Privacy as a Tradeoff: Introducing the Notion of Privacy Calculus for Context-Aware Mobile Applications

Evidences collected from smartphones users show a growing desire of personalization offered by services for mobile devices. However, the need to accurately identify users' contexts has important implications for user's privacy and it increases the amount of trust, which users are requested to have in the service providers. In this paper, we introduce a model that describes the role of personalization and control in users' assessment of cost and benefits associated to the disclosure of private information. We present an instantiation of such model, a context-aware application for smartphones based on the Android operating system, in which users' private information are protected. Focus group interviews were conducted to examine users' privacy concerns before and after having used our application. Obtained results confirm the utility of our artifact and provide support to our theoretical model, which extends previous literature on privacy calculus and user's acceptance of context-aware technology

Leveraging Market Research Techniques in IS – A Review of Conjoint Analysis in IS Research

With the increasing importance of mass-market information systems (IS), understanding individual user preferences for IS design and adoption is essential. However, this has been a challenging task due to the complexity of balancing functional, non-functional, and economic requirements. Conjoint analysis (CA), a marketing research technique, estimates user preferences by measuring tradeoffs between products attributes. Although the number of studies applying CA in IS has increased in the past years, we still lack fundamental discussion on its use in our discipline. We review the existing CA studies in IS with regard to the application areas and methodological choices along the CA procedure. Based on this review, we develop a reference framework for application areas in IS that serves as foundation for future studies. We argue that CA can be leveraged in requirements management, business model design, and systems evaluation. As future research opportunities, we see domain-specific adaptations e.g., user preference models

Location Privacy for Mobile Crowd Sensing through Population Mapping

Opportunistic sensing allows applications to “task” mobile devices to measure context in a target region. For example, one could leverage sensor-equipped vehicles to measure traffic or pollution levels on a particular street or users\u27 mobile phones to locate (Bluetooth-enabled) objects in their vicinity. In most proposed applications, context reports include the time and location of the event, putting the privacy of users at increased risk: even if identifying information has been removed from a report, the accompanying time and location can reveal sufficient information to de-anonymize the user whose device sent the report. We propose and evaluate a novel spatiotemporal blurring mechanism based on tessellation and clustering to protect users\u27 privacy against the system while reporting context. Our technique employs a notion of probabilistic k-anonymity; it allows users to perform local blurring of reports efficiently without an online anonymization server before the data are sent to the system. The proposed scheme can control the degree of certainty in location privacy and the quality of reports through a system parameter. We outline the architecture and security properties of our approach and evaluate our tessellation and clustering algorithm against real mobility traces

Limited Information and Quick Decisions: Consumer Privacy Calculus for Mobile Applications

Mobile applications (also known as “apps”) have rapidly grown into a multibillion-dollar industry. Because they are available through devices that are “always on” and often with the user, users often adopt mobile apps “on the fly” as they need them. As a result, users often base their adoption and disclosure decisions only on the information provided through the mobile app delivery platform (e.g., the Apple App Store™ or Google Play™). The fact that using a mobile app often requires one to disclose an unprecedented combination of personal information (e.g., location data, preferences, contacts, calendars, browsing history, music library) means that one makes a complex risk/benefit tradeoff decision based on only the small amount of information that the mobile app delivery platform provides—and all in a short period of time. Hence, this process is much shorter and much riskier than traditional software adoption. Through two experiments involving 1,588 mobile app users, we manipulated three primary sources of information provided by a platform (app quality ratings, network size, and privacy assurances) to understand their effect on perceptions of privacy risks and benefits and, in turn, how they influence consumer adoption intentions and willingness to pay (WTP). We found that network size influenced not only perceived benefits but also the perceived risks of apps in the absence of perfect information. In addition, we found that integrating a third party privacy assurance system into the app platform had a significant influence on app adoption and information disclosure. We also found that a larger network size reduces LBS privacy risk perceptions, which confirms our information cascade hypothesis. We discuss the implications of these findings for research and practice

Matching Users' Preference Under Target Revenue Constraints in Optimal Data Recommendation Systems

This paper focuses on the problem of finding a particular data recommendation strategy based on the user preferences and a system expected revenue. To this end, we formulate this problem as an optimization by designing the recommendation mechanism as close to the user behavior as possible with a certain revenue constraint. In fact, the optimal recommendation distribution is the one that is the closest to the utility distribution in the sense of relative entropy and satisfies expected revenue. We show that the optimal recommendation distribution follows the same form as the message importance measure (MIM) if the target revenue is reasonable, i.e., neither too small nor too large. Therefore, the optimal recommendation distribution can be regarded as the normalized MIM, where the parameter, called importance coefficient, presents the concern of the system and switches the attention of the system over data sets with different occurring probability. By adjusting the importance coefficient, our MIM based framework of data recommendation can then be applied to system with various system requirements and data distributions.Therefore,the obtained results illustrate the physical meaning of MIM from the data recommendation perspective and validate the rationality of MIM in one aspect.Comment: 36 pages, 6 figure