Information avoidance in the context of privacy decision making
Steininger, Christoph (2020-04-28)
Information avoidance in the context of privacy decision making
(28.04.2020)
Julkaisu on tekijänoikeussäännösten alainen. Teosta voi lukea ja tulostaa henkilökohtaista käyttöä varten. Käyttö kaupallisiin tarkoituksiin on kielletty.
suljettu
Julkaisun pysyvä osoite on:
https://urn.fi/URN:NBN:fi-fe2020062245241
https://urn.fi/URN:NBN:fi-fe2020062245241
Tiivistelmä
When making privacy decisions (mostly this concerns data disclosure in an online context) an individual is confronted with information like Terms of Service or data policies that are meant to support decision making. However, such information might be avoided by individuals. Such behaviour contradicts the efforts of legislators like the European Union (EU) to ensure an informed decision making of citizens.
This thesis examines this phenomenon of ‘information avoidance’ explicitly in a privacy context. Furthermore, it is investigated how information avoidance in privacy decisions is influenced (or influences) transparency measures. Thereby, the usefulness of transparency measures in the presence of information avoidance is investigated. This thesis finds that privacy decision making is neither completely rational nor irrational. There are influences besides a rational calculus. The same yields for information avoidance: It is neither purely rational nor irrational. Based on these findings, two sets of reasons for information avoidance in privacy decision making are identified: There are information-driven reasons and situational factors that determine the decision whether to avoid information. When comparing the reasons of information avoidance and the possible effects of transparency, it becomes evident that transparency measures can mitigate (especially) situational driven reasons of information avoidance. However, considering the EU’s General Data Protection Regulation (GDPR) as an concrete example for transparency regulation and examining its impact to date, it becomes obvious that current transparency measures are still not being implemented in a way that ensures the full potential of transparency is realised. Information that is meant to support decision making (e.g. data policies) is still too complex, provided in a false form or not at the right time.
Thus, while transparency measures can be an effective mean for informed decision making, their implementation is crucial: There are various mechanisms or tools that can provide transparency but they have to be empowered in an effective way by regulation. In this context, also the empowerment of such regulation has to be ensured. More research is indispensable to evaluate the effects of transparency requirements since regulations which require so (e.g. GDPR) are usually not long in place and the effects are still unfolding.. The topic of information avoidance is especially relevant in this context. Therefore, there should be further research on information avoidance with a focus on privacy decision-making, as most research on information avoidance has so far been conducted in a more general context.
This thesis examines this phenomenon of ‘information avoidance’ explicitly in a privacy context. Furthermore, it is investigated how information avoidance in privacy decisions is influenced (or influences) transparency measures. Thereby, the usefulness of transparency measures in the presence of information avoidance is investigated. This thesis finds that privacy decision making is neither completely rational nor irrational. There are influences besides a rational calculus. The same yields for information avoidance: It is neither purely rational nor irrational. Based on these findings, two sets of reasons for information avoidance in privacy decision making are identified: There are information-driven reasons and situational factors that determine the decision whether to avoid information. When comparing the reasons of information avoidance and the possible effects of transparency, it becomes evident that transparency measures can mitigate (especially) situational driven reasons of information avoidance. However, considering the EU’s General Data Protection Regulation (GDPR) as an concrete example for transparency regulation and examining its impact to date, it becomes obvious that current transparency measures are still not being implemented in a way that ensures the full potential of transparency is realised. Information that is meant to support decision making (e.g. data policies) is still too complex, provided in a false form or not at the right time.
Thus, while transparency measures can be an effective mean for informed decision making, their implementation is crucial: There are various mechanisms or tools that can provide transparency but they have to be empowered in an effective way by regulation. In this context, also the empowerment of such regulation has to be ensured. More research is indispensable to evaluate the effects of transparency requirements since regulations which require so (e.g. GDPR) are usually not long in place and the effects are still unfolding.. The topic of information avoidance is especially relevant in this context. Therefore, there should be further research on information avoidance with a focus on privacy decision-making, as most research on information avoidance has so far been conducted in a more general context.