Mobile users’ information privacy concerns and the role of app permission requests

Determining factors affecting the user's intention to disclose privacy in online health communities: a dual-calculus model

Background

As a new type of medical service application for doctor-patient interaction, online health communities (OHCs) have alleviated the imbalance between the supply and demand of medical resources in different regions and the problems of "difficult and expensive access to medical care", but also raised the concern of patients about the risk of disclosure of their health privacy information.

Methods

In this study, a dual-calculus model was developed to explore users' motivation and decision-making mechanism in disclosing privacy information in OHCs by combining risk calculus and privacy calculus theories.

Results

In OHCs, users' trust in physicians and applications is a prerequisite for their willingness to disclose health information. Meanwhile, during the privacy calculation, users' perceived benefits in OHCs had a positive effect on both trust in doctors and trust in applications, while perceived risks had a negative effect on both trusts in doctors and trust in applications. Furthermore, in the risk calculation, the perceived threat assessment in OHCs had a significant positive effect on perceived risk, while the response assessment had a significant negative effect on perceived risk, and the effect of users' trust in physicians far exceeded the effect of trust in applications. Finally, users' trust in physicians/applications is a mediating effect between perceived benefits/risks and privacy disclosure intentions.

Conclusion

We combine risk calculus and privacy calculus theories to construct a dual-calculus model, which divides trust into trust in physicians and trust in applications, in order to explore the intrinsic motivation and decision-making mechanism of users' participation in privacy disclosure in OHCs. On the one hand, this theoretically compensates for the fact that privacy computing often underestimates perceived risk, complements the research on trust in OHCs, and reveals the influencing factors and decision transmission mechanisms of user privacy disclosure in OHCs. On the other hand, it also provides guidance for developing reasonable privacy policies and health information protection mechanisms for platform developers of OHCs.

Spatial and social disparities in the decline of activities during the COVID-19 lockdown in Greater London

We use data on human mobility obtained from mobile applications to explore the activity patterns in the neighbourhoods of Greater London as they emerged from the first wave of COVID-19 lockdown restrictions during summer 2020 and analyse how the lockdown guidelines have exposed the socio-spatial fragmentation between urban communities. The location data are spatially aggregated to 1 km2 grids and cross-checked against publicly available mobility metrics (e.g. Google COVID-19 Community Report, Apple Mobility Trends Report). They are then linked to geodemographic classifications to compare the average decline of activities in the areas with different sociodemographic characteristics. We found that the activities in the deprived areas dominated by minority groups declined less compared to the Greater London average, leaving those communities more exposed to the virus. Meanwhile, the activity levels declined more in affluent areas dominated by white-collar jobs. Furthermore, due to the closure of non-essential stores, activities declined more in premium shopping destinations and less in suburban high streets.

Persuading Patients Using Rhetoric to Improve Artificial Intelligence Adoption: Experimental Study

BACKGROUND

Artificial intelligence (AI) can transform health care processes with its increasing ability to translate complex structured and unstructured data into actionable clinical decisions. Although it has been established that AI is much more efficient than a clinician, the adoption rate has been slower in health care. Prior studies have pointed out that the lack of trust in AI, privacy concerns, degrees of customer innovativeness, and perceived novelty value influence AI adoption. With the promotion of AI products to patients, the role of rhetoric in influencing these factors has received scant attention.

OBJECTIVE

The main objective of this study was to examine whether communication strategies (ethos, pathos, and logos) are more successful in overcoming factors that hinder AI product adoption among patients.

METHODS

We conducted experiments in which we manipulated the communication strategy (ethos, pathos, and logos) in promotional ads for an AI product. We collected responses from 150 participants using Amazon Mechanical Turk. Participants were randomly exposed to a specific rhetoric-based advertisement during the experiments.

RESULTS

Our results indicate that using communication strategies to promote an AI product affects users' trust, customer innovativeness, and perceived novelty value, leading to improved product adoption. Pathos-laden promotions improve AI product adoption by nudging users' trust (n=52; β=.532; P<.001) and perceived novelty value of the product (n=52; β=.517; P=.001). Similarly, ethos-laden promotions improve AI product adoption by nudging customer innovativeness (n=50; β=.465; P<.001). In addition, logos-laden promotions improve AI product adoption by alleviating trust issues (n=48; β=.657; P<.001).

CONCLUSIONS

Promoting AI products to patients using rhetoric-based advertisements can help overcome factors that hinder AI adoption by assuaging user concerns about using a new AI agent in their care process.

Trust and digital privacy: willingness to disclose personal information to banking chatbot services

This study explored digital privacy concerns in the use of chatbots as a digital banking service. Three dimensions of trust were tested in relation to user self-disclosure in order to better understand the consumer-chatbot experience in banking. The methodology selected for this research study followed a conclusive, pre-experimental, two-group one-shot case study research design which made use of a non-probability snowballing sampling technique. Privacy concerns were found to have a significantly negative relationship with user self-disclosure in both treatment groups. Respondents exposed to their preferred banking brand experienced lower user self-disclosure and brand trust than those exposed to a fictitious banking brand within the South African context. It is recommended that companies using chatbots focus on easing privacy concerns and build foundations of trust. The gains that chatbots have made in the form of increased productivity and quality of customer service rely on relationships with users who need to disclose personal information. Through this study, we concluded that, despite its power to influence decision-making, the power of a brand is not enough for consumers to considerably increase self-disclosure. Rather, a bridge of trust (through education, communication and product development) is needed that encompasses all three elements of trust, which are brand trust, cognitive trust and emotional trust. Limited research exists on the relationship between financial services marketing and chatbot adoption. Thus, this study addressed a theoretical gap, by adding brand trust to existing studies on cognitive and emotional trust regarding user self-disclosure.

Drivers behind the public perception of artificial intelligence: insights from major Australian cities

Artificial intelligence (AI) is not only disrupting industries and businesses, particularly the ones have fallen behind the adoption, but also significantly impacting public life as well. This calls for government authorities pay attention to public opinions and sentiments towards AI. Nonetheless, there is limited knowledge on what the drivers behind the public perception of AI are. Bridging this gap is the rationale of this paper. As the methodological approach, the study conducts an online public perception survey with the residents of Sydney, Melbourne, and Brisbane, and explores the collected survey data through statistical analysis. The analysis reveals that: (a) the public is concerned of AI invading their privacy, but not much concerned of AI becoming more intelligent than humans; (b) the public trusts AI in their lifestyle, but the trust is lower for companies and government deploying AI; (c) the public appreciates the benefits of AI in urban services and disaster management; (d) depending on the local context, public perceptions vary; and (e) the drivers behind the public perception include gender, age, AI knowledge, and AI experience. The findings inform authorities in developing policies to minimise public concerns and maximise AI awareness.

The privacy and control paradoxes in the context of smartphone apps

This research examines how various factors, such as the degree of e-privacy concerns and control over data access permissions, can influence a user's intention to install a smartphone app. We conducted two survey-based experiments with 441 participants. In each experiment, we manipulated the degree of control over the number and type of data access permissions granted to different fictional apps. In Study 1, participants were informed about the set of permissions the apps required. In Study 2, participants indicated which individual permissions they were willing to grant to the apps. In both experiments, we assessed the level of e-privacy concerns, perceived app importance, and the intention to install the apps. The results suggest that the type of app plays a central role in determining both the perceived benefit of installing the app and the level of e-privacy concerns. The intention to install an app is more strongly associated with perceived app importance than with e-privacy concerns (especially when app importance is high, and users have explicit control over which specific data access permissions they want to grant). The implications of these results are discussed regarding psychological factors involved in app installation decision-making process and the importance of promoting data protection by design.

Understanding social media users’ privacy-protection behaviors

Purpose

This study aims to identify the roles that privacy experiences and social media use play in influencing privacy-protection behaviors. As social media use expands in terms of the number of users and functionality; it is important to understand social media user privacy-protection behaviors and the users’ psychological underpinnings driving those behaviors. Among these, perceptions are the users’ evaluation of their privacy concerns and data sharing benefits inherent in social media use which influence the users’ behaviors to protect their privacy.

Design/methodology/approach

To research these issues, a theoretical model and hypotheses were developed, based on self-efficacy theory. The theoretical model was empirically tested using 193 questionnaire responses collected from students enrolled in business courses at a medium-sized university in the western USA. All the respondents reported that they routinely use social media. The empirical analysis was performed using structural equations modeling in PC SAS version 9.4, procedure Calis.

Findings

The estimation of the paths in the structural model indicates that privacy concerns positively influence social media users’ protection behaviors while the perceived benefits of data sharing negatively influence protection behaviors. Privacy experience positively influences privacy concerns. Alternatively, social media use positively influences social media self-efficacy and perceived usefulness, which, in turn, have meaningful influences on data sharing benefits.

Originality/value

Previous findings about the effect of self-efficacy on protection behaviors has been inconclusive. This study adds some clarity. Specifically, the findings suggest that the effect depends upon the foci of self-efficacy. While higher self-efficacy with respect to using privacy-related features of a specific technology tends to lead to greater privacy concerns, higher self-efficacy with respect to the more general technology (e.g. social media, computer) seems to affect protection behaviors through perceived benefits. Further, the results of this study offer conclusions about the roles that privacy experiences, social media use and perceived social media benefits play in affecting protection behaviors.

Mobile app users' privacy concerns: different heuristics for privacy assurance statements in the EU and China

Purpose

As mobile apps request permissions from users, protecting mobile users' personal information from being unnecessarily collected and misused becomes critical. Privacy regulations, such as General Data Protection Regulation in the European Union (EU), aim to protect users' online information privacy. However, one’s understanding of whether these regulations effectively make mobile users less concerned about their privacy is still limited. This work aims to study mobile users' privacy concerns towards mobile apps by examining the effects of general and specific privacy assurance statements in China and the EU.

Design/methodology/approach

Drawing on ecological rationality and heuristics theory, an online experiment and a follow-up validation experiment were conducted in the EU and China to examine the effects of privacy assurance statements on mobile users' privacy concerns.

Findings

When privacy regulation is presented, the privacy concerns of Chinese mobile users are significantly lowered compared with EU mobile users. This indicates that individuals in the two regions react differently to privacy assurances. However, when a general regulation statement is used, no effect is observed. EU and Chinese respondents remain unaffected by general assurance statements.

Originality/value

This study incorporates notions from fast and frugal heuristics end ecological rationality – where seemingly irrational decisions may make sense in different societal contexts.

Breaking the Data Value-Privacy Paradox in Mobile Mental Health Systems Through User-Centered Privacy Protection: A Web-Based Survey Study

BACKGROUND

Mobile mental health systems (MMHS) have been increasingly developed and deployed in support of monitoring, management, and intervention with regard to patients with mental disorders. However, many of these systems rely on patient data collected by smartphones or other wearable devices to infer patients' mental status, which raises privacy concerns. Such a value-privacy paradox poses significant challenges to patients' adoption and use of MMHS; yet, there has been limited understanding of it.

OBJECTIVE

To address the significant literature gap, this research aims to investigate both the antecedents of patients' privacy concerns and the effects of privacy concerns on their continuous usage intention with regard to MMHS.

METHODS

Using a web-based survey, this research collected data from 170 participants with MMHS experience recruited from online mental health communities and a university community. The data analyses used both repeated analysis of variance and partial least squares regression.

RESULTS

The results showed that data type (P=.003), data stage (P<.001), privacy victimization experience (P=.01), and privacy awareness (P=.08) have positive effects on privacy concerns. Specifically, users report higher privacy concerns for social interaction data (P=.007) and self-reported data (P=.001) than for biometrics data; privacy concerns are higher for data transmission (P=.01) and data sharing (P<.001) than for data collection. Our results also reveal that privacy concerns have an effect on attitude toward privacy protection (P=.001), which in turn affects continuous usage intention with regard to MMHS.

CONCLUSIONS

This study contributes to the literature by deepening our understanding of the data value-privacy paradox in MMHS research. The findings offer practical guidelines for breaking the paradox through the design of user-centered and privacy-preserving MMHS.

Validating an information privacy governance questionnaire to measure the perception of employees

Purpose

This study aims to conduct a survey in a bank to measure the perception of employees towards the effective governance of information privacy and at the same time validating the information privacy governance questionnaire (IPGQ) used in this study.

Design/methodology/approach

A quantitative research approach was followed using an online survey questionnaire to collect data in a bank in South Africa.

Findings

The survey results showed that employees perceived the governance of privacy in the organisation in a positive way. Three significant differences were identified, namely, Generation-Y being significantly more positive than Generation-X regarding privacy control assessment. Also, that the contractor/vendor group was significantly more positive than permanent employees regarding organisational commitment and privacy control assessment. Exploratory factor analysis was used to validate the IPGQ and four factors were identified: privacy control assessment, personal information awareness assessment, privacy governance reporting and organisational commitment towards privacy. Cronbach’s alpha was used to establish the internal reliability of the factors and indicated good internal consistency.

Research limitations/implications

One of the potential empirical research limitations for this study is that the study was conducted in a single organisation; therefore, when generalising the results, caution must be taken.

Practical implications

Organisations, academics and the industry may find the questionnaire useful to determine employee perception towards privacy governance and to identify recommendations that could be used to improve their privacy policies, privacy programme controls and organisational commitment towards privacy. In this study, it was identified that for Generation-X employees to be more accepting towards the privacy controls, the organisation needs to implement focussed awareness training for them. To ensure permanent employees’ commitment and accountability, internal audits, monitoring and risk assessment measures need to be implemented. These can be directed through the outcomes of the survey.

Originality/value

The IPGQ can aid organisations in determining if they are governing privacy effectively, and thus assist them in meeting the accountability condition of data protection regulation.

Examining the factors influencing college students’ continuance intention to use short-form video APP

Purpose

The purpose of this study is to explore the effects of recommendation algorithm, product reputation, new product novelty, privacy concern and privacy protection behavior on users’ satisfaction and continuance intention to use short-form video application (APP).

Design/methodology/approach

Based on the existing theories, the research model of this study was developed and 445 valid data were collected through a questionnaire survey. The partial least squares structural equation modeling (PLS-SEM) was employed for data analysis to test the research model and hypotheses.

Findings

The results reveal that the recommendation algorithm has a significant positive effect on user satisfaction, new product novelty and privacy concern. The influence of recommendation algorithm on privacy concern is negatively moderated by product reputation. Privacy concern has a significant and positive impact on privacy protection behavior, and privacy protection behavior has a significant and positive impact on user satisfaction. New product novelty also has significant impact on user satisfaction.

Originality/value

This study is one of the earliest studies to incorporate recommendation algorithm as a construct into the college students’ continuance intention to use short-form video APP. The influence of reputation as a moderator variable on the relationship between algorithm and privacy concerns is also investigated.

What Drives Authorization in Mobile Applications? A Perspective of Privacy Boundary Management

Personal information has been likened to “golden data”, which companies have chased using every means possible. Via mobile apps, the incidents of compulsory authorization and excessive data collection have evoked privacy concerns and strong repercussions among app users. This manuscript proposes a privacy boundary management model, which elaborates how such users can demarcate and regulate their privacy boundaries. The survey data came from 453 users who authorized certain operations through mobile apps. The partial least squares (PLS) analysis method was used to validate the instrument and the proposed model. Results indicate that information relevance and transparency play a significant role in shaping app users’ control–risk perceptions, while government regulation is more effective than industry self-discipline in promoting the formation of privacy boundaries. Unsurprisingly, privacy risk control perceptions significantly affect users’ privacy concerns and trust beliefs, which are two vital factors that ultimately influence their willingness to authorize. The implications of conducting a thorough inquiry into app users’ willingness to authorize their privacy information are far-reaching. In relation to this, app vendors should probe into the privacy-relevant beliefs of their users and enact effective privacy practices to intercept the economic and reputational damages induced by improper information collection. More significantly, a comprehensive understanding of users’ willingness to authorize their information can serve as an essential reference for relevant regulatory bodies to formulate reasonable privacy protection policies in the future.

Impact of privacy policy content on perceived effectiveness of privacy policy: the role of vulnerability, benevolence and privacy concern

Purpose

This study examines how the different dimensions of a privacy policy separately influence perceived effectiveness of privacy policy, as well as the mediating mechanisms behind these effects (i.e. vulnerability, benevolence). In addition, this study considers privacy concern as a significant moderator in the research model, to examine if the relative influences of privacy policy content are contingent upon levels of users' privacy concern.

Design/methodology/approach

The survey experiment was conducted to empirically validate the model. Specifically, three survey experiments and six scenarios were designed to manipulate high and low levels of the three privacy policy dimensions (i.e. transparency, control and protection). The authors totally distributed 450 copies of the questionnaire, of which 407 were valid.

Findings

This paper found that (1) all the three privacy policy dimensions directly influence perceived effectiveness of privacy policy; (2) all the three privacy policy dimensions indirectly influence perceived effectiveness of privacy policy by enhancing perceived corporate benevolence, whereas control also affects perceived effectiveness of privacy policy by reducing perceived vulnerability; and (3) individuals with high-privacy concern are much more impacted by privacy policy contents than individuals with low-privacy concern.

Practical implications

The findings could provide website managers with guidelines on how to design privacy policy contents by reducing user perceptions of vulnerability and enhancing user perceptions of corporate benevolence. The managers need to focus on customers' perceived vulnerability and corporate benevolence when launching or updating privacy policies. Furthermore, the managers also need to attend to users' privacy concerns, especially for multinational companies or companies with specific consumer groups.

Originality/value

This study extends the current privacy policy literature by articulating the separate influences of the three privacy policy dimensions and their impact mechanisms on perceived effectiveness of privacy policy. It also uncovers privacy concerns as a boundary condition that influence the effects of privacy policy contents on users' privacy perceptions.

A Privacy Preservation Quality of Service (QoS) Model for Data Exposure in Android Smartphone Usage

An Android smartphone contains built-in and externally downloaded applications that are used for entertainment, finance, navigation, communication, health and fitness, and so on. The behaviour of granting permissions requested by apps might expose the Android smartphone user to privacy risks. The existing works lack a formalized mathematical model that can quantify user and system applications risks. No multifaceted data collector tool can also be used to monitor the collection of user data and the risk posed by each application. A benchmark of the risk level that alerts the user and distinguishes between acceptable and unacceptable risk levels in Android smartphone user does not exist. Hence, to address privacy risk, a formalized privacy model called PRiMo that uses a tree structure and calculus knowledge is proposed. An App-sensor Mobile Data Collector (AMoDaC) is developed and implemented in real life to analyse user data accessed by mobile applications through the permissions granted and the risks involved. A benchmark is proposed by comparing the proposed PRiMo outcome with the existing available testing metrics. The results show that Tools & Utility/Productivity applications posed the highest risk as compared to other categories of applications. Furthermore, 29 users faced low and acceptable risk, while two users faced medium risk. According to the benchmark proposed, users who faced risks below 25% are considered as safe. The effectiveness and accuracy of the proposed work is 96.8%.

Public acceptance of privacy-encroaching policies to address the COVID-19 pandemic in the United Kingdom

The nature of the COVID-19 pandemic may require governments to use privacy-encroaching technologies to help contain its spread. One technology involves co-location tracking through mobile Wi-Fi, GPS, and Bluetooth to permit health agencies to monitor people's contact with each other, thereby triggering targeted social-distancing when a person turns out to be infected. The effectiveness of tracking relies on the willingness of the population to support such privacy encroaching measures. We report the results of two large surveys in the United Kingdom, conducted during the peak of the pandemic, that probe people's attitudes towards various tracking technologies. The results show that by and large there is widespread acceptance for co-location tracking. Acceptance increases when the measures are explicitly time-limited and come with opt-out clauses or other assurances of privacy. Another possible future technology to control the pandemic involves "immunity passports", which could be issued to people who carry antibodies for the COVID-19 virus, potentially implying that they are immune and therefore unable to spread the virus to other people. Immunity passports have been considered as a potential future step to manage the pandemic. We probe people's attitudes towards immunity passports and find considerable support overall, although around 20% of the public strongly oppose passports.

“What about users?”: Development and validation of the mobile information security awareness scale (MISAS)

Purpose

The current study aimed to develop and validate Mobile Information Security Awareness Scale (MISAS) based on the prototype model for measuring information security awareness and the relevant literature.

Design/methodology/approach

The scale was developed and validated with the participation of 562 students from four universities. The construct validity of the scale was tested through exploratory factor analysis and confirmatory factor analysis.

Findings

The reliability of the scale was tested through corrected item-total correlations and Cronbach alpha. The MISAS includes six factors and 17 items. The identified factors were labeled as backup, instant messaging and navigation, password protection, update, access permission and using others' devices.

Research limitations/implications

The scale included only the human aspects of mobile information security. The technical aspects are not within the scope of this study. For this reason, future studies might develop and validate a different scale focusing on the technical aspects of mobile information security.

Originality/value

The developed scale contributes to the literature on the human aspects of mobile information security.

Why people need privacy? The role of privacy fatigue in app users' intention to disclose privacy: based on personality traits

Purpose

Mobile Applications (App) privacy has become a prominent social problem. Compared with privacy concerns, this study examines a relatively novel concept of privacy fatigue and explores its effect on the users’ intention to disclose their personal information via mobile Apps. In addition, the personality traits are proposed as antecedents that will induce the personal perception of privacy fatigue and privacy concerns differently.

Design/methodology/approach

Data were collected from 426 respondents. Structure equation modeling was used to test the hypotheses.

Findings

The findings describe that App users’ intention toward personal information disclosure is determined by privacy fatigue and privacy concerns, but the former has a greater impact. With minor exceptions, the two factors are also influenced by different personality traits. Specifically, neuroticism has positive effects on privacy fatigue, but agreeableness and extraversion have presented the opposite results on the two variables.

Practical implications

This research is very scarce to examine the joint effects of privacy fatigue, privacy concerns and personality traits on App users’ disclosing intention. In doing so, these results will be of benefit to App providers and platform managers and can be the basis for a variety of follow-up studies.

Originality/value

While previous research just focuses on privacy concerns, this study explores the critical roles of privacy fatigue and opens up a new avenue of emotion-attitude analysis that can further increase the specificity and richness of users’ privacy research. Additionally, implications for personality traits as antecedents in the impact of App users’ privacy emotions and attitudes are discussed.

Digital technology adoption scale in the blended learning context in higher education: Development, validation and testing of a specific tool

The main aim of the present study was to develop, validate and test an extended Technology Acceptance Model (TAM) that contributes to the overall understanding of students' intention to use digital tools in a blended learning context of higher education. The external bidimensional factor of familiarity with digital tools, which is not usually explained by the TAM, was included, and evaluated. Following a four-stage scale development technique, a seven-dimensional 25-item survey was developed, which includes two external correlated variables: familiarity with high-tech digital tools and familiarity with traditional digital tools, two mediator variables—computer anxiety, and perceived barriers, and three response variables, perceived usefulness, perceived ease of use and intention to use. The initial version of the survey was administered on 250 undergraduate students. Next, for another sample of 206 students, latent dimensions of the survey were tested using exploratory factor analysis. The structure of the survey was validated in two other subsequent stages with one sample of 262 responses of undergraduates and one of 310 responses of master's students from two different universities. All students who agreed to participate in research attended blended learning. The validity, reliability and invariance of the instrument were established by psychometric analyses. Collected data indicated that the survey has an adequate multifactorial structure that is reliable and invariant across degree levels. The scale is recommended for use in higher education studies targeting the promotion of blended learning and reduction of negative attitudes of learners toward digital instruments, supporting university professors to select their own efficient way to teach.