Personalization vs. Privacy

Click here to load reader

  • date post

  • Category


  • view

  • download


Embed Size (px)

Transcript of Personalization vs. Privacy

Personalization vs. Privacy Overcoming the Users’ Privacy Concerns in the Indonesian
Peer-to-peer Ridesharing Service
Personalization vs. Privacy
Overcoming the Users’ Privacy Concerns in the Indonesian Peer-to- peer Ridesharing Service
Master thesis submitted to Delft University of Technology
in partial fulfillment of the requirements for the degree of
Graduation committee:
First Supervisor : drs. J. Ubacht, Section ICT
Second Supervisor : Dr. ir. M. Kroesen, Section TLO
Page | i
I am indebted my gratitude to all people who helped and supported me in conducting and writing this thesis.
Firstly, the Indonesian Endowment Fund for Education (LPDP) for providing me study grant for my entire study and research grant particularly for conducting this thesis. Without this opportunity, it is nearly impossible for me to arrive here in Delft and finish this study.
Secondly, my supervisors. I would like to specially thank Drs. Jolien Ubacht as my first supervisor, for her patient in providing me continuous constructive feedbacks in the highest exceptional manner, both to my academic fundamental theories as well as my writing style. My second supervisor, Dr. Ir. Maarten Kroesen for giving his exquisite guidance in designing the quantitative research and statistical interpretations as well as providing his critical constructive feedbacks for my overall thesis. And the Chairman, Marijn Janssen for his clear critical comments that elevate my thesis in a higher level. I do owe you all thanks for showing your confidence as well as giving me challenge that motivates me to produce a better thesis. Special thanks I also owe to Dr. Eric Molin for his clear (email) guidance on the stated choice design and the use of Ngene software, and Shofi Andari, S.Stat, M.Si. for giving her guidance for me to understand how to interpret statistical results better.
Thirdly, Catur Apriono, S.T., M.T., Ph.D, Novi Mardining, and Riezka Rianty for helping me gathering firsthand data from the respondents. Without your help, my three weeks’ data collection timeline will be hard to finish.
Fourthly, my fellow students in university, Reni, Erwanda, Buse, Adiska + Bagas, Rosa, Fitri, Revi, Kevin, Lusi M, Lusi P + Ilman, Riska, Aarun, Deep, Bill, Esme, and any other students who cannot be mentioned here, thank you for the lunch talks that keep me sane for the last 6 months. Without any one of you, my thesis life will be very boring and monotonous.
Fifthly, my Mom who always gives me support and ear to listen to my outpouring talks. Even though not many comments are coming out from you, you always help me in a very mysterious way.
And finally, my dear wife, Guninta, for always supporting me in my ups-and-downs, and always be patient waiting me home. Thanks for giving me opportunity to push myself forward, from my comfort zone to the edge of my capacity, so I become a better person now. I surely will be indebted to you for the rest of my life.
Fauzi Dwi Reza Aditya
Curiosity can kill a cat.
It all started when I spent my last summer holiday back in Indonesia. I saw a lot of Ojek online drivers
(with various branding jackets) were roaming in every main street in Jakarta, with a very cheap riding
fee (at that moment the users only needed to pay IDR 10.000 ≈ €0.67 per ride to anywhere they
want!!). My first curiosity appeared: How can they sustain their profit?
Afterward, I wanted to try to use the service. I was told to register my address, my email address, and
my mobile phone. My second curiosity came to my mind; will my mobile number appear directly in
the driver’s app when he is picking up my order?
Then I started researching the possible privacy violations when using this service. I found a lot of pri-
vacy intrusion in place, especially to female users. When she had finished using the order, sometimes
the driver still contacted her just for chat or any unimportant conversation, which made her felt irri-
tated. From this point, I elevated my curiosities to be a more strategic thinking. I know that there is
personal data involvement in practice, but how to use them to help the company win the market while
minimize the privacy violation?
Therefore, I designed this project with one clear goal in mind: my research results not only have to be
scientific, but also usable and applicable in the real market. It was quite a lot of works, challenges, ups
and downs, stress, and sleepless nights. Even my supervisor told me to be careful with my level of
ambition. Thankfully, I was surrounded by people who are very supportive and care about me.
But satisfaction brings it back.
When my research is finally done, with the findings and the conclusion can be applicable right away, I
am very relieved. I am very happy with the work I have done.
Nevertheless, this thesis only makes tiny-yet-significant contribution to the big picture of personaliza-
tion and recommendation system that utilize personal data analytic as the main source of value adding
factor. It only focuses on the ethical consideration in respect to the use of personal data and neither
explains anything about the design of the recommendation system nor the technical part of the data
analytic. But yet, this small contribution will help the company that wants to play in this area to design
and market their value sensitive system and avoid rejection once the product is in the market. Be-
cause, it provides insight not only on the theoretical explanation of privacy decision making, but also
several practical matters related to the users’ privacy that can be applied directly in the business set-
Page | iii
DSP Data service providers
ISP Individual self-protection
ISR Industry self-regulation
LBS Location-based services
PbD Privacy by Design
RSP Ridesharing service provider
Page | v
Executive Summary
The ubiquity of smartphone, internet, and positioning system, that build the so-called peer-to-peer
(P2P) ridesharing service, have transformed the transportation industry. With the digital platform as
its technology backbone, the P2P ridesharing service has created a tremendous disruptive potential
to the existing traditional taxi business (Lacy & Rutqvist, 2015). Furthermore, with the help of the
digital platform’s loosely coupled potential, the P2P ridesharing company has the opportunity to ex-
pand and develop further its service by inviting other adjacent actors and partners to collaborate in
its business ecosystem. Together, they generate a multisided ecosystem.
Additionally, the recent information and communication technology (ICT) development - especially in
the tracking technology - has made the personal data capture becomes easily conducted. Indeed, the
customers’ personal data will also be valuable for the P2P ridesharing company to innovate its services
and create additional values both for the customers as well as to the company itself. One example of
the innovations is by offering personalization to its customers. However, to offer personalization, the
company will need more sensitive personal information disclosure from its customers, which will ele-
vate their privacy concerns.
The privacy, which has become a concern since computers began to be used in public service (Dutta
et al., 2011), is known to be the main impeding factor of company to offer personalization to its cus-
tomers (Chellappa & Sin, 2005; Xu et al., 2011). Consequently, the P2P ridesharing service company
needs to find a way to innovate its services which take advantage of the customers’ personal data
while making them acceptable to its customers in respect to their privacy disclosure. Therefore, the
research objective of this study is: To make recommendations to the peer-to-peer ridesharing platform
provider in the effort of mitigating the privacy disclosure issue, by investigating the general model of
privacy mitigation strategy, segmenting the users according to their preferred mitigation strategy, and
matching the mitigation strategy to segmentations of users with respect to the view of privacy as a
right as well as an interest.
The aforementioned objective is achieved by answering the following research question:
RQ: In the view of privacy as both right and interest, what strategy fits to certain segments of
users in the effort of mitigating the users’ privacy concern in the context of Indonesian peer-to-
peer ridesharing service?
1.1 Domain of study: Indonesian P2P ridesharing service The concept of P2P ridesharing services is a derivative of the collaborative consumption concept im-
plemented in transportation sector. It emerges because of several positive claims, such as: (1) it can
grow entrepreneurial mindset of society by exploiting the previously idle assets as additional income
(Sundararajan, 2014); (2) it can also grow the consumption since the customers do not need to pur-
chase and own the asset to enjoy the benefit of an asset (Sundararajan, 2014); (3) it can also increase
the productivity of idle assets (Sundararajan, 2014); and (4) it can eliminate the moral hazard by using
social-media-type of review system (Thierer, Koopman, Hobson, et al., 2015). Yet, this concept also
has several negative claims, such as: violation of zoning law (Malhotra & Van Alstyne, 2014), promotes
invisible workers (Sundararajan, 2014), and creates a rebound effect in the society (Schor, 2014).
Page | vi
In the Indonesian market, the most well-known P2P ridesharing service is in the form of P2P motorcy-
cle taxi service, or famously known as Ojek online. Likewise, the Indonesian P2P ridesharing companies
also utilize digital platform as their backbone. Furthermore, they have also expanded their business
ecosystem to the adjacent actors, which enable them to offer not only a basic ridesharing service, but
also other innovated services, such as: restaurant delivery service, online shopping, courier service,
and any other services that may use a motorcycle as the logistic means.
Furthermore, with the expanded business ecosystem, the P2P ridesharing companies have the oppor-
tunity to offer personalization services as additional values to its users. This personalization, however,
will require personal data disclosure from its users, not only the basic personal data (such as: name,
telephone number, pickup and drop-off location), but also more sensitive data (such as: behavioral
information, traveling pattern, and spending pattern). Consequently, as the ecosystem becomes com-
plex, the users’ privacy concerns will be elevated and need to be mitigated. Therefore, to mitigate
their privacy concerns, we need also to study the users’ rationale in disclosing personal information
before offering a focused privacy mitigation strategy to them.
1.2 Theoretical framework: The privacy and privacy decision making the-
ory Privacy is traditionally seen as one of fundamental rights (Assembly, 1948; Europe, 1950). However,
the recent technology developments have made the users start to see privacy as an interest that can
be traded for certain benefits (Clarke, 2013). Furthermore, privacy can be categorized into several
dimensions, whereas the fit categorization of privacy in respect to the recent technology develop-
ments follows the Finn et al. (2013) privacy categorization, which are: Privacy of the person, Privacy
of behavior and action, Privacy of communication, Privacy of data and image, Privacy of thought
and feeling, Privacy of location and space, Privacy of association (including group privacy).
In accordance to our context of study, the involved privacy categories in the P2P ridesharing and per-
sonalization service are: the privacy of location and space (PLS), which is associated by the pickup and
drop-off location disclosure when using the ridesharing service; the privacy of behavior and action
(PBA), which is related to the traveling and buying pattern of users recorded by the company to offer
personalization; and the privacy of data and image (PDI), which is operationalized by the acceptance
of receiving advertisement from other parties.
The users’ rationale in disclosing personal information is commonly evaluated by using the privacy
calculus theory. The privacy calculus theory bases the analysis on the cost-benefit calculation of users
before deciding to disclose their personal data. The cost part of the analysis is represented by the
privacy concerns that the users have, whereas the benefit part of the analysis is described by the
potential benefits that the user may get in return to the disclosed personal information, in which they
only disclose their privacy if the benefits they may get outweigh the privacy they need to disclose. We
use two constructs to measure the privacy concerns, i.e., the internet user individual privacy concern
(IUIPC) (Malhotra et al., 2004) and the concern for internet privacy (CFIP) (Smith et al., 1996). Alto-
gether, they fit perfectly to the mainstream privacy frameworks (such as: APEC (2005) and OECD
However, letting the privacy calculus theory alone to study the privacy disclosure rationale is not suf-
ficient as it has several critics (mainly because this theory bases the analysis on the cost-benefit anal-
ysis approach that unable to include the uncertainty factors), such as: (1) the assumption of all users
are utilitarian actors who have perfect foresight, especially to the risks and harms of disclosing per-
sonal information, is ill-advised (Acquisti & Grossklags, 2005); (2) disability of the theory to evaluate a
complex product or service with intertwined privacy concerns and (immaterial) benefits (Rohunen et
Page | vii
al., 2014); and (3) failure to incorporate the users’ psychological factors in making the calculation of
costs and benefits (Acquisti et al., 2009).
Based on those aforementioned critics to the privacy calculus theory, we develop our privacy decision
making conceptual framework by combining the utilitarian view of privacy as well as the right view of
privacy. To incorporate the right view of privacy, we develop our model by involving privacy right
assurance approaches in the users’ privacy disclosure rationale as complements to the privacy calculus
theory. The privacy assurance approaches are developed by exercising the control mechanism of pri-
vacy, in which the control mechanism can be divided into two parts, i.e., active approach and passive
approach (Xu et al., 2012). The active control approach can be done by performing individual self-
protection (Son & Kim, 2008), whereas the passive control is applied by using industry self-regulation
and government regulation and legislation (Xu et al., 2012).
1.3 Research design and Findings In order to answer the research question, we present a survey questionnaire that consists of two parts
of survey, i.e., the exploratory part and the experimental part, to 265 Indonesian respondents. We use
stratified sampling strategy to target the Jakarta population who are the current users and/or aware
of the P2P ridesharing service concept.
We conduct three analyses in this thesis. Firstly, the multiple regression analysis to investigate the
influential constructs from our previously developed theory in the effort of increasing personal infor-
mation disclosure. Our findings suggest that the users’ personal information disclosure is mainly
driven by the availability of tangible benefits offered by the company. This incentive has been the
most dominant variable in predicting the users’ personal information disclosure consistently across
our segregated cases based on their demographic properties. Additionally, the availability of govern-
ment regulation and legislation will also become a catalyst in the event of disclosing personal infor-
mation in the general population.
Secondly, to perform a focused effort to target specific market segment, we also conduct cluster anal-
yses in order to make classification of users according to their preferred privacy mitigation strategy.
The classifications will derive the mitigation strategy that need to be prepared by the company in
order to target a specific market segment. We use our previously developed privacy decision making
model construct, i.e., the privacy benefits (tangible and intangible benefit) and privacy assurance ap-
proaches (individual self-protection, industry self-regulation, and government regulation and legisla-
tion) as the variable properties to form a cluster.
Our findings suggest that the total solution seeker (group of people who want all type of privacy
mitigation strategy) has been the dominant cluster formed in population. Furthermore, the average
size of the privacy right assurance dominant strategy is formed bigger than the utilitarian dominant
strategy. This suggests that more people are willing to have their privacy “assured” only than to be
“bought” only. Additionally, our findings conclude that there is no weak utilitarian cluster and weak
privacy right seeker cluster, which suggests that no one wants only one type of strategy only is applied
to increase the willingness to disclose personal information. Moreover, the findings also conclude that
there is no indifferent group formed, which suggests that everyone in the population wants their pri-
vacy concerns are mitigated before disclosing his/her personal information.
Finally, to measure the buy-off (or willingness to accept – WTA) value of privacy as well as to rank the
importance level of all privacy types involved in our context of study, we develop an experimental
analysis by using conjoint analysis. We present a new hypothetical personalization service of using P2P
ridesharing service to our respondents to draw the contextual setting of the study. The personalization
Page | viii
service is developed by using PLS (pickup and drop-off information disclosure), PBA (traveling and
buying pattern disclosure), and PDI (acceptance to receive additional advertisement from 3rd party
company) variables as the main attributes. Furthermore, as the aim of the analysis to measure the
buy-off value of privacy, a monetary variable is introduced in the analysis in the form of expected
monetary saving.
Our conjoint analysis findings suggest that the most expensive privacy type is the PBA, which valued
(on average) at IDR 133K (≈ €9.2) per month. The next valuable privacy type is PDI, which valued at
(on average) IDR 29K (≈ €2) per month. However, our study cannot derive the value of PLS as this
privacy type intertwined with the basic requirement of providing ridesharing service, i.e., the pickup
and drop-off location disclosure. Nevertheless, our study concludes that PLS can be bought by using
the usefulness of the (basic) service only without giving any other tangible benefits to the data sub-
Our thesis suggests that contradictory behavior of users is found, although their level of privacy con-
cerns is high, they do not mind to disclose their privacy to the data acquirer company, regardless the
availability of any protection measures performed by the company. Additionally, their negative privacy
experience also does not influence the willingness to disclose personal data. Nevertheless, our find-
ings suggest that respondents wish to have the privacy assurance as the default condition rather than
as means to increase their willingness to disclose personal data. Also, our findings suggest that per-
sonalization is found to be the least expected benefits from disclosing privacy, but yet still significantly
In addition to the aforementioned findings, the study also suggests that the most significant predictor
to predict the successfulness of the personalization service is the expected monetary saving gener-
ated by the service. The importance of the monetary saving is found higher than any type of privacy
disclosure. Furthermore, our findings also suggest that not all users can be the target of personaliza-
tion service. The sum of utility value of personalization service is not calculated positively by the high-
salaried population, the elderly population, and the high self-efficacy population; whereas the most
ideal targets for the personalization service are people in the low-salaried population and the young
population who produce the highest utility value of personalization among the others.
1.4 Contributions, limitations, and future research recommendations This thesis contributes to several scientific and business recommendations to the privacy scholars and
business decision makers as follows:
Assuring privacy right is not an option, but a mandatory condition,
Privacy should be defined in multidimensional contexts rather than unidimensional,
Contextual setting highly influences the perception of privacy,
Not everyone can be the target for personalization service,
Data subjects value different forms of privacy differently,
Be aware of the risk of storing and using personal data as more users incline to perform indi-
vidual self-protection that can be propagated to their peers,
Since the privacy assurance approaches are wished as the default condition,…