Yes, Firms have my Data but What does IT Matter? Measuring Privacy Risks

In their daily lives, individuals continuously encounter situations where they disclose personal information online. While individuals can largely benefit from personalized, convenient service offerings, many people are at the same time concerned about an invasion of their information privacy based on how organisations access and handle their data. Although we know that specific feared consequences shape our behaviour, little attention has been paid to which noticeable privacy risks can arise for individuals when their privacy is invaded. We differentiate between seven types of negative consequences that individuals perceive if their privacy is invaded, namely physical, social, resource-related, psychological, prosecution-related, career-related, and freedom-related risks. In a comprehensive and rigorous scale development process, we validate scales for our multidimensional privacy risk construct following the approach of MacKenzie et al. (2011). Based on several steps of qualitative and quantitative assessment, we demonstrate the reliability, validity, and usefulness of our measurement instrument.

[1]  William Lewis,et al.  Does PLS Have Advantages for Small Sample Size or Non-Normal Data? , 2012, MIS Q..

[2]  Michael D. Buhrmester,et al.  Amazon's Mechanical Turk , 2011, Perspectives on psychological science : a journal of the Association for Psychological Science.

[3]  Wynne W. Chin,et al.  When Imprecise Statistical Statements Become Problematic: A Response to Goodhue, Lewis, and Thompson , 2012, MIS Q..

[4]  William Lewis,et al.  PLS, Small Sample Size, and Statistical Power in MIS Research , 2006, Proceedings of the 39th Annual Hawaii International Conference on System Sciences (HICSS'06).

[5]  Ramnath K. Chellappa,et al.  Personalization versus Privacy: An Empirical Examination of the Online Consumer’s Dilemma , 2005, Inf. Technol. Manag..

[6]  G. Walsh,et al.  Consumer Fear of Online Identity Theft: Scale Development and Validation , 2015 .

[7]  Tamara Dinev,et al.  An Extended Privacy Calculus Model for E-Commerce Transactions , 2006, Inf. Syst. Res..

[8]  Marko Sarstedt,et al.  Partial least squares structural equation modeling (PLS-SEM): An emerging tool in business research , 2014 .

[9]  Elgar Fleisch,et al.  Blissfully ignorant: the effects of general privacy concerns, general institutional trust, and affect in the privacy calculus , 2015, Inf. Syst. J..

[10]  Norman A. Johnson,et al.  Personality traits and concern for privacy: an empirical study in the context of location-based services , 2008, Eur. J. Inf. Syst..

[11]  V. Mitchell Consumer perceived risk: conceptualisations and models , 1999 .

[12]  Heng Xu,et al.  Information Privacy Research: An Interdisciplinary Review , 2011, MIS Q..

[13]  Rolph E. Anderson,et al.  Multivariate Data Analysis (7th ed. , 2009 .

[14]  Vincenzo Russo,et al.  Privacy calculus model in e-commerce – a study of Italy and the United States , 2006, Eur. J. Inf. Syst..

[15]  R. Bies,et al.  Consumer Privacy: Balancing Economic and Justice Considerations , 2003 .

[16]  Kai Lung Hui,et al.  Overcoming Online Information Privacy Concerns: An Information-Processing Theory Approach , 2007, J. Manag. Inf. Syst..

[17]  K. Grønhaug,et al.  Perceived Risk: Further Considerations for the Marketing Discipline , 1993 .

[18]  Cheryl Burke Jarvis,et al.  A Critical Review of Construct Indicators and Measurement Model Misspecification in Marketing and Consumer Research , 2003 .

[19]  H. Jeff Smith,et al.  Information Privacy: Measuring Individuals' Concerns About Organizational Practices , 1996, MIS Q..

[20]  Marko Sarstedt,et al.  Advanced Issues in Partial Least Squares Structural Equation Modeling , 2017 .

[21]  Daniel J. Veit,et al.  Adverse consequences of access to individuals’ information: an analysis of perceptions and the scope of organisational influence , 2017, Eur. J. Inf. Syst..

[22]  Yuan Li,et al.  The impact of disposition to privacy, website reputation and website familiarity on information privacy concerns , 2014, Decis. Support Syst..

[23]  Izak Benbasat,et al.  A Comprehensive Model of Perceived Risk of E-Commerce Transactions , 2010, Int. J. Electron. Commer..

[24]  S. Day,et al.  Survey Questions: Handcrafting the Standardized Questionnaire. , 1987 .

[25]  Richard D. Johnson,et al.  Concern for Information Privacy and Online Consumer Purchasing , 2006, J. Assoc. Inf. Syst..

[26]  Izak Benbasat,et al.  Development of an Instrument to Measure the Perceptions of Adopting an Information Technology Innovation , 1991, Inf. Syst. Res..

[27]  Xin Luo,et al.  Examining multi-dimensional trust and multi-faceted risk in initial acceptance of emerging technologies: An empirical study of mobile banking services , 2010, Decis. Support Syst..

[28]  G. Dowling Perceived risk: The concept and its measurement , 1986 .

[29]  James Y. L. Thong,et al.  Internet Privacy Concerns: An Integrated Conceptualization and Four Empirical Studies , 2013, MIS Q..

[30]  J. Jacoby,et al.  The Components of Perceived Risk , 1972 .

[31]  D. F. Blankertz,et al.  Risk taking and information handling in consumer behavior , 1969 .

[32]  Sherry D. Ryan,et al.  Influence of Social Context and Affect on Individuals' Implementation of Information Security Safeguards , 2009, ICIS.

[33]  Paul Jen-Hwa Hu,et al.  Role of Affect in Self-Disclosure on Social Network Websites: A Test of Two Competing Models , 2015, J. Manag. Inf. Syst..

[34]  Straub,et al.  Editor's Comments: An Update and Extension to SEM Guidelines for Administrative and Social Science Research , 2011 .

[35]  Hock-Hai Teo,et al.  The Role of Push-Pull Technology in Privacy Calculus: The Case of Location-Based Services , 2009, J. Manag. Inf. Syst..

[36]  Heng Xu,et al.  Information privacy and correlates: an empirical attempt to bridge and distinguish privacy-related concepts , 2013, Eur. J. Inf. Syst..

[37]  Rathindra Sarathy,et al.  Understanding Online Information Disclosure As a Privacy Calculus Adjusted by Exchange Fairness , 2007, ICIS.

[38]  Robert E. Crossler,et al.  Privacy in the Digital Age: A Review of Information Privacy Research in Information Systems , 2011, MIS Q..

[39]  Paul A. Pavlou,et al.  Predicting E-Services Adoption: A Perceived Risk Facets Perspective , 2002, Int. J. Hum. Comput. Stud..

[40]  C. Fornell,et al.  Evaluating structural equation models with unobservable variables and measurement error. , 1981 .

[41]  Moez Limayem,et al.  Data Collection in the Digital Age: Innovative Alterantives to Student Samples , 2014, MIS Q..

[42]  Scott B. MacKenzie,et al.  Construct Measurement and Validation Procedures in MIS and Behavioral Research: Integrating New and Existing Techniques , 2011, MIS Q..

[43]  J. Nunnally Psychometric Theory (2nd ed), New York: McGraw-Hill. , 1978 .

[44]  Tara S. Behrend,et al.  The viability of crowdsourcing for survey research , 2011, Behavior research methods.

[45]  Naresh K. Malhotra,et al.  Internet Users' Information Privacy Concerns (IUIPC): The Construct, the Scale, and a Causal Model , 2004, Inf. Syst. Res..

[46]  Sarah Spiekermann,et al.  Online social networks: why we disclose , 2010, J. Inf. Technol..

[47]  M. S. Cunningham The Major Dimensions of Perceived Risk , 1967 .