While there is a rich body of literature on user acceptance of technologies with positive outcomes, little is known about user behavior toward what we call protective technologies: information technologies that protect data and systems from disturbances such as viruses, unauthorized access, disruptions, spyware, and others. In this paper, we present the results of a study of user behavioral intention toward protective technologies based on the framework of the theory of planned behavior. We find that awareness of the threats posed by negative technologies is a strong predictor of user behavioral intention toward the use of protective technologies. More interestingly, in the presence of awareness, the influence of subjective norm on individual behavioral intention is weaker among basic technology users but stronger among advanced technology users. Furthermore, while our results are consistent with many of the previously established relationships in the context of positive technologies, we find that the determinants “perceived ease of use” and “computer self-efficacy” are no longer significant in the context of protective technologies. We believe that this result highlights the most significant difference between positive technologies and protective technologies: while the former are used for their designed utilities, for which usefulness and ease of use have a significant impact, the latter are used out of fear of negative consequences, for which awareness becomes a key determinant. We discussed the theoretical and practical implications of these findings. The findings of this study extend the theory of planned behavior to the context of protective technologies and shed insights on designing effective information security policies, practices, and protective technologies for organizations and society.
Read full abstract