Information Privacy and Cybersecurity in an IoT Context

Carina Sørensen & Annika Harreskov

Student thesis: Master thesis

Abstract

Although the term Internet of Things (IoT) has been around for two decades there is still little research on the subject. Multiple forecast predicts that the number of IoT devices will keep increasing. This could stimulate new jobs, innovations and enhance consumer value. However, as the physical world collide with the internet a cyberphysical society becomes a reality. This leads some to argue that IoT exposes consumers to higher security risks as hackers can use the electronic devices against them. Furthermore, because IoT devices are capable of collecting data and sharing this data, it is argued that the IoT is the end of privacy as we know it. With these eminent threats consumers could be expected to avoid using the technology completely. In this paper we develop a conceptual model to investigate which contextual, personal and risk variables that influence consumers’ perception of privacy and cyber security in relation to IoT products. Furthermore, we investigate how these perceptions influence consumers’ motivation to avoid using IoT products. This conceptualized model is tested using PLS based on 155 survey observations collected in Denmark. The results reveal that out of all the tested contextual, personal and risk variables, only the two contextual variables influence consumers’ avoidance motivation. Furthermore, the results reveal that those who have high concerns for their privacy are more motivated to avoid using IoT products. On the other hand, the results show that the consumers’ perception about IT threats does not influence their motivation to avoid using IoT products. This research has three main contributions to the existing literature. First of all, it contributes to the scarce academic research on IoT. Secondly, by focusing on avoidance motivation this paper takes on a different perspective than most studies concerning consumers and technology. Thirdly, to the best of our knowledge, this is the first study to investigate information privacy and cybersecurity as two clearly separated entities within the same study. Furthermore, this research has practical implications for both companies, consumers and society. However, there are multiple limitations to this study, therefore further research is encouraged.

EducationsMSc in Economics and Marketing, (Graduate Programme) Final Thesis
LanguageDanish
Publication date2019
Number of pages129
SupervisorsAlexander Josiassen