Abstract
Although in the last years there has been a growing amount of research in the field of privacy-enhancing technologies (PETs), they are not yet widely adopted in practice. In this paper we discuss the socioeconomical aspects of how users and service providers make decisions about adopting PETs. The analysis is based on our experiences from the deployment of Privacy-respecting Attribute-based Credentials (Privacy-ABCs) in a real-world scenario. In particular, we consider the factors that affect the adoption of Privacy-ABCs as well as the cost and benefit trade-offs involved in their deployment and usage, as perceived by both parties.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
- 2.
m denotes mean value, \(\sigma \) denotes standard deviation.
- 3.
Understanding of the Technology factor will be discussed later in Sect. 3.3 for readability reasons.
- 4.
- 5.
- 6.
E.g., see the Internet Privacy Engineering Network initiative (https://secure.edps.europa.eu/EDPSWEB/edps/EDPS/IPEN).
- 7.
http://europa.eu/rapid/press-release_MEMO-14-186_de.htm last visited May 15th, 2015.
References
Acquisti, A.: Identity management, privacy, and price discrimination. IEEE Secur. Priv. 6(2), 46–50 (2008)
Acquisti, A.: The economics of personal data and the economics of privacy. Background Paper for OECD Joint WPISP-WPIE Roundtable 1 (2010)
Acquisti, A., Grossklags, J.: Privacy and rationality in individual decision making. IEEE Secur. Priv. 2, 24–30 (2005)
Benenson, Z., Girard, A., Krontiris, I.: User acceptance factors for anonymous credentials: an empirical investigation. In: Workshop on the Economics of Information Security (WEIS) (2015)
Benenson, Z., Girard, A., Krontiris, I., Liagkou, V., Rannenberg, K., Stamatiou, Y.: User acceptance of privacy-ABCs: an exploratory study. In: Tryfonas, T., Askoxylakis, I. (eds.) HAS 2014. LNCS, vol. 8533, pp. 375–386. Springer, Heidelberg (2014)
Bjones, R., Krontiris, I., Paillier, P., Rannenberg, K.: Integrating anonymous credentials with eIDs for privacy-respecting online authentication. In: Preneel, B., Ikonomou, D. (eds.) APF 2012. LNCS, vol. 8319, pp. 111–124. Springer, Heidelberg (2014)
Brands, S.: Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy. MIT Press, Cambridge (2000)
Camenisch, J., Van Herreweghen, E.: Design and implementation of the idemix anonymous credential system. In: Proceedings of the 9th ACM Conference on Computer and Communications Security (CCS 2002), pp. 21–30 (2002)
Cameron, K., Posch, R., Rannenberg, K.: Proposal for a common identity framework: A User-Centric Identity Metasystem. In: Rannenberg, K., Royer, D., Deuker, A. (eds.) The Future of Identity in the Information Society - Opportunities and Challenges. Springer (2009)
Davis, F.D.: Perceived usefulness, perceived ease of use, and user acceptance of information technology. MIS Q. 13(3), 319–340 (1989)
DiMaggio, P.J., Powell, W.W.: The iron cage revisited: institutional isomorphism and collective rationality in organizational fields. Am. Sociol. Rev. 48(2), 147–160 (1983)
Dinev, T., Hart, P.: Internet privacy concerns and social awareness as determinants of intention to transact. Int. J. Electron. Commer. 10(2), 7–29 (2006)
Economics, L.: Study on the Economic Benefits of Privacy-enhancing Technologies (PETs): Final Report to The European Commission, DG Justice, Freedom and Security. London Economics (2010)
Field, A.: Discovering Statistics Using IBM SPSS Statistics. Sage, London (2013)
Final Report to the European Commission DG Justice, Freedom and Security: Study on the economic benefits of privacy-enhancing technologies (PETs). Technical report, London Economics, July 2010
Fischer-Hübner, S., Hoofnagle, C., Krontiris, I., Rannenberg, K., Waidner, M.: Online privacy: towards informational self-determination on the internet (Dagstuhl Perspectives Workshop 11061). Dagstuhl Manifestos 1(1), 1–20 (2011)
Hansen, M., Bieker, F., Deibler, D., Obersteller, H., Schlehahn, E., Zwingelberg, H.: Legal data protection considerations. In: Rannenberg, K., Camenisch, J., Sabouri, A. (eds.) Attribute-based Credentials for Trust, pp. 143–161 (2015)
Herath, T., Chen, R., Wang, J., Banjara, K., Wilbur, J., Rao, H.R.: Security services as coping mechanisms: an investigation into user intention to adopt an email authentication service. Inf. Syst. J. 24(1), 61–84 (2014)
Iacovou, C.L., Benbasat, I., Dexter, A.S.: Electronic data interchange and small organizations: adoption and impact of technology. MIS Q. 19, 465–485 (1995)
Laudon, K.C.: Markets and privacy. Commun. ACM 39(9), 92–104 (1996)
McKnight, D.H., Carter, M., Thatcher, J.B., Clay, P.F.: Trust in a specific technology: an investigation of its components and measures. ACM Trans. Manage. Inf. Syst. (TMIS) 2(2), 12 (2011)
Nofer, M., Hinz, O., Muntermann, J., Roßnagel, H.: The economic impact of privacy violations and security breaches. Bus. Inf. Syst. Eng. 6(6), 339–348 (2014)
Patil, S., Patruni, B., Lu, H., Dunkerley, F., Fox, J., Potoglou, D., Robinson, N.: Public perception of security and privacy: results of the comprehensive analysis of PACT’s pan-european survey. Technical report, PACT EU Project Public Deliverable D4.2, June 2014
Pavlou, P.A.: Consumer acceptance of electronic commerce: integrating trust and risk with the technology acceptance model. Int. J. Electron. Commer. 7(3), 101–134 (2003)
Rogers Everett, M.: Diffusion of Innovations. Free Press, New York (1995)
Rubinstein, I.S.: Regulating privacy by design. Berkeley Technol. Law J. 26, 1409 (2011)
Sabouri, A.: Understanding the determinants of privacy-ABC technologies adoption by service providers. In: Proceedings of 14th IFIP WG 6.11 Conference on e-Business, e-Services, and e-Society, I3E 2015 Open and Big Data Management and Innovation, Delft, The Netherlands, 13–15 October 2015, vol. 9373 (2015)
Spiekermann, S.: User Control in Ubiquitous Computing: Design Alternatives and User Acceptance. Shaker, Aachen (2008)
Stamatiou, Y., Benenson, Z., Girard, A., Krontiris, I., Liagkou, V., Pyrgelis, A., Tesfay, W.: Course evaluation in higher education: the patras pilot of ABC4Trust. In: Rannenberg, K., Camenisch, J., Sabouri, A. (eds.) Attribute-based Credentials for Trust, pp. 197–239. Springer International Publishing (2015)
Sun, S.T., Pospisil, E., Muslukhov, I., Dindar, N., Hawkey, K., Beznosov, K.: What makes users refuse web single sign-on?: an empirical investigation of OpenID. In: Proceedings of the Seventh Symposium on Usable Privacy and Security, p. 4. ACM (2011)
Tornatzky, L.G., Fleischer, M., Chakrabarti, A.K.: Processes of Technological Innovation. Lexington Books, Lexington (1990)
Venkatesh, V., Bala, H.: Technology acceptance model 3 and a research agenda on interventions. Decis. Sci. 39(2), 273–315 (2008)
Venkatesh, V., Davis, F.D.: A theoretical extension of the technology acceptance model: four longitudinal field studies. Manage. Sci. 46(2), 186–204 (2000)
Venkatesh, V., Morris, M.G., Davis, G.B., Davis, F.D.: User acceptance of information technology: toward a unified view. MIS Q. 27, 425–478 (2003)
Venkatesh, V., Thong, J.Y., Xu, X.: Consumer acceptance and use of information technology: extending the unified theory of acceptance and use of technology. MIS Q. 36(1), 157–178 (2012)
Wästlund, E., Angulo, J., Fischer-Hübner, S.: Evoking comprehensive mental models of anonymous credentials. In: Camenisch, J., Kesdogan, D. (eds.) iNetSec 2011. LNCS, vol. 7039, pp. 1–14. Springer, Heidelberg (2012)
Wästlund, E., Wolkerstorfer, P., Köffel, C.: PET-USES: Privacy-enhancing technology-users self-estimation scale. In: Privacy and Identity Management for Life, pp. 266–274. Springer (2010)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Appendices
A Discussion on the Applicability of UTAUT and UTAUT2
Although UTAUT [34] and UTAUT2 [35] are more successful models than TAM in predicting technology acceptance, we identified TAM as being more suitable in the context of the Privacy-ABC trial.
TAM considers two main factors that influence user adoption: Perceived Usefulness (called Performance Expectancy in UTAUT) and Perceived Ease of Use (called Effort Expectancy in UTAUT). UTAUT extends TAM with one additional factor that directly influences intention to use the technology: Social Influence, which is the degree to which the user perceives that people whose opinion the user values believe that the user should use the technology.
We tested the influence of this factor in the first Privacy-ABC trial [5] and found no relation to the intention to use Privacy-ABCs. Therefore, we decided to drop this factor. We hypothesize that in the trial environment, this factor may not be applicable, as Privacy-ABCs are only known to the fellow students, and the usage in our scenario did not involve peer pressure (as this would be the case, for example, for social media).
These findings are consistent with the UTAUT and UTAUT2 investigations, where Social Influence was not found to be an important adoption factor, especially for younger users with high experience, as in our sample. We note, however, that for application of Privacy-ABCs in other scenarios and with other (older and less experienced) user populations, Social Influence may be considered.
Additionally, UTAUT considers some factors (age, gender, experience, voluntariness of use) that moderate the relation between the intention to use the systems and the main factors. Considering these moderators does not make sense in our case, however, as our sample is very homogeneous in this respect: The students are of very similar age and experience, all of them use the system voluntarily, and the overwhelming majority is male.
Similar non-applicability considerations apply to the UTAUT2 model that considers additional main acceptance factors: hedonic motivation (the user derives fun or pleasure from using the system), price value (the monetary cost of the system usage), and the habit in using the system.
B Measurement Scales for User Acceptance Factors
The constructs considered in this research are presented in Table 2 on page 18.
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this paper
Cite this paper
Krontiris, I., Benenson, Z., Girard, A., Sabouri, A., Rannenberg, K., Schoo, P. (2016). Privacy-ABCs as a Case for Studying the Adoption of PETs by Users and Service Providers. In: Berendt, B., Engel, T., Ikonomou, D., Le Métayer, D., Schiffner, S. (eds) Privacy Technologies and Policy. APF 2015. Lecture Notes in Computer Science(), vol 9484. Springer, Cham. https://doi.org/10.1007/978-3-319-31456-3_6
Download citation
DOI: https://doi.org/10.1007/978-3-319-31456-3_6
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-31455-6
Online ISBN: 978-3-319-31456-3
eBook Packages: Computer ScienceComputer Science (R0)