Resolving the Misalignment between Consumer Privacy Concerns and Ubiquitous IS Design: The Case of Usage-based Insurance

Ubiquitous IS enables novel services and business models, yet require a careful balancing of consumer privacy concerns (PC) – induced by the provision of particular sensors and information types – with functional performance in order to maximize acceptance. For the exemplary case of Usage-based Insurance (UBI), this paper presents a design science approach to the mitigation of PC under parallel consideration of functional system performance. Based on long-term location trajectories from 1’600 vehicles, we assess the predictive power of emulated system designs that substitute location information, presumably the most privacy sensitive type of information in current UBI designs. We find that there are substantial grounds to challenge prevalent design paradigms in UBI and infer general insights from this example for IS researchers and IT professionals, who, when seeking to improve system privacy, often focus on privacy-enhancing technologies instead of considering the socio-technical context of ubiquitous IS.

[1]  L. G. Pee,et al.  Attenuating perceived privacy risk of location-based mobile services , 2011, ECIS.

[2]  Lorrie Faith Cranor,et al.  Engineering Privacy , 2009, IEEE Transactions on Software Engineering.

[3]  Ritu Agarwal,et al.  Adoption of Electronic Health Records in the Presence of Privacy Concerns: The Elaboration Likelihood Model and Individual Persuasion , 2009, MIS Q..

[4]  N. Nagelkerke,et al.  A note on a general definition of the coefficient of determination , 1991 .

[5]  Emiliano A. Valdez,et al.  Hierarchical Insurance Claims Modeling , 2008 .

[6]  D. Cox,et al.  A General Definition of Residuals , 1968 .

[7]  Andrew E. Fano,et al.  The future of business services in the age of ubiquitous computing , 2002, CACM.

[8]  Vlad Coroama,et al.  The Smart Tachograph - Individual Accounting of Traffic Costs and Its Implications , 2006, Pervasive.

[9]  Carmela Troncoso,et al.  PriPAYD: Privacy-Friendly Pay-As-You-Drive Insurance , 2011, IEEE Transactions on Dependable and Secure Computing.

[10]  Samir Chatterjee,et al.  A Design Science Research Methodology for Information Systems Research , 2008 .

[11]  Frédéric Thiesse,et al.  RFID, privacy and the perception of risk: A strategic framework , 2007, J. Strateg. Inf. Syst..

[12]  Florian Michahelles,et al.  GPS trajectory feature extraction for driver risk profiling , 2011, TDMA '11.

[13]  Marc Langheinrich,et al.  Privacy By Design , 2013, IEEE Pervasive Comput..

[14]  Todd Litman,et al.  DISTANCE-BASED VEHICLE INSURANCE AS A TDM STRATEGY , 1997 .

[15]  Marc Langheinrich,et al.  Privacy by Design - Principles of Privacy-Aware Ubiquitous Systems , 2001, UbiComp.

[16]  Frédéric Thiesse,et al.  On the Management Implications of Ubiquitous Computing: An IS Perspective , 2007, ECIS.

[17]  Bruno Jullien,et al.  Asymmetric information in insurance: general testable implications , 2006 .

[18]  Randall Guensler,et al.  Differences in observed speed patterns between crash-involved and crash-not-involved drivers: Application of in-vehicle monitoring technology , 2011 .

[19]  Regina Connolly,et al.  Empirical Research on Technology-Related Privacy Concerns: A Review and Critical Assessment , 2008, ECIS.

[20]  Alan R. Hevner,et al.  Design Science in Information Systems Research , 2004, MIS Q..

[21]  Yanjun Zuo A Holistic Approach for Security Requirement Specification for Low-Cost, Distributed Ubiquitous Systems , 2010, ICIS.

[22]  Hock-Hai Teo,et al.  Consumers' Privacy Concerns toward Using Location-Based Services: An Exploratory Framework and Research Proposal , 2005, ECIS.

[23]  Ninghui Li,et al.  End-User Privacy in Human–Computer Interaction , 2009 .

[24]  Jason I. Hong,et al.  End-User Privacy in Human-Computer Interaction , 2007, Found. Trends Hum. Comput. Interact..

[25]  Keng Siau,et al.  An Experimental Study on Ubiquitous commerce Adoption: Impact of Personalization and Privacy Concerns , 2008, J. Assoc. Inf. Syst..

[26]  Insu Park,et al.  International Conference on Information Systems ( ICIS ) 1-1-2009 The Study on The Relationship Between Privacy Concerns and Information Systems Effectiveness , 2013 .

[27]  Bianca Zadrozny,et al.  Learning and evaluating classifiers under sample selection bias , 2004, ICML.

[28]  Heng Xu,et al.  Examining the Formation of Individual's Privacy Concerns: Toward an Integrative View , 2008, ICIS.

[29]  Andrew J. Blumberg,et al.  VPriv: Protecting Privacy in Location-Based Vehicular Services , 2009, USENIX Security Symposium.

[30]  J. Phelps,et al.  Privacy Concerns and Consumer Willingness to Provide Personal Information , 2000 .

[31]  Martin Bichler,et al.  Design science in information systems research , 2006, Wirtschaftsinf..

[32]  Marco Gruteser,et al.  Framework for security and privacy in automotive telematics , 2002, WMC '02.

[33]  Haejung Yun,et al.  Extending UTAUT to Predict the Use of Location-Based Services , 2011, ICIS.

[34]  Ajay S. Vinze,et al.  Demand Heterogeneity in IT Infrastructure Services: Modeling and Evaluation of a Dynamic Approach to Defining Service Levels , 2009, Information systems research.

[35]  Tomer Toledo,et al.  In-vehicle data recorders for monitoring and feedback on drivers' behavior , 2008 .

[36]  Samsung Lim,et al.  Privacy Implications of Automated GPS Tracking and Profiling , 2010, IEEE Technology and Society Magazine.

[37]  Tamara Dinev,et al.  An Extended Privacy Calculus Model for E-Commerce Transactions , 2006, Inf. Syst. Res..

[38]  Richard Mayou,et al.  Psychiatric consequences of road traffic accidents. , 1993, BMJ.

[39]  Kar Yan Tam,et al.  Understanding the behavior of mobile data services consumers , 2008, Inf. Syst. Frontiers.

[40]  Varun Grover,et al.  Business Value of IT: An Essay on Expanding Research Directions to Keep up with the Times , 2008, J. Assoc. Inf. Syst..

[41]  Tommaso M. Valletti,et al.  Strategic Price Discrimination in Compulsory Insurance Markets , 2005 .

[42]  Robert E. Crossler,et al.  Privacy in the Digital Age: A Review of Information Privacy Research in Information Systems , 2011, MIS Q..

[43]  Hock-Hai Teo,et al.  AIS Electronic , 2013 .

[44]  Ronald Christensen,et al.  Log-Linear Models and Logistic Regression , 1997 .

[45]  Hock-Hai Teo,et al.  Alleviating Consumers' Privacy Concerns in Location-Based Services: A Psychological Control Perspective , 2004, ICIS.

[46]  E T Verhoef,et al.  Effects of Pay-As-You-Drive vehicle insurance on young drivers' speed choice: results of a Dutch field experiment. , 2011, Accident; analysis and prevention.

[47]  Karl Prince,et al.  Privacy Implications of Technology Innovation Processes , 2005, ICIS.

[48]  Tao Zhou,et al.  User Adoption of Location-based Services , 2011, Ind. Manag. Data Syst..

[49]  Peter Welzel,et al.  Reducing asymmetric information in insurance markets: Cars with black boxes , 2010, Telematics Informatics.

[50]  Hock-Hai Teo,et al.  The Role of Push-Pull Technology in Privacy Calculus: The Case of Location-Based Services , 2009, J. Manag. Inf. Syst..