DOI QR코드

DOI QR Code

Analyzing the Privacy Leakage Prevention Behavior of Internet Users Based on Risk Perception and Efficacy Beliefs : Using Risk Perception Attitude Framework

위험지각과 효능감에 따른 인터넷 사용자의 개인정보 유출 예방행위 분석 : 위험지각태도 프레임웍을 기반으로

  • Jang, Ickjin (Department of Data Science, Kookmin University) ;
  • Choi, Byounggu (College of Business Administration, Kookmin University)
  • Received : 2014.06.26
  • Accepted : 2014.08.13
  • Published : 2014.08.31

Abstract

Although many studies have focused on the influences and outcomes of personal information leakage, few studies have investigated how the personal information leakage prevention behavior differs depending on internet user. This study attempts to supplement the existing studies' limitations with the use of risk perception attitude (RPA) framework. More specifically, this study tries to show internet user can be classified into four groups based on perceived risk of personal information leakage and efficacy beliefs of personal information protection, and to identify how the groups differ in terms of motivation, information seeking, and behaviors for privacy leakage prevention. Analysis on survey data from 276 internet users reveals that the users can be classified into responsive, avoidance, proactive, indifference groups. Furthermore, there are differences between groups in terms of motivation, information seeking, and behaviors for personal information leakage prevention. This study contributes to expand existing literature by providing tailored guidelines for implementation of personal information protection strategies and policy.

개인정보 유출에 미치는 영향요인 및 유출의 결과와 관련된 다양한 연구가 진행되어 왔음에도 불구하고, 인터넷 사용자에 따라 개인정보 유출 예방행동에 어떠한 차이가 있는지에 대한 연구는 거의 이루어지지 않고 있다. 본 연구는 위험지각태도(risk perception attitude: RPA) 프레임웍을 기반으로 인터넷 사용자의 개인정보 유출 예방행동이 어떻게 달라지는가를 파악하고자 하였다. 보다 구체적으로 개인정보 유출에 대한 지각된 위험과 이의 예방을 위한 효능감을 기준으로 인터넷 사용자를 4가지 유형으로 분류할 수 있으며 각 그룹이 개인정보 보호동기, 정보탐색, 유출 예방행동에 있어 어떠한 차이가 있는지를 파악하고자 하였다. 276명의 인터넷 사용자로부터 수집된 자료를 분석한 결과 인터넷 사용자는 즉각대응(responsive), 회피(avoidance), 상황주도(proactive), 무관심(indifference)의 4가지 그룹으로 분류 가능하며 각 그룹 간 보호동기, 정보탐색, 예방활동에 있어 차이가 있음을 규명하였다. 본 연구는 개인정보 유출 예방전략 및 정책수립을 위한 가이드라인을 제시하였다는 점에서 그 의의가 있다.

Keywords

References

  1. Bandura, A., Social Foundation of Thought and Action, Prentice-Hall, Englewood Cliffs, NJ, 1986.
  2. Beuningen, J. V., Ruyter, K., Wetzels, M., and Streukens, S., "Customer Self-Efficacy in Technology Based Self-Service," Journal of Service Research, Vol. 11, No. 4, pp. 407-428, 2009. https://doi.org/10.1177/1094670509333237
  3. Byun, S.-J., Lee, G.-S., and Park, K.-J., "Current Status of Domestic and Foreign Personal Information Breach Notification Act," KIISC Review, Vol. 18, No. 6, pp. 35-42, 2008.
  4. Carpinter, J. and Hunt, R., "Tightening the Net : A Review of Current and Next Generation Spam Filtering Tools," Computers and Security, Vol. 25, pp. 566-578, 2006. https://doi.org/10.1016/j.cose.2006.06.001
  5. Cavusoglu, H., Mishra, B., and Raghunathan, S., "The Effect of Internet Security Breach Announcements on Market Value : Capital Market Reactions for Breached Firms and Internet Security Developers," International Journal of Electronic Commerce, Vol. 9, No. 1, pp. 70-104, 2004.
  6. Chan, Y. E., Culnan, M. J., Greenaway, K.., Laden, G., Levin, T., and Smith, H. J., "Information Privacy : Management, Marketplace, and Legal Challenges," Communications of the Association for Information Systems, Vol. 16, No. 12, pp. 270-298, 2005.
  7. Chang, T.-Z. and Chen, S.-J., "Market Orientation, Service Quality and Business Profitability : A Conceptual Model And Empirical Evidence," Journal of Services Marketing, Vol. 12, No. 6, pp. 246-254, 1998. https://doi.org/10.1108/08876049810226937
  8. Chen, J. and Guo, C.-X., "Online Detection and Prevention of Phishing Attacks," IEEE Communication and Networking, China Com'06, pp. 1-7, 2006.
  9. Choi, B. and Lee, H., "An Empirical Investigation of KM Styles and Their Effect on Corporate Performance," Information and Management, Vol. 40, No. 3, pp. 403-417, 2003. https://doi.org/10.1016/S0378-7206(02)00060-5
  10. Crespo, A. H., del Bosque, I. R., and Sanchez, M. M. G. D., "The Influence of Perceived Risk on Internet Shopping Behavior : A Multidimensional Perspective," Journal of Risk Research, Vol. 12, No. 2, pp. 259-277, 2009. https://doi.org/10.1080/13669870802497744
  11. Cronin, J. J. and Taylor, S. A., "Measuring Service Quality : A Reexamination and Extension," Journal of Marketing, Vol. 56, No. 3, pp. 55-67, 1992.
  12. Duh, R.-R., Sunder, S., and Jamal, K., "Control and Assurance in E-Commerce: Privacy, Integrity, and Security at eBay," Taiwan Accounting Review, Vol. 3, No. 1, pp. 1-27, 2002.
  13. Hair, J. F., Anderson, R., Tatham, R., Black, W., Multivariate Data Analysis with Readings, Prentice Hall, Englewood Cliffs, New Jersey, 1995.
  14. Han, C. H., Chai, S. W., Yoo, B. J., Ahn, D. H., and Park, C. H., "A Quantitative Assessment Model of Private Information Breach," The Journal of Society for e-Business Studies, Vol. 16, No. 4, pp. 17-31, 2011. https://doi.org/10.7838/jsebs.2011.16.4.017
  15. Hui, K. L., Teo, H. H., and Lee, S. Y., "The Value of Privacy Assurance : A Field Experiment," MIS Quarterly, Vol. 31, No. 1, pp. 19-34, 2009.
  16. Jee, B., Fan, L., Lee, S.-C., and Suh, Y.-H., "Personal Information Protection Behavior for Information Quality : Health Psychology Theory Perspectives," Journal of the Korean Society for Quality Management, Vol. 39, No. 3, pp. 432-443, 2011.
  17. Jo, S. E. and Yoo, S. W., "A Study on the Effects of Risk Perception Attitudes and Subjective Norm on the Preventive Behaviors of Cervical Cancer Testing RPA Framework on Korean College Women," Journal of Public Relations Research, Vol. 15, No. 1, pp. 58-98, 2011. https://doi.org/10.15814/jpr.2011.15.1.58
  18. Johnston, A. C. and Warkentin, M., "Fear Appeals and Information Security Behaviors : An Empirical Study," MIS Quarterly, Vol. 34, No. 3, pp. 549-566, 2010. https://doi.org/10.2307/25750691
  19. Kim, J., "Analyzing Effects on Firms' Market Value of Personal Information Security Breaches," The Journal of Society for e-Business Studies, Vol. 18, No. 1, pp. 1-12, 2013.
  20. Kim, J.-D., "Personal Information Security Management System and Governance," KIISC Review, Vol. 18, No. 6, pp. 1-5, 2008.
  21. Kim, J. and Kim, S., "Privacy Behavioral Intention in Online Environment : Based on Protection Motivation Theory," Informatization Policy, Vol. 20, No. 3, pp. 63-85, 2013.
  22. Korea Internet and Security Agency, 2013 Survey on the Internet Usage Executive Summary, Korea Internet and Security Agency, 2013.
  23. Kwon, Y. O. and Kim, B. D., "The Effect of Information Security Breach and Security Investment Announcement on the Market Value of Korean Firms," Information Systems Review, Vol. 9, No. 1, pp. 105-120, 2007.
  24. Lee, D., "Self-disclosure and Privacy in the Age of Web 2.0 : A Case Study," Journal of Communication and Information, Vol. 46, pp. 556-589, 2009.
  25. Lee, S. K., "An Infringement of private Information Right and Its protection in an Information Society," Chung-Ang Law Review, Vol. 11, No. 1, pp. 51-83, 2009. https://doi.org/10.21759/caulaw.2009.11.1.51
  26. Leventhal, H. I., "Finding and Theory in the Study of Fear Communications," Advances in Experimental Social Psychology, Vol. 5, pp. 119-186, 1971.
  27. Liang, H. and Xue, Y., "Understanding Security Behaviors in Personal Computer Usage : A Threat Avoidance Perspective," Journal of the Association for Information Systems, Vol. 11, No. 7, pp. 394-413, 2010. https://doi.org/10.17705/1jais.00232
  28. Mayer-Schonberger, V., "The Internet and Privacy Legislation : Cookies for a Treat?" Computer Law and Security Review, Vol. 14, No. 3, pp. 166-174, 1998. https://doi.org/10.1016/S0267-3649(98)80024-1
  29. Moon, S., "An International Trend in Online Individual Information Protection - Focusing on American System-," Journal of Comparative Law, Vol. 3, pp. 57-81, 2004.
  30. Moon, J.-W. and Kim, Y. G., "Extending the TAM for a World-Wide-Web Context," Information and Management, Vol. 38, No. 4, pp. 217-230, 2001. https://doi.org/10.1016/S0378-7206(00)00061-6
  31. Nam, K., Park, S., Kang, H.-S., Nam, K., and Kim, S., "The Latest Trends and Future Prospects on Personal Information Protection Technologies," KIISC Review, Vol. 18, No. 6, pp. 11-19, 2008.
  32. Park, H.-S. and Kim, S., "An Empirical Study on SNS Users' Privacy Protection Behaviors," Management and Economics, Vol. 46, No. 2, pp. 69-91.
  33. Park, C. and Lee, S.-W., "A Study of the User Privacy Protection Behavior in Online Environment : Based on Protection Motivation Theory," Journal of Internet Computing and Services, Vol. 15, No. 2, pp. 59-71, 2014. https://doi.org/10.7472/jksii.2014.15.2.59
  34. Real, K., "Information Seeking and Workplace Safety : A Field Application of the Risk Perception Attitude Framework," Journal of Applied Communication Research, Vol. 36, No. 3, pp. 339-359, 2008. https://doi.org/10.1080/00909880802101763
  35. Rimal, R. N., "Perceive Risk and Self-efficacy as Motivators : Understanding Individuals' Long-term Use of Health Information," Journal of Communication, Vol. 51, No. 4, pp. 633-654, 2001. https://doi.org/10.1111/j.1460-2466.2001.tb02900.x
  36. Rimal, R. N., Bose, K., Brown, J., Mkandawire, G., and Folda, L., "Extending the Purview of the Risk Perception Attitude Framework : Findings from HIV/AIDS Prevention Research in Malawi," Health Communication, Vol. 24, No. 3, pp. 210-218, 2009. https://doi.org/10.1080/10410230902804109
  37. Rimal, R. N. and Juon, H., "Use of the Risk Perception Attitude Framework for Promoting Breast Cancer Prevention," Journal of Applied Social Psychology, Vol. 40, No. 2, pp. 287-310, 2010. https://doi.org/10.1111/j.1559-1816.2009.00574.x
  38. Rimal, R. N. and Real, K., "Perceived Risk and Efficacy Beliefs as Motivators of Change Use of the Risk Perception Attitude(RPA) Framework to Understand Health Behaviors," Human Communication Research, Vol. 29, No. 3, pp. 370-399, 2003.
  39. Rogers, R. W., "A Protection Motivation Theory of Fear Appeals and Attitude Change," The Journal of Psychology, Vol. 91, No. 1, pp. 93-114, 1975. https://doi.org/10.1080/00223980.1975.9915803
  40. Siponen, M., Pahnila, S. M., and Adam, M. A, "Compliance with Information Security Policies : An Empirical Investigation," Computer, Vol. 43, No. 2, pp. 64-71, 2010.
  41. Soh, P.-H. and Subramanian, A. M., "Is Usage a Missing Link in Explaining the Perceived Learning Outcome of Technology-Mediated Learning," IEEE Transactions on Engineering Management, Vol. 55, No. 1, pp. 50-66, 2008. https://doi.org/10.1109/TEM.2007.912818
  42. Song, Y.-J. and Lee, D.-H., "Web Services-Adaptable Privacy-Aware Digital Rights Management Architecture," The Journal of Society for e-Business Studies, Vol. 10, No. 4, pp. 53-81, 2005.
  43. Turner, M. M., Rimal, R. N., Morrison, D., and Kim, H., "The Role of Anxiety in Seeking and Retaining Risk Information : Testing the Risk Perception Attitude Framework in Two Studies," Human Communication Research, Vol. 32, No. 2, pp. 130-156, 2006. https://doi.org/10.1111/j.1468-2958.2006.00006.x
  44. Witte, K., "Fear Control and Danger Control : A Test of the Extended Parallel Process Model(EPPM)," Communication Monographs, Vol. 61, No. 2, pp. 113-134, 1994. https://doi.org/10.1080/03637759409376328
  45. Woo, J., "From Information Privacy to Identity Privacy Reconsidering the Concept of Network Privacy," Press and Society, Vol. 13, No. 4, pp. 110-145, 2005.
  46. Yoo, J., "Comparison of Information Security Controls by Leadership of Top Management," The Journal of Society for e-Business Studies, Vol. 19, No. 1, pp. 63-78, 2014. https://doi.org/10.7838/jsebs.2014.19.1.063
  47. Yoo, H.-W. and Kim, T.-S., "Considering Information Security Professionals' Career to Analyze Knowledge and Skills Requirements," Journal of The Korea Institute of Information Security and Cryptology, Vol. 19, No. 4, pp. 77-89, 2009.
  48. Youm, H. Y., "The Present and Future of IT839 Information Security Technologies," KIISC Review, Vol. 15, No. 3, pp. 1-12, 2005.
  49. Yun, S.-Y., "Coping Strategy for Environment Changes in Personal Information Protection Regulations due to Personal Information Protection Law Enforcement," Korea Information Processing Society Review, Vol. 17, No. 2, pp. 3-9, 2010.
  50. Zhao, X. and Cai, X., "The Role of Risk, Efficacy, and Anxiety in Smokers' Cancer Information Seeking," Health Communication, Vol. 24, No. 3, pp. 259-269, 2009. https://doi.org/10.1080/10410230902805932

Cited by

  1. 온라인 게임 사용자의 위험지각과 자기효능감에 따른 게임 중독 예방행위 간 차이분석 : 국내 대학생을 대상으로 한 위험지각태도 프레임웍을 기반으로 vol.22, pp.2, 2014, https://doi.org/10.21219/jitam.2015.22.2.019