Privacy in Social Networks Economic Options for Regulation

Inaugural-Dissertation

zur

Erlangung der Doktorwürde

der Wirtschafts- und Verhaltenswissenschaftlichen Fakultät

an der Albert-Ludwigs-Universität Freiburg i. Br.

Vorgelegt von

Claus-Georg Nolte

Geboren in Siegburg

WS 2017/18

Privacy in Social Networks –

Economic Options for Regulation

Albert-Ludwigs-Universität Freiburg

Wirtschafts- und Verhaltenswissenschaftliche Fakultät

Albert-Ludwigs-Universität Freiburg im Breisgau

Wirtschafts- und Verhaltenswissenschaftliche Fakultät

Kollegiengebäude II

Platz der Alten Synagoge

Dekan: Prof. Dr. Alexander Renkl

Erstgutachter: Prof. Dr. Dr. h.c. Günter Müller

Zweitgutachter: Prof. Dr. Dieter K. Tscheulin

Datum der Einreichung: 19.12.2017

Datum der Promotion: 21.02.2018

Acknowledgements

In the course of developing this doctoral thesis and during my doctorate, I have enjoyed the

continuous support of a great number of people I would like to express my sincere gratitude.

First and foremost, I want to express my deep gratitude to my doctoral supervisor Prof. Dr. Dr.

h.c. Günter Müller for his mentorship and support over the past couple of years. I am very

thankful for his friendly attitude towards me, which led to many interesting and insightful

discussions even beyond the scientific scope. His advices and recommendations were extremely

valuable to my professional as well as personal development and of great help in writing this

dissertation. Overall, I always felt to be trusted and was granted the academic freedom to pursue

the objectives I was interested in. I would further like to express my gratitude towards Prof. Dr.

Dieter K. Tscheulin for accepting the task of the second reviewer for the dissertation and as

examiner in my Rigorosum. Also, I would like to thank Prof. Dr. Günter Knieps for his role as

examiner in the Rigorosum. Additionally, I want to thank the people at the Friedrich-Ebert-

Foundation for offering me a doctoral scholarship and their general support with this thesis.

I would also like to thank my colleagues and friends at the Institute of Computer Science and

Social Studies in Freiburg. In particular, I want to express my sincere appreciation to Dr.

Christian Zimmermann for his support with my first scientific contributions, his continuous

help in manifold topics and the many memorable experiences we had. Furthermore, my thanks

go to Dr. Christian Brenig for the fruitful discussions on research related topics and beyond.

Moreover, I want to thank my fellow colleagues Adrian, Arnt, Julius, Markus, Nadine, Richard

and Thomas for their efforts to support me and the friendly atmosphere at the Institute. I am

very happy that I have been able to work with such great colleagues and friends. I further thank

Anja Jülch for her help with administrative issues as well as Jonas Schwarz and Jonas

Kaltenbacher for their professional assistance.

Last but not least, I want to express my deepest gratitude towards my family. All this would not

have been possible without the unconditional support of my parents throughout my whole life.

I would like to especially thank them for their confidence in me, all the possibilities they offered

me and their encouragement in writing this thesis. I am also particularly thankful to my lovely

girlfriend Birthe, whose unreserved backing, patience and professional advice helped me to

write and especially to finalize this dissertation.

Cover design: Malte Rosenberg

Cover image: Gerd Altmann

i

Table of Contents

Table of Contents .................................................................................................. i

List of Figures ..................................................................................................... iv

List of Tables ....................................................................................................... vi

List of Abbreviations ....................................................................................... viii

1 Privacy in the Age of Social Network Services ............................................. 1

1.1 Privacy Factors in SNSs and Their Environment ...................................... 3

1.1.1 Personal Data ................................................................................. 3

1.1.2 Social Network Service.................................................................. 4

1.1.3 Social Network Operator ............................................................... 6

1.2 A Valid Privacy Definition for SNSs ........................................................ 7

1.3 Research Questions and Objectives ........................................................... 9

1.4 Outline and Contributions ........................................................................ 13

1.5 Remarks on Publications ......................................................................... 17

2 Interrelations of Privacy in the SNS Platform Environment ................... 19

2.1 A Framework for SNSs as Platform Businesses ...................................... 20

2.1.1 Approach ...................................................................................... 21

2.1.2 Platform Participants .................................................................... 22

2.1.3 Platform Architecture................................................................... 23

2.1.4 Platform Governance ................................................................... 23

2.1.5 Platform Effects ........................................................................... 24

2.2 System Dynamics Modelling of the SNS Environment .......................... 26

2.2.1 The Core....................................................................................... 26

2.2.2 The Periphery ............................................................................... 28

2.3 Insights from the SNS SD Model ............................................................ 31

2.3.1 Core Model Results...................................................................... 31

2.3.2 Extended Model Results .............................................................. 31

2.3.3 Limitations ................................................................................... 33

2.4 Conclusion ............................................................................................... 33

3 Economic Modelling of Privacy in SNSs ..................................................... 35

3.1 Case Study: PD as a Payment Method in SNSs ...................................... 36

3.1.1 Related Research .......................................................................... 36

3.1.2 Hypothesis and Procedure ............................................................ 37

3.1.3 Survey Results ............................................................................. 40

3.1.4 Regression Analysis ..................................................................... 40

ii Table of Contents

3.1.5 Regression Results ...................................................................... 42

3.1.6 Overall Results ............................................................................ 43

3.2 Modelling the Principal-Agent Dilemma in SNS ................................... 45

3.2.1 Related Work ............................................................................... 46

3.2.2 Model Assumptions ..................................................................... 46

3.2.3 Designing the Principal-Agent Model ......................................... 48

3.2.4 Balancing User Privacy and SNO Profit-Seeking ....................... 51

3.3 Conclusion ............................................................................................... 58

4 SNS Privacy and Regulation ....................................................................... 59

4.1 Economic Requirements for SNS Privacy Regulation ............................ 60

4.1.1 Related Literature ........................................................................ 61

4.1.2 Identified Privacy Threats and Data Types ................................. 63

4.1.3 Developing the Multidimensional Privacy Framework .............. 65

4.1.4 Framework Range of Coverage ................................................... 72

4.1.5 Framework Discussion ................................................................ 75

4.1.6 Potential Applications and Implications ...................................... 76

4.2 The EU Approach to Privacy .................................................................. 78

4.2.1 Related Literature ........................................................................ 79

4.2.2 Recapitulation: The Multidimensional Privacy Framework ....... 80

4.2.3 The GDPR: Genesis, Structure and Aim ..................................... 81

4.2.4 Interim Result: Conditions and Classifications met by the GDPR92

4.2.5 Evaluation: Does the GDPR cover it all? .................................... 93

4.2.6 Legal and Economic Capability .................................................. 99

4.2.7 Technical Feasibility ................................................................. 105

4.3 Conclusion ............................................................................................. 107

5 Social Network Services: Competition and Privacy ................................ 109

5.1 SNS Market Competition and its Influence on Privacy ........................ 110

5.1.1 Economic Analysis: Requirements and Model ......................... 111

5.1.2 Reality Check and Market Development .................................. 118

5.2 Enhancing Privacy Competition ........................................................... 123

5.2.1 The Right to Be Forgotten ......................................................... 123

5.2.2 The Right to Data Portability .................................................... 125

5.2.3 The Concept of Interoperability ................................................ 126

5.2.4 The Concept of Privacy Trust Banks ........................................ 130

5.2.5 Further Ideas .............................................................................. 133

5.3 Conclusion ............................................................................................. 136

Table of Contents iii

6 Does Economic Competition and Regulation Provide a Solution for Privacy in SNSs?

...................................................................................................................... 139

6.1 Summary and the Main Results ............................................................. 139

6.2 Implications for Future Research ........................................................... 143

Appendix ............................................................................................................... i

1. References ......................................................................................................... i

iv

List of Figures

Figure 1. Schematic Representation of Transactions in DCB (Source: [42]). ........................... 4

Figure 2. MSP model, including platform participants (I&II), same-side network effects (1&4),

and cross-side network effects (2&3; according to [40]). .......................................................... 5

Figure 3. Triangular Business Interaction. ................................................................................. 7

Figure 4. Outline of the Dissertation. ....................................................................................... 14

Figure 5. SNS core and periphery illustration loosely based on [44]. ..................................... 22

Figure 6. SD SNS Core Model................................................................................................. 28

Figure 7. SD SNS Core & Periphery Model. ........................................................................... 30

Figure 8. Survey Composition. ................................................................................................ 39

Figure 9: Instruments for Addressing the Privacy Problem in SNS. ....................................... 55

Figure 10. Privacy Threat Cause-Effect Relationships. ........................................................... 64

Figure 11. The Privacy Dimensions. ........................................................................................ 65

Figure 12. Conceptualization of Accountability as a Privacy Principle (taken from [196]). ... 67

Figure 13. Privacy Threats Embracing the Framework. .......................................................... 75

Figure 14. GDPR's Influence on the SNS Market Structure. ................................................. 108

Figure 15. The Market Structure of SNS. ............................................................................... 114

Figure 16. SNO Perspective on Competition. ......................................................................... 117

Figure 17. Social Media Ads used regularly by Marketers According to [253]. ................... 121

Figure 18. Interoperability: SNS Market Role and Impacts. ................................................. 129

List of Figures v

Figure 19. Privacy Trust Bank: Market Role and Impacts. .................................................... 133

Figure 20. Histogram of Age. ..................................................................................................... x

Figure 21. Histogram of FB Friends. ......................................................................................... xi

Figure 22. Histogram of Privacy Awareness. ............................................................................ xi

Figure 23. Distribution of Age through Experiment Groups. ................................................... xii

Figure 24. Distribution of FB Friends through Experiment Groups. ....................................... xii

Figure 25. Distribution of used FB Functions through Experiment Groups. .......................... xiii

Figure 26. Distribution of Users' Privacy Awareness through Experiment Groups. ............... xiii

Figure 27. Distribution of Degree of FB Using through Experiment Groups. ........................ xiv

Figure 28. Distribution of chosen Functions through Experiment Groups. ............................ xiv

Figure 29. Bivariate Regression for func.diffi with exp.gri as explanatory Variable. .............. xvi

vi

List of Tables

Table 1. Direct and Indirect Related Publications. ................................................................... 17

Table 2. Literature Review Distribution. ................................................................................. 21

Table 3. Chosen Functions for Different Experimental Groups .............................................. 40

Table 4. Multiple Regression for Selected Functions in the Experiment. ................................ 41

Table 5. Multiple Regression for Used FB Functions .............................................................. 42

Table 6: Applicability of high-level approaches in different scenarios .................................... 53

Table 7. Identified SNS Privacy Threats .................................................................................. 63

Table 8. Horizontal Privacy Conditions and Classifications. ................................................... 67

Table 9. The Multidimensional Privacy Framework. ............................................................... 71

Table 10. Privacy Conditions and Classifications met by the GDPR. ..................................... 93

Table 11. Privacy Types covered by the GDPR. ...................................................................... 96

Table 12. Privacy Sectors covered by the GDPR, distinguished to four different Scores. ...... 98

Table 13. Feature of Goods Classification for SNS. ............................................................... 113

Table 14. SNO Activities and Their Influence on User Privacy. ............................................ 118

Table 15. Breakdown of the Literature Review. ......................................................................... i

Table 16. Survey Design. ........................................................................................................... ii

Table 17. Distribution FB Users ................................................................................................ ii

Table 18. Gender Distribution. ................................................................................................... ii

Table 19. Educational Achievement Distribution. .................................................................... iii

List of Tables vii

Table 20. Variable Overview ..................................................................................................... iii

Table 21. Survey Raw Data. ..................................................................................................... vii

Table 22. R Script Data. ............................................................................................................. ix

Table 23. Mean, Standard Error and Correlations. ..................................................................... x

Table 24. Levene’s Test for Homogeneity of Variance (center = median) for the variable age

over exp.gr. ............................................................................................................................... xv

Table 25. Levene’s Test for Homogeneity of Variance (center = median) for the variable pr.awa

over exp.gr. ............................................................................................................................... xv

Table 26. Levene’s Test for Homogeneity of Variance (center = median) for the variable

fb.friends over exp.gr. ............................................................................................................... xv

Table 27. Levene’s Test for Homogeneity of Variance (center = median) for the variable fb.use

over exp.gr. ............................................................................................................................... xv

Table 28. Levene’s Test for Homogeneity of Variance (center = median) for the variable

func.diff over exp.gr. ................................................................................................................. xv

Table 29. Levene’s Test for Homogeneity of Variance (center = median) for the variable educ

over exp.gr. ............................................................................................................................... xv

Table 30. Bivariate Regression for func.diffi with exp.gri as explanatory Variable. ................ xvi

Table 31. Bivariate Regression for func.diffi with pr.awai as explanatory Variable. .............. xvii

Table 32. Bivariate Regression for func.diffi with gen.malei as explanatory Variable. .......... xvii

Table 33. Bivariate Regression for func.diffi with educi as explanatory Variable. ................. xvii

Table 34. Bivariate Regression for gr.func.alli with educi as explanatory Variable. ............. xviii

Table 35. Multiple Linear Regression for func.diffi. .............................................................. xviii

viii

List of Abbreviations

API Application Programming Interface

Art. Article of the European Union General Data Protection Regulation

BD Big Data

DCB Data-Centric Business

DCS Data-Centric Services

DPIA Data Protection Impact Assessment

DPO Data Protection Officer

EU European Union

FB Facebook

GDPR General Data Protection Regulation

H Hypothesis

HTTPS Hypertext Transfer Protocol over Transport Layer Security

IA Information Asymmetry

IETF Internet Engineering Task Force

IS Information Systems

IT Information Technology

MH Moral Hazard

MHG Multihoming

MND Minimal-Necessary Data

List of Abbreviations ix

MSP Multi-Sided Platform

NGO Non-Government Organisation

NPO Non-Profit Organisation

OSN Online Social Network

PBD Privacy by Design

PD Personal Data

PGP Pretty Good Privacy

PIA Privacy Impact Assessment

PM Payment Method

PSB Privacy-Seeking Behaviour

PTB Privacy Trust Bank

Rec. Recital of the European Union General Data Protection Regulation

RS Reputation Services

RQ Research Question

SD System Dynamics

SM Social Media

SNO Social Network Operator

SNS Social Network Service

TSM Two-Sided Market

TSP Two-Sided Platform

x 1 Privacy in the Age of Social Network Services

UDD Unintended Data Disclosure

UGC User Generated Content

USA United States of America

W3C World Wide Web Consortium

XMPP Extensible Messaging and Presence Protocol

1

1 Privacy in the Age of Social Network Services

When Samuel D. Warren and Louis Brandeis wrote “The Right to Privacy” in 1890 and

provided the first concept of privacy as “the right to be left alone” [1], the world was almost a

century away from developing the internet. Later, in 1967, Westin presented a definition that is

still relevant when he explained privacy as “the claim of individuals, groups or institutions to

determine for themselves when, how, and to what extent information about them is

communicated to others” [2]. This was still approximately 30 years away from people finding,

friending, and sharing data with each other on social network services (SNSs) such as Facebook

(FB) on a large scale.1 In 2003, Westin added that privacy “also, involves when such information

will be obtained and what uses will be made of it by others” [5]. Whenever the word “privacy”

is used in this dissertation it relates to this composite definition of Alan F. Westin.

Since the first formulation of the privacy concept, much research has been conducted on the

topic. The academic literature platform Google Scholar provides over 4,580,000 articles and

books concerning the field of privacy.2 Furthermore, fiction books such as like Orwell’s

“nineteen eighty-four” addressed the subject [6]. When Edward Snowden leaked information

about the US global surveillance program in 2013, Orwell’s novel became popular again and

research focusing on internet privacy became relevant and received attention [7]. With the

“Snowden leaks”, the presentiment of some scholars that the massive collection of personal

data (PD) and analysis for behaviour patterns could be a threat to individual privacy became

certain [8]. Consequentially, researchers’ focus shifted from an ethical view including the

conceptualization of privacy and its relationship with other constructs, to threats associated with

the massive collection and analysis of data from varicose sources (big data (BD)), and the

related security of information systems (IS) [9, 10]. At the Davos Forum in 2015, Margo Seltzer

clarified the ongoing debate about a contemporary privacy conception, stating that “privacy as

we knew it in the past is no longer feasible” [11].

1 Depending on the definition, the introduction of a graphic user interface for the bulletin board system in the

early 1980s can be interpreted as a first and simple SNS [3]. However, the worldwide public rise of SNSs as

they are known today began at the earliest with sixdegrees.com in 1997 [4].

2 https://goo.gl/VNbUvX (last reviewed on 23.08.2017).

2 1 Privacy in the Age of Social Network Services

The recent research on internet privacy highlights the discussion of whether the GB Brexit vote

and USA presidential elections of 2016 were manipulated by the FB, claiming that companies

used disclosed PD from FB users for behavioural profiling, and then directly addressed the

needs and fears of those voters via SNSs with personalized advertisements [12]. However,

recent research has proven that the voting behaviour of SNS users can in fact be influenced by

FB [13]. A similar observation was made by data scientist Cathy O’Neil, who indicated that

“predatory ads” on SNSs use the same mechanism to sell overpriced loans or for-profit

university places to the most desperate individuals [14].

There are four motives for conducting research on privacy in SNS. The first motive is juristic

intention because privacy is determined as a fundamental human right [15]. Thus, all spheres

where privacy may be threatened must be considered important. The second motive is economic

because if the privacy needs of citizens are not met, their willingness to participate in SNSs and

do business online may decline with lasting negative results for the overall economy [16, 17].

In addition, some authors indicate that the increasing information asymmetry (IA) between SNS

users and companies using disclosed PD for BD may increase the unequal distribution of global

income and wealth and contribute to political tension [14, 18, 19]. The perception of

behavioural science is the third motive, because individuals have a need for privacy to explore

different identities and develop a sense of autonomy [20]. The fourth motive is political because

the algorithms of SNSs which present users only their preferred content (filter bubble effect) in

combination with the afore mentioned voting manipulations of FB users may lead to a

separation of political groups [21, 22]. This separation leaves smaller room for political

compromises, which are necessary for a well-functioning democracy. All in all, with more than

50% of internet users as active members of the largest SNS, FB, and with nearly half of the

worldwide population connected to the internet, SNS user privacy is relevant to at least one

fourth of humanity [23, 24].

This dissertation analyses the topic of privacy in SNSs from an IS and economic research

viewpoint. The aim is to illustrate privacy factors in the SNS environment and examine the

related dynamics of user privacy. As such, this thesis analyses whether the status quo of privacy

in SNSs is economically inefficient or leads to inefficiency, and whether governmental

regulation is required. Moreover, existing approaches to solving the privacy challenge in SNS

business are assessed. Before the research questions (RQs) are concretised at the end of this

chapter, some preliminary remarks are made and the essential concepts are explained in the

1 Privacy in the Age of Social Network Services 3

following sections. Concluding this chapter, publications that are directly and indirectly related

to this dissertation are listed for completeness.

1.1 Privacy Factors in SNSs and Their Environment

One translation of the word privacy is secrecy, which makes surveillance the opposite of privacy

[25]. Surveillance differs between state surveillance and commercial surveillance. State

surveillance is defined as the monitoring of citizens and other people by government institutions

for political and security reasons. In contrast, commercial surveillance describes the observation

of users and the analysis of their PD by businesses for commercial purposes [26]. This

dissertation focuses solely on commercial surveillance in SNSs and the connected problem of

PD disclosure and related privacy threats. To build the framework for the following chapters,

the fundamental terms are defined below and are concretised when necessary in the relevant

places.3

1.1.1 Personal Data

The current most advanced data protection legislation, the General Data Protection Regulation

of the European Union (GDPR), clarifies PD as follows. In Art.4.1, PD is defined as “any

information relating to an identified or identifiable natural person”. An identifiable natural

person, is one who can be “identified, directly or indirectly, in particular by reference to an

identifier such as a name, an identification number, location data, an online identifier or to one

or more factors specific to the physical, physiological, genetic, mental, economic, cultural or

social identity of that natural person” [34]. This definition declares every bit of data disclosed

via or about a natural person to PD, if it allows drawing conclusions about her and is not

anonymized in a non-recoverable way.

In the information society, higher capacities to analyse data and superior data sets can constitute

crucial competitive advantages for SNSs and other companies [35]. Among the different classes

of data, the World Economic Forum stated that PD is a “critical source of innovation and value”

[36]. The common metaphor of PD as “the new oil of the 21st century” by European

Commissioner Kuneva further illustrates the critical role that is attributed to PD in the economy

3 This subchapter contains a compilation of similar preliminary remarks from [27–33] in modified form.


[36]. Consequently, PD markets have emerged, where data subjects such as SNS users

participate as suppliers of PD, often without knowing who collects, transfers, and monetizes

the data related to them [37]. Moreover, economic value is not solely created by the PD that is

gathered but also by the BD analysis of it and the revealed inferences and patterns [38]. The

combination an individual’s PD with external data from various sources often reveals further

insights into that individual’s behaviour, preferences, and state of health. The conclusions that

are drawn can be used for manifold purposes with wide ranging implications for the individual

and society, including target advertisements in SNSs [39], disease spread predictions [40], and

political manipulation [12].

1.1.2 Social Network Service

The current major SNSs are complex ecosystems which include different participants. While

there are SNS users interacting with each other and disclosing PD, the current major networks

do not charge their users for this service in monetary terms [41]. However, the leading SNSs

such as FB and YouTube are for-profit businesses that rely on a steady income to finance their

running costs (e.g. servers and programmers). The necessary income is predominantly created

by aggregating and analysing the SNS users’ PD. The identified inferences are then used to

provide precise targeted advertisement space to business customers, representing the other side

of the SNS ecosystem [41]. This revenue model makes SNSs data-centric businesses (DCBs),

as defined by Müller et al. [42]. A simplified scheme of DCBs is depicted in Figure 1.

Figure 1. Schematic Representation of Transactions in DCB (Source: [42]).


Data-centric service (DCS) providers such as FB provide most services free of charge (e.g.

social networking) to users and generate revenue by allowing companies to present targeted

advertisements to these users. Thus, DCBs act as multi-sided platforms (MSPs) that cater to

users of their services and to advertisers [43]. These MSPs, also known as two-sided platforms

(TSPs) or markets, contain three main features [44]. According to Staykova and Damsgaard

MSPs:

(1) enable direct interaction between two or more participants affiliated with them,

(2) contain homing and switching costs for these participants, and

(3) include direct (same-side) and indirect (cross-side) network effects (see Figure 2).

Figure 2. MSP model, including platform participants (I&II), same-side network effects (1&4), and cross-side

network effects (2&3; according to [40]).

Homing costs are the possible costs including money, effort, time and other aspects for entering

and using an MSP. Switching costs are similar and occur for those participants switching from

one platform to another. Furthermore, network effects occur when the value of the platform or

its product for one user depends on the number of other users (of the same or another group).

These effects can be positive or negative and are key aspects of MSP [45].

In the context of SNSs, the homing costs occur for users in form of the time and effort they

invest in creating their profile, connecting with friends, and entering content into an SNS. On

the other side, the homing costs for advertisers include creating an equivalent advertiser profile

(e.g. an FB-Site) and gathering an audience for their products. The switching costs for users are

similar to the homing costs and include learning how to use a new network; the costs are the

same for the advertiser side. Finally, the positive, direct network effects for SNS users are clear,

as an SNS is only valuable for an individual if she can connect and communicate with her

friends within the network. In addition, there are strong positive indirect network effects

between the advertisers and the users, because an SNS becomes more valuable to an advertiser


as more people are available as a potential audience within the network. A more detailed

analysis of the effects within an SNS is provided in chapter 2.

Finally, SNSs are characterised by specific features that they provide on the users’ side. To

clarify the concept of SNSs, the definition from Kane et al. is used and slightly modified due to

the development of leading SNSs [46]. For the scope of this dissertation, an SNS is

characterized by the following services: “Users …

(1) have a unique user profile that is constructed by the user, by members of their network,

and by the platform;

(2) access digital content through, and protect it from, various search mechanisms provided

by the platform;

(3) can articulate a list of other users with whom they share a relational connection;

(4) and view and traverse their connections […]” [46].

Kane’s phrase “and those made by others” is excluded from the quotation and the given

definition because current major networks such as FB allow users to hide their friend lists from

others via their privacy settings and generally do not display it to third parties.

The compilation of the given classifications for DCBs, MSPs, and SNS features comprises the

complete description of the appearance of SNSs. Furthermore, this definition of SNSs is

equivalent to the common term online social networks (OSNs). It covers all major western

SNSs including FB, Twitter, YouTube, and app-based networks like Snapchat and Instagram.

However, FB is the main example for the following analysis, since it is currently the largest

SNS and the object of investigation for most scientific studies.

1.1.3 Social Network Operator

As mentioned above, SNSs are for-profit businesses run by professional companies, which are

further denoted by social network operators (SNOs). The following pages discuss the definition

of Buchman et al. for the term SNOs, where SNOs are characterised as companies which

“provide the underlying basic services […] and infrastructures, […] needed by users to interact

with each other“ [47]. Thus, an SNO is a company that maintains and provides the infrastructure

for an SNS. For the SNS of FB the company Facebook Inc. is the SNO and for the SNS of

YouTube, the SNO is Alphabet, the mother company of all Google products.


Advertising is the prevalent form of revenue generation for SNOs [41]. The economic objective

of PD analysis in this context is as follows: The detailed knowledge about the SNS users,

especially the consuming preferences, allows advertisers to aim for their target groups [49].

Thus, SNOs are dependent on SNS users revealing their PD to analyse their preferences for

target advertising, and on advertising customers paying to reach those users. They act as an

intermediary between the advertising clients and the SNS users.

In summary, SNSs are multi-sided-platforms with three different participants: the SNO, the

SNS users, and the business partners respective advertising customers [50]. Figure 3 illustrates

this triangular business interaction.

1.2 A Valid Privacy Definition for SNSs

The concept of privacy must be distinguished from that of data protection. For the SNS case,

data protection represents the protection of stored user data by the SNO against external and

internal attacks (e.g. via encryption). The notion of data protection thus reflects a paternalistic

approach where uninformed or uncaring users and their PD must be protected from malicious

attacks for their own good by the SNO [51]. This assumes that the SNO acts in its users’ interest

Figure 3. Triangular Business Interaction.


either because of its own economic benefits or because they are forced by correspondent

legislations. In contrast and according to Westins definition, privacy should enable individuals

to control their PD and its usage [2, 5]. Thus, the idea of privacy represents a self-determination

approach and is correspondently linked to the individual’s right to informational self-

determination [52].

A broad review is required to understand the range of privacy in IS for SNSs. A comprehensive

framework for privacy in IS development was provided by Carew and Stapleton in 2005 [53].

The following paragraphs are based on their work and supplemented with subsequent privacy

insight and theories to provide a state-of-the-art summary of privacy research. The history of

privacy types, functions, and categories is outlined.

As noted, the history of privacy typology dates back to 1967 when Westin introduced his

definition of privacy and identified four different privacy types, including solitude, intimacy,

anonymity and reserve [2]. Solitude stands for being alone and unobserved, intimacy represents

being exclusively organised as a small group, anonymity stands for being unrecognized in

public, and reserve states the preference to limit information disclosure to third parties. In 1982,

Burgoon published her concept of privacy, which included the four dimensions: social,

physical, informational, and psychological privacy [54]. Pedersen then extended Westin’s

typology by adding isolation and separating intimacy into intimacy with family and intimacy

with friends [55].

In addition to his typology of privacy, Westin outlined four functions of privacy: personal

autonomy, emotional release, self-evaluation, and limited and protected communication [2].

Personal autonomy represents self-identity and independence, and emotional release describes

the safe withdraw from social life, roles, norms, and duties. Furthermore, Altman listed three

functions of privacy, including interpersonal functions, the interface of the self and the social

world, and self-identity [56]. In addition, Pedersen empirically identified the following five

basic functions of privacy: contemplation, autonomy, rejuvenation, confiding, and creativity

[55]. In 1998, Newell stated that from a systems perspective privacy provides a chance for re-

stabilisation, self-maintenance and self-development for individuals [57].

Clarke developed his privacy categorization at the same time as Pedersen in 1999, and

sectioned privacy into the categories of privacy of the person, privacy of personal behaviour,

privacy of personal communication and privacy of personal data [58]. In 2008, Solove


published his taxonomy of privacy and related privacy threats to the four different types of

information collection, information processing, information dissemination, and invasion [59].

Due to technological progress, Finn et al. upgraded Clarke‘s privacy categorization in 2013 and

included, inter alia, the privacy of location and space as well as the privacy of association [60].

A compendium on privacy in SNSs and the corresponding threats including a characterisation

of the three different privacy conditions (awareness, control, and trustworthiness) was also

presented by the Acatech study in 2014 [47].

Given the characterization of SNSs and the outline of privacy research in IS, the following

definition for user privacy in SNSs was developed. For this dissertation and its analysis, user

privacy in SNSs is defined as:

(1) the capability of SNS users to control their PD and its collection, aggregation, analysis,

and possible transfer within the SNS and beyond, and

(2) the SNS users’ ability to optimize the amount of data disclosure and its security

against misuse with respect to their preferences.

This definition is applicable regarding all the privacy categories mentioned above and is

adequate for the subsequent chapters. A more detailed privacy framework is provided for the

evaluation of the GDPR in chapter 4.

1.3 Research Questions and Objectives

Since FB was published in 2004, the presence of SNSs has consistently increased. The daily

SNS usage of individuals continuously increased and SNS users contribute more and more PD

to their networks [61]. Moreover, since the beginning of the smartphone age, SNSs have even

been following people from their desktops to every other place they go. SNS encourage people

to share all information about their lives with their friends within the network and thus, with

the network. Consequently, Harvard Law professor Jonathan Zittrain deduced in 2008 that this

technology threatens “to push everyone towards treating each public encounter as if it were a

press conference” [62]. This thirst for PD can be explained with the business model of SNSs,

which heavily depends on gathering and analysing user data to deliver targeted advertisements

(cf. subchapter 1.1 and [39]). While the resulting markets created by SNSs and other data-driven

businesses with highly transparent data-subjects might be efficient [63], financial factors are

not the only aspects to consider in the debate on PD markets. The human rights aspect of privacy


must also be addressed to find a balance between economic efficiency and the data-subjects’

right to informational self-determination [64], because the extensive collection and analysis of

user data poses a severe threat to users’ privacy [65].4

Since this thesis exclusively addresses the challenge of privacy in SNSs approached from an

economic and IS viewpoint the subchapter 1.1 outlines the ecosystem of SNSs and shows that

these networks represent multifaceted economic businesses with several sides. Since SNOs act

as intermediaries and their networks connect together advertisers and users, an examination of

user privacy in SNSs must start with an economic analysis of the MSP character of social

networks, their effects, and the resulting dynamics regarding privacy. By contrast, existing

models of privacy in PD markets focus on restructuring the market to provide general solutions

(e.g. the three-tier model of Novotny and Spiekermann [66]). An understanding of the economic

participants, processes, and interrelations is critical to ensuing the microeconomic investigation

of individual decisions about user privacy, and to the macroeconomic analysis of market

dynamics and governmental regulation. The objective of the first research question (RQ1) and

the associated chapter 2 is to provide the economic structure of SNSs as MSPs, and outline the

connected influences on user privacy on a system level. Therefore, the question is formulated

as follows:

RQ1: What are the economic participants, architecture, government, and effects in the SNS

ecosystem at the system level, and how do they interrelate with user privacy?

To explore user privacy in SNSs, the next topic that must be investigated in economic

approaches is the individual level of SNS decision making. Various scholars have examined

privacy in SNSs and user privacy activities predominantly through behavioural economics [67–

69]. The results show that users value privacy, but do not act accordingly within SNSs and e-

commerce environments. This discovery was formulated as “privacy paradox” [70, 71].

However, SNS users exhibited privacy-seeking behaviour (PSB) under observation to limit

their PD disclosure to SNOs [72]. Although research attempts to estimate SNS users’ valuation

of privacy in monetary terms have also been unsuccessful [73–75]. However, it is clear that

privacy plays a part in the economic operations of online services such as SNSs [42, 63, 76,

77]. The research results of preceding scholars reveal a user privacy dilemma in SNSs: users

4 Passages of this subchapter originate from [29].


value their privacy, but they do not act appropriately, their PSB is not successful, and they are

not willing to pay a significant amount of money to maintain their privacy.

Chapter 3 and RQ2 illustrate the user privacy dilemma of SNSs to explain the economic aspects

of user privacy and its connected effects and problems on the individual level. It is necessary

to include not only the extraneous circumstances, but also the individual obstacles to privacy in

SNSs in the subsequent analysis of possible solutions. The purpose of RQ2, to model privacy

in economic terms, has been approached by other researchers. The most prominent attempt (i.e.

numbers of citations) is the “privacy calculus” model developed by Dinev and Hart, describing

consumer privacy decisions in e-commerce as rational weighing [78]. Chellappa and Shivendu

built upon the privacy calculus with a property rights approach to privacy to develop their

economic model of privacy in online businesses [79]. Furthermore, the three-tier model of

Novotny and Spiekermann contributing to solve the privacy controversy by assigning “clear

roles, rights and obligations for all actors to re-establish trust” should also be mentioned [66].

These authors have provided general models that describe why consumers decide to disclose

personal information, but do not focus on this problem in SNSs. Moreover, they illustrated how

the implementation of property rights for data might contribute to solving the accompanied

privacy problem. Specialising in social networks, Krasnova and Veltri extended the calculus

model in 2010 and adjusted it to user choices in SNSs, illustrating why users decide to self-

disclose in the social network environment [80]. However, the objective of this dissertation and

of RQ2 is to deviate from the scientific research track with regard to outlining user privacy in

economics and provide a unique approach. The aim is to demonstrate that the PD disclosure of

SNS users is an economic transaction and the related privacy problems can be addressed with

classic economic models. Suitable economic solutions for the privacy challenge in SNSs and

its evaluation can then be derived. Consequently, RQ2 is formulated and partitioned as follows:

RQ2.a: Is SNS users’ PD disclosure interpretable as an economic transaction?

RQ2.b: Can the user privacy dilemma of SNSs be modelled in classic economic terms?

In addition to the privacy dilemma in SNSs, empirical data and the current economic discussion

suggests that the SNS market is moving towards monopoly conditions [81, 82]. This condition

is considered to need market intervention according to the classic economic theory, because it

cannot induce an efficient equilibrium [83]. This intervention can be from governments and

higher authorities through different provisions and regulations. An example of an approach to


improving user privacy and regulating the digital PD market is the GDPR [34]. The European

legislation has been examined by various scholars regarding its economic implications for the

affected businesses and its influence on the general level of data protection [84–88]. Yet, it is

unclear whether the GDPR can eliminate the causes of the user privacy dilemma in SNSs or

break the dynamics of the SNS market which threaten user privacy and drive it towards a

monopoly. Chapter 4 is therefore dedicated to answering the corresponding RQ3:

RQ3: Does the GDPR provide a regulatory solution for user privacy in SNSs, and what is its

influence on the SNS market?

The classic economic theory presents competition as a solution to achieving an efficient market

equilibrium [83]. Thus, it is likely that increasing SNS market competition is an answer to the

user privacy dilemma and the monopolistic tendencies. The impact of competition between

online platforms and services on consumer privacy has been addressed by scholars. Bonnneau

and Preibusch found empirical evidence of “vigorous competition for new users” between

different SNSs in 2010, but they concluded that the connected market for privacy in SNSs was

“dysfunctional” [89]. On a theoretical basis, Casadesus-Masanell and Hervas-Drane deducted

that the current SNSs will surpass their competitors if they choose to generate their revenues

by analysing PD, if users’ willingness to pay for privacy is relatively low [90]. In addition,

scholars of the HU Berlin theoretically demonstrated that SNSs will mine and use more PD as

their market position becomes stronger [91]. The objective of RQ4 is to build on these and other

findings about competition in the SNS and in the MSP market to draw conclusions about their

impacts on user privacy and the dynamics of the SNS market. Furthermore, those results were

matched with empirical market evidence, and potential interventions to increase competition

for user privacy in the SNS market were assessed. Building upon that approach, chapter 5 is

dedicated to answer the resulting two-part RQ4:

RQ4.a: Can competition enhance user privacy in SNSs?

RQ4.b: What interventions can direct and enhance the SNS market dynamics?


1.4 Outline and Contributions

As presented previously, the dilemma of user privacy in SNSs has been addressed by various

researchers from different scientific fields. The problem area of user privacy affects behavioural

economics as well as the classic microeconomics and macroeconomics; computer science, IS,

and law research are also addressing the privacy problem. Consequently, the analysis and

possible solutions for the dilemma of user privacy in SNSs must follow a holistic approach.

This dissertation is predominantly allocated to the fields of IS and economics, and the IS

research field is divided into two different streams: a design science approach which emphasises

the conception and evaluation of IS artefacts, and a behavioural approach which focuses on the

evaluation and prediction of human, and societal reactions to technology implementation [92].

According to this determination, this thesis follows the behavioural methodology of IS research.

Therefore, an interdisciplinary methodological approach is used to address the RQs, drawing

on methods from IS, economic, and legal research. This dissertation provides an in-depth

analysis of the user privacy problem in SNSs and contributes to the corresponding research

fields by modelling the privacy dilemma, and illustrating and evaluating possible economic

solutions to enforce user privacy in SNSs.

Figure 4 provides an outline of this dissertation and briefly summarises the chapters assigned

to the respective RQs. This thesis is structured logically along the RQs and analyses the system

structure of the SNS market on user privacy, before addressing privacy in SNSs on an individual

level by economic means. Moreover, the GDPR is addressed regarding its influence on privacy

and the corresponding market dynamics, representing governmental regulation of the SNS

market. User privacy as a competition factor in the SNS market is then analysed and potential

interventions to change the market dynamics in favour of user privacy are assessed. Finally, the

overall results of the dissertation are explained.


Figure 4. Outline of the Dissertation.

Chapter 6: Does Economic Competition & Regulation provide a Solution to Privacyin SNS?Chapter 6: Does Economic Competition & Regulation provide a Solution to Privacyin SNS?

The last chapter concludes the dissertation as a whole and provides an outlook for possible directionsof future research in this area.

Chapter 5: Social Network Services: Competition and PrivacyChapter 5: Social Network Services: Competition and Privacy

Tackles RQ4.a with its first subchapter and outlines that free competition between SNSs containsmainly user privacy reducing elements. The second subchapter is dedicated to RQ4.b and assessespossible interventions to change the competition dynamics between SNSs towards user privacy as acompetitve factor, resulting that interoperability would be best suited to do so.

Chapter 4: SNS Privacy and RegulationChapter 4: SNS Privacy and Regulation

Examines RQ3 and analyses the GDPR representatively for regulation on the SNS market. Results arethat the GDPR is able to increase user privacy in SNSs but fails to change the privacy harmfull dynamics.

Chapter 3: Economic Modelling of Privacy in SNSsChapter 3: Economic Modelling of Privacy in SNSs

Adresses RQ2.a in the first subchapter via a case study showing that PD disclosure by users can beinterpreted as payment method in SNSs and revealing that SNS users are objected to informationasymmetry. Accordingly, the second subchapter tackles RQ2.b models those information and powerasymmetries via contract theory.

Chapter 2: Interrelations on Privacy in the SNS Platform EnvironmentChapter 2: Interrelations on Privacy in the SNS Platform Environment

Answers RQ1 by modelling the participants, architecture, government, and effects of the SNSenvironment as well as their impacts on user privacy via System Dynamics Modelling. In doing so thechapter furthermore provides the second research frame for SNSs and reveals privacy harmfull aspectsof the SNS market dynamics.

Chapter 1: Privacy in the Age of Social Network Services Chapter 1: Privacy in the Age of Social Network Services

Provides the first research frame by determining SNSs, their MSP charakter, factors and participants aswell as a state-of-the-art privacy definition. Sets out the RQs and their objectices and presents a list ofthe author's publications.


Chapter 1 builds the first framework for examining user privacy in SNSs. It provides the

required definitions of SNSs, SNOs, PD and privacy, as well as the RQs to pursue the

investigation of user privacy in the following chapters. Furthermore, it illustrates the MSP

character of modern SNSs, and outlines the involved parties and their economic interests. The

definitions and the analysis of the MSP character of SNSs are a compilation of corresponding

sections from the papers listed in Table 1.

Based on a multidisciplinary literature review of SNSs, MSPs, and privacy markets, Chapter

2 describes a detailed system dynamics (SD) model of user privacy in SNSs. It provides the

answer to RQ1 by modelling the participants, architecture, government, and effects of the SNS

environment as well as their impacts on user privacy. The SD model illustrates that SNS users

are subjected to switching costs and lock-in effects which drive the SNS market towards

monopoly conditions. This chapter outlines the setting for the following analysis and is based

on the publication “Coherences on Privacy in Social Network Services” presented at the IFIP

Summer School 2016 in Karlstad, Sweden [30].

Chapter 3.1 provides the answers to RQ2.a about whether the disclosure of PD to SNOs can

be interpreted as a method through classical economic theory. It illustrates that user privacy in

SNSs can be understood as an economic problem and argues that the disclosure of PD in

exchange for SNS usage characterises a payment method (PM). In a case study that includes an

experimental part, it is shown by the statistic method of regression analysis that users lack

transparency to evaluate the amount of disclosed PD and the power to set their privacy

preferences. This chapter was presented and published as a full research paper “Personal data

as payment method in SNS and users’ concerning price sensitivity – A survey” at the

International Conference on Business Information Systems 2015 [28].

Chapter 3.2 supplies the equivalent answer to RQ2.b about whether the dilemma of user

privacy in SNS can be modelled in economic terms. It models the privacy problem with the

microeconomic contract theory, including the economic interests and motivations of the

participants and the distinction of three different market cases. It illustrates the information and

power asymmetries between SNS users and the SNO, and demonstrates the user privacy

dilemma. Furthermore, this chapter provides initial approaches to possible solutions for the

dilemma. This chapter was presented and published as a full research paper under the title

“Towards Balancing Privacy and Efficiency: A Principal-Agent Model of Data-Centric

Business” at the International Workshop on Security and Trust Management 2015 [29].


Chapter 4 addresses RQ3 about whether the GDPR as a governmental intervention can provide

a solution to the user privacy dilemma in SNSs. It carries the definition of privacy from

subchapter 1.2 forward to provide a framework for evaluating the legislation regarding its

privacy coverage. In the second step, the GDPR is consulted as the current most advanced

privacy legislation and analysed based on this framework. The legal and technical obstacles of

the regulation are also assessed and its economic impact is outlined. It is argued that the GDPR

may increase user privacy for SNSs but only to a certain level. Furthermore, the legislation

cannot change the privacy threatening dynamics of the SNS market and its drive towards

monopolistic conditions. This chapter was submitted to the Journal of Business & Information

Systems Engineering under the title “The General Data Protection Regulation Impact on Privacy

– An Assessment for SNS” and is currently under review [32].

Subchapter 5.1 builds upon the previous results to address RQ4.a about whether competition

can enhance user privacy in SNSs. It reviews theoretical and empirical results from MSP

competition research and matches them with empiric evidence from the SNS market to deduct

current and future development of user privacy. This analysis indicates that competition in the

SNS market is detrimental to, rather than reinforcing of, user privacy. Furthermore, it supports

the findings than the SNS market is driving towards monopolistic conditions. This chapter was

presented and published as a full research paper “Social Network Services: Competition and

Privacy” at the Wirtschaftsinformatik Conference 2017 in St. Gallen [31].

Pursuant to RQ4.b, the impact of the market-influencing parts of the GDPR and additional

regulatory interventions on the competition for user privacy are assessed and evaluated in

Subchapter 5.2 using the results of the previous chapters. It is revealed that interoperability in

combination with data portability represent the most promising attempt to change the SNS

market dynamics towards more user-privacy-friendly competition. This chapter was submitted

to the Journal of the Association for Information Systems under the title “Options to enhance

Privacy Competition in the Social Network Market” and is currently under review [33].

Chapter 6 concludes this dissertation by providing a summary of its outcomes and discussing

the resulting implications. Subchapter 6.2 then presents possible directions for future work.


1.5 Remarks on Publications

This dissertation does not constitute a thesis pursuant to the classical monograph manner; it is

a monograph thesis with a strong cumulative character. While perusing the research of user

privacy in SNSs for this dissertation, interim findings which now constitute essential parts of

this thesis were submitted or are published as full research papers in different proceedings and

presented at international conferences. At the outset of each affected chapter, the corresponding

information is provided as a footnote. Furthermore, a complete list of direct and indirect related

publications is depicted below in Table 1:

Publications (double-blind peer-reviewed)

[33] Nolte, C. G. (2018). “Options to enhance Privacy Competition in the Social Network Market”. In

Journal of the Association for Information Systems – submitted for review.

[32] Nolte, C. G. & Rosenberg, B. (2018). “The General Data Protection Regulation Impact on Privacy –

An Assessment for SNS”. In Business & Information Systems Engineering – submitted for review.

[31] Nolte, C. G., Schwarz, J., & Zimmermann, C. (2017). “Social Network Services: Competition and

Privacy”. In Wirtschaftsinformatik 2017 Proceedings.

[30] Nolte, C. G., Brenig, C., & Müller, G. (2016). “Coherences on Privacy in Social Network Services.”

IFIP Summer School 2016. Karlstad, Sweden, 21-26 Aug. 2016.

[29] Zimmermann, C., & Nolte, C. G. (2015). “Towards Balancing Privacy and Efficiency: A Principal-

Agent Model of Data-Centric Business”. In International Workshop on Security and Trust Management

(pp. 89-104). Springer International Publishing.

[28] Nolte, C. G. (2015). “Personal data as payment method in SNS and users’ concerning price sensitivity

– A survey”. In International Conference on Business Information Systems (pp. 273-282). Springer

International Publishing.

[27] Nolte, C. G., Zimmermann, C., & Müller, G. (2015). “Social Network Services' Market Structure

and its Influence on Privacy”. Amsterdam Privacy Conference 2015. Amsterdam, Netherlands, 23-26 Oct.

Table 1. Direct and Indirect Related Publications.

19

2 Interrelations of Privacy in the SNS Platform Environment

This chapter addresses RQ1 and takes the unique approach of a System Dynamics (SD) analysis

to understand and model the complex interrelations within SNSs and their environment on

privacy. Studies on privacy were analysed and combined with results of MSP research in an

interdisciplinary literature review. Based on this review, a qualitative system dynamics model

of SNSs was designed to comprehend factors that directly or indirectly influencing user privacy.

Analysing the model demonstrated that the main source of decreasing user privacy is

unintended data disclosure (UDD). Furthermore, the only elements that directly sustain privacy

are efficient privacy controls and raising user privacy awareness. The most notable result is the

multihoming feedback-loop, where user multihoming (MHG) behaviour increases market

competition for the time users spend on a network and prompts SNOs to include more platform

features. This feedback-loop leads to a rise in user data disclosure and an increase in user costs

in time and effort to switch to another network, which might result in a winner-takes-all

outcome for the social network service market in the long term.5

The EU Commissioner for Competition, Margrethe Vestager, warned that “if just a few

companies control the data [...], that could give them the power to drive their rivals out of the

market” [93]. As Evans and Schmalensee found, the majority of DCBs that aggregate and

control this data are constituted as SNSs [94]. In addition, the research of Evans and

Schmalensee on SNSs as MSPs reveals an interrelation between the positive direct network

effects among SNS users, which rise with an increasing user base and increasing market power

[95]. These insights lead to the main research question RQ1 for this chapter: What are the

economic participants, architecture, government, and effects in the SNS ecosystem at the

system level and how do they interrelate with user privacy?

Consequently, the aim of this chapter is to shed light on the darkness of the SNS platform

structure. The objective is to model SNSs as MSPs to investigate the different direct and indirect

influences on user privacy and their impacts on all platform dynamics. Therefore, a qualitative

SD analysis based on an interdisciplinary literature review was conducted.

5 This chapter includes and extends the paper [30].

20 2 Interrelations on Privacy in the SNS Platform Enviroment

This chapter is structured as follows: Initially, the literature review is presented to provide an

overview of the current MSP and SNS research, discussing the most relevant and controversial

findings. Building on that, coherencies and feedback-loops that are relevant to SNSs are

extracted and modelled with a bottom-up approach using SD. This is done using the findings

from the literature analysis to create an SNS core model containing the fundamental platform

parts. In the second step, further results in the form of the SNS periphery are implemented into

the SD model to complete the exposition (see section 2.1.1). The crucial and controversial parts

are then examined, including the implications for SNS user privacy to match them with

evidence from other empirical studies, market statistics, and media references. Finally, the

major findings and their implications are summarized and discussed.

2.1 A Framework for SNSs as Platform Businesses

Maxwell stated that a conceptual framework “is a simplification of the world […] aimed at

clarifying and explaining some aspect of how it works” and often based on a corresponding

literature review [96]. Consequently, an interdisciplinary literature review was conducted.

According to the methodology of Rowley and Slack, the review began with a brief search and

building on citation pearl growing on the results from the former [97]. The scope of the review

included SNS-user behaviour, internet privacy, and advertising on SNS and MSP. The aim was

to identify economic and behavioural interrelations and feedback-loops within certain SNSs,

and the SNS market in general. Therefore, the focus was primarily, but not exclusively, on the

impact of network effects and MHG from an MSP perspective on the SNS environment.

Furthermore, building upon that objective, the elaborated interrelations, including cross-border

connections, are modelled with system dynamics (SD) to visualize and thereby clarify

economical and behavioural interdependencies. The advantage of the SD approach is that it

targets the analysis of information feedback: “It treats the interactions between the flows of

information, money, orders, materials, personnel, and capital equipment in a company, an

industry, or a national economy” [98]. Thus, the method is appropriate to target the complexity

of the SNS market and to combine the findings of studies on behavioural economics regarding

user behaviour within SNS with the theoretical as well as empirical results from both general

and SNS-focused MSP research.

2 Interrelations on Privacy in the SNS Platform Enviroment 21

The literature review focuses on influential work from the last 15 years on the topic of MSPs,

SNSs, or general privacy in the internet age. The literature was identified by performing a brief

search with Google Scholar and the Freiburg University library catalogue for the keywords

“multi-sided platforms” and “two-sided markets”, as well as “(online) social network

(services)” and “Facebook”, alone or in combination with “privacy”. Citation pearl growing

was then performed to extend the literature collection. Only papers that contained results

directly connected or transferable to SNSs or the SNS environment were kept and additional

appropriate literature were identified from these resources. The review results were then sorted

by the topics of MSPs, SNSs, and privacy, as well as the categories of framework, discussion,

modelling, and empirical work. A framework is an overall consideration and structure of a topic,

while a discussion considers certain research results and modelling means generating a

theoretical model. Empirical work involves evaluating of surveys and market statistics. Finally,

the result was a database of 41 papers matching the research purpose (cf. Table 2).

Category / Topic MSP SNS Privacy Sum

Framework 1 1 0 2

Discussion 5 7 4 16

Modelling 5 3 1 9

Empirical work 2 9 3 14

Sum 13 20 8 41

Table 2. Literature Review Distribution.

2.1.1 Approach

The following structure was used while analysing the papers and determining the results which

were based on the MSP framework of Staykova and Damsgaard [44], to identify the

components for the SD modelling. First, four different SNS layers were distinguished:

1. Platform Participants: participants in the SNS environment (e.g. SNO, users, and advertisers),

including competing SNSs.

2. Platform Architecture: the core features of an SNS platform as well as subsequently integrated

features including apps and acquired services.

3. Platform Governance: possibilities of platform access, interactions, pricing policies in

monetary and non-monetary forms, and privacy policies.

4. Platform Effects: the different effects between participants caused by the platform

architecture or governance.


The evolutionary SNS approach of Staykova and Damsgaard was followed by the analysis [44].

The SNS core was determined first, consisting of the primal and fundamental features,

participants, and effects of an SNS, followed by the SNS periphery consisting of all additional

participants, features, and resulting effects (see Figure 5). This approach was used to build the

SD model.

Figure 5. SNS core and periphery illustration loosely based on [44].

2.1.2 Platform Participants

According to the analysis of Staykova and Damsgaard, the market-dominating SNS, FB, started

as a one-sided platform and evolved into an MSP [44]. This strategy was also used by many

other SNS and this finding is supported by the study of SNS history by Ellison [4]. Thus, the

core participants of an SNS are but the users and the provider (aka SNO).

Regarding to the SNS periphery (cf. Figure 5), the first participant to recognize are competing

platforms, a factor which is crucial for most MSP considerations [81, 99, 100]. Since the leading

income source for an SNS is advertisement [39, 44]. Other important participants are

advertisers [4, 39, 44, 49, 101]. In addition, FB integrated an application programming interface

(API) to motivate outside developers to enlarge their SNS features with apps and games. App

developers are therefore important participants in the SNS periphery [44]. Furthermore, SNS

features seem to play a significant role in users valuing an SNS [44, 46, 67, 72, 102] and

spending time on it [72], and one important competition between different platforms is about

the time users spend with them [31, 102].


2.1.3 Platform Architecture

The core architecture of an SNS contains the basic features, including the opportunity for users

to create a profile, enter user-generated content (UGC), build a network with other users, and

message other users [44, 46, 102].

In the periphery, additional SNS features such as event management, group-specific messaging

and boards, external apps and games, overtaken and included services (e.g. Instagram in the

case of FB), and identity management services (e.g. FB Login) can be found. For simplicity,

these features were all combined in a simple, quantitative proxy for the SD analysis. The

periphery also contains the most important component for monetizing the platform: the ability

to show targeted advertisements to the users, and the interface for advertisers to purchase these

advertisement spaces [44, 101]. Finally, user privacy controls are found in the periphery

because they are generally implemented at a later stage of the SNS when the basic features have

already attracted a high number of users [4, 103].

2.1.4 Platform Governance

There are two regulations to observe regarding the governance of the platform core. First, the

access policy of an SNS determines who is allowed to join the platform and under what terms

[44]. For example, FB only allowed students to join their platform in the early stage and ensured

this policy by approving only applications with a university email address [4]. Second, the

pricing policy was identified as a core element of platform governance. Pricing policy,

describes the monetary fees collected in a platform as well as non-monetary payments such as

the right to gather and analyse PD for commercial purposes. In this regard, all successful SNSs

have chosen to grant free access and gather PD for targeted advertisement as their prevalent

business model [4, 39, 44, 46].

Another part of the governance are the interactions provided and allowed between the different

platform participants. For the platform core, only the interactions between the platform users

are considered as essential for the SNS to gain UGC (cf. [44]). Moreover, the gathered user data

and users’ interest in privacy and control lead to the implementation of privacy policies, to

transparently illustrate the data use to users and improve their trust via privacy control options

[46, 72, 77, 104–107]. However, few SNS users seem to understand and use them [28, 68, 108].


Examining the platform periphery, demonstrated that the access policy is enhanced by

regulations not only for advertisers as expected, but also for app developers when an open API

is integrated. For some SNSs identity management tools also become part of their access policy

by implementing login services (cf. FB, Google+ or Twitter sign-in-services). Once the access

policy is extended, the pricing policy must be extended too, since advertisement space on SNSs

is usually auctioned to the highest bidder for a certain keyword or target group [49]. App

developers must share their revenue from a platform with the SNOs and the user often pays for

using the sign-in services with the disclosed information.

The possible interactions furnished by the SNOs extend into the periphery. Platform users can

interact with each other and with celebrity and company fan-sites and their advertisements, use

apps integrated by external app developers, and use their SNS profile as an identity management

tool to sign-in to external services and websites. Likewise, companies can run advertisements

for specific target groups, and are also allowed to create confirmed company profiles to provide

events or special offers through the SNS to their followers. External app-developers can collect

money through their apps to gain profit, acquired services are integrated into the platform, and

their UGC and users coalesce with the original SNS (cf. Facebook & Instagram or WhatsApp).

2.1.5 Platform Effects

In this section, the resulting effects between the above-mentioned platform participants and

different layers are determined. The platform core is first considered and then enhanced with

the periphery. The positive direct network effects between different users of an SNS are

identified, meaning that each user makes the platform more valuable for other users by her

membership and by contributing more UGC, resulting in a higher adoption rate [109–111]. A

higher amount of UGC and higher platform activity correlates with a higher quantity of

unintentionally disclosed data (UDD) [62, 72], which decreases users’ privacy. The number of

SNS features also has a positive influence on the UGC and on the time users spend within a

network [67, 72, 102], while the spend user time has a positive influence on user expertise with

the SNS. Finally, implementing privacy policies and controls has a positive effect on users’

privacy and on their trust in an SNS and their awareness of data usage by the SNO [46, 69, 77,

112, 113]. Increased trust can enhance users’ willingness to add UGC [103, 105, 114], but may

also have the opposite effect if they become suspicious about the data claims of their SNO [29].


With the integration of additional platform participants, the SNS periphery adds more notable

effects to the overall image. Indirect network effects resulting from the users make the platform

more valuable for advertisers and app developers, and have a positive influence on their

adoption rate [44, 81, 94, 115]. While the creativity of the app-developers and the newly created

SNS features seem valuable for SNS users [67, 102], the user acceptance of advertising is still

not clarified. Knoll notes that SNS users generally accept advertising “as long as it keeps a

valued service free of charge” [101], whereas Tucker suggests that social advertising in SNS

can “backfire” and should be flanked with adequate privacy controls [104, 113]. Other

researchers have reported to similar findings [72, 76, 114, 115].

With competitive SNSs, the effect of multihoming (MHG) arises when users utilise various

SNSs simultaneously [81]. Findings in research about MHG implications are manifold and, in

some cases, contradictory. Haucap and Heimeshoff suggest that MHG for SNSs is “principally

easy” [81], and Hyytinen and Takalo found that consumer awareness enhances MHG [116].

These assumptions are supported by recent statistics showing that more than half of all online

adults in the US use at least two SNSs [61]. Nevertheless, Mital and Sarkar argued that smaller

networks are only attractive for MHG with exclusive content [117], and Choi supported this

position by asserting that MHG can only be welfare enhancing if there is exclusive content for

each platform [118]. Moreover, Zhang and Sarvary mention that MHG leads to an overlap in

content and a winner-takes-all equilibrium [111]. These outcomes lead to the expectation of

rising competition between different SNSs for users and their generated content which

contradicts the findings of Doganoglu and Wright, who argued that MHG weakens competition

[119].

In theory, competition for users will lead to a greater regard for user interests by SNSs. This

conjecture is partly supported by Eisenmann et al. in 2006, who note that users, as the more

price sensitive side of the platform, are subsidized in the case of MHG [109]. Users are

considered the more price sensitive side because they are not willing to pay a significant amount

of money to use an SNS that maintains their privacy [120], and users are also price sensitive

regarding the disclosure of PD (cf. subchapter 3.1). In contrast the results of Rochet and Tirole

(2003), MHG on one platform side will intensify price competition on the other side [99]. This

is supported by the findings of Armstrong in 2006, who found that the single homing side will

be treated well and the MHG side’s interests will be ignored by the platform provider [100].


However, this subproblem about the MHG behaviour of advertisers in SNSs is not pursued in

detail in this chapter, but is approached in chapter 5.

2.2 System Dynamics Modelling of the SNS Environment

In this chapter, a system dynamics (SD) model for SNS will is described, which results from

the literature analysis. This task is divided into two steps, including the development of the core

model containing only the fundamental platform participants, architecture, government and its

resulting effects (cf. subchapter 2.1.1), to explain the interrelations in SNS and their influence

on user privacy. A more complex SD model was also created, to illustrate the SNS periphery

and its influence on user privacy.

The box variables of the core model are blue to differentiate them from the black elements of

the periphery. The positive connections of the core model are also blue unless they cut across

other elements, in which case they are green. Moreover, the negative connections are red for

the core model, orange for the periphery model, and pink in the case of overlap (cf. Figure 6 &

Figure 7).

2.2.1 The Core

Building the SD SNS core model (see Figure 6), the literature review reveals the core containing

only two participants: the SNO and the users. For simplicity, an own variable for the SNO is

spared in the model and only the architectural items are included, as well as regulations and

effects proceeding from it. The users are modelled in two variants: the variable of Potential

Users which represents all internet users who are not part of the SNS but could join it, and the

variable of Users which denotes the actual users of the SNS. Both relate to the Adoption Rate

U, indicating the rate at which people are joining the SNS. The quantity of users has a positive

influence on the adoption rate, representing the positive, direct network effect of the user to

potential users. Furthermore, the Adoption Rate U has a negative influence on the Potential

User showing that as more people join the network, there are fewer potential users.


As architectural item the variable SNS Features is included, representing the quantity of all

features available for SNS users.6 The more features that an SNS provides, the more time users

spend within the platform [102]. This is represented by the variable Time Users Spend in SNS.

The more features they use the more User Generated Content (UGC) they contribute. In

addition, the more time users spend on an SNS, the more often Unintended Data Disclosure

(UDD) occurs because most users are not aware that all their actions on the SNS are being

tracked [28, 121]. This variable stands for the quantity of data disclosed unknowingly to the

SNS by the users and provides a proxy for the loss of privacy. The same quantitative correlation

also exists with the total number of users; the more users that an SNS has, the more UGC is

created within it. The Privacy variable is also included for reasons of clarity and

comprehensibility, and UDD has a negative impact on privacy.

The SNS governance variable of Access Policy has a negative influence on the Adoption Rate

U, representing the opportunity for an SNO to limit the SNS membership to certain groups (e.g.

students) or to specific conditions (e.g. full real name registration). If there are no restrictions

to the SNS access, the variable Access Policy is zero, as is its influence on the adoption rate.

The other governance variable in the SD core model is Privacy Policy & Controls, representing

the implementation of a transparent privacy policy and privacy controls that enable users to

control the visibility and use of their data. The Privacy Policy & Controls variable has a direct

negative influence on UDD, furthermore, this variable has a positive influence on the users’

trust in the SNS, represented by the Trust variable, which has a positive influence on the UGC

[105]. As mentioned above, if no privacy policy and privacy controls are implemented by the

SNO, the variable of the Privacy Policy & Controls is zero, as its influence. The last variable

included in the core model is User Awareness, indicating how aware users are on average of

the possible UDD and general privacy problem. User Awareness has a negative influence on

UGC, as privacy-aware users use fewer SNS features and contribute less UGC to avoid UDD

(cf. subchapter 3.1).

The SD model shows that the main negative influence on user privacy for the SNS core

(characterized by the positive influences on the UDD variable) is the pure quantity of UGC,

which is caused by the number of SNS users and features and is supported by users’ trust in an

SNS (see Figure 6). Another source of UDD is the time users spent on the SNS. Apart from

6 Considering the influence of additional features, it is assumed that all features are at least implemented as

usability neutral and do not corrupt the user value of the SNS.


that, the only positive influence on user privacy seems to be User Awareness and the

implementation of Privacy Policy & Controls, at least for the SNS core.

Figure 6. SD SNS Core Model.

2.2.2 The Periphery

Three new platform participants were identified by extending the core model for the periphery

(see Figure 7). First, the Advertisers, Potential Advertisers, the Application Developers, and

the Potential Application Developers are all represented by identically named variables.

Similar to the user variable construct, adoption rates exist in this construct. Adoption Rate A of

the advertisers is positively influenced by the quantity of users, as is Adoption Rate AD of the

app developers, while the quantity of the Application Developers increases the quantity of SNS

Features. Moreover, Adoption Rate A is positively influenced by the Time Users Spend in an

SNS and by the new variable of Profiling Capabilities, which stands for the SNO’s ability to

profile and target specific user groups for advertising. Which is driven by the quantity of UGC

and UDD. Finally, the implementation of Advertisers has a positive effect on User Awareness

because SNS users apprehend data transfer to third parties [113].


The last platform participant is the variable of SNS competitors, which represents other SNSs

competing for the same users, advertisers, and app developers. This variable has a positive

influence on the Competitive Pressure in the markets; it positively influences MHG and vice

versa. High Competitive Pressure indirectly increases the number of implemented SNS

Features because the SNO wants users to spend more time in the own SNS [102], which leads

to an increase in the last variable for the periphery: User Expertise. This variable represents

how experienced users are at dealing with the SNS and, reflects the switching costs in terms of

effort to switch to another SNS or use it simultaneously. By increasing the switching costs, the

User Experience has a negative influence on MHG, which closes this feedback-loop. The

positive effect of User Awareness on MHG [116] then completes the full SD SNS model (see

Figure 7). Due to contradictory findings regarding the effects of advertising on SNS user

behaviour (cf. subchapter 2.1.5), none of those effects were implemented. Likewise

controversial impacts of MHG were not implemented.

Focusing on Privacy and its negative influences on UGC and UDD, the periphery provides

several new insights. First, the UGC and UDD both positively influence the SNS Profiling

Capabilities which are needed by the SNO to maintain and extend its market position for

advertisers, especially in the face of strong Competitive Pressure. Second, MHG negatively

influences privacy due to its positive effect on UGC as well as its indirect positive effects on

Competitive Pressure. The inclusion of App Developers also negatively influences privacy due

to the App Developers positive effect on SNS Features and on UGC.


Figure 7. SD SNS Core & Periphery Model.


2.3 Insights from the SNS SD Model

In the following section, the results from the SNS SD model that was constructed from the

findings of the literature review are discussed and matched with theoretical and empirical

evidence. The limitations of the review and of the model are also considered.

2.3.1 Core Model Results

As derived from the core model (cf. subchapter 2.2.1), the only negative cause of user privacy

in SNS is UDD, which occurs while users contribute any kind of UGC to the SNS or when they

browse it. These result aligns with other empirical and theoretical findings (cf. subchapter 3.1)

and other research showing that users constantly underestimate the amount of data which is

tracked and gathered by SNOs during the direct or indirect usage of their services [68, 69, 72,

106, 121]. Furthermore, it fits to the perception that SNS environments push users to reveal

more PD and thereby overcome users’ initial PSB [62, 72, 112].

Besides the general user awareness and the related user restraint when contributing UGC, the

only source that seems to limit the UDD is the implementation of privacy policies and controls,7

which is also consistent with theoretical findings (cf. subchapter 3.2). Implementing privacy

policies and controls is also beneficial for the SNO because it increases users’ trust in the

network and motivates them to contribute more content. This assumption is supported by the

latest implementation of privacy controls by the leading platforms [122, 123]. Thus, the trust

effect and increase in usage and UGC might compensate for the decrease of UDD, though this

conjecture requires research. The influence of direct positive network effects due to the user

amount on the user adoption rate of SNS is clear. Recent statistics show that the largest SNS,

FB, continues to grow and support this interrelation [61, 124].

2.3.2 Extended Model Results

Continuing with the full SD SNS model that includes the periphery (cf. Figure 7), the first

finding is that the number of SNS users influences the adoption rate of external app developers

and advertisers. While this result seems intuitive for advertisers and app developers, it can only

7 For simplicity, only well-functioning privacy policies and controls are assumed.


be confirmed for the advertisers in the FB case where the revenue from advertising increases

with the number of users [124].

If advertising is a main revenue source for an SNS, the profiling capabilities and the ability to

show targeted advertisement to a precise target group becomes crucial for the SNO. In addition

to the capability to analyse data, gathering data through UGC and UDD is an important factor.

If the gained user trust and the concomitant increase in UGC from implemented privacy policies

and controls cannot compensate for the decrease in UDD, SNOs seem indifferent to the efficacy

of those controls. The trend of FB’s default privacy settings from 2004 to 2015 towards making

more personal details open to public by default supports this conjecture [125, 126], as do

theoretical models and discussions from the literature review [17, 29, 49, 112]. However, recent

trends in platform business seem to oppose this notion with better privacy by default preferences

and hints on how to use implemented privacy controls [122, 127].

The most interesting result of the model is the feedback-loop regarding the interrelations

between SNS competitors, the competitive market, and user MHG behaviour. The outcome of

the literature review shows that MHG strengthens SNS competitors and competitive market

pressure regarding the fight for users’ time (cf. subchapter 2.2.2). Causing SNOs to include

more features in their platform such that users will spend more time on them. The SNO benefits

as users disclose more data by spending more time in the SNS and the user expertise for the

specific network improves. The latter increases switching costs in terms of practice efforts if

users want to switch to or use another SNS, which weakens MHG behaviour.

These interrelations seem to fit with FB; while MHG behaviour becomes more common [61],

FB purchases and includes more external services (Instagram, WhatsApp), and broadens self-

developed features such as instant articles or recent streaming of exclusive TV series [128,

129]. This MHG feedback-loop supports the findings of Zhang and Sarvary, who suggested that

MHG behaviour leads to an overlap in content and to a winner-takes-all equilibrium where the

biggest platform wins when there is no longer any difference in content [111]. In addition, the

results of Kwon, and Staykova and Damsgaard regarding platform stickiness by additional SNS

features are relevant [44, 102]. However, these results contrast with the theoretical findings by

Doganglu and Wright that MHG in MSP should weaken competition [119]. This allegation

might be true regarding the competition for users but it misses the increase in competition for

user time spent. Statistics support the finding of the MHG feedback-loop and show that FB

leads significantly in daily usage against its competitors [61].


2.3.3 Limitations

The literature review contains only a small part of all available work, and additional literature

could be used to validate and refine the model and its results. In addition, some of the included

literature about multi-sided platforms does not fit with the SNS case. While some of the papers

only address MSPs theoretically and others analyse nearby platforms, these findings were

transferred to the SNS case. Concerning the theoretical models, which had contradictory results,

were based on different assumptions. Nevertheless, those models were all built to describe the

processes of, and those related to MSPs.

2.4 Conclusion

The aim of this chapter is to understand the interrelations in SNS and the ambient market

structure influence on users’ privacy in SNSs. A literature review was conducted, analysing 41

papers from the last 15 years concerning the topics of MSPs, TSMs, and privacy for SNSs. The

analysis of these papers is followed a framework that is loosely based on the work of Staykova

and Damsgaard to identify the main elements and interrelations of SNS [44]. The analysis was

separated into an SNS core, which contains only the fundamental functions of the platform, and

a broader concept of an SNS periphery, which includes all important parts in the SNS market

structure. In a second step, the SD approach was used to develop a qualitative model from the

results of the literature review. The procedure was divided into several steps to first model the

SNS core and then to extend this base with the findings of the SNS periphery.

The core model showed that the negative influence on user privacy is UDD, which is caused

by the amount of UGC that users add to the SNS and the time users spend within the network.

Furthermore, UGC is positively influenced by the number of users and the available SNS

features, while the time users spend on the SNS is also influenced by the number of SNS

features and users’ trust. The positive effects on privacy include implemented privacy policies

and controls and general user awareness. The enhanced periphery model revealed that UGC

and UDD are positive factors for the profiling capability of the SNO, which is sold in terms of

targeted advertising to customers. Moreover, the model shows that user MHG behaviour has a

positive influence on UGC and indirectly on the market competitiveness. Therefore, there are

secondary negative impacts on user privacy.


In subchapter 2.3, these findings were discussed and matched with empirical evidence and

media reports. The most remarkable finding is the MHG feedback-loop, showing that user

MHG behaviour strengthens SNS competitors and competitive market pressure, which leads to

SNO including more platform features and users spending more time in the network. This in

turn has two positive consequences for the SNO: First, users disclose more data when they

spend more time in the SNS. Second, user expertise for the SNS increases, which raises users’

non-monetary switching costs and weakens MHG. This might lead to a winner-takes-all

outcome for the SNS market in the long term. Recent market developments, data on user MHG

behaviour, and daily usage of SNS strongly support this finding.

35

3 Economic Modelling of Privacy in SNSs

The delineation of the complex SNS ecosystem in the previous chapter shows that SNSs contain

several economic processes, including the usage of PD as an asset class that is first traded from

SNS users to the SNO and then refined and sold in the form of targeted advertisement to

business customers. As a reward for this loss in privacy, SNS users gain the right to use the

SNS without further charge. This chapter is dedicated to answering research question RQ2.a

and RQ2.b, to determine whether the transfer of PD from users to SNOs can be interpreted as

a transaction method and whether the user privacy dilemma can be modelled by means of

classic economic theory. Therefore, this chapter is partitioned into two main parts: the first part

depicts the perception of PD as a PM for users in SNSs and the second part models the SNO–

user relationship as the principal-agent problem from classical economic contract theory.8

In accordance with RQ2.a, the guiding questions of the first subchapter determine whether PD

can be a PM for SNSs and whether SNS users show price sensitivity regarding the demanded

extent of PD. In a survey among 300 FB users, the interviewees were asked which FB functions

they used. In an experimental part within the survey, they chose from these functionalities given

a direct trade-off for specific PD exploitation rights. The results show that the interviewees are

sensitive regarding the price in terms of PD. In general, they chose fewer functions than they

claimed to user in FB, even if the demanded price was lower. The findings support the theory

that users misinterpret SNO data exploitation rights and indicate a strong IA between the SNS

users and SNO relating to the aggregation and usage of PD.

These results are addressed in the second subchapter to answer RQ2.b. Based on a commodity-

centric notion of privacy, it takes a principal-agent perspective on DCBs such as SNSs. This

subchapter presents an economic model of the related IA privacy problem by drawing from

classic economic contract theory. Building upon a critical analysis of this model, it is examined

how regulatory and technological instruments could balance profit seeking of markets for PD

and data-subjects’ right to informational self-determination and privacy.

8 This chapter contains extended versions of papers [28, 29].

36 3 Economic Modelling of Privacy in SNSs

3.1 Case Study: PD as a Payment Method in SNSs

Social Networking Services can be used for free in monetary terms. Nevertheless, studies

suggest that users are aware that they pay to use the functionalities of an SNS by revealing their

PD to the SNO for commercial exploitation [130, 131]. From this perspective, PD is a PM for

SNS. Thus, the question of whether SNS users care for privacy relates to the question of whether

SNS users show price sensitivity regarding the exploitation of PD as a non-monetary PM. In

the current situation, opportunities for SNS users to show this price sensitivity are limited

because they face a “take it or leave it problem” [132]. People only have the choice between

participating in internet social life through SNSs and accepting that all their disclosed

information will be exploited or not signing up with SNSs.

This subchapter presents the results from a survey of 300 FB users. The “take it or leave it

problem” was bypassed by directly asking the interviewees if they would choose single SNS

functions in direct exchange for specific PD exploitation rights. The survey indicates that users

show price sensitivity, as interviewees chose less SNS functions when more PD exploitation

rights were demanded. Moreover, the interviewees chose fewer functions than they use on FB,

even if the demanded price was lower than the FB data exploitation procedure.

Multiple linear regressions for interviewees’ decision with the quantity of chosen FB and SNS

functions as the dependent variable and the estimated values representing personal attributes as

explanatory variables provided insight.9 The outcomes support findings that users cannot fully

enforce their preferences inside the FB environment [72, 133]. Furthermore, the negative

influence of the education level only for the stated use of FB functions indicates that

recognizing the FB exploited amount of PD correlates with higher education, supporting similar

findings [134].

3.1.1 Related Research

Several researchers targeted the related questions about whether users value privacy and are

willing to disclose PD, and which factors influence them to do this. The question of whether

people are willing to pay a monetary amount for privacy in SNSs has been examined by

different scientists with negative results [74, 131]. Moreover, Stutzman et al. found that FB

9 Personal attributes include privacy awareness, education level and gender.

3 Economic Modelling of Privacy in SNSs 37

users exhibited increasing privacy-seeking behaviour (PSB) [72], whereas studies revealed that

scandals about data leaks in SNSs had no sustainable effect on users’ behaviour and use of

SNSs [132, 134]. A related topic is the privacy paradox, which explains that users state that

they value privacy but behave otherwise [71]. Moreover, there is a significant link between

privacy concerns and self-disclosure, indicating that “users do account for privacy risks when

they decide to self-disclose” [131]. Acquisti and Gross as well as Krasnova et al. found a

discrepancy between claimed privacy concerns and disclosure behaviour on SNSs, which could

be partially explained by the fact that users trust SNOs and network members, and this trust

relies on users’ ability to control access to PD [69, 106]. However, other scholars found that

changes in disclosing behaviour are partly explained by policy and interface changes

implemented in SNSs, which countered PSB [133, 135], and by a lack of awareness of and

control by the SNS users [136].

3.1.2 Hypothesis and Procedure

In classic economics, a PM is defined as “something a customer gives to a vendor, if she wants

to acquire a specific good or service” [83] or as “the agreed way in which a buyer pays the

seller for goods” [137]. Combining these definitions with the findings of Hui et al. that

“consumers are willing to give up privacy in return for other benefits” [130] indicates that PD

is recognized and accepted on the users’ side as a PM, where the functionalities of an SNS can

be seen as the described benefits. Moreover, PD is accepted from the SNOs as payment, as

collecting, aggregating, and analysing users’ PD is a crucial aspect of their business model (cf.

chapter 1.1.3). From this viewpoint, the disclosure of PD including the transfer of certain usage

rights to the SNO can be perceived as payment for SNS’ functionalities. Using disclosed PD as

PM and showing that users react price sensitive and value privacy, instead of searching for a

monetary value of users’ privacy, is a unique approach. In addition, controlling the experiment

results with multiple linear regression provides insight that supports current theories about why

SNS users initially behave according to the privacy paradox.

If users value privacy, they should react price sensitively to the trade-off of PD for SNS

functions. Therefore, the first hypothesis (H1) for this subchapter is:

H1: SNS users react price sensitively to PD as a PM.


Hypothesis 1 is difficult to verify in practice. While users already pay for SNS functions by

revealing their PD, they face an IA, which makes it complicated for them to show price

sensitivity. Whereas the SNO is fully informed about the amount of data and details which are

stored and how they are used, users seem neither sufficiently informed or enabled to choose the

extent of data collection and usage [72]. Since users face a “take it or leave it problem” [72],

the second hypothesis (H2) is:

H2: Users are unable to show their price sensitivity within current SNSs.

By conducting a survey of FB users and integrating an experimental component, the IA and the

“take it or leave it problem” were bypassed. General questions about FB and SNS usage

behaviour allowed for the calculation of interviewees’ personal attributes. In the second part,

the interviewees stated the FB functions that they used. In the experimental third part, the

interviewees answered whether they would choose several SNS functions in exchange for

certain PD exploitation rights. This part verified H1 while the comparison of the second and

third part showed some evidence regarding H2. In addition, the multiple linear regression

analysis with the personal attribute estimates as explanatory variables and the results of either

the second or the third survey part as the dependent variable yielded the results to prove H2

The survey was done in German, implemented with the Sosci-Survey software,10 and

distributed from 03/06 to 04/30/2014 through FB, Twitter, and email with a request to

redistribute the link. FB users were chosen as the target group for three reasons. First, FB is the

current SNSs market leader and a survey for FB users made it easy to reach a high number of

potential interviewees. Second, it was simple to share the survey’s link through FB, which made

it possible to reach more than 300 participants within the first 14 days. Third, it was helpful to

focus on only one SNS because the survey compares actual behaviour with potential behaviour.

Thus, mixing different groups from different SNSs could have led to misleading results.

There were four different questionnaires containing the same first and last parts, but varying in

the middle.11 In the first part, each interviewee was asked if she uses FB, five questions to

measure her privacy awareness, one question regarding her FB usage behaviour, and one

question about her number of FB friends. Each interviewee was then asked which FB functions

10 http://www.soscisurvey.de (accessed 07.12.2017).

11 The full questionnaire as well as additional survey results and graphics can be found in the appendix.


she uses regularly with a multiple-choice question. Seven different functions were available to

choose from, including chat, messenger, newsfeed, event management, photo uploading and

sharing, video uploading and sharing, and apps inside FB.

Each participant was allocated randomly into one of four different groups to distinguish

different function prices. The groups contained questions about the direct trade-off between PD

exploration rights against the same six functions. The groups differed regarding the price of the

functions. In group 1, this price equalled MND-z for all functions, the price was MND in group

2, it equalled MND+x in group 3, and it was MND+x+y in group 4. Where MND is the minimal

necessary data to run a specific function and the right to process the data by the SNO, while x,

y, and z are additional PD exploration rights.

Group 1: MND – z, where z = content of conversions and comments.

Group 2: MND.

Group 3: MND + x, where x = answering a marketing question.12

Group 4: MND + x + y, where y = updating relationship status.

In the third part, questions were asked about the highest educational achievement, gender, and

age. An illustration of the complete survey composition is shown in Figure 8.

Figure 8. Survey Composition.

12 As an equivalent to the FB-like-system.

1. Part

•Questions regarding SNS usage & behaviour (privacy awareness, friends, used functions).

2. Part

•Experimental part with separation in four different experiment groups.

3. Part

•Questions about personal basics (age, gender, educational level).


3.1.3 Survey Results

The survey's link was spread via FB and Twitter for 56 days, and it received 640 clicks;13 386

people started the survey and 320 completed it which equals a response rate of 60.3% regarding

started surveys and 50% regarding completed surveys. Of the 320 completed surveys, 309

attendees were using FB and thus fit into the target group. The following data and analysis was

computed from this target group. The mean age of the interviewee group was 27.7 years,

distributed between 14 and 75, and they had an average of 388.6 FB friends. Regarding gender,

the sample was balanced as 53% of respondents were male. Furthermore, most interviewees

had at least a high-school diploma (83.5%). The interviewees had high privacy awareness on

average, with a mean value of 0.71 where 1 was the possible maximum. Running the levene

test shows that all variables were evenly distributed through the four different experiment

groups.

Comparing the FB functions used by the interviewees with the functions in the experimental

part the results differ by a mean of 0.99. Thus, the interviewees chose approximately one

function less in the experimental part. By distinguishing between the different classes, the

results become clearer (see Table 3). In addition, the participants chose fewer functions if they

faced an offer that was notably less costly in terms of PD exploration rights than the actual price

demanded by FB, if the function price in group 3 approximately equalled the FB function price.

Experiment Group Price Mean Difference Mean Chosen Functions

Group 1 MND – z -0.75 2.63

Group 2 MND -0.96 2.37

Group 3 MND + x -0.84 2.14

Group 4 MND + x + y -1.59 1.89

Table 3. Chosen Functions for Different Experimental Groups

3.1.4 Regression Analysis

Bivariate regressions that explain the stated use of FB functions and the experimental choice

indicate that a higher interview group and a higher price in terms of PD exploration rights

influences the interviewees to choose fewer functions. Likewise privacy awareness influences

the interviewees to choose fewer functions, while being male has an opposite effect.

13 Including accident double-clicks and search engine bot visits.


Implementing significant variables in a multiple linear regression model with the chosen

functions as dependent variable (see Equation 1) provides the following results (see Table 4):

𝑔𝑟. 𝑓𝑢𝑛𝑐. 𝑎𝑙𝑙𝑖 = 𝛽0 + 𝛽1 ∗ 𝑒𝑥𝑝. 𝑔𝑟𝑖 + 𝛽2 ∗ 𝑝𝑟. 𝑎𝑤𝑎𝑖 + 𝛽3 ∗ 𝑔𝑒𝑛. 𝑚𝑎𝑙𝑒𝑖 + 𝛽4 ∗ 𝑎𝑔𝑒𝑖 + 𝛽5

∗ 𝑓𝑏. 𝑢𝑠𝑒𝑖 + 𝛽6 ∗ 𝑓𝑏. 𝑓𝑟𝑖𝑒𝑛𝑑𝑠𝑖

Equation 1. Multiple Linear Regression for gr.func.alli.

Coefficients Estimate Std. Error t value Pr(>|t|)

(Intercept) 4.65 0.94 4.93 1.39e-06 ***

exp.gr -0.21 0.10 -1.99 0.05 *

pr.awa -3.49 0.79 -4.41 1.44e-05 ***

gen.male 0.54 0.23 2.34 0.02 *

age -0.04 0.01 -4.00 8.14e-05 **

fb.use 0.34 0.13 2.76 0.01 **

fb.friends 0.001 0.0004 1.78 0.08 .

Signif. codes: 0 ‘***’ 0.001 ‘**’ 0.01 ‘*’ 0.05 ‘.’ 0.1 ‘ ’ 1

Residual standard error: 1.95 on 284 degrees of freedom

(29 observations deleted due to missingness)

Multiple R-squared: 0.21, Adjusted R-squared: 0.19

Table 4. Multiple Regression for Selected Functions in the Experiment.

As expected, the experimental group affiliation (exp.gr) and the price have a negative impact

on the selected functions, as do privacy awareness (pr.awa) and age. The negative estimate of

privacy awareness is very significant and also highly influential with -3.49, representing that

an interviewee with a privacy awareness of 1 chose 3.49 functions less on average compared to

an interviewee with a privacy awareness of 0. Conversely, the estimates for male gender

(gen.male), degree of FB usage (fb.use), and number of FB friends (fb.friends) are positively

influential for the total number of functions chosen during the experiment, while the intercept

is positive too. It is remarkable that the bivariate regression shows that education has no

significant influence on the experiment choices.

The average interviewee chose fewer functions during the experiment if she was in an

experiment group with a higher price, had higher privacy awareness and is older. Alternatively,

the average interviewee chose more functions if she was male, had a high degree of FB usage,

and more FB friends. Comparing these results with a multiple linear regression to explain the

respective significant variables’ influence on the FB functions that were used (Equation 2)

completes the analysis (see Table 5).


𝑓𝑢𝑛𝑐. 𝑎𝑙𝑙𝑖 = 𝛽0 + 𝛽1 ∗ 𝑝𝑟. 𝑎𝑤𝑎𝑖 + 𝛽2 ∗ 𝑎𝑔𝑒𝑖 + 𝛽3 ∗ 𝑓𝑏. 𝑢𝑠𝑒𝑖 + 𝛽4 ∗ 𝑓𝑏. 𝑓𝑟𝑖𝑒𝑛𝑑𝑠 + 𝛽5

∗ 𝑒𝑑𝑢𝑐𝑖

Equation 2. Multiple Linear Regression for func.alli.


(Intercept) 4.00 0.70 5.69 3.24e-08 ***

pr.awa -1.19 0.60 -1.98 0.05 *

age -0.02 0.01 -1.95 0.05 .

fb.use 0.33 0.09 3.72 0.0003 *

fb.friends 0.001 0.0003 4.45 1.26e-05 **

educ -0.32 0.09 -3.79 0.0002 *** Signif. codes: 0 ‘***’ 0.001 ‘**’ 0.01 ‘*’ 0.05 ‘.’ 0.1 ‘ ’ 1




Table 5. Multiple Regression for Used FB Functions

These estimates are distinctly lower than the first regression, except for the number of FB

friends and the variable for the degree of FB usage, which are about the same. The value for R2

and the explanatory power are also similar. Since the standard error of the intercept is lower

than that of the first regression model, the value for the total of used FB functions fluctuates

less than the value for the total in the selected experimental functions.

3.1.5 Regression Results

H1: SNS users react price sensitively to PD as a PM.

The experiment’s results indicate that by explicitly showing the users the collected and

aggregated PD for each function, the IA regarding the collected and aggregated PD was negated.

This led to changes in users’ choice behaviour: Overall, users chose fewer functions and their

privacy awareness, age, and gender were more influential on their choice. Moreover, users are

price sensitive regarding the functions’ prices in terms of PD and choose fewer functions if the

price rises. Thus, H1 is verified.

H2: Users cannot show their price sensitivity within current SNSs.

The reduced number of selected functions during the experiment compared to users’ FB choices

can be partly explained by the reduction of IA. Asking users for the approval to give specific

PD exploitation rights in direct exchange for activating a specific SNS function reduces the IA


regarding collected PD that is aggregated and analysed by the SNO and increases “the ability

of an individual to understand the flow of personal information within an SNS” [138].

Furthermore, the results indicate that the influence of education level is negated by the

experimental design, which enhances transparency regarding the demanded exploitation rights

on the users’ side. This insight supports the findings that users have misunderstandings

regarding the data collected by FB [106, 133].

There are other magnitudes that partly explain the observed results. First, users escape the lock-

in effect of FB in the experiment and can make their experimental choice independent of its

influence. Moreover, the experiment gives them the opportunity to make a new choice regarding

their privacy-functionality preference and avoid possible mistakes in choices they made during

their experience with FB. Since the interviewees could not observe the choices of their friends

in contrast to actual FB usage experience, they were not influenced by any kind of herd instinct

or social pressure. Overall, the results strongly indicate that H2 is correct.

The presented experiment and its results have limitations. First, the survey was conducted

online, and the related link was spread personally through FB and Twitter. Thus, the results

might suffer from a peer group problem. Furthermore, “often, survey participants are less

privacy conscious than non-participants. For obvious reasons, this self-selection bias is

particularly problematic for survey studies that focus on privacy“ [106]. Thus, it is possible that

the variable privacy awareness and its influence is underestimated in the survey and the

experiment because people with high privacy awareness could have avoided the survey.

Moreover, the regressions do not explain more than about 20% of the variation in the total of

used FB functions and the total of functions selected during the experiment. Thus, there may

be other more influential effects that are not covered within this survey. Lastly, the variable for

privacy awareness was not measured strictly according to the Internet Users’ Information

Privacy Concerns standard (IUIPC) for survey length and usability reasons [139]. With 309

attendees, the survey results are presumably representative of the target group of German FB

users, but cannot be considered as universally valid.

3.1.6 Overall Results

The survey and its included experiment revealed the following results. On average, users

decided to use fewer functions than they use on FB if they face the direct trade-off between

SNS functions and PD exploitation rights, even if the price of the functions is significantly


lower than in FB. Moreover, the total number of chosen functions decreases when the price in

terms of PD exploiting rights increases. Second, the variables for privacy awareness and gender

are more influential in the experimental setting than they are for users’ actual choices on FB.

Third, the fluctuation of the total number of function selected during the experiment was higher

than the fluctuation in the total number of functions used on FB.

The first hypothesis H1 that SNS users show price sensitivity regarding the trade-off between

PD exploitation rights and SNS functions is verified. Users value privacy but the results also

indicate that users cannot transfer the observed price sensitivity to FB due to various obstacles:

IA about the collected and exploited PD by FB, peer pressure to disclose personal information,

and network- and lock-in effects [68, 130, 131, 133].

The survey findings indicate that the second hypothesis, H2, is also assumed to be true. Users

cannot show their price sensitivity regarding PD as a PM on FB. Moreover, the negative

influence of the education level variable on the use of FB functions as well as its insignificance

for the experiment decision,14 support research outcomes suggesting that the real price of SNS

usage is veiled to the users [72, 133, 134].

The experiment results also show that the user position is strengthened by enhancing

transparency. Diminishing IA by clearly stating which PD is collected, aggregated, and analysed

for each SNS function helps users to overcome misunderstandings and state their privacy

preferences. As the IA is beneficial for SNOs and their revenue model of exploiting PD for

commercial purposes, it will not benefit SNOs when users optimize their privacy-functionality

trade-off and choose more privacy and less revealed PD.

14 The respective regressions are presented in the appendix.


3.2 Modelling the Principal-Agent Dilemma in SNS

From an economic perspective, this subchapter analyses how the previously identified IA can

be reduced by technological and regulatory instruments, when focusing on the „First Tier

Relationship Space” of markets for PD [66]. The focus is on the direct relation of the primary

data-controller and data-subject in the case of SNS, the SNO, and the user. This builds on DCBs

as defined by Müller et al. and the privacy problems that are inherent in this business model

[37, 42]. A detailed description of the model including the transformation of SNSs is provided

in subchapter 1.1.2.

As discussed above, SNOs provide SNSs to consumers free of charge and generate revenue by

providing third companies with the ability to present targeted advertisements to these

consumers. This platform comportment characterises SNSs as MSPs that cater to users of their

services and to advertisers [43]. The collection of PD and the generation of user profiles are at

the core of those DCB models, as these profiles build the foundation for delivering targeted

advertisements (cf. subchapter 1.1). It is in the interest of SNOs to collect as much PD as

possible to generate precise targeting profiles. In addition, SNS users can benefit from profiling

(e.g. through decreased transaction costs due to automatically personalized recommender

systems) [140, 141]. The extensive collection, analysis, and usage of PD affect and threaten

user privacy [37, 142]. In the context of SNSs and relating to RQ2.b, this chapter addresses the

following questions:

1. How can the relationship between users and providers be modelled in economic terms?

2. Which leverage points for balancing economic efficiency and privacy can be identified

and how can technological and regulatory instruments help to establishing this balance?

To describe the privacy problems in SNSs and identify leverage points for balancing efficiency

and privacy, this subchapter provides an economic model of the privacy trade-offs in SNSs. The

presented model builds on a novel principal-agent perspective of SNS that is rooted in a

commodity-centric notion of privacy. A critical analysis of the model will then show how

regulatory and technological instruments could balance profit seeking of PD market participants

and data-subjects’ rights to informational self-determination user privacy.


3.2.1 Related Work

The emergence of barely regulated markets for PD and their threats to privacy have not gone

unnoticed by academia. Scholars in the computer sciences, jurisprudence, and IS are

investigating legal and technological instruments to regulate such markets and provide

instruments for data subjects to exercise greater control over their PD. Notable approaches

towards organizing markets for PD have been proposed by Laudon [143], Schwartz [144], and

Novotny and Spiekermann [66].

Technological and legal instruments for addressing the privacy problems in PD markets were

recently discussed by Spiekermann and Novotny [145]. The following pages elaborate on their

commodity-centric notion of privacy, in that considering only PD usage rights tradable.

Acquisti provides an economic model of privacy trade-offs in electronic commerce by

focussing on data subjects’ decision process and arguing for models based on psychological

distortions [146]. However, he does not investigate the perspective of the data controller and

the structure of the market. Furthermore, Chellappa and Shivendu provide a model for game-

theoretic analysis of property rights approaches to privacy, considering only monopolistic

markets [79]. In contrast to the existing work, the model provided in the following section uses

a principal-agent perspective and focuses on the market structure in SNSs.

3.2.2 Model Assumptions

The identification of leverage points for balancing market efficiency for PD and data-subjects’

privacy in SNS requires a model to describe the market, its agents’ behaviour, and the market’s

power structure. First, SNS and the assumptions underlying the model are elaborated on, and

then the principal-agent model of SNS is provided, building on a commodity-centric notion of

privacy. The model is based on the following three assumptions:

1. Usage rights to PD are transferable and tradable.

2. Providers and users act rational and have homogeneous utility functions within their

constraints.

3. Users are privacy pragmatists who are willing to substitute privacy for functionality to a

certain degree.

Assumption 1: Among many others, Campell and Hanson as well as Davies argued that the

growing economic importance of PD is paralleled by a shift in the public perception of PD and


a reconceptualization of privacy. The latter moves privacy from the domain of civil rights to the

domain of commodification, such that PD is increasingly considered a tradable commodity that

is separate from the individual [147, 148]. In the wake of this shift in perception, property rights

for PD have increasingly been debated not only in law, but also in IS and computer sciences

(cf. [52, 144, 149–152]). Purtova has shown that the current European data protection regime

“endorses the ‘property thinking’ with regard to personal data” and that data-subject ownership

claims to PD are compatible with the principle of informational self-determination [52].

However, the human rights aspect of privacy excludes full objectification of PD, as ownership

claims to it cannot be alienated [144, 149]. This model does not consider a full transformation

of PD as a property. Instead, it follows Spiekermann and Novotny and only considers usage

rights to PD as transferable and tradable [145].

Assumption 2: For mathematical simplicity, it is assumed that all agents within the model,

including providers and users, act rationally under constraints. Thus, an agent will perform any

action that increases her expected utility and will avoid any action that has no positive expected

utility for her. Moreover, it is assumed that users and SNOs have homogeneous utility functions,

which allows for the utilization of a single expected utility function for all users and a single

utility function for all providers within the model. These assumptions are also common and

necessary for the standard principal-agent model [153].

Assumption 3: Similar to Westin and Ackerman et al. “pragmatic users” are the centre of this

investigation [154, 155]. Pragmatic users are concerned about their privacy (i.e. the usage of

data regarding them) but weigh their concerns against the benefits of disclosing data about

themselves. This user model is supported by current research which shows that users are willing

to engage in online transactions and disclose PD if the perceived benefits of doing this outweigh

the cost, including the perceived cost of reduced privacy [106, 156, 157].

As defined above, users of SNSs may receive benefits from SNOs’ data aggregation and

analysis. However, to reap these benefits from data processing, users must entrust data that

relates to them to an SNO (i.e., transfer data usage rights to the provider). Given commodity-

centric perspective on privacy, the relationship between users and providers is considered a

principal-agent relationship [158]. In this relationship, users suffer severe IAs as shown

beforehand (cf. chapter 3.1 and [37]). Thus, users face a problem of moral hazard (MH); they

face the risk that providers exercise transferred usage rights in ways users do not prefer [153].


The classic approach to describing and investigating solutions to MH problems in principal-

agent relations is provided by the contract theory [153]. The classic model is based on the idea

that the principal and agent negotiate a contract and the principal pays the agent a price that will

urge the agent to follow strategies that benefit the principal, rather than following strategies that

solely maximize the agent’s own benefit. As such, the risk of MH is minimized by the principal,

though the classic contract theory model cannot be applied directly in the context of SNSs. As

shown above, current SNS users (the principal) undoubtedly enter a contract with the SNO (the

agent) by agreeing to its terms of usage without any latitude to set their own terms to this

agreement. Therefore, the user cannot negotiate this contract and must accept the conditions set

by the SNO.

The user also transfers usage rights to PD to the SNO such that she can reap benefits from the

SNO’s usage of the data. However, based on the contract, the user transfers more data and wide-

reaching usage rights than necessary (and possibly desired by the user) for receiving the desired

benefits, and pays a price to the SNO (cf. chapter 3.1). The SNO sets this price which does not

urge the SNO to act in the user’s interest. In fact, regarding privacy, the price is set to maximize

benefits for the SNO. Although the user is seldom able to fully comprehend common privacy

policies or terms of usage [159, 160], the model assumes that the user expects the SNO to be

able and eager to collect more PD than technologically necessary and to use the data for defined

purposes (e.g. for advertising) beyond providing the desired service (see assumption 2). Current

research supports this assumption and has shown that users engage in privacy-seeking

behaviour when on an SNS [72].

3.2.3 Designing the Principal-Agent Model

Game theory addresses problems where the probability of a certain outcome is unknown. In

this approach, users face a decision with a risk but not with complete uncertainty. While the

probabilities cannot be determined precisely, general outcome probabilities are roughly

deducible. For example, users can infer the probabilities for some extreme outcomes based on

media reports about data leakage scandals or similar reported events. Thus, following the classic

model, the user’s expected utility is presented as a concave Neumann-Morgenstern function

[153]. This allows the model also to consider different user types, such as risk-averse privacy

pragmatic users. The user’s expected utility is formulated as follows:


𝐸𝑈 (𝑎, 𝑠, 𝑥, 𝑟, 𝑧) ≔ 𝜋(𝑠, 𝑎) − (𝑔(𝑥, 𝑟, 𝑧) + 𝑧)

Equation 3

The user desires the SNO to perform action â (i.e., provide the desired services and exercise the

transferred usage rights solely to provide these services). Thereby â is part of a finite set of

possible provider actions A. Depending on the random variable s and the action a chosen by the

provider, the user receives the outcome function (s, a), with s ϵ S, S = {s1, . . . , sn}, p(s) ϵ [0, 1]

as a random variable that is individually drawn for each user. The outcome function (s, a)

accounts for the SNO’s ability to take action a (e.g., exercise usage rights for purposes

undesired by the user) because the outcome (s, a) partly depends on the chance that the user

cannot compare it to the desired outcome (s, â).

The user cannot determine which data and which usage rights are necessary to provide the

desired services (see MND). For example, an average user cannot estimate which data and

which usage of that data is necessary for providing the characteristic features of an SNS (as

described in chapter 1.1.2). The cost of providing the SNS at the technologically minimum

necessary amount of data and transferring the respective usage rights is represented by xmin >

0. The user’s maximum desired cost of disclosing data and transferring usage rights is

represented by ˆx. As described above, the user suspects that the SNO will collect more data

than technologically necessary to provide the desired SNS and use the transferred usage rights

for purposes (specified in the terms of usage) beyond providing the desired services. For

simplicity, illegal data usage by the SNO is not considered in the model. The user’s expected

cost of data disclosure and transfer of usage rights are represented by x with x ≥ xmin > 0.

User PSB accounted for by representing the subjectively expected privacy-related overall cost

of using the SNS by (g(x, r, z) + z) with g(x, r, z) ≥ xmin, z ϵ [0, 1]. For simplicity and clarity, the

costs of using the service are neglected (e.g. expenditure of time). In the construct (g(x, r, z) +

z), the variable z ϵ [0, 1] represents the cost that a user incurs when engaging in PSB, trying to

reduce x using privacy-enhancing technologies (PET) or by adjusting privacy settings [161]. If

the user does not engage in PSB then z = 0, and if the user engages in PSB to the maximum

extent technologically available then z = 1. It is assumed that the user is aware that PSB is not

necessarily successful (i.e. does not necessarily decrease x; e.g., data might be inferred

anyway). This uncertainty is represented by the random variable r, which is individually drawn

for each user, with r ϵ R,R = {r1, . . . , rm}, r ϵ [0, 1] and the probability q(r) ϵ [0, 1]. In this


construct r represents the chance of success of a user’s PSB, with r = 0 meaning no success at

all (i.e., g(x, r, z) = x). If r = 1, success depends on the invested z (i.e., g(x, r, z) = ˆx (or g(x, r,

z) = xmin if ˆx < xmin) provided z = 1). Furthermore, if r = 1, z ϵ ]0, 1[ then g(x, r, z) ϵ ]xmin, x[.

The SNO’s expected utility from providing a user with SNS is formulated as followed:

𝐸𝐹(𝑎, 𝑥, 𝑟, 𝑧) ≔ 𝑓(ℎ(𝑥, 𝑟, 𝑧)) − 𝑐(𝑎)

Equation 4

The provider aims to receive x (i.e., data relating to the users and the respective usage rights)

and incurs the cost c(a) of its action (providing the SNS and exercising usage rights to user’s

data), with c(a) ≥ 0 and c(a) = 0 only for a = 0. With the utility function f(h(x, r, z)), the SNO

expectations depend on the expected effectiveness of users’ PSB, i.e., on r, z, and x, which is

accounted for by the outcome function h(x, r, z). In any case, the provider receives at least h(x,

r, z) ≥ xmin. Given the high information asymmetries in SNSs (chapter 3.1 or [37]), the SNO is

in a position to set the price in terms of data transfer and usage rights (i.e., to set x as high as

possible for profit maximization). Thus, the SNO aims to establish contract x(π), which

maximizes:

∑ 𝑝(𝑠𝑖) ∗ ∑ 𝑞(𝑟𝑗) ∗ 𝐸𝐹 (𝑎, 𝑔 (𝑥(𝜋(𝑠𝑖, 𝑎)), 𝑟𝑗 , 𝑧), 𝑟𝑗 , 𝑧)

𝑚

𝑗=1

𝑛

𝑖=1

Equation 5

While the assumed pragmatic user is willing to trade privacy for the benefits of using an SNS,

even a pragmatic user is not willing to completely substitute privacy with functionality (cf.

subchapter 3.1 and [154, 155]). Thus, the assumed pragmatic user will refrain from using a

specific SNS if she expects the SNO to collect data and exercise data usage rights to an extent

far beyond that which is desired. In that case, EU < U0 where U0 is the user’s expected utility

from not using a service at all. Similar to the classic contract theory, this constraint is

represented as follows:


∑ 𝑝(𝑠𝑖) ∗ ∑ 𝑞(𝑟𝑗) ∗ 𝐸𝑈 (𝑎, 𝑠𝑖 , 𝑥, 𝑟𝑗 , 𝑧) ≥ 𝑈0

𝑚

𝑗=1

𝑛

𝑖=1

Equation 6

As non-monopolistic markets are assumed, users can choose from several SNOs (e.g. different

SNSs) to obtain similar benefits. Thus, a privacy pragmatic user will only use a specific service

if, in addition to the constraint formulated above, the following constraint holds:

∑ 𝑝(𝑠𝑖) ∗ ∑ 𝑞(𝑟𝑗) ∗ 𝐸𝑈 (𝑎, 𝑠𝑖, 𝑥, 𝑟𝑗 , 𝑧) ≥ ∑ 𝑝(𝑠𝑖) ∗ ∑ 𝑞(𝑟𝑗) ∗ 𝐸𝑈 (𝑎′, 𝑠𝑖 , 𝑥′, 𝑟𝑗 , 𝑧)𝑚𝑗=1

𝑛𝑖=1

𝑚𝑗=1

𝑛𝑖=1 .

Equation 7

Here a’ and x’ represent actions of an SNO’s competitors and the data and data usage rights to

be transferred for using their services. If competitors exist, the provider cannot completely

neglect the assumed pragmatic user’s concerns for privacy. Again, there are some constraints

to that equation. For simplicity, the model does not include positive direct network effects

between users as described in chapter 1.1.2.

3.2.4 Balancing User Privacy and SNO Profit-Seeking

The presented model exhibits some limitations. In line with most economic models, it builds

on the assumption of rational agents. While the model can be adapted to model privacy-affine

or privacy-uninterested users by adapting U0 or g(•), the model does not consider psychological

distortions [146]. Furthermore, the model covers the MH problem on the user’s side, but it does

not consider the inverse IA suffered by the SNO with respect to the user’s characteristics. While

it does account for the IA regarding users’ PSB, it does not account for possible misuse of

services by the user (e.g., data crawling and reselling). The model also does not consider illegal

behaviour by the SNO (e.g., privacy policy violations or non-compliance with data protection

regulation). Moreover, other limitations that might restrict an SNO’s ability to collect and use

PD are not included (i.e. usability, design, and technical constraints or legal restrictions).

Finally, the positive direct network effects between users within the same SNS are rudimentarily

covered by the outcome (s, a), but not explicitly included. Considering these limitations, the

opportunities to achieve a balance between user privacy and SNO profit-seeking by means of

technological and regulatory instruments are discussed in the following.


In a state of perfect competition with SNOs as price-takers [153], the SNOs would be forced

by competition to set x as low as possible to cover their marginal cost of the provided action a.

If the MND and usage rights xmin to perform action a suffice to cover the marginal costs of

providing it to yet another user, the x demanded by all SNOs would consequentially be xmin and

an equilibrium would exist for x = xmin with a ≥ a’.

However, the current SNS market is far from a state of perfect competition. The actual market

situation indicates that the branch is dominated by FB with roughly 85% of the market share,

and that FB is flanked by small competitors competing for the left-over market [162]. The

current market situation resembles a monopolistic situation where the SNO maximizes its

revenue and therefore x, with the only constraint of delivering a service with expected user

utility equal to or greater than the user’s utility without any service: EU ≥ U0 (see Equation 6).

Thus, the dominant SNO is currently in the position to establish contracts with its users, but not

necessarily in all cases, such as that of x > ˆx > xmin [72]. If EU ≥ U0 with x > ˆx there are few

incentives for the SNO to establish contracts that are more privacy-friendly, (i.e., set x = ˆx and

a = â). Three scenarios in the first relationship tier to be investigated can be distinguished [66]:

1. Users do not consider privacy a competitive factor.

2. Users perceive privacy as a competitive factor, but they cannot determine SNOs’ level of

privacy-friendliness.

3. SNS markets are currently monopolistic.

a. Users perceive privacy as worthy of protection.

b. User do not perceive privacy as worthy of protection.

These scenarios require different approaches towards balancing market efficiency and privacy.

Furthermore, whether there is a need for privacy protection at all must be investigated. Some

scholars have argued that privacy protection generally decreases efficiency and general welfare

[63]. While full transparency and full information might increase efficiency, the human rights

aspect of privacy excludes pure efficiency-focused approaches towards markets for PD [15].

Regardless of which scenario currently exists, a balance between efficiency and privacy in SNS

businesses must be established.


Which instruments are suited for achieving this balance depends on the SNS market structure.

To identify and discuss instruments for balancing privacy and efficiency the scenarios provided

above are analysed in the following section. There are three high-level approaches to balancing

privacy and efficiency: market-centric approaches, regulation-centric approaches, and user-

centric approaches. The differentiation criteria for these approaches are their primary

instrument for balancing privacy and SNO’s profit-seeking in SNS. Table 6 provides an

overview of the approaches and their applicability to the scenarios described under the premise

that privacy requires protection.

Table 6: Applicability of high-level approaches in different scenarios

Scenario 1: Users do not consider privacy as a competitive factor

In scenario 1 (S1), pure market-centric approaches (i.e., regulatory laissez-faire or incentive-

entered interventions) are not suited to fostering increased privacy-friendliness in SNS markets

as both SNOs and users have no self-motivated incentives to provide or demand respective

services. The same is true for user-centric approaches. For privacy to be achieved in S1, only

regulatory action and a (soft-) paternalistic regulatory regime can be applied. The presented

model does not aim to provide insight into the challenges of such an approach and thus, S1 is

not considered further in this analysis.

Scenario 3: The SNS market is currently monopolistic.

In scenario 3 (S3), market-centric approaches are not suited to balancing efficiency and privacy.

In S3.b, user-centric approaches are not well suited, as users have no incentive to take action to

protect their privacy. In S3.a, users, such as the pragmatic user of the presented model, have

incentives to expend z > 0 to protect their privacy. Provided PSB is effective and users can

determine its effectiveness, user-centric approaches can lead to increased privacy in S3.a, but

only on an individual level when PET is used on the users-side [161].

Market-Centric Regulation-Centric User-Centric

Privacy through market

mechanisms, primarily driven

by incentive-based

approaches, possibly

supported by technological

instruments and/or regulatory

instruments.

Privacy through regulatory

instruments, focussing

primarily on prohibition,

possibly supported by

technological instruments

and/or market mechanisms.

Privacy through technological

instruments, primarily driven

by user demand, possibly

supported by market

mechanisms and/or regulatory

instruments.

Scenario 1 - X -

Scenario 2 X X (X)

Scenario 3 - X (X)


Purely user-centric approaches would not change the market structure and an approximate

monopoly situation would continue. Therefore, regulatory action to weaken or break the

monopoly and enable and increase market competition would be necessary. To achieve a

balance between profit-seeking and privacy, only regulation-centric approaches are applicable

in S3. Such approaches would need to convert S3 to S1 or S2 and subsequently perform

regulatory action, as described above, to achieve a balance between privacy and efficiency.

Chellappa and Shivendu propose the introduction of property rights to personal information as

a regulatory approach to balancing profit seeking and privacy in a monopoly [79].

Scenario 2: Users perceive privacy as a competitive factor, but they cannot determine

SNOs’ level of privacy-friendliness.

Scenario 2 (S2) exhibits characteristics that are similar to those of ‘lemon markets’, which are

doomed to fail in the long term [163]. While users in S2 value privacy, they cannot determine

the privacy-friendliness of an SNO ex ante or ex post entering a contract. Thus, SNOs have no

incentive to compete on privacy and compete on functionality instead. From a long-term view,

privacy-friendly SNOs would leave the market due to their lower profits caused by a lower x,

and the market would fail as no balance between privacy and profit-seeking could be achieved.

In classic lemon markets and in SNS markets, the problem is rooted in information and power

asymmetries [37]. In S2, classic instruments for reducing these asymmetries seem best suited

to achieving a balance between privacy and market efficiency. Because of the principal-agent

relationship in SNSs and the human-rights aspect of privacy, further instruments and the

suitability of classic instruments for reducing information and power asymmetries must be

investigated for the context at hand. In the following paragraphs, technological and regulatory

instruments for balancing privacy and efficiency in S2 are discussed. Figure 9 provides an

overview of the analysed instrument categories.

Signalling and screening are instruments for reducing information asymmetries ex ante

establishment of a contract [83]. The informed party can utilize signalling instruments to signal

its characteristics to the uninformed party to reduce the IA and convince the uninformed party

to establish a contract with the signalling party instead of with another party. Signalling,

however, can only be a successful mechanism if the uninformed party has good reason to trust

in the signal (i.e., the cost of falsely signalling a characteristic while not exhibiting it must be

high, and ideally exceed the benefits of doing this). Screening can be perceived as inverse

signalling, as the uninformed party can utilize screening instruments to reduce IAs by actively


trying to identify the informed party’s characteristics. In the context of SNS markets, an SNO

has superior information regarding xmin, x, and a (i.e., it is the informed party) [37]. Signalling

and screening are instruments for market-centric approaches to balancing privacy and

efficiency (see Table 6).

Drawing from the literature, transparency-enhancing technologies (TETs) that are applied

before establishing a contract (ex ante TET) were identified as potential instruments for

signalling in the SNS market [164, 165]. Ex ante TETs comprise all TETs that are applied before

using a service and include tools for policy visualization (e.g., PrivacyBird)15, privacy seals

(e.g., the European Privacy Seal),16 and other instruments for providing information regarding

intended data collection and usage (i.e., information on x, a, and possibly xmin). A variety of ex

ante TETs exist, however, their suitability to balancing privacy and efficiency in SNSs is

limited. While tools for policy visualization can signal intended PD collection and usage (i.e.

15 http://www.privacybird.org (accessed 07.12.2017).

16 https://www.european-privacy-seal.eu (accessed 07.12.2017).

Figure 9: Instruments for Addressing the Privacy Problem in SNS.


x), they do not provide users with information regarding the actions that an SNO performs (i.e.

a). Privacy seals can be a valid instrument for signalling if they are issued by a trustworthy

party and the criteria for awarding the seals are known to users.

Screening originally refers to actions of the uninformed party that aim to induce the informed

party to actively reveal its characteristics during negotiation of the contract [83]. Technological

instruments for policy negotiation exist (e.g. P3P/APPEL, XACML, and the approaches

provided by Pretschner et al., and Hanson et al. or Bohrer et al.) [166–169]. However, these

mechanisms are not supported by a relevant SNS, which is not surprising given the power

relations in the market described above. Reputation services (RSs) are existing and actively

used mechanisms that resemble classic screening for SNSs, in that they allow the uninformed

party to reduce IAs ex ante establishment of a contract [170]. These mechanisms include crowd-

sourced RSs such as “Web of Trust”17 or “TOS;DR”18 or RSs aimed at allowing users to rate

other services. RSs can allow users to gain insight into an SNO’s behaviour. However, crowd-

sourced RSs are not well suited to provide meaningful information regarding xmin, x, or a as

other users cannot fully determine the SNOs’ actions (even if they have already established a

contract with a specific SNO). If the SNO grants wide-ranging insight into xmin, x, or a after

establishing a contract, crowd-sourced RSs can constitute effective instruments for estimating

xmin, x, or a. However, no major SNO already does this. In addition to instruments that are

applied ex ante establishment of a contract, instruments that can be applied to reduce

information and power asymmetries ex post must be investigated. Furthermore, some

instruments, especially regulatory ones, exist that cannot be categorized as ex ante or ex post

instruments.

Users can apply user-side PETs [161] at cost z to reduce the information they disclose and an

SNO’s power to exercise usage rights to PD, including tools for anonymity (e.g., Tor)19 and

obfuscation (e.g. TrackMeNot [171]). Since data minimization on the user side does not help

users learn the hidden characteristics of the SNO, user-side PETs are considered instruments

for diminishing power asymmetries. While user-sided PETs do not allow users to estimate xmin,

x, or a, they can reduce the privacy-related costs of using SNSs ex post establishing of a contract

17 https://www.mywot.com (accessed 07.12.2017).

18 https://www.tosdr.org (accessed 07.12.2017).

19 https://www.torproject.org (accessed 07.12.2017).


by reducing h(x, r, z). Usage control tools (as presented in e.g. [172, 173]) in combination with

policy negotiation tools can also be applied to reduce power asymmetries (and IAs if policy

negotiation can be used for screening) by giving users means for setting rules for the exercise

of usage rights by the SNO (i.e. for influencing a). Ex post TETs aim to provide users with

insight into actual data collection and usage [164]. The most prominent class of ex post TETs

are privacy dashboards. Depending on their functionality, they can be considered instruments

for reducing IAs or instruments for reducing power asymmetries. While read-only ex post TETs

are instruments for reducing IA ex post establishment of the contract, interactive ex post TETs

are instruments for reducing power and information asymmetries [174]. Whereas ex post TETs,

and privacy dashboards in particular, seem to be promising approaches to balancing privacy

and efficiency in SNSs, current approaches (as proposed in e.g. [175, 176]), such as the privacy

dashboard provided by Google,20 do not provide trustworthy information and are not well suited

to balancing privacy and efficiency [174].

Accountability-centric approaches are currently widely discussed as methods for balancing

privacy and efficiency. Privacy by accountability inherently requires a combination of

technological and regulatory instruments [177, 178]. Respective approaches to privacy build

upon audits to determine SNOs’ adherence to data protection regulation and agreed-upon

polices. A central concept within accountability-centric approaches towards privacy is liability,

(i.e., sanctioning providers in the case of noncompliance with regulation and agreed-upon

policies). While accountability-centric approaches to balancing privacy and efficiency are

promising and increasingly investigated, no respective solution exists.

Regulatory action towards reducing IA is currently being conducted in the new GDPR [34].

Regulatory instruments can set the legal framework to reduce IA ex ante and ex post

establishment of contracts and can support both regulation-centric and market-centric

approaches towards balancing privacy and efficiency. Another pure regulatory approach is the

assignment of property rights to PD, which is debated in the fields of law, IS, and economics.

20 https://myaccount.google.com (accessed 07.12.2017).


3.3 Conclusion

The survey and the included experiment presented in chapter 3.1 proved that PD can be

interpreted as a PM in SNS, that users are price sensitive and pay for SNS functionalities with

PD, and that an IA regarding the collection and use of PD in current major SNSs exists at the

users’ expense. In addition to the IA about the aggregated and analysed data, users are exposed

to other effects which urge them to reveal more PD as self-intended (i.e. peer pressure to

disclose network and lock-in effects) [68, 130, 131, 133]. Furthermore, the experiment

outcomes support former study results, which suggest that the real price of SNS usage in terms

of PD disclosure, aggregation, and analysation is veiled to the users by different mechanisms

[72, 133, 134].

Building on these insights and drawing from contract theory, a principal-agent model of the

privacy problem and trade-off in SNS was provided in chapter 3.2. Asymmetries of information

and power were identified as the primary leverage points for balancing efficiency and privacy

in the SNS market, and in non-monopolistic markets, privacy is perceived as a competitive

factor by users and SNOs. Thus, SNOs have the incentive to provide users with increased

transparency and control regarding their PD in perfect competition, though the actual SNS

market situation is almost monopolistic [162]. The presented model reveals that regulatory

pressure might be necessary to foster competition in the current SNS market and enhance the

competitive role of privacy. Based on the analysis, it was concluded that a transparency-

fostering regulatory regime in combination with trustworthy ex ante and ex post TET,

respectively accountability mechanisms, seems best suited for achieving a more privacy-

friendly balance of efficiency and privacy in the current SNS market. Adopting a commodity-

centric notion of privacy into law might further increase users’ ability to exercise their right to

informational self-determination without losing the benefits of SNS.

59

4 SNS Privacy and Regulation

In the classic economic theory, governmental regulation is necessary if markets are imperfect

and cannot find an efficient equilibrium [83]. The chapters above demonstrate that SNS users

suffer from information and power asymmetries and cannot enforce their privacy preferences

(cf. chapter 3). Furthermore, competition in the SNS market is detrimental to user privacy rather

than enforcing it, and the markets are moving towards a monopoly situation (cf. chapter 2).

Accordingly, a governmental intervention or regulation of the SNS market is appropriate.21

The objective of this chapter is to answer RQ3 about whether the user privacy problem in SNSs

can be solved with regulative approaches. Therefore, this chapter is divided into two major

parts. The first subchapter 4.1 compiles a conceptual framework of user privacy in SNSs to

validate regulative approaches concerning their privacy coverage and sustainability. The

subchapter provides a qualitative, conceptual framework for user privacy in SNSs to validate

privacy regulations. For the design process of the framework, different user privacy theories as

well as privacy threats and types of PD were identified from the recent, scientific literature. The

presented framework combines state-of-the-art privacy theories structured in three dimensions,

including time as a unique approach. It covers all identified privacy threats and types of PD.

The framework can be used to evaluate privacy policies and legislations, and as a basis for

privacy impact assessments (PIA) and privacy by design (PBD) approaches for SNSs and

DCBs.

The following subchapter 4.2 draws on the framework developed previously to evaluate the

current leading privacy legislation, the EU GDPR, and to answer RQ3. In accordance with the

framework dimensions, the GDPR is analysed for its privacy-relevant segments, which are then

examined regarding their implementations for user privacy in SNSs, and for their juridical and

economic sustainability and technical feasibility. Moreover, the effects of GDPR on the

dynamics of the SNS market regarding user privacy are assessed. A conclusion for the entire

chapter is then provided.

21 This chapter includes and extends the paper [32].

60 4 SNS Privacy and Regulation

4.1 Economic Requirements for SNS Privacy Regulation

The topic of privacy in SNSs has been addressed by numerous researchers from different fields

over the past two decades. Different theories, frameworks and typologies for privacy have been

published from various professions to explain this complex concept for diverse scopes

including SNSs (cf. subchapter 1.2). Moreover, privacy concerns have led to different data

protection legislations worldwide with a wide range of strictness. This subchapter approaches

the privacy field from a political economics perspective. The aim is to develop a conceptual

framework for online privacy in SNSs based on existing theories and supplemented by two

different time points as a unique dimension. This framework enables the evaluation of the

purview and efficacy of policies and regulations as well as the SNOs consequential measures

concerning user privacy.

First, an overview of privacy characterisations, frameworks, and theories from recent literature

is given. The results from this research are then used to identify the main privacy threats from

the user perspective and the different types of PD in SNSs. The multidimensional, conceptual

privacy framework is developed from different existing privacy typecasts and theories enriched

with a new time dimension. Then it is shown that before identified privacy threats and SNS data

types are covered by the privacy framework. In the last step, the results are evaluated and

summarised.

According to Maxwell, a conceptual framework is based on a corresponding literature review

[96]. Consequently, the history of privacy categorizations and frameworks was determined by

a short literature review based on the concepts of Rowley [97]. Building on this, the

multidimensional privacy framework was developed and explained, which represents a

simplified mapping of privacy and its dimensions in SNSs. Therefore, the notion of Becker

[179] was followed and the framework was systematically developed from prior perceptions,

using the contributions as modules for the work. The existing theories and typologies are

condensed for online privacy in this conceptual framework. The resulting framework contains

different, hierarchical classifications which can be addressed and fulfilled by corresponding

regulations, though such a framework can never be considered complete or ultimate. The

following history of online privacy shows that technological progress and new scientific results

will always generate the need to expand or modify existing privacy concepts, typologies, and

frameworks.

4 SNS Privacy and Regulation 61

4.1.1 Related Literature

The literature presented in the following section was identified by searching Google Scholar,

the IEEE Xplore database, and the ACM digital libraries for the words “privacy” and SNS or

OSN in combination with the terms “framework”, “typology” or “types” as well as “threats” or

“challenges”. Based on the results, a citation pearl growing search was conducted with the

appropriate documents according to the literature review concepts of Rowley [97]. The

corresponding overview of privacy types and typologies is presented in subchapter 1.2 of the

introduction. The following paragraphs complete the needed foundation for the privacy

framework development, and present existing privacy frameworks and threats for SNSs user

privacy.

Concerning privacy frameworks, the framework by Carew and Stapleton developed in 2005

covered most of the in subchapter 1.2 presented privacy concepts and grouped them into five

dimensions of privacy (physical, social, psychological, informational and global), each

containing several different privacy aspects [53]. Dinev et al. created a privacy framework for

the Web 2.0 context, “linking privacy and its various correlates together” and identifying

anonymity, secrecy, confidentiality, and control as “relevant correlates” [180]. In 2014,

Crawford and Schultz addressed privacy threats in BD from a law perspective and developed a

model of procedural data due process as a response [181]. Furthermore, Trepte et al. examined

internet users’ online privacy attitudes and behaviours empirically, and developed the online

privacy literacy scale (OPLIS) which differs between five dimensions of online privacy literacy

[182].

Petkos et al. used a quantitative method to study privacy and introduced a framework for raising

SNS users’ awareness about their disclosed data [183]. They distinguished PD into eight

different dimensions with different attributes and values to calculate the PScore. A similar

approach was taken by Zeng et al., who quantitatively evaluated the privacy risk for SNS users

as a function of their privacy awareness with their TAPE framework [184]. However, it is

important to note that the conceptual privacy framework developed in the following is not solely

focused on the users and their privacy awareness, but on the policies and measures to protect

and restore all relevant dimensions of user privacy in SNSs. Accordingly, the framework is not

quantitative, but contains qualitative dimensions with conditions that can be fulfilled by

regarding regulations and provisions.


Regarding the issue of privacy threats for SNSs, one of the earliest papers summarizing

corresponding threats was published by Abril in 2007 [185]. She outlined the danger of

unintended audience and the increasing risk which occurs when postings and pictures are

revealed to third parties which allows them “to manipulate and further disseminate” them [185].

Also Preibusch et al. investigated privacy problems “not bounded by the perimeters of

individuals but also by the privacy needs of their social networks” [186]. Fire et al. provide a

comprehensive review of privacy and security threats in SNSs and present corresponding

solutions [65]. They grouped the privacy threats into four different categories: classic threats,

modern threats, combination threats, and threats specifically targeting children. While the

classic threat category consists of general internet security and privacy threats that do not

exclusively concern SNS users, the modern threats are unique to the SNS environment and are

of special interest for the following analysis. A compendium on privacy threats in SNSs is

provided by the corresponding chapters of the Acatech study [47]. Likewise, Spiekermann et

al. and Weber published papers concerning the future threats for privacy and PD, and for the

corresponding markets [187, 188]. In 2016, Kumar et al. published their risk analysis of SNSs,

containing a list of 20 different security and privacy threats extended with three additional

points for the unique case of health care SNS [189].

Krishnamurthy and Wills published a study on user privacy in SNSs, showing the defective user

enforcement and awareness in using privacy controls in 2008 [190]. Furthermore, Zheleva and

Getoor demonstrated that private information of SNS users can be revealed by interferences

from their network even if their own account is non-public [191]. Bonneau and Preibusch

analysed the privacy practises and policies in SNSs referring to their market behaviour and

profit drive, finding inter alia that the market for privacy in SNSs is “dysfunctional” [89]. In

addition, Zhang et al. found “inherent design conflicts” between their posed security and

privacy goals and SNS usability and sociability [17]. The complex trust issues of user privacy

in SNSs were examined by Shakimov and Cox regarding users’ trust in SNOs, app developers,

and other users in 2011 [192].

Greschbach et al. examined privacy challenges for decentralised SNSs, which are not directly

in the scope of this subchapter but are mentioned for completeness [193]. Furthermore,

discrepancies in the user understanding of privacy policy language, particularly with respect to

data sharing, was found by Reidenberg et al. [108]. They indicated the lack of transparency and

the resulting IA between SNOs and users created by complex legal language. In addition, Henne


et al. conducted an online survey and suggesting that user privacy and control should focus on

the privacy of users’ own generated content and on the information revealed by the uploaded

media of other users, especially regarding geo-tagged photos and videos [194]. Finally, chapters

2 and 3.2 show that privacy cannot currently be forced by market competition.

4.1.2 Identified Privacy Threats and Data Types

With the literature review presented before, the following threats to user privacy in SNSs were

identified (see Table 7), as well as their cause-effect relationships (see Figure 10) and the

corresponding types of PD. Moreover, the highlighted cause-effect relationships between the

identified privacy threats were perceived.

Table 7. Identified SNS Privacy Threats

Information asymmetry between the user and the SNO can cause misunderstandings

regarding the use of the collected PD for secondary purposes and the visibility of postings and

messages. Similar misunderstanding occur for limited SNS user ability to put privacy

preferences into effect. While a SNS data leakage as well as a data leakage at third services

which had access to the SNS user data can also lead to unintended audiences of PD or

unauthorized use of PD for other purposes. The results of these incidents can be direct and/or

Threat Description Related literature 1 Information

asymmetry

Unintelligible SNS privacy policies, terms of use, permissive

privacy defaults, and opt-in settings lead to IA between the

SNO and the user about which PD is visible to whom and

used for which purposes.

[47, 89, 187, 194]

2 Limited user

ability

Insufficient SNS privacy controls and misleading user

interfaces limit the ability of users to effectively tune their

privacy settings.

[17, 47, 89]

3 Data leakage Immense PD aggregation and insufficient security by an SNO

can lead to data leakage. This can happen by accident or by

attacks, both from outside (e.g. phishing attacks) or inside the

SNS (e.g. fake-profile friend requests).

[47, 65, 187, 189]

4 Unintended

audiences

Revealed PD is visible for an originally unintended audience.

This can occur due to IA (1) and limited user ability (2).

Negative consequences may be misuse (8), retransmission,

and data leakage (3).

[17, 65, 89, 185]

5 PD use for

secondary

purposes

PD is used by the SNO or third parties for a purpose which

the SNS user originally did not agree on or was not aware of

(e.g. due to IA (1)).

[47, 186–189, 192]

6 Direct data

interferences

UGC from person A in combination with meta data (e.g.

photo geo tags) and/or BD analysis reveals new insights,

which was not intended by her for disclosure.

[187, 188, 194]

7 Indirect data

interferences

Published content from person A reveals information about

person B to third parties without B’s awareness or approval

(e.g. photos of public spaces or events containing person A).

[186, 188, 191, 194]

8 Data

manipulation

Unauthorized reuse of PD (e.g. photos) in a manipulative

context and/or editing or faking PD for harmful purposes.

[17, 185, 186, 189]


indirect data interferences which may reveal additional insight into the SNS user and result

in data manipulation, compromising the user (e.g. [195]).

While IA and limited user ability are pure SNS privacy aspects, data leakage is mainly a security

feature. Although the literature discussed above addressed security threats in SNSs and their

possible solutions, the scope of the upcoming framework is solely on privacy threats for SNS

users. A detailed list of SNS security attacks and possible technical solutions is provided e.g. in

the paper of Fire et al. [65]. Finally, the literature analysis revealed the privacy threats listed

above and their cause-effect relationships, as well as the following different PD types. All the

previously listed privacy threats exist to a different extent for all PD types:

a. Direct PD refers to data directly describing the SNS user, often entered by herself (e.g. name,

birthdate, and hometown).

b. Communication data describes data created and used by the SNS users for communication

(e.g. content and recipients of direct messages or postings on timelines and personal walls).

c. Images and videos stand for all photos, images and videos uploaded by users that show users

or sceneries which allow conclusions to be drawn about a user (e.g. locations) [185].

d. Meta data describes all data not directly entered but created by a certain SNS user and related

to her, such as time stamps of postings and messages, a history of articles and postings, login

stamps, and tracked movement on a website [188].

e. Location data is a delicate type of meta data that is listed as an extra data type. It describes

data which tracks the actual or past position of a user and creates a partial or complete

movement profile of her. Examples for location data are GPS coordinates, used Wi-Fi

connections, and geo tags of photos and videos [188, 194].

f. Health data are data which allow conclusions about the mental or physical health of a person.

This can be postings or photos showing current injuries, proving a hospital stay, or describing

Figure 10. Privacy Threat Cause-Effect Relationships.


the person’s feelings. Furthermore, data from wearables and fitness trackers showing the

fitness history of a user are considered health data [189].

g. Association data refers to all data which can provide information about a person’s network.

This could be a list of her friends, information about memberships in clubs and associations,

and photos and videos showing the person with other people or at certain events (e.g. a

political demonstration or a union meeting) [186].

4.1.3 Developing the Multidimensional Privacy Framework

To comply with the multidimensionality of user privacy outlined by the literature review above,

the general structure of the privacy framework is divided into three different dimensions. First,

SNS privacy is separated into three different conditions, each parted into two different

classifications. Thus, there are six different privacy classifications. Second, SNS privacy is

divided into seven different types according to Finn et al. [60]. Third, time as dimension is

introduced, sorting privacy decisions and measurements into the points of ex ante and ex post

according to subchapter 3.2.4. Thus, a three-dimensional framework for user privacy in SNS is

constructed (see Figure 11).

In the previously mentioned Acatech study, the authors categorized the privacy threats for SNS

into three major conditions “which have to be fulfilled in order to gain privacy protection”:

awareness, control, and trustworthiness. While “the formation of privacy preferences requires

user awareness of the privacy-relevant aspects of [SNS] policies and their potential impact”,

Figure 11. The Privacy Dimensions.


they further state that “the implementation of [user] preferences requires the users to be able to

appropriately control the policies and related processes in OSN that deal with their personal

data [...]”. Finally, the authors find that “trustworthiness of OSN in regard to compliance with

the applicable regulations is required” [47]. These conditions are adopted, including their

definitions, as the first horizontal layer of the privacy framework to address the different privacy

stages an SNS should fulfil for user privacy (see Table 8).

These three conditions can be separated in user-centric approaches provided by the SNO or

another identity and purely SNO-centric approaches. Therefore, the work of Netter et al. and

their classification of SNS privacy research are relevant [138], as the terms and definitions of

user awareness and transparency are used to substantiate the condition of awareness. Netter

et al. are followed, defining user awareness as the SNS user’s “attention, perception, and

cognition of the personal information others have received and how this information is or may

be processed” and corresponding transparency as “the user’s ability to be informed of

processing and dissemination practices” [138]. Thus, user awareness is considered a user-

centric approach based on the individual user’s attention, perception, and cognition which must

be preserved by privacy stimuli either by the SNO or by others [196]. Maintaining transparency

and providing all necessary information about PD collection and processing in a readable and

understandable way is an SNO responsibility. Transparency is useless without user’s interest

in privacy caused by user awareness, which is futile without the transparency to comprehend

the flow of PD.

The control condition is divided into the classifications of user enforcement on the SNS user

side and data sovereignty on the SNO side. Definitions for both are given by Netter et al., who

describe user enforcement as an SNS user’s intention and ability to bring her privacy

preferences into force [138]. In addition, “data sovereignty describes the extent to which an

individual is able to control the processing of his personal data”, where the mechanisms and

control options must be implemented by the SNO [138, 197].

The last condition, trustworthiness, is translated with the complex term accountability and

follows the conceptualization of Zimmermann [198] (see Figure 12). He argued that the

construct of accountability contains a core that includes the aspects of transparency,

controllability, and liability. Controllability requires agreed upon rules to follow for the SNO,

(e.g. given by correspondent legislation). He explained that a system “is transparent if its

behaviour can be observed and it provides information regarding its future behaviour”, it


“exhibits controllability if it allows determination whether it followed afore defined rules”, and

it “enables liability if it makes possible sanctions for noncompliance to agreed-upon rules”

[198]. Thus, accountability should enable SNS users and external institutions to comprehend

and control whether the SNO follows imposed policies and to sanction the SNO if she violates

those policies. Accountability is therefore a responsibility for the SNO and for its regulating

identity, while the SNO must provide the possibility of monitoring her actions to guarantee

accountability.

The Zimmermann concept of accountability completes the horizontal scale of the

multidimensional privacy framework, which contains three successive major conditions:

Awareness as a basis for successful control and accountability as a precondition for

trustworthiness. Moreover, awareness is split into user awareness as a basic user requirement

and transparency as a basic SNO requirement for establishing the first privacy condition.

Furthermore, the same is done for the second condition, control, which contains user

enforcement and the provision of data sovereignty on the SNO side. Finally, the third privacy

condition of trustworthiness is translated into monitoring and accountability, the power to

monitor and sanction the actions of the SNO regarding given policies (see Table 8).

Three major conditions for

privacy protection:

Aw

aren

ess

Contr

ol

Tru

stw

ort

hin

ess

Privacy classifications:

Use

r aw

aren

ess

Tra

nsp

aren

cy

Use

r en

forc

emen

t

Dat

a so

ver

eignty

Monit

ori

ng

Acc

ou

nta

bil

ity

Table 8. Horizontal Privacy Conditions and Classifications.

Figure 12. Conceptualization of Accountability as a Privacy Principle (taken from [196]).


The vertical dimension of the privacy framework should map the different types of privacy,

primarily but not exclusively for SNSs. Therefore, the categorization from Finn et al. is used,

which extended Clarke’s privacy categorization to seven different types of privacy that fit to

expand the framework on the vertical axis [60]:

Privacy of the person refers to Clarke’s definition of bodily privacy which is related to the

integrity of a person’s body [58]. Threats to this privacy type include “many medical and

surveillance technologies and practices” [60], such as fitness wearables which monitor and

record the physical health of an individual and data stored on a health insurance card. At first,

the privacy of the person and its examples have no intersection with user privacy in SNS.

However, various fitness wearables and their connected applications provide an opportunity to

connect their accounts to FB and other SNS accounts and share their user progress and health

data with friends. In addition, users tend to voluntarily share information about their health in

SNSs (e.g. in online self-help groups or conversations with their relatives and doctors) [199,

200]. Thus, SNSs contain a treasure of health data which is valuable for insurance companies

or potential employees, especially in combination with information about a user’s hobbies and

other health-related information.

For privacy of personal behaviour and action, the extended characterisation of Finn et al. is

used. This privacy type includes “sensitive issues such as sexual preferences and habits,

political activities and religious practices. Hence, anything that unintentionally reveals those

characteristics of a person can be considered a threat to this privacy type” [60]. This privacy

type also includes the visible actions of an individual which can occur in public. Therefore,

Clarke’s restriction is followed, which differs between the random observation of revealing

behaviour in public, and the systematic recording and storage of correspondent information and

data [58]. For SNSs, the first could include accidentally capturing a person in a photo of a public

demonstration that was uploaded by another user. The second represents the (semi)automatic

detection and tagging of that person within the SNS or any other action which reveals the

preferences, habits, and activities through BD analysis.

The term privacy of personal communication stands for the inviolability of all kinds of

communication, verbal and digital, including personal messages in an SNS, video-calls, and

conversations overheard by the SNS’s smartphone application.


Similarly, the privacy of data and image is evident, as it contains the privacy of all PD and

images including “concerns about making sure that individuals’ data is not automatically

available to other individuals and organisations” [60]. This includes self-added images and

data as well as images and data added by third parties about a specific SNS user.

The privacy of thoughts and feelings type is more abstract and represents the creative freedom

of individuals and their right to think whatever they like, as well as their right to be sure that

their thoughts and feelings are not revealed to others against their will and without their

knowledge. Threats to this privacy type are closely connected to the privacy of personal

communication and the privacy of personal behaviour and action, because leakage in one can

allow conclusions about someone’s thoughts or feelings. Moreover, leading SNSs such as FB

motivate their users to share their feelings via supplements to their postings or emoticons.

Hence, a targeted compilation of those expressions can detect a user’s feelings and represent

also a threat to this privacy type [201].

Privacy of location and space stands for the right of individuals not to reveal their current

location and their movement profile, and SNSs contain several threats to this type of privacy.

First, users may reveal their past location via negligent postings, messages, photos, and videos.

Second, FB encourages its users to post their location and search for nearby friends, revealing

that location to the SNO and potential advertisers [202]. Third, third parties can resort to this

location data by promoting advertisement to users at a certain location and draw conclusions in

case of their positive response [203]. Finally, SNS applications on smartphones may share the

location data with the SNO which is unnoticed by their user.

Privacy of association “is concerned with people’s right to associate with whomever they

wish, without being monitored” [60].This right is often forgotten but is crucial to a modern

democratic society. It covers the right of individuals to decide whether their membership in

parties or unions is revealed and to whom. Threats to this privacy type by SNSs range from the

simple violation of the privacy of personal communication or data and images to drawn

inferences from meta data analysis which reveal people clustered within the same group

membership.

Until now, the privacy framework has been a compilation of the three privacy conditions from

Buchmann et al. [47] and the core of the four privacy classifications from Netter et al. [138],

hierarchically ordered and supplemented by the accountability construct of Zimmermann [198]


on the horizontal axis, and specified by the seven types of privacy of Finn et al. [60] on the

vertical axis. The final dimension added now is time separated in ex ante and ex post as

described subchapter 3.2, which makes the framework unique compared to all former versions.

Ex ante stands for the point in time before the user enters the data or even joins an SNS. For

the privacy type of personal communication, this time frame adapts to the different privacy

classifications as follows: Before the user sends a message, is she aware that the message or the

sense of its content may be revealed to third party (e.g. for marketing purposes)? Does the SNO

provide the transparency, which enables the user to comprehend if and in which matters her

data is analysed and used? Can the user change correspondent settings before sending a message

to prevent data disclosure, and does the SNO provide appropriate controls to guarantee this data

sovereignty to the user? The steps of compliance monitoring and corresponding accountability

can also be fulfilled ex ante, either through signalling by the SNO or screening by external

services (cf. subchapter 3.2.4). However, they are only integrated ex post for the framework

because the actual monitoring and liability of the SNO are only feasible after data flow.

Accordingly, ex post stands for the point in time after a user has entered certain data or joined

an SNS. The example of the privacy of personal communication is useful again, as ex post user

awareness means that the user is conscious that her message could have been passed to third

parties or been mechanically analysed. The transparency classification means that the SNO

provides suitable information in a comprehensible way to the user. Furthermore, ex post user

enforcement stands for the ability of the user to change the appropriate settings afterwards, and

data sovereignty indicates that the SNO must provide suitable tools. Finally, the ex post

perspective allows for the corresponding monitoring of the SNO’s compliance with an ex ante

agreed upon data policy and the SNO’s implementation of the ex post user-made changes. In

the case of violations, the SNO must be held accountable ex post by an external authority (e.g.

a government institution).


Table 9 presents the complete multidimensional privacy framework. The three privacy

conditions are each subdivided into two privacy classifications as depicted on the horizontal

axis, and the privacy classifications are subdivided in time as depicted on the vertical axis.

Three conditions for privacy

protection:

Aw

aren

ess

Contr

ol

Tru

stw

ort

hin

ess

Typ

es o

f P

riva

cy

Privacy

classifications: P

oin

t in

Tim

e

Use

r aw

aren

ess

Tra

nsp

aren

cy

Use

r en

forc

emen

t

Dat

a so

ver

eignty

Monit

ori

ng

Acc

ounta

bil

ity

I. Person Ex ante

Ex post

II. Behaviour and Action Ex ante

Ex post

III. Personal

Communication

Ex ante

Ex post

IV. Data and Image Ex ante

Ex post

V. Thoughts and Feelings Ex ante

Ex post

VI. Location and Space Ex ante

Ex post

VII. Association Ex ante

Ex post

Table 9. The Multidimensional Privacy Framework.


4.1.4 Framework Range of Coverage

In this section, the main threats to user privacy in SNSs identified in in the literature review are

matched and assigned to the different dimensions of the privacy framework. Which identified

threats and types of PD are covered by which types and classifications of the privacy framework

are shown to demonstrate its range of coverage. The objective is to illustrate that a policy which

fulfils all aspects of the framework will also tackle all major threats for user privacy in SNS

and beyond.

The different types of PD seem to align with the privacy types of the framework: Direct PD (a)

matches with privacy of data and image (IV), and privacy of personal communication (III)

contains communication data (b). Images (c) are also part of the privacy of data and image

(IV), and privacy of location and space (VI) covers location data (e). Health data (f) belongs

to the privacy of the person (I), and privacy of association (VII) coincides with association

data (g). Only meta data (d) cannot be directly assigned to one privacy type. As explained,

meta data covers a wide range of accrued indirect data about a specific SNS user from traced

browser history, tracked cursor movement, and IP detail records. Thus, meta data is contained

in different privacy types, including privacy of the person (I), privacy of personal behaviour

and action (II), and privacy of location and space (VI).

While the diverse data types are reflected in the seven different types of privacy, the various

privacy threats are covered by a combination of the framework’s privacy classifications and the

time points. For clarification, the detailed coverage is explained in the following paragraphs.

Since IA, limited user ability, and data leakage are the causes for the subsequent threats, the

analysis begins with those.

To avoid IA (1), the ex ante and ex post privacy condition of awareness must be fulfilled, and

with it the classifications of user awareness and transparency for all different privacy types.

Moreover, SNS users must be fully aware of and informed about all SNO activities related to

the seven privacy types (and those which might come in the future). All information that is

necessary to comprehend the range of these different types and make an appropriate decision

for their privacy preferences must be provided to the users by the SNO. Correspondingly, the

SNO must provide ex post and ex ante transparency regarding data revelation, collection, usage,

and transfer.


To evade limited user ability (2), the ex ante and ex post characteristics of the control

condition, the classifications of user enforcement and data sovereignty, must be complied with

for all seven types of privacy. Thus, SNS users (user enforcement) must be provided with the

appropriate controls (data sovereignty) to state their preferences regarding data disclosure,

collection, use, and transfer for all data types across the different privacy and data types. Finally,

the SNO must be monitored and held accountable for her compliance with the users’ preferences

if necessary.

Although data leakage (3) cannot be fully avoided, an SNO must do everything possible to

secure all data flows with state-of-the-art technology and check that all partners to whom data

is transferred do the same. In addition to ex ante user awareness for the general threat of data

leakage and the responsible handling of their data, the only other privacy classifications

containing the aspect of protection against data leakage are SNO monitoring and

accountability. SNS users and/or a third authority must monitor the SNO for compliance of

data security and hold the SNO accountable in the case violation or carelessness.

To avoid an unintended audience (4) for all types of privacy, the ex ante classifications of user

awareness, transparency, user enforcement and data sovereignty are necessary. The SNS users

must be aware of the possibility of an unintended audience, which is only possible in

combination with correspondent SNO transparency about which data is revealed to whom.

Furthermore, users must control these conditions upfront before revealing their data (user

enforcement), and need appropriate controls provided by the SNO (data sovereignty).

Compliance with all these conditions ex post is also advantageous, but does not include

protection against the initial unintended audience.

The avoidance of PD use for (unintended and unauthorized) secondary purposes (5) must

fulfil the same conditions as the avoidance of an unintended audience (4), except the ex post

aspects are highly relevant. If a user decides later to restrain the use of certain data for secondary

purposes the SNO and the third services that have received that data must obey. In addition to

ex ante privacy classifications, all ex post classifications are relevant including monitoring and

accountability to ensure that the SNO and third services followed the user’s instructions.

The drawing of direct and indirect interferences of PD (6 & 7) can be contemplated together.

Ex ante user awareness, SNO transparency, user enforcement, and data sovereignty are

important for all seven privacy classifications. Furthermore, SNS users must be aware of and


have the option to decide whether interferences may be drawn from their entered data and from

data others have entered concerning them. The possibility to change these initial decisions ex

post must also be provided. Moreover, compliance with SNS users’ choices must be monitored,

and the SNO must be held accountable when required, and all aspects of the framework are

affected.

To avoid data manipulation (8), all ex post classifications of the privacy type data and image

(IV) must be complied with. However, because of the rising trend towards using pictures and

videos instead of text for communication and the possibility of communication manipulation

by adding or hiding essential text parts to manipulate the meaning of a message, the conditions

can be extended to the privacy of personal communication (III). Other sorts of data

manipulation are also possible. Health data (f) and the privacy of thoughts and feelings (V)

can be manipulated and misused, and connections that enable conclusions about membership

in associations (VII) can be manipulated or faked. In summary, all seven types of privacy can

be affected by data manipulation, and SNS users must be aware of the threat of reusing their

posted data, images, or messages. A correspondent transparency must be provided by the SNO.

Moreover, users need to be provided with the correspondent controls (data sovereignty) to

comprehend and change the reuse of their data, and must be competent to use them (user

enforcement). Finally, SNS users or a third authority must monitor the SNO for compliance

with these changes and the correspondent data use and data security, and hold the SNO

accountable in the case of violation or carelessness.

Figure 13 summarizes how the identified privacy threats are embracing the multidimensional

framework on different axes. The three conditions for privacy protection on the horizontal axis

and the seven types of privacy on the vertical axis are affected. As described above, the third

axis represents the time one is affected by identified privacy threats ex ante and ex post. Thus,

a privacy policy or legislation fulfilling all fields of the multidimensional privacy framework

has addressed all identified privacy threats including all noted types of PD.


Figure 13. Privacy Threats Embracing the Framework.

4.1.5 Framework Discussion

The presented conceptual privacy framework is a qualitative tool for identifying all relevant

privacy types and conditions of classifications for user privacy in SNSs. Based on

corresponding literature reviews, it combines state-of-the-art theories on online privacy with

recent research results and a new and unique approach which includes time as a privacy

dimension. The framework’s field of application is broad, as it can be used to evaluate whether

privacy policies and legislations cover all important aspects of SNS user privacy. Furthermore,

in combination with the identified threats and data types, the framework can be utilised as a

pattern to find and classify privacy threats and resulting attacks for SNS PIAs or as a basis for

SNS PBD approaches.

However, the presented framework does not include a quantitative measurement to display how

extensively the different privacy spheres are fulfilled, and it does not contain technical solutions


to the identified privacy threats. Additional quantitative options and a list of technical solutions

were not implemented because that would have gone beyond the initial scope and made the

framework excessively complex. Respective quantitative approaches to online privacy subareas

are provided by Trepte et al. [182], Petkos et al. [183], and Zeng et al. [184], and technical

solutions can be found in the work of Zhang et al. [17], Henne et al. [194], and Fire et al. [65].

The relevance of the presented framework is demonstrated by recent debates about privacy

legislation. The ongoing discussion about the recent European GDPR, its implementation in

national law, and its efficacy to protect user privacy against companies such as SNOs and

against the state highlights the application area of this work [85, 204, 205]. Moreover, privacy

legislations are also up to debate in Australia due to the recently published Data Availability

and Use Report of the Australian Productivity Commission and the included Comprehensive

Right for consumers [206].

SNSs such as FB and other online MSPs such as Google are implementing privacy policies and

controls that are compliant with these regulations [31]. However, it is unclear whether these

provisions fulfil the regulation’s conditions and whether the companies can be monitored and

held accountable if required. This demonstrates another field where the presented privacy

framework could be of use.

4.1.6 Potential Applications and Implications

In this subchapter, a conceptual, multidimensional privacy framework for online privacy for

SNSs was provided. The three dimensions consist of seven different types of privacy, three

different privacy conditions that are each subdivided into two stages and the time of ex ante and

ex post. This concept is based on a combination of prior work on the nature of online privacy

which was identified through a literature review. Furthermore the framework covers the eight

major privacy threats for SNS users for all identified seven types of PD. These threats and data

types were also identified from the literature.

The multidimensional privacy framework can be used to qualitatively evaluate whether privacy

policies and legislation and the corresponding provisions cover all relevant aspects of user

privacy in SNSs. The conceptual framework represents a combination of the state-of-the-art in

privacy research but is not an ultimate and fixed construct. New developments in technology

and social media businesses will make adapting the framework a necessity in the medium term.


Some of the identified privacy threats and parts of the privacy framework have already been

addressed by major online companies such as FB and Google with newly implemented privacy

controls and transparency instruments (e.g. FB privacy controls and activity protocol; Google

MyAccount). However, there is still room for improvement regarding the new privacy types

including privacy of thoughts and feelings and privacy of association. Recent incidents, such

as the misuse of a refugee’s selfie with German chancellor Angela Merkel by right-wing

populists on FB [195] and the detection of political preferences such as anti-Semitism on FB

[207], show that not all known privacy threats are satisfactorily addressed. Furthermore, the

presented brain-computer interfaces with FB’s recent developer conference f8 indicates that the

aspects of the privacy of thoughts and feelings will become more important for the future

development of privacy, and that new privacy threats will likely occur [208].

The responsibility of privacy actions emerging from the framework require discussion and

future research. For instance, it is unclear which institution has the jurisdiction and competence

to raise general user awareness and teach the corresponding user enforcement. There are several

points to consider regarding whether this should be done by SNOs, governmental institutions,

or third services and non-governmental organisations (NGOs). The same questions arise for the

responsibility for monitoring and accountability. The opportunity for monitoring must be

provided by the SNO, and the legal framework ensuring the SNO’s liability must be

implemented by national or supranational legislation. However, SNS users still seem unable to

monitor their SNOs, and this is a service which could be provided by third companies, NGOs,

or a state agency. Recently introduced national and supranational privacy regulations such as

the European GDPR and its implementation into the national law of the European Member

States are potential evaluation targets for the presented framework [34].


4.2 The EU Approach to Privacy

A credo for the digital community should be “we are all social network members”.

Approximately 67% of worldwide internet users are members of an SNS. At least 50% of the

digital community participates actively in the largest SNS, FB, and there are other large SNSs

including the Chinese platforms QZone and Weibo, and the Russian network VK. Focusing on

the EU, 63% of its internet users and 50% of the total EU population participates in SNSs. Thus,

the topic of user privacy in SNSs is relevant for at least 2.5 billion people worldwide and 206

million in the EU, and these numbers are rising [23, 24, 209, 210].

A promising attempt for privacy regulation in SNSs is provided by the recently enacted EU

GDPR. After more than five years of negotiations, the European Parliament finally adopted the

GDPR on 14 April 2016. On 25 May 2016, it entered formally into force, but the national

legislators have until 25 May 2018 to implement it into their respective national law, due to

various opening clauses that give Member States a margin of discretion in the application of

the regulation [34]. Although the GDPR mainly focuses on data protection, it also contains

regulations in the privacy field. Hence, it is worthwhile to analyse whether the GDPR is able to

regulate the main privacy threats in the SNS businesses.

Consequently, this subchapter analyses the GDPR from an IS and legal viewpoint, focusing on

its impact on privacy in SNSs. In detail, the following analysis examines the GDPR obligations

for SNOs regarding the business to customer (i.e. the SNO to SNS user) privacy relationship.

For simplicity, the challenges of international data transfer as well as data transfer to private

third parties are excluded. The assessment is following the example of discursive technology

assessments in accordance with [211]. First, a short introduction to the GDPR and the

presentation of its privacy relevant sections will be provided. The regulation impacts on SNS

privacy are then examined by using the framework from subchapter 4.1 to examine the relevant

GDPR coverage. Finally, the legal and economical capability of the GDPR, and the technical

feasibility of its measurements will be discussed by means of recent literature and scientific

findings to answer RQ3 about whether the legislation provides a regulatory solution for user

privacy in SNSs and what its influence on the SNS market is (cf. subchapter 1.3).


To build the framework for this analysis, apart from the definitions given in subchapter 1.1, the

following legal terms must be clarified. The GDPR definition of PD was presented in

subchapter 1.1.1. Furthermore, the definition of SNS in subchapter 1.1.2 is congruent with the

term filling system, defined by the GDPR as “any structured set of personal data which are

accessible to specific criteria” [34]. Moreover, the given definition of the SNO (cf. subchapter

1.1.3) fulfils in general the role of the recipient “to which the personal data are disclosed”, and

the controller “which determines the purposes and means of the processing of personal data”

according to the GDPR. Finally, if the collected PD is transferred by the SNO to third parties

for processing, those third parties constitute the role of the processor which “processes personal

data on behalf of the controller” [34].

4.2.1 Related Literature

Concerning the legislation, in 1998 Allaert et al. showed various system implications of the

former EU Data Protection Directive [86], and Tan provided an overview of the pre-GDPR

status in 1999 [212]. In 2012 and 2013, various scholars analysed the first GDPR proposal and

its possible effects on data security and privacy [204, 213–217]. A recent analysis of the actual

GDPR was done by Ciriani concerning the economic impacts [84]. Moreover, Kiss and Szoke

as well as Kolah and Foss investigated the impacts of and progresses on data security of the

GDPR in 2015 [218, 219]. Newman examined the GDPR’s right to be forgotten and its

consequences [205] and one year later, Ryz and Grest demonstrated why the GDPR will lead

to a new era of data protection compared to former legislations [85]. Finally, Hansen elaborated

the GDPR provisions of privacy by design and privacy by default and their potential impact on

data processing in Europe and beyond [88]. However, no researcher have explicitly examined

the GDPR impact on privacy in SNSs, and the following work provides a new and unique

analysis approach to the new EU regulation.


4.2.2 Recapitulation: The Multidimensional Privacy Framework

As a tool for structuring and evaluating the relevant parts of the GDPR, the multidimensional

privacy framework is used as introduced in subchapter 4.1. It conceptualized privacy as a three-

dimensional construct including three privacy conditions with six different classifications, the

seven different privacy types of Finn et al., and two points in time (i.e. ex ante and ex post)

[60]. The framework is a result of an analysis and merger of the state-of-the-art privacy

definitions and concepts in psychology and information systems focused on SNS. Thus, this

privacy framework is best suited to evaluate whether a legislation such as the GDPR covers all

relevant factors of SNS privacy. The framework’s three privacy conditions and their

specifications are briefly explained in this subchapter to structure the following analysis of the

GDPR. In the subsequent subchapter, the seven privacy types of Finn et al. and the framework’s

two time points are explained in detail and used to evaluate and discuss the findings.

The framework’s major privacy conditions are drawn from the Acatech study by Buchmann et

al. [47]. The authors stated that the three conditions awareness, control, and trustworthiness

“have to be fulfilled in order to gain privacy protection in OSNs” [47]. To specify these three

conditions, they are each divided into a user-centric and an SNO-centric approach (cf. Table 8).

Awareness originally referred to “the users knowing and understanding which personal data

about them is available to the SNS” and how this data is stored, transferred, and/or used [47].

It is subdivided into user awareness, representing the user’s attention, interest, and capability

for this issue, and transparency, illustrating the necessary tools and information provided by

the SNO to understand and comprehend the amount and flow of SNS’s collected data. The user

awareness must be an intrinsic motivation or be triggered by an outside institution such as

school education, governmental, or NGO campaigning while transparency is an SNO duty

which the provider must be held accountable for.

Furthermore, control is originally defined as the opportunity for SNS users to implement their

privacy preferences [47]. It is subdivided into user enforcement, representing user’s skills to

translate their privacy preferences into actions and implement them with the corresponding SNS

options which are illustrated with data sovereignty. Data sovereignty stands for the necessary

tools provided by the SNO for users to implement their privacy preferences, and for the range

of coverage of those tools in terms of controlling, correcting, and deleting user data at the user’s


will. The first condition of user enforcement does not need to be taught by the SNO, as it can

be taught in schools, other institutions, or by self-learning.

The last condition represents the SNO’s trustworthiness “to implement an appropriate level of

privacy protection”. However, as several researchers have stated, there is a conflict between the

SNO’s goal of increasing profits and the duty to implement privacy protection [29, 31, 220].

Therefore, the condition is subdivided into the classifications of monitoring and accountability.

The apportionment breaks with the user-centric and SNO-centric order here. Monitoring

represents the SNO’s obligation to disclose its actions transparently and comprehensibly to the

correspondent supervision for accountability, and the opportunity to sanction an SNO for

noncompliance to agreed-upon rules. The first requires an authority which is authorized and

can inspect the data flows of an SNS without threatening its business secrets and

competitiveness. The second requires comprehensible rules or legislations for SNSs that are

stated and enforced by a higher authority.

4.2.3 The GDPR: Genesis, Structure and Aim

This subchapter provides an overview of the legislation components that are relevant to SNS

privacy. The privacy-relevant articles of the GDPR are assigned to the three conditions of

privacy identified in the multi-dimensional privacy framework described above: awareness,

control, and trustworthiness.

The GDPR replaces Directive 95/46/EC (the Data Protection Directive) and harmonises data

protection and privacy law within the EU. Its major achievements regarding privacy law are the

extension and strengthening of existing rights of the data subject, and the creation of new rights

such as the “right to data portability”[Art.20] and the much-debated right to be forgotten

[Art.17]. The GDPR applies to EU companies, and to controllers and processors that are not

established in the EU, where “it is apparent that the controller or processor envisages offering

services to data subjects in one or more Member States in the Union” [34], or when the

processing is related to monitoring the behaviour of such data subjects in so far as their

behaviour occurs within the Union (see Art.3). Therefore, international SNSs such as FB,

Twitter, and YouTube are also targeted.


4.2.3.1 Awareness and Transparency: Information Obligations of the Controller and

Processor

The first privacy condition is awareness divided into user awareness and transparency,

describing the pre-condition for the exercise of rights attributed to the data subject respectively

the SNS user. While, as described above, awareness relates to an intrinsic motivation of the

data subject – which cannot be claimed, but only be supported by the legislator, transparency

corresponds to the duty of the controller and the processor and can be enforced by imposing

information obligations. In fact, increased information leads to knowledge of the data subject

and eventually enhanced user awareness.

The GDPR sets out its core principles in Art.5. The importance and value of transparency as a

principle relating to the processing of PD is demonstrated by the fact that it is listed, together

with lawfulness and fairness, at the very beginning of Art.5, stating that PD shall be “processed

lawfully, fairly and in a transparent manner in relation to the data subject” [Art.5.a].

Art.6 is a central provision that also touches on transparency aspects. According to Art.6.1.a,

“processing shall be lawful only if and to the extent that […] the data subject has given consent

to the processing of his or her personal data for one or more specific purposes”. The informed

consent of the data subject generally is a precondition for the lawfulness of data processing.

However, in the absence of consent of the data subject, Art.6 allows the data processing under

certain other circumstances. Art.7.2 sets out the conditions for consent and stipulates that “if the

data subject's consent is given in the context of a written declaration which also concerns other

matters, the request for consent shall be presented in a manner which is clearly distinguishable

from the other matters, in an intelligible and easily accessible form, using clear and plain

language”. According to Art.7.3, the data subject shall be informed of the fact that “the

withdrawal of consent does not affect the lawfulness of processing based on consent before its

withdrawal”. Art.8 concerns the conditions applicable to child’s consent in relation to

information society services.

The key article regarding awareness and transparency is Art.12. Art.12.1 stipulates that

controllers need to provide any information “in a concise, transparent, intelligible and easily

accessible form, using clear and plain language”. In addition, Art.12.3 obliges the controller

“to provide the information without undue delay and in any event within one month of receipt

of the request of the data subject”. According to Art.12.4, the controller needs to inform the data


subject of any reasons for not taking action and on the possibility of lodging a complaint and

seeking a judicial remedy. The information must be provided free of charge if the request is not

manifestly unfounded or excessive, Art.12.5.

Articles 13 and 14 concern the information duties of the controller, on the one side where PD

is collected from the data subject [Art.13], on the other hand where PD has been obtained

indirectly by thirds [Art.14]. The information obligations are relatively extensive and cover,

inter alia, the identity and contact details of the controller [Art.13.1.a], the purposes of the

processing for which the PD is intended as well as the legal basis for the processing [Art.13.1.c],

“the legitimate interests pursued by the controller or by a third party” [Art.13.1.d] and the

recipients or categories of recipients of the PD [Art.13.1.e]. In case “the controller is able to

demonstrate that it is not in a position to identify the data subject, the controller shall

nevertheless inform the data subject accordingly, if possible” [Art.11.2].

The controller is also obliged to inform the data subject – “at the latest at the time of the first

communication with the data subject” – about the “right to object to the processing of PD”

according to Art.21.1 and 2. This information must be presented clearly and separately from

any other information [Art.21.4]. Another reference to transparency can be found in the

definition of consent in [Art.4.11]: According to this article, consent “means any freely given,

specific, informed and unambiguous indication of the data subject's wishes”.

These provisions target the controller and processor’s duty to fully inform the data subject about

the content and amount of the data which is collected and fall under the transparency aspect of

the framework. They safeguard the data subject’s right to information and thereby enable her

in the first place to enforce her rights. Indirectly, they also touch the framework’s condition of

privacy awareness, because an increase in information of the data subject necessarily leads to

greater attention and care about own rights. In addition, also Art.57 should be mentioned. It

regulates the tasks of Independent supervisory authorities, provided by the correspondent EU

member states. In particular, Art.57.1.b mentions the duty to “promote public awareness“.

Hence, the responsibility to raise user privacy awareness is given into state hands and is no

obligation of the data controller or the processor.


4.2.3.2 User Enforcement and Control: The Data Subject’s Rights

The GDPR not only contains obligations on the controller and processor, but also inversely

encloses rights of the data subject to be informed. In fact, the concept of privacy reveals itself

in law through the attribution of certain enforceable rights to individuals, in the case of the

GDPR through the attribution of rights to “data subjects”. All the rights of data subjects

enshrined within the GDPR flow from the fundamental right of the protection of PD as

established in Article 8 of the Charta of Fundamental Rights of the EU (CHFR) as well as

Article 16.1 of the Treaty on the Functioning of the European Union (TFEU). It is important to

note that the GDPR particularly protects special categories of PD. First, the processing of

certain highly sensitive data such as PD revealing racial or ethnic origin is generally forbidden

[Art.9.1] and in particular protected (e.g. Art.6.4.c, 17.1.b, 20.1.a and 22.4). Second, the

processing of PD relating to criminal convictions and offences is also given special protection

[Art.10].

The GDPR dedicates an entire chapter [Chapter III, Art.12-23] to the rights of the data subject,

which is subdivided into sections on transparency and modalities, information and access to

PD, rectification and erasure, the “right to object and automated individual decision-making”,

and restrictions. Articles 12 to 14 address transparency and information obligations of the

controller and therefore have been considered afore. However, it is worth noting that according

to Art.12.2, the controller shall facilitate the exercise of data subject rights.

The data subject’s rights start in Art.15 with the right of access, which lays down that “the data

subject shall have the right to obtain from the controller” confirmation as to whether or not PD

concerning her are being processed. Further, where that is the case, access to the PD must be

given as well as certain other enumerated information such as the purposes of the processing

and the categories of PD concerned, the recipients to whom the data have been or will be

disclosed or the period for which the PD will be stored. In addition, according to Art.15.2, “the

data subject shall have the right to be informed of the appropriate safeguards” where PD is

transferred to a third country or to an international organisation. Art.15.3 sets out the right to

obtain a copy of the PD undergoing processing. Art.16 gives data subjects the right to obtain

from the controller without undue delay the rectification of inaccurate PD concerning her and

the right to have incomplete PD completed.


One of the most-debated rights is the “right to erasure” laid down in Art.17, which is more

commonly known as right to be forgotten. It contains both a “right to erasure” for the data

subject as well as an obligation to erase for the controller when certain enumerated grounds

apply. This article has undergone major changes during the legislation procedure. The first

proposal provided for a full right to be forgotten, which was then changed to a right of erasure

until the adoption. Only in Art.17.2 one can still see roots of the concept of the right to be

forgotten when the controller, when it has made the PD public and is obliged pursuant to

paragraph 1 to erase the data, shall take reasonable steps “to inform controllers which are

processing the personal data that the data subject has requested the erasure by such controllers

of any links to, or copy or replication of, those personal data”. The concept of such a right had

already been enshrined in Art.12 of the Data Protection Directive and it was the European Court

of Justice, which, ruling on this Directive in May 2014, gave individuals the right – under

certain conditions – to ask search engines to remove links with personal information about them

(Case C-131/12 - Google Spain). According to the court, this applies where the information is

inaccurate, inadequate, irrelevant or excessive (para 93 of the ruling). Art.17.3 lays down

limitations of the “right to erasure” when the processing is necessary for certain reasons such

as the exercise of the right of freedom of expression and information.

Art.18 attributes the “right to restriction of processing” under certain conditions, also subject

to limitations. Art.19 obliges the controller to communicate any rectification or erasure of PD

or restriction of processing “to each recipient to whom the personal data have been disclosed,

unless this proves impossible or involves disproportionate effort”. Upon request of the data

subject, “the controller shall also inform the data subject about those recipients”.

Art.20 lays down the new “right to data portability”, giving data subjects the right to receive

the PD which she has provided to a controller in a structured, commonly used and machine-

readable format and giving the right to transmit those data to another controller without

hindrance from the controller for which the data have been provided. Where technically

feasible, “the data subject shall have the right to have the PD transmitted directly from one

controller to another” according to Art.20.2.

Art.21 awards the “right to object”, on grounds relating to her particular situation, at any time

to processing of PD which is either necessary “for the performance of a task carried out in the

public interest or in the exercise of official authority vested in the controller” of which is

necessary for the purposes of “the legitimate interests pursued by the controller of by a third


party”. “The controller is no longer allowed to process the personal data unless the controller

demonstrates compelling legitimate grounds for the processing which override the interests,

rights and freedoms of the data subject or for the establishment, exercise or defence of legal

claims” [Art.21.1]. Art.21.2 expressly mentions the “right to object” where PD are processed

for direct marketing purposes, which includes “profiling to the extent that it is related to such

direct marketing”. Art.21.6 enables the data subject to object to processing of data for scientific

or historical research purposes “or statistical purposes, unless the processing is necessary for

the performance of a task carried out for reasons of public interest”. Finally, Art.22 gives data

subjects the right not to be subject to a decision based solely on automated processing, including

profiling, which produces legal effects concerning her or similarly significantly affects her.

Certain very sensitive data is particularly protected according to Art.22.4.

According to Art.26.3, where there are joint controllers as defined in Art.26.1, the data subject

is entitled to “exercise his or her rights under the Regulation in respect of and against each of

the controllers”.

In addition, articles 6, 7 and 8 which have been discussed above can also be named here. They

do not contain data subject’s rights, but set out that the processing of PD generally requires the

data subject’s informed consent and enumerate the conditions for a lawful processing of PD.

According to Art.7(2), the data subject has the right to withdraw her consent at any time, which

explicitly does not have an effect on the lawfulness of processing based on consent before its

withdrawal.

4.2.3.3 Monitoring and Accountability: Provisions on remedies, liability and penalties

as “flanking measures”

The following sections focus on the third layer of the privacy framework, which deals with the

trustworthiness of the SNO “to implement an appropriate level of privacy protection” [47]. As

described before, this privacy condition can be further subdivided into the privacy

classifications monitoring and accountability. Where accountability describes the possibility

to sanction an SNO for non-compliance to agreed-upon rules, monitoring focuses on the SNO’s

obligation to disclose its actions transparently and comprehensibly to a supervision authority.

Both aspects are incorporated within the GDPR.


In order to effectively enforce her privacy rights, the data subject needs regulations on remedies,

liability and penalties. The general principle of accountability of the controller is laid down in

Art.5.2: “The controller shall be responsible for, and be able to demonstrate compliance with,

paragraph 1 (‘accountability’).” Art.5.1 enumerates the GDPR’s main principles relating to the

processing of PD: lawfulness, fairness and transparency, purpose limitation, data minimisation,

accuracy, storage limitation and integrity and confidentiality.

Furthermore, the Chapter IV GDPR is dedicated to the controller and the processor. The first

article of this chapter, Art.24, addresses the responsibility of the controller as a general

obligation: “the controller shall implement appropriate technical and organisational measures

to ensure and to be able to demonstrate that processing is performed in accordance with this

Regulation. Those measures shall be reviewed and updated where necessary.” Unless

disproportionate to the processing activities, the referred measures “shall include the

implementation of appropriate data protection policies by the controller” according to Art.24.2.

Art.24.3 further stipulates that “adherence to approved codes of conduct as referred to in Article

40 or approved certification mechanisms as referred to in Article 42 may be used as an element

to demonstrate compliance with the obligations of the controller”.

Another central provision is Art.25, which obliges the controller to “implement appropriate

technical and organisational measures, such as pseudonymisation, which are designed to

implement data-protection principles, such as data minimisation, in an effective manner and to

integrate the necessary safeguards into the processing in order to meet the requirements of this

Regulation and protect the rights of data subjects.” In doing so, the controller shall take account

“the state of the art, the cost of implementation and the nature, scope, context and purposes of

processing as well as the risks of varying likelihood and severity for rights and freedoms of

natural persons posed by the processing” [Art.25.1]. In addition, Art.25.2 obligates the

controller to ensure that only the PD “which are necessary for each specific purpose of the

processing are processed”. This obligation is quite extensive as Art.25.2 clarifies that this

obligation “applies to the amount of personal data collected, the extent of their processing, the

period of their storage and their accessibility”. Finally, sentence three of that paragraph deals

with default settings and requires that “such measures shall ensure that by default personal data

are not made accessible without the individual's intervention to an indefinite number of natural

persons”.


Art.26 concerns the special case of joint controllers, i.e. “two or more controllers jointly

determining the purposes and means of processing”, and is mentioned for completeness. The

GDPR does not only consider the controller and it responsibilities, but also the processor (cf.

introduction of 4.2). Articles 28 and 29 deals with the specific obligations imposed on the

processor and on the controller when it delegates the processing to a processor. The controller

and the processor are furthermore obliged to “implement appropriate technical and

organisational measures to ensure a level of security appropriate to the risk” as set out in detail

in Art.32, including, inter alia, “the pseudonymisation and encryption of personal data”

[Art.32.1.a].

All the articles mentioned above concern the accountability aspect of trustworthiness as

defined in the privacy framework. They clarify that the controller and processor can be held

liable for infringements of the data subject’s rights. The GDPR also contains provisions on the

monitoring privacy classification, dealing with the SNO’s obligation to disclose its actions to

the supervisory authority. According to Art.30.1 the controller “shall maintain a record of

processing activities under its responsibility” which must contain a list of information such as,

for example, “the name and contact details of the controller and, where applicable, the joint

controller, the controller's representative and the data protection officer” (DPO) as well as the

purposes of the processing. According to Art.30.2, similar obligations are imposed on the

processor. The record must be made available to the supervisory authority on request [Art.30.4].

It is important to note that the obligation to maintain a record of processing activities does –

subject to certain exceptions – “not apply to an enterprise or an organisation employing fewer

than 250 persons” [Art.30.5]. The controller, the processor and their representatives are under

a duty to cooperate with the supervisory authority on request [Art.31].

Of course, the controller is also obliged to notify any PD breach to the competent supervisory

authority, “unless the personal data breach is unlikely to result in a risk to the rights and

freedoms of natural persons” [Art.33.1]. Such a notification must be performed, “where

feasible, within 72 hours after having become aware of the data breach” and when this time

has lapsed, the notification must be accompanied by the reasons for the delay [Art.33.1]. The

minimum information which must be contained within the notification are set out in Art.33.3.

According to Art.33.4, the controller “shall document any personal data breaches, comprising

the facts relating to the personal data breach, its effects and the remedial action taken” to

“enable the supervisory authority to verify compliance with this Article.”


The monitoring privacy classification also exists in Art.34 which obliges “the controller to

communicate the personal data breach to the data subject without undue delay when the

personal data breach is likely to result in a high risk to the rights and freedoms of natural

persons.” Paragraph 3 of Art.34 sets out important exceptions from this obligation for the

controller. For example, where “the controller has taken subsequent measures which ensure

that the high risk to the rights and freedoms of data subjects referred to in paragraph 1 is no

longer likely to materialise”, the notification of the data subject is not required [Art.34.3.b].

According to Art.34.4, the supervisory authority can – having considered the likelihood of the

PD breach resulting in a high risk – require the controller to communicate the breach to the data

subject.

Section three of the chapter on the controller and the processor address the data protection

impact assessment (DPIA) [Art.35] and prior consultation [Art.36]. A DPIA is required by the

controller prior to the processing “where a type of processing in particular using new

technologies, and taking into account the nature, scope, context and purposes of the processing,

is likely to result in a high risk to the rights and freedoms of natural persons” [Art.35.1]. This

“assessment examines the impact of the envisaged processing operations on the protection of

personal data”. Such a DPIA is in particular required when certain very sensitive PD is being

processed or in cases of a systematic and extensive evaluation of personal aspects relating to

natural persons which is based on automated processing, including profiling (see Art.35.3).

Paragraph 7 of Art.35 lists the minimum information which the assessment needs to contain.

According to Art.35.11, the controller shall, where necessary, “carry out a review to assess if

processing is performed in accordance with the data protection impact assessment at least when

there is a change of the risk represented by processing operations.”

Art.36 on prior consultation also falls under the monitoring privacy classification. Where a

DPIA under Art.35 indicates that “the processing would result in a high risk in the absence of

measures taken by the controller to mitigate the risk”, the controller shall consult the

supervisory authority prior to processing [Art.36.1]. The authority, where it is of the opinion

that the intended processing referred to in paragraph 1 would infringe the Regulation, is

required, within eight weeks, to “provide written advice to the controller and, where applicable

to the processor, and may use any of its powers referred to in Article 58” [Art.36.2].

Section IV of Chapter IV on the controller and the processor covers provisions on the DPO.

Art.37 lays down the conditions under which a DPO must be designated as well as other aspects


surrounding the designation. Art.38 addresses the position of the DPO, while Art.39 deals with

her tasks. Articles 40 to 43 provide for the possibility to draw up and monitor codes of conduct

as well as data protection certification mechanisms and relating certification bodies.

The provisions in Chapter V on transfers of PD to third countries or international organisations

will not be dealt with in detail as they do not directly concern the relationship between the data

subject and the company which processes the data. However it is important to note that “any

transfer of personal data which are undergoing processing or are intended for processing after

transfer to a third country or to an international organisation shall take place only if, subject

to the other provisions of this Regulation, the conditions laid down in this Chapter are complied

with by the controller and processor, including for onward transfers of personal data from the

third country or an international organisation to another third country or to another

international organisation” [Art.44].

Chapter VI contains provisions on the independent supervisory authorities. It will not be dis-

cussed in detail as for the purposes of this analysis it is only important to know that such rules

exist. They too fall under the monitoring privacy classification of the privacy framework as

they establish the supervisory authorities to which the SNO is obliged to report. Art.58 is

important and lays down the powers of the supervisory authorities (investigative, corrective,

authorisation, and advisory powers, and additional powers provided for by national law).

Chapter VII regulates the relationship between different authorities and the newly created

European data protection board.

Finally, Chapter VIII of the GDPR contains rules on remedies, liability and penalties in order

to assure that the proclaimed rights and obligations are not an empty word. The relevant

provisions accordingly fall under the accountability privacy classification within the privacy

framework. Art.77 lays down the right to lodge a complaint with the supervisory authority if

the data subject considers that the processing of PD relating to her infringes the regulation.

Furthermore, the regulation stipulates that the data subject has a right to an effective judicial

remedy, both against the supervisory authority as well as against the controller or processor

[Art.78 and 79]. The GDPR also provides for an action for failure to act in Art.78.2. Art.80.1

gives the data subject “the possibility to mandate a not-for-profit body, organisation or

association”, which complies with certain conditions to lodge the complaint on her behalf, to

exercise the rights referred to in articles 77 – 79 on her behalf, and to exercise the right to

receive compensation referred to in Art.82 on her behalf where provided for by member state


law. This is a major novelty compared to the existing law. Member States may provide that

anybody, organisation or association referred to in Art.80.1 “independently of a data subject's

mandate, has the right to lodge a complaint with the supervisory authority and to exercise the

rights referred to in Articles 78 and 79” .

Art.82 governs the right to compensation and liability in the case of violations of the regulation:

Compensation must be granted for material as well as non-material damages. The different

responsibilities of controller and processor are taken account of by the fact that the processor

will be liable for the damage caused by processing only where it has not complied with

obligations of the GDPR specifically directed to processors or where it has acted outside or

contrary to lawful instructions of the controller [Art.82.2]. Any controller however who is

“involved in processing shall be liable for the damage caused by processing which infringes

this Regulation” [Art.82.2]. Processor and controller can only escape liability if they are able

to prove that they are under no circumstances responsible for the event giving rise to the damage

[Art.82.3], for example by providing evidence that appropriate technical and organisational

measures have been implemented to ensure and to be able to demonstrate that processing is

performed in accordance with the regulation [Art.24.1][221].

In addition, where the controller and/or the processor infringe their obligations pursuant to

articles 8, 11, 25 to 39 and 42 and 43, they shall “be subject to administrative fines up to €

10,000,000, or in the case of an undertaking, up to 2 % of the total worldwide annual turnover

of the preceding financial year, whichever is higher”. Infringements of, inter alia, the data

subject’s rights pursuant to articles 12 to 22 are sanctioned with “fines up to € 20,000,000, or

in the case of an undertaking, up to 4% of the total worldwide annual turnover of the preceding

financial year, whichever is higher” [Art.83.5.b]. The same applies to the violation of the

provisions on “the basic principles for processing, including conditions for consent pursuant to

Articles 5, 6, 7 and 9, the transfer of personal data to a recipient in a third country or an

international organisation pursuant to Articles 44 to 49 as well as some other enumerated

cases” [Art.83.5]. In other cases, such as the infringement of the obligations to notify the

authority of a data breach, controllers and processors face sanctions “up to € 10,000,000 or in

the case of an undertaking, up to 2% of the total worldwide annual turnover of the preceding

financial year, whichever is higher” [Art.83.4]. Art.83.3 stipulates that where a controller or

processor, “for the same or linked processing operations, infringes several provisions of this

Regulation, the total amount of the administrative fine shall not exceed the amount specified


for the gravest infringement.” In addition, “non-compliance with an order by the supervisory

authority as referred to in Article 58(2)” is subject to administrative fines up to € 20,000.000,

or in the case of an undertaking, up to 4 % of the total worldwide annual turnover of the

preceding financial year, whichever is higher, Art.83.6. According to Art.84, Member States are

allowed to adopt additional penalties for infringements of the regulation, especially for

infringements that are not subject to administrative fines pursuant to the regulation’s provisions,

which they must notify to the European Commission until 25 May 2018.

4.2.4 Interim Result: Conditions and Classifications met by the GDPR

In the previous subchapters all privacy relevant GDPR articles were listed and explained as

well as sorted correspondent to the three different privacy conditions awareness, control and

trustworthiness. As one can see in Table 10 the articles covering privacy awareness are almost

exclusively related to transparency. The articles 4.11, 5, 6.1, 7, 8, 11.2, 12 – 14, 15.2 and 21.1,

21.2, 21.4 are all targeting to increase transparency for the data subjects respectively the SNS

users. But only Art.57.1.b defines the task of independent supervisory authorities to raise user

awareness. In addition, the release of the GDPR itself, the correspondent media coverage and

the by increased transparency caused user attention can also be interpreted as indirect increases

in user awareness [222].

Regarding control the articles 6 – 10, 12.2 and 15 – 22 handle the data subjects’ respectively

the SNS users’ rights and, therewith, their data sovereignty. The covered rights range from the

“right to access” over the “right to data portability” to the “right to object”. However, except

for Art.12.2 stating that “the controller shall facilitate the exercise of data subject rights under

Articles 15 to 22” and Art.15.2 and its right for data subjects to be informed of appropriate

safeguards when data is transferred to a third country or international organisations, there are

no user enforcement measures within the legislation articles.

Finally, regarding the privacy condition of trustworthiness, the articles 24, 30, 31, 33 –36, 40

– 43, 58 as well as 77–79 and 80.1 cover the aspect of monitoring with detailed rights for the

data subject respectively the SNS user to lodge a complaint and the right to an effective judicial

remedy. However, monitoring is only provided if complaints are plead. Additionally, the GDPR

does encourage the establishment of data protection certification mechanisms (e.g. an algorithm

TÜV [223]) on the member states levels. Concerning accountability, Art.5.2 laid down the

general principle of accountability and the articles 77 – 79 and 80 as well as 82 – 83 govern the


right to lodge a complaint, the right to an effective judicial remedy as well as the right to

compensation and liability and with that the extent of financial penalties.

Three major conditions for privacy protection:

Privacy classifications:

GDPR Articles:

Awareness User awareness 57.1.b

Transparency 4.11; 5.1; 6.1; 7; 8; 11.2; 12; 13; 14; 15.2; 21.1; 21.2; 21.4;

Control User enforcement 12.2; 15.2; Data sovereignty 6 – 10; 12.2; 15 – 22

Trustworthiness Monitoring 24; 30; 31; 33 – 36; 40 – 43; 58; 77 – 79; 80.1; Accountability 5.2; 77 – 79; 80; 82 – 83;

Table 10. Privacy Conditions and Classifications met by the GDPR.

4.2.5 Evaluation: Does the GDPR cover it all?

In this subchapter the coverage and the sustainability of the GDPR is evaluated. Therefore, the

second and third dimensions of the privacy framework (cf. subchapter 4.1.3) are firstly used,

consisting of the seven privacy types of Finn et al. [60] and the two points in time ex ante and

ex post. Finally, a legally and an economic assessment is provided, concerning the binding and

sustainability of the legislation.

4.2.5.1 The Privacy Types contained within in the GDPR

Finn et al. extended the privacy categorization of Clarke and distinguished between seven

different types of privacy [58, 60]. In the following paragraphs those different types are defined

briefly and it is shown whether, where and how they are covered within the GDPR. The findings

are then summarized in Table 11.

Privacy of the person is related to the integrity of a person’s body. Corresponding threats for

this privacy type are “many medical and surveillance technologies and practices” [60]. The

Art.4 of the GDPR defines the corresponding data as “genetic data” [Art.4.13], or “data

concerning health” [Art.4.15]. Mostly relevant is Art.9.1, which prohibits among others the

processing of genetic, biometric or health data. In addition, Art.9 data is specifically protected

in the context of automated individual decision making, including profiling [Art.22.4].

Regarding processing which is necessary for, inter alia, “purposes of preventive or occupational

medicine” [Art.9.2.h], paragraph 3 foresees an additional safeguard by requiring the “data to

be processed by or under the responsibility of a professional subject to the obligation of


professional secrecy”. In addition, paragraph 4 allows Member States to “maintain or introduce

further conditions, including limitations, with regard to the processing of genetic data,

biometric data or data concerning health”. The “right to erasure” [Art.17] also contains a list

of exceptions in paragraph 3. The controller is, inter alia, not obliged to erase the PD “to the

extent the processing is necessary for reasons of public interest in the area of public health”

[Art.17.3.c]. The same exception (also among many others) is provided regarding processing

which is necessary for purposes of preventive or occupational medicine [Art.9.2.h]. Paragraph

3 foresees an additional safeguard by requiring the data to be processed by or under the

responsibility of a professional subject to the obligation of professional secrecy. In addition,

paragraph 4 allows Member States to “maintain or introduce further conditions, including

limitations, with regard to the processing of genetic data, biometric data or data concerning

health”. The “right to erasure” [Art.17] also contains a list of exceptions in paragraph 3. The

controller is, inter alia, not obliged to erase the PD “to the extent the processing is necessary

for reasons of public interest in the area of public health” [Art.17.3.c]. The same exception

(also among many others) is provided in the general restriction Art.23.1.e. This means that the

controller has the possibility to invoke these exceptions in order to process the data or to repel

a claim of the data subject. Finally, health data is also mentioned in Art.36.5 regarding prior

consultation to processing and Art.88.1 when it comes to the special case of data processing in

the context of employment. According to Rec.54, “public health” should be interpreted broadly

(reference is made to the definition in Regulation (EC) No 1338/2008 of the European

Parliament and of the Council). However, Rec.54 emphasizes that “such processing of data

concerning health for reasons of public interest should not result in personal data being

processed for other purposes by third parties such as employers or insurance and banking

companies”. In summary, the legalisation takes the privacy of the person strongly into account

with the general prohibition of processing any genetic, biometric or health data, but opens

questionable loop holes with the provided list of exceptions.

Privacy of personal behaviour and action is characterized by Finn et al. as “sensitive issues

such as sexual preferences and habits, political activities and religious practices” [60]. Again

Art.9.1 general prohibits the processing of PD “revealing racial or ethnic origin, political

opinions, religious or philosophical beliefs, or trade union membership […] or data concerning

a natural person's sex life or sexual orientation” with the aforementioned exceptions (in

particular Art.9.2 – 3). Thus, this privacy type is covered by the legislation with the same range

as the aforementioned privacy of the person.


Privacy of personal communication stands for the inviolability of all kinds of communication,

may they be verbal or digital. This privacy type is no directly mentioned in the core legislation

but in the recitals. According to Rec.4, the GDPR recognises the fundamental right to respect

for private and family life, home and communication as recognised in the Charter of

Fundamental Rights and in the Treaties of the European Union. However, the different types of

communications are not further defined, besides the general abstract level.

Privacy of data and image contains the privacy of all sorts of PD and images including

“concerns about making sure that individuals’ data is not automatically available to other

individuals and organisations” [60]. It represents the classical data privacy understanding for

which the legislation is originally designed. As mentioned above, Art.4.1 gives a clear definition

of PD. Moreover, Art.4.14 adds the definition of “biometric data” including “facial images”

which enable the unique identification of natural persons. Thus, the privacy of data and image

is fully covered.

Privacy of thoughts and feelings embodies the creative freedom of individuals and their right

to think whatever they like, as well as their right to be sure that their thoughts and feelings are

not revealed to others against their will and without their knowledge. References to this privacy

type can be found again Rec.4, which reads: “This Regulation respects all fundamental rights

[…] in particular […] the freedom of thought”. Furthermore, the freedom of thought aspect of

this privacy type is covered by Art.9.1 which prohibits the processing of “data revealing […]

political opinions, religious or philosophical beliefs”. However, no further references or

definitions regarding the freedom of thought or the privacy of thoughts and feelings or the

privacy of a natural person’s psychology can be found. It is up to discussion if the current GDPR

is able to protect this privacy type appropriately.

Privacy of location and space encompasses the right of individuals not to reveal their current

location and their motion profile. The legislation takes it into account with Art.4.1 where

location data is mentioned as a possible identifier for a natural person. Furthermore, Art.4.4

explicit refers to a natural person’s location and movements when it defines the extent of

profiling. Hence, with location and movement data explicitly mentioned, the privacy type of

location and space is within the GDPR range.

Privacy of association “is concerned with people’s right to associate with whomever they

wish, without being monitored” which is crucial to modern democratic society [60]. It is


explicitly included within the Art.9.1 which defines special, very sensitive categories of PD.

The processing of such data is prohibited aside from the already mentioned exceptions. Art.9.1

covers political opinions, religious or philosophical beliefs and trade union membership which

represents a list of the most sensitive types of associations for this type of privacy.

In summary, the GDPR is foremost designed to protect the privacy of data and image, including

personal communication and location data, as well as the privacy of the person including in

particular health data. Moreover, the privacy of personal behaviour and action as well as the

privacy of association are also covered to some degree. However, the legislation does little

address the privacy of thoughts and feelings (see Table 11).

Privacy Types Relevant GDPR Articles

Privacy of the person Rec. 35; 53; 54;

Art. 4.13; 4.15; 9; 17.3.c; 23.1.e; 36.5; 88.1

Privacy of personal behaviour and action Art. 9

Privacy of personal communication Rec. 4

Privacy of data and image Art. 4.1; 14

Privacy of thoughts and feelings Art. 9.1, Rec. 4

Privacy of location and space Art. 4.1; 4.4

Privacy of association Art. 9

Table 11. Privacy Types covered by the GDPR.

4.2.5.2 The Time Dimension

As already mentioned, the multi-dimensional privacy framework distinguishes between the two

different points in time ex ante and ex post for privacy to be enforced (cf. subchapter 4.1.3).

Ex post privacy is the enforcement of the user’s privacy preferences after she joined a service.

In the case of SNS this represents the usage of privacy options and/or dashboards to control the

usage and delete or correct data which has already been exposed (e.g. changing the audience of

an existing posting or deleting it). One characteristic for ex post privacy is that the SNO has

already received and processed the data before the user is able to make a decision about the data

usage. This leads to a partial illusion of privacy, because the original audience who had access

to the data and the SNO are able to keep unnoticed a copy of the deleted or edited data.

Ex ante privacy on the other hand is the enforcement of user preferences before the data is

exposed. In the case of SNS usage there are several examples conceivable, e.g. the

determination of an audience before a posting is created and sent by the user, or the negotiation


and determination of the in general preferred data gathering and processing rights before the

SNS account is created by the user.

Considering the GDPR, the analysis shows that main parts of the previously identified privacy

relevant legislation articles represent ex post privacy provisions. Merely articles 9, 12, and 13

are possible ex ante policies. Art.9 is obvious, because it contains a long list of data types which,

in general subject to exceptions, shall not be processed from the outset. This clearly is an ex

ante provision. However, articles 12 and 13 handle the information obligations of the data

controller respective the SNO. In Art.13.1 the GDPR states that “the controller shall, at the time

when personal data are obtained, provide the data subject with all of the following information:

[…]”. This leaves a margin for the SNO to inform the user either upfront or at the time the data

transfer is happening. The latter would made the articles also an ex post legislation, because the

user would only have the opportunity to withdraw her consent or object the processing in

retrospect (i.e. after the data is obtained by the SNO). Further ex post provisions are: Art.14,

the duty to inform the data subject (the user) about the source of obtained PD about her; Ar.15,

the “right of access” by the data subject; Art.16, the “right to rectification”; Art.17, the “right

to erasure”; Art.18, the “right to restriction of processing”; Art.19, the notification obligation

regarding rectification or erasure of PD or restriction of processing; Art.20, the “right to data

portability”; Art.21, the “right to object”. Also the trustworthiness and accountability related

articles have predominantly ex post character, except for the articles 42 and 43 which handle

the possible establishment of data protection certification mechanisms. Those certificates could

be interpreted ex ante by users as signal for privacy respecting services and, thus, increase their

transparency. In summary, only the transparency related articles contain an ex ante character,

all other privacy related provisions are only enforceable ex post.

The findings are summarized in the following table, where afore explained different dimensions

of privacy are built in and create respective privacy sectors (see Table 12). In order to symbolize

to what degree a privacy sector of the multidimensional framework is covered by the GDPR it

is distinguished between four different scores of coverage:


The best score symbolized by “” represents that the sector is fully covered by the GDPR: The

relevant data types are defined in the legislation and it also provides articles concerning the

privacy classification of the privacy framework.

The second-best score symbolized by “●” states that the GDPR largely covers this privacy

sector: The legislation contains articles relevant to the privacy type and, again provides articles

concerning the respective privacy classification.

The second-lowest score symbolized by “○” describes that the GDPR partly covers the

respective privacy sector: The legislation mentions in the recitals that it is targeting to protect

the privacy type and provides articles covering the privacy classification.

The lowest score symbolized by “×” states that the GDPR fails to cover the privacy sector and

does neither mention the privacy type nor the classification. For completeness, it was

distinguished for all sectors not only between privacy types and classification, but also

between ex ante and ex post privacy as criterion for exclusion.

Three major conditions

for privacy protection:

Aw

are

nes

s

Contr

ol

Tru

stw

ort

hin

ess

Typ

es o

f P

riva

cy

Privacy

classifications:

Poin

t in

Tim

e

Use

r aw

aren

ess

Tra

nsp

aren

cy

Use

r en

forc

emen

t

Dat

a so

ver

eignty

Monit

ori

ng

Acc

ounta

bil

ity

1. Person Ex ante ○ × ×

Ex post ○

2. Behaviour and Action Ex ante ○ ● × ×

Ex post ○ ● ● ● ● ●

3. Personal Communication Ex ante ○ ○ × ×

Ex post ○ ○ ○ ○ ○ ○

4. Data and Image Ex ante ○ × ×

Ex post ○

5. Thoughts and Feelings Ex ante ○ ● × ×

Ex post ○ ● ● ● ● ●

6. Location and Space Ex ante ○ × ×

Ex post ○

7. Association Ex ante ○ ● × ×

Ex post ○ ● ● ● ● ●

Table 12. Privacy Sectors covered by the GDPR, distinguished to four different Scores.


4.2.6 Legal and Economic Capability

In the following subchapters the legally binding nature of the GDPR is analysed. The

practicability and permanency of the legislation is evaluated based on the corresponding

research and literature. The economic incentives and impacts of the GDPR are then examined

with a basic model and observations from recent market development.

4.2.6.1 Legal Analysis: Solid Basis with Room for Improvement

“Beginning of a new era of data protection law”[224], “milestone of European and global data

protection”[87] – the GDPR has definitely been perceived as a success by many [225]. From a

legal point of view, it was an achievement, but open questions and problems remain.

4.2.6.1.1 Major Achievements and Improvements

The GDPR’s success lies in the strengthening of data subject’s rights and an increase in the

documentation requirements and burden of proof of the controller. The substantial rights of the

data subject include inter alia the right to be forgotten [Art.17], data portability rights [Art.20]

and the “right to object to automated decision making”, including profiling [Art.21].

Furthermore, the GDPR imposes clear conditions for the data subject’s consent in data

processing. Articles 5.2 and 24.1 introduce the fundamental principle of accountability of the

controller with far-reaching documentation requirements. The controller also faces extended

information obligations towards the data subject. For data processors, the GDPR introduces

extensive obligations (including potential liability) in Art.28. In addition, the supervisory

authorities have been granted new and extensive powers to ensure compliance of the

controller’s processing activities with the Regulation. Finally, the GDPR enhances the

enforcement of the data subject’s rights via potential claims for damages (including immaterial

damages) and the imposition of significant fines. Another new major achievement of the GDPR

is its applicability to controllers and processors established in non-EU-countries when an EU

resident’s PD is processed in connection with goods and services offered to her or the behaviour

of individuals within the EU is “monitored”. The specific provisions on conditions applicable

to child's consent are also to be welcomed [Art.8].


4.2.6.1.2 The Regulation’s Weaknesses

So far, data protection and privacy law within the EU have been characterized by directives.

Unlike a regulation, a directive is not directly applicable and not directly binding in the member

states. Due to the fact that the binding effect of a directive refers only to its objectives, the

member states retain a margin of maneuver when implementing the directive. This led to the

differences in data protection law across the member states. Therefore, choosing the form of a

regulation, the EU aims at achieving a harmonized data protection and privacy law within the

EU. By replacing the directive with the regulation, the legislator indeed contributes to the

harmonization to a great extent [87]. However, in a number of areas the regulation still leaves

much space for national derogations of the Member States [226]. This resulted in the

denomination of the GDPR as a “hybrid” between regulation and directive [227]. National data

protection law remains applicable with regard to the public sector (cf. Art.23; e.g. national and

public security, national defense, the independence of the judiciary). In addition, the Member

States have discretion to be allowed to derogate from or specify the GDPR’s provisions in many

areas, e.g. regarding media and employee data protection as well as the alignment with the right

to access information and regarding important objectives of general public interest [87, 228].

In two areas, Member States retain the right to change the standard of protection: First, they

can exclude the possibility to consent to the processing of special categories of PD [Ar.9.2.a].

Second, Member States may maintain or introduce further conditions, including limitations,

with regard to the processing of genetic data, biometric data or data concerning health

[Art.9.4][224]. Accordingly, there will be no complete harmonization of data protection and

privacy law and it remains disputable whether the GDPR really represents the general,

foundational rule it intends to be [227].

Apart from the potential non-uniformity due to the flexibility clauses, the GDPR also provides

for numerous undetermined legal notions which could soften the real impact of its provisions.

Regarding, for example, the right to be forgotten, the controller is allowed to “take account of

available technology and the cost of implementation” and is only obliged to take “reasonable”

steps to inform controllers which are processing the PD that the data subject has requested the

erasure by such controllers [Art.17.2]. According to Art.19, the controller shall communicate

any rectification or erasure of PD or restriction of processing to each recipient to whom the PD

have been disclosed, “unless this proves impossible or involves disproportionate effort”.


Undetermined legal notions are a necessary tool in any piece of legislation. However, the extent

to which they are used can be considered critically [229].

The principle of purpose limitation, as described above, is contained in Art.5.1.b, according to

which PD shall be “collected for specified, explicit and legitimate purposes and not further

processed in a manner that is incompatible with those purposes”. However, the principle also

includes that “further processing for archiving purposes in the public interest, scientific or

historical research purposes or statistical purposes shall, in accordance with Article 89(1), not

be considered to be incompatible with the initial purposes” [Art.5.1.b]. Compared to the old

Data Protection Directive, the GDPR explicitly introduced the possibility to process data for a

purpose other than that for which the PD have been collected [230]. This is also allowed

according to Art.6.4. The wording of this principle has been much-debated and has been

amended several times. Art.6.4 refers to the viewpoint of the controller and obliges it, where

the processing is carried out for a purpose other than for which the PD have been collected and

which is not based on the data subject’s consent, to take into account certain aspects. These

include “any link between the purposes for which the PD have been collected and the purposes

of the intended further processing” [Art.6.4.a], the context in which the PD have been collected

[Art.6.4.b], the nature of the PD [Art.6.4.c], the possible consequences [Art.6.4.d], and the

existence of appropriate safeguards [Art.6.4.e].

The effectiveness of a legal regime is being ensured by a system of sanctions in case of

infringements of the rules. Chapter VIII of the GDPR addresses “remedies, liability and

penalties” in order to “ensure effective protection of personal data throughout the Union”

[Rec.11]. The question is: Are the sanctions provided for in the GDPR sufficiently deterrent?

Do they reflect the legislator’s aim to stress the importance of data protection in the 21st

century? Under current German law, infringements of data protection and privacy law can be

fined up to € 300,000 per infringement.22 Until today, German data protection authorities

imposed fines amounting to not more than € 2 million against individual undertakings [231].

The GDPR foresees that authorities can impose administrative fines up to € 20 million, or in

the case of an undertaking, up to 4% of the total worldwide annual turnover of the preceding

financial year, whichever is higher [Art.83.5]. The level of fines has been significantly raised –

which will ensure that many companies will accord data protection and privacy issues a much

22 See Section 43(2), (3) sentence 2 Bundesdatenschutzgesetz („BDSG“– German Federal Data Protection Act).


higher priority. The GDPR adopts the concept of an undertaking as elaborated by the European

Court in EU antitrust law [Rec.150]. This means that the fine of up to 4% of the total worldwide

annual turnover of the preceding financial year refers to the “single economic entity” and

accordingly to the group of undertakings. A single economic entity can exist of different natural

or legal persons (e.g. parent company and subsidiaries) and is given when the subsidiary,

although having a separate legal personality, does not decide independently upon its own

conduct on the market, but carries out, in all material respects, the instructions given to it by

the parent company.23 When the legislator already referred to EU antitrust law, one can however

question why it did not also transfer its maximum amount of a fine to the GDPR. Under EU

antitrust law, an economic entity can be fined up to 10% of the total worldwide annual turnover

of the preceding financial year. This suggests that data protection and privacy law are not

considered as important as EU antitrust law.

Following the adoption of the GDPR, the European Commission continued the modernization

of the data protection framework by discussing a reform of the ePrivacy Directive.24 On 10

January 2017, a draft regulation was adopted. The Regulation shall replace the old ePrivacy

Directive and amend the conditions for the data subject’s consent in the setting of cookies as

well as opt-out options. The ePrivacy Regulations specifically targets the protection of the

private life and the protection of PD in the electronic communications sector.

It will be up to the European courts to clarify open questions in the future in order to enable a

uniform application of the GDPR in all Member States. To sum it up, the GDPR has been a

achievement with regard to privacy issues. However, it will be of vital importance to closely

monitor future developments and to react quickly when changes to the law will prove necessary.

23 Settled case-law of the court of Justice of the European Union, see for example case C-48/69 – ICI, recitals

132 et seq.; case C‑97/08 P – Akzo Nobel, recital 58.

24 Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the

processing of PD and the protection of privacy in the electronic communications sector (Directive on privacy

and electronic communications).


4.2.6.2 Economic Discussion

The economic discussion is separated into two different parts. The first part discusses whether

the incentives and fines of the GDPR will hold the SNOs accountable. The second part explains

which consequences the legislation may have on the SNS market and how this might affect user

privacy.

4.2.6.2.1 SNO incentives to stay GDPR compliant

Besides the privacy coverage of the GDPR examined above, the question of this section is about

whether SNOs will obey to the GDPR requirements or not. Therefore, the crucial factors are

the consequences of non-compliance in articles 82 and 83, the right to compensation and

liability for affected customers, and the general conditions for imposing administrative fines.

Under the assumption of rational acting SNOs, the dominant business strategy would be to

calculate the possibility of exposure of respective violations combined with possible fines in

the case of successful lawsuits against the company. If the combination of exposure possibility,

fines, and revenue with infringement is higher than the revenue under law abidance some

companies may decide to violate the law (see e.g. EU vs. Apple regarding USB chargers [232]).

Expressing this in a formula for clarity, 𝜋𝐿 > 𝜋𝐼 − (𝜌 ∗ 𝐹) is a condition for the SNO’s to obey

the GDPR; 𝜋𝐿 is the SNO’s profit under law abidance and 𝜋𝐼 for the SNO’s profit under

infringement of the GDPR, 𝜌 with 0 ≤ 𝜌 ≤ 1 expresses the probability of being convicted for

the GDPR violation, and 𝐹 with 𝐹 ≥ 0 stands for the respective fine and/or compensations to

pay. The fines and the provisions in case of illegal behaviour must be high enough to make

GDPR violating business strategies unattractive. For simplicity, any reputation damage from

illegal behaviour is not included in the formula. This simplification is aggravated by the fact

that studies have revealed that privacy scandals in SNSs had no sustainable effect on users’

behaviour and usage of SNSs [132, 134].

Although one can only speculate about a possible positive margin 𝜋𝐼 − 𝜋𝐿, the corresponding

articles 21 and 77–79 as well as several recent whistle-blower cases give the impression that 𝜌

is closer to 1 than to 0. There are two different factors for the number of 𝐹: compensations and

fees. Respective lawsuits from users affected by SNO violations “shall be brought before the

courts competent under the law of the Member State” according to Art.82. Therefore, a possible

monetary compensation depends on the law and the court practices of one of the 28 EU member


states, which goes beyond the scope of this discussion. However, the administrative fines are

clearly defined in Art.83.4–6.

There are to different cases to distinguish: an administrative fine of up to 10,000,000 € or up to

2% of the worldwide annual turnover of the preceding financial year of the guilty company,

whichever is higher [Art.83.4], and an administrative fine of up to 20,000,000 € or up to 4% of

the worldwide annual turnover of the preceding financial year of the guilty company, whichever

is higher [Art.83.3, 5]. Thus, the current largest SNO, FB, would have faced a maximal fine of

$553 million for the year of 2016 in the first case, and it would have lost slightly more than 5%

of its revenue. For the second case, FB would have been fined $1.106 million which equals

roughly 11% of its respective net income (calculated from [233]). Considering that these fines

must be multiplied with a 𝜌 lower than 1, and under the condition of rational acting, FB has the

incentive to infringe the GDPR if 𝜋𝐼 ≥ 1,11 ∗ 𝜋𝐿.

This equation is of interest when combined with the finding of Rodger that 30% of the

companies affected by the GDPR will expect a rise of more than 10% in their budget to comply

with the legislation [234]. In other words, if large SNOs such as FB have the choice between a

10% budget raise to stay compliant with the GDPR or risking a fine for infringement they will

probably choose the second option under the described assumptions. However, small SNOs and

start-ups with low budgets could face bankruptcy if targeted with a maximal fine of 10,000,000

€ and 20,000,000 €, respectively.

4.2.6.2.2 GDPR Impacts on the SNS Market

To discuss the consequences of the GDPR for the SNS market and user privacy, the GDPR

Art.37, the designation of the (DPO, must be considered in addition to Art.83.3–5). The

increased duties for the SNO will increase the costs of operating and launching SNSs through

additional recruitment (e.g. DPOs) and investments in new technology [234–236]. The

increased costs of starting and maintaining an SNS increase financial market barriers and

strengthen the market positions for big players such as FB which can adapt more easily. In

addition, it will be harder for newcomers to set up an SNS and compete on the market. However,

start-ups have the chance to build an SNS from scratch and integrate the PBD approach, which

might counteract the financial market barriers to some degree.


Another notable effect is that fines “have the effect of providing relatively strong incentives to

meet the specified minimum level of service quality, but provide no incentive for the utility to

outperform the minimum standard” [237]. Translated to the SNS case, this entails that the SNS

privacy level cannot be expected to rise beyond the GDPR obligations. This effect is increased

by the lack of competition for privacy due to the SNS market structures and the reluctance of

SNS users to pay for privacy (cf. chapter 5 & [90]). As the analysis shows, the GDPR fails to

address any SNO arrangements to raise user awareness for privacy. Therefore, privacy and will

not become a competitive factor for the SNS market through the legislation, but will be a

financial and effort burden for SNOs. Furthermore, the legislation does not change the SNS

market dynamics leading towards a monopoly situation (cf. chapter 2). The sole factor working

against these market dynamics is Art.20, the “right to data portability”, which could facilitate

the change from one SNS to another and may increase competition but not necessarily

competition for user privacy.

4.2.7 Technical Feasibility

This subchapter examines the technical feasibility of the previously analysed GDPR provisions,

and the three major conditions of user privacy are used again as a division. The necessary

legislation requirements for awareness and transparency are presented in subchapter 4.2.3.1.

The provision of relevant information in a transparent and comprehensible manner according

to articles 14 and 15 are a matter of clear and unambiguous language and symbol design [108,

238]. Transparency is no insoluble task for SNOs, although many negative examples currently

exist (cf. [108]). Possible solutions for a clear and unambiguous privacy policy design were

provided by Kelley and Breese in 2009 [239]. Furthermore, the SNO’s information duties can

easily be solved through email or SNS-internal personal message. As all current major SNSs

require an email-address to register and provide internal, personal messaging, both ways are

feasible. Finally, the TETs needed to comply with EU GDPR Art.15 are available and

implemented by some online services (e.g. Google Dashboard, cf. [164] & subchapter 3.2.4).

The GDPR’s requirements concerning privacy awareness and transparency are not a technical

obstacle for SNOs.

The situation is different regarding the given requirements for user enforcement and control

(see subchapter 4.2.3.2). While the some SNS user’s rights, such as the “right to access”

[Art.15], the “right to data portability” [Art.20], and the “right to object” [Art.21] are from a

technical viewpoint feasible, other obligations for the SNOs contain serious obstacles. This can


be illustrated by the case of the Syrian refugee Anas Modamani who uploaded a self-taken

photo of the German chancellor Merkel and him to FB [195]. The photo was later re-uploaded

and misused by several right-wing activists within FB, falsely claiming that the Syrian refuge

was a terrorist. According to Art.16, Modamani has a “right to rectification” for this false

information. However, in the current state FB cannot pro-actively identify and correct this false

information if it is not reported by other users to the company [195].

As stated by Weber and Koops, similar problems apply to the “right to erasure” [Art.17][188,

240]. Again, the case of Modamani is a fitting example. With the current technological

capabilities of FB, the refugee was able to delete the photo with chancellor Merkel from his

own account, but neither he nor FB could prevent further spread of the picture within and

outside of the SNS [195]. Due to several online news reports about the case, copies of the photo

can be found in various sources within and outside the network and countless links are

identifiable via different online search engines leading to those copies. According to Art.17.2,

FB is now obligated to inform the copies controllers “that the data subject has requested the

erasure by such controllers of any links to, or copy or replication of, those personal data.” The

resulting hunt for links to and copies of Mr. Modamani’s picture on the internet “might become

an endless one” [188]. Recapitulated, the user rights that are preformed within the SNS with

the uploaded PD are feasible (articles 15, 18, 20 & 21), the rights which outreach the borders

of the SNS own ecosystem (article 17 & 19) face serious technical hurdles.

The GDPR requirements regarding monitoring and accountability are summarised in

subchapter 0 and are succinctly discussed. The legislation grants the SNS users strong rights

with articles 77 to 80. The privileges from those articles include the “right to lodge a complaint”

with the supervisory authority and to mandate a non-profit organisation (NPO) to

representatively lodge a complaint. However, all these rights depend on the technical powers

and abilities of the according national supervisory authorities to investigate complaints, as

defined in articles 51 to 59. These powers are given by Art.58.1 and the technical capabilities

are limited by the available state-of-the-art technology and the corresponding national

authorities’ funding. With 28 EU member states and at least 28 different supervisory authorities,

there are too many unknown variables to provide reliable outlook on these capabilities.

However, the case of Germany’s data protection agency ordering FB to stop collecting

WhatsApp user data from German users provides a vivid example of the difficulties related to

a national agency dealing with a globalised company [241]. Currently, the German data


protection agency has no sufficient controls to monitor whether FB follows their rules or not.

Moreover, FBs computer centres are distributed all over the world and while the centres in

Germany and within the EU may have stopped collecting the Germans WhatsApp user data,

the computer centres in the USA or India may still proceed unobserved.

The crucial problems with the GDPRs technical feasibility are in the fields of user enforcement

and control. The “right to erasure”, also called the right to be forgotten, and the “right to

rectification” (articles 17 & 18) contain serious technical obstacles, especially if the data is

copied and then disseminated by third parties (cf. [188]). Furthermore, to monitor whether

SNOs follow the legislation’s requirements, the correspondent state authorities must be

equipped with sufficient staff, technology, and the rights to keep up with global acting

companies, such as the current major SNSs.

4.3 Conclusion

This chapter analyses the GDPR and the European approach to privacy. Subchapter 4.1 presents

a multidimensional privacy framework constituting the state-of-the-art privacy research results

regarding SNSs. The framework includes the three dimensions of privacy condition, privacy

type and time as an approach to evaluating privacy legislations, privacy policies, and privacy

measures for SNSs. The framework is then used to evaluate the European GDPR in subchapter

4.2.

The EU GDPR provides sufficient protection regulation for some aspects of user privacy in

SNSs but does not cover all dimensions of the multidimensional privacy framework developed

in subchapter 4.1. The ex ante dimensions of user privacy are mostly untended by the current

state of the legislation (cf. Table 12). Moreover, due to governance through regulations and

fines, the EU GDPR provides the incentive for SNOs to deliver the minimum level of required

privacy, but does not enforce privacy as a competition factor in SNS markets or break the market

dynamics towards privacy dismantling and monopoly conditions. This situation is aggravated

by the fact that the “right for data erasure” and its archetype, the right to be forgotten, are

impossible to implement on the SNOs’ side (cf. subchapter 4.2.7). Thus, the legislation does

not provide a sustainable solution to the problems of IA and MH or to the principal-agent

dilemma described in the chapters 2 and 3. SNOs still have the incentive to elicit as much PD


as possible from their users to increase their competitiveness on the market’s advertisement

side despite the enforcement of the GDPR (see also chapter 5).

Furthermore, as the analysis in subchapter 4.2 illustrates, the EU GDPR contains no obligation

for SNOs to increase the privacy awareness of their users. Only the supervisory authority

provided by the correspondent EU member state must “promote public awareness” and might

not reach the users within SNSs during their decision-making process [Art.57.1.b]. However,

the European regulation can reduce the IA between SNS users and the SNOs, presupposing the

users care for their privacy and are aware of their rights. In addition, the clear regulations

defining which data can be processed for what purposes restricts the PD gathering and analysis

by the SNOs to some extent. These restrictions in combination with the SNOs’ duties to enhance

transparency, secure data protection, and employ a DPO will reduce their revenues. An

illustration of the GDPR’s impacts on the SNS market structure is presented in Figure 14.

Figure 14. GDPR's Influence on the SNS Market Structure.

109

5 Social Network Services: Competition and Privacy

In accordance with the results of the previous chapters, this chapter addresses RQ4 about

whether competition in the SNS market can enhance user privacy (RQ4.a) and which

interventions may direct the market dynamics to make user privacy a competition factor

(RQ4.b). As shown above, SNS business models highly depend on the gathering and analysis

of PD to obtain an advantage in competition for advertising clients (cf. chapters 1), though the

extensive collection and analysis of this data poses a threat to users’ privacy. From an economic

perspective, it seems rational for SNOs to ignore the users’ desire for privacy (cf. chapter 2).

However, privacy-friendly services might have the potential to earn users’ trust, leading to an

increased revelation of PD (cf. chapter 2 and [105]). 25

Addressing these issues, the existing privacy problem with SNSs in the context of competition

between SNOs is examined in the first part of this chapter to investigate RQ4.a about whether

competition tend to enhance user privacy or if it is the root of its violation. Therefore,

subchapter 5.1 takes a purely economic perspective on the present privacy problem in SNSs.

For this purpose it investigates privacy in the SNS business, focusing on the market structure

and its dynamics, taking into account that SNS constitutes MSP [44]. Analysing the user and

the advertiser side of SNS, their competitiveness and its influence on user privacy are compared.

Therefore, insights from theoretical literature concerning MSP, behavioural research papers

about SNSs and privacy, and market evidence are consulted.

Subchapter 5.2 then pursues RQ4.b and examines several popular SNS market interventions

with regard to their ability to facilitate user privacy. Therefore, the insights and the model of

subchapter 5.1 are used to analyse whether the corresponding interventions have the potential

to change the market dynamics towards privacy-friendly competition with user privacy as a

competition factor. Further ideas are discussed and the results of both subchapters are then

summarised.

25 This chapter includes and extends papers [31, 33].

110 5 Social Network Services: Competition and Privacy

5.1 SNS Market Competition and its Influence on Privacy

This subchapter is structured as follows: a brief overview of the related literature is presented

in the paragraphs below. The examination starts with an analysis of the influence of SNS

competition on user privacy by examining the characteristics of the goods which are up for

rivalry on the different market sides in the SNS environment, and by investigating those goods

and competition while considering appropriate findings from scientific literature. Furthermore,

their impact on user privacy is analysed, and the results are discussed and matched with

empirical evidence.

User privacy in SNS is a widely examined and discussed issue. The topic can be divided into

two main research streams: behavioural and user-focused research and SNO-focused research.

The former offers the seemingly contradictive result that users care for privacy and try to

preserve it with PSB [72], but do not act in a privacy-aware manner and carelessly disclose PD

when using internet services [106]. These findings led to the definition of the privacy paradox

[70]. Furthermore, SNO-focused research has shown that privacy is not a major market factor

in the competition for user attraction, although users consider it of high importance to them [17,

186].

However, it is still open to research wherefrom the dynamism arises which drives SNO to claim

more and more PD and thereby restrict user privacy. Different forces interact which each other

and with the participants in an SNS, and most of those forces have direct or indirect influences

on privacy [30]. One popular assumption is that users’ demand for privacy is a minor priority

for SNS providers because users are not willing to pay for it and the monetary income is

generated by advertisement customers [39, 75]. Recent successful mail services show that few

users are willing to spend small monetary amounts for increased communication privacy.26

Other companies in the internet search business even display the possibility to succeed without

demanding any money for a privacy respecting service [242]. Nevertheless, this willingness to

pay for privacy either in a monetary way or in terms of switching costs seems insignificant for

SNSs [77, 106].

The more general question of competition in MSPs has been addressed from different angles.

The economics of TSMs have most notably been explored by Rochet and Tirole [99], and

26 Mailbox.org, Posteo.de and others.

5 Social Network Services: Competition and Privacy 111

further research into MSP market structures has been conducted by Armstrong [100], Evans

and Schmalensee [94], and others [44, 50]. While these highly recognized studies provide deep

insight into the economics of MSPs, they do not cover privacy issues. A variety of publications

address the questions of competition and monopolistic tendencies in online MSPs, while

focusing on the search engine market and Google’s market position in particular [243, 244], or

on SNS and internet services in general [81]. However, the potential interrelation of the privacy

problems in SNSs and the market structure are not the focus of current research.

5.1.1 Economic Analysis: Requirements and Model

In the following section, the MSP business of SNSs is introduced and clarified, and the traded

goods in an SNS environment are examined from different angles to determine their

competitive character. Their influence on user privacy is then considered for both sides of the

SNS/MSP entity (i.e. the user and the advertiser side). For simplicity, other SNSs participants

such as application developers are bypassed.

As argued above, SNSs in general constitute MSPs, generating revenue by brokering targeted

advertising to its users for business partners [39, 42, 101]. A closer view on the market structure

reveals strong, direct same-side network effects between its users, because each additional user

makes the SNS more attractive to others [67, 69]. Moreover, there are indirect cross-side

network effects between users and advertisers. Each additional user makes the network more

valuable for advertising clients. This is due to a broader audience for targeted advertisement

and to a higher amount of user data, which elicits the possibility of drawing inferences and

creates more precise profiles [44]. On the other side, users are accepting personalized

advertisements as a price to use SNSs free of monetary charge [101]. However, there are no

positive network effects between the different advertisers, and the opposite can be assumed.

While advertisers profit from additional SNS users and often perform side advertisement by

promoting their SNS company profiles (e.g. advertising the company’s FB or Twitter-site), they

are rivals to other advertisers within the same SNS for the limited targeted advertisement space

and the limited user time and attention (see Fig. 2).


5.1.1.1 Features of SNS Goods

The currently leading SNSs auction targeted advertisement for specific audiences or keywords

in a real-time bidding system between interested advertisers. The space for advertisement in the

network is limited due to users’ limited time, and advertising clients can exclude each other

through a higher bid for the same keyword or target group. Thus, the good of advertisement is

an exclusive and rival good. Furthermore, an SNO can decide to exclude some advertisers from

its service, and advertisement in SNSs is a classic private good (see Table 13). Thus, one must

assume that there is a strong rivalry between similar advertisers. Classifying this insight into a

feature of goods table shows that the service of providing targeted advertisement within SNSs

is considered a private good [83].

Categorizing the SNS users-side is more complicated. First, two different goods are

distinguished: the plain SNS membership and the actual use of the network. The first usually

only requires a valid email address and approximately two minutes of filling out the application

form and confirming one’s mail address. The second comprises homing costs, time, and effort

to understand the SNS’ practice and add user created content, and both add up to the switching

costs (c.f. subchapter 1.1.2). It has been argued that users experience positive direct network

effects from other users. Profile creating and SNS usage is a non-rival, as creating a profile and

actively participating in an SNS does not prevent anyone else from joining or using it.27 In

addition, it is unclear whether these user-sided goods are excludable, which is the difference

between a public good and a club good. At first glance, it seems intuitive to argue that these

goods are public because no one seems to exclude anyone else from the usage. However, people

from Turkey trying to access FB during the military coup in July 2016 or people trying to use

FB in China or North Korea will disagree. Countries and SNOs have technical instruments to

restrict SNS access or directly ban specific users.28 Thus, the SNS registration and usage is non-

rival but is excludable for users’ side when it complies with the characteristics of a club good

(see Table 13).

27 Except for server overload, which is not discussed here for simplicity.

28 Technical workarounds for users are neglectable for this analysis.


excludable non-excludable

rival “private good”

targeted advertisement

“common good”

non-

rival

“club good”

SNS registration & usage

“public good”

Table 13. Feature of Goods Classification for SNS.

5.1.1.2 The SNO Viewpoint

The last angle is the SNO perspective, as the providers compete among themselves for

advertising clients. All SNSs offer approximately the same product on this market side: targeted

advertisement. It applies here that can money spent by an advertiser in one network cannot be

spent twice, and advertisement space cannot be assigned multiple times. One can assume that

the SNS advertisement market side is in strong competition because several providers supply a

comparable private good to a high quantity of advertisement-willing companies (see Figure 15).

In addition, user registration and membership seem to be non-rivals from an SNO perspective

because users can easily set up multiple accounts in different SNSs. Moreover, a provider

cannot prohibit its members from registering at other networks or hinder other services from

opening their registration to them. Yet, users can decide to refuse a certain SNS. However,

competition undoubtedly exists for attracting users between SNOs, since the quantity of

accounts is a signal to attract advertisers.

Third and most interesting from an SNO perspective is the time that users spend in the network.

It seems to be a highly valuable good for providers, because it increases the possible quantity

of advertisements shown to users and the amount of PD disclosed by them [72]. Furthermore,

users’ time and attention are limited and can only be spent once on an SNS. A strong competition

for users’ time between SNSs and other services can thus be presumed [102]. As a result, users

are not only paying for an SNS with revealed PD, but also with their time and attention (see

Figure 15).


Figure 15. The Market Structure of SNS.

5.1.1.3 Competition on the Users’ Side

Analysing the SNS’ competition on the users’ side of the market structure, two relevant factors

are identified first: trust and enjoyment [67, 69]. As described before, the SNO wants to receive

users’ time and attention for advertisements and their disclosed PD for improved targeting of

these advertisements (cf. subchapter 3.2). On the other hand, users want to enjoy an SNS and

demand that it be trustworthy [67, 69, 105], while enjoyment also includes strong and positive

direct network effects (i.e. finding friends as active members within the same SNS) [67].

Regarding the trust factor, the literature shows that increasing trust in an SNS can be achieved

for SNOs by implementing privacy controls [69, 113]. This is relevant because improved trust

increases the SNS usage, the quantity of disclosed PD, and the acceptance of advertising [103,

114]. Thus, trustworthiness is beneficial for SNOs to bind users to their SNSs and to receive

more UGC and reliable PD. Although the implementation of privacy controls has a positive

influence on user privacy in SNSs [30], findings suggest a design conflict between privacy and

usability and thus, enjoyment [17].

The enjoyment of an SNS seems to be the most crucial factor in SNO competition. First, it

attracts users to join an SNS and self-evidently increases positive direct network effects

between the users as well as positive indirect network effects from the users’ side to the

advertisers’. Second, enjoyment tempts users to spend more time within the SNS, leading again


to positive influence on advertisers. More time spent in an SNS also increases the quantity of

UGC because content creators value a platform more if they have a larger audience [110].

Furthermore, a higher amount of content also attracts more advertisers because it enhances the

providers’ targeting ability for advertisement. To conclude, plenty of motives for SNOs to

compete with enjoyment for user registrations and user time are found, and SNOs are facing

this competition by increasing their own platform stickiness. The literature results show that

there are two ways of doing this: increasing the content of the platform and implementing more

features and functionalities (as long as it has no significant negative influence on the SNS

usability) [44, 102]. While the latter seems privacy neutral for users, changing the platform

appearance to entice users to enter more PD and UGC is a threat to their privacy [72]. However,

additional platform features also contain the potential to harm user privacy when they deduce

additional PD from users or leak the data from the platform to third parties if the SNO decides

to open the SNS to external application developers.

5.1.1.4 Competition on the Advertisers’ Side

As stated above, SNOs compete to sell targeted advertising to corresponding customers (c.f.

subchapter 5.1.1.2). To attract these advertisers, four factors were identified as most relevant:

the quantity of users, the accuracy of user targeting to serve the advertisements, the time users

spend in the SNS, and the price to advertise to the targeted user group. In their evolution, the

majority of SNSs followed the same path: starting one-sided and attracting users, and then

hitting a critical mass, implementing advertisement, and evolving into a TSP [44]. Later, most

SNSs also included external application developers and other services (e.g. identity

management) and transformed into an MSP. The privacy impacts of competition for user

registration are covered in the previous section.

In addition to the quantity of users, the average time a user spends in the network appears to be

the crucial factor in the competition for advertisers [102]. Its theoretical competition and

privacy impacts on the user side are shown above. Another option for tying users closer and

longer to a network is to enhance the SNS content either happen by tempting users to post more

UGC or by including external content creators and their content directly into the network (e.g.

news sites or celebrities) [46, 117]. Another method is to acquire competitors and include their

services in the SNS. The possible privacy threats of tempting users to reveal more data are

shown above. The method of including further content form external content creators is


basically privacy neutral, except for users’ active reaction to this content (e.g. likes and

comments). However, implementing purchased competitors and emerging their existing PD and

accounts with already existing in-network user data can be privacy invasive. Merging that data

and drawing inferences from the new database can reveal information which the user initially

wanted to hide by audience-segmentation using two separate services.

The third identified factor is the accuracy of user targeting. The most obvious way of improving

this factor is to gather more PD, either directly from the users or from external sources, to

analyse it with algorithms. The impacts of PD accumulation have been discussed. One must

expect that the possibilities of enhancing targeting by PD reaches a limit value where gathering

more data does not result in further improvement. Thus, another method to improve targeting

constitutes a direct inquiry of users either for their interest or indirectly by giving them the

controls to correct their information and drawn inferences connected to their account (cf.

subchapter 3.2). The latter can be privacy enhancing for users if it allows them to delete data or

exclude certain information from the targeting mechanisms.

Finally, the cost-benefit-factor of advertising on an SNS depicts a crucial aspect, since the

advertisement side is the monetary paying side. As agents acting in an economic environment,

advertisers seek the most efficient way to spend their money and target their audience. In

addition to the developers’ achievement of a leading targeting algorithm and the topic of feeding

it with user PD, SNOs have another factor to influence the efficiency of their advertisement

offer: economics of scale. In addition to non-rivalry and excludability, user membership and

activity in SNSs have the characteristic of low marginal costs. The costs to provide the service

to an additional user are, after establishing a working system, marginal for the SNO. The same

is true for the advertisers’ side and the service of automated advertising space auctions, which

leads to rising returns of scale and makes an SNS more efficient as both sides become larger.

Thus, the direct way to increase SNS attractiveness for advertisers is to gain more users who

spend time in the SNS. This becomes even more efficient if these users originate from different

target groups, because the SNS then represents all sections of society. This insight leads directly

back to subchapter 5.1.1.3 and the discussed influence on privacy and competition.

Furthermore, the SNO perspective on competition factors and their aftermath is summarised in

Figure 16.


Figure 16. SNO Perspective on Competition.

5.1.1.5 The Trump Side of Competition

In the previous sections, the two major sides of SNSs regarding competition and their impacts

on user privacy were analysed. Table 14 summarizes the different activities of SNOs and their

influences. However, it seems uncertain which side of competition outweighs the other, and

whose needs are favoured by the SNO for economic reasons. If the user side and the users’

needs are preferred, the trust factor could lead to an improvement in users’ data control options

and to enhanced user privacy. The opposite is expected if advertisers are the SNO-favoured

SNS side, due to the demand of increasing user data for better profiling.


SNO Activity Influence on

User Privacy Implementing Privacy Controls +

Give Users Control to Correct and Enhance the Information and Drawn Inferences

Connected to their Account

+

Implement more Features and Functionalities ❍

Changing Platform Design to Entice User to Enter More Data -

Merging their Existing User Data and Accounts with Already Existing In-Network User Data -

Table 14. SNO Activities and Their Influence on User Privacy.

Following the influential papers on MSPs, the standard link from classical economics between

the inverse relation of price over marginal cost and elasticity of demand does not hold true for

MSPs. In other words, the service on one side will be served by the provider even if this service

and the price paid for it by the its participant alone is not profitable [94]. Thus, the loss from

one side must be outweighed by the profits from the other. To identify the provider’s cash cow,

one must identify which side MHG is most prevalent on [99, 100]. The side where the MSP

participants use more than one platform simultaneously is expected to be overpriced, while the

single homing side is expected to be subsidized [109].

5.1.2 Reality Check and Market Development

In this subchapter, the theoretical analysis of competition and its influence on privacy in SNS

are matched with available market observations and empirical evidence. Subsequently, it shows

whether this evidence confirms the theoretical assumptions.

5.1.2.1 Privacy Options and Controls

Targeting the trust factor mentioned in subchapter 5.1.1.3, current developments indicate that

SNSs and other internet services have recognized the coherency between users’ trust and UGC.

Respectively, FB introduced new privacy controls in 2008 [123] and constantly improves them

[127], while Google implemented its own user privacy controls lauded by specialized press

[122]. In contrast, regarding the FB privacy default options, scholars have found a decrease in

user privacy over the last decade [125, 126]. One reason for the trend of expanding privacy

options and controls in internet services might be the upcoming reform of the EU GDPR which

comes with rigid laws and harmful financial penalties in the case of violations [34, 245]. The

future of this trend is sustainably influenced by user behaviour and by the corresponding law.

Utterances of the European Commissioner assume that the end of the road of regulating internet


services concerning competition and user privacy hast not been reached [93]. Since these two

conflicting incentives for SNOs to implement privacy options and controls cannot be isolated

from another, it is impossible to say which one prevails.

5.1.2.2 SNS Competition for and MHG Behaviour of SNS Users

As showed in subchapters 5.1.1.3 and 5.1.1.4, SNOs compete against each other for users’ time

spent on their platform and for content. Therefore, they implement new features into their

platforms or integrate taken-over services and external apps. Recent developments in internet

services and SNSs make this competition visible. The acquisition of WhatsApp by FB, as well

as the takeover of Instagram led to a domination of FB in the branches of mobile messaging

and mobile photo sharing. Moreover, FB started partly merging FB and Instagram accounts and

announced in the latest terms and conditions change of WhatsApp that phone numbers and

contacts will be transferred to FB [246]. Both clearly contain the privacy threats of merging

different services accounts.

As a result, FB’s recent introduction of instant articles can be interpreted as an attempt to

enlarge their own content and as an attack on Google and Twitter [247]. Furthermore, FB

included the feature of selling tickets for events and recently announced the possibility to run

crowd-funding campaigns and collect money directly inside the SNS [248]. This seems to be

an attempt to use its large user base and the resulting positive network-effects to include the

markets for online ticket-sale and crowd-funding, and keep the users in the FB environment as

long as possible. The same applies to the implementation of an owned browser within the FB

app, a strategy also used by Twitter. Furthermore, FB recently started a video service similar to

Netflix within the SNS [129]. It appears that FB is developing from an SNS to a universal

internet entertainment MSP. This is also true for the MSP Google, which purchased the video-

SNS YouTube in 2006 and included various advertisement services in the following years. It

also offers services such as Google Mail, Calendar, Maps, Drive, Docs, Photos, Keep, Translate,

and the SNS Google+.

Moreover, companies such as Google, FB, and Twitter provide identity management features

which enable users to log-in to external services with their existing SNSs accounts. What seems

like a comfortable feature to make users’ life of managing different online accounts easier, can

also be interpreted as a way to gather more data from external services, track users beyond the


platform, and enhance targeting and time for displaying advertisements. The privacy threat

aspects of these strategies is explained above.

The most interesting question is which side, the users’ or the advertisers’, is subsidized and who

is the “cash cow” (cf. subchapter 5.1.1.5). Evidence from the magazine industry suggest that

users are subsidized and advertisers are the main income source [249, 250]. The fact that users

are not paying any monetary price for SNS and advertising is the main income source for SNOs

strongly supports this view [251]. Nevertheless, considering MHG as the crucial factor, recent

statistics suggest that it is on the rise on the user side with 52% of US users using two or more

social media (SM) sites in 2014 [61]. However, the relevant factor of SNS competition on the

user side is also the time spent in the network (cf. subchapter 5.1.1.2). FB leads by far with 70%

of its users using the platform daily, before Instagram with 49%, and Twitter with 36%, while

the second also belongs to the FB environment. Moreover, “the engagement of Facebook users

continues to grow, while daily use on other platforms shows little change” [61].

5.1.2.3 The Advertisement Market

Users show MHG behaviour especially regarding their SNSs membership, while their time

spent within SNSs has a strong tendency towards the FB conglomerate. The market distribution

is used as a first indicator of MHG behaviour on the advertisers’ side. In 2014, Alphabet’s share

of the net digital advertising revenue was 31%. This revenue includes the income from targeted

advertising on the Google search sites and the advertisement revenue from services such as

YouTube, Google+, and AdWords. The leader is followed by FB with a market share of nearly

8% and the Chinese online search engine Baidu with close to 5% [252]. Despite these distinct

numbers, the development of the online advertisement market indicates that the competition

between the targeted advertisement-offering SNOs is rising. While Alphabet kept its market

share over the last three years, competitors are catching up, as FB nearly doubled its market

share from 2012 to 2014 from 4% to approximately 8%. Except for two, all other market

participants beyond the 0.5% market share claimed slightly higher percentages each year [252].

This development indicates that online targeted advertisement is becoming more popular, and

presumes that adverting clients tend to use more than one internet services and show MHG

behaviour.


This assumption must be verified by the respective SM industrial report [253]. The survey

reveals that most of the interviewed SM markets (93%) use paid FB ads on a regular basis to

reach potential customers (cf. Figure 17). In addition, 24% use Instagram ads, which also belong

to the FB conglomerate. Far behind, 16% use LinkedIn ads, 15% use Twitter ads and only 11%

use YouTube ads. These results show that regarding SM advertisements, only a marketer

minority of 16% is MHG in addition to the use of ads within the FB conglomerate. However,

targeted advertisement outside SNSs is not considered in this report. Thus, targeted

advertisement in Google Search results, the Google display network, and Google AdWords are

not included, and the only representative for the Alphabet Corporation within the industry report

is the SNS YouTube. Nevertheless, the industry report gives an impression of the MHG

behaviour on the advertiser side and shows that MHG seems weaker than on the user side with

only 16% of the SM marketers running advertisements regularly outside the FB conglomerate.

In addition, the report reveals that 64% of the marketers plan to increase their use of FB ads

and 42% plan to increase their Instagram ads in the future, while only about 30% plan to

increase their YouTube, Twitter, or LinkedIn ad usage [253]. Similar to the users’ side, the

advertisers’ side shows a strong tendency towards FB.

Figure 17. Social Media Ads used regularly by Marketers According to [253].

Given that both sides of SNSs seem to show MHG behaviour and that the user side does not

pay for their usage in terms of money, it is difficult to apply the insights of MSP markets and

MHG here. One could claim that users are the subsidized side because they are enjoying SNSs

for free. However, one could also argue that advertisers are being favoured and subsidized

93%

24%

16%

15%

11%

3%

1%

0% 20% 40% 60% 80% 100%

FACEBOOK ADS

INSTAGRAM ADS

LINKEDIN ADS

TWITTER ADS

YOUTUBE ADS

PINTEREST ADS

SNAPCHAT ADS


because they are the crucial revenue source of SNOs. Moreover, advertisement prices in SNSs

seem comparably low to those paid in print media, and one expects the targeting to be more

exact due to the revealed user data [251]. Hence, advertisers could be subsidized with better

targeting for comparably lower prices while users could be overpriced in terms of PD elicited

by the SNSs and lower privacy. However, according to the comparable MHG behaviour of both

sides, one cannot assess this case.

In summary, the investigation shows that competition between SNOs does not necessarily

improve or harm user privacy. Competition in MSPs such as SNSs is complex and the analysis

shows that there are indeed various privacy harmful aspects (cf. chapter 2). However, the

competition for users has the potential for privacy-friendly consequences, but only if the trust

factor outweighs the privacy-contrary implementation of additional features and overtaken

services.

5.1.2.4 Limitations

The presented work is limited due to the available data. There is no evidence of whether newly

integrated privacy controls by FB and Google are actively used and increase user privacy or if

they are have a trust-building and possible privacy-harming effect. Moreover, the comparably

low costs of targeted advertisement in SNSs can partly be explained by the strong economics

of scale and the near-zero variable cost of running an SNS and displaying advertisement

compared to print media. Furthermore, considering the classification of SNS goods, club goods

such as the SNS membership and usage from the user side also have the characteristic of low

marginal costs. This leads to rising returns of scale, which makes club goods ideal for natural

monopolies [83]. Considering the costs of setting up an SNS by programming the service and

establishing the computing power to serve a broad user base, as well as the high costs of running

such a server infrastructure as fixed costs, there are monopoly market tendencies [254].


5.2 Enhancing Privacy Competition

As subchapter 4.2 demonstrated, the GDPR cannot enhance competition for user privacy

between SNOs. In addition, the legislation only provides the incentive for SNOs to deliver the

minimum level of required privacy measures due to the governance through regulations and

fines (cf. subchapter 4.2.6.2.2). Furthermore, subchapter 5.1 showed that competition between

SNOs at the current stage can harm user privacy rather than preserve it. The question RQ4.b is

about which provisions are suitable to make user privacy a competitive factor for the SNS

market and may lead to an increase in user privacy by market competition forces. Therefore,

the analytic results from the chapters before are used to evaluate promising attempts of the

current economic discussion in the following section, assuming rational acting business parties.

5.2.1 The Right to Be Forgotten

As shown afore in subchapter 4.2.3.2, the right to be forgotten was converted into the “right to

erasure” within the GDPR, including a long list of exceptional rules (cf. [216]). For simplicity

and to demonstrate the full capability of the concept, this subchapter considers the original idea

of the right to be forgotten. The notion stands for the privilege that every natural person has the

right to all types of data about her, as well as all links to that data that are deleted from any

online service, irrespective of the technical or financial expenditure, of ongoing processes, and

of the originator. The European intellectual background of this right is rooted in the French law,

which recognizes the “right to oblivion”. This right originally allowed a convicted criminal to

object to the publication of the facts of her conviction and incarceration, when she had served

her time and was rehabilitated [216, 255].

As demonstrated in subchapter 3.1, the disclosure of PD can be interpreted as a PM for the use

of SNSs by the user to the correspondent SNO. Thus, the subsequent erasure of this data or

parts of it can be considered payment withdrawal, which may include economic disadvantages

for the affected SNO. In addition to the costs of implementing sufficient tools to identify and

erase the correspondent data and links leading to it, the SNO may face disadvantages in BD

capabilities which endanger the SNO’s business model [256]. Consequently, the SNO has the

incentive to take actions to avoid user claims to their right to be forgotten. Following the

analysis of subchapter 2, the results of the advanced SD model (cf. subchapter 2.2.2), and the

results of subchapter 5.1.1.3, there are two rational paths for the SNO.


The first is to decrease the user awareness of potential privacy problems and their right to be

forgotten. In that case, the SNO would try to disguise the extent of disclosed, gathered, and

analysed PD as well as to whom it is visible or transferred (e.g. with misleading privacy

policies; cf. subchapter 3.1.5). This SNO behavioural pattern was frequently observed in the

past [108, 133, 134, 159, 238]. However, if the SNOs follow the correspondent passages of the

European legislation, they are obligated to provide transparent and comprehensible privacy

polices (GDPR, articles 12–14). Thus, disguise is no longer a legal option.

The SNO’s second rational path to react to a rigorous right to be forgotten is to increase the

users’ trust in the SNS, such that the users have less incentive to claim their right. As the results

of the previous chapters show, user’ trust in an SNS is best established by the SNO by providing

appropriate privacy options and data security, as well as trustworthy and comprehensible

privacy policies. All these measures are already required by the GDPR (cf. subchapter 4.2.2).

However, certain privacy applications are best suited to prevent users to choose the legal way

of data erasure and nudge them to take their PD’s fate into their own hands. The first is simply

by giving SNS users the option to transparently see and edit their revealed PD. This data editing

can happen easily through an appropriate interface (e.g. a privacy dashboard) [174, 175]. The

second option is to give users the ability to limit their data visibility in terms of audience and

durability. Limiting the audience of certain posts or pictures is called “audience segregation”

[138]. This feature allows the user to sort her friends or followers into groups and release data

specifically for them, and it is already implemented by the leading SNSs (e.g. FB) [123]. The

limitation of data durability describes that released data is marked with an expiration date and

automatically erased or made undiscoverable after its expiry. This feature was made popular by

the smartphone application Snapchat, where messages and stories were only available for 24

hours and later hidden from users [257]. However, FB experimented with a similar feature

called “slingshot” and later implemented transient stories as a feature in FB and Instagram [188,

258]. A positive side effect of these features for the SNOs is that the data stays within their

databases and can still be used for BG, even though it is no longer visible for the SNS users.

In summary, a consistent right to be forgotten for SNS users will lead to an implementation of

privacy features in SNSs to increase user trust. However, in accordance with the assumptions

and results of chapters 2–4, these features will only increase user privacy against other users

and third parties in terms of “audience segregation” and “data durability”. The SNOs ideally

stay in control of the PD and will continue to use it for BD; in return, SNS users will be granted


access to correct, deactivate, or delete their data. However, the right to be forgotten has no

impacts on direct and indirect network effects within a SNS. Users will still suffer lock-in

effects as well as switching costs and therefore may choose to stay in a SNS due to those effects

even if it lacks sufficient privacy features (cf. subchapter 5.1). Hence, privacy or more precisely

trust is strengthened as competitive factor but as long as users value enjoyment and staying in

contact with their network contacts over privacy, they will continue using their current SNS

even if it fails to provide the aforementioned privacy features [67, 69].

5.2.2 The Right to Data Portability

The “right to data portability” is also embedded in the GDPR and represents the user’s right to

receive all PD concerning her and which she has previously provided in a “commonly used and

machine-readable format”, including the right to transmit it to another service (GDPR, article

20; cf. subchapter 4.2.3.2). The following analysis was conducted under the assumption that

this provision will lead to a standard file format for PD in SNSs that will allow the smooth and

reliable downloading from one and the equally easy uploading to another SNS (cf. subchapter

5.2.3). It is expected that the current SNS market leader, FB, will set this standard with its given

file format by market power.

When SNS users can download all their previous uploaded PD and integrate it easily into a new

service, this represents a significant decrease in switching costs and a weakening of the lock-in

effect (cf. chapter 2 & [259]), which will make it easier for users to switch to another service

or start MHG and use another SNS in parallel. This decreases the effort for small SNSs and

market newcomers to gain new users and their PD, because data is no longer walled by the

leading services [260]. On the other side, the duty to develop and implement the option for data

portability to the SNS is a technological and monetarily costly burden for the SNO. Thus, the

“right to data portability” creates a market entry barrier for newcomers and endangers the SNS

business model, which might decrease consumer welfare for the users [261, 262].

While data becomes portable, the circle of friends for SNS users remains within a corresponding

SNS. Parts of the PD may be worthless without the corresponding user’s friends and audience.

Thus, data portability has no impact on an SNS’ direct network effects on the user side. It is

expected that the “right to data portability” will lead to an increase in MHG, but not necessarily

to a weakening of the market leader’s position. This leads to enhanced SNS competition for

user’s time and attention, which is expected to have a negative impact on user privacy rather


than a positive one (cf. subchapter 5.1). In addition, data portability threatens user privacy and

data security, because “when an individual’s lifetime of data must be exported ‘without

hindrance’, then one moment of identity fraud can turn into a lifetime breach of personal data”

[261]. The “right to data portability” will increase the competition between SNSs for users and

their time and attention, but not for their privacy as a competitive factor. The presented evidence

leads to the assumption that this right has a negative rather than positive influence on user

privacy.

5.2.3 The Concept of Interoperability

To be interoperable denotes that “the systems, procedures and culture of an organisation are

managed in such a way as to maximise opportunities for exchange and re-use of information,

whether internally or externally” [263]. Regarding IT, the referred concept is technical

interoperability, which is provided by the development and predefinition of open standards for

barrier-free communication, transport, storage, and representation [263, 264]. For true

interoperability, the open standard is not allowed to favour any provider or business, and must

be equally accessible and utilisable for all market participants [265]. Examples of technical

interoperability are the open and standardised internet protocols, which are the origin of the

internet’s spread and success [263, 266, 267]. Interoperability and its open standards are usually

developed and achieved by NGOs such as the Internet Engineering Task Force (IETF)29 or the

World Wide Web Consortium (W3C)30, which receive funding from several different sources

such as governments (e.g. ITEF), or associations of businesses, NGOs, universities,

governmental entities, and private persons (e.g. W3C). The development and implementation

of open standards for interoperability are pushed by collaborations of industry partners to

develop new opportunists and enlarge their distribution range (e.g. in the case of the W3C and

the further development of internet standards) or by governments to increase their citizens’

safety and their economic growth (e.g. USA Interstate Highway System Standards) [267].

Interoperability for SNSs would require an open standard which provides at least (1)

authentication, (2) relationship description, (3) communication, and (4) content sharing across

different SNSs, such that it is as easy to implement and as SNO-friendly as possible [268, 269].

29 https://www.ietf.org/ (last accessed 22.10.2017)

30 https://www.w3.org/ (last accessed 22.10.2017)


The open standard needs a global identifier for each SNS user (1), such that one can state that

a certain user of another SNS is her friend and a format to represent this connection (2). It

requires a standard communication protocol to send messages cross-border between users of

different SNSs, such as the SMTP standard which enables emails to be sent from one provider

to another (3). Finally, a standard to allow friends in other SNSs access to the own page and

postings and to keep unwanted visitors outside is also needed (4).

Several attempts for interoperability between SNSs already exist. For instance, the Extensible

Messaging and Presence Protocol (XMPP) provides requirements 1–3 and was originally

developed for instant messaging [270]. The Vodafone R&D works in lead of the OneSocialWeb

group on the enhancement of XMPP and includes vCard support as well as streams for

microblogging content sharing. However, OneSocialWeb lacks implementation references and

the project had its last activities in 2010 [269].31 OpenSocial is based on open web services

developed by Google and later transferred to the W3C. It provides the exchange of PD,

relationships, and text-based communication, and is a full working open standard for SNSs

[271]. However, it is not widely spread and is not supported by the market leader, FB, which

developed its own API for application integration and authentication services [269]. In addition,

various other attempts for an SNS interoperability standard exist or are in development [264,

268].

Currently, SNSs are completely closed systems which imprison their users and the

corresponding PD because they represent the key to their business model (cf. subchapter 5.1)

[268, 269, 272]. Economically, the wide-spread implementation of SNS interoperability would

change the role of networks from gatekeepers of social interaction and information to interfaces

of social content and communication. The opportunity to communicate and exchange content

from one user to another across the borders of SNSs would eliminate the direct network effects

between users of the same network. The necessity that friends must be members of the same

SNS to communicate and share content with them would no longer exist. Consequently, the

lock-in effect would cease when SNS interoperability is combined with data portability. With

the disappearance of the direct network effects as a competitive factor, the other factors would

gain importance, namely usability and trust (cf. chapter 2). As illustrated above, trust in an SNS

is assured by data security and comprehensible privacy policies, as well as effective privacy

31 https://github.com/onesocialweb (last accessed 22.10.2017)


options for its users [30]. Thus, user privacy would gain more importance under SNS

interoperability, although some findings suggest a conflict in design with usability [17].

Furthermore, SNS interoperability disrupts the MHG feedback-loop by dissolving the direct

network effects between users and making content non-exclusive for a certain platform (cf.

chapter 2). Consequently, monopoly tendencies in the SNS market would also be weakened.

On the user side, SNS interoperability would force SNSs in competition for usability and user

trust, as market leaders could no longer build on their large user base and the connected direct

network effects as a competitive advantage.

Furthermore, SNS interoperability would facilitate the social network activities for businesses

and celebrities, because they would no longer have to be present on all SNSs to stay in contact

with their customers and fans. One well-groomed site in their favourite SNS would be sufficient

if they could communicate and send their postings cross-border to their audience in other SNSs

[273]. With SNS interoperability and a standard API for all networks, application developers’

programming effort would be reduced and their application could compete for users in all SNSs.

In the cases described above, the network effects also dissolve. However, the user quantity in

an SNS and their time spent within the network would remain the key competitive factor for

advertisers to choose where to spend their budget for targeted advertisement. Thus, the indirect

network effects between the quantity of users and the advertisers within an SNS would last (cf.

chapter 2). With the disappearance of direct network and lock-in effects on the user side, it is

expected that the SNS competition for advertisers, and for users and their time and attention

within the network will increase under SNS interoperability.

From a data security viewpoint, SNS interoperability represents a mixed blessing. On one side,

it increases SNS competition for user trust, and for data security and privacy. Thus, it is expected

that the SNOs’ efforts in this area will increase. On the other side, when content and PD is

transferred cross-border between different SNSs this multiplies the possibilities of attacks to

catch this data, such as man-in-the-middle attacks. Thus, the data transfer and communication

between different SNSs under interoperability requires the integration of an open standard for

encryption (e.g. open PGP32 or HTTPS [274]). If such a data security standard is implemented

32 http://www.openpgp.org/ (last accessed 23.10.2017)


and maintained, it is expected that overall data security and user privacy will increase under

SNS interoperability.

As illustrated above, SNS interoperability comes in favour of many market participants, but it

will weaken the position of the market leader. According to theoretical findings and market

observations, interoperability will only be achieved by market forces if it is pushed by a

consortium of smaller SNOs which are benefiting from it. This consortium will succeed if its

combined market power is larger than the current market leader’s [269]. For instance, the

widely spread SNS interoperability standard OpenSocial is currently supported by the SNSs

MySpace, StudiVZ, and Xing, and are far away from endangering the market leader of FB

[271]. Another solution to enforce SNS interoperability would be by governmental regulation

(e.g. as a part of an updated GDPR), though the GDPR embedded “right to data portability”

might enforce general efforts for interoperability standards [275].

In summary, SNS interoperability breaks the direct network effects in consumption on the user

side and the lock-in effects of SNSs (see Figure 18). It increases the remaining competition

factors usability and trust for the SNOs, the latter consisting of user privacy and data security.

Furthermore, it breaks the MHG feedback-loop identified in chapter 2 and weakens the

monopoly tendencies of the SNS market. It is to expect that SNS interoperability has a positive

influence on user privacy as a competitive factor for the SNS market. The findings are

summarized below in Figure 18.

Figure 18. Interoperability: SNS Market Role and Impacts.


5.2.4 The Concept of Privacy Trust Banks

The notion of privacy trust banks (PTB) describes a digital service as an intermediary for PD

transaction between the user and an online service; it originates from Clarkes illustration of a

digital persona [276]. The PTB concept represents that internet users store their PD in a trusted

service, the PTB, which then shares this data as an intermediary with third services instructed

by and in favour of the users [277]. Thereby, the PTB is “intended to enable consumers to

control their own digital persona” [278]. For the situation of SNSs, one can visualise the role

of the PTB as follows: An individual stores her PD, such as her name, address, phone number,

birthdate, email, and a profile photo in the PTB which appears best to her in terms of data

security and privacy. Then she decides to use a certain SNS and as a payment for the usage, she

allows the SNO access to some of her PD via the PTB. Therefore, she logs in the SNS via the

PTB and can then manage the SNO’s PD access within the PTB’s interface. The idea of PTB

services is already available in modifications (e.g. as open standard and decentralized

authentication protocol OpenID which allows users to login with their Yahoo, Microsoft or

Google accounts into third services and manage their data access over the corresponding

interface) [279]. In addition, FB offers a similar service which allows its users to login to

external applications with their FB accounts. However, to this day and to the author’s best

knowledge no successful external PTB with a focus on data security and user privacy exists.

Nonetheless, the existence of external PTBs as intermediaries between the SNS user and the

SNO is assumed in the following. Such a PTB could be created by governmental business

creation or state ordered corporate unbundling of an SNS. The effects of PTBs on the SNS

market would be similar to the effects of data portability (cf. subchapter 5.2.2); user switching

costs would decrease and users could easily register to different SNSs via one PTB account,

which may increase MHG behaviour. Assuming that the PTBs act in the best interest of their

users, they can work as a representative for them and negotiate with SNOs to increase data

security and lower the price of SNS usage in terms of less demanded PD. This reduces IA and

provides a solution to the principal-agent dilemma described in subchapter 3.2 because as more

users of a specific SNS a PTB unites, as more bargaining power the PTB gains for the

negotiation with the SNO. In contrast to a single user, the PTB can control the data access and

usage of an SNS. In this way, strong PTBs uniting many SNS users would force SNOs to offer

data-minimising services and drive SNOs into competition for user privacy and data security.

However, the SNS direct network effects on the user side would be unbroken and PTBs would


likely have less influence on the privacy and data security practices of existing SNSs with large

user bases such as FB.

The two obstacles for independent PTBs are their technological feasibility and their market

role. First, using an SNS requires much more PD than the name and email of a user. Users state

a list of their friends, like and follow celebrities and brands, and interact with each other via

personal messages and postings. If all this data had to be transferred via the PTB, the PTB

would not only have to reflect the SNSs in functionality, but the transfer would also require an

API and a standard open data format as in the case of SNS interoperability (cf. subchapter

5.2.3). While FB allows access to friend lists and the publication of newsfeed posts by external

apps via API, sending personal messages still requires FB or its applications. Furthermore,

editing friend lists and SNS profiles still requires using the FB website or the corresponding

application.33 Berners-Lee put explained the problem, stating that each SNS “is a silo, walled

from the others […] a closed silo of content, and one that does not give you full control over

your information in it” [260]. It is unreasonable for SNOs to give managing access to third

parties such as PTBs, because it is against their economic and data security interests. The walled

data and the privilege of analysing it for commercial purposes is the business model core of

SNOs (cf. subchapter 5.1). Furthermore, attacks on a market-leading PTB could easily lead to

a data breach in many SNSs. Even if SNOs were forced by regulations to allow managing access

for PTBs, the development and implementation of a wide-ranging standard data format for SNS

information and its API would represent a large effort in time and money for SNOs and PTBs

(cf. subchapter 5.2.3).

The other challenges for independent PTBs are their business model and market role. If PTBs

are not government-funded (e.g. as a part of consumer protection), they require a profitable

business model. Two plausible solutions exist, either the PTBs can charge users directly for data

security and privacy (e.g. privacy-friendly mail services or data security applications)34 or they

adopt the SNO business model and utilize the entrusted PD to stay profitable. The first option

would reduce their possible customer base, because the user willingness to pay for privacy and

data security is relatively small [73]. The second business model would drive PTBs into a

conflict of interest, because they have to advocate for data protection and minimization in the

33 cf. https://www.facebook.com/about/privacy/your-info (accessed 20.10.2017).

34 mailbox.org; posteo.de; boxcryptor.com; (accessed 07.12.2017).


interest of their costumers, but require enough PD to operate profitably. Regarding their market

role, PTBs would act as MSPs similar to the current role of SNSs, with the SNS users as

customers on the one side and the SNSs on the other (see Figure 18). As an intermediary for

PD, PTBs would be subject to similar effects as SNSs (cf. subchapter 2.2). After creating a PTB

account and entering all their PD, users would suffer from lock-in effects and corresponding

switching costs barriers. In addition, direct network effects on the user side would occur as

described above, and these combined effects could lead to monopoly tendencies similar to those

observed at the SNS market (cf. subchapter 5.1). A PTB with a large user base would gain

strong market power to negotiate the best terms for its users, which would then attract new

users. In addition, users may struggle to switch to another PTB due to the effort of PD transfer

and personal setting adjustments they put into their existing PTB account. Furthermore, SNOs

are interested making the situation for PTBs as complicated as possible to ensure their own

business model and keep their users from using PTBs. Finally, the implementation of PTBs

would force SNOs to focus on their second competitive factor besides PD and increase the

competition for user time spent in their SNS.

In summary, PTBs would force SNOs in a competition for data minimization and security, but

also for user time and attention within their SNSs. They would increase transparency, data

control, and user privacy, and decrease users switching costs for SNSs. However, the

implementation of PTBs is difficult, due to uncertainties in financing as well as the costs and

effort to develop a corresponding data format for SNS interactions. PTBs would act as MSPs

similar to SNSs, and therefore lack the same switching costs, lock-in and network effects on

the user side, including tendencies for market monopolies. The impacts of PTBs on the SNS

markets are illustrated below in Figure 19.


Figure 19. Privacy Trust Bank: Market Role and Impacts.

5.2.5 Further Ideas

Several other ideas for the economic respective governmental regulation of privacy for SNSs

are in discussion. According to their impact on privacy as a competition factor, these concepts

are addressed and analysed briefly in the following paragraphs, without any claim to

completeness.

In the legal studies data security and privacy rights have recently been compared to

environmental protection law. The analogy is that “like the exhaust and use of chemical

compounds, the omnipresent generation and subsequent use of personal data can impact

individuals as well as society as a whole” [280]. The idea arising from that analogy is creating

a data tax similar to ecological taxation, which taxes businesses for their amount of gathered

PD. A concept which was proposed in 2013 by the French government [281]. However, this

idea should not be confused with the notion of internet taxes, which describes taxing internet

access or subject e-commerce to an extra levy [282]. The implementation of a data tax has some

obstacles. For example, globally acting online businesses such as SNSs can store their data in

any place in the world, and it is complicated for a single nation to measure the stored data of

their citizens. Moreover, it is difficult to determine whether the gathered data is PD or not.


Therefore, the simplest way is to tax the generated data flow to the business is on a national

level.

The economic impacts of such taxation are the incentives for online businesses to embrace data

minimization and for SNOs to gather the most valuable PD. The tax could also cause SNSs and

other online services to implement more targeted advertisement or resell the gathered PD to

compensate for the tax. Furthermore, the data tax constitutes a market entry barrier for

newcomers. Big players such as FB or Google started offering their service and gathering PD

long before developing a profitable business model [102, 283]. A data tax would set an incentive

for online services to perform data minimization, but would not necessarily lead to more user

privacy or make it a competitive factor. However, a data tax creates a market entry barrier and

solidifies the current monopoly tendency of the SNS market (cf. subchapter 5.1).

In his book “Who owns the future” Lanier proposed compensating internet users for the profit

they create by disclosing PD [18]. Apart from the technical problem of linking individual

internet or SNS users to the share of profit caused by their revealed PD, this proposal also

contains economic risks. As other scholars have argued, a compensation system for PD would

lead to an economization of PD disclosure [284]. Users would have the incentive to disclose as

much PD as possible to SNSs and other online services to increase their chance for high

compensation. Similar to the “predatory ads” pointed out by O’Neil [14], this aims at the less

privileged population to contribute all their PD to online services to gain a share of the

compensation. Thus, a compensation system for PD would undermine the human rights aspect

of privacy and jeopardise the concept of privacy in general [15, 284].

As stated by Evans, web-based businesses are likely to become a target of antitrust campaigns

due to their character as Schumpeterian industries [285]. The utilisation of network effects to

gain and secure a market-dominating position in SNS markets shows similarities to the

backgrounds of the antitrust cases against IT firms such as IBM and Microsoft [285, 286].

Furthermore, because of the internet market’s development speed, the MSP character of most

of its participants, and the interconnectedness including dependencies and rivalries, antitrust

complaints are likely to occur [115, 285]. For instance, a competitor of FB could argue that it

cannot reach its potential customers due to FB’s network effects or its non-existent

interoperability (cf. subchapter 5.2.3).


Apart from the legal difficulties of proceeding with an antitrust complaint against an MSP, the

economic effects of a successful antitrust campaign and the resulting company unbundling are

of interest. As indicated in subchapter 5.2.4, the unbundling of an SNS could create a company

that is solely responsible for the management of users’ digital persona. Such a firm can evolve

to a PTB, which might increase user privacy, depending on the business model (cf. 5.2.4).

Furthermore, an unbundling of the SNS market leader would create an opportunity for the

evolvement of a privacy-friendly competitor or increase the markets competition in general,

which would strengthen all SNS competitive factors including trust and the related user privacy.

However, another possible outcome of an antitrust complaint is governmental ordered

interoperability, including the privacy enhancing impacts illustrated in subchapter 5.2.3.

Antitrust campaigns on the SNS market might, but not necessarily must, have a positive

influence on user privacy. Without the previously illustrated PTBs or interoperability as an

outcome, they can be considered as privacy neutral and they have no impact on user privacy as

a competitive factor for the SNS market.

The last proposal to discuss is the German idea of an algorithm “TÜV”35 as recommended by

the Chaos Computer Club, the German consumer advice centres, and the German Minister of

Justice Heiko Maas [223]. The idea is to create a governmental audit authority to check BD

algorithms in advance when they make sensible decisions about consumers autonomously. The

aims of the algorithm “TÜV” are to make data collection and analysis more transparent for

consumers and affected persons, and to prevent distorting effects by automated decisions in BD

[223, 287]. Although the most common examples of the need for an algorithm “TÜV” are

decisions made by autonomously driving cars, such an authority could also have impacts on

user privacy in SNSs. A stately audit would ensure that SNOs obey the GDPR and implement

the corresponding data security and privacy elements (cf. subchapter 4.2). It could also prevent

SNS advertisement algorithms from being used for religious or racial discrimination as

happened with FB (cf. [207]). Furthermore, the increase in algorithm transparency would force

the business into a competition for less discriminating and more trustworthy algorithms [288].

Thus, an “algorithm TÜV” would not directly make user privacy a competition factor, but could

enhance privacy via improved transparency and the competition for trustworthy processes.

35 “TÜV” is a German abbreviation standing for “Technischer Überwachungsverein” that is translatable to

“technical monitoring association”. The association is responsible for the monitoring of cars and other

technical products in Germany (see https://www.tuv.com/; last access 26.11.2017).


5.3 Conclusion

In subchapter 5.1, the challenge of user privacy in SNSs is investigated from an economic

perspective. The aim was to answer R4.a and analyse whether competition between SNSs tends

to decrease or enhance user privacy. Therefore, it is first clarified that SNSs are MSPs with at

least two sides: users and advertising clients. Furthermore, the traded goods within SNS markets

are characterized from the three viewpoints of users, advertisers, and SNOs. It is also shown

that SNS membership and usage are club goods from a user perspective, while targeted

advertisement is a private good from an advertiser and SNO viewpoint. Moreover, SNOs

compete for advertisers on one side, and on the other side they compete for users’ membership

and more intensely for users’ time. To attract the advertisers, SNOs must maximize their

targeting for advertisements and the time users spend within their platform. Thus, they have the

incentive to gather as much PD from users as possible and enhance their platform with

additional content, features and services to bind users’ attention and spend time in the SNS.

All analysed factors of competition in the SNS environment contain unilateral privacy

threatening aspects, except for the factor of user trust in an SNS, which is gained by

implementing privacy controls to get users to reveal more data. Furthermore, the fact that users

do not pay in monetary terms for SNS usage but that advertising clients are the crucial revenue

source for SNOs suggests that users might be discriminated against and overpriced in terms of

PD disclosure. The validation by the MSP theory where the MHG side is overpriced and the

single homing side is subsidized provides no sufficient results to verify or reject this

assumption. In summary, this analysis shows that competition in the SNS environment does not

generally harm or improve user privacy. However, the latter seems less likely, unless the

competition for users’ trust outweighs all the other privacy divergent aspects. The case of

competition in the internet MSPs is complex and current statistics do not provide enough data

to answer the question of whether advertisers or users are subsidized by the SNOs.

Nevertheless, the analysis of RQ4.a about whether competition provides a solution for user

privacy in SNSs shows that competition can be assumed to have a negative influence on user

privacy at the present stage.

Consequently, in subchapter 5.2 the most promising parts of the GDPR and supplementary

concepts for governmental regulation were analysed for their opportunities to make user privacy

a competition factor in the SNS market to answer RQ4.b: what interventions can direct the SNS


market dynamics to enhance user privacy? The right to be forgotten as a consistent approach

for the “right to erasure”, the “right to data portability”, the concept of interoperability, and the

model of PTBs were evaluated, and further prominent ideas are briefly addressed. It was found

that the concept of interoperability seems to be the most promising approach to make user

privacy a competition factor for the SNS market, particularly in combination with the “right to

data portability” to enhance competition in general. Interoperability disperses the direct

network effects within users in SNSs and breaks the lock-in effect, especially in combination

with data portability which gives each user the possibility to take her data and walk away to use

another SNS. When network effects are no longer a competition factor, the remaining factors

of usability and trust are strengthened, where trust consists of data security and user privacy.

Thus, user privacy gains a more prominent role in SNS market competition. However, several

economic and technical obstacles to data portability and interoperability exist, as both require

a standard format for data transfer between SNSs. While promising approaches are on-going,

their implementation would be against the economic interest of the market-dominating SNS

and would require a large supporter base among its competitors or direct legal intervention to

be enforced (cf. subchapter 5.2.3).

139

6 Does Economic Competition and Regulation Provide a

Solution for Privacy in SNSs?

The results of this dissertation are proposed as a contribution to analysing user privacy in social

network services (SNSs) and providing proposals for its enhancement via economic and

information system means as well as an economic evaluation. Therefore, it is structured into

five preceding chapters that build on one another and address the dissertation’s research

questions, RQ1 to RQ4. Several open research challenges and topics that are out of the scope

of this dissertation remain. Consequently, this chapter first concludes with a summary and the

main results. Based on the main results’ discussion, this chapter then suggests directions for

future research on user privacy in SNSs.

6.1 Summary and the Main Results

In addition to providing the introduction and presenting the RQs, chapter 1 establishes the first

research frame for the dissertation by describing the character of SNSs as MSPs and illustrating

their business model. It demonstrates that SNOs rely on users to reveal their PD to analyse it

for the purpose of catering targeted advertisements to their business clients. Furthermore, the

chapter provides a state-of-the-art overview of privacy research and its history, approaches,

theories, and typologies. The current mainstream approach to user privacy in SNSs is static,

focusing mainly on legal, behavioural, and computer science. However, this dissertation

provides an economic and information systems approach, addressing the market dynamics that

are influencing user privacy.

Chapter 2 answers the research question RQ1 about the economic participants, architecture,

government, and effects in the SNS ecosystem at the system level, and how they interrelate with

user privacy. The chapter’s aim is to describe the market dynamics on privacy at a system level

and set the second framework for the following investigations. Therefore, the interrelations

within SNSs and the enclosing market structure on user privacy were analysed with SD

modelling. With a literature review investigating SNSs as MSPs, these interrelations were

identified, following a typology of Staykova and Damsgaard [44]. The SD approach provided

a qualitative model and divided the SNSs and their ecosystem interrelations into a core and a

periphery. The model provided insight to understand the influence factors on SNS users’ UDD

140 6 Does Economic Competition & Regulation provide a Solution to Privacy in SNSs?

and their SNS usage in general. The analysis showed that users’ UDD is mainly driven by the

time users spend within a network and the content they add to it, which is positively influenced

by the number of SNS users and the provided SNS features. Furthermore, the time users spend

on SNSs is influenced by the SNS features and by users’ trust in the SNO. This trust is gained

by implementing transparent and effective privacy policies and controls. UGC and UDD are

positive factors for the SNOs profiling capabilities which build the core of their profitable

business model. Finally, the model revealed that user MHG behaviour has a positive influence

on UGC and indirectly on the SNS market competitiveness and secondary negative impacts on

user privacy. Matching these theoretical findings with empirical evidence revealed the MHG

feedback-loop: users’ MHG behaviour strengthens market pressure, which leads to SNOs

implementing more platform features and users spending more time and disclosing more PD in

the dominant network. This feedback-loop facilitates a winner-takes-all outcome for the SNS

market in the long term.

The case study of PD as a PM in SNSs is presented in subchapter 3.1, and it addresses research

question RQ2.a about whether SNS users’ PD disclosure is interpretable as an economic

transaction. The challenge of user privacy in SNSs was approached on an individual level. The

study illustrates that the case of user privacy in SNSs can be understood as an economic

procedure with the legitimate interpretation of the PD disclosure by the users to the SNO as

non-monetary PM for the SNS usage. Regarding this illustration, the economic problem and

the user privacy dilemma becomes evident: in the default of transparency, SNS users lack IA

against SNOs regarding the amount and usage of their disclosed data. The study shows that

users underestimate both the SNO granted rights for data usage and the SNS usage price in

terms of PD. In addition, the study’s experimental part proved that SNS users show price

sensitivity regarding PD. This means that users chose to use less features of SNSs to avoid data

disclosure under the experimental conditions, which indicates that they cannot bring their

privacy preferences into force under present terms.

Subchapter 3.2 answers research question RQ2.b: Can the user privacy dilemma in SNSs be

modelled in classic economic terms? To illustrate the reasons for SNS users’ IA, the contract

conclusion between users and SNOs was modelled as a principal-agent dilemma by contract

theory. The model identified asymmetries in information and in power as leverage points where

SNS users are disadvantaged against SNOs, and which hinder the economic balancing of SNO

profit-seeking and privacy within the SNSs market. Under the distinction of three different

6 Does Economic Competition & Regulation provide a Solution to Privacy in SNSs? 141

cases, it was shown that in non-monopolistic SNS markets, privacy is perceived as a

competitive factor by users and SNOs. Thus, in perfect competition SNOs have the incentive

to provide users with increased transparency and control regarding their PD. Unfortunately, the

current SNS market situation is almost monopolistic in favour of FB [162]. The presented

principal-agent model revealed that under these conditions, regulatory intervention is necessary

to enhance user privacy as a competition factor in the current SNS market. The analysis leads

to the conclusion that a transparency-fostering regulation in combination with ex ante and ex

post TET (i.e. accountability instruments) could achieve a privacy-friendly balance of SNO

profit-seeking and privacy in the current SNS market.

These chapters lead to the conclusion that the current SNS market does not provide sufficient

incentives for SNOs to address the problem of user privacy. Thus, chapter 4 addresses RQ3

about whether governmental regulation provides a regulatory solution for user privacy in SNSs

and its influence on the SNS market. This chapter analysed the GDPR as an example case for

governmental regulation. Therefore, chapter 4 was divided in two subchapters. At first,

subchapter 4.1 provided a multidimensional privacy framework combining state-of-the-art

privacy research results and theories regarding SNSs as a tool to evaluate the GDPR. The

framework consisted of three dimensions: privacy condition, privacy type, and time.

Accordingly, in subchapter 4.2, the framework is used to evaluate the GDPR. The regulation

does not cover all identified privacy dimensions, especially the ex ante dimensions of user

privacy. Beyond that, it was found that the GDPR only provides the incentive for SNOs to

deliver the minimum level of required privacy and does not enforce user privacy as a

competition factor in the SNS market. In addition, parts of the regulation provisions are

technically difficult to implement.

The classic economic theory assumes that the best market outcomes are derived by free

competition. Consequently, chapter 5 addresses the remaining research questions RQ4.a and

RQ4,b about whether competition can enhance user privacy in SNSs and what interventions

may direct the SNS market dynamics to enhance it? Subchapter 5.1 addresses RQ4.a and starts

with a clarification that SNSs constitute MSPs with at least two sides: users and advertising

clients. The traded goods within the SNS market were then characterised from three different

viewpoints: users, advertisers, and the SNO. The results showed that SNS membership and its

usage are club goods from a user perspective, while targeted advertisement constitutes a private

good from an advertiser and SNO viewpoint. Accordingly, SNOs compete for advertisers and


for user membership, and more intensely for users’ time. Providers maximize their targeting of

advertisements to attract the advertising clients. SNOs have the incentive to gather as much PD

from users as possible. Therefore, they enhance their platform with additional features and

services as well as content to bind users’ attention and time to their SNS. The analysis of all

factors of SNS competition revealed that they all contain privacy threatening aspects, except

for the factor of user trust. In addition, the analysis suggests that SNS users might be

discriminated against the advertisers, and therefore overpay in terms of PD disclosure and

utilisation. However, the comparison to market statistics provided no sufficient results to verify

or reject this hypothesis. In summary, subchapter 5.1 shows that the SNS market competition

does not generally harm or improve user privacy. Yet, the privacy harming scenario seems more

likely, unless the competition for users’ trust outweighs all the other privacy-divergent

competition factors. Correspondingly, the inclusion of the current SNS market development

indicates that competition can be assumed to have a negative influence on user privacy at the

present stage.

Correspondingly, subchapter 5.2 analyses the most promising attempts of the GDPR as well

as supplementary concepts for governmental regulation for their ability to make user privacy a

competition factor in the SNS market to answer RQ4.b. The most promising approach was the

concept of interoperability. Particularly in combination with the GDPR enforced “right to data

portability”, it dissolves the direct network effects within users in SNSs and breaks the lock-in

effect. This gives users the opportunity to bag their data and choose their favourite SNS with

regard to the remaining the competition factors of usability and trust. Nonetheless, the concepts

of interoperability and data portability are subject to technical and economic obstacles. First, a

standard format for SNS data transfer and usage is needed to enable data portability and

interoperability. While promising concepts and approaches for such an open standard format

exist (e.g. OpenSocial; cf. subchapter 5.2.3), its broad and effective market implementation

depends on the largest market participant. However, the implementation is not in the economic

interests of the market dominating player because effective data portability and interoperability

would intensify competition and endanger its profits. Thus, the enforcement of the two most

promising concepts need regulatory intervention or a broad base of SNOs supporting,

implementing and further developing them to put the market leader under competition pressure.

The dissertation at hand illustrates that user privacy in online social networks is a problem of

economic market dynamics. Information and power asymmetries hinder users from enforcing

6 Does Economic Competition & Regulation provide a Solution to Privacy in SNSs? 143

their privacy preferences. Furthermore, network effects and switching costs lock them to the

market leading network. This dissertation provides two different ways to economically model

these problems: first, as an interconnected system of different effects with system dynamics

modelling and second, as a principal-agent dilemma in contract theory. Based on this, an

analysis of the European general data protection regulation revealed that this legislation will

not lead to an improvement in user privacy by market competition, but will create an incentive

for the providers to implement the minimum required data security and privacy standard.

Furthermore, subsequent analysis of the present social network market showed that user privacy

is unlikely to be achieved via competition. The following consideration of further approaches

of regulatory interventions illustrated that interoperability and data portability are best suited to

enforcing user privacy as a competition factor in the social network market, despite their

technical and economic difficulties.

6.2 Implications for Future Research

The previous subchapter presents a summary of the addressed research questions and explains

this thesis’ corresponding contributions. Due to the economic and information systems

viewpoint of this dissertation, several unanswered questions and challenges remain that are out

of its scope. Consequently, the main limitations and open questions are discussed in this

subchapter. It illustrates these challenges regarding user privacy in social networks arising in

different research fields and argues for a multidisciplinary research agenda.

The consumption of social media has drastically changed over the last ten years. While FB

started as an SNS that was primarily reached and used through its website on desktop

computers, SNS users now tend to consume social media primarily through their smartphone

and the corresponding SNS apps [289]. Due to the access rights for the smartphone memory

and functions, these apps can reveal more PD than the average use of SNS via a browser and

desktop computer [194, 290, 291]. This dissertation does not include special consideration of

SNS privacy on mobile devices, as it provides a higher level of economic analysis. Thus, mobile

SNS user privacy should receive extra attention in future research, which could build on the

results and answers derived by the dissertation at hand.

The legal and technical implementations of the competition-enhancing measures mentioned in

subchapter 5.2 could be of interest for further research. Interoperability and portability require


a widely adapted standard for social media, which still lacks best practice examples with regard

to feature-rich SNSs such as FB and obeying adequate user privacy. Operational standards could

lead the way to SNSs as interacting running systems of a social web instead of as walled silos

of social content [260]. Furthermore, they could enable the serviceable implementation of

PTBs, which are also interesting topics for further computer science and information systems

research. To the author’s best knowledge, there is no working PTB prototype yet. As described

in this dissertation, PTBs could function as an intermediate between users and SNSs to secure

data security and user privacy by the users of their PD. Thus, the solutions provided in

subchapter 5.2 could be used as a starting point for further research.

Aside from the economic focus of this dissertation, other economic research questions should

be addressed in the future regarding user privacy and SNS business models. While chapter 5

showed that competition between SNSs does not enhance user privacy at the current state,

future research could aim to invent alternative SNS business models that include the

compatibility of privacy and profitability. From a macro-economic viewpoint, it could be

worthwhile to evaluate whether successful online services such as FB and Google contribute to

global economic imbalances. Their profit-to-employee ratio is conspicuously high as is the

average paid salary, which has already led to local social upheaval [292]. Some scholars even

suggest that users are being expropriated by BD businesses [19]. However, these allegations

still require scientific proof.

As mentioned in the introduction of this dissertation, the topic of user privacy has its human

rights aspect in addition to other intersections with political science. Recent events revealed

that SNS targeting can address the darkest and deepest feelings of users due to their PD

disclosure [207]. This enables the opportunity to exploit the financial distress of individuals and

opens the door for political campaigning [12, 14]. Thus, one of the most urgent questions is

about whether SNSs such as FB can be used to manipulate democratic elections and how this

could be prevented to sustain the democratic society [13]. In addition, this precise targeting

might make SNS users more vulnerable to consumption and distribution of fake news, primarily

but not only within political campaigns. Connected to this, the role of internet user privacy and

its adequate level of protection is open to revaluation from a political science viewpoint.

i

Appendix

Literature Review Appendix of Subchapter 2

Authors Year Title Topic Categories

Staykova; Damsgaard 2015 A Typology of Multi-sided Platforms: The Core and the Periphery MSP Framework

Haucap; Heimeshoff 2013 Google, Facebook, Amazon eBay: Is the Internet driving to Competition or Market Monopolization?

MSP Discussion

Armstrong 2006 Competition in Two-Sided Markets MSP Modelling

Choi 2010 Tying in Two-Sided Markets with Multi-Homing MSP Modelling

Evans; Schmalensee 2013 The Antitrust Analysis of Mulit-Sided Platform Businesses MSP Discussion Rochet; Tirole 2003 Platform Competition in Two-sided Markets MSP Modelling

Eisenmann; Parker; Alstyne

2006 Strategies for Two-Sided Markets MSP Discussion

Kwon; Oh; Kim; 2015 One-Sided Competition in Two-Sided Social Platform Markets? An Organizational Ecology Perspective

MSP Discussion

Zhang; Sarvary; 2011 Social Media Competition: Differentiation with User-Generated Content SNS Modelling

Mital; Sarkar; 2011 Multihoming Behavior of Users in Social Networking Web Sites: A theoretical Model

SNS Modelling

Hyytinen; Takalo; 2004 Multihoming in the Market for Payment Media: Evidence from young Finnish Consumers

MSP Emprical

Doganoglu; Wright; 2006 Multihoming and Compatibility MSP Modelling Evans; Schmalensee; 2008 Markets with Two-Sided Platforms MSP Discussion Kane; Alavi; Labianca; Borgatti

2014 What's different about Social Media Networks? A Framework an Research Agenda

SNS Framework

Knoll 2016 Advertising in Social Media: A Review of Empirical Evidence SNS Emprical

Zimmermann; Nolte 2015 Towards balancing Privacy & Efficiency SNS Modelling Nolte 2015 Personal Data as Payment Method in SNS and Users' concerning Price Sensitivity SNS Emprical

Lawani 2016 Improving users trust through friendly Privacy Policies - an empirical Study Privacy Emprical Ahn, Duan, Mela 2011 An Equilibrium Model of User Generated Content MSP Emprical

Tucker 2012 Social Advertising SNS Discussion Zittrain 2009 The Future of the Internet - and how to stop it SNS Discussion

Taylor 2004 Consumer Privacy and the Market for Customer Information Privacy Modelling Tucker 2015 Economics of Privacy and User-Generated Content Privacy Discussion

Kox, Straathof, Zwart 2014 Targeted Advertising, Platform Competition and Privacy MSP Modelling Martin 2013 Transaction Costs, Privacy and Trust SNS Discussion Litt 2013 Understanding Social Network Site Users' Privacy Tool Use SNS Emprical

Jerome 2013 Buying and Selling Privacy: Big Data's different Burdens and Benefits Privacy Discussion Stutzman, Gross, Acquisti 2012 Silent Listeners: The Evolution of Privacy and Disclosure on Facebook SNS Emprical

O'Brien, Torres 2012 Social Networking and Online Privacy: Facebook Users' Perceptions SNS Emprical Lin, Lu 2011 Why People use Social Networking Sites: An empirical Study integrating Network

Externalities and Motivation Theory SNS Emprical

Zhang, Sun, Zhu, Fang 2010 Privacy and Security for Online Social Networks: Challenges and Opportunities SNS Discussion Krasnova 2010 Online Social Networks: Why we disclose SNS Emprical

Acquisti, Gross 2013 Imagined Communities: Awareness, Information Sharing, and Privacy on the Facebook

SNS Emprical

Evans, Schmalensee 2010 Failure to Launch: Critical Mass in Platform Businesses MSP Modelling

Boyd; Ellison 2007 Social Network Sites: Definition, History, and Scholarship SNS Discussion Westin 2003 Social and Political Dimensions of Privacy Privacy Discussion

Beuscart; Mellet 2008 Business Models of the web 2.0: Advertising or the Tale of Two Stories SNS Discussion Tucker 2014 Social Networks, Personalized Advertising, and Privacy Controls. MSP Empirical

Schudy; Utikal 2015 'You must not know about me': on the Willingness to share Personal Data Privacy Empirical Barary Savadkoohi 2012 Personalized Online Promotions - Long-term Impacts on Customer Behavior MSP Discussion Debatin, Lovejoy, Horn, Hughes

2009 Facebook and online Privacy: Attitudes, Behaviors, and unintended Consequences

SNS Discussion

Table 15. Breakdown of the Literature Review.

ii Appendix

Survey & Experiment Appendix of Subchapter 3.1

Survey Question Possible Answers Nutzen Sie Facebook? Ja / Nein

Haben Sie schon einmal Ihre Privatsphäre Optionen bei Facebook geändert? Ja / Nein / Weiß nicht

Inwieweit stimmen Sie folgenden Aussagen zu:

Facebook ist ein vertrauenswürdiger Dienstleister.

Facebook hält sich an die gesetzlich vorgegebenen Normen und Richtlinien um meine Daten optimal zu schützen.

Die Datenverwendungsrichtlinien von Facebook sind ausreichend um meine persönlichen Daten zu schützen.

Die Nutzung von Facebook gehört bei mir zum Alltag.

Stimme gar nicht zu / Stimme zu / weder noch /

Stimme zu / Stimme sehr zu / Keine Angaben

Wie viele Freunde haben Sie circa in Facebook? Zahl zwischen 0 und 2000.

Welche der folgenden Funktionen von Facebook nutzen Sie regelmäßig? Chatten;

Messenger (Chat-App für Smartphones);

Neuigkeiten posten & Neuigkeiten meiner Freunde bzw. abonnierten Seiten lesen, liken, kommentieren;

Veranstaltungen erstellen, dazu einladen bzw. Teilnahme bestätigen;

Fotos hochladen & teilen;

Videos hochladen & teilen;

Spiele spielen oder Musik hören über entsprechende Apps innerhalb Facebooks;

Keine der genannten Funktionen; Angenommen für das Aktivieren und Nutzen – der jeweiligen Funktion – würde

Facebook folgende Daten von Ihnen auswerten und für die eigenen Zwecke der personalisierten Werbung nutzen: - Daten nach Gruppenzugehörigkeit –

Würden Sie die Veranstaltungsfunktion aktivieren?

Würden Sie die Timeline (Neuigkeiten-Funktion) aktivieren? Würden Sie die Foto-Funktion aktivieren?

Würden Sie die Video-Funktion aktivieren?

Würden Sie die Funktion für Spiele und Musik aktivieren?

Ja / Nein / Weiß nicht

Welcher ist Ihr höchster erreichter Bildungsabschluss? Keine Angaben;

Haupt- (Volks-) Schulabschluss;

Realschul- oder gleichwertiger Abschluss;

Fachhochschulreife oder Hochschulreife;

Bachelor Abschluss;

Master oder gleichwertiger bzw. höherer Abschluss;

Sie sind … Weiblich / männlich / keine Angabe

Bitte geben Sie Ihr Alter an! Zahl zwischen 15 und 99;

Table 16. Survey Design.

309 Yes

11 No

Table 17. Distribution FB Users

137 Female

164 Male

8 No answer

Table 18. Gender Distribution.

Appendix iii

5 Haupt- (Volks-) Schulabschluss

30 Realschul- oder gleichwertiger Abschluss

133 Fachhochschul- oder Hochschulreife

50 Bachelor Abschluss

75 Master oder gleichwertiger bzw. höherer Abschluss

16 No answer

Table 19. Educational Achievement Distribution.

Variable Explanation

func.all Total of FB functions used by the participant.

gr.func.all Total of functions chosen by the participant during the experiment.

func.diff Difference between gr.func.all and func.all for the participant.

exp.gr Assigned experiment group (1, 2, 3, or 4).

pr.awa The participant’s level of privacy awareness.

gen.male Gender of the participant (=1 if male).

educ Educational level of the participant.

age The participant’s age.

fb.use Degree of Facebook usage of the participant.

fb.friends Participant’s number of Facebook of friends.

Table 20. Variable Overview

Surevey Raw Data of Subchapter 3.1: CASE "SERIAL" "REF" "QUESTNNR" "MODE" "STARTED" "A101" "A201_01" "A201_02" "A201_03" "A203_01" "A203_02" "A203_03" "A202_01" "A202_03" "A202_04" "A301_01" "A302_01" "A302_01a" "B101_01" "B101_02" "B101_03" "B101_07" "B101_04" "B101_05" "B101_06" "B101_08" "C101_01" "C102_01" "C103_01" "C104_01" "C105_01" "C106_01" "C107_01" "D101" "D102" "D103_01" "D103_01a" "C201_01" "C202_01" "C203_01" "C204_01" "C205_01" "C206_01" "C207_01" "C301_01" "C302_01" "C303_01" "C304_01" "C305_01" "C306_01" "C307_01" "C001_01" "C002_01" "C003_01" "C004_01" "C005_01" "C006_01" "C007_01" "G101_01" "FINISHED" "LASTPAGE" "MAXPAGE" "MISSING" "MISSREL" "DEG_MISS" "DEG_TIME" "DEGRADE"

109 "UmfrageOSN" "interview" 1 T F F F F T 2 2 2 4 580 F F F F T T F F F 4 2 T 1 1 2 2 1 1 "2" T 11 0 0 0 0 100 100

119 "UmfrageOSN" "interview" 1 T F F F T F 1 2 2 5 800 F T F T T F F F F 3 2 20 F 1 1 2 2 1 1 1 "4" T 11 0 0 0 0 100 100

122 "UmfrageOSN" "interview" 1 T F F F T F 1 2 2 4 175 F T T T T F F F F 1 1 2 2 1 5 3 27 F "1" T 11 0 0 0 0 100 100

125 "UmfrageOSN" "interview" 1 T F F F F T 2 2 1 5 105 F T T T F T F F F 2 1 22 F 1 1 1 1 1 1 1 "4" T 11 0 0 0 0 100 100

133 "UmfrageOSN" "interview" 1 T F F T F F 2 2 2 5 380 F F F T T T F F F 2 2 2 5 1 27 F "1" T 11 0 0 0 0 100 100

135 "UmfrageOSN" "interview" 1 T F F F T F 2 3 1 4 1200 F T T T T T F F F 4 2 23 F 2 2 2 1 1 "4" T 11 0 0 0 0 100 100

136 "UmfrageOSN" "interview" 1 T F F T F F 1 2 4 400 F T F T F T F F F 3 1 21 F 1 1 1 1 1 "2" T 11 0 0 0 0 100 100

142 "UmfrageOSN" "interview" 1 T F F T F F 4 2 3 5 1466 F T F T T T F F F 4 1 25 F 2 2 1 1 2 2 2 "4" T 11 0 0 0 0 100 100

143 "UmfrageOSN" "interview" 1 T F F T F F 3 3 3 4 800 F T T T T T T F F 3 2 20 F 1 1 1 1 1 1 1 "3" T 11 0 0 0 0 100 100

144 "UmfrageOSN" "interview" 1 T F F F T F 2 1 2 4 120 F F F T T T F F F 2 2 2 2 2 2 1 5 2 40 F "1" T 11 0 0 0 0 100 100


146 "UmfrageOSN" "interview" 1 T F F F T F 2 4 1000 F T T T F T F F F 4 2 29 F 2 2 2 2 2 2 "2" T 11 0 0 0 0 100 100

152 "UmfrageOSN" "interview" 1 T F F F F T 4 5 150 F T T T T T F F F 4 2 25 F 2 2 2 2 2 2 2 "2" T 11 0 0 0 0 100 100

156 "UmfrageOSN" "interview" 1 T F F F T F 1 1 1 5 250 F T T T F T F F F 2 2 17 F 1 1 1 1 1 1 1 "3" T 11 0 0 0 0 100 100

157 "UmfrageOSN" "interview" 1 T F F T F F 3 3 2 4 70 F T F T F T F F F 3 1 28 F 1 1 1 1 1 1 1 "4" T 11 0 0 0 0 100 100

158 "UmfrageOSN" "interview" 1 T F F F T F 1 2 2 5 1600 F T T T T T F F F 1 1 1 1 1 1 1 4 2 24 F "1" T 11 0 0 0 0 100 100

159 "UmfrageOSN" "interview" 1 T F F F T F 1 2 1 2 1 F F F F F F F F T 1 1 1 1 1 1 1 3 2 29 F "1" T 11 0 0 0 0 100 100


162 "UmfrageOSN" "interview" 1 T F F T F F 2 2 2 2 410 F T T T T T F T F 3 2 26 F 1 "2" T 11 0 0 0 0 100 100

164 "UmfrageOSN" "interview" 1 T F F F T F 2 1 1 4 300 F T T T F F F F F 3 2 21 F 2 2 2 2 2 2 "2" T 11 0 0 0 0 100 100

165 "UmfrageOSN" "interview" 1 T F F T F F 2 2 1 4 200 F F T T T T F F F 3 2 25 F 1 1 1 1 1 1 1 "4" T 11 0 0 0 0 100 100

166 "UmfrageOSN" "interview" 1 T F F F F T 3 3 3 5 200 F T T T T F F F F 2 2 2 2 2 2 1 3 2 23 F "1" T 11 0 0 0 0 100 100

169 "UmfrageOSN" "interview" 1 T F F F T F 3 3 3 2 180 F F T T F F F F F 3 3 24 F 2 2 1 2 1 1 1 "3" T 11 0 0 0 0 100 100

172 "UmfrageOSN" "interview" 1 T F F F T F 3 3 4 4 180 F T T T T F F F F 2 2 2 2 2 2 2 5 2 26 F "1" T 11 0 0 0 0 100 100

173 "UmfrageOSN" "interview" 1 T F F T F F 1 1 1 5 400 F T T T T T F F F 5 1 34 F 1 1 1 1 1 1 1 "4" T 11 0 0 0 0 100 100

174 "UmfrageOSN" "interview" 1 T F F T F F 2 2 2 4 350 F T F T T F F F F 2 1 1 1 1 1 3 1 18 F "1" T 11 0 0 0 0 100 100

177 "UmfrageOSN" "interview" 1 T F F T F F 4 3 2 2 500 F F F T F F F F F 5 2 31 F 1 1 1 2 2 2 1 "4" T 11 0 0 0 0 100 100


179 "UmfrageOSN" "interview" 1 T F F F T F 2 2 2 4 400 F F T T T T F F F 5 2 52 F 1 1 1 1 1 1 1 "3" T 11 0 0 0 0 100 100

183 "UmfrageOSN" "interview" 1 T F F F T F 2 1 2 4 70 F T F F F F F F F 3 2 22 F 2 2 1 2 1 1 "2" T 11 0 0 0 0 100 100

184 "UmfrageOSN" "interview" 1 T F F F F T 2 3 1 5 150 F T T T T T F F F 1 1 2 2 1 1 2 2 1 17 F "1" T 11 0 0 0 0 100 100

185 "UmfrageOSN" "interview" 1 T F F F T F 2 2 3 4 60 F T F T F T F F F 5 1 28 F 1 1 1 1 1 1 1 "3" T 11 0 0 0 0 100 100

189 "UmfrageOSN" "interview" 1 T F F F T F 2 3 4 129 F T T T T T T T F 2 2 16 F 2 2 1 2 2 2 2 "4" T 11 0 0 0 0 100 100

190 "UmfrageOSN" "interview" 1 T F F T F F 4 4 4 5 1000 F F F T T T F F F 5 2 31 F 1 "3" T 11 0 0 0 0 100 100

191 "UmfrageOSN" "interview" 1 T F F F T F 1 2 1 4 100 F T F T F T F F F 3 2 25 F 1 1 1 1 1 1 "2" T 11 0 0 0 0 100 100

192 "UmfrageOSN" "interview" 1 T F F T F F 1 2 1 4 500 F T F T F F F F F 2 1 1 1 1 1 1 3 2 23 F "1" T 11 0 0 0 0 100 100

193 "UmfrageOSN" "interview" 1 T F F F T F 2 2 4 4 300 F T T T T T F F F 2 1 17 F 2 2 1 2 2 1 "4" T 11 0 0 0 0 100 100

iv Appendix

195 "UmfrageOSN" "interview" 1 T F F F F T 1 1 1 4 200 F F F T T F F F F 3 2 29 F 1 1 1 1 1 1 1 "3" T 11 0 0 0 0 100 100

197 "UmfrageOSN" "interview" 2 T 3 0 0 0 0 100 100

200 "UmfrageOSN" "interview" 1 T F F F T F 1 2 1 4 450 F T T T F T F F F 1 1 1 1 1 1 1 3 1 24 F "1" T 11 0 0 0 0 100 100

201 "UmfrageOSN" "interview" 1 T F F T F F 1 1 1 3 400 F F F F F F F F T 6 2 29 F 1 1 1 1 1 2 "2" T 11 0 0 0 0 100 100

202 "UmfrageOSN" "interview" 1 T F F F F T 2 3 2 2 120 F T F T T F F F F 3 1 21 F 2 1 1 1 1 1 "3" T 11 0 0 0 0 100 100

203 "UmfrageOSN" "interview" 1 T F F F T F 2 2 2 5 600 F T T T T F F F F 2 2 2 4 2 25 F "1" T 11 0 0 0 0 100 100

204 "UmfrageOSN" "interview" 1 T F F T F F 1 2 2 5 900 F T F T T T F F F 5 1 27 F 1 1 1 1 1 "2" T 11 0 0 0 0 100 100

206 "UmfrageOSN" "interview" 1 T F F F T F 1 2 1 2 120 F T F T F F F F F 4 1 25 F 2 1 1 2 2 2 2 "4" T 11 0 0 0 0 100 100

207 "UmfrageOSN" "interview" 1 T F F F T F 1 2 1 4 220 F F F T F F F T F 5 1 45 F 1 1 1 1 1 1 "2" T 11 0 0 0 0 100 100


210 "UmfrageOSN" "interview" 1 T F F T F F 3 3 4 5 650 F F F T T T T F F 5 2 53 F 1 1 2 1 "3" T 11 0 0 0 0 100 100

211 "UmfrageOSN" "interview" 1 T F F T F F 2 2 4 150 F T F T T F F T F 3 1 32 F 1 1 1 1 1 1 2 "2" T 11 0 0 0 0 100 100

212 "UmfrageOSN" "interview" 1 T F F F F F 2 2 1 4 450 F T F T T T T F F 1 1 2 2 2 T "1" T 11 0 0 0 0 100 100


217 "UmfrageOSN" "interview" 1 T F F T F F 3 2 2 5 900 F T F T F T F F F 3 1 20 F 1 1 2 2 2 "3" T 11 0 0 0 0 100 100

219 "UmfrageOSN" "interview" 1 T F F F T F 1 1 1 5 260 F T F T T F F F F 2 1 18 F 1 1 1 1 1 "4" T 11 0 0 0 0 100 100


222 "UmfrageOSN" "interview" 1 T F F F T F 1 1 4 600 F T F F T F F F F 1 1 1 1 1 1 4 2 24 F "1" T 11 0 0 0 0 100 100

223 "UmfrageOSN" "interview" 1 T F F T F F 1 3 1 4 300 F T F T T F F F F 3 1 20 F 2 1 2 1 1 1 1 "4" T 11 0 0 0 0 100 100



227 "UmfrageOSN" "interview" 1 T F F F T F 2 1 2 5 150 F T T T T T F F F 2 2 2 2 2 1 1 4 2 25 F "1" T 11 0 0 0 0 100 100

229 "UmfrageOSN" "interview" 1 T F F T F F 3 2 2 4 300 F T T T T F F F F 5 2 31 F 1 1 2 2 1 1 2 "3" T 11 0 0 0 0 100 100

231 "UmfrageOSN" "interview" 1 T F F F F T 2 2 1 4 550 F T F T T F F F F 3 2 17 F 2 1 1 1 1 "4" T 11 0 0 0 0 100 100

234 "UmfrageOSN" "interview" 1 T F F T F F 3 2 1 5 140 F T T T F F F F F 4 2 32 F 1 1 2 2 1 1 1 "3" T 11 0 0 0 0 100 100

235 "UmfrageOSN" "interview" 1 T F F T F F 3 4 2 4 1000 F F T T F T F F F 1 1 2 2 2 2 2 3 2 31 F "1" T 11 0 0 0 0 100 100



239 "UmfrageOSN" "interview" 1 T F F T F F 2 4 2 4 300 F T T T F T F F F 3 2 18 F 1 1 2 2 1 1 1 "2" T 11 0 0 0 0 100 100

240 "UmfrageOSN" "interview" 1 T F F T F F 4 3 2 5 500 F T T F T F F F F 3 2 20 F 2 2 2 2 2 2 1 "4" T 11 0 0 0 0 100 100


243 "UmfrageOSN" "interview" 1 T F F T F F 1 1 1 4 450 F T T T T T F F F 3 1 25 F 1 1 2 1 1 2 "3" T 11 0 0 0 0 100 100

244 "UmfrageOSN" "interview" 1 T F F F T F 2 2 2 5 400 F T T T F F F F F 2 2 2 1 3 1 33 F "1" T 11 0 0 0 0 100 100

245 "UmfrageOSN" "interview" 1 T F F T F F 2 3 2 5 270 F T T F F F F F F 1 1 1 1 1 1 1 2 1 17 F "1" T 11 0 0 0 0 100 100


251 "UmfrageOSN" "interview" 1 T F F F T F 2 4 2 4 250 F T T T T T F F F 4 2 24 F 2 1 1 1 1 1 1 "3" T 11 0 0 0 0 100 100


257 "UmfrageOSN" "interview" 1 T F F F F T 2 1 1 4 T T F T F F F F F 3 3 T 2 1 1 1 1 1 2 "3" T 11 0 0 0 0 100 100

264 "UmfrageOSN" "interview" 1 T F F F F T 4 4 3 5 245 F T T T T F F F F 2 2 2 2 2 2 2 3 2 33 F "1" T 11 0 0 0 0 100 100

265 "UmfrageOSN" "interview" 1 T F F T F F 1 1 2 5 1050 F T F T T F F F F 3 1 19 F 1 1 2 1 1 1 "4" T 11 0 0 0 0 100 100

266 "UmfrageOSN" "interview" 1 T F F F T T 2 3 2 4 325 F T F T F T F F F 4 1 23 F 1 1 1 "2" T 11 0 0 0 0 100 100

267 "UmfrageOSN" "interview" 1 T F F F T F 2 1 1 5 400 F F F T F T F F F 3 2 23 F 1 1 2 1 1 1 1 "2" T 11 0 0 0 0 100 100



271 "UmfrageOSN" "interview" 1 T F F T F F 2 2 2 1 170 F F F F T F F F F 1 1 1 1 1 1 3 1 32 F "1" T 11 0 0 0 0 100 100

273 "UmfrageOSN" "interview" 1 T F F T F F 2 1 1 5 300 F F F T T T T F F 5 1 28 F 1 1 1 1 1 1 1 "4" T 11 0 0 0 0 100 100


275 "UmfrageOSN" "interview" 1 T F F F T F 1 4 2 5 1800 F T F T T T F F F 1 1 2 2 2 2 1 5 1 45 F "1" T 11 0 0 0 0 100 100


278 "UmfrageOSN" "interview" 1 T F F F T F 4 4 4 5 420 F T F T F T F F F 5 2 26 F 2 2 2 2 2 "2" T 11 0 0 0 0 100 100

279 "UmfrageOSN" "interview" 1 T F F F T F 3 2 3 4 270 F T F T T F F F F 3 1 20 F 2 2 2 2 "3" T 11 0 0 0 0 100 100

280 "UmfrageOSN" "interview" 1 F T F F T F 3 4 5 450 F T F T F T F T F 3 1 40 F 1 1 1 1 1 1 "4" T 11 0 0 0 0 100 100

281 "UmfrageOSN" "interview" 1 T F F F F F 1 3 2 4 250 F T T F T F F F F 2 2 1 1 1 1 1 3 2 19 F "1" T 11 0 0 0 0 100 100

282 "UmfrageOSN" "interview" 1 F F F T F F 2 2 2 5 300 F T T F F F F F F 6 2 14 F 1 1 2 1 1 1 1 "2" T 11 0 0 0 0 100 100

286 "UmfrageOSN" "interview" 1 T F F F T F 2 1 1 2 200 F F F T F T F F F 5 1 T 1 2 2 2 2 "4" T 11 0 0 0 0 100 100

291 "UmfrageOSN" "interview" 1 T F F T F F 2 4 4 3 270 F T F F T F F F F 3 1 23 F 2 2 2 2 "3" T 11 0 0 0 0 100 100

295 "UmfrageOSN" "interview" 1 T F F F T F 2 2 2 5 150 F T F T T T F F F 4 1 55 F 1 1 1 1 1 "3" T 11 0 0 0 0 100 100

297 "UmfrageOSN" "interview" 1 T F F F T F 2 1 2 3 190 F T F F T F F F F 2 1 20 F 1 1 1 1 1 1 "2" T 11 0 0 0 0 100 100

299 "UmfrageOSN" "interview" 1 F F T F T F 2 2 2 5 280 F T T T F F F F F 2 2 2 2 1 6 2 16 F "1" T 11 0 0 0 0 100 100

301 "UmfrageOSN" "interview" 1 T F F F T F 2 4 1 5 550 F T T F T T F F F 3 1 21 F 1 1 2 2 2 2 2 "4" T 11 0 0 0 0 100 100


308 "UmfrageOSN" "interview" 1 T F F T F T 3 3 3 4 80 F T T T F T F F F 3 2 18 F 2 2 2 1 1 "3" T 11 0 0 0 0 100 100

309 "UmfrageOSN" "interview" 1 T F F T F F 2 1 2 5 120 F F F T F F F F F 1 1 2 2 2 1 1 5 1 58 F "1" T 11 0 0 0 0 100 100

310 "UmfrageOSN" "interview" 1 T F F F T F 1 2 4 100 F F F T F F F F F 3 1 30 F 1 1 1 1 1 1 1 "4" T 11 0 0 0 0 100 100

312 "UmfrageOSN" "interview" 1 T F F F T F 1 1 2 5 1000 F F T T F T F F F 3 2 21 F 2 1 1 2 1 1 2 "2" T 11 0 0 0 0 100 100

313 "UmfrageOSN" "interview" 1 T F F T T F 3 3 3 4 140 F F T T T F F F F 1 1 2 5 2 34 F "1" T 11 0 0 0 0 100 100

315 "UmfrageOSN" "interview" 1 T F F F T F 2 2 4 150 F F F T F F F F F 4 1 49 F 1 1 2 1 1 1 "2" T 11 0 0 0 0 100 100

316 "UmfrageOSN" "interview" 1 T F F F T F 2 3 2 5 1350 F T F T T T F F F 3 2 22 F 2 1 2 2 2 2 1 "4" T 11 0 0 0 0 100 100

317 "UmfrageOSN" "interview" 1 T F F T F F 3 3 2 4 210 F T F T T T T F F 3 2 75 F 1 1 1 1 1 1 1 "4" T 11 0 0 0 0 100 100


319 "UmfrageOSN" "interview" 1 T F F F T F 3 4 5 190 F T F F F F F F F 5 1 33 F 2 "3" T 11 0 0 0 0 100 100

322 "UmfrageOSN" "interview" 1 F F F F F F 4 4 50 F T F T F F F F F 2 1 62 F 1 1 1 1 "2" T 11 0 0 0 0 100 100

323 "UmfrageOSN" "interview" 1 T F F F T F 3 4 3 5 300 F T F T F F F F F 5 2 28 F 2 "4" T 11 0 0 0 0 100 100

325 "UmfrageOSN" "interview" 1 T F F F F T 500 F T F T F T F F F 2 2 T "1" T 11 0 0 0 0 100 100

326 "UmfrageOSN" "interview" 1 T F F F T F 3 2 3 3 150 F T F T F F F F F 6 1 15 F 2 1 1 2 1 2 "2" T 11 0 0 0 0 100 100


331 "UmfrageOSN" "interview" 1 T F F T F F 3 2 2 4 200 F T F T F F F F F 5 2 50 F 1 1 1 1 1 1 1 "3" T 11 0 0 0 0 100 100

334 "UmfrageOSN" "interview" 1 T F F T F F 1 2 1 2 50 F F F F F F F F T 5 2 T 1 1 1 1 1 1 1 "2" T 11 0 0 0 0 100 100

335 "UmfrageOSN" "interview" 1 T F F F T F 2 2 3 4 350 F F F F F F F T F 5 1 25 F 1 2 2 2 "4" T 11 0 0 0 0 100 100

337 "UmfrageOSN" "interview" 1 T F F F T F 2 1 2 4 400 F T F T F T F F F 1 1 2 2 1 1 1 4 2 27 F "1" T 11 0 0 0 0 100 100


340 "UmfrageOSN" "interview" 1 T F F F F T 2 2 3 350 F F F T T T F F F 3 2 45 F 1 1 1 1 1 1 1 "2" T 11 0 0 0 0 100 100

342 "UmfrageOSN" "interview" 1 F T F F T F 3 2 4 5 400 F F T T F F F F F 2 2 2 2 2 2 2 5 2 38 F "1" T 11 0 0 0 0 100 100

343 "UmfrageOSN" "interview" 1 T F F T F F 1 2 1 5 150 F T F F F F F F F 6 2 18 F 1 1 2 2 2 2 2 "3" T 11 0 0 0 0 100 100

350 "UmfrageOSN" "interview" 1 T F F T F F 3 3 3 4 280 F F T T F F F F F 3 2 23 F 1 1 "4" T 11 0 0 0 0 100 100

351 "UmfrageOSN" "interview" 1 T F F F T F 3 3 2 5 153 F T F T T T T F F 1 1 1 1 1 1 1 3 2 24 F "1" T 11 0 0 0 0 100 100

352 "UmfrageOSN" "interview" 1 T F F T F F 2 2 2 5 1500 F F T T T T F F F 4 1 29 F 1 1 1 1 "2" T 11 0 0 0 0 100 100


357 "UmfrageOSN" "interview" 1 T F F F T F 1 1 1 2 400 F T T T T F F F F 3 2 20 F 1 1 2 1 1 1 "2" T 11 0 0 0 0 100 100

Appendix v

359 "UmfrageOSN" "interview" 1 T F F T F F 1 2 1 4 500 F F T T T T F F F 1 1 1 1 1 1 1 3 1 20 F "1" T 11 0 0 0 0 100 100

360 "UmfrageOSN" "interview" 1 T F F T F F 1 3 2 5 1100 F T T T T T F T F 4 1 25 F 2 2 "3" T 11 0 0 0 0 100 100

365 "UmfrageOSN" "interview" 1 T F F F T F 1 1 1 4 120 F T F T T T F F F 1 2 1 1 3 2 21 F "1" T 11 0 0 0 0 100 100

366 "UmfrageOSN" "interview" 1 T F F T F F 3 2 2 5 700 F T F T T T F F F 3 1 28 F 1 1 1 1 1 2 "3" T 11 0 0 0 0 100 100

369 "UmfrageOSN" "interview" 1 F T F F F F 5 5 5 80 F F F T F F F F F 5 3 T 2 2 2 2 "2" T 11 0 0 0 0 100 100


376 "UmfrageOSN" "interview" 1 T F F T F F 3 2 2 5 1500 F F T T T T F F F 5 1 33 F 1 1 2 2 2 2 1 "2" T 11 0 0 0 0 100 100

378 "UmfrageOSN" "interview" 1 T F F T F F 2 2 2 2 180 F F F T F F F F T 5 2 30 F 1 1 1 1 1 1 1 "4" T 11 0 0 0 0 100 100

379 "UmfrageOSN" "interview" 1 T F F T F F 2 2 2 4 90 F T F F F F F F F 5 2 67 F 1 1 "3" T 11 0 0 0 0 100 100

380 "UmfrageOSN" "interview" 1 F T F F T F 3 2 2 5 180 F T F T F T F F F 1 1 1 1 1 1 2 2 48 F "1" T 11 0 0 0 0 100 100


383 "UmfrageOSN" "interview" 1 T F F F T F 2 2 4 4 20 F F F T F F F F F 2 1 46 F 1 1 1 1 1 1 "2" T 11 0 0 0 0 100 100

384 "UmfrageOSN" "interview" 1 T F F T F F 3 3 2 3 380 F T F F T F F F F 1 2 1 1 4 1 24 F "1" T 11 0 0 0 0 100 100

386 "UmfrageOSN" "interview" 1 T F F T F F 3 3 2 5 140 F T T T F T F F F 5 1 23 F 2 2 1 1 2 "3" T 11 0 0 0 0 100 100

387 "UmfrageOSN" "interview" 1 T F F F T F 1 1 1 4 200 F T F F T F F F F 3 1 20 F 1 1 1 1 "4" T 11 0 0 0 0 100 100

389 "UmfrageOSN" "interview" 1 T F F F F T 1 1 1 5 500 F T F T F T F F F 3 1 19 F 1 1 1 1 1 1 2 "2" T 11 0 0 0 0 100 100

390 "UmfrageOSN" "interview" 1 T F F F T F 2 2 1 5 370 F F T F F F F F F 5 1 25 F 1 2 2 1 1 1 1 "2" T 11 0 0 0 0 100 100

392 "UmfrageOSN" "interview" 1 T F F F T F 1 1 1 5 650 F T T T T T T F F 3 2 25 F 2 2 2 1 1 1 "4" T 11 0 0 0 0 100 100

393 "UmfrageOSN" "interview" 1 T F F F T F 1 1 1 5 600 F F F T F F F F F 5 2 24 F 2 1 1 2 2 1 2 "3" T 11 0 0 0 0 100 100

394 "UmfrageOSN" "interview" 1 T F F T F F 2 2 2 3 200 F T T F F F F F F 1 1 1 1 1 1 3 2 26 F "1" T 11 0 0 0 0 100 100

396 "UmfrageOSN" "interview" 1 T F F T F F 3 2 2 4 130 F T F T F T F F F 4 2 25 F 2 1 1 2 2 1 1 "2" T 11 0 0 0 0 100 100

397 "UmfrageOSN" "interview" 1 T F F T F F 3 2 3 5 1030 F T T T T T F F F 3 2 43 F 1 1 1 2 1 "4" T 11 0 0 0 0 100 100

398 "UmfrageOSN" "interview" 1 T F F T F F 3 4 2 4 45 F T T T T T T F F 2 2 2 3 2 34 F "1" T 11 0 0 0 0 100 100

399 "UmfrageOSN" "interview" 1 T F F T F F 2 2 2 5 206 F F F T F T F F F 3 2 43 F 1 1 2 2 2 2 2 "3" T 11 0 0 0 0 100 100

401 "UmfrageOSN" "interview" 1 T F F T F F 2 2 2 5 210 F T T T T T F F F 2 1 2 1 2 2 1 3 2 23 F "1" T 11 0 0 0 0 100 100


410 "UmfrageOSN" "interview" 1 T F F T F F 2 2 2 4 400 F T T T T T F F F 2 1 1 5 2 26 F "1" T 11 0 0 0 0 100 100

414 "UmfrageOSN" "interview" 1 T F F T F F 3 3 2 4 1200 F T F T T T T F F 5 2 41 F 1 "4" T 11 0 0 0 0 100 100

416 "UmfrageOSN" "interview" 1 T F F F T F 1 1 1 5 400 F T T T T T F F F 3 2 23 F 1 1 1 1 1 1 1 "3" T 11 0 0 0 0 100 100


422 "UmfrageOSN" "interview" 1 T F F F T F 2 3 3 4 515 F T T T T F F F F 1 1 2 2 2 2 1 1 1 17 F "1" T 11 0 0 0 0 100 100

424 "UmfrageOSN" "interview" 1 T F F F T F 1 1 1 5 300 F T T T F F F F F 4 2 23 F 2 2 1 2 2 1 2 "4" T 11 0 0 0 0 100 100

425 "UmfrageOSN" "interview" 1 T F F T F F 4 4 3 4 120 F F F T T T F F F 3 1 50 F 1 1 2 2 2 1 1 "3" T 11 0 0 0 0 100 100

428 "UmfrageOSN" "interview" 1 T F F T F F 3 3 3 4 250 F F F T T T T F F 5 2 40 F 1 1 2 2 2 2 "2" T 11 0 0 0 0 100 100

430 "UmfrageOSN" "interview" 1 T F F F T F 1 2 1 4 300 F T T T T T F F F 1 1 1 1 1 3 2 19 F "1" T 11 0 0 0 0 100 100


432 "UmfrageOSN" "interview" 1 T F F F T F 1 1 2 2 120 F F F T F T F F F 3 1 22 F 1 1 2 2 1 1 "4" T 11 0 0 0 0 100 100

433 "UmfrageOSN" "interview" 1 T F F F T F 5 5 5 3 100 F F F T F F F F F 5 2 28 F 1 1 1 1 1 1 1 "3" T 11 0 0 0 0 100 100

435 "UmfrageOSN" "interview" 1 F F T F T F 2 1 3 T T F T F F F F F 1 1 1 1 1 3 2 T "1" T 11 0 0 0 0 100 100


437 "UmfrageOSN" "interview" 1 T F F F T F 1 1 2 2 200 F F F T F T F F F 3 2 40 F 1 1 2 1 1 1 2 "4" T 11 0 0 0 0 100 100

442 "UmfrageOSN" "interview" 1 F F F T F F 1 1 1 2 50 F T F T F F F F F 3 1 21 F 1 1 1 1 1 1 1 "3" T 11 0 0 0 0 100 100

444 "UmfrageOSN" "interview" 1 T F F T F F 2 1 2 4 80 F T T F T F F F F 3 2 24 F 2 2 1 "2" T 11 0 0 0 0 100 100

448 "UmfrageOSN" "interview" 1 T F F T F F 1 1 1 3 255 F T F F F F F F F 1 1 1 1 1 1 1 3 1 22 F "1" T 11 0 0 0 0 100 100

451 "UmfrageOSN" "interview" 1 T F F F T F 1 1 1 2 38 F F F F F F F T F 5 2 34 F 1 1 1 1 1 1 1 "2" T 11 0 0 0 0 100 100

453 "UmfrageOSN" "interview" 1 T F F T F F 3 3 3 5 70 F F F T F T F F F 4 1 36 F 1 1 1 2 "4" T 11 0 0 0 0 100 100

455 "UmfrageOSN" "interview" 1 T F F T F F 2 1 2 4 700 F F F T T F F F F 5 2 40 F 1 1 2 1 1 1 1 "3" T 11 0 0 0 0 100 100

456 "UmfrageOSN" "interview" 1 T F F F T F 4 4 3 150 F T F T F T F F F 1 1 1 1 1 6 1 60 F "1" T 11 0 0 0 0 100 100


459 "UmfrageOSN" "interview" 1 T F F T F F 2 2 2 5 650 F F T T F F F F F 3 1 21 F 1 1 1 1 1 1 1 "4" T 11 0 0 0 0 100 100

460 "UmfrageOSN" "interview" 1 T F F T F F 2 2 2 2 120 F F F F F F F F T 2 2 28 F 1 1 1 1 1 1 1 "3" T 11 0 0 0 0 100 100

465 "UmfrageOSN" "interview" 1 T F F F T F 2 1 1 150 F F F T T F F F F 1 1 1 1 1 1 2 3 1 26 F "1" T 11 0 0 0 0 100 100

466 "UmfrageOSN" "interview" 1 F T F F T F 1 2 2 150 F F F T F F F F F 5 2 45 F 2 2 2 1 2 2 2 "2" T 11 0 0 0 0 100 100

469 "UmfrageOSN" "interview" 1 T F F T F F 3 2 2 5 T T T T F T F F F 2 2 27 F 1 1 1 2 1 1 1 "2" T 11 0 0 0 0 100 100

473 "UmfrageOSN" "interview" 1 T F F F F T 1 1 1 4 350 F T F F F F F F F 3 2 22 F 1 1 1 1 1 1 1 "3" T 11 0 0 0 0 100 100


476 "UmfrageOSN" "interview" 1 F T F F T F 1 1 1 1 9 F F F T F F F F F 1 1 1 1 1 1 2 1 53 F "1" T 11 0 0 0 0 100 100

479 "UmfrageOSN" "interview" 1 T F F F T F 1 1 1 4 50 F F T T T T F F F 5 2 36 F 1 1 2 2 2 1 1 "3" T 11 0 0 0 0 100 100


483 "UmfrageOSN" "interview" 1 T F F F T F 1 5 250 F T T T F F F F F 2 2 2 2 2 2 2 3 2 24 F "1" T 11 0 0 0 0 100 100


488 "UmfrageOSN" "interview" 1 T F F T F F 2 3 2 5 270 F T F T T T F F F 5 1 29 F 1 1 1 1 1 "3" T 11 0 0 0 0 100 100

489 "UmfrageOSN" "interview" 1 T F F F T F 3 2 2 5 500 F T T T F F F F F 5 2 26 F 2 2 2 2 2 1 "4" T 11 0 0 0 0 100 100


491 "UmfrageOSN" "interview" 1 T F F F T F 3 2 2 5 400 F T F F F F F F F 4 2 27 F 1 1 1 1 1 1 1 "2" T 11 0 0 0 0 100 100

492 "UmfrageOSN" "interview" 1 T F F F F T 2 2 1 5 450 F F T T T T F F F 1 1 1 1 1 1 1 3 2 27 F "1" T 11 0 0 0 0 100 100

495 "UmfrageOSN" "interview" 1 T F F F F T 4 4 4 5 400 F T F F T F F F F 4 2 25 F 1 1 1 1 "3" T 11 0 0 0 0 100 100



499 "UmfrageOSN" "interview" 1 T F F T F F 1 2 1 5 180 F T F T F T F T F 2 2 2 2 2 2 2 5 1 27 F "1" T 11 0 0 0 0 100 100

500 "UmfrageOSN" "interview" 1 T F F F T F 4 4 4 5 250 F T T T T F F F F 4 2 26 F 2 2 2 2 2 2 2 "3" T 11 0 0 0 0 100 100



504 "UmfrageOSN" "interview" 1 F F F F T F 2 2 3 5 1500 F F T T T T F F F 4 1 41 F 1 1 2 1 1 1 1 "2" T 11 0 0 0 0 100 100

507 "UmfrageOSN" "interview" 1 T F F T F F 2 2 1 5 350 F T F F T F F F F 4 1 22 F 2 1 2 1 1 "4" T 11 0 0 0 0 100 100

509 "UmfrageOSN" "interview" 1 T F F T F F 3 4 2 5 750 F T F T T T T F F 2 1 2 2 2 2 1 5 1 33 F "1" T 11 0 0 0 0 100 100

510 "UmfrageOSN" "interview" 1 T F F F T F 4 3 3 5 400 F T T T T T F F F 1 1 2 2 2 3 2 20 F "1" T 11 0 0 0 0 100 100




517 "UmfrageOSN" "interview" 1 T F F T F F 3 2 2 4 666 F T F T T F F F F 1 1 2 1 2 1 1 4 1 26 F "1" T 11 0 0 0 0 100 100

519 "UmfrageOSN" "interview" 1 F F T T F F 3 2 3 5 130 F T F T F F F F F 3 2 22 F 2 1 1 2 1 1 1 "4" T 11 0 0 0 0 100 100

520 "UmfrageOSN" "interview" 1 T F F T F F 1 3 3 5 150 F T F F T F F F F 4 2 25 F 1 1 2 2 2 2 2 "2" T 11 0 0 0 0 100 100

522 "UmfrageOSN" "interview" 1 T F F F T F 1 2 2 5 300 F T F T T T F F F 2 1 2 2 2 2 1 3 1 19 F "1" T 11 0 0 0 0 100 100

523 "UmfrageOSN" "interview" 1 F T F F T F 3 2 3 5 500 F T T T T T T F F 6 1 14 F 2 2 2 2 2 2 1 "3" T 11 0 0 0 0 100 100

524 "UmfrageOSN" "interview" 1 T F F F T F 3 2 2 2 350 F F T T F T F F F 2 2 20 F 2 2 2 2 2 2 2 "2" T 11 0 0 0 0 100 100

526 "UmfrageOSN" "interview" 1 F T F F T F 3 3 2 5 300 F T T T T T T F F 6 1 16 F 2 2 2 2 2 2 1 "4" T 11 0 0 0 0 100 100


528 "UmfrageOSN" "interview" 1 T F F F T F 2 2 150 F T T F F F F T F 2 2 2 2 2 2 2 5 2 26 F "1" T 11 0 0 0 0 100 100

vi Appendix

529 "UmfrageOSN" "interview" 1 T F F F T F 2 2 3 5 600 F T F F T F F F F 4 2 24 F 1 1 2 1 1 1 2 "2" T 11 0 0 0 0 100 100


531 "UmfrageOSN" "interview" 1 T F F F T F 2 2 2 5 150 F F F F F F F F T 4 2 26 F 1 1 1 1 1 1 1 "4" T 11 0 0 0 0 100 100


536 "UmfrageOSN" "interview" 1 T F F T F F 2 4 2 5 600 F T T T F T F F F 4 1 25 F 1 1 1 1 1 2 "2" T 11 0 0 0 0 100 100

537 "UmfrageOSN" "interview" 1 T F F T F F 1 1 1 3 160 F F F F F F F F T 1 1 1 1 1 4 1 26 F "1" T 11 0 0 0 0 100 100

541 "UmfrageOSN" "interview" 1 F T F F T F 2 2 2 3 300 F T T T F T F F F 4 1 49 F 1 1 1 1 1 1 "2" T 11 0 0 0 0 100 100

543 "UmfrageOSN" "interview" 1 T F F T F F 3 3 3 5 300 F F T T T T F F F 1 1 1 1 2 2 2 47 F "1" T 11 0 0 0 0 100 100


546 "UmfrageOSN" "interview" 1 F T F T F F 2 2 1 3 80 F T F F F T F F F 5 1 59 F 1 1 1 1 1 1 1 "3" T 11 0 0 0 0 100 100

547 "UmfrageOSN" "interview" 1 T F F F T F 2 2 1 5 600 F F F T T T F F F 2 2 2 2 2 2 1 5 1 38 F "1" T 11 0 0 0 0 100 100


550 "UmfrageOSN" "interview" 1 T F F T F F 2 3 3 2 169 F F F T F F F T F 2 1 62 F 1 1 2 2 2 "4" T 11 0 0 0 0 100 100

554 "UmfrageOSN" "interview" 1 T F F F F T 2 2 1 5 483 F T T T F T F T F 3 1 23 F 1 1 1 1 2 "3" T 11 0 0 0 0 100 100

555 "UmfrageOSN" "interview" 1 T F F T F F 1 1 1 5 570 F T T T T T F F F 3 1 23 F 2 2 2 2 2 "2" T 11 0 0 0 0 100 100



563 "UmfrageOSN" "interview" 1 T F F F T F 1 2 4 220 F F F T T T F F F 5 1 34 F 1 1 1 1 1 "3" T 11 0 0 0 0 100 100

564 "UmfrageOSN" "interview" 1 T F F T F F 1 1 1 5 200 F T F T F T T T F 2 1 32 F 1 1 1 1 1 1 "3" T 11 0 0 0 0 100 100

565 "UmfrageOSN" "interview" 1 T F F T F F 2 2 2 4 150 F F F T T T F F F 1 2 60 F 1 1 1 "2" T 11 0 0 0 0 100 100

566 "UmfrageOSN" "interview" 1 T F F F T F 2 3 2 5 400 F T T T F T T F F 3 2 23 F 2 2 1 2 2 2 "4" T 11 0 0 0 0 100 100


569 "UmfrageOSN" "interview" 1 T F F F T F 4 3 4 4 700 F T T T T T F F F 5 2 40 F 2 2 2 "3" T 11 0 0 0 0 100 100

570 "UmfrageOSN" "interview" 1 T F F T F F 1 2 2 4 120 F F F F F F F F T 1 1 1 1 1 1 1 3 2 50 F "1" T 11 0 0 0 0 100 100

572 "UmfrageOSN" "interview" 1 T F F T F F 2 3 2 4 T F F T T T F F F 6 3 T 2 "4" T 11 0 0 0 0 100 100

574 "UmfrageOSN" "interview" 1 T F F T F F 2 2 2 4 250 F F T F F F F F F 3 1 18 F 2 2 2 1 2 1 2 "2" T 11 0 0 0 0 100 100

575 "UmfrageOSN" "interview" 1 T F F T F F 2 2 2 3 600 F T T T T T F F F 3 2 25 F 1 2 2 2 "4" T 11 0 0 0 0 100 100


579 "UmfrageOSN" "interview" 1 T F F F T F 2 3 2 4 300 F F F T T T T F F 3 1 51 F 1 1 1 1 1 1 1 "3" T 11 0 0 0 0 100 100

583 "UmfrageOSN" "interview" 1 T F F T F F 2 3 2 4 245 F T F T T T F F F 3 3 26 F 1 2 2 2 1 1 "2" T 11 0 0 0 0 100 100

585 "UmfrageOSN" "interview" 1 T F F F T F 2 2 1 5 250 F T T T F F F F F 2 2 1 2 1 1 1 4 2 23 F "1" T 11 0 0 0 0 100 100

588 "UmfrageOSN" "interview" 1 T F F F T F 2 2 2 5 150 F T T T T F F F F 4 2 23 F 1 1 2 2 1 1 1 "3" T 11 0 0 0 0 100 100


595 "UmfrageOSN" "interview" 1 T F F F T F 1 1 1 3 180 F T F T T F F F F 3 2 23 F 1 1 1 1 1 1 "4" T 11 0 0 0 0 100 100


599 "UmfrageOSN" "interview" 1 T F F T F F 2 2 3 5 350 F T F T T T F T F 3 1 31 F 1 1 2 2 2 2 "3" T 11 0 0 0 0 100 100

600 "UmfrageOSN" "interview" 1 T F F T F F 3 2 2 3 200 F F T T T T F T F 1 1 1 1 1 1 1 5 1 45 F "1" T 11 0 0 0 0 100 100

604 "UmfrageOSN" "interview" 1 T F F T F F 2 2 2 5 156 F T F T F F F F F 1 1 1 1 1 5 1 28 F "1" T 11 0 0 0 0 100 100


608 "UmfrageOSN" "interview" 1 T F F T F F 2 2 2 5 1300 F T T T T T F T F 1 1 2 2 2 1 2 5 2 25 F "1" T 11 0 0 0 0 100 100



611 "UmfrageOSN" "interview" 1 F F F T F F 2 3 2 5 700 F F T T T F F F F 3 1 23 F 1 1 2 2 "3" T 11 0 0 0 0 100 100

612 "UmfrageOSN" "interview" 1 T F F F T F 2 4 2 2 467 F F F F T F F F F 1 1 1 1 1 1 1 5 2 29 F "1" T 11 0 0 0 0 100 100


615 "UmfrageOSN" "interview" 1 T F F T F F 2 2 2 4 200 F T T T T T T F F 4 2 35 F 1 1 1 1 1 1 "2" T 11 0 0 0 0 100 100

616 "UmfrageOSN" "interview" 1 T F F T F F 2 3 1 5 450 F T T T T F F F F 3 2 20 F 1 1 2 2 2 2 "3" T 11 0 0 0 0 100 100

618 "UmfrageOSN" "interview" 1 F T F F F T 1 2 1 4 200 F T F F F F F F F 1 1 3 1 23 F "1" T 11 0 0 0 0 100 100

619 "UmfrageOSN" "interview" 1 T F F T F F 2 3 3 4 300 F T F T T T F T F 4 1 26 F 1 1 2 2 1 1 1 "3" T 11 0 0 0 0 100 100

624 "UmfrageOSN" "interview" 1 T F F T F F 1 3 1 5 2000 F T T T T T F F F 2 2 2 2 2 2 1 3 2 20 F "1" T 11 0 0 0 0 100 100



633 "UmfrageOSN" "interview" 1 T F F F F T 2 2 2 4 300 F F F T T T T T F 2 2 27 F 1 1 2 2 1 1 2 "3" T 11 0 0 0 0 100 100


635 "UmfrageOSN" "interview" 1 F T F F T F 3 3 3 5 500 F T T T T T T F F 2 2 2 2 2 2 1 6 2 14 F "1" T 11 0 0 0 0 100 100

636 "UmfrageOSN" "interview" 1 T F F F T F 3 2 2 4 450 F T F T T T T F F 6 1 16 F 2 1 2 2 1 1 1 "4" T 11 0 0 0 0 100 100


645 "UmfrageOSN" "interview" 1 T F F F T F 3 4 3 5 700 F T T T T T T T F 6 1 15 F 2 1 2 2 2 "2" T 11 0 0 0 0 100 100

646 "UmfrageOSN" "interview" 1 T F F F F T 2 4 3 5 500 F T T T T T T T F 2 1 2 2 2 2 6 2 14 F "1" T 11 0 0 0 0 100 100

647 "UmfrageOSN" "interview" 1 T F F F T F 2 4 400 F T T T T T T T F 2 1 2 2 2 2 2 2 2 17 F "1" T 11 0 0 0 0 100 100


649 "UmfrageOSN" "interview" 1 T F F F F T 2 3 3 5 600 F T T T T T T T T 1 1 17 F 2 1 2 2 2 2 2 "2" T 11 0 0 0 0 100 100


651 "UmfrageOSN" "interview" 1 T F F F F T 3 3 3 4 600 F T T T T T T F F 3 1 19 F 2 1 2 1 2 2 1 "4" T 11 0 0 0 0 100 100

652 "UmfrageOSN" "interview" 1 T F F F T F 3 3 3 4 500 F T T T T T T F F 2 2 2 2 2 2 1 3 2 18 F "1" T 11 0 0 0 0 100 100



655 "UmfrageOSN" "interview" 1 T F F F T F 3 3 3 4 200 F T F T T T T F F 3 1 18 F 2 1 2 1 "4" T 11 0 0 0 0 100 100

656 "UmfrageOSN" "interview" 1 T F F F T F 3 3 3 5 360 F T F T T T T T F 3 1 17 F 2 2 1 "2" T 11 0 0 0 0 100 100


659 "UmfrageOSN" "interview" 1 T F F T F F 2 3 3 5 140 F F F T T T F F F 5 1 28 F 1 1 2 2 2 2 "3" T 11 0 0 0 0 100 100

660 "UmfrageOSN" "interview" 1 F F T F T F 1 1 1 5 170 F T F T F F F F F 5 1 29 F 2 2 1 2 2 2 1 "4" T 11 0 0 0 0 100 100

663 "UmfrageOSN" "interview" 1 T F F T F F 3 1 1 3 750 F F F F F F F T F 3 2 27 F 1 1 2 2 2 2 "3" T 11 0 0 0 0 100 100

664 "UmfrageOSN" "interview" 1 T F F F F T 2 2 5 160 F T F F F F F F F 1 1 1 1 1 6 1 18 F "1" T 11 0 0 0 0 100 100

665 "UmfrageOSN" "interview" 1 T F F F T F 3 1 2 5 200 F T T T T F F F F 5 1 29 F 1 2 2 2 2 "4" T 11 0 0 0 0 100 100

666 "UmfrageOSN" "interview" 1 T F F F F T 2 3 2 4 200 F T F T T T T F F 3 1 18 F 2 1 2 2 1 "2" T 11 0 0 0 0 100 100

667 "UmfrageOSN" "interview" 1 T F F F T F 3 3 3 3 500 F T T T T T T F F 2 1 2 1 3 2 18 F "1" T 11 0 0 0 0 100 100

668 "UmfrageOSN" "interview" 1 T F F F T F 2 2 1 2 100 F T F T T T T F F 2 1 1 3 1 20 F "1" T 11 0 0 0 0 100 100


670 "UmfrageOSN" "interview" 1 T F F T F F 2 2 2 3 400 F T T T T T T F F 3 1 18 F 2 1 2 1 1 "2" T 11 0 0 0 0 100 100


672 "UmfrageOSN" "interview" 1 T F F F T F 3 2 1 3 370 F T F T T T F F F 3 1 17 F 2 1 2 1 1 1 "4" T 11 0 0 0 0 100 100

673 "UmfrageOSN" "interview" 1 T F F T F F 2 2 1 4 350 F T F T T T T F F 3 1 18 F 2 1 2 1 "3" T 11 0 0 0 0 100 100

674 "UmfrageOSN" "interview" 1 T F F F F T 3 2 2 4 460 F T F T T T T F F 2 1 2 2 2 2 1 2 16 F "1" T 11 0 0 0 0 100 100

675 "UmfrageOSN" "interview" 1 T F F F T F 3 3 5 600 F T T T T T T T F 2 2 16 F 2 2 2 2 "2" T 11 0 0 0 0 100 100

676 "UmfrageOSN" "interview" 1 T F F F T F 3 3 2 4 500 F T T T T T T T F 2 2 17 F 2 1 2 2 2 2 "4" T 11 0 0 0 0 100 100

677 "UmfrageOSN" "interview" 1 T F F F T F 3 3 3 5 400 F T T T T T T T F 1 1 16 F 2 2 2 2 2 1 "3" T 11 0 0 0 0 100 100

679 "UmfrageOSN" "interview" 1 T F F T F F 2 2 2 5 140 F T F T T T F F F 4 2 28 F 2 2 2 2 "2" T 11 0 0 0 0 100 100

680 "UmfrageOSN" "interview" 1 T F F T F F 2 1 2 4 200 F F T T F F F F F 5 2 28 F 1 1 1 2 1 1 1 "4" T 11 0 0 0 0 100 100

Appendix vii


682 "UmfrageOSN" "interview" 1 T F F F T F 4 4 1 5 1200 F T F T T T F F F 5 2 29 F 1 1 2 2 2 1 1 "3" T 11 0 0 0 0 100 100

683 "UmfrageOSN" "interview" 1 T F F F T F 1 2 2 5 350 F T F T T T F F F 3 1 23 F 1 2 2 2 2 1 "3" T 11 0 0 0 0 100 100

685 "UmfrageOSN" "interview" 1 T F F T F F 2 2 2 4 80 F F T T F T F F F 1 1 2 2 1 5 1 29 F "1" T 11 0 0 0 0 100 100




695 "UmfrageOSN" "interview" 1 T F F T F F 2 1 1 2 120 F T F F F F F F F 1 1 1 1 1 1 2 4 2 27 F "1" T 11 0 0 0 0 100 100




710 "UmfrageOSN" "interview" 1 T F F F T F 1 2 370 F F F T F F F F F 3 1 T 1 1 2 2 2 1 1 "2" T 11 0 0 0 0 100 100

711 "UmfrageOSN" "interview" 1 T F F T F F 2 3 4 5 200 F F T T F T F F F 1 1 1 1 1 1 2 5 1 26 F "1" T 11 0 0 0 0 100 100

723 "UmfrageOSN" "interview" 1 T F F T F F 1 1 1 2 150 F F F F F F F F T 1 1 1 1 1 1 1 3 1 23 F "1" T 11 0 0 0 0 100 100



Table 21. Survey Raw Data.

R Script Data of Subchapter 3.1: # R Script for survey:

# Private Data as Payment Method in Social Network Services?

# by Claus-Georg Nolte

setwd("…")

library(psych)

library(car)

#respond rate

(386/640)*100

(320/640)*100

#general

#run r-data import script

#basics

table(data$A101)

table(data$D101)

table(data$D102)

#Korrekturen

data$age<-data$D103_01

data$fb.friends<-data$A302_01

mean(data$age,na.rm=T)

max(data$age,na.rm=T)

min(data$age,na.rm=T)

mean(data$fb.friends,na.rm=T)

#Daten sortieren

data$pr.opt<-NA #neue Variable f?r ge?nderte Privacy Optionen

data$pr.opt<-ifelse(data$A201_01=="TRUE",1,ifelse(data$A201_02=="TRUE",0,NA))

data$pr.rd<-NA #neue Variable f?r gelesene Datenverwendungsrichtlinien

data$pr.rd<-ifelse(data$A203_01=="TRUE",1,ifelse(data$A203_02=="TRUE",0,NA))

#Geschlecht in Nummern (1=Mann):

data$gender<-as.numeric(recode(data$D102, '"m?nnlich"=1;"weiblich"=2;"keine Angabe"=NA;'))

data$gen.male<-as.numeric(recode(data$gender, '1=1;2=0;'))

data$gen.female<-as.numeric(recode(data$gender, '1=0;2=1;'))

#Bildungsabschluss in Nummern:

data$educ<-as.numeric(recode(data$D101, '

"Haupt-(Volks-)schulabschluss"=1;

"Realschul- oder gleichwertiger Abschluss"=2;

"Fachhochschul- oder Hochschulreife"=3;

"Bachelor Abschluss"=4;

"Master oder gleichwertiger bzw. höherer Abschluss"=5;

"keine Angabe"=NA;' ))

#Je h?her Vertrauen in FB desto niedriger Variable

data$fb.trust1<-recode(data$A202_01, '1=5;2=4;3=3;4=2;5=1;-1="NA";-9="NA";')



#Neue Variable f?r Privacy Awareness:

data$fb.trust1.n<-data$fb.trust1/5



attach(data)

data$pr.awa<-rowMeans(data.frame(pr.opt,pr.rd,fb.trust1.n,fb.trust2.n,fb.trust3.n),na.rm=T)

detach(data)

mean(data$pr.awa,na.rm=T)

#Standardisieren:

data$pr.awa.z<-scale(data$pr.awa)

#Neue Variable f?r FB Nutzerverhalten:

data$fb.use<-recode(data$A301_01, '1=1;2=2;3=3;4=4;5=5;-1="NA";-9="NA";')

viii Appendix

#Neue Variablen f?r FB Funktionsnutzung (Ja=1, Nein=0):

data$func.chat<-recode(data$B101_01,'"TURE"=1;"FALSE"=0;')

data$func.messenger<-recode(data$B101_02,'"TURE"=1;"FALSE"=0;')

data$func.news<-recode(data$B101_03, '"TURE"=1;"FALSE"=0;')

data$func.events<-recode(data$B101_07, '"TURE"=1;"FALSE"=0;')

data$func.pics<-recode(data$B101_04, '"TURE"=1;"FALSE"=0;')

data$func.vids<-recode(data$B101_05, '"TURE"=1;"FALSE"=0;')

data$func.apps<-recode(data$B101_06, '"TURE"=1;"FALSE"=0;')

attach(data)

data$func.all<-rowSums(data.frame(func.chat,func.messenger,func.news,func.events,func.pics,func.vids,func.apps),na.rm=T)

detach(data)

#Neue Variable f?r Experiment-Gruppen Zugeh?rigkeit:

#Gruppe1=MND-x, Gruppe2=MND, Gruppe3=MND+x, Gruppe4=MND+x+y

data$exp.gr<-recode(data$G101_01, '1=2;2=3;3=4;4=1;')

#Neue Variablen f?r Gruppe2=MND (Ja=1, Nein=0):

data$gr2.func.chat<-recode(data$C101_01,'1=0;2=1;-1="NA";-9="NA";')

data$gr2.func.messenger<-recode(data$C102_01,'1=0;2=1;-1="NA";-9="NA";')

data$gr2.func.news<-recode(data$C104_01,'1=0;2=1;-1="NA";-9="NA";')

data$gr2.func.events<-recode(data$C103_01,'1=0;2=1;-1="NA";-9="NA";')

data$gr2.func.pics<-recode(data$C105_01,'1=0;2=1;-1="NA";-9="NA";')

data$gr2.func.vids<-recode(data$C106_01,'1=0;2=1;-1="NA";-9="NA";')

data$gr2.func.apps<-recode(data$C107_01,'1=0;2=1;-1="NA";-9="NA";')

attach(data)

data$gr2.func.all<-rowSums(data.frame(gr2.func.chat,gr2.func.messenger,gr2.func.news,gr2.func.events,gr2.func.pics,gr2.func.vids,gr2.func.apps),na.rm=T)

detach(data)

#Neue Variablen f?r Gruppe3=MND+x (Ja=1, Nein=0):








attach(data)


detach(data)

#Neue Variablen f?r Gruppe4=MND+x+y (Ja=1, Nein=0):








attach(data)


detach(data)

#Neue Variablen f?r Gruppe1=MND-x (Ja=1, Nein=0):








attach(data)


detach(data)

#Anzahl der neu gew?hlten Funktionen ohne R?cksicht auf Gruppenzugeh?rigkeit:

attach(data)

data$gr.func.all<-rowSums(data.frame(gr1.func.all,gr2.func.all,gr3.func.all,gr4.func.all),na.rm=T)

detach(data)

which(data$gr.func.all==8) #sollte nicht vorkommen

#Differenz zw. neu & alt gew?hlten Funktionen:

attach(data)

data$func.diff<-na.omit(gr.func.all-func.all)

detach(data)

#first insights

mean(data$func.diff)

mean(data$func.diff[which(data$exp.gr==1)])




mean(data$gr.func.all)

mean(data$gr.func.all[which(data$exp.gr==1)])




#descriptive statistik

attach(data)

cor.test(pr.awa,fb.use)

cor.test(pr.awa,func.all)

cor.test(pr.awa,fb.friends)

cor.test(pr.awa,educ)

cor.test(age,pr.awa)

cor.test(age,fb.friends)

cor.test(age,func.all)

cor.test(gen.male,pr.awa)

cor.test(gen.male,fb.use)

Appendix ix

cor.test(gen.female,fb.friends)

auswahl<-data.frame(exp.gr,age,gen.male,fb.friends,fb.use,pr.awa,educ,func.all,gr.func.all,func.diff)

d<-describe(auswahl)

c<-corr.test(auswahl)$r

t<-cbind(M=d$mean,SD=d$sd,c)

write.csv2(t,file="Deskriptive Stata OSN.csv")

detach(data)

#Grafiken

attach(data)

hist(age,breaks=80)

hist(pr.awa,breaks=50)

hist(fb.friends,breaks=50)

boxplot(age ~ exp.gr)

boxplot(pr.awa ~ exp.gr)

boxplot(fb.friends ~ exp.gr)

boxplot(fb.use ~ exp.gr)

boxplot(gen.female ~ exp.gr)

boxplot(gr.func.all ~ exp.gr)

boxplot(func.diff ~ exp.gr)

detach(data)

#Varianz-homogenitÃ¤t

attach(data)

leveneTest(age, exp.gr)

leveneTest(pr.awa, exp.gr)

leveneTest(fb.friends, exp.gr)

leveneTest(fb.use, exp.gr)

leveneTest(gen.male, exp.gr)

leveneTest(func.diff, exp.gr)

leveneTest(educ, exp.gr)

#T-Test

t.test(fb.friends ~ gen.male)

detach(data)

#Regression

attach(data)

plot(func.diff ~ exp.gr)

abline(lm(func.diff ~ exp.gr))

summary(lm(func.diff ~ exp.gr))

plot(func.diff ~ pr.awa)

abline(lm(func.diff ~ pr.awa))

summary(lm(func.diff ~ pr.awa))

plot(func.diff ~ gen.male)

abline(lm(func.diff ~ gen.male))

summary(lm(func.diff ~ gen.male))

summary(lm(func.diff ~ educ))

summary(lm(func.diff ~ exp.gr + pr.awa + gen.male + educ))

plot(gr.func.all ~ exp.gr)

abline(lm(gr.func.all ~ exp.gr))

summary(lm(gr.func.all ~ exp.gr))

plot(gr.func.all ~ pr.awa)

abline(lm(gr.func.all ~ pr.awa))

summary(lm(gr.func.all ~ pr.awa))

plot(gr.func.all ~ gen.male)

abline(lm(gr.func.all ~ gen.male))

summary(lm(gr.func.all ~ gen.male))

summary(lm(gr.func.all ~ fb.use))

summary(lm(gr.func.all ~ fb.friends))

summary(lm(gr.func.all ~ age))

summary(lm(gr.func.all ~ educ))

summary(lm(gr.func.all ~ exp.gr + pr.awa + gen.male + age + fb.use + fb.friends))

summary(lm(func.all ~ gen.male))

summary(lm(func.all ~ educ))

summary(lm(func.all ~ pr.awa + age + fb.use + fb.friends + educ))

detach(data)

Table 22. R Script Data.

x Appendix

Table 23. Mean, Standard Error and Correlations.

Figure 20. Histogram of Age.

Appendix xi

Figure 21. Histogram of FB Friends.

Figure 22. Histogram of Privacy Awareness.

xii Appendix

Figure 23. Distribution of Age through Experiment Groups.

Figure 24. Distribution of FB Friends through Experiment Groups.

Appendix xiii

Figure 25. Distribution of used FB Functions through Experiment Groups.

Figure 26. Distribution of Users' Privacy Awareness through Experiment Groups.

xiv Appendix

Figure 27. Distribution of Degree of FB Using through Experiment Groups.

Figure 28. Distribution of chosen Functions through Experiment Groups.

Appendix xv

age over exp.gr:

DF F value Pr(>F)

group 3 0.20 0.89

Table 24. Levene’s Test for Homogeneity of Variance (center = median) for the variable age over exp.gr.

pr.awa over exp.gr:

DF F value Pr(>F)

group 3 0.49 0.69

Table 25. Levene’s Test for Homogeneity of Variance (center = median) for the variable pr.awa over exp.gr.

fb.friends over exp.gr:

DF F value Pr(>F)

group 3 0.23 0.87

Table 26. Levene’s Test for Homogeneity of Variance (center = median) for the variable fb.friends over exp.gr.

fb.use over exp.gr:

DF F value Pr(>F)

group 3 0.53 0.66

Table 27. Levene’s Test for Homogeneity of Variance (center = median) for the variable fb.use over exp.gr.

func.diff over exp.gr:

DF F value Pr(>F)

group 3 0.46 0.71

Table 28. Levene’s Test for Homogeneity of Variance (center = median) for the variable func.diff over exp.gr.

educ over exp.gr:

DF F value Pr(>F)

group 3 0.71 0.55

Table 29. Levene’s Test for Homogeneity of Variance (center = median) for the variable educ over exp.gr.

xvi Appendix

𝑓𝑢𝑛𝑐. 𝑑𝑖𝑓𝑓𝑖 = 𝛽0 + 𝛽1 ∗ 𝑒𝑥𝑝. 𝑔𝑟𝑖

Equation 8. Bivariate Regression for func.diffi with exp.gri as explanatory Variable.


(Intercept) -0.45 0.31 -1.41 0.16

exp.gr -0.24 0.12 -2.08 0.04 *

Signif. codes: 0 ‘***’ 0.001 ‘**’ 0.01 ‘*’ 0.05 ‘.’ 0.1 ‘ ’ 1




Table 30. Bivariate Regression for func.diffi with exp.gri as explanatory Variable.

Figure 29. Bivariate Regression for func.diffi with exp.gri as explanatory Variable.

Appendix xvii

𝑓𝑢𝑛𝑐. 𝑑𝑖𝑓𝑓𝑖 = 𝛽0 + 𝛽1 ∗ 𝑝𝑟. 𝑎𝑤𝑎𝑖

Equation 9. Bivariate Regression for func.diffi with pr.awai as explanatory Variable.


(Intercept) 0.60 0.66 0.91 0.36

pr.awa -2.13 0.85 -2.52 0.01 *

Signif. codes: 0 ‘***’ 0.001 ‘**’ 0.01 ‘*’ 0.05 ‘.’ 0.1 ‘ ’ 1




Table 31. Bivariate Regression for func.diffi with pr.awai as explanatory Variable.

𝑓𝑢𝑛𝑐. 𝑑𝑖𝑓𝑓𝑖 = 𝛽0 + 𝛽1 ∗ 𝑔𝑒𝑛. 𝑚𝑎𝑙𝑒𝑖

Equation 10. Bivariate Regression for func.diffi with gen.malei as explanatory Variable.


(Intercept) -1.38 0.19 -7.21 4.61e-12 ***

gen.male 0.59 0.26 2.29 0.02 *

Signif. codes: 0 ‘***’ 0.001 ‘**’ 0.01 ‘*’ 0.05 ‘.’ 0.1 ‘ ’ 1




Table 32. Bivariate Regression for func.diffi with gen.malei as explanatory Variable.

𝑓𝑢𝑛𝑐. 𝑑𝑖𝑓𝑓𝑖 = 𝛽0 + 𝛽1 ∗ 𝑒𝑑𝑢𝑐𝑖

Equation 11. Bivariate Regression for func.diffi with educi as explanatory Variable.


(Intercept) -2.29 0.47 -4.90 1.6e-06 ***

educ 0.35 0.13 2.74 0.007 **

Signif. codes: 0 ‘***’ 0.001 ‘**’ 0.01 ‘*’ 0.05 ‘.’ 0.1 ‘ ’ 1




Table 33. Bivariate Regression for func.diffi with educi as explanatory Variable.

xviii Appendix

𝑔𝑟. 𝑓𝑢𝑛𝑐. 𝑎𝑙𝑙𝑖 = 𝛽0 + 𝛽1 ∗ 𝑒𝑑𝑢𝑐𝑖

Equation 12. Bivariate Regression for gr.func.alli with educi as explanatory Variable.


(Intercept) 2.15 0.45 4.81 2.4e-06 ***

educ 0.02 0.12 0.14 0.89

Signif. codes: 0 ‘***’ 0.001 ‘**’ 0.01 ‘*’ 0.05 ‘.’ 0.1 ‘ ’ 1



Multiple R-squared: 6.614e-05, Adjusted R-squared: -0.003

Table 34. Bivariate Regression for gr.func.alli with educi as explanatory Variable.

𝑓𝑢𝑛𝑐. 𝑑𝑖𝑓𝑓𝑖 = 𝛽0 + 𝛽1 ∗ 𝑒𝑥𝑝𝑔𝑟𝑖 + 𝛽2 ∗ 𝑝𝑟. 𝑎𝑤𝑎𝑖 + 𝛽3 ∗ 𝑔𝑒𝑛. 𝑚𝑎𝑙𝑒𝑖 + 𝛽4 ∗ 𝑒𝑑𝑢𝑐𝑖

Equation 13. Multiple Linear Regression for func.diffi.


(Intercept) -0.21 0.89 -0.23 0.82

exp.gr -0.30 0.12 -2.57 0.01 *

pr.awa -2.20 0.92 -2.38 0.01 *

gen.male 0.49 0.26 1.87 0.06 .

educ 0.37 013 2.92 0.004 **

Signif. codes: 0 ‘***’ 0.001 ‘**’ 0.01 ‘*’ 0.05 ‘.’ 0.1 ‘ ’ 1




Table 35. Multiple Linear Regression for func.diffi.

i

References

1. Warren, S.D., Brandeis, L.D.: The Right to Privacy. Harvard Law Review, 193–220 (1890)

2. Westin, A.F.: Privacy and Freedom. Washington and Lee Law Review 25(1), 166–170 (1968)

3. Jones, S.: Encyclopedia of New Media. An essential Reference to Communication and Technology. Sage

Publications (2002)

4. Ellison, N.B.: Social Network Sites. Definition, History, and Scholarship. Journal of Computer‐Mediated

Communication 13(1), 210–230 (2007)

5. Westin, A.F.: Social and Political Dimensions of Privacy. Journal of Social Issues 59(2), 431–453 (2003)

6. Orwell, G.: Nineteen Eighty-Four. Secker & Warburg, London, GB (1949)

7. Hammelehle, S.: Prism-Skandal: Orwells "1984" wird in den USA und Großbritannien wieder zum

Bestseller. http://spon.de/adXIS (2013). Accessed 16.11.29017

8. Bollier, D., Firestone, C.M.: The Promise and Peril of Big Data. Aspen Institute, Communications and

Society Program Washington, DC (2010)

9. Smith, H.J., Dinev, T., Xu, H.: Information Privacy Research. An Interdisciplinary Review. MIS quarterly

35(4), 989–1016 (2011)

10. Lyon, D.: Surveillance, Snowden, and Big Data. Capacities, Consequences, Critique. Big Data & Society

1(2) (2014)

11. Seltzer, M.: The Surveillance State of Today. World Economic Forum Annual Meeting, Davos, Swiss, 22

January 2015. https://youtu.be/l51S4dL6BHE. Accessed 3 May 2016

12. Doward, J., Gibbs, A.: Did Cambridge Analytica influence the Brexit vote and the US election?

https://goo.gl/ZKsZJJ (2017). Accessed 16 November 2017

13. Jones, J.J., Bond, R.M., Bakshy, E., Eckles, D., Fowler, J.H.: Social Influence and political Mobilization.

Further Evidence from a randomized Experiment in the 2012 U.S. Presidential Election. PloS one (2017).

doi: 10.1371/journal.pone.0173851

14. O'Neil, C.: Weapons of Math Destruction. How Big Data increases Inequality and Threatens Democracy.

Broadway Books (2017)

15. United Nations: Universal Declaration of Human Rights. UN (1948)

16. Dinev, T.: Why would we care about Privacy? EJIS 23(2), 97–102 (2014)

17. Zhang, C., Sun, J., Zhu, X., Fang, Y.: Privacy and Security for Online Social Networks. Challenges and

Opportunities. IEEE Network 24(4), 13–18 (2010)

18. Lanier, J.: Who owns the Future? Simon and Schuster (2014)

19. Zuboff, S.: Lasst euch nicht enteignen! Unsere Zukunft mit "Big Data". http://www.faz.net/-gsf-7twrt

(2014). Accessed 23 August 2017

20. Mischel, W.: Personality and Assessment. Psychology Press (1968)

21. Pariser, E.: The Filter Bubble. What the Internet is hiding from you. Penguin UK (2011)

22. Marichal, J.: Facebook Democracy. The Architecture of Disclosure and the Threat to Public Life.

Routledge (2016)

23. ITU: Number of Internet Users worldwide from 2005 to 2016. https://goo.gl/SF9uVN (2016). Accessed 7

December 2017

24. Facebook: Facebook Q4 2016 Results. Facebook. https://goo.gl/QwE5c3 (2016). Accessed 7 December

2017

25. Posner, R.A.: Privacy, Surveillance, and Law. The University of Chicago Law Review 75(1), 245–260

(2008)

26. Fuchs, C., Boersma, K., Albrechtslund, A., Sandoval, M.: Internet and Surveillance. The Challenges of

Web 2.0 and Social Media. Routledge (2013)

27. Nolte, C.-G., Zimmermann, C., Müller, G.: Social Network Services' Market Structure and its Influence on

Privacy. In: Amsterdam Privacy Conference, pp. 269–271 (2015)

28. Nolte, C.-G.: Personal Data as Payment Method in SNS and Users’ concerning Price Sensitivity - A Survey.

In: International Conference on Business Information Systems, pp. 273–282. Springer (2015)

29. Zimmermann, C., Nolte, C.-G.: Towards Balancing Privacy and Efficiency. A Principal-Agent Model of

Data-Centric Business. In: International Workshop on Security and Trust Management, pp. 89–104.

Springer (2015)

30. Nolte, C.-G., Brenig, C., Müller, G.: Coherences on Privacy in Social Network Services. A Qualitative

System Dynamics Analysis. In: IFIP Summer School, Karlstad, 21-26.08.2016 (2016)

31. Nolte, C.-G., Schwarz, J., Zimmermann, C.: Social Network Services: Competition and Privacy. In:

Internationale Tagung Wirtschaftsinformatik, St. Gallen (2017)

32. Nolte, C.-G., Rosenberg, B.: The General Data Protection Regulation’s Impact on Privacy. An Assessment

for Social Networks. Submitted for Review: Business & Information Systems Engineering (2018)

ii References

33. Nolte, C.-G.: Options to enhance Privacy Competition in the Social Network Market. Submitted for

Review: Journal of the Association for Information Systems (2018)

34. European Union: Regulation (EU) 2016/679 & Directive (EU) 2016/680 (2016)

35. McAfee, A., Brynjolfsson, E., Davenport, T.H.: Big Data. The Management Revolution. Harvard Business

Review 90(10), 60–68 (2012)

36. World Economic Forum: Personal Data: The Emergence of a New Asset Class. https://goo.gl/EGWqj5

(2011). Accessed 6 December 2017

37. Schermer, B.W.: The Limits of Privacy in Automated Profiling and Data Mining. Computer Law &

Security Review 27(1), 45–52 (2011)

38. Tene, O., Polonetsky, J.: Privacy in the Age of Big Data. A Time for Big Decisions. Stanford Law Review

Online (2012)

39. Beuscart, J.-S., Mellet, K.: Business Models of the Web 2.0. Advertising or the Tale of Two Stories.

Communications & Strategies, Special Issue (2009)

40. Google: The next Chapter for Flu Trends. https://goo.gl/8vNTN7 (2015). Accessed 16 November 2017

41. Enders, A., Hungenberg, H., Denker, H.-P., Mauch, S.: The long Tail of Social Networking. Revenue

Models of Social Networking Sites. European Management Journal 26(3), 199–211 (2008)

42. Müller, G., Flender, C., Peters, M.: Vertrauensinfrastruktur und Privatheit als ökonomische Fragestellung.

In: Internet Privacy, pp. 143–188. Springer (2012)

43. Evans, D.S.: The Economics of the Online Advertising Industry. Review of network economics (2008).

doi: 10.2202/1446-9022.1154

44. Staykova, K.S., Damsgaard, J.: A Typology of Multi-Sided Platforms: The Core and the Periphery. In:

European Conference on Information Systems (2015)

45. Shapiro, C., Varian, H.R.: Information Rules. A Strategic Guide to the Network Economy. Harvard

Business Press (1999)

46. Kane, G.C., Alavi, M., Labianca, G.J., Borgatti, S.: What’s different about Social Media Networks? A

Framework and Research Agenda. MIS Quarterly, forthcoming (2012)

47. Buchmann, J. (ed.): Internet Privacy. Options for adequate Realisation. acatech Study Series. Springer

(2013)

48. Buchmann, J. (ed.): Internet Privacy. A multidisciplinary Analysis. acatech Study Series. Springer (2013)

49. Kox, H.L.M., Straathof, B., Zwart, G.: Targeted Advertising, Platform Competition and Privacy (2014)

50. Hagiu, A., Wright, J.: Multi-Sided Platforms. International Journal of Industrial Organization 43, 162–174

(2015)

51. Hallinan, D., Friedewald, M., McCarthy, P.: Citizens' Perceptions of Data Protection and Privacy in

Europe. Computer Law & Security Review 28(3), 263–272 (2012)

52. Purtova, N.: Property Rights in Personal Data. A European Perspective. Kluwer Law International (2012)

53. Carew, P., Stapleton, L.: Towards a Privacy Framework for Information Systems Development. In:

Vaselicas, O., Wojtowski, W., Wojtowski, G. (eds.) Information Systems Development: Advances in

Theory, Practice and Education, pp. 77–88. Kluwer Academic Press (1999)

54. Burgoon, J.K.: Privacy and Communication. Annals of the International Communication Association 6(1),

206–249 (1982)

55. Pedersen, D.M.: Model for Types of Privacy by Privacy Functions. Journal of Environmental Psychology

19(4), 397–405 (1999)

56. Altman, I.: Privacy - A Conceptual Analysis. Environment and Behavior 8(1), 7–29 (1976)

57. Newell, P.B.: A cross-cultural Comparison of Privacy Definitions and Functions. A Systems Approach.

Journal of Environmental Psychology 18(4), 357–371 (1998)

58. Clarke, R.: Introduction to Dataveillance and Information Privacy, and Definitions of Terms.

https://goo.gl/z3vd2Z (1999). Accessed 6 December 2017

59. Solove, D.J.: Understanding Privacy. Harvard University Press, Cambridge, Mass (2008)

60. Finn, R.L., Wright, D., Friedewald, M.: Seven Types of Privacy. In: European Data Protection: Coming of

Age, pp. 3–32. Springer (2013)

61. Duggan, M., Ellison, N.B., Lampe, C., Lenhart, A., Madden, M.: Social Media Update 2014.

https://goo.gl/44Kgj5 (2015). Accessed 7 December 2017

62. Zittrain, J.: The Future of the Internet - and how to stop it. Yale University Press (2008)

63. Posner, R.A.: The Economics of Privacy. The American Economic Review 71(2), 405–409 (1981)

64. Bundesverfassungsgericht (BVerfG) (1983)

65. Fire, M., Goldschmidt, R., Elovici, Y.: Online Social Networks. Threats and Solutions. IEEE

Communications Surveys & Tutorials 16(4), 2019–2036 (2014)

66. Novotny, A., Spiekermann, S.: Personal Information Markets and Privacy. A new Model to solve the

Controversy. In: Internationale Tagung Wirtschaftsinformatik, Leipzig (2013)

References iii

67. Lin, K.-Y., Lu, H.-P.: Why People use Social Networking Sites. An empirical Study integrating Network

Externalities and Motivation Theory. Computers in Human Behavior 27(3), 1152–1161 (2011)

68. Litt, E.: Understanding Social Network Site Users’ Privacy Tool Use. Computers in Human Behavior

29(4), 1649–1656 (2013)

69. Krasnova, H., Spiekermann, S., Koroleva, K., Hildebrand, T.: Online Social Networks. Why we disclose.

Journal of Information Technology 25(2), 109–125 (2010)

70. Norberg, P.A., Horne, D.R., Horne, D.A.: The Privacy Paradox. Personal Information Disclosure Intentions

versus Behaviors. Journal of Consumer Affairs 41(1), 100–126 (2007)

71. Garg, V., Benton, K., Camp, L.J.: The Privacy Paradox. A Facebook Case Study. In: Research Conference

on Communication, Information and Internet Policy, pp. 1–40 (2014)

72. Stutzman, F., Gross, R., Acquisti, A.: Silent Listeners. The Evolution of Privacy and Disclosure on

Facebook. Journal of Privacy and Confidentiality 4(2), 7–41 (2013)

73. Acquisti, A., John, L.K., Loewenstein, G.: What is Privacy worth? The Journal of Legal Studies 42(2),

249–274 (2013)

74. Grossklags, J., Acquisti, A.: When 25 Cents is Too Much. An Experiment on Willingness-To-Sell and

Willingness-To-Protect Personal Information. In: Workshop on the Economics of Information Security

(2007)

75. Bauer, C., Korunovska, J., Spiekermann, S.: On the Value of Information. What Facebook Users are willing

to pay. In: European Conference on Information Systems (2012)

76. Taylor, C.R.: Consumer Privacy and the Market for Customer Information. RAND Journal of Economics,

631–650 (2004)

77. Tucker, C.: Economics of Privacy and User‐Generated Content. Emerging Trends in the Social and

Behavioral Sciences: An Interdisciplinary, Searchable, and Linkable Resource (2015)

78. Dinev, T., Hart, P.: An extended Privacy Calculus Model for E-Commerce Transactions. Information

Systems Research 17(1), 61–80 (2006)

79. Chellappa, R.K., Shivendu, S.: An Economic Model of Privacy. A Property Rights Approach to Regulatory

Choices for Online Personalization. Journal of Management Information Systems 24(3), 193–225 (2007)

80. Krasnova, H., Veltri, N.F.: Privacy Calculus on Social Networking Sites. Explorative Evidence from

Germany and USA. In: 43rd Hawaii International Conference on System Sciences, pp. 1–10. IEEE (2010)

81. Haucap, J., Heimeshoff, U.: Google, Facebook, Amazon, eBay. Is the Internet driving Competition or

Market Monopolization? International Economics and Economic Policy 11(1-2), 49–61 (2014)

82. Fjell, K., Foros, Ø., Steen, F.: The Economics of Social Networks. The Winner takes it all?, 42.

https://goo.gl/fiajAC (2010). Accessed 7 December 2017

83. Mankiw, N.G.: Principles of Macroeconomics. Cengage Learning (2014)

84. Ciriani, S.: The Economic Impact of the European Reform of Data Protection. Communications &

Strategies(97), 41–58 (2015)

85. Ryz, L., Grest, L.: A new Era in Data Protection. Computer Fraud & Security(3), 18–20 (2016)

86. Allaert, F.A., Barber, B.: Some systems implications of EU data protection directive. European Journal of

Information Systems 7(1), 1–4 (1998)

87. Dammann, U.: Erfolge und Defizite der EU-Datenschutzgrundverordnung. Erwarteter Fortschritt,

Schwächen und überraschende Innovationen, ZD 307 (2016)

88. Hansen, M.: Data Protection by Design and by Default à la European General Data Protection Regulation.

In: Lehmann, A., Whitehouse, D., Fischer-Hübner, S., Fritsch, L., Raab, C. (eds.) Privacy and Identity

Management. Facing up to Next Steps. 11th IFIP International Summer School, Karlstad, Sweden, pp. 27–

38. Springer (2016)

89. Bonneau, J., Preibusch, S.: The Privacy Jungle. On the Market for Data Protection in Social Networks. In:

Economics of Information Security and Privacy, pp. 121–167. Springer (2010)

90. Casadesus-Masanell, R., Hervas-Drane, A.: Competing with Privacy. Management Science 61(1), 229–246

(2015)

91. Dimakopoulos, P., Sudaric, S.: Privacy and Platform Competition. BDPEMS. https://goo.gl/2rjZcu (2017).

Accessed 6 December 2017

92. Alan, R.H. von, March, S.T., Park, J., Ram, S.: Design Science in Information Systems Research. MIS

Quarterly 28(1), 75–105 (2004)

93. Vestager, M.: Competition in a Big Data World. DLD Conferences, Munich, Germany, 17 January 2016.

https://goo.gl/jF9SQb. Accessed 16 November 2017

94. Evans, D.S., Schmalensee, R.: Markets with Two-Sided Platforms. Issues in Competition Law and Policy

(ABA Section of Antitrust Law) 1(28) (2008)

95. Evans, D.S., Schmalensee, R.: Failure to Launch: Critical Mass in Platform Businesses. Review of

Network Economics 9(4) (2010)

iv References

96. Maxwell, J.A.: Designing a qualitative Study. The SAGE handbook of Applied Social Research Methods 2,

214–253 (2008)

97. Rowley, J., Slack, F.: Conducting a Literature Review. Management Research News 27(6), 31–39 (2004)

98. Forrester, J.W.: Industrial Dynamics. Martino Fine Books (2013)

99. Rochet, J.‐C., Tirole, J.: Platform Competition in Two‐Sided Markets. Journal of the European Economic

Association 1(4), 990–1029 (2003)

100. Armstrong, M.: Competition in Two‐Sided Markets. The RAND Journal of Economics 37(3), 668–691

(2006)

101. Knoll, J.: Advertising in Social Media. A Review of Empirical Evidence. International Journal of

Advertising 35(2), 266–300 (2016)

102. Kwon, H.E., Oh, W., Kim, T.-H.: One-Sided Competition in Two-Sided Social Platform Markets? An

Organizational Ecology Perspective. In: International Conference on Information Systems, Fort Worth

(2015)

103. Tucker, C.E.: Social Networks, Personalized Advertising, and Privacy Controls. Journal of Marketing

Research 51(5), 546–562 (2014)

104. Tucker, C.: Social Advertising. How Advertising that explicitly promotes Social Influence can Backfire.

SSRN (2016)

105. Lawani, O., Aïmeur, E., Dalkir, K.: Improving Users’ Trust through friendly Privacy Policies. An Empirical

Study. International Conference on Risks and Security of Internet and Systems, 55–70 (2015)

106. Acquisti, A., Gross, R.: Imagined Communities. Awareness, Information Sharing, and Privacy on the

Facebook. In: International Workshop on Privacy Enhancing Technologies, pp. 36–58 (2006)

107. Schudy, S., Utikal, V.: 'You must not know about me'. On the Willingness to share Personal Data. Journal

of Economic Behavior & Organization(141), 1–13 (2017)

109. Eisenmann, T., Parker, G., van Alstyne, M.W.: Strategies for Two-Sided Markets. Harvard Business

Review 84(10), 92–103 (2006)

110. Ahn, D.-Y., Duan, J.A., Mela, C.F.: An Equilibrium Model of User Generated Content. NET Institute

Working Paper 11(13), 1–53 (2011)

111. Zhang, K., Sarvary, M.: Differentiation with User-Generated Content. Management Science 61(4), 898–

914 (2014)

112. Martin, K.E.: Transaction Costs, Privacy, and Trust. The laudable Goals and ultimate Failure of Notice and

Choice to respect Privacy online. First Monday 18(12-2), 1–21 (2013)

113. Torres, A.M.: Social Networking and Online Privacy. Facebook Users' Perceptions. Irish Journal of

Management 31(2), 63–97 (2012)

114. Barary Savadkoohi, F.: Personalized Online Promotions. Long-term Impacts on Customer Behavior,

Massachusetts Institute of Technology (2012)

115. Evans, D.S., Schmalensee, R.: The Antitrust Analysis of Multi-Sided Platform Businesses. Coase-Sandor

Institute of Law & Economics Papers 623(1), 1–45 (2012)

116. Hyytinen, A., Takalo, T.: Multihoming in the Market for Payment Media: Evidence from young Finnish

Consumers. Bank of Finland Research Discussion Paper(25) (2004)

117. Mital, M., Sarkar, S.: Multihoming Behavior of Users in Social Networking Web Sites. A theoretical

Model. Information Technology & People 24(4), 378–392 (2011)

118. Choi, J.P.: Tying in Two‐Sided Markets with Multi‐Homing. The Journal of Industrial Economics 58(3),

607–626 (2010)

119. Doganoglu, T., Wright, J.: Multihoming and Compatibility. International Journal of Industrial Organization

24(1), 45–67 (2006)

120. Jerome, J.: Buying and Selling Privacy. Big Data's different Burdens and Benefits. Stanford Law Review

Online (2013)

121. Debatin, B., Lovejoy, J.P., Horn, A.‐K., Hughes, B.N.: Facebook and Online Privacy. Attitudes, Behaviors,

and unintended Consequences. Journal of Computer‐Mediated Communication 15(1), 83–108 (2009)

122. Prigg, M.: One more reason to Google yourself: Search Giant to add Privacy Information letting Users see

what it knows about them. http://dailym.ai/1UugkVe (2016). Accessed 16 November 2017

123. The Irish Times: Facebook introduces new Privacy Controls. https://goo.gl/74AMHK (2008). Accessed 21

July 2016

124. Facebook: Facebook Reports First Quarter 2016 Results, California (2016)

125. McKeon, M.: The Evolution of Privacy on Facebook. Changes in Default Profile Settings over Time.

https://goo.gl/kYibv1 (2010). Accessed 7 December 2017

126. Shore, J., Steinman, J.: Did you really Agree to That? The Evolution of Facebook’s Privacy Policy.

Technology Science (2015)

127. Gross, D.: Facebook Privacy now defaults to Friends only. https://goo.gl/hQZ9ur (2014). Accessed 16

November 2017

References v

128. Reckhow, M.: Introducing Instant Articles. https://media.fb.com/2015/05/12/instantarticles/ (2015).

Accessed 16 November 2017

129. Constine, J.: Facebook Watch original Video Tab launches to all U.S. Users. https://goo.gl/MPdYis (2017).


130. Hui, K.-L., Tan, B.C.Y., Goh, C.-Y.: Online Information Disclosure. Motivators and Measurements. ACM

Transactions on Internet Technology (TOIT) 6(4), 415–441 (2006)

131. Krasnova, H., Hildebrand, T., Guenther, O.: Investigating the Value of Privacy on Online Social Networks.

Conjoint analysis. In: International Conference on Information Systems (2009)

132. Acquisti, A.: The Economics of Personal Data and the Economics of Privacy. Carnegie Mellon University.

http://repository.cmu.edu/heinzworks/332/ (2010). Accessed 30 August 2017

133. Hull, G., Lipford, H.R., Latulipe, C.: Contextual Gaps. Privacy Issues on Facebook. Ethics and information

technology 13(4), 289–302 (2011)

134. Hargittai, E.: Facebook Privacy Settings. Who cares? First Monday 15(8) (2010)

135. Dimensional Research: GDPR: Perceptions and Readiness. A Global Survey of Data Privacy Professionals

at Companies with European Customers. Dimensional Research. https://goo.gl/BRTQuc (2016). Accessed

4 December 2017

136. Netter, M., Riesner, M., Weber, M., Pernul, G.: Privacy Settings in Online Social Networks. Preferences,

Perception, and Reality. In: 46th Hawaii International Conference on System Sciences, pp. 3219–3228.

IEEE (2013)

137. Law, J.: A Dictionary of Business and Management. Oxford University Press (2016)

138. Netter, M., Herbst, S., Pernul, G.: Interdisciplinary Impact Analysis of Privacy in Social Networks. In:

Security and Privacy in Social Networks, pp. 7–26. Springer (2013)

139. Malhotra, N.K., Kim, S.S., Agarwal, J.: Internet Users' Information Privacy Concerns (IUIPC). The

Construct, the Scale, and a Causal Model. Information systems research 15(4), 336–355 (2004)

140. Varian, H.R.: Economic Aspects of Personal Privacy. In: Internet Policy and Economics, pp. 101–109.

Springer (2009)

141. Franke, N., Keinz, P., Steger, C.J.: Testing the Value of Customization. When do Customers really prefer

Products tailored to their Preferences? Journal of marketing 73(5), 103–121 (2009)

142. Weitzner, D.J.: Google, Profiling, and Privacy. IEEE Internet Computing 11(6) (2007)

143. Laudon, K.C.: Markets and privacy. Communications of the ACM 39(9), 92–104 (1996)

144. Schwartz, P.M.: Property, Privacy, and Personal Data. Harvard law review 117(1-1), 2056–2128 (2003)

145. Spiekermann, S., Novotny, A.: A Vision for global Privacy Bridges. Technical and legal Measures for

International Data Markets. Computer Law & Security Review 31(2), 181–200 (2015)

146. Acquisti, A.: Privacy in electronic Commerce and the Economics of immediate Gratification. In: 5th ACM

Conference on Electronic Commerce, pp. 21–29. ACM (2004)

147. Campbell, J.E., Carlson, M.: Panopticon.com. Online Surveillance and the Commodification of Privacy.

Journal of Broadcasting & Electronic Media 46(4), 586–606 (2002)

148. Davies, S.G.: Re-Engineering the Right to Privacy. How Privacy has been transformed from a Right to a

Commodity. In: Technology and Privacy, pp. 143–165. MIT Press (1997)

149. Bergelson, V.: It's personal but is it mine? Toward Property Rights in Personal Information. UC Davis L.

Rev. 37, 379–451 (2003)

150. Cuijpers, C.: A Private Law Approach to Privacy. Mandatory Law obliged. SCRIPTed (2007). doi:

10.2966/scrip.040407.304

151. Lessig, L.: Privacy as Property. Social Research 69(1), 247–269 (2002)

152. Purtova, N.: Property Rights in Personal Data. Learning from the American Discourse. Computer Law &

Security Review 25(6), 507–521 (2009)

153. Varian, H.R.: Intermediate Microeconomics. A Modern Approach. WW Norton & Company (2014)

154. Ackerman, M.S., Cranor, L.F., Reagle, J.: Privacy in E-Commerce. Examining User Scenarios and Privacy

Preferences. In: 1st ACM Conference on Electronic Commerce, pp. 1–8. ACM (1999)

155. Westin, A.F.: Harris Louis & Associates: Harris-Equifax Consumer Privacy Survey (1991)

156. Gross, R., Acquisti, A.: Information Revelation and Privacy in Online Social Networks. In: ACM

Workshop on Privacy in the Electronic Society, pp. 71–80. ACM (2005)

157. Spiekermann, S., Dickinson, I., Günther, O., Reynolds, D.: User Agents in E-Commerce Environments.

Industry vs. Consumer Perspectives on Data Exchange. In: Advanced Information Systems Engineering, p.

1029. Springer, Berlin/Heidelberg (2003)

158. Shapiro, S.P.: Agency Theory. Annual Review of Sociology 31 (2005)

159. McDonald, A.M., Cranor, L.F.: Cost of Reading Privacy Policies. ISJLP 4, 543–568 (2008)

160. Nissenbaum, H.: A Contextual Approach to Privacy Online. Daedalus 140(4), 32–48 (2011)

161. van Blarkom, G.W., Borking, J.J., Olk, J.G.E.: Handbook of Privacy and Privacy-Enhancing Technologies.

The Case of Software Agents. The Hague (2003)

vi References

162. StatCounter: Marktanteile von Social Media Seiten nach Seitenabrufen weltweit im Juni 2017.

https://goo.gl/o89egQ (2017). Accessed 4 December 2017

163. Akerlof, G.A.: The Market for "Lemons". Quality Uncertainty and the Market Mechanism. The Quarterly

Journal of Economics, 488–500 (1970)

164. Janic, M., Wijbenga, J.P., Veugen, T.: Transparency Enhancing Tools (TETs). An Overview. In: 3rd

Workshop on Socio-Technical Aspects in Security and Trust, pp. 18–25. IEEE (2013)

165. Hansen, M.: Marrying Transparency Tools with User-controlled Identity Management. The Future of

Identity in the Information Society, 199–220 (2008)

166. Cranor, L.F., Langheinrich, M., Marchiori, M.: A P3P Preference Exchange Language 1.0. (APPEL1.0).

W3C Working Draft. https://goo.gl/NbsZg7 (2002). Accessed 7 December 2017

167. Pretschner, A., Hilty, M., Basin, D.: Distributed Usage Control. Communications of the ACM 49(9), 39–44

(2006)

168. Hanson, C., Berners-Lee, T., Kagal, L., Sussman, G.J., Weitzner, D.J.: Data-Purpose Algebra. Modeling

Data Usage Policies. In: Policies for Distributed Systems and Networks, pp. 173–177. IEEE (2007)

169. Bohrer, K., Liu, X., Kesdogan, D., Schonberg, E., Singh, M., Spraragen, S.: Personal Information

Management and Distribution. In: 4th International Conference on Electronic Commerce Research (2001)

170. Jøsang, A., Ismail, R., Boyd, C.: A Survey of Trust and Reputation Systems for Online Service Provision.

Decision support systems 43(2), 618–644 (2007)

171. Howe, D.C., Nissenbaum, H.: TrackMeNot. Resisting Surveillance in Web Search. Lessons from the

Identity trail: Anonymity, privacy, and identity in a networked society 23, 417–436 (2009)

172. Ashley, P., Powers, C., Schunter, M.: From Privacy Promises to Privacy Management. A new Approach for

Enforcing Privacy throughout an Enterprise. In: Workshop on New Security Paradigms, pp. 43–50. ACM

(2002)

173. Mont, M.C., Pearson, S., Bramhall, P.: Towards accountable Management of Identity and Privacy. Sticky

Policies and enforceable Tracing Services. In: 14th International Workshop on Database and Expert

Systems Applications, pp. 377–382. IEEE (2003)

174. Zimmermann, C., Accorsi, R., Müller, G.: Privacy Dashboards. Reconciling data-driven Business Models

and Privacy. In: 9th International Conference on Availability, Reliability and Security, pp. 152–157. IEEE

(2014)

175. Buchmann, J., Nebel, M., Roßnagel, A., Shirazi, F., Fhom, H.S., Waidner, M.: Personal Information

Dashboard. Putting the Individual Back in Control. Digital Enlightenment Yearbook 2013: The Value of

Personal Data, 139–164 (2013)

176. Fischer-Hübner, S., Hedbom, H., Wästlund, E.: Trust and Assurance HCI. Privacy and Identity

Management for Life, 245–260 (2011)

177. Zimmermann, C., Cabinakova, J.: A Conceptualization of Accountability as a Privacy Principle. In:

International Conference on Business Information Systems, pp. 261–272. Springer (2015)

178. Pearson, S., Charlesworth, A.: Accountability as a Way forward for Privacy Protection in the Cloud. In:

IEEE International Conference on Cloud Computing, pp. 131–144. IEEE (2009)

179. Becker, H.S.: Writing for Social Scientists. How to start and finish your Thesis, Book, or Article.

ReadHowYouWant.com (2010)

180. Dinev, T., Xu, H., Smith, J.H., Hart, P.: Information Privacy and Correlates. An empirical Attempt to bridge

and distinguish Privacy-related Concepts. European Journal of Information Systems 22(3), 295–316 (2013)

181. Crawford, K., Schultz, J.: Big Data and due Process. Toward a Framework to redress Predictive Privacy

Harms. Boston College Law Review 55(1), 93–130 (2014)

182. Trepte, S., Teutsch, D., Masur, P.K., Eicher, C., Fischer, M., Hennhöfer, A., Lind, F.: Do People know about

Privacy and Data Protection Strategies? Towards the "Online Privacy Literacy Scale" (OPLIS). In:

Reforming European Data Protection Law, pp. 333–365. Springer (2015)

183. Petkos, G., Papadopoulos, S., Kompatsiaris, Y.: PScore. A Framework for Enhancing Privacy Awareness in

Online Social Networks. In: International Conference on Availability, Reliability and Security, pp. 592–

600. IEEE (2015)

184. Zeng, Y., Sun, Y., Xing, L., Vokkarane, V.: A Study of Online Social Network Privacy Via the TAPE

Framework. IEEE Journal of Selected Topics in Signal Processing 9(7), 1270–1284 (2015)

185. Abril, P.S.: A (My) Space of one's own. On Privacy and Online Social Networks. Nw. J. Tech. & Intell.

Prop. 6(1), 73–88 (2007)

186. Preibusch, S., Hoser, B., Gürses, S., Berendt, B.: Ubiquitous Social Networks. Opportunities and

Challenges for Privacy-aware User Modelling. In: Workshop on Data Mining for User Modelling at UM

(2007)

187. Spiekermann, S., Acquisti, A., Böhme, R., Hui, K.-L.: The Challenges of Personal Data Markets and

Privacy. Electronic Markets 25(2), 161–167 (2015)

References vii

188. Weber, R.H.: The Digital Future - A Challenge for Privacy? Computer Law & Security Review 31(2), 234–

242 (2015)

189. Kumar, H., Jain, S., Srivastava, R.: Risk Analysis of Online Social Networks. In: International Conference

on Computing, Communication and Automation, pp. 846–851. IEEE (2016)

190. Krishnamurthy, B., Wills, C.E.: Characterizing Privacy in Online Social Networks. In: 1st Workshop on

Online Social Networks, pp. 37–42. ACM (2008)

191. Zheleva, E., Getoor, L.: To Join or not to Join. The Illusion of Privacy in Social Networks with mixed

public and private User Profiles. In: International Conference on World Wide Web, pp. 531–540. ACM,

Madrid (2009)

192. Shakimov, A., Cox, L.P.: Privacy Challenges in the Online Social Networking Era. In: 8th Middleware

Doctoral Symposium. ACM (2011)

193. Greschbach, B., Kreitz, G., Buchegger, S.: The Devil is in the Metadata. New Privacy Challenges in

decentralised Online Social Networks. In: IEEE International Conference on Pervasive Computing and

Communications Workshops, pp. 333–339. IEEE (2012)

194. Henne, B., Szongott, C., Smith, M.: SnapMe if you can. Privacy Threats of other Peoples' geo-tagged

Media and what we can do about it. In: 6th ACM Conference on Security and Privacy in Wireless and

Mobile Networks, pp. 95–106. ACM (2013)

195. Reinbold, F.: Selfie with Merkel Haunts Refugee. Dear Facebook, This Man Is Not a Terrorist.

http://spon.de/aeUkm (2017). Accessed 16 November 2017

196. Pötzsch, S. (ed.): Privacy Awareness. A Means to solve the Privacy Paradox? IFIP Summer School on the

Future of Identity in the Information Society. Springer (2008)

197. Aïmeur, E., Gambs, S., Ho, A.: Towards a Privacy-Enhanced Social Networking Site. In: International

Conference on Availability, Reliability and Security, pp. 172–179. IEEE (2010). doi:

10.1109/ARES.2010.97

198. Zimmermann, C.: Framework and Requirements for Reconciling digital Services and Privacy. In: European

Conference on Information Systems (2016)

199. Hawn, C.: Take two Aspirin and tweet me in the Morning. How Twitter, Facebook, and other Social Media

are reshaping Health Care. Health affairs 28(2), 361–368 (2009)

200. Newman, M.W., Lauterbach, D., Munson, S.A., Resnick, P., Morris, M.E.: It's not that I don't have

Problems, I'm just not putting them on Facebook. Challenges and Opportunities in using Online Social

Networks for Health. In: Conference on Computer supported Cooperative Work, pp. 341–350. ACM (2011)

201. Coviello, L., Sohn, Y., Di Kramer, A., Marlow, C., Franceschetti, M., Christakis, N.A., Fowler, J.H.:

Detecting emotional Contagion in massive Social Networks. PloS one 9(3) (2014)

202. Constine, J.: Facebook Launches “Nearby Friends” With Opt-In Real-Time Location Sharing To Help You

Meet Up. https://goo.gl/VNesvz (2014). Accessed 16 November 2017

203. Facebook: About Location Targeting. https://goo.gl/eialpk. Accessed 16 November 2017

204. Hert, P. de, Papakonstantinou, V.: The proposed Data Protection Regulation replacing Directive 95/46/EC:

A sound System for the Protection of Individuals. Computer Law & Security Review 28(2), 130–142

(2012)

205. Newman, A.L.: What the “Right to be Forgotten” means for Privacy in a Digital Age. Science 347(6221),

507–508 (2015)

206. AuGovPC: Data Availability and Use. Draft Report. https://goo.gl/kmqSND (2016). Accessed 7 December

2017

207. Angwin, J., Varner, M., Tobin, A.: Facebook Enabled Advertisers to Reach ‘Jew Haters’.

https://goo.gl/53iNUf (2017). Accessed 16 November 2017

208. Constine, J.: Facebook is building Brain-Computer Interfaces for Typing and Skin-Hearing.

https://goo.gl/5OC7mA (2017). Accessed 16 November 2017

209. Eurostat: Social Network Penetration in the European Union 2011-2016. Share of Individuals in the

European Union (EU 28) participating in Social Networks from 2011 to 2016. https://goo.gl/w5aMVA

(2016). Accessed 7 December 2017

210. eMarketer: Number of Social Media Users worldwide from 2010 to 2020 (in Billions).

https://goo.gl/mx2hCz (2017). Accessed 7 December 2017

211. van Est, R., Brom, F.: Technology Assessment. Analytic and Democratic Practice. Encyclopaedia of

Applied Ethics 4, 306–320 (2012)

212. Tan, D.R.: Personal Privacy in the Information Age. Comparison of Internet Data Protection Regulations in

the United States and European Union. Loy. L.A. Int'l & Comp. L. Rev. 21(4), 661–684 (1999)

213. Hornung, G.: A General Data Protection Regulation for Europe. Light and Shade in the Commission's Draft

of 25 January 2012. SCRIPTed (2012). doi: 10.2966/scrip.090112.64

214. Kuner, C.: The European Commission's proposed Data Protection Regulation: A copernican Revolution in

European Data Protection Law. Bloomberg BNA Privacy and Security Law Report 11(6), 1–15 (2012)

viii References

215. Traung, P.: The Proposed New EU General Data Protection Regulation: Further Opportunities. Computer

Law Review International(2), 33–49 (2012)

216. Mantelero, A.: The EU Proposal for a General Data Protection Regulation and the Roots of the ‘Right to be

Forgotten’. Computer Law & Security Review 29(3), 229–235 (2013)

217. Victor, J.M.: EU General Data Protection Regulation: Toward a Property Regime for Protecting Data

Privacy. Yale LJ 123(513), 513–528 (2013)

218. Kiss, A., Szőke, G.L.: Evolution or Revolution? Steps forward to a new Generation of Data Protection

Regulation. In: Reforming European Data Protection Law, pp. 311–331. Springer (2015)

219. Kolah, A., Foss, B.: Unlocking the Power of Data under the new EU General Data Protection Regulation.

Journal of Direct, Data and Digital Marketing Practice 16(4), 270–274 (2015)

220. Mayer-Schönberger, V.: Privacy by Regulation. Protecting Personal Data in the Age of Big Data. Keynotes

of Amsterdam Privacy Conference, Amsterdam, 2015

221. WPNO: Verschärfte Sanktionen gegen Datenschutzverstöße nach der DSGVO. Aufgaben der

Aufsichtsbehörde. https://goo.gl/UWu2k6 (2016). Accessed 29 June 2017

222. Schmitt, J., Stahl, F.: How the Proposed EU Data Protection Regulation Is Creating a Ripple Effect

Worldwide. IAPP Privacy Academy 2012, San Jose, CA, USA, 11 October 2012. https://goo.gl/oqEW8Q.


223. Parbel, M.: Verbraucherzentralen fordern „Algorithmen-Tüv“. https://heise.de/-3691265 (2017). Accessed

26.10.0217

224. Schantz, P.: Die Datenschutz-Grundverordnung–Beginn einer neuen Zeitrechnung im Datenschutzrecht.

Neue Juristische Wochenschrift (NJW) 69(26), 1841–1847 (2016)

225. Kerber, W.: Digital Markets, Data, and Privacy. Competition Law, Consumer Law and Data Protection.

Journal of Intellectual Property Law & Practice 11(11), 856–866 (2016)

226. Kamann, H.-G.: Kartellrecht und Datenschutzrecht. Verhältnis einer „Hass-Liebe “? In: Immenga, U.,

Körber, T. (eds.) Daten und Wettbewerb in der digitalen Ökonomie, pp. 59–80. Nomos Verlagsgesellschaft

mbH & Co. KG (2016)

227. Kühling, J.: Neues Bundesdatenschutzgesetz–Anpassungsbedarf bei Unternehmen. Neue Juristische

Wochenschrift: NJW 70(28), 1985–1990 (2017)

228. Roßnagel, A.: Europäische Datenschutz-Grundverordnung – Vorrang des Unionsrechts – Anwendbarkeit

des nationalen Rechts. Nomos Verlag, Baden-Baden (2016)

229. Dehmel, S., Hullen, N.: Auf dem Weg zu einem zukunftsfähigen Datenschutz in Europa? Konkrete

Auswirkungen der DS-GVO auf Wirtschaft, Unternehmen und Verbraucher. Zeitschrift für Datenschutz

3(4), 147–153 (2013)

230. Albers, M.: Prinzipien des Datenschutzrechts. Art. 6 Rn. 10. In: Wolff, H.A., Brink, S. (eds.) Beck’scher

Online-Kommentar Datenschutzrecht, 22nd edn., pp. 1–53 (2017)

231. Faust, S., Spittka, J., Wybitul, T.: Milliardenbußgelder nach der DS-GVO. Ein Überblick über die neuen

Sanktionen bei Verstößen gegen den Datenschutz, ZD 120 (2016)

232. Humphries, M.: Apple will be forced to use micro USB Chargers by 2017. https://goo.gl/7rBvo9 (2014).


233. Facebook: Annual Report 2016. Facebook. https://goo.gl/XreQpM (2017). Accessed 7 December 2017

234. Rodger, A.: Data Privacy Laws: Cutting the Red Tape. Ovum Consulting. https://goo.gl/yVb7St (2016).


235. Vanson Bourne LT: EU General Data Protection Regulation (GDPR). Are you ready for it?

https://goo.gl/JGjUKD (2016). Accessed 4 December 2017

236. Culnan, M.J., Bies, R.J.: Consumer Privacy. Balancing economic and justice Considerations. Journal of

Social Issues 59(2), 323–342 (2003)

237. Trémolet, S., Binderre, D.: Penalties for Non-Compliance. What Penalties are most effective when the

Operator is in non-compliance with Regulatory Rules (e.g. for providing Data, setting Prices, or meeting

Targets)? https://goo.gl/vRsjng (2010). Accessed 4 December 2017

238. Lipford, H.R., Besmer, A., Watson, J.: Understanding Privacy Settings in Facebook with an Audience

View. UPSEC 8, 1–8 (2008)

239. Kelley, P.G., Bresee, J., Cranor, L.F., Reeder, R.W.: A Nutrition Label for Privacy. In: 5th Symposium on

Usable Privacy and Security. ACM (2009)

240. Koops, B.-J.: Forgetting Footprints, shunning Shadows. A critical Analysis of the Right to be Forgotten in

Big Data Practice. SCRIPTed 8(3), 229–256 (2011)

241. Gibbs, S.: Germany orders Facebook to stop collecting WhatsApp User Data. https://goo.gl/avMFsO

(2016). Accessed 16.11.2017

242. Rusthon, K.: DuckDuckGo: The Privacy Search ruffling Google's feathers. goo.gl/TSH8nj (2014).


References ix

243. Bork, R.H., Sidak, J.G.: What Does the Chicago School Teach About Internet Search and the Antitrust

Treatment of Google? Journal of Competition Law and Economics 8(4), 663–700 (2012)

244. Haucap, J., Kehder, C.: Suchmaschinen zwischen Wettbewerb und Monopol: Der Fall Google. In:

Dewenter, R., Haucap, J., Kehder, C. (eds.) Wettbewerb und Regulierung in Medien, Politik und Märkten.

Festschrift für Jörn Kruse zum 65. Geburtstag, pp. 115–154. Nomos Verlagsgesellschaft mbH & Co. KG

(2013)

245. van Eecke, P.: Technology Firms and the European General Data Protection Regulation: How should they

prepare? http://goo.gl/hI7yQJ (2016). Accessed 16 November 2017

246. dpa/AP: Datenschutz-Anpassung: WhatsApp gibt Telefonnummern an Facebook weiter.

http://spon.de/aeOMD (2016). Accessed 25 November 2017

247. Sullivan, D.: Facebook Instant Articles: A Slippery Slope for Google to do the Same, hurting the Web?

goo.gl/ui0PZz (2015). Accessed 11 August 2016

248. Constine, J.: Wait, did Facebook just build a Kickstarter Competitor? goo.gl/Eagrp7 (2015). Accessed 16

November 2017

249. Kaiser, U., Wright, J.: Price Structure in Two-Sided Markets. Evidence from the Magazine Industry.

International Journal of Industrial Organization (2006). doi: 10.1016/j.ijindorg.2005.06.002

250. Athey, S., Calvano, E., Gans, J.S.: The Impact of Consumer Multi-Homing on Advertising Markets and

Media Competition. Management Science (2016). doi: 10.2139/ssrn.2180851

251. Olbrich, R., Holsing, C.: Facebook Ads. WiSt - Wirtschaftswissenschaftliches Studium (2014). doi:

10.15358/0340-1650_2014_10_557

252. eMarketer: Net Digital Advertising Revenue Share of major ad-selling Online Companies worldwide from

2012 to 2014. https://goo.gl/hNSvQ7 (2014). Accessed 25 November 2017

253. Stelzner, M.A.: 2017 Social Media Marketing Industry Report. How Marketers are using Social Media to

grow their Businesses. Social Media Examiner. https://goo.gl/wMPxzE (2017). Accessed 7 December 2017

254. DeLong, J.B., Summers, L.H.: The 'New Economy': Background, historical Perspective, Questions, and

Speculations. Economic Review-Federal Reserve Bank of Kansas City 86(4), 29–59 (2001)

255. Rosen, J.: The Right to be forgotten. Stanford Law Review Online (2012)

256. Terwangne, C. de: Internet Privacy and the Right to be Forgotten/Right to Oblivion. In: VII Congreso

Internacional Internet, Derecho y Política. Neutralidad de la red y otros retos para el futuro de Internet, vol.

13, pp. 109–121 (2012)

257. Infosecurity Magazine: Snapchat’s expired Snaps are not deleted, just hidden. https://goo.gl/WhDT2K

(2013). Accessed 16 November 2017

258. Russell, J.: Facebook Stories, yet another Snapchat Clone, is rolling out to more Countries.

http://tcrn.ch/2msoQHT (2017). Accessed 16 November 2017

259. Yoo, C.S.: When Antitrust met Facebook. Geo. Mason L. Rev. 19(5), 1147–1162 (2012)

260. Berners-Lee, T.: Long live the Web. Scientific American 303(6), 80–85 (2010)

261. Swire, P., Lagos, Y.: Why the Right to Data Portability likely reduces Consumer Welfare. Antitrust and

Privacy Critique. Md. L. Rev. 72, 335–380 (2012)

262. Weiss, S.: Privacy Threat Model for Data Portability in Social Network Applications. International Journal

of Information Management 29(4), 249–254 (2009)

263. Miller, P.: Interoperability. What is it and why should I want it? Ariadne(24) (2000)

264. Breslin, J., Bojars, U., Passant, A., Fernandez, S., Decker, S.: Sioc: Content Exchange and semantic

Interoperability between Social Networks. In: Workshop on the Future of Social Networking. W3C (2009)

265. European Committee for Interoperable Systems: Interoperability & Intraoperability. https://goo.gl/Wr5vGJ.


266. Diedrich, O.: Die Woche: Alle gegen Microsoft. https://goo.gl/Sc9kuX (2009). Accessed 16 November

2017

267. Martinez, F.: What is Interoperability? https://goo.gl/pkSWYU (2012). Accessed 7 December 2017

268. Hinchcliffe, D.: Where is Interoperability for Social Media? http://zd.net/1dJYeHF (2014). Accessed 16

November 2017

269. Chisnall, D.: Open Standards for Social Networks. https://goo.gl/ep3oz (2011). Accessed 16 November

2017

270. Saint-Andre, P.: Extensible Messaging and Presence Protocol (XMPP): Core. IETF. RFC 6120.

https://goo.gl/A9rY64 (2011). Accessed 7 December 2017

271. Jacobs, I.: OpenSocialFoundation moves Standards Work to W3C Social Web Activity.

https://goo.gl/2GTUCa (2014). Accessed 7 December 2017

272. Yeung, Ching-man Au and Liccardi, Ilaria and Lu, Kanghao, Seneviratne, O., Berners-Lee, T.:

Decentralization: The Future of Online Social Networking. In: Workshop on the Future of Social

Networking, pp. 2–7. W3C (2009)

x References

273. Shah, R.: Striving for Interoperability in Social Business. https://goo.gl/fmVSGz (2011). Accessed 4

October 2017

274. Rescorla, E.: HTTP over TLS. IETF. RFC 2818. https://goo.gl/C1qp2d (2000). Accessed 7 December 2017

275. Spronk, R.: Impact of the GDPR on the Use of Interoperability Standards. https://goo.gl/cso3U7 (2017).


276. Clarke, R.: The digital Persona and its Application to Data Surveillance. The Information Society 10(2),

77–92 (1994)

277. Nilakanta, S., Scheibe, K.: The Digital Persona and Trust Bank. A Privacy Management Framework.

Journal of Information Privacy and Security 1(4), 3–21 (2005)

278. Clarke, R.: Persona missing, feared drowned. The Digital Persona Concept, two Decades later. Information

Technology & People 27(2), 182–207 (2014)

279. Arrington, M.: OpenID Welcomes Microsoft, Google, Verisign and IBM. https://goo.gl/eRHe1Z (2008).


280. Rhoen, M.: Rear View Mirror, Crystal Ball. Predictions for the Future of Data Protection Law based on the

History of Environmental Protection Law. Computer Law & Security Review (2017). doi:

10.1016/j.clsr.2017.05.010

281. Pfanner, E.: French Tax Proposal Zeroes In on Web Giants’ Data Harvest. https://nyti.ms/2iRAfVS (2013).


282. Goolsbee, A., Zittrain, J.L.: Evaluating the Costs and Benefits of taxing Internet Commerce. The Quarterly

Journal of Economics 115(2), 561–576 (1999)

283. Voison, G.: A new Tax on Personal Data Collection? https://goo.gl/ZXKg3o (2013). Accessed 16

November 2017

284. Han, B.-C.: Unsere gefühlte Freiheit. https://goo.gl/UfjACv (2014). Accessed 16 November 2017

285. Evans, D.S.: Antitrust Issues Raised by the Emerging Global Internet Economy. Nw. UL Rev. 102(1), 285–

306 (2008)

286. Schmalensee, R.: Antitrust Issues in Schumpeterian Industries. The American Economic Review 90(2),

192–196 (2000)

287. Michal, W.: Heiko Maas und der Algorithmen-TÜV. https://goo.gl/XG3PGg (2017). Accessed 16

November 2017

288. Lobe, A.: Gebt die Algorithmen frei! Strategien der Digitalkonzerne. http://www.faz.net/-gqz-8z26h

(2017). Accessed 29 June 2017

289. Lipsman, A., Lella, A.: U.S. Cross-Platform Future in Focus. comScore. https://goo.gl/pS7wQb (2016).


290. Mancini, C., Thomas, K., Rogers, Y., Price, B.A., Jedrzejczyk, L., Bandara, A.K., Joinson, A.N., Nuseibeh,

B.: From Spaces to Places. Emerging Contexts in mobile Privacy. In: 11th International Conference on

Ubiquitous Computing, pp. 1–10. ACM (2009)

291. Almuhimedi, H., Schaub, F., Sadeh, N., Adjerid, I., Acquisti, A., Gluck, J., Cranor, L.F., Agarwal, Y.: Your

Location has been shared 5,398 Times! A Field Study on Mobile App Privacy Nudging. In: 33rd Annual

ACM Conference on Human Factors in Computing Systems, pp. 787–796. ACM (2015)

292. Mangalindan, J.P.: San Francisco's Rent Riot. http://for.tn/1goeUeT (2011). Accessed 16 November 2017

Privacy in Social Networks Economic Options for Regulation

Documents

Transcript of Privacy in Social Networks Economic Options for Regulation