Abstract
Over the last decades, people’s behaviour and attitudes towards privacy have been thoroughly studied by scholars, approaching the issue from different perspectives. To address privacy-related decisions, it is necessary to consider aspects of human cognition, employing, for instance, methods used in Human-Computer Interaction and Information Science research. This paper analyses findings and contributions of existing privacy decision-making research, and suggests filling gaps in current understanding by applying a cognitive architecture framework to model privacy decision-making. This may broaden the range of factors and their relationships that can be integrated into the models of privacy decisions, beyond those in existing decision models.
You have full access to this open access chapter, Download chapter PDF
Similar content being viewed by others
Keywords
1 Introduction
Privacy issues have been a matter of growing importance for individuals, as well as for business entities and regulators.
The key element in privacy-related interactions with technology is the end-user (i.e., data subject), who is entitled to make, supposedly well-informed, choices about how to deal with one’s own personal information. For the most part, decisions concerning privacy are decisions of people giving or revoking their consent. These decisions are imposed on the users whenever they desire to interact with an information service, as well as with some more traditional services.
Other, more particular, decisions can result from the users’ initiative (e.g., requesting deletion of their personal information, instituting changes in the data they have shared or in the way the system is allowed to process it, requesting a report on their privacy status, etc.). Such decisions are not usually forced upon the users, and they can be made by users without prior notifications and requests from systems or data holders. Therefore, to address these important issues, it is useful to be able to model human behaviour, when it comes to making decisions on privacy-related interactions.
This paper investigates the state-of-the-art in privacy decision-making literature and suggests the use of ACT-R (Adaptive Control of Thought – Rational) modelling framework to bridge the identified gaps and provide for a better understanding of people’s information disclosure behaviour.
Section 2 introduces the current stage of research and outlines and compares main approaches in privacy decision-making. Section 3 introduces the field of cognitive architectures, discusses applicability and potential contributions of models constructed with ACT-R framework. Section 4 provides concluding remarks and challenges of proposed modelling paradigm.
2 Research on Privacy-Related Decision-Making Models
Section 2.1 provides an outline of the literature selection process. In Sect. 2.2 I discuss identified approaches and theories, traversing privacy decision-making research. Section 2.3 gives more attention to the literature on the privacy calculus, which prevails in the state-of-the-art literature on privacy decision-making. Section 2.3 contains further comparisons of the state-of-the-art research and discusses opportunities for improvement.
2.1 Literature Selection
As the first step, I identify the existing literature on privacy-related decision-making that should form the body of work, through which we parse in this paper (see Table 1). In my approach, I relied on the guidelines by Webster and Watson [58].
For the review I used broad multi-disciplinary databases. I included papers that did not draw significant attention from other scholars over the years. It was important for the purposes of this paper to try and highlight all the ideas applied to study privacy decision-making that had been tested so far.
2.2 Approaches and Theories in Privacy-Related Decision-Making
Researchers have studied human decision-making from a psychological and economic standpoints, using a variety of models, based on classical economics (i.e., expected value and expected utility theory) and its generalized extensions, as well as behavioural economics (see Fig. 1).
The relations of approaches to modelling decision-making in economics
Acquisti et al. [1] discuss how privacy has been being regarded as an economic good and provide an explanation on how individuals’ informed decisions about their privacy are being hindered, because of asymmetry of the information available to people, when they make privacy-related decisions.
Behavioural economics is a permeant theme in the more recent papers (e.g., Adjerid et al. [2]; Dinev et al. [10]; Dong et al. [12]; etc.). Arguably, it may be applicable for modelling human decisions in privacy-related interactions as an instance of decision-making under risk. Barberis [6] provides multiple examples of how it has been used to model decisions in areas spanning from finance and insurance to understanding betting markets, pricing, consumption-saving decisions, etc.
Overall, I identified 40 papers on user decisions on online privacy. Nine papers reported surveys, positions, system prototypes, case-studies or user-study experiments and did not deal with model development. They are still included in this paper, representing the current developments in the subject domain. The outline of the families of theories and frameworks used so far is presented in Table 2.
Altman-Westin privacy, privacy concerns and attitudes constructs are the underlying theories in most of the reviewed papers. Since they are not directly related to model development, they are not mentioned in Table 2.
Looking at applied theories and frameworks, we can infer that, in general, research on privacy decision-making can be divided by subject areas into four major methodological groups: (1) most pronounced so far, an information science approach with the privacy calculus and its extensions; (2) a psychological, social and information science approach beyond the privacy calculus; (3) a mathematical-economic approach; and (4) a machine learning approach.
The overwhelming majority of research is based on the privacy calculus and its extensions. Hence, I deem appropriate to “detach” this bulk of research from subject-wise division and discuss this theory in more detail in the following Sect. 2.3. We return to the grand comparison and analysis of existing approaches in Sect. 2.4.
2.3 Privacy Calculus Modelling Approach
Multiple empirical and methodological studies on privacy decision-making draw from economic constructs such as expected utility theory, employing the privacy calculus (e.g., in Malhotra et al. [37]; Hann et al. [21]; Xu et al. [59]). Their results provide insights for understanding the “privacy paradox” and individuals’ attitudes towards privacy-related preferences and decisions, and contribute to the assessment of privacy concerns.
Dinev and Hart [8] attempt to measure privacy concerns and estimate dependencies between factors and privacy constructs (“concerns of information finding” and “concerns of information abuse”). Later, Dinev and Hart [9] provide more ground for the use of an extended privacy calculus, showing that, at least for the example of e-commerce, Internet trust and personal interest can outweigh privacy concerns constructs. After employing common statistical methods of dimensionality reduction and supervised learning in the first work, structural equation modelling in the second, and joined by other researchers, a bigger collective of authors investigates privacy perceptions and develops a theoretical framework for understanding Internet privacy attitudes (Dinev et al. [11]), with an empirically developed structural model attesting to the validity of proposed constructs.
In a set of studies of privacy-related issues in social networking services, Krasnova et al. [28, 29] turn to the privacy calculus and produce structural models to investigate Internet users’ privacy concerns and motivations regarding personal information disclosure. The former research develops and justifies categorisation of privacy concerns, and, then, tests it against self-disclosure dimensions to explore inter-relations between defined privacy concerns and postulated self-disclosure strategies. The latter paper commences in an attempt to build a model of self-disclosure in social networking services. Exploratory in nature, this paper identifies factors of self-disclosure, noting, however, that “(…) other factors beyond those investigated in our study can also have an impact on individual self-disclosure” (Krasnova et al. [29], p. 123).
Krasnova et al. [30] account for users’ mental patterns and uncover cultural implications of privacy attitudes and behaviour. Here the authors address individualism and avoidance of uncertainty as two (out of commonly adopted five) cultural factors of self-disclosure that seem most relevant in terms of social networking services. The paper, as recognised by the authors, is limited in the scope of possible influencing effects. The model itself abstains from considering spatial and temporal factors, as well as cognitive effects and biases at the point of making a decision.
Keith et al. [24] apply the privacy calculus to show that consumer age is not a significant factor in decisions on online self-disclosure, and the relationship between decisions on personal information disclosure and the intention to disclose such information is weak, while still statistically significant. More practical conclusions reveal that privacy-concerned users do not necessarily properly understand the link between first- and second-order privacy risks of the same nature. Notwithstanding, authors admit that their research “does not account for a consumer’s long-term intentions or disclosure behaviour” and “privacy calculus might be better modelled as a sub-theory within a larger framework aiming to elucidate how long term information disclosure relationships form.” (Keith et al. [24], p. 1172). Moreover, the researchers name Kahneman and Tversky’s Prospect Theory as a better way than the existing rational privacy calculus for accounting for bounded rationality and obtaining an insight on privacy-related decision-making. Lastly, another take-away from the paper is a seemingly valid point favouring exploration of possible non-linearity of relationship between perceived benefits and risks in self-disclosure decisions.
More and more attempts are made to extend the privacy calculus, apart from the aforementioned works (e.g., Li [34]). A paper by Wang et al. [56] is one successful example. The research probes extending the privacy calculus with more psychological factors and adds evidence of the importance of contextual factors in privacy decision-making. Relying on a structural model, the authors argue that users value benefits more than risks. The need for cognition effect has been studied, showing a significant relationship with risks and a non-significant relation with benefits.
The vast majority of decision-making models powered by the privacy calculus were built with expected utility or expected value in their core. To scrutinise decision-making behind disclosure in exchange for personalisation of services in e-commerce, Zhu et al. [60] introduce a rank-dependent generalised expected utility model. The authors run their mathematical model through a set of simulations for users with different levels of privacy concerns and companies with different reputation.
2.4 Comparison and Discussion
The existing theoretical body of research behind privacy decision-making draws from various subject areas. Let us look closer at the approaches scholars used to study privacy decision-making. Overall, achievements and limitations of the existing models, grouped by prevailing approaches, are represented in a comparative Table 3.
Li [34] designs a decision-making matrix, based on an elaborate overview of approaches and theories used in privacy research, and on the derived concept of a “dual-calculus model”, which is defined as a combination of privacy- and risk-calculi for decision-making in privacy-related issues.
Researchers try to probe privacy decision-making beyond privacy calculus as well. In that way, Van Gool et al. [51] base their research of disclosure behaviour in adolescents on a Prototype Willingness ModelFootnote 1. The authors study adolescents’ relationship disclosure in online social networks, and they manage to show that said self-disclosure is a product of an analytical reasoned process, which can be more or less influenced by the situational context. Li et al. [33] adopt the S-O-R paradigmFootnote 2 in their attempt to model privacy-related decision-making. The authors find that decisions regarding personal information disclosure depend on impressions that users internalize during the first interaction with a website that prompts the users for said decisions to be made.
Mahmood and Desmedt [36] carry out an attempt to develop mathematical models of privacy, which results in devising a game theoretical model (stochastic almost combinatorial) and a graph theory model (attack and defence multigraphs with certain simplifications). The researchers argue that users cannot always be careful and thorough, due to bounded rationality and limitations of working memory.
Egelman and Peer [13] study privacy decision-making from a psychological standpoint. The authors consider the influence of such factors as personality dimensions on online privacy concerns and self-disclosure behaviour. As a result, they argue that individual differences are better predictors of decisions than the personality traits approach, testing their hypothesis against the Five Factor ModelFootnote 3.
Koohikamali et al. [27] extend the modelling literature by addressing self-disclosure with the premises of Rest’s ethical decision-making modelFootnote 4. In contrast with majority of research concerned with self-disclosure, the authors attempt to model decisions about disclosure of personal information about others. They show that disclosure about others is driven by the attitudes towards social network sites and concerns about others’ privacy, and is not influenced by the social norms.
Griffin et al. [20] formulate a mathematical model, acknowledging behavioural economics arguments and presumably able to predict privacy decisions. Through treating user behaviour as an optimization of comfort with sharing and perceived control, the model reconciles maximization of perceived user control and costs associated with providing that control by social networks. Validation and testing is needed to evaluate the quality of the model.
Eling et al. [15] take an inductive approach to build a decision-making model, linking trust in a service provider and intrusiveness of requested information to highlight the decisional calculus proposed in their paper. Although the authors manage to obtain (and corroborate with an experiment) a depiction of the cognitive process underlying the decisions about application acceptance, the paper does not proceed to construct a cognitive model behind situational decision-making. Overall, decisional calculus, unveiled in Eling et al. [15], is in line with the privacy calculus.
Ghosh and Singh [17] provide one of the use cases for applying machine learning to build a predictive model of privacy concerns. Feeding phone usage metadata, refined through classification algorithms, they manage to achieve enough accuracy (for their classification design) to predict users’ privacy attitude category.
As particularly mentioned, most authors admit the limitations in their sets of influencing factors; unaccounted possible relations between factors, risks and benefits; and unexplored effects of cognition. Such usually unaddressed aspects may include the momentary awareness of privacy issues, the current level of fatigue and (or) mental workload, attention span and sense-making of privacy indications, and other mental effects (e.g., information overload, cognitive laziness, etc.).
Additionally, there is a discussion on the more convenient ways to convey privacy-related information to the individuals. As suggested by Wang et al. [55] regarding mobile applications, privacy notices requesting self-disclosure from users, inadequately reflect the scope of privacy intrusion or request unreasonable amounts of self-disclosure. In a survey comparing the effect of fine-grained privacy indications to the effect of coarse-grained ones Eling et al. [16] hypothesise that more concrete privacy indications may influence users’ willingness to disclose information. In a controlled experiment Egelman et al. [14] demonstrate that the temporal aspect of privacy indications impacts the acceptable amount of costs that users are willing to bear to preserve their privacy.
The issue of defining a better way to communicate privacy-related information to assist users’ decision-making is addressed in Bal et al. [4, 5]. Reflecting upon “privacy consequences” and echoing the problematic nature of “second-order privacy risks” with the aforementioned Keith et al. [24], the researchers argue that communicating privacy outcomes from privacy-related actions to mobile users should facilitate better decisions.
3 Opportunity for Future Research: Cognitive Architectures
In order to include various effects of internal and external factors influencing decision-makingFootnote 5, as well as different interdependencies, we can try a broader model of cognition – one that simulates dynamic cognitive processes as functions in a system, consisting of input and data acquisition, memory, attention, decision-making, and output generation. The modelling of complex cognitive phenomena is widely and rigorously addressed in cognitive architectures. Most notable and well-established examples of cognitive architectures in use include ACT-R, SOAR, LIDA and EPIC.Footnote 6
SOAR and LIDA focus on artificial general intelligence (Samsonovich [46]). SOAR specialises on task execution and problem-solving, providing software agents with spatial reasoning, anticipation and real-time strategy definition. LIDA has been applied to create software agents replacing human operators in certain tasks, but lacking visual and auditory input modalities and being limited in terms of learning capabilities (Ramamurthy et al. [43]). EPIC is poised as a framework for human-system interactions simulation, assisting in the development and validation of systems interfaces. Another example – 4CAPS – has been used to describe behavioural patterns in neuropsychology related to executive functions of cognitive control (Just and Varma [22]).
When it comes to privacy decision-making, the research model should be able to simulate dynamic cognitive processes as functions in complex systems, comprised of elements accounting for input and data acquisition, memory, attention, decision-making, and output generation. One of the most well-established cognitive architectures, which offers sufficient flexibility of application, is the ACT-R framework.
Section 3.1 introduces ACT-R in the field of human decision-making. Section 3.2 discusses possible contributions of ACT-R to privacy decision-making, and provides a comparison of ACT-R with the modelling approaches discussed in Chap. 2.
3.1 The ACT-R Modelling Framework
ACT-R is one of the most detailed frameworks for modelling perception, procedural cognition and decision processes (Anderson et al. [3]). As argued by Gonzalez and Lebiere [19], there are numerous benefits to the modelling of economic decision-making by using cognitive architectures, where ACT-R outcompetes its rivals, being in possession of a “more realistic characterization of the flexibility and adaptability of human behavior” (p. 26).
Attempts have been made to create a comprehensive integrated theory to approach modelling of the recognition heuristics and judgments (Marewski et al. [38]). Here the authors address issues of an “ecological model of decision-making”, pointing out how scarce the research is on real-world decisions with utilizing “sense of prior encounter”. Thomson et al. [50] argue that modelling paradigms (Taatgen et al. [48]) enabled in ACT-R, namely instance-based learning, can be applicable to modelling intuitive decision-making. Authors manage to show that by using this cognitive architecture it is possible to implement risk aversion in learned (not forced) strategy choice. Veksler et al. [52] demonstrate that the ACT-R framework can be used to implement human decision-making arising from “associative learning”, not involving an a-priori notion of rewards and punishments.
Overall, the theoretical background and existing body of empirical research indicate that using ACT-R to model human decision-making can attain new value over the so far prevalent approaches. ACT-R is capable of modelling long-term (both declarative and procedural) and working memory functioning, perception and logic processes and, as shown by Peebles and Banks [41], it is suitable for dynamic decision-making, even though with certain limitations.
3.2 ACT-R: Applicability and Discussion
Aforementioned features may help to build a model that can accommodate the context, in which the decisions are made, including but not limited to, simulating momentary awareness, as well as the individual’s attention and judgment processes, and other cognitive functions.Footnote 7 Additionally, incorporating the Cumulative Prospect Theory to model deviations from rational micro-economic decision-making with the ACT-R architecture seems as plausible as it may prove fruitful.
A summary of modelling opportunities enabled in ACT-R is outlined in Table 4.
It should be clearly stated, that, beyond any doubt, I am not denying the existing body of research all its achievements in formulation of the initial understanding of antecedents of privacy decision-making, and the inter-relations of various factors. As we have seen, though, with other approaches, their applicability can be limited by their theoretical background and, oftentimes, by the goal of each particular study. Additionally, each study usually does not allow for broader generalisations or – to the other extreme – particularisations (true for most of the mathematical economic models).
ACT-R may be capable of contributing to the field of human decision-making entailing privacy consequences in several ways. Consider a situation:
“A person X with a fatigue F in a situation S with environmental noise E, surrounded by the amount of people N, while exercising an activity A, is asked to disclose information M and receives a warning W with the properties T.” What will be the X’s response?
The comprehensiveness of the ACT-R modelling framework theoretically allows us to model the entire problem space of this situation. It makes it possible to come up with specific predictions about individual decisions of people, usually described by person-specific sets of features.
The extendibility of the ACT-R framework should help with building models in stages. Starting up with a certain simplistic basis of privacy-concerned decision-making, new features can be gradually added to account for additional effects and factors of the situation, extending its complexity.
Scalability of the ACT-R framework may be used to “switch off” chosen features impacting decisions. That can shed light on some emergent effects and interactions between features, which might have been left obscured and unexplored otherwise.
Features like the learning process, larger sets of user characteristics, attention mechanism, fatigue dynamics and cognitive capacity, task-distraction conflict, environmental noise, and others are extremely cumbersome to address with other approaches. These features, including their inter-dependence, can be addressed with ACT-R in a more structured and explicit, less demanding fashion. With ACT-R we may tackle problems like:
-
studying effects of factors in different combinations with each other;
-
modelling non-linear relationships in people’s perceptions of costs, benefits and risks of personal information disclosure;
-
studying human privacy decisions in different mental states;
-
modelling decisions made by users with different privacy attitudes according to various attitude taxonomies;
-
accounting for intertemporal nature of privacy-related decisions;
-
incorporating lower-level mental processes into the picture;
-
comparing different models within ACT-R framework against each other.
Overall, at the current stage of developments in the field of privacy-concerned decision-making, we have obtained substantial knowledge about antecedents and factors of users’ disclosure behaviour. Thus, based on what we have learnt so far, it may be possible, in principle, to build a decision-making model with the ACT-R framework, which should be able to contribute new knowledge and provide better understanding of situational privacy-concerned decision-making under various restrictions.
4 Conclusion
This paper provides an attempt to identify gaps in the current stage of research exploring users’ decision-making with privacy considerations. The state-of-the-art models of decision-making under privacy restrictions show limitations attributed to their levels of flexibility, practical applicability, and comprehensiveness. A possible idea to overcome some limitations of existing models is proposed in the current paper. This idea of using cognitive architectures may also be a solution that can advance our understanding of human decision-making regarding such a “fuzzy” issue as privacy.
However, the mapping of the behavioural economics approach and (or) extended privacy calculus to decision-making onto the ACT-R cognitive architecture creates major challenges. Economic modelling does not provide a generalised method for defining the costs and benefits for every problem. Additional problems that should be resolved in order to apply, for instance, Cumulative Prospect Theory include: determining the reference point, from which gains and losses can be defined; quantifying the benefits and costs of personal information disclosure; and devising a justified probability weighting.
Simultaneously, ACT-R modelling can be a challenge in and of itself, as it is developed to be a comprehensive architecture, simulating human cognitive processes at large. To be successful in developing an ACT-R model, one needs to apply domain-specific knowledge to the architecture and conduct a proper scoping of the problem to be resolved. Of course, the biggest challenge “is that it takes a substantial intellectual commitment to learn to understand models of a particular architecture and to learn to construct models” (Taatgen and Anderson [49], p. 699).
Accompanied by empirical validation, the implementation of the ACT-R cognitive architecture in the field of privacy will be a major challenge that can help privacy research, as well as enrich the ACT-R modelling methods.
Notes
- 1.
Prototype Willingness Model (PWM) is a framework from the family of so called “dual-processing models”. It operates under the assumption that there are two paths of decision-making: a reasoned path (rational), and a social reaction path (heuristics-based). PWM was developed by M. Gerrard, F. X. Gibbons and their colleagues. It was aimed to be used for health studies, originating in Gibbons and Gerrard [18].
- 2.
Stimulus-organism-response (S-O-R) model postulates that environmental factors affect cognitive reactions in organisms, thusly affecting behaviour (Mehrabian and Russell [39]).
- 3.
Five Factor Model (FFM, also “Big Five Personality Traits”) is a tool used to describe aspects of individual personality through five dimensions (or traits): Extraversion, Agreeableness, Conscientiousness, Neuroticism, and Openness to Experience. Modern version of FFM, mentioned by Egelman and Peer [13] and used by some other studies discussed in the current paper, refers to a work by Digman [7].
- 4.
Here the authors are referring to Rest’s Four Component Model (Rest [44]). Determinants of ethical behaviour in that model include: ethical sensitivity, moral judgment, moral motivation and moral character.
- 5.
- 6.
See in more detail, for example, in Lieto et al. [35].
- 7.
References
Acquisti, A., Taylor, C., Wagman, L.: The economics of privacy. J. Econ. Lit. 54(2), 442–492 (2016). https://doi.org/10.1257/jel.54.2.442
Adjerid, I., Peer, E., Acquisti, A.: Beyond the privacy paradox: objective versus relative risk in privacy decision making (2016)
Anderson, J.R., Bothell, D., Byrne, M.D., et al.: An integrated theory of the mind. Psychol. Rev. 111(4), 1036 (2004)
Bal, G., Rannenberg, K.: User control mechanisms for privacy protection should go hand in hand with privacy-consequence information: the case of smartphone apps (2014)
Bal, G., Rannenberg, K., Hong, J.I.: Styx: privacy risk communication for the Android smartphone platform based on apps’ data-access behavior patterns. Comput. Secur. 53, 187–202 (2015)
Barberis, N.C.: Thirty years of prospect theory in economics. J. Econ. Perspect. 27(1), 173–195 (2013)
Digman, J.M.: Personality structure: emergence of the five-factor model. Annu. Rev. Psychol. 41(1), 417–440 (1990)
Dinev, T., Hart, P.: Internet privacy concerns and their antecedents-measurement validity and a regression model. Behav. Inf. Technol. 23(6), 413–422 (2004)
Dinev, T., Hart, P.: An extended privacy calculus model for e-commerce transactions. Inf. Syst. Res. 17(1), 61–80 (2006)
Dinev, T., McConnell, A.R., Smith, H.J.: Research commentary—informing privacy research through information systems, psychology, and behavioral economics: thinking outside the “APCO” box. Inf. Syst. Res. 26(4), 639–655 (2015)
Dinev, T., Xu, H., Smith, J.H., et al.: Information privacy and correlates: an empirical attempt to bridge and distinguish privacy-related concepts. Eur. J. Inf. Syst. 22(3), 295–316 (2013)
Dong, C., Jin, H., Knijnenburg, B.P.: Predicting privacy behavior on online social networks. In: Anonymous ICWSM, pp. 91–100 (2015)
Egelman, S., Peer, E.: Predicting privacy and security attitudes. ACM SIGCAS Comput. Soc. 45(1), 22–28 (2015)
Egelman, S., Tsai, J., Cranor, L.F., et al.: Timing is everything?: the effects of timing and placement of online privacy indicators. In: Anonymous Proceedings of the SIGCHI Conference on Human Factors in Computing Systems ACM, pp. 319–328 (2009)
Eling, N., Krasnova, H., Widjaja, T., et al.: Will you accept an app? Empirical investigation of the decisional calculus behind the adoption of applications on Facebook (2013)
Eling, N., Rasthofer, S., Kolhagen, M., et al.: Investigating users’ reaction to fine-grained data requests: a market experiment. In: 2016 49th Hawaii International Conference on IEEE Anonymous System Sciences (HICSS), pp. 3666–3675 (2016)
Ghosh, I., Singh, V.K.: Predicting privacy attitudes using phone metadata. In: Xu, K., Reitter, D., Lee, D., Osgood, N. (eds.) Anonymous Social, Cultural, and Behavioral Modeling: 9th International Conference, SBP-BRiMS 2016, pp. 51–60. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-39931-7_6
Gibbons, F.X., Gerrard, M.: Predicting young adults’ health risk behavior. J. Pers. Soc. Psychol. 69(3), 505 (1995)
Gonzalez, C., Lebiere, C.: Instance-based cognitive models of decision-making (2005)
Griffin, C., Rajtmajer, S., Squicciarini, A.: A model of paradoxical privacy behavior in online users. In: 2016 IEEE 2nd International Conference on IEEE Anonymous Collaboration and Internet Computing (CIC), pp. 206–211 (2016)
Hann, I., Hui, K., Lee, S.T., et al.: Overcoming online information privacy concerns: an information-processing theory approach. J. Manag. Inf. Syst. 24(2), 13–42 (2007)
Just, M.A., Varma, S.: The organization of thinking: what functional brain imaging reveals about the neuroarchitecture of complex cognition. Cogn. Affect. Behav. Neurosci. 7(3), 153–191 (2007)
Kehr, F., Kowatsch, T., Wentzel, D., et al.: Blissfully ignorant: the effects of general privacy concerns, general institutional trust, and affect in the privacy calculus. Inf. Syst. J. 25(6), 607–635 (2015)
Keith, M.J., Thompson, S.C., Hale, J., et al.: Information disclosure on mobile devices: re-examining privacy calculus with actual user behavior. Int. J. Hum Comput Stud. 71(12), 1163–1173 (2013)
Kim, D.J., Ferrin, D.L., Rao, H.R.: A trust-based consumer decision-making model in electronic commerce: the role of trust, perceived risk, and their antecedents. Decis. Support Syst. 44(2), 544–564 (2008)
Knijnenburg, B.P., Kobsa, A.: Making decisions about privacy: information disclosure in context-aware recommender systems. ACM Trans. Interact. Intell. Syst. (TiiS) 3(3), 20 (2013)
Koohikamali, M., Peak, D.A., Prybutok, V.R.: Beyond self-disclosure: disclosure of information about others in social network sites. Comput. Hum. Behav. 69, 29–42 (2017)
Krasnova, H., Günther, O., Spiekermann, S., et al.: Privacy concerns and identity in online social networks. Identity Inf. Soc. 2(1), 39–63 (2009)
Krasnova, H., Spiekermann, S., Koroleva, K., et al.: Online social networks: why we disclose. J. Inf. Technol. 25(2), 109–125 (2010)
Krasnova, H., Veltri, N.F., Günther, O.: Self-disclosure and privacy calculus on social networking sites: the role of culture. Bus. Inf. Syst. Eng. 4(3), 127–135 (2012)
Lavie, N., Hirst, A., De Fockert, J.W., et al.: Load theory of selective attention and cognitive control. J. Exp. Psychol. Gen. 133(3), 339 (2004)
Lee, H., Kobsa, A.: Privacy preference modeling and prediction in a simulated campuswide IoT environment. In: 2017 IEEE International Conference on IEEE Anonymous Pervasive Computing and Communications (PerCom), pp. 276–285 (2017)
Li, H., Sarathy, R., Xu, H.: The role of affect and cognition on online consumers’ decision to disclose personal information to unfamiliar online vendors. Decis. Support Syst. 51(3), 434–445 (2011)
Li, Y.: Theories in online information privacy research: a critical review and an integrated framework. Decis. Support Syst. 54(1), 471–481 (2012)
Lieto, A., Chella, A., Frixione, M.: Conceptual spaces for cognitive architectures: a lingua franca for different levels of representation. Biol. Inspired Cogn. Arch. 19, 1–9 (2017)
Mahmood, S., Desmedt, Y.: Two new economic models for privacy. ACM SIGMETRICS Perform. Eval. Rev. 40(4), 84–89 (2013)
Malhotra, N.K., Kim, S.S., Agarwal, J.: Internet users’ information privacy concerns (IUIPC): the construct, the scale, and a causal model. Inf. Syst. Res. 15(4), 336–355 (2004)
Marewski, J.N., Pohl, R.F., Vitouch, O.: Recognition-based judgments and decisions: what we have learned (so far). Judgm. Decis. Making 6(5), 359–380 (2011)
Mehrabian, A., Russell, J.A.: An Approach to Environmental Psychology. The MIT Press, Cambridge (1974)
Panaousis, E., Laszka, A., Pohl, J., et al.: Game-theoretic model of incentivizing privacy-aware users to consent to location tracking. In: 2015 IEEE Anonymous Trustcom/BigDataSE/ISPA, vol. 1, pp. 1006–1013. IEEE (2015)
Peebles, D., Banks, A.: Modelling dynamic decision making with the ACT-R cognitive architecture. J. Artif. Gen. Intell. 2(2), 52–68 (2010). https://doi.org/10.2478/v10229-011-0009-1
Pu, Yu., Grossklags, J.: An economic model and simulation results of app adoption decisions on networks with interdependent privacy consequences. In: Poovendran, R., Saad, W. (eds.) GameSec 2014. LNCS, vol. 8840, pp. 246–265. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-12601-2_14
Ramamurthy, U., Baars, B.J., D’Mello, S.K., et al.: LIDA: a working model of cognition (2006)
Rest, J.R.: Moral development: advances in research and theory (1986)
Ross, C., Orr, E.S., Sisic, M., et al.: Personality and motivations associated with Facebook use. Comput. Hum. Behav. 25(2), 578–586 (2009)
Samsonovich, A.: Comparative table of cognitive architectures. BICA Society (2012)
Shih, H., Lai, K., Cheng, T.: Constraint-based and dedication-based mechanisms for encouraging online self-disclosure: is personalization the only thing that matters? Eur. J. Inf. Syst. 26(4), 432–450 (2017)
Taatgen, N.A., Lebiere, C., Anderson, J.R.: Modeling paradigms in ACT-R. In: Cognition and Multi-Agent Interaction: From Cognitive Modeling to Social Simulation, pp. 29–52 (2006)
Taatgen, N., Anderson, J.R.: The past, present, and future of cognitive architectures. Top. Cogn. Sci. 2(4), 693–704 (2010)
Thomson, R., Lebiere, C., Anderson, J.R., et al.: A general instance-based learning framework for studying intuitive decision-making in a cognitive architecture. J. Appl. Res. Mem. Cogn. 4(3), 180–190 (2015)
Van Gool, E., Van Ouytsel, J., Ponnet, K., et al.: To share or not to share? Adolescents’ self-disclosure about peer relationships on Facebook: an application of the prototype willingness model. Comput. Hum. Behav. 44, 230–239 (2015)
Veksler, V.D., Gray, W.D., Schoelles, M.J.: Goal-proximity decision-making. Cogn. Sci. 37(4), 757–774 (2013). https://doi.org/10.1111/cogs.12034
Veltri, G.A., Ivchenko, A.: The impact of different forms of cognitive scarcity on online privacy disclosure. Comput. Hum. Behav. 73, 238–246 (2017)
Venkitasubramaniam, P.: Decision making under privacy restrictions. In: 2013 IEEE 52nd Annual Conference on IEEE Anonymous Decision and Control (CDC), pp. 4693–4698 (2013)
Wang, N., Wisniewski, P., Xu, H., et al.: Designing the default privacy settings for Facebook applications. In: Anonymous Proceedings of the Companion Publication of the 17th ACM Conference on Computer Supported Cooperative Work & Social Computing ACM, pp. 249–252 (2014)
Wang, T., Duong, T.D., Chen, C.C.: Intention to disclose personal information via mobile applications: a privacy calculus perspective. Int. J. Inf. Manage. 36(4), 531–542 (2016)
Wang, Z., Liu, Y.: Identifying key factors affecting information disclosure intention in online shopping (2014)
Webster, J., Watson, R.T.: Analyzing the past to prepare for the future: writing a literature review. MIS Q. 26(2), xiii–xxiii (2002)
Xu, H., Luo, X.R., Carroll, J.M., et al.: The personalization privacy paradox: an exploratory study of decision making process for location-aware marketing. Decis. Support Syst. 51(1), 42–52 (2011)
Zhu, H., Ou, C.X., van den Heuvel, W., et al.: Privacy calculus and its utility for personalization services in e-commerce: an analysis of consumer decision-making. Inf. Manag. 54(4), 427–437 (2017)
Acknowledgements
I gratefully acknowledge the suggestions from my Ph.D. advisor, Professor Joachim Meyer.
This paper is a part of the author’s Ph.D. research on “Modelling Responses to Privacy-related Indications”. The research is conducted under and supported by the Privacy & Us innovative training network (EU H2020 MSCA ITN, grant agreement №675730).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 IFIP International Federation for Information Processing
About this chapter
Cite this chapter
Shulman, Y. (2018). Towards a Broadening of Privacy Decision-Making Models: The Use of Cognitive Architectures. In: Hansen, M., Kosta, E., Nai-Fovino, I., Fischer-Hübner, S. (eds) Privacy and Identity Management. The Smart Revolution. Privacy and Identity 2017. IFIP Advances in Information and Communication Technology(), vol 526. Springer, Cham. https://doi.org/10.1007/978-3-319-92925-5_12
Download citation
DOI: https://doi.org/10.1007/978-3-319-92925-5_12
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-92924-8
Online ISBN: 978-3-319-92925-5
eBook Packages: Computer ScienceComputer Science (R0)
