I always feel like something is watchin’ me, and I have no privacy – Privacy Calculus and Data-Tracking as Determinants of IoT-Acceptance

Abstract

The growing deployment of interconnected technology from the Internet of Thins (IoT) is increasingly challenging the common understanding of privacy. The interdependencies between users’ psychological mechanisms, technical dynamics of IoT and context-specific factors require a profound evaluation of privacy-related perceptions and behaviors under consideration of user-centric and system-based perspectives. The present dissertation contributes to the burgeoning research on privacy in the framework of IoT and aims at providing valuable insights regarding the acceptance of interconnected technologies. For this purpose, the thesis first reflects on relevant theoretical foundations including the privacy calculus theory, privacy concerns and the selective control of information from the socio-psychological perspective. Additionally, a new differentiation of the human and the technological levels of privacy is suggested in this work as a result of a combinatory approach from existing privacy theories. Against the background of privacy-related characteristics in IoT environments, particular challenges of empirical investigations of IoT are addressed. The present cumulus comprises three empirical studies, which provide results on the investigation of privacy calculus in three different fields of IoT application – smart home, healthcare and workplace. The examination of IoT in different contexts confirms that privacy calculus can be transferred as a theoretical basis for investigations of IoT as people weigh perceived risks against anticipated gratifications prior to their decision to use and accept a particular IoT device. However, given the limited possibilities of IoT users to control data collection, data processing or inferencing of information from sensor data, it is assumed that the outcome of privacy calculus in the framework of interconnected technologies changes towards a binary decision: to accept or reject a particular IoT device. Furthermore, the contextual perspective contributes to the identification of situation-specific factors of IoT deployment. The overarching discussion addresses the growing debate around privacy threatening technologies and, in addition to a critical reflection of the privacy calculus, elaborates on extensions of current privacy theories as a result of the adoption of IoT technology. Following theoretical considerations and the results of the three scientific articles, which constitute the present thesis, practical implications are provided with the aim to strengthen informational self-determination of individuals through legislation or a more profound consideration of user privacy in the development process of IoT products and services. Moreover, ethical implications suggest different approaches on how to deal with issues regarding discrimination or injustice as possible consequences of IoT dissemination. Finally, an outlook for future research on privacy in the framework of IoT is provided.