Order of Control and Perceived Control over Personal Information

  • Yefim ShulmanEmail author
  • Thao Ngo
  • Joachim Meyer
Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT, volume 576)


Focusing on personal information disclosure, we apply control theory and the notion of the Order of Control to study people’s understanding of the implications of information disclosure and their tendency to consent to disclosure. We analyzed the relevant literature and conducted a preliminary online study (N = 220) to explore the relationship between the Order of Control and perceived control over personal information. Our analysis of existing research suggests that the notion of the Order of Control can help us understand people’s decisions regarding the control over their personal information. We discuss limitations and future directions for research regarding the application of the idea of the Order of Control to online privacy.


Personal information disclosure Perceived information control Order of Control Privacy 



This research is partially funded by the EU Horizon 2020 research and innovation programme under the Marie Skłodowska-Curie grant agreement No 675730 “Privacy and Us”, and by the Deutsche Forschungsgemeinschaft (DFG) under Grant No. GRK 2167, Research Training Group “User-Centered Social Media”.


  1. 1.
    Aïmeur, E., Lawani, O., Dalkir, K.: When changing the look of privacy policies affects user trust: an experimental study. Comput. Hum. Behav. 58, 368–379 (2016). Scholar
  2. 2.
    Arcand, M., Nantel, J., Arles-Dufour, M., Vincent, A.: The impact of reading a web site’s privacy statement on perceived control over privacy and perceived trust. Online Inf. Rev. 31(5), 661–681 (2007)CrossRefGoogle Scholar
  3. 3.
    Bieker, F., Friedewald, M., Hansen, M., Obersteller, H., Rost, M.: A process for data protection impact assessment under the European general data protection regulation. In: Schiffner, S., Serna, J., Ikonomou, D., Rannenberg, K. (eds.) APF 2016. LNCS, vol. 9857, pp. 21–37. Springer, Cham (2016). Scholar
  4. 4.
    Brandimarte, L., Acquisti, A., Loewenstein, G.: Misplaced confidences: privacy and the control paradox. Soc. Psychol. Pers. Sci. 4(3), 340–347 (2013). Scholar
  5. 5.
    Christin, D., Michalak, M., Hollick, M.: Raising user awareness about privacy threats in participatory sensing applications through graphical warnings. In: Proceedings of International Conference on Advances in Mobile Computing and Multimedia, MoMM 2013, pp. 445:445–445:454. ACM, New York (2013).
  6. 6.
    Dinev, T., Xu, H., Smith, J.H., Hart, P.: Information privacy and correlates: an empirical attempt to bridge and distinguish privacy-related concepts. Eur. J. Inf. Syst. 22(3), 295–316 (2013). Scholar
  7. 7.
    EU 2016/679: Regulation (EU) 2016/679 of the European parliament and of the council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing directive 95/46/EC (general data protection regulation). Official Journal of the European Union L119, 1–88 May 2016.
  8. 8.
    Gerlach, J., Widjaja, T., Buxmann, P.: Handle with care: how online social network providers’ privacy policies impact users’ information sharing behavior. J. Strateg. Inf. Syst. 24(1), 33–43 (2015). Scholar
  9. 9.
    Hansen, M., Jensen, M., Rost, M.: Protection goals for privacy engineering. In: 2015 IEEE Security and Privacy Workshops, pp. 159–166, May 2015.
  10. 10.
    Hansen, M.: Top 10 mistakes in system design from a privacy perspective and privacy protection goals. In: Camenisch, J., Crispo, B., Fischer-Hübner, S., Leenes, R., Russello, G. (eds.) Privacy and Identity 2011. IAICT, vol. 375, pp. 14–31. Springer, Heidelberg (2012). Scholar
  11. 11.
    Hoadley, C.M., Xu, H., Lee, J.J., Rosson, M.B.: Privacy as information access and illusory control: the case of the Facebook news feed privacy outcry. Electron. Commer. Res. Appl. 9(1), 50–60 (2010). special Issue: Social Networks and Web 2.0CrossRefGoogle Scholar
  12. 12.
    Keith, M., Maynes, C., Lowry, P., Babb, J.: Privacy fatigue: the effect of privacy control complexity on consumer electronic information disclosure, December 2014.
  13. 13.
    Knijnenburg, B.P., Kobsa, A., Jin, H.: Counteracting the negative effect of form auto-completion on the privacy calculus. In: 34th International Conference on Information Systems, Milan, Italy 15–18 December 2013Google Scholar
  14. 14.
    Kowalewski, S., Ziefle, M., Ziegeldorf, H., Wehrle, K.: Like us on Facebook! - analyzing user preferences regarding privacy settings in Germany. Procedia Manuf. 3, 815–822 (2015).,, 6th International Conference on Applied Human Factors and Ergonomics (AHFE 2015) and the Affiliated Conferences, AHFE (2015)CrossRefGoogle Scholar
  15. 15.
    Krol, K., Preibusch, S.: Control versus effort in privacy warnings for webforms. In: Proceedings of the 2016 ACM on Workshop on Privacy in the Electronic Society, WPES 2016, pp. 13–23. ACM, New York (2016).
  16. 16.
    Kunkel, J., Luo, X., Capaldi, A.P.: Integrated TORC1 and PKA signaling control the temporal activation of glucose-induced gene expression in yeast. Nat. commun. 10(1), 1–11 (2019)CrossRefGoogle Scholar
  17. 17.
    Lipford, H.R., Watson, J., Whitney, M., Froiland, K., Reeder, R.W.: Visual vs. compact: a comparison of privacy policy interfaces. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, CHI 2010, pp. 1111–1114. ACM, New York (2010).
  18. 18.
    Lutz, C., Hoffmann, C.P., Bucher, E., Fieseler, C.: The role of privacy concerns in the sharing economy. Inform. Commun. Soc. 21(10), 1472–1492 (2018). Scholar
  19. 19.
    Malhotra, N.K., Kim, S.S., Agarwal, J.: Internet users’ information privacy concerns (IUIPC): the construct, the scale, and a causal model. Inf. Sys. Res. 15(4), 336–355 (2004). Scholar
  20. 20.
    Moore, A.: Defining privacy. J. Soc. Philos. 39(3), 411–428 (2008)CrossRefGoogle Scholar
  21. 21.
    Murmann, P., Fischer-Hübner, S.: Tools for achieving usable ex post transparency: a survey. IEEE Access 5, 22965–22991 (2017). Scholar
  22. 22.
    Nissenbaum, H.: Privacy as contextual integrity. Wash. Law Rev. 79(1), 119–157 (2004). Scholar
  23. 23.
    Parent, W.A.: Privacy, morality, and the law. Philos. Public Affairs 12(4), 269–288 (1983). Scholar
  24. 24.
    Shulman, Y., Meyer, J.: Is privacy controllable? In: Kosta, E., Pierson, J., Slamanig, D., Fischer-Hübner, S., Krenn, S. (eds.) Privacy and Identity Management. Fairness, Accountability, and Transparency in the Age of Big Data: 13th IFIP WG 9.2, 9.6/11.7, 11.6/SIG 9.2.2 International Summer School, Vienna, Austria, 20–24 August 2018, Revised Selected Papers, pp. 222–238. IFIP Advances in Information and Communication Technology, Springer International Publishing, Cham (2019)., the authors version is available in open access via. Scholar
  25. 25.
    Steinfeld, N.: “I agree to the terms and conditions": (how) do users read privacy policies online? an eye-tracking experiment. Comput. Hum. Behav. 55, 992–1000 (2016). Scholar
  26. 26.
    Tsai, L., et al.: Turtle guard: helping android users apply contextual privacy preferences. In: Thirteenth Symposium on Usable Privacy and Security (SOUPS 2017), pp. 145–162. USENIX Association, Santa Clara (2017).
  27. 27.
    Tschersich, M.: Comparing the configuration of privacy settings on social network sites based on different default options. In: 2015 48th Hawaii International Conference on System Sciences, pp. 3453–3462, January 2015.
  28. 28.
    Wang, N., Xu, H., Grossklags, J.: Third-party apps on Facebook: privacy and the illusion of control. In: Proceedings of the 5th ACM Symposium on Computer Human Interaction for Management of Information Technology, CHIMIT 2011, pp. 4:1–4:10. ACM, New York (2011).
  29. 29.
    Wang, N., Zhang, B., Liu, B., Jin, H.: Investigating effects of control and ads awareness on android users’ privacy behaviors and perceptions. In: Proceedings of the 17th International Conference on Human-Computer Interaction with Mobile Devices and Services, MobileHCI 2015, pp. 373–382. ACM, New York (2015).
  30. 30.
    Warren, S.D., Brandeis, L.D.: The Right to Privacy, pp. 193–220, Harvard Law Review (1890)CrossRefGoogle Scholar
  31. 31.
    Webster, J., Watson, R.T.: Analyzing the past to prepare for the future: writing a literature review. MIS Q. 26(2), 5–7 (2002). Scholar
  32. 32.
    Westin, A.: Privacy and freedom. Atheneum, New York (1967–1970)Google Scholar
  33. 33.
    Xu, H.: The effects of self-construal and perceived control on privacy concerns. In: ICIS 2007 Proceedings - Twenty-Eighth International Conference on Information Systems (2007)Google Scholar
  34. 34.
    Zhang, B., Xu, H.: Privacy nudges for mobile applications: effects on the creepiness emotion and privacy attitudes. In: Proceedings of the 19th ACM Conference on Computer-Supported Cooperative Work and Social Computing. CSCW 2016, pp. 1676–1690. ACM, New York (2016).

Copyright information

© IFIP International Federation for Information Processing 2020

Authors and Affiliations

  1. 1.Tel Aviv UniversityTel AvivIsrael
  2. 2.University of Duisburg-EssenDuisburgGermany

Personalised recommendations