Retaining users after privacy invasions

Abstract

The purpose of this paper is to facilitate understanding of how to mitigate the privacy concerns of users who have experienced privacy invasions. Drawing on the communication privacy management theory, the authors developed a model suggesting that privacy concerns form through a cognitive process involving threat-coping appraisals, institutional privacy assurances and privacy experiences. The model was tested using data from an empirical survey with 913 randomly selected social media users. Privacy concerns are jointly determined by perceived privacy risks and privacy self-efficacy. The perceived effectiveness of institutional privacy assurances in terms of established privacy policies and privacy protection technology influences the perceptions of privacy risks and privacy self-efficacy. More specifically, privacy invasion experiences are negatively associated with the perceived effectiveness of institutional privacy assurances. Privacy concerns are conceptualized as general concerns that reflect an individual’s worry about the possible loss of private information. The specific types of private information were not differentiated. This paper is among the first to clarify the specific mechanisms through which privacy invasion experiences influence privacy concerns. Privacy concerns have long been viewed as resulting from individual actions. The study contributes to literature by linking privacy concerns with institutional privacy practice.