Analyzing IOT users' mobile device privacy concerns: Extracting privacy permissions using a disclosure experiment

摘要

The advent of the Internet of Things (IoT) has caused a critical shift in the amount of data being collected and shared about individual consumers. Although many users perceive the proliferation of IoT as convenience and important informational utility, they are largely unaware of the unintended outcomes of such widespread data accumulation-namely, breaches of personally identifiable information (PII). Using the enhanced Antecedents-Privacy Concerns-Outcomes (APCO) model as a theoretical framework, we executed a disclosure experiment that captured users' actual disclosure behavior when they were presented with an IoT aggregator application and a graphical representation of various ways in which their private data might be shared. We found that IoT users process privacy concerns related to their IoT devices differently than concerns related to using the Internet and that increasing the respondents' awareness of data sharing practices influenced their perceptions related to privacy and intentions regarding future IoT usage. In respondents who were willing to disclose their private information, we were also able to analyze the actual privacy permissions on their mobile devices. We observed significant correlations between specific application-level privacy allowances and the perceptions measured using Internet Users' Internet Privacy Concerns (IUIPC). Our work contributes to the theoretical literature by demonstrating unexpected and key differences in IUIPC based on its utilization in the IoT context. We also offer practical implications for IoT developers and the education of consumers regarding IoT-based privacy risks.