Research shows that people’s use of computers and mobile phones is often characterized by a privacy paradox: Their self-reported concerns about their online privacy appear to be in contradiction with their often careless online behaviors. Earlier research into the privacy paradox has a number of caveats. Most studies focus on intentions rather than behavior and the influence of technical knowledge, privacy awareness, and financial resources is not systematically ruled out. This study therefore tests the privacy paradox under extreme circumstances, focusing on actual behavior and eliminating the effects of a lack of technical knowledge, privacy awareness, and financial resources. We designed an experiment on the downloading and usage of a mobile phone app among technically savvy students, giving them sufficient money to buy a paid-for app. Results suggest that neither technical knowledge and privacy awareness nor financial considerations affect the paradoxical behavior observed in users in general. Technically-skilled and financially independent users risked potential privacy intrusions despite their awareness of potential risks. In their considerations for selecting and downloading an app, privacy aspects did not play a significant role; functionality, app design, and costs appeared to outweigh privacy concerns.
At the time of publication, the number of smartphone users worldwide was just shy of 4.5 billion, with projections for the number of mobile phone users expected to reach the 5 billion mark by 2020 (Statista, 2019). Smartphone users store information and surf online, and by doing so collect (and distribute) large amounts of information. For billions of people around the world, the smartphone has become an indispensable daily companion. For many, the device remains within reach even while sleeping. Some researchers even argue that mobile phones can be seen as an extension to the human body (Shklovski et al., 2014). Because of their round the clock close proximity, smartphones can provide private behavioral information, including location, fitness, both on– and offline activities, social networking operations, and even audio-visual recordings (Aditya et al., 2014). However, most of this data aggregation is not voluntarily or consciously established by the end-user but initiated by business models based on data generation (Buck et al., 2014). By downloading and installing apps, smartphone users increase the risks associated with design flaws, malware attacks, and data theft. From a technical standpoint, the security and privacy risks associated with mobile applications have long been a cause for concern. By requesting irrelevant permissions, loosely defining permissions, or misusing permissions, combined with highly personalized data aggregation, mobile apps can and actually do provide third parties with sensitive data (Buck et al., 2014; Egele et al., 2011; Enck et al., 2014). Most mobile users are unaware of these threats to their personal data or unable to understand the technical mechanisms behind data leakage (Acquisti et al., 2016). Consequently, information exchanged between electronic devices can be used for user monitoring, leading to a generally wary user attitude towards the credibility of a smartphone’s privacy protection mechanisms. Although users might have ominous feelings when sharing information online, they still download and use apps in exchange for financial benefits, personalized services, or enjoyment in any way (Shklovski et al., 2014). Despite a foreboding feeling many users express, the number of mobile app downloads worldwide increases continuously (Statista, 2019). It seems that users download and install mobile applications without hesitation, even if apps require excessive permissions.