Abstract
Understanding user privacy expectations is important and challenging. General Data Protection Regulation (GDPR) for instance requires companies to assess user privacy expectations. Existing privacy literature has largely considered privacy expectation as a single-level construct. We show that it is a multi-level construct and people have distinct types of privacy expectations. Furthermore, the types represent distinct levels of user privacy, and, hence, there can be an ordering among the types. Inspired by expectations-related theory in non-privacy literature, we propose a conceptual model of privacy expectation with four distinct types – Desired, Predicted, Deserved and Minimum. We validate our proposed model using an empirical within-subjects study that examines the effect of privacy expectation types on participant ratings of privacy expectation in a scenario involving collection of health-related browsing activity by a bank. Results from a stratified random sample (N = 1,249), representative of United States online population (±2.8%), confirm that people have distinct types of privacy expectations. About one third of the population rates the Predicted and Minimum expectation types differently, and differences are more pronounced between younger (18–29 years) and older (60+ years) population. Therefore, studies measuring privacy expectations must explicitly account for different types of privacy expectations.
Highlights
Internet, mobile applications and Internet-of-Things technologies have enabled collection and use of unprecedented amount of user data
Inspired by the work in Consumer Satisfaction/Dissatisfaction and service quality domains, in this work, we propose a conceptual model for privacy expectation as a multi-level construct
We proposed a conceptual model of privacy expectation with Desired, Deserved, Predicted, and Minimum types, and ordering among the types
Summary
Mobile applications and Internet-of-Things technologies have enabled collection and use of unprecedented amount of user data. Share and combine large amount of user data including sensitive data related to personal health, income and religion (Rao et al, 2014) Such data practices often violate users’ privacy expectations regarding products and services (Lin et al, 2012; Martin and Shilton, 2016b; Rao et al, 2016). Empirical studies that measure privacy expectations (Lin et al, 2012; Martin and Shilton, 2016a,b) have largely considered privacy expectation as a single-level construct. Inspired by the work in Consumer Satisfaction/Dissatisfaction and service quality domains, in this work, we propose a conceptual model for privacy expectation as a multi-level construct.
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
