TY - JOUR
T1 - Privacy-Aware Decision Making
T2 - The Effect of Privacy Nudges on Privacy Awareness and the Monetary Assessment of Personal Information
AU - Schmitt, Vera
AU - Nicholson, James
AU - Möller, Sebastian
PY - 2024/3/30
Y1 - 2024/3/30
N2 - Nowadays, smartphones are equipped with various sensors collecting a huge amount of sensitive personal information about their users. However, for smartphone users, it remains hidden, and sensitive information is accessed by used applications and data requesters. Moreover, governmental institutions have no means to verify if applications requesting sensitive informa-tion are compliant with the General Data Protection Directive (GDPR), as it is infeasible to check the technical details and data requested by applications that are on the market. Thus, this research aims to shed light on the compliance analysis of applications with the GDPR. Therefore, a multidimensional analysis is applied to analyzing the permission requests of applications and empirically test if the information provided about potentially dangerous permissions influences the privacy awareness and their willingness to pay or sell personal data of users. The use case of Google Maps has been chosen to examine privacy awareness and the monetary assessment of data in a concrete scenario. The information about the multidimensional analysis of the permission requests of Google Maps and the privacy consent form is used to design privacy nudges to inform users about potentially harmful permission requests that are not in line with the GDPR. The privacy nudges are evaluated in two crowdsourcing experiments with overall 426 participants, showing that information about harmful data collection practices increases privacy awareness and also the willingness to pay for the protection of personal data.
AB - Nowadays, smartphones are equipped with various sensors collecting a huge amount of sensitive personal information about their users. However, for smartphone users, it remains hidden, and sensitive information is accessed by used applications and data requesters. Moreover, governmental institutions have no means to verify if applications requesting sensitive informa-tion are compliant with the General Data Protection Directive (GDPR), as it is infeasible to check the technical details and data requested by applications that are on the market. Thus, this research aims to shed light on the compliance analysis of applications with the GDPR. Therefore, a multidimensional analysis is applied to analyzing the permission requests of applications and empirically test if the information provided about potentially dangerous permissions influences the privacy awareness and their willingness to pay or sell personal data of users. The use case of Google Maps has been chosen to examine privacy awareness and the monetary assessment of data in a concrete scenario. The information about the multidimensional analysis of the permission requests of Google Maps and the privacy consent form is used to design privacy nudges to inform users about potentially harmful permission requests that are not in line with the GDPR. The privacy nudges are evaluated in two crowdsourcing experiments with overall 426 participants, showing that information about harmful data collection practices increases privacy awareness and also the willingness to pay for the protection of personal data.
KW - GDPR
KW - Privacy protection
KW - privacy awareness
KW - privacy policy analysis
KW - willingness to pay
UR - http://www.scopus.com/inward/record.url?scp=85189942286&partnerID=8YFLogxK
U2 - 10.14569/IJACSA.2024.0150303
DO - 10.14569/IJACSA.2024.0150303
M3 - Article
SN - 2158-107X
VL - 15
SP - 17
EP - 26
JO - International Journal of Advanced Computer Science and Applications
JF - International Journal of Advanced Computer Science and Applications
IS - 3
ER -