Skip to main content

Privacy-ABCs as a Case for Studying the Adoption of PETs by Users and Service Providers

  • Conference paper
  • First Online:
Privacy Technologies and Policy (APF 2015)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 9484))

Included in the following conference series:

Abstract

Although in the last years there has been a growing amount of research in the field of privacy-enhancing technologies (PETs), they are not yet widely adopted in practice. In this paper we discuss the socioeconomical aspects of how users and service providers make decisions about adopting PETs. The analysis is based on our experiences from the deployment of Privacy-respecting Attribute-based Credentials (Privacy-ABCs) in a real-world scenario. In particular, we consider the factors that affect the adoption of Privacy-ABCs as well as the cost and benefit trade-offs involved in their deployment and usage, as perceived by both parties.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    https://abc4trust.eu/.

  2. 2.

    m denotes mean value, \(\sigma \) denotes standard deviation.

  3. 3.

    Understanding of the Technology factor will be discussed later in Sect. 3.3 for readability reasons.

  4. 4.

    http://futureid.eu.

  5. 5.

    https://github.com/p2abcengine/p2abcengine.

  6. 6.

    E.g., see the Internet Privacy Engineering Network initiative (https://secure.edps.europa.eu/EDPSWEB/edps/EDPS/IPEN).

  7. 7.

    http://europa.eu/rapid/press-release_MEMO-14-186_de.htm last visited May 15th, 2015.

References

  1. Acquisti, A.: Identity management, privacy, and price discrimination. IEEE Secur. Priv. 6(2), 46–50 (2008)

    Article  Google Scholar 

  2. Acquisti, A.: The economics of personal data and the economics of privacy. Background Paper for OECD Joint WPISP-WPIE Roundtable 1 (2010)

    Google Scholar 

  3. Acquisti, A., Grossklags, J.: Privacy and rationality in individual decision making. IEEE Secur. Priv. 2, 24–30 (2005)

    Google Scholar 

  4. Benenson, Z., Girard, A., Krontiris, I.: User acceptance factors for anonymous credentials: an empirical investigation. In: Workshop on the Economics of Information Security (WEIS) (2015)

    Google Scholar 

  5. Benenson, Z., Girard, A., Krontiris, I., Liagkou, V., Rannenberg, K., Stamatiou, Y.: User acceptance of privacy-ABCs: an exploratory study. In: Tryfonas, T., Askoxylakis, I. (eds.) HAS 2014. LNCS, vol. 8533, pp. 375–386. Springer, Heidelberg (2014)

    Google Scholar 

  6. Bjones, R., Krontiris, I., Paillier, P., Rannenberg, K.: Integrating anonymous credentials with eIDs for privacy-respecting online authentication. In: Preneel, B., Ikonomou, D. (eds.) APF 2012. LNCS, vol. 8319, pp. 111–124. Springer, Heidelberg (2014)

    Chapter  Google Scholar 

  7. Brands, S.: Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy. MIT Press, Cambridge (2000)

    Google Scholar 

  8. Camenisch, J., Van Herreweghen, E.: Design and implementation of the idemix anonymous credential system. In: Proceedings of the 9th ACM Conference on Computer and Communications Security (CCS 2002), pp. 21–30 (2002)

    Google Scholar 

  9. Cameron, K., Posch, R., Rannenberg, K.: Proposal for a common identity framework: A User-Centric Identity Metasystem. In: Rannenberg, K., Royer, D., Deuker, A. (eds.) The Future of Identity in the Information Society - Opportunities and Challenges. Springer (2009)

    Google Scholar 

  10. Davis, F.D.: Perceived usefulness, perceived ease of use, and user acceptance of information technology. MIS Q. 13(3), 319–340 (1989)

    Article  Google Scholar 

  11. DiMaggio, P.J., Powell, W.W.: The iron cage revisited: institutional isomorphism and collective rationality in organizational fields. Am. Sociol. Rev. 48(2), 147–160 (1983)

    Article  Google Scholar 

  12. Dinev, T., Hart, P.: Internet privacy concerns and social awareness as determinants of intention to transact. Int. J. Electron. Commer. 10(2), 7–29 (2006)

    Article  Google Scholar 

  13. Economics, L.: Study on the Economic Benefits of Privacy-enhancing Technologies (PETs): Final Report to The European Commission, DG Justice, Freedom and Security. London Economics (2010)

    Google Scholar 

  14. Field, A.: Discovering Statistics Using IBM SPSS Statistics. Sage, London (2013)

    Google Scholar 

  15. Final Report to the European Commission DG Justice, Freedom and Security: Study on the economic benefits of privacy-enhancing technologies (PETs). Technical report, London Economics, July 2010

    Google Scholar 

  16. Fischer-Hübner, S., Hoofnagle, C., Krontiris, I., Rannenberg, K., Waidner, M.: Online privacy: towards informational self-determination on the internet (Dagstuhl Perspectives Workshop 11061). Dagstuhl Manifestos 1(1), 1–20 (2011)

    Google Scholar 

  17. Hansen, M., Bieker, F., Deibler, D., Obersteller, H., Schlehahn, E., Zwingelberg, H.: Legal data protection considerations. In: Rannenberg, K., Camenisch, J., Sabouri, A. (eds.) Attribute-based Credentials for Trust, pp. 143–161 (2015)

    Google Scholar 

  18. Herath, T., Chen, R., Wang, J., Banjara, K., Wilbur, J., Rao, H.R.: Security services as coping mechanisms: an investigation into user intention to adopt an email authentication service. Inf. Syst. J. 24(1), 61–84 (2014)

    Article  Google Scholar 

  19. Iacovou, C.L., Benbasat, I., Dexter, A.S.: Electronic data interchange and small organizations: adoption and impact of technology. MIS Q. 19, 465–485 (1995)

    Article  Google Scholar 

  20. Laudon, K.C.: Markets and privacy. Commun. ACM 39(9), 92–104 (1996)

    Article  Google Scholar 

  21. McKnight, D.H., Carter, M., Thatcher, J.B., Clay, P.F.: Trust in a specific technology: an investigation of its components and measures. ACM Trans. Manage. Inf. Syst. (TMIS) 2(2), 12 (2011)

    Google Scholar 

  22. Nofer, M., Hinz, O., Muntermann, J., Roßnagel, H.: The economic impact of privacy violations and security breaches. Bus. Inf. Syst. Eng. 6(6), 339–348 (2014)

    Article  Google Scholar 

  23. Patil, S., Patruni, B., Lu, H., Dunkerley, F., Fox, J., Potoglou, D., Robinson, N.: Public perception of security and privacy: results of the comprehensive analysis of PACT’s pan-european survey. Technical report, PACT EU Project Public Deliverable D4.2, June 2014

    Google Scholar 

  24. Pavlou, P.A.: Consumer acceptance of electronic commerce: integrating trust and risk with the technology acceptance model. Int. J. Electron. Commer. 7(3), 101–134 (2003)

    Google Scholar 

  25. Rogers Everett, M.: Diffusion of Innovations. Free Press, New York (1995)

    Google Scholar 

  26. Rubinstein, I.S.: Regulating privacy by design. Berkeley Technol. Law J. 26, 1409 (2011)

    Google Scholar 

  27. Sabouri, A.: Understanding the determinants of privacy-ABC technologies adoption by service providers. In: Proceedings of 14th IFIP WG 6.11 Conference on e-Business, e-Services, and e-Society, I3E 2015 Open and Big Data Management and Innovation, Delft, The Netherlands, 13–15 October 2015, vol. 9373 (2015)

    Google Scholar 

  28. Spiekermann, S.: User Control in Ubiquitous Computing: Design Alternatives and User Acceptance. Shaker, Aachen (2008)

    Google Scholar 

  29. Stamatiou, Y., Benenson, Z., Girard, A., Krontiris, I., Liagkou, V., Pyrgelis, A., Tesfay, W.: Course evaluation in higher education: the patras pilot of ABC4Trust. In: Rannenberg, K., Camenisch, J., Sabouri, A. (eds.) Attribute-based Credentials for Trust, pp. 197–239. Springer International Publishing (2015)

    Google Scholar 

  30. Sun, S.T., Pospisil, E., Muslukhov, I., Dindar, N., Hawkey, K., Beznosov, K.: What makes users refuse web single sign-on?: an empirical investigation of OpenID. In: Proceedings of the Seventh Symposium on Usable Privacy and Security, p. 4. ACM (2011)

    Google Scholar 

  31. Tornatzky, L.G., Fleischer, M., Chakrabarti, A.K.: Processes of Technological Innovation. Lexington Books, Lexington (1990)

    Google Scholar 

  32. Venkatesh, V., Bala, H.: Technology acceptance model 3 and a research agenda on interventions. Decis. Sci. 39(2), 273–315 (2008)

    Article  Google Scholar 

  33. Venkatesh, V., Davis, F.D.: A theoretical extension of the technology acceptance model: four longitudinal field studies. Manage. Sci. 46(2), 186–204 (2000)

    Article  Google Scholar 

  34. Venkatesh, V., Morris, M.G., Davis, G.B., Davis, F.D.: User acceptance of information technology: toward a unified view. MIS Q. 27, 425–478 (2003)

    Google Scholar 

  35. Venkatesh, V., Thong, J.Y., Xu, X.: Consumer acceptance and use of information technology: extending the unified theory of acceptance and use of technology. MIS Q. 36(1), 157–178 (2012)

    Google Scholar 

  36. Wästlund, E., Angulo, J., Fischer-Hübner, S.: Evoking comprehensive mental models of anonymous credentials. In: Camenisch, J., Kesdogan, D. (eds.) iNetSec 2011. LNCS, vol. 7039, pp. 1–14. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  37. Wästlund, E., Wolkerstorfer, P., Köffel, C.: PET-USES: Privacy-enhancing technology-users self-estimation scale. In: Privacy and Identity Management for Life, pp. 266–274. Springer (2010)

    Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Ioannis Krontiris .

Editor information

Editors and Affiliations

Appendices

A Discussion on the Applicability of UTAUT and UTAUT2

Although UTAUT [34] and UTAUT2 [35] are more successful models than TAM in predicting technology acceptance, we identified TAM as being more suitable in the context of the Privacy-ABC trial.

TAM considers two main factors that influence user adoption: Perceived Usefulness (called Performance Expectancy in UTAUT) and Perceived Ease of Use (called Effort Expectancy in UTAUT). UTAUT extends TAM with one additional factor that directly influences intention to use the technology: Social Influence, which is the degree to which the user perceives that people whose opinion the user values believe that the user should use the technology.

We tested the influence of this factor in the first Privacy-ABC trial [5] and found no relation to the intention to use Privacy-ABCs. Therefore, we decided to drop this factor. We hypothesize that in the trial environment, this factor may not be applicable, as Privacy-ABCs are only known to the fellow students, and the usage in our scenario did not involve peer pressure (as this would be the case, for example, for social media).

These findings are consistent with the UTAUT and UTAUT2 investigations, where Social Influence was not found to be an important adoption factor, especially for younger users with high experience, as in our sample. We note, however, that for application of Privacy-ABCs in other scenarios and with other (older and less experienced) user populations, Social Influence may be considered.

Additionally, UTAUT considers some factors (age, gender, experience, voluntariness of use) that moderate the relation between the intention to use the systems and the main factors. Considering these moderators does not make sense in our case, however, as our sample is very homogeneous in this respect: The students are of very similar age and experience, all of them use the system voluntarily, and the overwhelming majority is male.

Similar non-applicability considerations apply to the UTAUT2 model that considers additional main acceptance factors: hedonic motivation (the user derives fun or pleasure from using the system), price value (the monetary cost of the system usage), and the habit in using the system.

B Measurement Scales for User Acceptance Factors

The constructs considered in this research are presented in Table 2 on page 18.

Table 2. Measurement scales for the user acceptance factors; all items were measured on a 5-point scale ranging from 1 = “strongly disagree” to 5 = “strongly agree”.

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing Switzerland

About this paper

Cite this paper

Krontiris, I., Benenson, Z., Girard, A., Sabouri, A., Rannenberg, K., Schoo, P. (2016). Privacy-ABCs as a Case for Studying the Adoption of PETs by Users and Service Providers. In: Berendt, B., Engel, T., Ikonomou, D., Le Métayer, D., Schiffner, S. (eds) Privacy Technologies and Policy. APF 2015. Lecture Notes in Computer Science(), vol 9484. Springer, Cham. https://doi.org/10.1007/978-3-319-31456-3_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-31456-3_6

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-31455-6

  • Online ISBN: 978-3-319-31456-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics