MARKET - Economics - Cyber Security - Overview of the Research Field

 

Overview of the Research Field of the Economics of Privacy


In the following, an introductory overview of the current research landscape is given. This overview is by no means complete, but it provides the interested reader with some guideposts for a start.


One suggestion for privacy and cyber-security (PACS) developers, firms and other stakeholders is to study the outcome of research conducted in their respective fields in order to develop a better understanding of the challenges that need to be mastered for a successful launch of a new product or service.


The research works discussed here also potentially enable a better understanding of why some of the business innovations may not work. Start-up problems for new business models in personal data markets might be associated with:

  • A limited understanding of the functioning (or malfunctioning) of mechanisms in markets for personal data; and/or

 

  • a limited understanding of the economic incentives of market participants involved in information trade.

 

To date, the economics of privacy has developed a diverse research field with different approaches employed and methods applied, where any taxonomy is necessarily incomplete.

 

 

The following lines of research were identified for IPACSO:

  • Empirical works (experiments and surveys): This line of research includes modified classical experiments, as well as decision experiments with and without secure identification verification

 

  • Hypothetical scenarios: This line of research presents subjects with hypothetical situations and asks for their attitudes or expected behaviors.

 

  • Field experiments: In these experiments, subjects are not aware that they are participating in an experiment. These can be either survey-based experiments or incentivized monetary transactions

 

  • Other research (including methodological advancements): In this line of research, methodological questions are at the center of focus. These are, for example, the development of privacy metrics as well as the measurement of privacy preferences.

 

Table 1 gives an overview of the research field. As stated above, this is not complete, but intended to be a guidepost.

Table 1 Overview of the Research Field of Privacy Economics

Line of Research Type Explanation Authors Identification mechanism ID verification
Empirical works (experiments and surveys)

Classical experiments modified

 

 

 

IT Traditional experiments are modified by introducing identification in Dictator Games, Ultimatum Game and other standard games. These experiments are incentivized with money. Bohnet and Frey (1997, 1999), Charness and Gneezy (2008), Haley and Fessler (2005) Hoffman et al. (1996), Jenni and Loewenstein (1997)

In some works: name, in some pictures

None

Decision experiments without secure identity verification (SIV) GT+IT These are incentivized decision experiments that involve the purchase of a good together with an information transaction to be conducted by the subject Beresford et al., BKP (2012), Gideon et al. (2006), Huberman et al. (2005), Tsai et al (2010)

None
BKP (2012): name

None

Decision experiments with SIV

 

 

GT+IT These are incentivized decision experiments that involve the purchase of a good together with an information transaction to be conducted by the subject

Feri et al. (2014)
Jentzsch et al.
(2012)

Name, test result, DOB, mobile phone number

Yes, 100% checked

Auctions without SIV

 

IT In these experiments, subjects use an auction mechanism to set the price for their personal data

Danezis et al. (2005), Huberman et al. (2005)

Anonymous,
IMAI and location

n/a

Auctions with SIV

 

IT In these experiments, subjects use an auction mechanism to set the price for their personal data

Feri et al. (2014),

Jentzsch (2014)

Name, test result Yes, 100% checked
Hypothetical scenarios

Hypothetical scenarios

 

 

 

 

IT

Subjects are confronted with hypothetical scenarios of website policies, job search or insurance seeking

Andrade et al. (2002),  Baumer et al. (2005), Egelman et al. (2013), Spiekerman et al. (2001), Wathieu and Friedman (2007), Norberg et al. (2007)

None

None

Field experiments (including survey-based experiments)
Field experiments (composite transactions) GT+IT In these experiments, subjects are not aware that they are participating in an experiment as they purchase a good on the website

Jentzsch et al. (2012)

Name, DOB and mobile no.

None

 Field experiments (IT)

 

IT In these experiments, subjects are not aware that they participate in an experiment as they answer a survey on a website

Hui et al. (2007), John et al. (2010), Rifon et al. (2005)

 None

None

Other research (including methodological research)

Data breach notifications and firm reputation

N/a These works concentrate on the impact of announced data breaches on the stock prices of companies Cavusoglu et al. (2004); Campbell et al. (2003); Muntermann and Roßnagel (2009)

N/a

N/a

Privacy metrics

 

 

 

N/a

In these works, different quantitative measures for privacy are proposed

Schulte-Melling (2014)

N/a

N/a

Privacy preference measurement N/a These are surveys that instrument the privacy concern by asking questions about attitudes, behaviors and perceptions. Buchanan et al. (2006), Malhotra et al. (2004), Smith et al. (1996), Stewart et al. (2002)

 None

None

 Notes to the Table: IT = information transaction, GT = goods transaction, N/a denoted either 'not available' or 'not applicable.'                      DOB denotes 'date of birth.'

 

 

Further IPACSO readings (in download section):

Jentzsch, N. (2015) State-of-the-Art of the Economics of Cyber-Security and Privacy, IPACSO - Innovation

Framework for ICT Security Deliverable 4.1.

 

Jentzsch, N. (2015) Horizontal and Vertical Analysis of Privacy and Cyber-security Markets, IPACSO

Innovation Framework for ICT Security Deliverable 4.2 A.

 

Back to MARKET

 

Getting Started

Which type of company are you? Choose one of the options below and get a head-start.

Framework Overview

Navigate through the different parts of the Framework

leeg