How to Protect My Privacy? - Classifying End-User Information Privacy Protection Behaviors

  • Frank EbbersEmail author
Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT, volume 576)


The Internet and smart devices pose many risks at users’ information privacy. Individuals are aware of that and try to counter tracking activities by applying different privacy protection behaviors. These are manifold and differ in scope, goal and degree of technology utilization. Although there is a lot of literature which investigates protection strategies, it is lacking holistic user-centric classifications.

We review literature and identify 141 privacy protection behaviors end-users show. We map these results to 38 distinct categories and apply hybrid cart sorting to create a taxonomy, which we call the “End-User Information Privacy Protection Behavior Model” (EIPPBM).


Privacy protection Protection behavior Protection activities Privacy responses Taxonomy Classification Model User-Centric 



This work is partially funded by the German Ministry of Education and Research within the project ‘Forum Privacy and Self-determined Life in the Digital World’,


  1. 1.
    Malekzadeh, M., Clegg, R.G., Cavallaro, A., et al.: Protecting sensory data against sensitive inferences. In: Maia, F., Mercier, H., Brito, A. (eds.) Thirteenth EuroSys Conference 2018, pp. 1–6. ACM, New York (2018)Google Scholar
  2. 2.
    Crisler, V., Richardson, B., DiGerolamo, J.: The state of IoT security: it is time for action (2018).
  3. 3.
    Acquisti, A., Taylor, C., Wagman, L.: The economics of privacy. J. Econ. Lit. 54(2), 442–492 (2016). Scholar
  4. 4.
    Tucker, C.E.: The economics of advertising and privacy. Int. J. Ind. Organ. 30(3), 326–329 (2012). Scholar
  5. 5.
    Barathi, J.J., Kavitha, G., Imran, M.M.: Building a Mobile Personalized Marketing system using multidimensional data. In: Proceedings of the 2015 International Conference on Smart Technologies and Management for Computing, Communication, Controls, Energy and Materials: ICSTM, 6th–8th May 2015, pp. 133–137. IEEE, Piscataway (2015)Google Scholar
  6. 6.
    Junglas, I.A., Johnson, N.A., Spitzmüller, C.: Personality traits and concern for privacy: an empirical study in the context of location-based services. Eur. J. Inf. Syst. 17(4), 387–402 (2008). Scholar
  7. 7.
    Belanger, F., Xu, H.: The role of information systems research in shaping the future of information privacy. Inf. Syst. J. 25(6), 573–578 (2015). Scholar
  8. 8.
    DIVSI: Internetnutzung - Risikowahrnehmung unter Jugendlichen und jungen Erwachsenen in Deutschland 2018 (2018). Accessed 17 July 2019
  9. 9.
    Bennett, C.J., Raab, C.D.: The Governance of Privacy: Policy Instruments in Global Perspective, 1st edn. Routledge, Abingdon (2017)CrossRefGoogle Scholar
  10. 10.
    CIGI-Ipsos: 2019 CIGI-Ipsos Global Survey on Internet Security and Trust (2019). Accessed 23 Apr 2019
  11. 11.
    GPRA: Datenschutz - Vertrauen in Internetunternehmen in Deutschland 2017 (2018). Accessed 23 Sept 2019
  12. 12.
    Wambach, T., Bräunlich, K.: The evolution of third-party web tracking. In: Camp, O., Furnell, S., Mori, P. (eds.) ICISSP 2016. CCIS, vol. 691, pp. 130–147. Springer, Cham (2017). Scholar
  13. 13.
    Boerman, S.C., Kruikemeier, S., Zuiderveen Borgesius, F.J.: Exploring motivations for online privacy protection behavior: insights from panel data. Commun. Res. 25, 1–25 (2018). Scholar
  14. 14.
    Moshki, H., Barki, H.: Coping with information privacy breaches: an exploratory framework. In: Ågerfalk, P.J., Levina, N., Kien, S.S. (eds.) Proceedings of the International Conference on Information Systems - Digital Innovation at the Crossroads, ICIS 2016, Dublin, Ireland, 11–14 December 2016. Association for Information Systems (2016)Google Scholar
  15. 15.
    Xu, H., Teo, H.-H., Tan, B.C.Y., et al.: Effects of individual self-protection, industry self-regulation, and government regulation on privacy concerns: a study of location-based services. Inf. Syst. Res. 23(4), 1342–1363 (2012). Scholar
  16. 16.
    Yap, J.E., Beverland, M.B., Bove, L.L.: “Doing Privacy”: consumers search for sovereignty through privacy management practices. In: Scott, L.M., Belk, R.W., Askegaard, S. (eds.) Research in Consumer Behavior. Emerald, Bingley (2012)Google Scholar
  17. 17.
    Son, J.-Y., Kim, S.S.: Internet users’ information privacy-protective responses: a taxonomy and a nomological model. MIS Q. 32(3), 503–529 (2008). Scholar
  18. 18.
    London Economics: Study on the Economic Benefits of Privacy-enhancing Technologies (PETs): Final Report to The European Commission, DG Justice, Freedom and Security. London Economics (2010)Google Scholar
  19. 19.
    Matzner, T., Masur, P.K., Ochs, C., von Pape, T.: Do-it-yourself data protection—empowerment or burden? In: Gutwirth, S., Leenes, R., De Hert, P. (eds.) Data Protection on the Move. LGTS, vol. 24, pp. 277–305. Springer, Dordrecht (2016). Scholar
  20. 20.
    Büchi, M., Just, N., Latzer, M.: Caring is not enough: the importance of Internet skills for online privacy protection. Inf. Commun. Soc. 20(8), 1261–1278 (2016). Scholar
  21. 21.
    Lampinen, A., Lehtinen, V., Lehmuskallio, A., et al.: We’re in it together: interpersonal management of disclosure in social network services. In: Tan, D., Fitzpatrick, G., Gutwin, C., et al. (eds.) The 29th Annual CHI Conference on Human Factors in Computing Systems: Conference Proceedings and Extended Abstracts, pp. 3217–3226. ACM, New York (2011)Google Scholar
  22. 22.
    Gurău, C., Ranchhod, A.: Consumer privacy issues in mobile commerce: a comparative study of British, French and Romanian consumers. J. Consum. Mark. 26(7), 496–507 (2009). Scholar
  23. 23.
    Singh, N., Singh, A.K.: Data privacy protection mechanisms in cloud. Data Sci. Eng. 3(1), 24–39 (2018). Scholar
  24. 24.
    Jiang, X., Hong, J.I., Landay, J.A.: Approximate information flows: socially-based modeling of privacy in ubiquitous computing. In: Borriello, G., Holmquist, L.E. (eds.) UbiComp 2002. LNCS, vol. 2498, pp. 176–193. Springer, Heidelberg (2002). Scholar
  25. 25.
    Heacock, P. (ed.): Cambridge Academic Content Dictionary, 1st edn. Cambridge University Press, Cambridge (2009)Google Scholar
  26. 26.
    Smith, H., Dinev, T., Xu, H.: Information privacy research: an interdisciplinary review. MIS Q. 35(4), 989–1015 (2011). Scholar
  27. 27.
    Acquisti, A., Brandimarte, L., Loewenstein, G.: Privacy and human behavior in the age of information. Science 347(6221), 509–514 (2015). Scholar
  28. 28.
    Baruh, L., Secinti, E., Cemalcilar, Z.: Online privacy concerns and privacy management: a meta-analytical review. J. Commun. 67(1), 26–53 (2017). Scholar
  29. 29.
    Buchanan, T., Paine, C., Joinson, A.N., et al.: Development of measures of online privacy concern and protection for use on the Internet. J. Am. Soc. Inf. Sci. Technol. 58(2), 157–165 (2007). Scholar
  30. 30.
    Lwin, M.O., Wirtz, J., Stanaland, A.J.S.: The privacy dyad: antecedents of promotion- and prevention-focused online privacy behaviors and the mediating role of trust and privacy concern. Internet Res. 26(4), 919–941 (2016). Scholar
  31. 31.
    Gurung, A., Jain, A.: Antecedents of online privacy protection behavior: towards an integrative model. In: Chen, K. (ed.) Cyber Crime: Concepts, Methodologies, Tools and Applications, pp. 69–82. IGI Global, Hershey (2012)CrossRefGoogle Scholar
  32. 32.
    Dolnicar, S., Jordaan, Y.: A market-oriented approach to responsibly managing information privacy concerns in direct marketing. J. Advertising 36(2), 123–149 (2007). Scholar
  33. 33.
    Li, Y., Dai, W., Ming, Z., et al.: Privacy protection for preventing data over-collection in smart city. IEEE Trans. Comput. 65(5), 1339–1350 (2016). Scholar
  34. 34.
    Xu, H., Dinev, T., Smith, J., et al.: Information privacy concerns: linking individual perceptions with institutional privacy assurances. J. Assoc. Inf. Syst. 12(12), 1 (2011)Google Scholar
  35. 35.
    Youn, S.: Determinants of online privacy concern and its influence on privacy protection behaviors among young adolescents. J. Consum. Affairs 43(3), 389–418 (2009). Scholar
  36. 36.
    Anderson, C.L., Agarwal, R.: Practicing safe computing: a multimedia empirical examination of home computer user security behavioral intentions. MIS Q. 34(3), 613–643 (2010). Scholar
  37. 37.
    Fritsch, L.: State of the art of privacy-enhancing technology (PET): deliverable D2.1 of the PETweb project (2007)Google Scholar
  38. 38.
    Lwin, M., Wirtz, J., Williams, J.D.: Consumer online privacy concerns and responses: a power–responsibility equilibrium perspective. J. Acad. Mark. Sci. 35(4), 572–585 (2007). Scholar
  39. 39.
    Metzger, M.J.: Communication privacy management in electronic commerce. J. Comput.-Mediated Commun. 12(2), 335–361 (2007). Scholar
  40. 40.
    Ochs, C., Büttner, B., Hörster, E.: Das Internet als »Sauerstoff« und »Bedrohung«. In: Friedewald, M. (ed.) Privatheit und selbstbestimmtes Leben in der digitalen Welt. D, pp. 33–80. Springer, Wiesbaden (2018). Scholar
  41. 41.
    Bélanger, F., Crossler, R.E.: Privacy in the digital age: a review of information privacy research in information systems. MIS Q. 35(4), 1017–1042 (2011)CrossRefGoogle Scholar
  42. 42.
    Vom Brocke, J., Simons, A., Riemer, K., et al.: Standing on the shoulders of giants: challenges and recommendations of literature search in information systems research. CAIS 37 (2015).
  43. 43.
    Benyon, D.: Designing Interactive Systems: A Comprehensive Guide to HCI, UX and Interaction Design, 3rd edn. Pearson, Harlow (2014)Google Scholar
  44. 44.
    Spencer, D.: Card Sorting: Designing Usable Categories. Rosenfeld Media, New York (2009)Google Scholar
  45. 45.
    Solove, D.J.: A Taxonomy of Privacy. Univ. Pa. Law Rev. 154(3), 477 (2006). Scholar
  46. 46.
    Folkman, S., Moskowitz, J.T.: Coping: pitfalls and promise. Annu. Rev. Psychol. 55(1), 745–774 (2004). Scholar
  47. 47.
    Murmann, P., Fischer-Hubner, S.: Tools for achieving usable ex post transparency: a survey. IEEE Access 5, 22965–22991 (2017). Scholar
  48. 48.
    ENISA: Readiness Analysis for the Adoption and Evolution of Privacy Enhancing Technologies (2016). Accessed 14 June 2017
  49. 49.
    Teo, H.H., Wan, W., Li, L.: Volunteering personal information on the Internet: effects of reputation, privacy initiatives, and reward on online consumer behavior. In: Sprague, R.H. (ed.) Proceedings of the 37th Annual Hawaii International Conference on System Sciences, pp. 1–10. IEEE Computer Society Press, Los Alamitos (2004)Google Scholar
  50. 50.
    Bitkom: Datenschutz - Vertrauen in Organisationen im Umgang mit persönlichen Daten in Deutschland (2018). Accessed 09 July 2019
  51. 51.
    Kung, A., et al.: A privacy engineering framework for the internet of things. In: Leenes, R., van Brakel, R., Gutwirth, S., De Hert, P. (eds.) Data Protection and Privacy: (In)visibilities and Infrastructures. LGTS, vol. 36, pp. 163–202. Springer, Cham (2017). Scholar
  52. 52.
    Brunton, F., Nissenbaum, H.: Obfuscation: A User’s Guide for Privacy and Protest. MIT Press, Cambridge (2015)CrossRefGoogle Scholar
  53. 53.
    ROLAND-Gruppe: Roland Rechtsreport 2019 (2019). Accessed 16 July 2019
  54. 54.
    Statista: Datenschutz - Maßnahmen in Deutschland 2017 (2017). Accessed 10 July 2019
  55. 55.
    Shin, K.G., Ju, X., Chen, Z., et al.: Privacy protection for users of location-based services. IEEE Wireless Commun. 19(1), 30–39 (2012). Scholar
  56. 56.
    Kasper, D.V.S.: The evolution (or devolution) of privacy. Sociol. Forum 20(1), 69–92 (2005). Scholar

Copyright information

© IFIP International Federation for Information Processing 2020

Authors and Affiliations

  1. 1.Fraunhofer Institute for Systems and Innovation Research ISIKarlsruheGermany

Personalised recommendations