Exploring nuances of user privacy preferences on a platform for political participation

A problematic gap between existing online privacy controls and actual user disclosure behavior motivates researchers to focus on a design and development of intelligent privacy controls. These intelligent controls intend to decrease the burden of privacy decision-making and generate user-tailored privacy suggestions. To do so, at first it is necessary to analyze user privacy preferences. Previous studies have shown that user privacy profiles tend to have a multidimensional structure, which in turn might bring issues of an inexact user classification. This paper proposes to apply a fuzzy clustering approach, where fuzzy membership degree values can be used for the calculation of more precise personalized privacy suggestions. Based on the real-world dataset collected from a political platform 1, the fuzzy c-means algorithm was applied to demonstrate the multidimensionality and the existence of imprecise user privacy profiles, where a user simultaneously possesses features inherent in several clusters

Employees Attitudes towards Cyber Security and Risky Online Behaviours: An Empirical Assessment in the United Kingdom

The present study aimed to explore if the size of company an individual works for, age or attitudes towards cyber security affected frequency to engage in risky online behaviours. A total of 515 participants aged between 18-84 in full or part-time employment were asked to complete a questionnaire that consisted of two scales. One measured their attitude towards cyber security and general awareness of cyber crime, the other examined the types of ‘risky’ cyber security behaviours they were engaged in. The results demonstrated a significant negative correlation between attitudes towards cyber security and risky cyber security behaviours, with more negative attitudes being linked to higher levels of risky behaviours. There were also significant differences according to company size and age group according to frequency of engaging in risky cyber security behaviour and attitudes towards cyber security. The findings are presented as furthering our understanding of how employee attitudes contribute to company cyber security, as well as highlighting how the size of an organisation could be linked to difference in knowledge and adherence to ISA protocols

Impulsivity and Information Disclosure: Implications for Privacy Paradox

Privacy paradox refers to the inconsistency that sometimes exists between individuals’ expressed privacy concern and the willingness to divulge personal information. Several arguments have been proposed to explain the inconsistency. One set of arguments centers around the effects of individual differences in personality characteristics, e.g., the Big Five. In the current article, we examine the role of a personality characteristic, impulsivity, in explaining the relationship between privacy concern and information disclosure. We report the results of a survey-based study that consisted of two hundred and forty-two (242) usable responses from subjects recruited on Amazon Mechanical Turk. The results show that one of the three dimensions of impulsivity, motor impulsivity, directly influences the extent of information disclosure, and, also moderates the relationship between privacy concern and information disclosure. Furthermore, our study shows impulsivity explains more variance in information disclosure than explained by the Big Five factors only

Socially desirable responding within the context of privacy-related research:a personality perspective

Background: Socially desirable responding within the context of self-reported surveys is a well-known and persistent problem that plagues quantitative studies. Such forms of responding are particularly problematic within the context of personality-based studies that investigate privacy-related decision-making. In such instances, certain respondents may feel pressured to provide socially desirable responses, which reduces the overall quality of the collected data.Objectives: The objective of this study was to evaluate the extent to which the Big Five personality traits (openness, conscientiousness, extraversion, agreeableness and neuroticism) elicit socially desirable responses within the context of privacy-related decision-making.Method: To evaluate their hypotheses, the authors empirically situate their study within the context of respondents’ intended use of Facebook privacy settings. To this end, 576 survey responses were analysed using partial least squares structural equation modelling (PLS-SEM).Results: It was found that some personality traits were indeed significantly related to socially desirable responding – albeit not always as expected. For example, highly agreeable individuals were unlikely to provide socially desirable responses: choosing honest responses. Neuroticism, on the other hand, had the opposite effect.Conclusion: Based on the results, the authors conclude that neurotic individuals seem predisposed towards responding in a socially desirable manner within the context of privacy-related surveys. The authors, therefore, advise researchers within the field of privacy-based personality studies to take care when analysing their results

Personality and Social Framing in Privacy Decision-Making: A Study on Cookie Acceptance

Despite their best intentions, people struggle with the realities of privacy protection and will often sacrifice privacy for convenience in their online activities. Individuals show systematic, personality dependent differences in their privacy decision making, which makes it interesting for those who seek to design ‘nudges’ designed to manipulate privacy behaviors. We explore such effects in a cookie decision task. Two hundred and ninety participants were given an incidental website review task that masked the true aim of the study. At the task outset, they were asked whether they wanted to accept a cookie in a message that either contained a social framing ’nudge’ (they were told that either a majority or a minority of users like themselves had accepted the cookie) or contained no information about social norms (control). At the end of the task, participants were asked to complete a range of personality assessments (impulsivity, risk-taking, willingness to self-disclose and sociability). We found social framing to be an effective behavioral nudge, reducing cookie acceptance in the minority social norm condition. Further, we found personality effects such that those scoring highly on risk taking and impulsivity were significantly more likely to accept the cookie. Finally, we found that the application of a social nudge could attenuate the personality effects of impulsivity and risk-taking. We explore the implications for those working in the privacy by-design space

A Replication Study of the Impact of Impulsivity on Risky Cybersecurity Behaviors

Hadlington (2017) conducted a survey using respondents from the United Kingdom (UK) to examine the relationship between the three dimensions of impulsivity and risky cybersecurity behavior. His results showed that risky cybersecurity behavior was positively correlated to attentional impulsivity and motor impulsivity, but was negatively correlated with non-planning impulsivity. He also examined the relationship between internet addiction and attitude towards cybersecurity, and, risky cybersecurity behaviors. Our longer term goal is to conduct research to gain an in-depth understanding of the role of impulsivity in cybersecurity. Towards this end, we conducted a methodological replication of the Hadlington study to determine the generalizability of his results for respondents from a different country, i.e., USA. Our replication confirmed most of the correlations between the variables in Hadlington’s study, though there are some differences that need further examination. We further explored the data in search of meaningful patterns in risky cybersecurity behaviors scale and its relationship with different impulsivity components. Our exploratory analysis suggests a need for a typology of cybersecurity behaviors. Overall, we see a sufficient basis to pursue research on the effects of impulsivity on risky security behaviors

Can cyberloafing and Internet addiction affect organizational information security?

Researchers have noted potential links between Internet addiction, the use of work computers for non-work purposes and an increased risk of threat to the organisation from breaches in cybersecurity. However, much of this research appears conjectural in nature and lacks clear empirical evidence to support such claims. In order to fill this knowledge gap, a questionnaire-based study explored the link between cyberloafing, Internet addiction, and information security awareness (ISA). A total of 338 participants completed an online questionnaire, which comprised of the Online Cognition Scale (OCS), Cyberloafing scale, and the Human Aspects of Information Security Questionnaire (HAIS-Q). Participants who reported higher Internet addiction and cyberloafing tendencies had lower ISA, and Internet addiction and cyberloafing predicted a significant 45% of the variance in ISA. Serious cyberloafing, such as the propensity to visit adult websites and online gambling, was shown to be the significant predictor for poorer ISA. Implications for organisations and recommendations to reduce or manage inappropriate Internet use are discussed