Abstract
Trust is a crucial factor for the information sharing continuance on the Internet, such as on social networks and e-commerce websites. Various studies show that many users do not trust the websites with respect to the use of their private data. Similarly, they find it unfair that their data is used to generate revenue by online service without their knowledge or without their earning from this.
In this paper, we take as main assumptions that the control of their private data as well as caring about user interests would restore their trust. Based on an empirical model, we conducted a study of user trust by offering them the possibility to adhere to a new model of privacy policy. Conventional privacy policies confront the user with a dilemma of either fully accepting all the terms and losing control of their data, or rejecting the content of the policy and not being allowed access to the service. The privacy policy presented in this paper allows users to manage access and use of their data, and also to be rewarded.
The results indicate that caring about user interests is the main factor influencing trust. Private data Control, which is greatly influenced by the management of their data by users, also has a considerable effect on trust. Results also show that users are more willing to get control over their data rather than to be rewarded for disclosing them, when they really understand how these data will be used.
Keywords
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
http://www.statista.com, accessed on 12 May 2015.
- 2.
State of Privacy Report, Symantec, 2015.
- 3.
PCAST President’s Council of Advisors on Science and Technology, Report to the president big data and privacy a technological perspective, 2014.
- 4.
- 5.
- 6.
European Commission, Take Control of Your Personal Data, 2012.
References
Ermakova, T., Baumann, A., Fabian, B., Krasnova, H.: Privacy policies and users’ trust: does readability matter? In: Presented at the Twentieth Americas Conference on Information Systems (2014)
Furnell, S., Phippen, A.: Online privacy: a matter of policy? Comput. Fraud Secur. 2012, 12–18 (2012)
Office of the Privacy Commissioner of Canada: Survey of Canadians on Privacy-Related Issues. https://www.priv.gc.ca/information/por-rop/2013/por_2013_01_e.asp
dos Santos Brito, K., Cardoso Garcia, K.V., Araujo Durao, F., Romero de Lemos Meira, S.: How people care about their personal data released on social media. In: Eleventh Annual International Conference on Privacy, Security and Trust (PST), pp. 111–118 (2013)
McDonald, A.M., Cranor, L.F.: The cost of reading privacy policies. J. Law Policy Inf. Soc. 4, 543 (2008)
Schaub, F., Breaux, T.D., Sadeh, N.: Crowdsourcing the extraction of data practices from privacy policies. In: Second AAAI Conference on Human Computation and Crowdsourcing, pp. 56–57 (2014)
Williams, T.L., Agarwal, N., Wigand, R.T.: Protecting Private Information: Current Attitudes Concerning Privacy Policies (2015)
Richards, N.M., King, J.H.: Big data ethics, Wake Forest Law Review, p. 40 (2014)
Cranor, L.F., Hoke, C., Leon, P.G., Au, A.: Are they worth reading? An in-depth analysis of online advertising companies’ privacy policies. In: TPRC Conference (2014)
Noorian, Z., Iyilade, J., Mohkami, M., Vassileva, J.: Trust mechanism for enforcing compliance to secondary data use contracts. In: IEEE 13th International Conference Trust, Security and Privacy in Computing and Communications (TrustCom), pp. 519–526 (2014)
W3C. P3P Specification. http://www.w3.org/TR/P3P11/. Accessed 28 May 2015
Acquisti, A.: The economics of personal data and the economics of privacy. In: Background Paper for OECD Joint WPISP-WPIE Roundtable, vol. 1, p. 50 (2010)
Linden, G., Smith, B., York, J.: Amazon.com recommendations: item-to-item collaborative filtering. IEEE Internet Comput. 7, 76–80 (2003)
Spiekermann, S., Acquisti, A., Böhme, R., Hui, K.-L.: The challenges of personal data markets and privacy. Electron. Markets 25, 161–167 (2015)
Acquisti, A., John, L.K., Loewenstein, G.: What is privacy worth? J. Legal Stud. 42, 249–274 (2013)
Osothongs, A., Sonehara, N.: A proposal of personal information trading platform (PIT): a fair trading between personal information and incentives. In: Fourth International Conference on Digital Information and Communication Technology and its Applications (DICTAP), pp. 269–274 (2014)
Chorppath, A.K., Alpcan, T.: Trading privacy with incentives in mobile commerce: a game theoretic approach. Pervasive Mob. Comput. 9, 598–612 (2013)
Grossklags, J., Acquisti, A.: When 25 cents is too much: an experiment on willingness-to-sell and willingness-to-protect personal information. In: Presented at the Workshop on the Economics of Information Security (2007)
Urban, G.L., Sultan, F., Qualls, W.J.: Placing trust at the center of your Internet strategy. Sloan Manag. Rev. 42, 39–48 (2000)
Sherchan, W., Nepal, S., Paris, C.: A survey of trust in social networks. ACM Comput. Surv. 45, 47 (2013)
Kim, D.J., Ferrin, D.L., Rao, H.R.: A trust-based consumer decision-making model in electronic commerce: the role of trust, perceived risk, and their antecedents. Decis. Support Syst. 44, 544–564 (2008)
Raimondo, M.A.: The measurement of trust in marketing studies: a review of models and methodologies. In: 16th IMP-Conference, Bath, UK (2000)
Song, Y., Kunjithapatham, A., Messer, A.: Method and apparatus for user centric private data management. ed: Google Patents (2006)
Reidenberg, J.R., Breaux, T., Cranor, L.F., French, B., Grannis, A., Graves, J.T., et al.: Disagreeable Privacy Policies: Mismatches Between Meaning and Users’ Understanding (2014)
Earp, J.B., Antón, A.I., Aiman-Smith, L., Stufflebeam, W.H.: Examining Internet privacy policies within the context of user privacy values. IEEE Trans. Eng. Manage. 52, 227–237 (2005)
Sumeeth, M., Singh, R., Miller, J.: Are online privacy policies readable? In: Optimizing Information Security and Advancing Privacy Assurance: New Technologies, New Technologies, p. 91 (2012)
Iyilade, J., Vassileva, J.: A framework for privacy-aware user data trading. In: Carberry, S., Weibelzahl, S., Micarelli, A., Semeraro, G. (eds.) UMAP 2013. LNCS, vol. 7899, pp. 310–317. Springer, Heidelberg (2013)
Zhou, T.: An empirical examination of continuance intention of mobile payment services. Decis. Support Syst. 54, 1085–1091 (2013)
Kittur, A., Chi, E.H., Suh, B.: Crowdsourcing user studies with mechanical turk. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, pp. 453–456 (2008)
Arbuckle, J.L.: IBM® SPSS® Amos™ 22 User’s Guide. IBM, Chicago (2013)
Gefen, D., Straub, D., Boudreau, M.-C.: Structural equation modeling and regression: guidelines for research practice. Commun. Assoc. Inf. Syst. 4, 7 (2000)
Numally, J.C.: Psychometric Theory. McGraw-Hill, New York (1978)
Fornell, C., Larcker, D.F.: Evaluating structural equation models with unobservable variables and measurement error. J. Mark. Res. 18(1), 39–50 (1981)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Appendices
Appendix A
Your email address
Ikrani can compare your email address and those of your contacts provided to a website or a third party online service to see if you can benefit from the combined offering.
Mark only one oval.
-
I agree (I earn 100 points)
-
I do not agree (0 point)
Your Geolocation
We use services from other companies to help us derive a general geographic area based on your IP address in order to customize certain features or deals in your area.
Mark only one oval.
-
I agree (I earn 100 points)
-
I do not agree: I do not want any geolocation, even If it meant I would not benefit from a better quality of service (0 points)
-
I do not agree: I wish my physical location to be collected only when I give my explicit agreement and only to be used for my service (I lose 100 points)
Demographics
We can obtain additional information about you, such as demographic data we purchase from other companies.
Mark only one oval.
-
I agree (I earn 100 points)
-
I do not agree (0 point)
Email content
Our automated systems analyse your content (including e-mail) to offer customized product features such as personalized search results, customized advertisements and spam detection and malware.
Mark only one oval.
-
I agree (I earn 100 points)
-
I do not agree: I do not want any analysis of my emails (0 point)
-
I do not agree: I want the analysis of my emails to only be used to detect spam and malware (I lose 100 points)
Appendix B
Trust TRU (adapted from [28])
TRU1: This online service is trustworthy.
TRU2: This online service will keep their commitments.
Benevolence (adapted from [22])
BEN1: Through this privacy policy, I feel close to the online service.
BEN2: Through this privacy policy, I think this online service cares about my concerns.
BEN3: This online service keeps customers’ interests in mind.
Private data control
PDC1: I know that my private data will not be disclosed to a third party without my permission.
PDC2: I can decide who has access to my private data.
PDC3: I can change my mind about my privacy settings whenever I want.
Management (adapted from [23])
MAN1: This online service allows me to choose which data I want to share.
MAN2: This online service offers multiple choices on each of the terms of the privacy policy.
Comprehension (adapted from [26])
COM1: The content of this policy makes sense to me.
COM2: Important information is easily identifiable.
COM3: I understand all the issues related to my privacy.
Profit
PRO1: This privacy policy allows me to get benefits.
PRO2: Incentives motivate me to deal with the online service.
Readability (adapted from [26])
REA1: Important points of this privacy policy are easily remembered.
REA2: This privacy policy can be read quickly.
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this paper
Cite this paper
Lawani, O., Aïmeur, E., Dalkir, K. (2016). Improving Users’ Trust Through Friendly Privacy Policies: An Empirical Study. In: Lambrinoudakis, C., Gabillon, A. (eds) Risks and Security of Internet and Systems. CRiSIS 2015. Lecture Notes in Computer Science(), vol 9572. Springer, Cham. https://doi.org/10.1007/978-3-319-31811-0_4
Download citation
DOI: https://doi.org/10.1007/978-3-319-31811-0_4
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-31810-3
Online ISBN: 978-3-319-31811-0
eBook Packages: Computer ScienceComputer Science (R0)