Abstract
The transmission of informational privacy has become a fertile ground for debate among competing actors affected by the proliferation of information communication technologies. Contexts are among the factors that shape the flow of informational privacy. The existing discussion however has been mainly dominated by perspectives from the Global North and the able-bodied. In response, based on interview data collected from people with disabilities (PwD) living in Vietnam, this study offers the continuum of context in informational privacy transmissions as a concept to illuminate the types, the levels, and the interest of the transmission and the capability of PwD to manage the flow of their informational privacy. The concept has the potential to enrich the existing discussion by providing more nuance and dynamic of informational privacy transmissions situated in the Global South and among groups who have been historically marginalized.
Similar content being viewed by others
Explore related subjects
Discover the latest articles, news and stories from top researchers in related subjects.Avoid common mistakes on your manuscript.
1 Introduction
The proliferation of digital and social media platforms has pushed the issue of data and informational privacy protection to the center of global attention. In the Global North, primarily in European countries, the implementation of various laws and regulations to better protect users’ privacy is evident [1]. In the Global South, among countries with formalized regulations, the implementations are inconsistent. In others, the regulations remain absent and debatable amid the prevalent use of the platforms in emerging markets [2]. Regardless of territories, enhancing users’ informational privacy literacy skills is needed for a stronger ability to manage personal information flow when online interactions are perpetual [3].
Studies related to informational privacy in the Global North are dominant. While there are various reasons for explaining that, the primary goal of Global South countries to narrow the protracted digital divide [4] has to some extent overshadowed the gravity of protection to informational privacy. Yet, a growing awareness on the importance of informational privacy is observable in some countries such as Indonesia and Vietnam. Policy makers have formulated laws although one may overlap with the others [5]. A segment of civil society groups has advocated for comprehensive and inclusive laws while a contrast between individualism and collectivism in understanding privacy is still observable at the grassroots level [6]. On one hand, privacy is culturally foreign among those who have been living within communal, collectivistic traditions. Therefore, it requires a collective understanding when the need to manage it arises. On the other, an emphasis on the personal responsibility, which is often more salient in an individualistic culture, has put the burden of privacy management on the individual, as reflected in the growing movement to reclaim user privacy in the digital sphere [7].
Having said that, a limited understanding of the intersection of privacy and groups who have been historically marginalized, such as Persons with Disabilities (PwD), is present. Those with access often have low informational privacy skills while those who can partially access and afford the platforms are not deemed as groups of concern. In this sense, ableism, which often stems from non-disabled perspectives, continues to shape the organization of societies and inform decisions on the governance of everyday life, resulting in non-inclusive policies and practices (Campbell [8]). Thus, using Vietnam, a Southeast Asian lower middle-income country, as a setting, this article asserts the concept of ‘continuum of context in the informational privacy transmission’ for illuminating the nuances and dynamics of various socio-technical interactions where informational privacy flows and in particular aims to elucidate the capacity of disabled communities in the Global South to manage their informational privacy flow.
2 Informational privacy
Privacy is a broad concept that has various meanings. Privacy can be complex and contradictory as it juxtaposes different viewpoints of technologists, philosophers, social scientists, and everyday people [9]. Nissenbaum [10] coined the theory of contextual integrity to elucidate the idea that privacy is bound to the norms of appropriateness and distribution of personal information. The norm of appropriateness is concerned with the contexts in which people considered fit to share, transmit, and collect personal information. In everyday life, appropriateness reflects the relevance of the situation where people volunteer, are permitted, or demanded to share their informational privacy [11]. Given that, the action taken based on such an appropriateness is embedded in individual situations, cultural values, and types of actors involved in the interactions [12].
The norm of distribution centers around the transmissibility of personal information and subsequently what consequences may follow from transmitting it. The distribution can occur between and across individuals, groups, organizations. Requests for transmitting personal information, which can happen in the online and offline spheres, often contain principles as to what the requestors will do with the information and to whom it will be redistributed [13]. In that respect, personal information becomes a commodity with massive economic, socio-technical, and political consequences [7]. In response, advocacy works to better protect personal data and information emerge, primarily in the developing countries where the protection and responsible personal information collection and use are inconsistent, if not absent (See [14, 15]).
Putting contexts into consideration makes it possible to understand that within certain situations, privacy is transmissible from one actor to the other. In that vein, the social norms and structures in which privacy is defined and transmitted, and subsequently the principles underpinning the transmission, are reasons for when, how, and to whom people will transmit information they consider private [16]. The breach of privacy often stems from different expectations on what is considered personal or private matters and the situations where their transmissions happen. This demonstrates that privacy is not just blocking access or having rights to control information and secrecy [17].
Since transmitting personal privacy often does not occur in a social vacuum, managing informational privacy is both individual and collective in nature. When the use of digital and social media is ubiquitous and the deployment of emerging technologies based on algorithms and artificial intelligence for addressing social problems is on the rise, the context surrounding the transmission of any information that users deem private is a fertile ground for disputes among lawmakers, tech companies, and civil societies [18]. The tech companies should limit their obsessions with harvesting users’ personal information and data, whereas the users need to have literacy and skills to manage the flow of their personal information and data [19]. The government needs to formulate clear regulations to respond to various consequences arising from datafication [20]. Transmitting informational privacy is thus no longer purely personal nor social, but also exudes economic and political acts.
In that regard, the transmission of privacy requires a collective coordination and management where a range of boundaries exists, overlaps, and may be in conflict [21]. Various studies on privacy management in everyday online and offline settings have suggested that such coordination is often complex but fluid (Petronio [22, 23]. Cultures and political systems are among the macro-circumstances that affect individual decisions to transmit personal information. One growing up in a collectivistic culture in a socialist-communist, low-middle-income country may have a different perception of privacy from a person who grew up in an individualistic, wealthy country. The magnitude of coordination and efforts to balance the social boundaries can be thicker in a high context culture where power hierarchies are more pronounced and maintaining social harmony is a premium [24]. As such, the presence of other actors (e.g., people, technologies, rules, and authorities) will shape people’s decision to keep or disclose their personal information.
Building on the above discussion, we pay attention to the contexts where the transmission of informational privacy occurs and are shaped by individual and collective decisions as well as economic and political considerations. We introduce the ‘continuum of context in informational privacy transmissions’ as a concept to illuminate the nuances and dynamics surrounding the choices persons with disabilities make when deciding if they will transmit their informational privacy to other actors. An addition to the existing work intersecting contexts, boundaries, and privacy, the concept demonstrates the anatomy, level, and continuum of the contexts and compromises that a group who has been historically marginalized makes when deciding to transmit their informational privacy in a collectivistic, non-democratic and non-Western setting.
As reported in the first sub-section of the Findings (Sect. 5), using contexts as a continuum may mitigate simplistic, deterministic views that have been deployed in understanding informational privacy in the everyday use of digital and social media platforms. The following interrelated research questions informed the development of the concept:
RQ1
How do contexts in informational privacy transmissions arising from digital and social media platforms used in an everyday setting differ and overlap?
RQ2
What are the types of informational privacy transmissions in such a setting?
3 Privacy and disability issues in the Global South
While discussions pertaining to informational privacy have been growing, they have been limitedly connected with disability issues. The potential, vulnerability, and diverse needs of PwD to informational privacy rarely become a center of attention as many studies intersecting technology and disability issues have primarily revolved around access [25]. While social inclusion is a lingering issue, when it comes to improving personal data and privacy literacy skills of PwD, the exclusion is even more pronounced [26]. Abundant attention is primarily given to non-disabled people while approaches that claim to empower PwD seem to minimally leverage their potential and insights to better inform programs that seek to improve the capacity of PwD to manage their personal information flow.
PwD and relevant stakeholders such as caregivers, technology developers, and service providers view privacy as among the concerns arising from digital technology use. While assistive technologies and remote support are beneficial for addressing everyday challenges within intellectually and developmentally disabled communities, issues pertaining to privacy are present among the caregivers and the members of the communities [27]. PwD living in smart homes have even raised concerns regarding informational and physical privacy threats [28]. One group of PwD may be more vulnerable to the threats than another, but to a greater extent, their ability to self-protect their informational privacy is limited [29]. Given that, technology developers and remote service providers attempt to protect the informational privacy of users with disabilities by respecting the existing laws, being mindful of a range of informational privacy needs, and developing less privacy-invasive technologies [30, 31].
The above studies have demonstrated a growing attention to mainstreaming disability rights into current understandings and practices pertinent to informational privacy. They however have been situated within the context of upper middle-income or rich countries, indicating that there is a need to study the topic within the context of low- and middle-income countries in the Global South. Limited resources and sporadic laws have made the implementation of the UN Convention on the Rights of Persons with Disabilities (UNCRPD) inconsistent when stigmas rooted in cultures and social norms prevent PwD from participating in public services persist [32]. Informational privacy is seen as a luxury given that the national development agenda is currently focused on improving access. Consequently, the ability of PwD to manage their personal information flow remains understudied. With that in mind, this study particularly asks:
RQ3
To what extent are PwD living in the Global South able to manage the flow of their informational privacy?
4 Data, setting, and analysis
This article was developed based on interview data collected from March to June 2021 in Vietnam. At that time, COVID-19 pandemic responses such as social distancing, e-health declarations, and lockdowns were enacted in different cities across the largest socialist-communist country in Southeast Asia. In effect, the initial plan to conduct face-to-face interviews shifted to remote interviews using various digital and social media platforms. The interviewer was a member of a disability organization in Hanoi. Participant recruitments started from the interviewer’s social circle and were combined with a circulation of an online form where potential participants could sign-up to participate in the study. The interviews lasted between one and two hours and were conducted in Vietnamese with a substantial influence of northern dialects. Most interviews were auditive to evade participants’ weak internet connection. Video interviews and sign language interpreters were employed when interviewing participants who identified themselves as Deaf. Participants with severe disabilities were accompanied by their caregivers. In total, 28 participants (15 female, 13 male) were interviewed. Their average age was 28 years. Respectively, 15, 6, 4, 2, and 1 identified themselves as Blind, physically disabled, Deaf, Dwarf, and Blind and Deaf.
While our study did not specifically intersect such disability forms with privacy issues, people with different forms of disabilities reportedly have different privacy concerns. Individuals with physical disabilities, for example, may be openly or limitedly disclosing their disability on social media depending on their situations [33]. The Blind may lose their privacy when the assistive technology is reading out loud the texts they receive in public [34]. These different concerns show that there is a dire need for more customized ways for protecting the privacy of PwD [35].
It is worth mentioning that many interviewees lived in urban areas and were reasonably able to afford Internet access. Thus, the assertion made in this article might, to some extent, be irrelevant to the context of PwD located in rural areas with limited access or unable to afford the Internet. The key interview questions were: (a) What is your understanding of personal privacy? (b) How would you protect your online privacy? (c) Who do you think has the capability of using your personal information without consent?
Vietnam has become one of the fastest growing markets in Southeast Asia since it joined the World Trade Organization in 2007 [36]. Its political system has been labeled as non-democratic due to limited freedom of speech [37]. The government’s role is central as evidenced in its strong autocratic public policies. The government’s role was hyper-observable when the successful responses to the first wave of the COVID-19 pandemic in 2020 and subsequent pandemic responses were used to display the state’s power and care [38]. Vietnamese society has often been characterized as collectivistic, where the general population prioritizes maintaining social harmony and ties premium [39]. Over 75% of its nearly 100 million population were on social media in 2022 [40]. Internet penetration in rural areas consistently grew as investments in advancing infrastructure increased [41]. A national survey conducted in 2016 reported that approximately 7% of the population were members of disabled communities [42]. Despite the rapid use of digital and social media platforms, the implementation of regulations pertaining to personal data protection and privacy was still sporadic. The Cybersecurity Law and the Network Information Security Law were the main documents regulating personal data and information protection. It has been reported that the cybersecurity law resembles a similar law that the Chinese government enacted in 2017 [43].
With such an understanding in mind, we started the analysis by reading the interview transcripts and gradually identifying various themes and insights that might emerge as we began to understand the lived experience of the participants. We deduced the themes that we deemed able to answer the proposed research questions and offered a broader theorization of an array of contexts in informational privacy transmissions [44]. At this point, we relied on our diverse backgrounds and understanding of the existing literature while being careful not to discount the voice of participants as much as possible. Later, we began creating categories and sub-categories to illuminate the continuum of context in informational privacy transmissions by focusing on where and why the transmission occurred, the range of actors involved, and the cultural values potentially impacted by the transmission. Therefore, the findings and theorization we offered in the proceeding section stemmed from our interactions with the literature, data, and participant experiences [45].
5 Findings
As reflected in Fig. 1, the continuum of context consists of three main features: the types, levels, and interests of the informational privacy transmissions. Transmission types range from voluntary, compromised, and coerced while the transmission may occur at micro-, meso-, and macro-levels as participants interact with others and technologies at various settings, from which private and public interests become considerations for whether transmitting informational privacy is necessary. The types, levels, and interests are not mutually exclusive, as the way people perceive the transmission is context bound. The following sections will dissect each feature and illuminate it with vignettes from diverse users of digital and social media in Vietnam (hereafter: the users).
The continuum of contexts in informational privacy transmissions
5.1 Transmission types: voluntary, compromised, and coerced
Transmission types stemmed from the users’ internal and external reasons to transmit their informational privacy and to whom. The intent to transmit might come from the users themselves or from others possessing a power to create a condition for the informational privacy transmission to occur. Voluntary, compromised, and coerced transmissions thus appeared in accordance with the users’ considerations as to what would work in a situation when they interacted with different actors with different powers. The users might have the agency to decide whether to transmit or not. On other occasions, the situation may have disallowed them from exercising the agency to decline sharing their information. The excerpt below illuminated this:
If it is all up to me, I will not trust anyone. But law enforcement can still use it [personal information] for investigative purposes. I know they have the right to use it, but I don't want my information to be used without my permission. Even close relatives can’t use my information. Sometimes family members use it [for various things], but they don't know whether I want it to be shared or not. … If they want to share my information, they can ask whether I want to share it or not. If I feel comfortable, I agree to share. But I don't expect anyone to share my personal information on social network sites. (Trang)
The contrast between voluntary and coerced transmissions was apparent in the above excerpt. The power that the other actors had over this user, Trang, determined the ability to voluntarily transmit informational privacy. Older family members and government officers were examples of the other actors who shaped the perception that transmitting the informational privacy was not entirely an individual decision. A coerced transmission, in this sense, might occur due to the power relations between Trang and the other actors. While she might not be willing to share her informational privacy, the existing power imbalance could lead to a coerced transmission.
In comparison, a compromised transmission was a by-product of the need to voluntarily transmit and the presence of a condition that required the users to transmit their informational privacy. While the belief that obtaining consent was needed, the users were often at the intersection between keeping and transmitting their personal information. To some extent, they still possessed the power to manage what, how, and to whom that information would be transmitted, as well as the consequences arising from the transmission. The excerpt below depicted a compromised transmission:
It's up to us whether to give out our information to people. Otherwise, anyone must ask for our permission before using it. Unless for circumstances such as when you work in a business, our name and phone number are written in a business brochure, then this belongs to the company. It’s about the nature of the job. (Hoang)
A compromised transmission was a middle ground between the voluntary and coerced transmissions. The utterance of ‘the nature of the job’ reflected the context surrounding the need to compromise. The job required Hoang to transmit some forms of informational privacy for achieving the expected work deliverables. To some degree he could still select which information they would voluntarily transmit. As his capability to manage the flow of information was outweighed by the power of the other actors (e.g., bosses at the companies) and the transmission within a certain situation (e.g., for easy communication) was deemed necessary, the compromised transmission might range from heavily voluntary to coerced. The compromised transmission manifested his attempt to balance between these two different types of informational privacy transmission.
5.2 Transmission levels: micro, meso, and macro
The transmission of informational privacy at micro-, meso-, and macro-levels demonstrated a variety of social circles and other actors the users interacted with. Trust was the thread that connected the intent to transmit at these different levels. The trust often appeared in the belief that the other actors would not abuse the transmitted information, leading to the emergence of perceived safety in the situation where the transmission was necessary. The key significance when considering trust was the separate but connected nature of the relationship between the users and the other actors situated within different levels. At a micro-level, such as within family, trust in the other family members was expected, thus the transmission could happen automatically or conditionally.
An automatic transmission was characterized by the absence of permission from the users, as below typical example showed:
My family including my parents and siblings, and my close friends can use my personal data without my permission. Because I trust that they will not use my data for bad things. (Phuong)
In a close-knit social circle with strong trust between actors, a transmission of personal information could happen automatically. Phuong believed that nobody within her social circle would misuse and/or abuse the personal data being transmitted from one another for various reasons. Given the perceived trust and safety in the micro-social interaction, she deemed that the need to obtain permission to transmit was unnecessary. The transmission thus happened without any conditions. Considering their close relationship with her, the other actors could freely use the information when a need to do so emerged. Having said that, a conditional transmission might be observable within a family setting. For example,
If my family members, my parents, or my wife need to use my information, it will depend on the case. If they need to use to register my children for a course or a school and need the information of their parents, I think it will be fine. As for cases such as participating in insurance, buying something, or any activities that involve money, they must ask for my permission. I must have in hand full details, then decide whether I will agree or not. (Dung)
A conditional transmission was linked to the perceived risk of the information transmission. In this case, the foreseeable economic risk was a condition for Dung to consider before granting permission to transmit personal information. A full understanding of the purpose and what personal information was needed to give to whom was a prerequisite to the transmission, as he was wary of potential ramifications arising from an incomplete understanding. A conditional transmission, in that regard, was a result of his existing knowledge of the possible consequences of the transmission and ability to manage the flow of personal information to external actors situated at different levels. The conditional transmission, at least in this example, reflected a collective decision made by different actors situated within the same social circle. As such, managing the flow of personal information seemed to be a collective act rather than merely an individual one.
At the macro-level, the intersection between different types and characteristics of personal information transmission was apparent. The transmission could stem from a mixture of reasons characterizing voluntary, compromised, and coerced transmissions; and automatic and conditional transmissions discussed above. For example, the users might voluntarily transmit their personal information to the government because they believed it was necessary. Other users might do so for the sake of accessing public services, indicating a compromise between managing personal information and lives. In that respect, the users’ predispositions to transmitting personal information might span from automatic to conditional. Like the reasons leading to transmissions at micro- and meso-levels, the presence of trust seemed to be a contributing factor for informational privacy transmissions at the macro-level. A user expressed:
Besides myself, my family members including my parents, siblings, as well as the State agencies such as the police can use my personal data without my permission. I have complete faith in my family that they won't do anything harmful to me. As for the government agencies, I think they only use our data for the aim of serving the public, for example, making identity cards. (Anh)
While trust seemed to be a salient reason, it is worth mentioning that this finding was drawn from Vietnam where public trust in the government was consistently high over time. As such, questions pertaining to potential misuse and abuse of personal data were less apparent. The trust to a greater extent had led to significant support for any state-sponsored initiatives and programs. Given that, transmitting personal information was linked to Anh’s belief that actors at the macro-level with access to the massive accumulation of personal information would only use the personal information for designing and delivering public services. On certain occasions, government agencies such as the police department could retrieve, share, and use the information without obtaining consent. Trust in this context could be a result of banal nationalism the state had promoted over time. Hence, she perceived the transmission was a part of supporting the country while helping herself to get around with social order. The following section will further explain the continuum of context in personal information transmission in that respect.
5.3 Transmission interests: personal and public
The inclination to transmit personal information was linked with the need to protect personal and public interests. It was an attempt to navigate the individual and collective, rights to live and rights to privacy, and citizen and state powers. It was an attempt to find a balance in these competing interests, in which one might outweigh the other in different instances. In a collective society with a strong government role such as Vietnam, transmitting personal information to authorities was seen as a way to succeed in public service activities and support the government’s work in defending and securing the country. A user exemplified some of the public interests that shaped their inclination to transmit personal information:
I think only the government and state agencies can use my data without my consent, and only in matters relating to the annual census, medicines, and public health, or matters of the national defense and security. (Nguyen)
A personal information transmission at the macro-level was for supporting the delivery of public services and national security. The transmission might be compromised or coerced depending on the level of trust the users had in the government, which in this case seemed to be high in Vietnam. While one might argue that the agreement to transmit was framed by the government as a way of advancing and securing the country from threats, the Vietnamese users in general viewed the transmission as a form of support to the government. Rejecting transmission would not only lead to sanctions, but also hinder access to public services. Therefore, a transmission within this specific context was a compromise between the intent to balance the different but intertwined personal and public interests.
When such interests collided, however, the intent to meet public interests tended to outweigh the personal. A user described a situation where one should give up their privacy rights:
I think no one except for the police. If the police told the criminals that I was using your data, it would be an extraordinary situation. … Because the most important human right is the right to life. It is more important to protect that right than the right to privacy, as it is the most fundamental right. To protect mine and everyone else's right to live, the government and its agencies should have this capability. (Linh)
The tension between personal and public interests in the transmission of personal information was evident. Linh pointed out the urgency of protecting life over privacy given her broad understanding of human rights. Privacy would not exist if people died. Thus, to live safely, giving up the right to privacy in a particular situation was necessary. This signified that the collective public interest should become the main priority rather than the individual when it pertained to transmitting personal information at the macro-level. The police department and other government agencies were seen as having the capability to protect public interests, thus transmitting personal information could be as important as protecting an individual’s life. Rejecting transmission, at least in this specific example, could have consequences to the public, which in a collectivistic society like Vietnam would be seen as challenging social norms and political establishments.
While the concern pertaining to the government’s potential misuse and mismanagement of personal information might be present, the view that the right to live was superior to the right to privacy might discount it. The notion of privacy and personal data protection was considered separately from the importance of protecting individual rights rather than as inclusionary. Thus, when the situation forced society to choose between the two, protecting life was chosen. This exclusionary view on the two considerations became more pronounced as messages that emphasized saving lives in the early stage of the COVID-19 pandemic dominated public discourse. The deployment of contact tracing apps and the reporting of people’s mobility if confirmed to have contracted the virus had evidenced the diminishing gravity of protecting informational privacy. Broadly, in critical situations such as the pandemic and threatening events to public safety and national security, privacy was not the primary concern.
In that respect, a transmission of informational privacy was oriented toward the interests of the larger society, primarily in a society where the government was seen as powerful and trustworthy. At an individual level, where one might have more sovereignty to manage their flow of personal information, putting the personal, individual interest first was expected. However, when such individual interests might have public consequences, the individual interest would be put second. In critical situations, such as during crises or when autocratic, authoritarian practices were enacted to bring order to chaos, personal interest could be taken out of consideration. In such a setting, satisfying the public interest was deemed urgent as the notion that putting personal interest first was considered self-centric and incongruent with the social norm defining what was acceptable for reconciling the tension between personal and public interests.
5.4 The layers of managing informational privacy in the disabled community
This section touches upon the ability of PwD living the Global South to self-manage their informational privacy. Knowing the technicalities, limiting sharing, and evading personal information transmission prompts were three interrelated layers that a section of PwD thought would enable them to safely manage their informational privacy flow. These layers reflected PwD’s sense of understanding as to the usefulness of digital and social media platforms and its socio-technical ramifications. They indicated knowledge of the risks arising from the everyday use of the platforms and ways of mitigating the risks.
Knowledge of the technical aspects of managing personal information flow was observable in PwD’s ability to identify existing features for doing so. A user exemplified:
I apply a two-factor authentication and use a tool or software to encrypt data that is translating my data into another code. I also use anti-virus programs and save data on multiple hard drives. … To people with a vision disability, when doing any transactions, to keep other people around from seeing it, we can use the feature of Talkback by turning off or dimming the screen light to the maximum. Recently, I’ve heard information about users' bank accounts being hacked. This is partly due to the user's lack of knowledge of user personal data protection. (Dang)
Knowing available modes to mitigate risks arising from transmitting personal information, particularly among users with visual impairments, was the first layer of informational privacy self-protection. In this case, Dang was aware of the existing methods such as two-factor authentications and safe usage of computer software and assistive technologies. This awareness implied his vast knowledge of safety measures when using digital technologies. In this circumstance, managing personal information flow heavily sat with the individual rather than a collective responsibility. However, types of disability could lead to a different range of vulnerabilities for PwD. The visually impaired were the most vulnerable as limited access to equitable resources hindered their opportunities to search for information related to protecting personal information flow. Hence, their subject knowledge could be lower compared to, for example, wheelchair users.
Among more knowledgeable users, deception was a strategy they deployed to evade unnecessary requests for transmitting personal information. Fearing the ramification of irresponsible usage of the information was the underlying motivation for deliberately entering false information. Two users described:
Regarding location or address, I only provide it to the apps I feel needed. If entertainment apps require me to give information relating to my identity card, for example, I'll not provide it. Or I will use fake personal data instead of the real ones. (Hoa)
I limit apps' access to my mobile phone system. Or when registering in something, I won't provide my real information, but alter it, or input a second email address that I don't use. (Dat)
They both indicated a response to a coerced transmission request of personal information occurring in different digital platforms. To access some mobile apps, providing personal information was required. Given their pre-existing knowledge, they seemed to have the power to exercise their agency by entering bogus information. The deception, they believed, was an attempt to manage the flow of their personal information in response to the limited options to opt-out that the apps offered. That way, they could access the apps and limit the transmission of their informational privacy. Such an act of self-protection was exercised to respond to a coercive environment for informational privacy transmissions that the app developers had created.
The users with a richer understanding of the political economy of personal information tended to limit sharing. The intent to limit was not only related to the forms of information they agreed to transmit to whom and how, but also in which digital infrastructures they wanted to share it. Thus, the participants preferred digital and mobile media that were less informationally invasive. For example:
I will limit sharing my personal information as much as possible. To use [mobile] applications, we have two choices. One is to agree to provide personal data, the other is to take alternative apps. Usually, if there is an alternative, I would choose it. Otherwise, I will minimally provide my information. For example, there are many messaging apps such as [Facebook] Messenger, Skype, and Zalo. There are also particular apps such as Telegram that require very little user's information. Given that, I will prefer the apps in the latter category. (Duc)
Limiting sharing was an effort to balance between staying socially connected, primarily through messaging apps, and managing the flow of informational privacy. Not only was Duc aware of the alternative apps, but also understood the political economy of transmitting informational privacy. Although limiting the transmission could be difficult, the existence of different messaging apps allowed him to choose the apps that asked for minimal personal information. In this case, his ability to self-manage was central but the presence of less informationally invasive apps offered a greater opportunity to do so. Thus, broadly, managing informational privacy necessitated a collective responsibility between users and app developers.
Limiting sharing meant knowing what information was necessary to transmit when interacting on a digital platform and with whom the users wanted to share. A user explained that in the context of COVID-19 contact tracing apps:
I make sure not to give out too much personal information. Apps that I feel are not safe I will not use …. I only use the Bluezone app. For the medical declaration application from Ministry of Health, for example, NCOVI app, I have to manually enter the information. I feel unsafe. … [It] encourages online medical declaration on it, you must provide your identity card number, full name, place of residence, travel schedule. Declaring on paper also needs to provide such information but having to enter information through this application makes me uncomfortable. … As for Bluezone, I turn on Bluetooth and location. If someone around me also installs it, it will notify me … you have not been exposed to any F0 cases. I don't need to declare personal information, just install and turn it on. It still revealed the location but not the identity card information. (Tran)
Among the characteristics of less informationally invasive digital platforms was that it offered the users a greater ability to self-manage their informational privacy. The above excerpt showed that different contact tracing apps asked for different amount of personal information, in addition to the option given to users to control how they want to share it within the apps. Tran perceived that NCOVI, a Vietnamese government-sponsored contact tracing app, was more informationally invasive than Bluezone, a tech company-owned contact tracing app. At the beginning of the pandemic, the government mandated the use of NCOVI app, which requested users to provide numerous personal information when declaring health status. Tran viewed that the users had a limited control over their personal information the app collected. In comparison, Tran perceived Bluezone less informationally invasive as it gave the users the impression that they could select what information they wanted to share when wanting to check whether they had interacted with anyone infected by the COVID-19 virus.
6 Discussion
The continuum of context in the transmission of informational privacy demonstrates the dynamic and nuance of how digital and social media users manage, control, and exercise their agency when being in situations where transmitting informational privacy to other actors is considered necessary [16]. The continuum comprises the types, the levels, and the interest of the transmission. They are not mutually exclusive as the transmission often occurs in various settings such as people interacting with others, digital technologies, social structures, and information. In that regard, the power to exercise agency and the intent to adhere to social norms are some considerations for users when responding to various situations that require them to transmit personal information.
The fact that the transmission of informational privacy is on a continuum suggests that it is not merely an individual act. Thus, there is a need to de-individualize ways of viewing rights to informational privacy in general. The transmission happens within a certain context, which is often not in a social vacuum, and involves various actors, situations, and power relations. Hence, shifting the view that sharing personal information is an act of an individual to a by-product of collective interactions is needed. While the transmission stems from individual agency, the reasons for the transmission of informational privacy is the broader topic that should be addressed. In this sense, the agency that the users can exercise to accept or reject transmission and the power that platform providers and other entities can use to legitimize and reinforce a condition for limiting the agency to reject is the center of attention for unfolding the root cause of tension in managing informational privacy transmissions [21]. In this circumstance, unfortunately, users in general, and users with disabilities in particular, are often put in a situation where the options to reject are restricted due to their weak bargaining position and lower informational privacy literacy.
In the context of Vietnam, the government is seen as a trustworthy actor to whom transmitting personal information is considered ‘normal’ if not unavoidable. As a result, if it comes to public safety and national security, protecting informational privacy is secondary [46]. While that might not be ideal for defenders of liberal democracy, it is worth noting that in an ecosystem where democratic values are subtle while capitalistic values are vivid, high trust in government may fertilize stringent control over private entities such as gigantic tech companies from deploying loose personal data protection policies and reinforcing massive personal information transmissions. Certainly, one may argue that in a socialist-communist country a lack of checks and balances on government bodies will lead to authoritarian practices by means of access to personal data [47]. However, one may also contend that regulating transnational tech companies is necessary for protecting national interests. Public trust in government can be a foundation for enabling more options for users in general to decide whether transmitting personal information is necessary without decreasing their opportunities to access services embedded in the digital infrastructure.
That a fraction of PwD in Vietnam have the capability to exercise agency for managing their informational privacy holds the potential to enrich any efforts for centering disability rights in initiatives to promote personal data protection and privacy, which to a greater extent have mainly targeted non-disabled users. An understanding that a fraction of the community has such agency may offer insiders’ insight as to what empowerment programs can be designed for and by a range of disabled communities. Therefore, creating more opportunities for users with disabilities to participate in different aspects of socio-technical developments within societies and the stigma that disabilities are signs of weaknesses, limitations, burdens, and sins will gradually diminish.
In particular, the above will help reduce ableism that seems to characterize many views circulating within forums and discussions pertaining to informational privacy. As disability rights become mainstream, more diverse perspectives on how to push the agenda for creating inclusive policies for data and personal information protections will gradually appear. The need of diverse users as well as their lived experiences should be considered when such policies are designed, implemented, and evaluated. In this sense, a greater attention to PwD and other groups who have been historically marginalized is advocated through understanding their vulnerability and agency to overcome unexpected situations arising from the proliferation of personal data and information mining. In this light, a broader policy that can capture the needs of diverse users is essential for stronger protections for personal information. The communication of that policy needs to be contextual and from the ground up in order to effectively protect, empower, and galvanize the agency of PwD.
Broadly, this study has contributed to the existing attempts to theorize the intersection of privacy and power, which Petronio, Child and Hall [48] have pointed as critical to advancing the current understanding of informational privacy outcomes within everyday settings. The users’ agency, regardless of their abilities, is not entirely embedded in their individual capacity, but also in their contexts and social networks [49]. The agency, together with the negotiations the users perform in response to a requirement to disclose personal information, link with the perceived risks and benefits of the disclosure for themselves and others within the same social network [50], as well as the power of other actors that shape various forms of social interactions. In that sense, the users’ agency becomes more limited as other actors possess a greater power over them. Given that, the decision to disclose personal information lies within a broader hierarchy resulting from power imbalance in society and its ramifications to the majority of users and the marginalized users such as PwD. With such an understanding in mind, this study has the potential to promote the usefulness of critical approaches to unpacking the social structure and context affecting the management of informational privacy.
7 Conclusion
Drawn on data collected from a range of people with disabilities living in Vietnam, this article has introduced a continuum of context to better understand the dynamic and nuance in the transmission of informational privacy in everyday life. The continuum of context suggests that the transmission of informational privacy can occur at micro-, meso-, and macro-levels, may happen in a voluntary, compromised, or coercive setting, and be driven by the intent to meet personal and public interests. In particular, this article has illuminated the ability of PwD in Vietnam to manage their flow of informational privacy. The fact that a segment of PwD has knowledge of the potential risk arising from transmitting their informational privacy and ways of evading unnecessary transmission requests on certain digital platforms challenges the existing view that PwD are social burdens. Thus, the finding broadly exemplifies the intersection of disability rights and rights to privacy, which can help curb ableism in the mainstream views advocating personal data and privacy protections.
Derived from the lived experience of vulnerable groups living in a lower middle-income country, the introduction of the continuum of context in the informational privacy transmission also amplifies the need to gather insights from groups that have been historically disadvantaged for addressing the complexity and intangibleness of various activities in relation to the transmission. This way, our understanding of these groups is not merely informed by the knowledge produced and distributed by the groups who have historically been in positions of power, primarily when many transnational tech companies based in the Global North have seen the Global South as a large emerging market.
References
McCabe, D., Stevis-Gridneff, M.: U.S. and European Leaders Reach Deal on Trans-Atlantic Data Privacy-. The New York Times website: https://www.nytimes.com/2022/03/25/business/us-europe-data-privacy.html (2022). Accessed 19 April 2022
Hicks, J.: A “data realm” for the global south? Evidence from Indonesia. Third World Q. 42(7), 1417–1435 (2021). https://doi.org/10.1080/01436597.2021.1901570
Pangrazio, L., Selwyn, N.: “Personal data literacies”: a critical literacies approach to enhancing understandings of personal digital data. N. Media Soc. 21(2), 419–437 (2019). https://doi.org/10.1177/1461444818799523
United Nations.: With almost half of world’s population still offline, digital divide risks becoming ‘new face of inequality’, deputy secretary-general warns general assembly. https://www.un.org/press/en/2021/dsgsm1579.doc.htm (2021). Accessed 19 April 19
Deloitte: Unity in diversity the Asia pacific privacy guide. Retrieved from https://www2.deloitte.com/content/dam/Deloitte/sg/Documents/risk/sea-risk-unity-diversity-privacy-guide.pdf (2019)
Privacy International: A new dawn: privacy in Asia (2012).
Véliz, C.: Privacy is power: why and how you should take back control of your data. Bantam Press. (2020)
Campbell, F. K. (2009). Contours of ableism. The production of disability and abledness. New York: Palgrave Macmillan
Brunton, F., Nissenbaum, H.: Obfuscation. From Theory Appl. (2015). https://doi.org/10.1007/978-3-030-66065-9_5
Nissenbaum, H.: Privacy as contextual integrity. Wash. L. Rev. 79(1), 119–158 (2004)
Chatman, E.A.: The impoverished life-world of outsiders. J. Am. Soc. Inf. Sci. 47(3), 193–206 (1996). https://doi.org/10.1002/(SICI)1097-4571(199603)47:3%3c193::AID-ASI3%3e3.0.CO;2-T
Berger, P., Luckmann, T.: Social construction of reality: treatise in the sociology of knowledge. Penguin Books, London (1966)
Shvartzshnaider, Y., Apthorpe, N., Feamster, N., Nissenbaum, H.: Going against the (Appropriate) Flow: a contextual integrity approach to privacy policy analysis. In: The secenth AAAI conference on human computation and crowdsourcing (HCOMP-19). www.aaai.org (2019)
African Declaration on Internet Rights & Freedoms Coalition. (2021). Privacy and personal data protection in Africa Advocacy toolkit. https://africaninternetrights.org. Accessed 20 April 2022
Haristya, S., Laksmi, S., Astuti, A.N.T., Dewi, I.F.: A comparison of Indonesia’s personal data protection bill with Europe’s convention 108+ and general data protection regulation. Jakarta (2020).
Nissenbaum, H.: Privacy in context: technology, policy, and social life. Stanford University Press, Stanford, California (2010)
Benthall, S., Gürses, S., Nissenbaum, H.: Contextual Integrity through the lens of computer science. Found. Trends Priv. Secur. 2(1), 1–69 (2017). https://doi.org/10.1561/3300000016
Denardis, L.: The Internet in everything. Yale University Press, New Haven & London (2020)
Debranbander, F.: Life after privacy. Cambridge University Press, Cambridge (2020)
Saetra, H.S.: Privacy as an aggregate public good. Technol. Soc. 63, 101422 (2020). https://doi.org/10.1016/j.techsoc.2020.101422
Petronio, S.: Boundaries of privacy: dialectics of disclosure. (2002).https://doi.org/10.5860/choice.40-4304
Petronio, S. (2013). Brief Status Report on Communication Privacy Management Theory. Journal of Family Communication, 13(1), 6–14. https://doi.org/10.1080/15267431.2013.743426
Petronio, S., Child, J.T.: Conceptualization and operationalization: utility of communication privacy management theory. Curr. Opin. Psychol. 31, 76–82 (2020). https://doi.org/10.1016/j.copsyc.2019.08.009
Hall, E.T.: The hidden dimension. Anchor Books, City Garden, NY (1990)
Goggin, G.: Technology and social futures. In: Ellis, K., Kent, M. (eds.) Manifestos for the future of critical disability studies, pp. 79–91. Routledge, New York (2017). https://doi.org/10.4324/9781351053341
European Disability Forum: Plug and Pray? A disability perspective on artificial intelligence, automated decision-making and emerging technologies. www.edf-feph.org (2018)
Tassé, M.J., Wagner, J.B., Kim, M.: Using technology and remote support services to promote independent living of adults with intellectual disability and related developmental disabilities. J. Appl. Res. Intellect. Disabil. 33(3), 640–647 (2020). https://doi.org/10.1111/jar.12709
O’brolcháin, F., Gordijn, B.: Privacy challenges in smart homes for people with dementia and people with intellectual disabilities. Ethics Inf. Technol. 21, 253–265 (2019). https://doi.org/10.1007/s10676-019-09507-0
Chalghoumi, H., Cobigo, V., Dignard, C., Gauthier-Beaupré, A., Jutai, J.W., Lachapelle, Y., Perrin, M.: Information privacy for technology users with intellectual and developmental disabilities: why does it matter? Ethics Behav. 29(3), 201–217 (2017). https://doi.org/10.1080/10508422.2017.13933404
Brand, D., Digennaro Reed, F.D., Morley, M.D., Erath, T.G., Novak, M.D.: A survey assessing privacy concerns of smart-home services provided to individuals with disabilities. Behav. Anal. Pract. 13, 11–21 (2020). https://doi.org/10.1007/s40617-018-00329-y
Cobigo, V., Czechowski, K., Chalghoumi, H., Gauthier-Beaupre, A., Assal, H., Jutai, J., Bah, F.: Protecting the privacy of technology users who have cognitive disabilities: Identifying areas for improvement and targets for change. J. Rehabilit. Assist. Technol. Eng. 7, 1–5 (2020). https://doi.org/10.1177/2055668320950195
ESCAP: Investing in accessibility in Asia and the Pacific. Bangkok (2019)
Furr, J.B., Carreiro, A., McArthur, J.A.: Strategic approaches to disability disclosure on social media. Disabil. Soc. 31(10), 1353–1368 (2016). https://doi.org/10.1080/09687599.2016.1256272
Holman, J., Lazar, J., Feng, J.: Investigating the security-related challenges of blind users on the web. In: Langdon, P., Ceng, J.C., Robinson, P. (eds.) Designing inclusive futures, pp. 129–138. Springer, London (2008). https://doi.org/10.1007/978-1-84800-211-1_13
Wang, Y., Price, C.E.: Accessible privacy. In: Knijnenburg, B.P., Page, X., Wisniewski, P., Lipford, H.R., Proferes, N., Romano, J. (eds.) Modern socio-technical perspectives on privacy, pp. 293–313. Springer, Cham (2022). https://doi.org/10.1007/978-3-030-82786-1_13
Sakata, S. (ed.): Vietnam’s economic entities in transition. Palgrave Macmillan, New York (2013)
Freedom House: Countries and Territories. https://freedomhouse.org/countries/freedom-world/scores (2020). Accessed 14 Oct 2020
Hayton, B., Ngheo, T.L.: Vietnam’s Coronavirus success is built on repression. https://foreignpolicy.com/2020/05/12/vietnam-coronavirus-pandemic-success-repression/ (2020). Accessed 16 Sept 2021
Hofstede Insights: Compare countries-Hofstede Insights. https://www.hofstede-insights.com/fi/product/compare-countries/ (2022). Accessed 19 April 2022
Kemp, S.: Digital 2022: Vietnam. https://datareportal.com/reports/digital-2022-vietnam (2022). Accessed 20 April 2022
Mobile Marketing Association: The state of mobile in rural Vietnam report. file:///Users/abdulrohman/Downloads/The_State_of_Mobile_in_Rural_Vietnam_Report.pdf (2019).
Vietnam General Statistics Office.: National Survey on People with Disabilities 2016. https://www.gso.gov.vn/wp-content/uploads/2019/04/Baocao-nguoikhuyet-tat.pdf (2018)
DLA Piper: Law in Vietnam-DLA piper global data protection laws of the world. https://www.dlapiperdataprotection.com/index.html?c=VN&c2=&go-button=GO&t=law (2022). Accessed 8 April 2022
Patton, M.Q.: Qualitative research & evaluation methods, 3rd edn. Sage Publications Inc., California (2002)
Charmaz, K.: Constructing grounded theory: a practical guide through qualitative analysis. sage (2006). https://doi.org/10.1016/j.lisr.2007.11.003
Yao-Huai, L.: Privacy and data privacy issues in contemporary China. Ethics Inf. Technol. 7, 7–15 (2005). https://doi.org/10.1007/s10676-005-0456-y
Hoffman, S.: China’s tech-enhanced authoritarianism. J. Democr. 33(2), 76–89 (2022). https://doi.org/10.1353/jod.2022.0019
Petronio, S., Child, J.T., Hall, R.D.: Communication privacy management theory: significance for interpersonal communication. In: Braithwaite, D.O., Schrodt, P. (eds.) Engaging theories in interpersonal communication: multiple perspectives, 3rd edn., pp. 314–327. Routledge, New York and London (2022). https://doi.org/10.4324/9781003195511-28
Marwick, A.E., Boyd, D.: Networked privacy: how teenagers negotiate context in social media. N. Media Soc. 16(7), 1051–1067 (2014). https://doi.org/10.1177/1461444814543995
De Wolf, R.: Contextualizing how teens manage personal and interpersonal privacy on social media. N. Media Soc. 22(6), 1058–1075 (2020). https://doi.org/10.1177/1461444819876570
Acknowledgements
The authors would like to thank Kimberly Wade for the language assistance and Thu Phuong Nguyen for her assistance throughout the span of the research project.
Funding
Open Access funding enabled and organized by CAUL and its Member Institutions. This research was partially assisted by the Social Science Research Council’s Just Tech Covid-19 Rapid Response Grants, with funds provided by the Ford Foundation and the MacArthur Foundation and Vaccine Confidence Fund.
Author information
Authors and Affiliations
Contributions
A.R. wrote the first draft of the manuscript. D.D. contributed to the second draft of the manuscript. D.P., E.E., and A.P. provided insights during the data collection and analysis processes.
Corresponding author
Ethics declarations
Conflict of interest
The authors have no competing interests as defined by Springer, or other interests that might be perceived to influence the results and/or discussion reported in this paper.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Open Access This article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if changes were made. The images or other third party material in this article are included in the article's Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the article's Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this licence, visit http://creativecommons.org/licenses/by/4.0/.
About this article
Cite this article
Rohman, A., Dang-Pham, D., Pitaloka, D. et al. A continuum of context in informational privacy transmissions: insights from people with disabilities in Vietnam. Univ Access Inf Soc (2023). https://doi.org/10.1007/s10209-023-01021-x
Accepted:
Published:
DOI: https://doi.org/10.1007/s10209-023-01021-x