Privacy concerns and protection behavior during the Covid-19 pandemic
-
DOIhttp://dx.doi.org/10.21511/ppm.20(2).2022.06
-
Article InfoVolume 20 2022, Issue #2, pp. 57-70
- Cited by
- 720 Views
-
239 Downloads
This work is licensed under a
Creative Commons Attribution 4.0 International License
This paper aims to analyze the protection behavior of employees while working remotely during the Covid-19 pandemic using online video chat software. This pandemic changed the way organizations work, managers meet with employees, and employees communicate. An e-mail-based survey among computer users who use video chat software for remote working is employed in this study. Using 306 responses, structural equation modeling explores the relationship between privacy concerns, protection behavior, and antecedents. The technological changes induced due to Covid-19 influence privacy concerns and protection behavior. Privacy efficacy increases privacy concerns and protection behavior. Perceived vulnerability increases privacy concerns. Perceived effectiveness of organization software affects privacy concerns but does not affect protection behavior. There is a positive relationship between privacy concerns and protection behavior; however, this positive relation is negatively moderated by a propensity to trust. A finding of threat severity measure using Covid-19 factors concludes that both privacy concerns and protection behavior increased for online video chat software users. The theoretical model explicates 75% of variances in privacy concerns and 57% of variances in protection behavior. Every one-unit increase in Covid-19 induced changes regarding the work environment increases the privacy concern by 35%, and every one-unit increase in perceived effectiveness of organization software increases privacy concern by 22%. Every one-unit increase in the privacy concern increases the protection behavior by 48%, and every one-unit increase in privacy efficacy increases protection behavior by 59%.
Acknowledgment
The assistance provided by Arun Thottath in reaching out to survey participants was greatly appreciated.
- Keywords
-
JEL Classification (Paper profile tab)J28, M10, M15
-
References92
-
Tables1
-
Figures4
-
- Figure 1. Hypothesized structural model
- Figure 2. Structural model with the result
- Figure 3. TRP as moderator
- Figure 4. Graph of moderator analysis
-
- Table 1. Results of protection behavior analysis
-
- Acquisti, A., & Gross, R. (2006). Imagined communities: Awareness, information sharing, and privacy on the Facebook. In International workshop on privacy enhancing technologies (pp. 36-58). Springer, Berlin, Heidelberg.
- Bandura, A., Freeman, W. H., & Lightsey, R. (1999). Self-efficacy: The exercise of control. New York: W.H. Freeman and Company.
- Boateng, G. O., Neilands, T. B., Frongillo, E. A., Melgar-Quiñonez, H. R., & Young, S. L. (2018). Best practices for developing and validating scales for health, social, and behavioral research: a primer. Frontiers in Public Health, 6.
- Bordia, P., Hobman, E., Jones, E., Gallois, C., & Callan, V. J. (2004). Uncertainty during organizational change: Types, consequences, and management strategies. Journal of Business and Psychology, 18(4), 507-532.
- Buchanan, T., Paine, C., Joinson, A. N., & Reips, U. D. (2007). Development of measures of online privacy concern and protection for use on the Internet. Journal of the American Society for Information Science and Technology, 58(2), 157-165.
- Burns, A. J., Posey, C., Roberts, T. L., & Lowry, P. B. (2017). Examining the relationship of organizational insiders’ psychological capital with information security threat and coping appraisals. Computers in Human Behavior, 68, 190-209.
- Carroll, N., & Conboy, K. (2020). Normalising the “new normal”: Changing tech-driven work practices under pandemic time pressure. International Journal of Information Management, 55, 102186.
- Carter, L., & Bélanger, F. (2005). The utilization of e-government services: citizen trust, innovation and acceptance factors. Information Systems Journal, 15(1), 5-25.
- Centers for Disease Control and Prevention (CDC). (2020). Interim clinical guidance for management of patients with confirmed coronavirus disease (COVID-19).
- Chai, S., Bagchi-Sen, S., Morrell, C., Rao, H. R., & Upadhyaya, S. J. (2009). Internet and online information privacy: An exploratory study of preteens and early teens. IEEE Transactions on Professional Communication, 52(2), 167-182.
- Chen, H. T., & Chen, W. (2015). Couldn’t or wouldn’t? The influence of privacy concerns and self-efficacy in privacy management on privacy protection. Cyberpsychology, Behavior, and Social Networking, 18(1), 13-19.
- Chen, H., Beaudoin, C. E., & Hong, T. (2017). Securing online privacy: An empirical test on Internet scam victimization, online privacy concerns, and privacy protection behaviors. Computers in Human Behavior, 70, 291-302.
- Cohen, L. E., & Felson, M. (1979). Social change and crime rate trends: A routine activity approach. American Sociological Review, 44(4), 588-608.
- Conchie, S. M., Taylor, P. J., & Donald, I. J. (2012). Promoting safety voice with safety-specific transformational leadership: The mediating role of two dimensions of trust. Journal of Occupational Health Psychology, 17(1), 105-115.
- Cronbach, L. J. (1951). Coefficient alpha and the internal structure of tests. Psychometrika, 16(3), 297-334.
- Crossler, R. E., Johnston, A. C., Lowry, P. B., Hu, Q., Warkentin, M., & Baskerville, R. (2013). Future directions for behavioral information security research. Computers & Security, 32, 90-101.
- Dhagarra, D., Goswami, M., & Kumar, G. (2020). Impact of trust and privacy concerns on technology acceptance in healthcare: An Indian perspective. International journal of medical informatics, 141, 104164.
- Dienlin, T., & Trepte, S. (2015). Is the privacy paradox a relic of the past? An in-depth analysis of privacy attitudes and privacy behaviors. European Journal of Social Psychology, 45(3), 285-297.
- Dinev, T., & Hart, P. (2004). Internet Privacy Concerns and their Antecedents – Measurement Validity and a Regression Model. Behavior and Information Technology, 23(6), 413-422.
- Dinev, T., & Hart, P. (2005). Internet privacy concerns and social awareness as determinants of intention to transact. International Journal of Electronic Commerce, 10(2), 7-29.
- Dinev, T., & Hu, Q. (2007). The centrality of awareness in the formation of user behavioral intention toward protective information technologies. Journal of the Association for Information Systems, 8(7).
- Esposito, G., Hernández, P., van Bavel, R., & Vila, J. (2017). Nudging to prevent the purchase of incompatible digital products online: An experimental study. PloS One, 12(3), e0173333.
- Floyd, D. L., Prentice-Dunn, S., & Rogers, R. W. (2000). A meta-analysis of research on protection motivation theory. Journal of Applied Social Psychology, 30(2), 407-429.
- Fornell, C., & Larcker, D. F. (1981). Evaluating structural equation models with unobservable variables and measurement error. Journal of Marketing Research, 18(1), 39-50.
- Fugate, M., Kinicki, A. J., & Prussia, G. E. (2008). Employee coping with organizational change: An examination of alternative theoretical perspectives and models. Personnel Psychology, 61(1), 1-36.
- Furnell, S. M., Bryant, P., & Phippen, A. D. (2007). Assessing the security perceptions of personal Internet users. Computers & Security, 26(5), 410-417.
- Gefen, D. (2000). E-commerce: the role of familiarity and trust. Omega, 28(6), 725-737.
- Hanus, B., & Wu, Y. A. (2016). Impact of users’ security awareness on desktop security behavior: A protection motivation theory perspective. Information Systems Management, 33(1), 2-16.
- Herath, T., & Rao, H. R. (2009a). Protection motivation and deterrence: a framework for security policy compliance in organisations. European Journal of Information Systems, 18(2), 106-125.
- Herath, T., & Rao, H. R. (2009b). Encouraging information security behaviors in organizations: Role of penalties, pressures and perceived effectiveness. Decision Support Systems, 47(2), 154-165.
- Herold, D. M., Fedor, D. B., Caldwell, S., & Liu, Y. (2008). The effects of transformational and change leadership on employees’ commitment to a change: A multilevel study. Journal of Applied Psychology, 93(2), 346-357.
- Hofmann, D. A., & Morgeson, F. P. (1999). Safety-related behavior as a social exchange: The role of perceived organizational support and leader-member exchange. Journal of Applied Psychology, 84(2), 286-296.
- Hoy, M. G., & Milne, G. (2010). Gender differences in privacy-related measures for young adult Facebook users. Journal of Interactive Advertising, 10(2), 28-45.
- Ifinedo, P. (2012). Understanding information systems security policy compliance: An integration of the theory of planned behavior and the protection motivation theory. Computers & Security, 31(1), 83-95.
- John, A. S. (2020). It’s Not Just Zoom. Google Meet, Microsoft Teams, and Webex Have Privacy Issues, Too.
- Johnston, A. C., & Warkentin, M. (2010). Fear appeals and information security behaviors: An empirical study. MIS Quarterly, 34(3), 549-566.
- Junglas, I. A., Johnson, N. A., & Spitzmüller, C. (2008). Personality traits and concern for privacy: an empirical study in the context of location-based services. European Journal of Information Systems, 17(4), 387-402.
- Jutla, D. N., & Bodorik, P. (2005). Sociotechnical architecture for online privacy. IEEE Security & Privacy, 3(2), 29-39.
- Khan, N. A., Brohi, S. N., & Zaman, N. (2020). Ten deadly cyber security threats amid COVID-19 pandemic. TechRxiv.
- Kirlappos, I., & Sasse, M. A. (2014). What usable security really means: Trusting and engaging users. International Conference on Human Aspects of Information Security, Privacy, and Trust (pp. 69-78). Springer.
- Krasnova, H., Spiekermann, S., Koroleva, K., & Hildebrand, T. (2010). Online social networks: why we disclose. Journal of Information Technology, 25(2), 109-125.
- LaRose, R., & Rifon, N. J. (2007). Promoting i-safety: effects of privacy warnings and privacy seals on risk assessment and online privacy behavior. Journal of Consumer Affairs, 41(1), 127-149.
- LaRose, R., Rifon, N., Liu, S., & Lee, D. (2005). Understanding online safety behavior: A multivariate model. The 55th annual conference of the international communication association. New York.
- Latham, G. P., Locke, E. A., & Fassina, N. E. (2002). The high performance cycle: Standing the test of time. In S. Sonnentag (Ed.), Psychological management of individual performance (pp. 201-228).
- Lebek, B., Uffen, J., Neumann, M., Hohler, B., & Breitner, M. H. (2014). Information security awareness and behavior: a theory-based literature review. Management Research Review, 37(12), 1049-1092.
- Lee, D., Larose, R., & Rifon, N. (2008). Keeping our network safe: a model of online protection behaviour. Behaviour & Information Technology, 27(5), 445-454.
- Lunn, P., & Lyons, S. (2010). Behavioural economics and “vulnerable consumers”: a summary of evidence. London: Communications Consumer Panel.
- Lutz, C., & Strathoff, P. (2014). Privacy concerns and online behavior – Not so paradoxical after all? Viewing the privacy paradox through different theoretical lenses.
- Malhotra, N. K., Kim, S. S., & Agarwal, J. (2004). Internet users’ information privacy concerns (IUIPC): The construct, the scale, and a causal model. Information Systems Research, 15(4), 311-416.
- Martocchio, J. J. (1994). Effects of conceptions of ability on anxiety, self-efficacy, and learning in training. Journal of Applied Psychology, 79(6), 819-825.
- McKnight, D. H., Choudhury, V., & Kacmar, C. (2002). The impact of initial consumer trust on intentions to transact with a web site: a trust building model. The Journal of Strategic Information Systems, 11(3-4), 297-323.
- McKnight, D. H., Cummings, L. L., & Chervany, N. L. (1998). Initial trust formation in new organizational relationships. Academy of Management Review, 23(3), 473-490.
- Men, L. R., & Stacks, D. (2014). The effects of authentic leadership on strategic internal communication and employee-organization relationships. Journal of Public Relations Research, 26(4), 301-324.
- Mesch, G. S. (2012). Is online trust and trust in social institutions associated with online disclosure of identifiable information online? Computers in Human Behavior, 28(4), 1471-1477.
- Milne, G. R., & Culnan, M. J. (2004). Strategies for reducing online privacy risks: Why consumers read (or don’t read) online privacy notices. Journal of Interactive Marketing, 18(3), 15-29.
- Miltgen, C. L., & Peyrat-Guillard, D. (2014). Cultural and generational influences on privacy concerns: a qualitative study in seven European countries. European Journal of Information Systems, 23(2), 103-125.
- Mohamed, N., & Ahmad, I. H. (2012). Information privacy concerns, antecedents and privacy measure use in social networking sites: Evidence from Malaysia. Computers in Human Behavior, 28(6), 2366-2375.
- Moscardelli, D. M., & Divine, R. (2007). Adolescents’ concern for privacy when using the Internet: An empirical analysis of predictors and relationships with privacy-protecting behaviors. Family and Consumer Sciences Research Journal, 35(3), 232-252.
- Mwagwabi, F., McGill, T., & Dixon, M. (2018). Short-term and long-term effects of fear appeals in improving compliance with password guidelines. Communications of the Association for Information Systems, 42(1).
- Naidoo, R. (2020). A multi-level influence model of COVID-19 themed cybercrime. European Journal of Information Systems, 29(3), 306-321.
- Norberg, P. A., Horne, D. R., & Horne, D. A. (2007). The privacy paradox: Personal information disclosure intentions versus behaviors. Journal of Consumer Affairs, 41(1), 100-126.
- Nunnally, J. (1967). Psychometric theory. New York: McGraw-Hill.
- Olivero, N., & Lunt, P. (2004). Privacy versus willingness to disclose in e-commerce exchanges: The effect of risk awareness on the relative role of trust and control. Journal of Economic Psychology, 25(2), 243-262.
- Pahnila, S., Siponen, M., & Mahmood, A. (2007a). Employees’ behavior towards IS security policy compliance. In 2007 40th Annual Hawaii International Conference on System Sciences (HICSS’07) (pp. 156b-156b). IEEE.
- Pahnila, S., Siponen, M., & Mahmood, A. (2007b). Which factors explain employees’ adherence to information security policies? An empirical study. Pacis 2007 Proceedings, 73.
- Park, Y. J. (2015). Do men and women differ in privacy? Gendered privacy and (in) equality in the Internet. Computers in Human Behavior, 50, 252-258.
- Peterson, T. O., & Arnn, R. B. (2005). Self-efficacy: The foundation of human performance. Performance Improvement Quarterly, 18(2), 5-18.
- Rogers, R. W. (1975). A protection motivation theory of fear appeals and attitude change1. The Journal of Psychology, 91(1), 93-114.
- Rogers, R. W. (1983). Cognitive and psychological processes in fear appeals and attitude change: A revised theory of protection motivation. Social psychophysiology: A sourcebook, 153-176.
- Schmidt, F. L., Hunter, J. E., & Urry, V. W. (1976). Statistical power in criterion-related validation studies. Journal of Applied Psychology, 61(4), 473-485.
- Schou, C. D., & Trimmer, K. J. (2004). Information assurance and security. Journal of Organizational and End User Computing, 16(3), 123-145.
- Shaw, D. (2017). Managing people and learning in organisational change projects. Journal of Organizational Change Management, 30(6), 923-935.
- Sheehan, K. B., & Hoy, M. G. (1999). Flaming, complaining, abstaining: How online users respond to privacy concerns. Journal of Advertising, 28(3), 37-51.
- Sheeran, P. (2002). Intention – behavior relations: a conceptual and empirical review. European Review of Social Psychology, 12(1), 1-36.
- Singh, R., & Awasthi, S. (2020). Updated Comparative Analysis on Video Conferencing Platforms-Zoom, Google Meet, Microsoft Teams, WebEx Teams and GoToMeetings (EasyChair Preprint No. 4026).
- Siponen, M. T., & Oinas-Kukkonen, H. (2007). A review of information security issues and respective research contributions. ACM SIGMIS Database: the DATABASE for Advances in Information Systems, 38(1), 60-80.
- Siponen, M., Pahnila, S., & Mahmood, M. A. (2010). Compliance with information security policies: An empirical investigation. Computer, 43(2), 64-71.
- Son, J. Y., & Kim, S. S. (2008). Internet users’ information privacy-protective responses: A taxonomy and a nomological model. MIS Quarterly, 32(3), 503-529.
- Stanton, J. M., Stam, K. R., Mastrangelo, P., & Jolton, J. (2005). Analysis of end user security behaviors. Computers & Security, 24(2), 124-133.
- Taddei, S., & Contena, B. (2013). Privacy, trust and control: Which relationships with online self-disclosure? Computers in Human Behavior, 29(3), 821-826.
- Tsai, H. Y. S., Jiang, M., Alhabash, S., LaRose, R., Rifon, N. J., & Cotten, S. R. (2016). Understanding online safety behaviors: A protection motivation theory perspective. Computers & Security, 59, 138-150.
- Tufekci, Z. (2008). Can you see me now? Audience and disclosure regulation in online social network sites. Bulletin of Science, Technology & Society, 28(1), 20-36.
- Van Bavel, R., Rodríguez-Priego, N., Vila, J., & Briggs, P. (2019). Using protection motivation theory in the design of nudges to improve online security behavior. International Journal of Human-Computer Studies, 123, 29-39.
- Verkijika, S. F. (2018). Understanding smartphone security behaviors: An extension of the protection motivation theory with anticipated regret. Computers & Security, 77, 860-870.
- Waldrop, M. M. (2016). How to hack the hackers: The human side of cybercrime. Nature, 533, 164-167.
- Woon, I., Tan, G. W., & Low, R. (2005). A protection motivation theory approach to home wireless security. Association for Information Systems – 26th International Conference on Information Systems, ICIS 2005: Forever New Frontiers (pp. 367-380).
- Workman, M., Bommer, W. H., & Straub, D. (2008). Security lapses and the omission of information security measures: A threat control model and empirical test. Computers in Human Behavior, 24(6), 2799-2816.
- Yao, M. Z., & Linz, D. G. (2008). Predicting self-protections of online privacy. CyberPsychology & Behavior, 11(5), 615-617.
- Youn, S. (2009). Determinants of online privacy concern and its influence on privacy protection behaviors among young adolescents. Journal of Consumer Affairs, 43(3), 389-418.
- Young, A. L., & Quan-Haase, A. (2009). Information revelation and internet privacy concerns on social network sites: a case study of facebook. Proceedings of the fourth international conference on Communities and technologies (pp. 265-274).
- Zhang, L., & McDowell, W. C. (2009). Am I really at risk? Determinants of online users’ intentions to use strong passwords. Journal of Internet Commerce, 8(3-4), 180-197.
- Zimmer, J. C., Arsal, R., Al-Marzouq, M., Moore, D., & Grover, V. (2010). Knowing your customers: Using a reciprocal relationship to enhance voluntary information disclosure. Decision Support Systems, 48(2), 395-406.