Robbing Peter To Pay Paul: Surrendering Privacy For Security’S Sake In An Identity Ecosystem

Keywords

Information Security Ecosystem; Privacy-security Tradeoff; Third Party Intermediary; Trusted Identities

Abstract

Despite individuals’ and organizations’ best efforts, many significant information security threats exist. To alleviate these threats, researchers and policy makers have proposed new digital environments called identity ecosystems. These ecosystems would provide protection against attackers in that a third party intermediary would need to authenticate users of the ecosystem. While the additional security may help alleviate security threats, significant concern exists regarding ecosystem users’ privacy. For example, the possibility of targeted attacks against the centralized identity repository, potential mismanagement of the verified credentials of millions of users, and the threat of activity monitoring and surveillance become serious privacy considerations. Thus, individuals must be willing to surrender personal privacy to a known intermediary to obtain the additional levels of protection that the proposed ecosystems suggest. We investigate the reasons why individuals would use a future identity ecosystem that exhibits such a privacy-security tradeoff. Specifically, we adopted a mixed-methods approach to elicit and assess the major factors associated with such decisions. We show that 1) intrapersonal characteristics, 2) perceptions of the controlling agent, and 3) perceptions of the system are key categories for driving intentions to use ecosystems. We found that trustworthiness of the controlling agent, perceived inconvenience, system efficacy, behavioral-based inertia, censorship attitude, and previous similar experience significantly explained variance in intentions. Interestingly, general privacy concerns failed to exhibit significant relationships with intentions in any of our use contexts. We discuss what these findings mean for research and practice and provide guidance for future research that investigates identity ecosystems and the AIS Bright ICT Initiative.

Publication Date

1-1-2017

Publication Title

Journal of the Association for Information Systems

Volume

18

Issue

7

Number of Pages

487-515

Document Type

Article

Personal Identifier

scopus

DOI Link

https://doi.org/10.17705/1jais.00463

Socpus ID

85026884800 (Scopus)

Source API URL

https://api.elsevier.com/content/abstract/scopus_id/85026884800

This document is currently not available here.

Share

COinS