perception of human activity and then store that information, can provide tremendous benefits. We offer an analytic method to assist developers in asking questions about the systems and applications they are creating. We believe this framework will help developers minimize the gap between design goals and actual effects on privacy.     

Factors mediating disclosure in social network sites

In this paper, we explore how privacy settings and privacy policy consumption (reading the privacy policy) affect the relationship between privacy attitudes and disclosure behaviors. We present results from a survey completed by 122 users of Facebook regarding their information disclosure practices and their attitudes about privacy. Based on our data, we develop and evaluate a model for understanding factors that affect how privacy attitudes influence disclosure and discuss implications for social network sites. Our analysis shows that the relationship between privacy attitudes and certain types of disclosures (those furthering contact) are controlled by privacy policy consumption and privacy behaviors. This provides evidence that social network sites could help mitigate concerns about disclosure by providing transparent privacy policies and privacy controls.     

The decision making basis for information systems: the contribution of Vickers' concept of appreciation to a soft systems perspective

This paper considers the models of decision making which are used within the field of information systems. It argues that although decision making is of great relevance to the study of information systems insufficient attention has been given to the models by which IS professionals understand the process. Hard systems thinking has made a great contribution to IS in providing rational models of decision making, the work of H. A. Simon having been particularly influential; but the simplistic way in which such work is presented in IS texts ignores the role of social and political factors in decision making and imposes constraints in the complex social situations in which real world decision making occurs. An important contribution which the soft strand of systems thinking may make to IS is to provide a richer understanding of the nature of decision making through Vickers' concept of appreciation. The resultant ‘appreciative model’ of decision making emphasises the importance of the decision makers' perception of the organization and its situation in the interpretation of data, provides the basis for making a clear distinction between ‘data’ and ‘information’, and has implications for the ways in which computerized information systems are developed.     

The role of perceived information practices on consumers’ intention to authorise secondary use of personal data

We are living in an era where data lead to opportunities, especially customer data. According to privacy laws, however, without customers’ authorisation, organisations face many limitations in using identifiable information for secondary purposes. Consequently, organisations are missing out on many potential business opportunities to capitalise on customer data. Privacy concerns have become the biggest roadblock to gain customer consent because of the potential risks associated with the use of personal information. This situation underscores the importance of devising effective information practices and strategies in dealing with the use of customer data. Privacy literature suggests that information practices may influence individuals’ intentions to participate in situations requiring the collection and use of personal data. Yet, existing research has not systematically analysed the role of these strategies in influencing intention. Also, previous studies focus primarily on the disclosure of personal data. Issues surrounding ‘authorisation of personal data for secondary use’ remain unexplored. The purpose of our study is to examine the role of information practices on intention to authorise secondary use of personal data. The results show that privacy concerns and trusting beliefs significantly affect individual perceptions of information practices. Perception of information practices in turn exerts significant effect on intention to authorise secondary use of personal data. Both theoretical and managerial implications of the results are discussed.     

The problem of missing data in geoscience databases

SQL is the (more or less) standardised language that is used by the majority of commercial database management systems. However, it is seriously flawed, as has been documented in detail by Date, Darwen, Pascal, and others. One of the most serious problems with SQL is the way it handles missing data. It uses a special value ‘NULL’ to represent data items whose value is not known. This can have a variety of meanings in different circumstances (such as ‘inapplicable’ or ‘unknown’). The SQL language also allows an ‘unknown’ truth value in logical expressions. The resulting incomplete three-valued logic leads to inconsistencies in data handling within relational database management systems. Relational database theorists advocate that a strict two-valued logic (true/false) be used instead, with prohibition of the use of NULL, and justify this stance by assertion that it is a true representation of the ‘real world’. Nevertheless, in real geoscience data there is a complete gradation between exact values and missing data: for example, geochemical analyses are inexact (and the uncertainty should be recorded); the precision of numeric or textual data may also be expressed qualitatively by terms such as ‘approximately’ or ‘possibly’. Furthermore, some data are by their nature incomplete: for example, where samples could not be collected or measurements could not be taken because of inaccessibility.It is proposed in this paper that the best way to handle such data sets is to replace the closed-world assumption and its concomitant strict two-valued logic, upon which the present relational database model is based, by the open-world assumption which allows for other logical values in addition to the extremes of ‘true’ and ‘false’. Possible frameworks for such a system are explored, and could use Codd's ‘marks’, Darwen's approach (recording the status of information known about each data item), or other approaches such as fuzzy logic.     

Web mining and privacy concerns: Some important legal issues to be consider before applying any data and information extraction technique in web-based environments

Web mining is a concept that gathers all techniques, methods and algorithms used to extract information and knowledge from data originating on the web (web data). A part of this technique aims to analyze the behavior of users in order to continuously improve both the structure and content of visited web sites. Behind this quite altruistic belief – namely, to help the user feel comfortable when they visit a site through a personalization process – there underlie a series of processing methodologies which operate at least arguably from the point of view of the users’ privacy.Thus, an important question arises; to what extent may the desire to improve the services offered through a web site infringe upon the privacy of those who visit it? The use of powerful processing tools such as those provided by web mining may threaten users’ privacy.Current legal scholarship on privacy issues suggests a flexible approach that enables the determination, within each particular context, of those behaviors that can threaten individual privacy. However, it has been observed that TIC professionals, with the purpose of formulating practical rules on this matter, have a very narrow-minded concept of privacy, primarily centered on the dichotomy between personal identifiable information (PII) and anonymous data.The aim of this paper is to adopt an integrative approach based on the distinctive attributes of web mining in order to determine which techniques and uses are harmful.