D'Assergio, Caterina
(2021)
How do Firms ask for Consumers’ Data Permission? The Value of Companies Data Practices., [Dissertation thesis], Alma Mater Studiorum Università di Bologna.
Dottorato di ricerca in
Phd in management, 32 Ciclo. DOI 10.48676/unibo/amsdottorato/9817.
Documenti full-text disponibili:
|
Documento PDF (English)
- Richiede un lettore di PDF come Xpdf o Adobe Acrobat Reader
Disponibile con Licenza: Salvo eventuali più ampie autorizzazioni dell'autore, la tesi può essere liberamente consultata e può essere effettuato il salvataggio e la stampa di una copia per fini strettamente personali di studio, di ricerca e di insegnamento, con espresso divieto di qualunque utilizzo direttamente o indirettamente commerciale. Ogni altro diritto sul materiale è riservato.
Download (6MB)
|
Abstract
On May 25, 2018, the EU introduced the General Data Protection Regulation (GDPR) that offers EU citizens a shelter for their personal information by requesting companies to explain how people’s information is used clearly. To comply with the new law, European and non-European companies interacting with EU citizens undertook a massive data re-permission-request campaign. However, if on the one side the EU Regulator was particularly specific in defining the conditions to get customers’ data access, on the other side, it did not specify how the communication between firms and consumers should be designed. This has left firms free to develop their re-permission emails as they liked, plausibly coupling the informative nature of these privacy-related communications with other persuasive techniques to maximize data disclosure. Consequently, we took advantage of this colossal wave of simultaneous requests to provide insights into two issues. Firstly, we investigate how companies across industries and countries chose to frame their requests. Secondly, we investigate which are the factors that influenced the selection of alternative re-permission formats. In order to achieve these goals, we examine the content of a sample of 1506 re-permission emails sent by 1396 firms worldwide, and we identify the dominant “themes” characterizing these emails. We then relate these themes to both the expected benefits firms may derive from data usage and the possible risks they may experience from not being completely compliant to the spirit of the law. Our results show that: (1) most firms enriched their re-permission messages with persuasive arguments aiming at increasing consumers’ likelihood of relinquishing their data; (2) the use of persuasion is the outcome of a difficult tradeoff between costs and benefits; (3) most companies acted in their self-interest and “gamed the system”. Our results have important implications for policymakers, managers, and customers of the online sector.
Abstract
On May 25, 2018, the EU introduced the General Data Protection Regulation (GDPR) that offers EU citizens a shelter for their personal information by requesting companies to explain how people’s information is used clearly. To comply with the new law, European and non-European companies interacting with EU citizens undertook a massive data re-permission-request campaign. However, if on the one side the EU Regulator was particularly specific in defining the conditions to get customers’ data access, on the other side, it did not specify how the communication between firms and consumers should be designed. This has left firms free to develop their re-permission emails as they liked, plausibly coupling the informative nature of these privacy-related communications with other persuasive techniques to maximize data disclosure. Consequently, we took advantage of this colossal wave of simultaneous requests to provide insights into two issues. Firstly, we investigate how companies across industries and countries chose to frame their requests. Secondly, we investigate which are the factors that influenced the selection of alternative re-permission formats. In order to achieve these goals, we examine the content of a sample of 1506 re-permission emails sent by 1396 firms worldwide, and we identify the dominant “themes” characterizing these emails. We then relate these themes to both the expected benefits firms may derive from data usage and the possible risks they may experience from not being completely compliant to the spirit of the law. Our results show that: (1) most firms enriched their re-permission messages with persuasive arguments aiming at increasing consumers’ likelihood of relinquishing their data; (2) the use of persuasion is the outcome of a difficult tradeoff between costs and benefits; (3) most companies acted in their self-interest and “gamed the system”. Our results have important implications for policymakers, managers, and customers of the online sector.
Tipologia del documento
Tesi di dottorato
Autore
D'Assergio, Caterina
Supervisore
Co-supervisore
Dottorato di ricerca
Ciclo
32
Coordinatore
Settore disciplinare
Settore concorsuale
Parole chiave
GDPR, Re-Permission Emails, Persuasive Communication, Online Ad Revenues, Marketing Cookies, Data-Breach, Text Analysis.
URN:NBN
DOI
10.48676/unibo/amsdottorato/9817
Data di discussione
27 Maggio 2021
URI
Altri metadati
Tipologia del documento
Tesi di dottorato
Autore
D'Assergio, Caterina
Supervisore
Co-supervisore
Dottorato di ricerca
Ciclo
32
Coordinatore
Settore disciplinare
Settore concorsuale
Parole chiave
GDPR, Re-Permission Emails, Persuasive Communication, Online Ad Revenues, Marketing Cookies, Data-Breach, Text Analysis.
URN:NBN
DOI
10.48676/unibo/amsdottorato/9817
Data di discussione
27 Maggio 2021
URI
Statistica sui download
Gestione del documento: