Literature Review: Social Networking Privacy views among Youth in Kuwait

This is a paper addressing social media privacy and youth. I will attached the studies to use and I want a literature review as well as a drafted proposal so you can get an idea of what is the specific topic about [privacy views among Kuwaiti young adults on social networking sites]. Begin with an introduction. Identify the general topic, issue or area of concern which in this paper is social networking sites privacy and youth. What are the overall trends in terms of the published research on the topic, major themes, and gaps in research. Discuss what is drawn from these studies and you can organize thematically or chronologically. Explain how each work is similar and different from others. Summarize each study/article giving its importance. Synthesizing major findings and arguments in our context [middle east-gulf countries]. Conclusion as to which pieces are best considered in their argument, convincing of their opinion, and contribute to the understanding and development of this research area. Analyze and interpret by providing a discussion of findings and arguments. I DON’T want you to focus on big data or third party data collection by social networking sites, or security issues! However, I want you to take a look at the drafted proposal and structure to get a good sense. Chapter 2 Three Theories of Privacy: An Overview Stephen T. Margulis 2.1 Introduction This chapter reviews the current most important theories of privacy.1 The review is addressed to those unfamiliar with theories of privacy. It is my goal to provide those readers with a foundation on which to build. To this end, the chapter summarizes the two best articulated and best supported theories of privacy (Altman 1975; Westin 1967) as well as Petronio’s (2002) communication privacy management (CPM) theory, an important extension of Altman’s theory that is particularly suited for the study of social networking. Additionally, this chapter considers two larger issues about what privacy is: issues in defining privacy and lessons to be learned from Altman’s and Westin’s theories. I begin with the three theories of privacy. Irwin Altman’s and Alan Westin’s theories were selected because they have stood the test of time. Both figure prominently in major reviews of privacy in the 1970s (Margulis 1977), 1980s (Sundstrom 1986, Chap. 13), and 1990s (Newell 1995). Moreover, they have paved the way for others, particularly Petronio’s CPM theory. S.T. Margulis (*) Grand Valley State University, Grand Rapids, MI e-mail: [email protected] 1 This chapter draws heavily on two articles by the author in the Journal of Social Issues (Margulis 2003a, b). The author wishes to thank Wiley-Blackwell for allowing the use of this material. I wish to thank Sandra Petronio for her very helpful review of her theory and for providing published and unpublished material. S. Trepte and L. Reinecke (eds.), Privacy Online, DOI 10.1007/978-3-642-21521-6_2, # Springer-Verlag Berlin Heidelberg 2011 9 2.2 Westin’s Theory Westin’s (1967) theory of privacy addresses how people protect themselves by temporarily limiting access of others to themselves. For Westin (1967, p. 7) Privacy is the claim of individuals, groups, or institutions to determine for themselves when, how, and to what extent information about them is communicated to others. [Moreover] ... privacy is the voluntary and temporary withdrawal of a person from the general society through physical or psychological means.... Westin (1967) proposes that people need privacy. Privacy, in concert with other needs, helps us to adjust emotionally to day-to-day interpersonal interactions. For Westin, privacy is both a dynamic process (i.e., over time, we regulate privacy so it is sufficient for serving momentary needs and role requirements) and a nonmonotonic function (i.e., people can have too little, sufficient, or too much privacy). Westin specifically limits his theory to Western democracies because privacy is consistent with the sociopolitical values of these democracies. For Westin, privacy is neither self-sufficient nor an end in itself, but a means for achieving the overall end of self-realization. Westin postulates four states of privacy. Solitude is being free from observation by others. Intimacy refers to small group seclusion for members to achieve a close, relaxed, frank relationship. Anonymity refers to freedom from identification and from surveillance in public places and for public acts. Reserve is based on a desire to limit disclosures to others; it requires others to recognize and respect that desire. The states are the means by which the functions (purposes or ends) of privacy are achieved. The states are, in effect, the “hows” of privacy. Westin also posits four functions (purposes) of privacy. They are, in effect, the “whys” of privacy. Personal autonomy refers to the desire to avoid being manipulated, dominated, or exposed by others. Emotional release refers to release from the tensions of social life such as role demands, emotional states, minor deviances, and the management of losses and of bodily functions. Privacy, whether alone or with supportive others, provides the “time out” from social demands, hence opportunities for emotional release. Self-evaluation refers to integrating experience into meaningful patterns and exerting individuality on events. It includes processing information, supporting the planning process (e.g., the timing of disclosures), integrating experiences, and allowing moral and religious contemplation. The final function, Limited and protected communication, has two facets: limited communication sets interpersonal boundaries; protected communication provides for sharing personal information with trusted others (Westin 1967). For Westin (1967), privacy operates at the individual, group, and organizational/ institutional levels. This is an early statement of the multiple levels often associated with privacy (cf. Petronio 2002). Although Westin’s definition of privacy is often cited, it is his privacy states and functions that have occasioned research. The research supports (to varying degrees) and extends the states and functions; it examines the relationships between the states and functions; it applies the states 10 S.T. Margulis and functions to specific contexts (see Margulis 2003b, pp. 413–415, for a summary of this research). Nevertheless, possibly because Westin is a political scientist and lawyer, and not a behavioral scientist, questions remain. Do Westin’s four functions flow into one another? Do they co-occur or overlap in time or do they occur independently? Do specific dimensions of privacy underlie Westin’s states? Are privacy factors organized hierarchically? Can the functions be understood as traits? Finally, Westin’s endorsement of organizational-level privacy is problematic because he models the organization on an individual who acts alone rather than as a collective. (See Margulis 2003b, p. 418, for supporting information and citations.) 2.3 Altman’s Theory Altman, like Westin, has influenced how we understand privacy. Altman’s analysis of privacy focuses on individual and group privacy and behavior (i.e., privacyregulating mechanisms) operating as a coherent system. He takes a dynamic and a dialectical perspective on privacy regulation (i.e., it is a process that paces and regulates interaction with others; we change how open or closed we are in response to changes in our internal states and external conditions) (Altman 1990; Margulis 1977). Because Altman is a social and an environmental psychologist, social interaction is at the heart of his theory and Altman uses the environment to provide mechanisms for regulating privacy. Privacy, for Altman, is “the selective control of access to the self” (1975, p. 24). Privacy has five properties. Firstly, privacy involves a dynamic process of interpersonal boundary control. Secondly, Altman differentiates desired and actual levels of privacy. Thirdly, privacy is a non-monotonic function, with an optimal level of privacy (desired ¼ actual level) and possibilities of too much privacy (actual > desired level) (e.g., crowding) and too little (desired > actual level) (e.g., social isolation). Fourthly, privacy is bi-directional, involving inputs from others (e.g., noise) and outputs to others (e.g., oral communication). Fifthly, privacy operates at the individual and group level (Altman 1975; Margulis 1977). For Altman, there are multiple behavioral mechanisms for regulating privacy (e.g., territorial behavior, cultural norms) that operate as a coherent system. Consequently, one mechanism can substitute for another (e.g., a nod of approval for the word “yes”), can amplify another (e.g., shout “no” and slam a door shut), or can modulate another (e.g., offer an apology for locking one’s door). Moreover, Altman posits a hierarchy of privacy functions, the most central of which is creating self-identity. In Altman’s approach, three features of privacy are particularly important. Firstly, privacy is inherently a social process. Secondly, a proper understanding of psychological aspects of privacy must include the interplay of people, their social world, the physical environment, and the temporal nature of social phenomena (Altman 1990). Thirdly, privacy has a cultural context; specifically, privacy is a 2 Three Theories of Privacy: An Overview 11 cultural universal but psychological manifestations are culturally-specific (Altman 1975, 1977). Altman’s theory has received impressive empirical support (see Margulis 2003b, p. 419, for a summary). It also has stimulated theory development by others (see Margulis 2003b, pp. 419, 421, 422). Lastly, Altman’s theory of privacy is sufficiently comprehensive to be a general theory about the regulation of social interaction (Margulis 1977). The central issue with Altman’s theory is whether his boundary concept is a metaphor or a theoretical construct. In this regard, Petronio (2002), whose theory builds on Altman’s ideas, regards it as a metaphor. 2.4 Petronio’s CPM (Communication Privacy Management) Theory The most valuable privacy theory for understanding interpersonal computermediated communication, such as blogging and social networking, was stimulated by Altman’s dialectical conception of privacy as a tension between opening and closing a personal boundary to others (see Child et al. 2009). That theory is Petronio’s (2002) CPM (communication privacy management) theory. In CPM theory, privacy boundaries can range from complete openness to complete closedness or secrecy. An open boundary reflects willingness to grant access to private information through disclosure or giving permission to view that information, thus representing a process of revealing. On the other hand, a closed boundary represents information that is private and not necessarily accessible, thus characterizing a process of concealing and protecting. The relationship between the boundaries is dialectical, consistent with Altman’s thesis, because we continuously adapt our level of privacy and disclosure to internal and external states because we simultaneously need to be open and social as well as private and preserve our autonomy. Moreover, we achieve desired levels of privacy and disclosure through the use of privacy rules. That is, when we make a decision to disclose private information, we use a rule-based privacy management system that regulates the degree of boundary permeability (how much is told) and that manages linkages (who we want to know the information) and the level of shared ownership with others. Using this rule-based management system allows CPM theory to consider how decisions are made about revealing and concealing private information (Petronio 2002). Five propositions underpin CPM theory (Petronio and Durham 2008). The first proposition is that private information is defined in terms of ownership in that when people believe the information belongs to them, they count it as private. The second is that because they define private information as something they own, they therefore believe they have the right to control the distribution of that information (Petronio and Reierson 2009). The third is that people develop and use privacy rules, based on 12 S.T. Margulis personally important criteria, to control the flow of private information. These rules impact the management of individual and collective (i.e., dyadic and group) privacy boundaries. Individual privacy rules are based on cultural values, gendered orientations, motivational needs, contextual impact, and risk-benefit ratio criteria. The fourth is that once private information becomes shared, a collective privacy boundary is formed and others receiving private information become co-owners of that information. From the perspective of the original owner, co-owners have fiduciary responsibilities to manage and therefore jointly control this private information in a way that is consistent with the original owner’s rule. Privacy rule coordination between the original owner and co-owner is negotiated and revolves around decisions about permeability, co-ownership responsibilities, and linkage rules. Linkage rules determine who else can know (become a co-owner of) the information. Permeability rules determine how much others can know about the information. Ownership rules determine how much control co-owners have over co-owned information. (For an instrument to measure these three factors, see Child et al. 2009.) These rules might be implicit (e.g., based on a person’s assumption that the other person has learned the requisite rules/norms) or explicit because of a need to clarify or modify an existing rule or to introduce/negotiate a new rule (Child et al 2009; Petronio 2002). These privacy rules are dynamic: they change, grow, or remain stable for periods (Petronio 2002). Privacy rules also have several attributes (Petronio 2002). Firstly, privacy rules may become so routine that they form the basis for privacy orientations. Routinization can be aided by the use of sanctions to control the use of privacy rules. Nevertheless, these rules are often subject to change. Secondly, we must manage our individual and collective boundaries. Collective boundaries require interpersonal coordination (see Petronio 2002, p. 32f, for a discussion of collective coordination patterns). Thirdly, effective boundary management might fail. For example, there can be boundary turbulence because a co-owner feels no obligation to protect the discloser’s private information. Whatever the reason, ineffective boundary management means that co-owners need to take corrective action to ensure effective boundary management (Petronio 2002). The fifth proposition of Petronio’s CPM theory, as noted, is that when privacy rules are not coordinated between the original owner and co-owner, there is a possibility of boundary turbulence because people do not consistently, effectively, or actively negotiate collective privacy rules. Boundary turbulence occurs when coowners fail to effectively control (manage) the flow of private information to third parties. In sum, CPM theory extends Altman’s original proposal of privacy regulation, as Altman has noted, by articulating “[a] most complicated set of dynamics” and by articulating the operation of communication privacy management at the individual, dyadic, and group levels (Petronio 2002, p. xvi). And like Westin, Petronio also focuses on the management of private information. For applications of CPM theory to interpersonal computer-mediated communication and blogging, see Child and Petronio (2011), Child et al. (2009), Child and Agyeman-Badu (2010). 2 Three Theories of Privacy: An Overview 13 2.5 What Privacy Is: Issues in Defining Privacy Privacy is an elusive concept because it is an elastic concept (Allen 1988). The psychological concept subsumes a wide variety of philosophical, legal, behavioral, and everyday definitions. Moreover, the relationships between privacy and cognate concepts (e.g., deception, secrecy, anonymity) are debatable because of disagreements about the boundaries of privacy as a concept (see, e.g., Margulis 2003a, 2009). Also, in the moral domain, there is disagreement about whether privacy is best understood as protecting “behavior which is either morally neutral or valued by society” (Warren and Laslett 1977, p. 44), a common perspective, or whether privacy also can support illegitimate activities, such as misuse of a public office (Westin 1967), vandalism (Altman 1975), and morally dubious behavior like lying (Derlega and Chaikin 1977). Lastly, there is no agreement on the proper philosophical frame within which to define privacy. In this regard, the theories of Altman, Petronio, and Westin are consistent with the limited-access perspective (Allen 1988) but there are other perspectives. (See Tavani 2007, for four perspectives, including limited access.) I examined the variability in definitions of privacy, primarily in psychological analyses of privacy but also in studies of how people defined privacy (cf. Newell 1998). Based on my examination, I inductively derived “an abstract skeleton” of the means and ends of privacy: “Privacy, as a whole or in part, represents control over transactions between person(s) and other(s), the ultimate aim of which is to enhance autonomy and/or to minimize vulnerability” (Margulis 1977, p. 10). This “skeletal” definition, so to speak, failed to note that, in the privacy literature, control over transactions usually entailed limits on or regulation of access to self (Allen 1988), sometimes to groups (e.g., Altman 1975), and presumably to larger collectives such as organizations (e.g., Westin 1967). Because I inductively derived the definition from a wide range of examples, it follows that the variation in specific definitions reflects how the terms and the relationships among terms, in the abstract skeleton, were interpreted within those definitions. In individual cases, it also reflected the additional concepts and/or relationships that were included in a definition. For example, the concept of control, in the abstract skeleton, has been interpreted as social power (Kelvin 1973) and as personal control (Johnson 1974). Johnson’s (1974) distinction between primary (direct) and secondary (indirect) personal control over the attainment of privacy-related outcomes illustrates the use of an additional concept. Although I concluded that the psychological concept emphasizes privacy as control over or regulation of or, more narrowly, limitations on or exemption from scrutiny, surveillance, or unwanted access (Margulis 1977), there have been (e.g., Pennock and Chapman 1971) and continue to be legal and philosophical analyses of the meaning of privacy, some of which, as noted (e.g., Tavani 2007), would have us go beyond the limited-access perspective (Allen 1988) or raise questions about the boundaries of privacy (e.g., Davis 2009). In the final analysis, privacy remains an 14 S.T. Margulis elastic concept. Therefore, if you intend to use a behavioral theory of privacy, you should determine whether its definition of privacy meets your requirements. 2.6 What Privacy Is: Lessons from Two Theories of Privacy One way to examine the core of privacy is to compare the commonalities and differences in the two best supported theories of privacy: the theories of Altman (1975) and Westin (1967). Both theories discuss how individuals and groups control or regulate access to themselves (i.e., both illustrate the limited-access approach). Both theories describe our need for privacy as a continuing dynamic of changing internal and external conditions, to which we respond by regulating privacy in order to achieve a desired level of privacy. In turn, achieved privacy can affect internal states and external conditions. Both agree that attempts to regulate privacy may be unsuccessful: we may achieve more or less privacy than we desired. Both agree that privacy can take many forms. Both agree that privacy has universal characteristics and that the nature of the forms that privacy can take is probably culturally-specific. Both agree that privacy can support illegitimate goals. Both differentiate the forms (or the hows) from the functions (or the whys) of privacy. Both agree that the functions of privacy include opportunities for self-evaluation and that privacy contributes to self-identity and individuality. The principal difference is that Altman’s theory is relatively inclusive of privacy phenomena because it emphasizes social interaction but Westin’s is less so, often focusing on information privacy, a subset of social interaction. (In this regard, CPM theory also focuses on information privacy.) That two independent, well-supported theories share so much in common suggests that they provide a reasonable foundation for understanding the fundamentals of privacy as a psychological concept. Westin (2003) also has described three distinct empirically-derived (not theoretically-derived) positions on privacy that the public holds. The High-Privacy position assigns a high(er) value to privacy claims and seeks comprehensive governmental interventions to protect privacy. (See Bennett 1995, for an overview, and Lyon and Zuriek 1996, for examples of the High-Privacy position.) The Balanced-Privacy position values privacy claims but advocates tailored (e.g., sectoral) governmental interventions to address demonstrated abuses as well as voluntary organizational initiatives to promote individual privacy. (See Etzioni 1999, and Westin 1967, for different approaches to Balanced Privacy.) The Limited-Privacy position usually assigns a lower value to privacy claims than to business efficiency and societal-protection interests and it opposes governmental intervention as unnecessary and costly. (For an example, see Singleton 1998.) I would add a variant on the Limited-Privacy position, based on the claim that openness ought to trump privacy. This position has its roots in humanistic psychology (e.g., Jourard 1971). Interestingly, a contemporary advocate of this position is Mark Zuckerberg, the founder and CEO of Facebook, currently the largest social networking site (Vargas 2 Three Theories of Privacy: An Overview 15 2010), although his motives have been questioned (e.g., Lyons 2010). As useful as these three positions on privacy could be in research on privacy attitudes of social media users, there are questions about the generalizability of these three positions on privacy (Margulis et al. 2010). References Allen AL (1988) Uneasy access: privacy for women in a free society. Rowman & Littlefield, Totowa Altman I (1975) The environment and social behavior: privacy, personal space, territory, crowding. Brooks/Cole, Monterey Altman I (1977) Privacy regulation: culturally universal or culturally specific? J Soc Issues 33(3):66–84 Altman I (1990) Toward a transactional perspective: a personal journey. In: Altman I, Christensen K (eds) Environment and behavior studies: emergence of intellectual traditions. Plenum, New York, pp 335–355 Bennett CJ (1995) The political economy of privacy: a review of the literature. Paper prepared for the center for social and legal research, DOE genome project (Final draft), University of Victoria, Department of Political Science, Victoria Child JT, Agyeman-Badu E (2010) Blogging privacy management rule development: the impact of self-monitoring skills, concern for appropriateness, and blogging frequency. Comput Hum Behav 26:957–963 Child JT, Pearson JC, Petronio S (2009) Blogging, communication, and privacy management: development of the blogging privacy management measure. J Am Soc Inf Sci Technol 60(1):2079–2094 Child JT, Petronio S (2011) Unpacking the paradoxes of privacy in CMC relationships: the challenges of blogging and relational communication on the internet. In: Wright K, Webb L (eds) Computer mediated communication in personal relationships. Hampton Press, Cresskill, pp 21–40 Davis S (2009) Privacy, rights, and moral value. In: Matheson D (ed) Contours of privacy. Cambridge Scholars Publishing, Newcastle upon Tyne, pp 153–179 Derlega V, Chaikin AL (1977) Privacy and self-disclosure in social relationships. J Soc Issues 33(3):102–115 Etzioni A (1999) The limits of privacy. Basic Books, New York Johnson CA (1974) Privacy as personal control. In: Carson DH (ed) Man-environment interactions: evaluations and applications (Part II, Vol. 6: Privacy, S.T. Margulis, vol. ed). Environmental Design Research Association, Washington, DC, pp 83–100 Jourard SM (1971) The transparent self. (rev edn). Van Nostrand Reinhold, New York Kelvin P (1973) A social-psychological examination of privacy. Br J Soc Clin Psychol 12:248–261 Lyon D, Zuriek E (1996) Surveillance, privacy, and the new technology. In: Lyon D, Zureik E (eds) Computers, surveillance, and privacy. University of Minnesota Press, Minneapolis, pp 1–18 Lyons D (June 7, 2010) Facebook’s false contrition. Newsweek, p 20 Margulis ST (1977) Conceptions of privacy: current status and next steps. J Soc Issues 33(3):5–21 Margulis ST (2003a) Privacy as a social issue and a behavioral concept. J Soc Issues 59(2):243–262 Margulis ST (2003b) On the status and contribution of Westin’s and Altman’s theories of privacy. J Soc Issues 59(2):411–429 Margulis ST (2009) Privacy and psychology. In: Matheson D (ed) Contours of privacy. Cambridge Scholars Publishing, Newcastle upon Tyne, pp 143–151 16 S.T. Margulis Margulis ST, Pope JA, Lowen A (2010) The Harris-Westin index of general concern about privacy: an exploratory conceptual replication. In: Zuriek E, Stalker LH, Smith E, Lyon D, Chan YE (eds) Surveillance, privacy, and the globalization of personal information: international comparisons. McGill-Queen’s University Press, Montreal & Kingston, pp 91–109 Newell PB (1995) Perspectives on privacy. J Environ Psychol 14:65–78 Newell PB (1998) A cross-cultural comparison of privacy definitions and functions: a systems approach. J Environ Psychol 18:357–371 Pennock JR, Chapman JW (eds) (1971) Privacy: Nomos XIII. Atherton Press, New York Petronio S (2002) Boundaries of privacy: dialectics of disclosure. State University of New York Press, Albany Petronio S, Durham W (2008) Understanding and applying communication privacy management theory. In: Baxter LA, Braithwaite DO (eds) Engaging theories in interpersonal communication. Sage, Thousand Oaks, pp 309–322 Petronio S, Reierson J (2009) Regulating the privacy of confidentiality: grasping the complexities through CPM theory. In: Afifi T, Afifi W (eds) Uncertainty and information regulation in interpersonal contexts: theories and applications. Routledge, New York, pp 365–383 Singleton S (1998) Privacy as censorship: a skeptical view of proposals to regulate privacy in the private sector. (Policy Analysis No. 295) The Cato Institute, Washington, DC Sundstrom E (1986) Workplaces: the psychology of the physical environment in offices and factories. Cambridge University Press, New York Tavani H (2007) Philosophical theories of privacy: implications for an adequate online privacy policy. Metaphilosophy 38(1):1–22 Vargas JA (Sept 20, 2010) Letter from Palo Alto: the face of facebook. The New Yorker, pp 54–64 Warren C, Laslett B (1977) Privacy and secrecy: a conceptual comparison. J Soc Issues 33(3):43–51 Westin AF (1967) Privacy and freedom. Atheneum, New York Westin AF (2003) Social and political dimensions of privacy. J Soc Issues 59(2):431–453 2 Three Theories of Privacy: An Overview 17