Putting the privacy paradox to the test: Online privacy and security behaviors among users with technical knowledge, privacy awareness, and financial resources

Abstract Research shows that people’s use of computers and mobile phones is often characterized by a privacy paradox: Their self-reported concerns about their online privacy appear to be in contradiction with their often careless online behaviors. Earlier research into the privacy paradox has a number of caveats. Most studies focus on intentions rather than behavior and the influence of technical knowledge, privacy awareness, and financial resources is not systematically ruled out. This study therefore tests the privacy paradox under extreme circumstances, focusing on actual behavior and eliminating the effects of a lack of technical knowledge, privacy awareness, and financial resources. We designed an experiment on the downloading and usage of a mobile phone app among technically savvy students, giving them sufficient money to buy a paid-for app. Results suggest that neither technical knowledge and privacy awareness nor financial considerations affect the paradoxical behavior observed in users in general. Technically-skilled and financially independent users risked potential privacy intrusions despite their awareness of potential risks. In their considerations for selecting and downloading an app, privacy aspects did not play a significant role; functionality, app design, and costs appeared to outweigh privacy concerns.

[1]  Jahangir Karimi,et al.  Do Hedonic and Utilitarian Apps Differ in Consumer Appeal? , 2015, WEB.

[2]  Studying the effectiveness of android application permissions requests , 2013, 2013 IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOM Workshops).

[3]  Elgar Fleisch,et al.  Blissfully ignorant: the effects of general privacy concerns, general institutional trust, and affect in the privacy calculus , 2015, Inf. Syst. J..

[4]  David E. Millard,et al.  Unpicking the privacy paradox: can structuration theory help to explain location-based privacy decisions? , 2013, WebSci.

[5]  Günter Müller,et al.  Type Indeterminacy in Privacy Decisions: The Privacy Paradox Revisited , 2012, QI.

[6]  Qing Hu,et al.  Does Privacy Still Matter in the Era of Web 2.0? A Qualitative Study of User Behavior towards Online Social Networking Activities , 2010, PACIS.

[7]  Herman T. Tavani,et al.  Privacy online , 1999, CSOC.

[8]  Alessandro Acquisti,et al.  Privacy and rationality in individual decision making , 2005, IEEE Security & Privacy.

[9]  Thomas Hughes-Roberts,et al.  Privacy and Social Networks: Is Concern a Valid Indicator of Intention and Behaviour? , 2013, 2013 International Conference on Social Computing.

[10]  Irina Shklovski,et al.  Leakiness and creepiness in app space: perceptions of privacy and mobile app use , 2014, CHI.

[11]  A. Westin Social and Political Dimensions of Privacy , 2003 .

[12]  Hongwei Chris Yang,et al.  Bon Appétit for Apps: Young American Consumers' Acceptance of Mobile Applications , 2013, J. Comput. Inf. Syst..

[13]  Christian Pieter Hoffmann,et al.  Privacy cynicism: A new approach to the privacy paradox , 2016 .

[14]  Byung-Gon Chun,et al.  TaintDroid: an information flow tracking system for real-time privacy monitoring on smartphones , 2014, Commun. ACM.

[15]  Annika Bergström,et al.  Online privacy concerns: A broad approach to understanding the concerns of different groups for different uses , 2015, Comput. Hum. Behav..

[16]  G. Loewenstein,et al.  Privacy and human behavior in the age of information , 2015, Science.

[17]  Bernhard Debatin,et al.  Facebook and Online Privacy: Attitudes, Behaviors, and Unintended Consequences , 2009, J. Comput. Mediat. Commun..

[18]  Kristina Heinonen,et al.  Classifying Mobile Services , 2008 .

[19]  Mary Beth Rosson,et al.  Measuring Mobile Users' Concerns for Information Privacy , 2012, ICIS.

[20]  Michael J. Shaw,et al.  E-Life: Web-Enabled Convergence of Commerce, Work, and Social Life , 2012, Lecture Notes in Business Information Processing.

[21]  Marie Caroline Oetzel,et al.  The online privacy paradox: a social representations perspective , 2011, CHI Extended Abstracts.

[22]  Bruno Crispo,et al.  Privacy and Identity Management for Life , 2011, IFIP Advances in Information and Communication Technology.

[23]  Christopher Krügel,et al.  PiOS: Detecting Privacy Leaks in iOS Applications , 2011, NDSS.

[24]  Curtis R. Taylor,et al.  The Economics of Privacy , 2016 .

[25]  Robin L. Wakefield,et al.  Mobile computing: a user study on hedonic/utilitarian mobile device usage , 2006, Eur. J. Inf. Syst..

[26]  Iryna Pentina,et al.  Exploring privacy paradox in information-sensitive mobile app adoption: A cross-cultural comparison , 2016, Comput. Hum. Behav..

[27]  Lorrie Faith Cranor,et al.  Privacy as part of the app decision-making process , 2013, CHI.

[28]  Xiaoping Liu,et al.  Privacy Paradox: Does Stated Privacy Concerns Translate into the Valuation of Personal Information? , 2014, PACIS.

[29]  Sabine Trepte,et al.  Is the privacy paradox a relic of the past? An in‐depth analysis of privacy attitudes and privacy behaviors , 2015 .

[30]  David A. Wagner,et al.  Android permissions: user attention, comprehension, and behavior , 2012, SOUPS.

[31]  Gorazd Kandus,et al.  Mobile Phone Security Awareness and Practices of Students in Budapest , 2011 .

[32]  Rajesh Vasa,et al.  Toward a social media usage policy , 2011 .

[33]  Tobias Dehling,et al.  Exploring the Far Side of Mobile Health: Information Security and Privacy of Mobile Health Apps on iOS and Android , 2015, JMIR mHealth and uHealth.

[34]  Pern Hui Chia,et al.  Is this app safe?: a large scale study on application permissions and risk signals , 2012, WWW.

[35]  Fred D. Davis Perceived Usefulness, Perceived Ease of Use, and User Acceptance of Information Technology , 1989, MIS Q..

[36]  Christoph Buck,et al.  Mobile Consumer Apps: Big Data Brother is Watching You , 2014 .

[37]  Alessandro Acquisti,et al.  Privacy in electronic commerce and the economics of immediate gratification , 2004, EC '04.

[38]  Anabel Quan-Haase,et al.  PRIVACY PROTECTION STRATEGIES ON FACEBOOK , 2013 .

[39]  Menno D. T. de Jong,et al.  The privacy paradox - Investigating discrepancies between expressed privacy concerns and actual online behavior - A systematic literature review , 2017, Telematics Informatics.

[40]  André Deuker,et al.  Addressing the Privacy Paradox by Expanded Privacy Awareness - The Example of Context-Aware Services , 2009, PrimeLife.

[41]  Sadie Creese,et al.  Privacy is the Boring Bit: User Perceptions and Behaviour in the Internet-of-Things , 2017, 2017 15th Annual Conference on Privacy, Security and Trust (PST).

[42]  Nicole C. Krämer,et al.  Online Self-Presentation: Balancing Privacy Concerns and Impression Construction on Social Networking Sites , 2011, Privacy Online.

[43]  Kon Mouzakis,et al.  A preliminary analysis of mobile app user reviews , 2012, OZCHI.

[44]  Byung-Gon Chun,et al.  TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones , 2010, OSDI.

[45]  Young Min Baek,et al.  Solving the privacy paradox: A counter-argument experimental approach , 2014, Comput. Hum. Behav..

[46]  Sebastian Möller,et al.  FlashPolling privacy: the discrepancy of intention and action in location-based poll participation , 2015, UbiComp/ISWC Adjunct.

[47]  Susan B. Barnes,et al.  A privacy paradox: Social networking in the United States , 2006, First Monday.

[48]  Bo Zhang,et al.  Unlocking the privacy paradox: do cognitive heuristics hold the key? , 2013, CHI Extended Abstracts.

[49]  Adam N. Joinson,et al.  Privacy, Trust, and Self-Disclosure Online , 2010, Hum. Comput. Interact..

[50]  Vyas Sekar,et al.  Measuring user confidence in smartphone security and privacy , 2012, SOUPS.

[51]  Spyros Kokolakis,et al.  Privacy attitudes and privacy behaviour: A review of current research on the privacy paradox phenomenon , 2017, Comput. Secur..

[52]  Chuan-Hoo Tan,et al.  Addressing the Personalization-Privacy Paradox: An Empirical Assessment from a Field Experiment on Smartphone Users , 2013, MIS Q..

[53]  Alessandro Acquisti,et al.  The challenges of personal data markets and privacy , 2015, Electronic Markets.

[54]  Joseph S. Valacich,et al.  Unpacking the Privacy Paradox: Irrational Decision-Making within the Privacy Calculus , 2012, ICIS.

[55]  Charlie C. Chen,et al.  Intention to disclose personal information via mobile applications: A privacy calculus perspective , 2016, Int. J. Inf. Manag..

[56]  C. Morosan,et al.  Disclosing personal information via hotel apps: A privacy calculus perspective ☆ , 2015 .