THE INFLUENCE OF NEW DATA PROTECTION REGULATIONS, PRIVACY CONCERNS, AND WEBSITE EXPERIENCE ON PERSONAL INFORMATION
SHARING
Master Thesis, Msc Marketing Intelligence & Marketing Management University of Groningen, Faculty of Economics and Business.
June 18, 2018
KOEN WEEGINK Student number: 234344
Turftorenstraat 7m 9712BL Groningen
Tel.: 0683671361 E-mail: weegink.k@gmail.com
Supervisor Lisette de Vries Second supervisor
Hans Risselada
ABSTRACT
Nowadays, the performance of many firms relies on personal information the consumers provide them with. Accompanying the rise in importance of personal data, privacy concerns are also increasing. People are more and more reluctant to share personal information with firms because the information they provide might be used in ways they did not foresee. So how can firms increase the probability of people sharing personal information with them? This study focusses on the effects of privacy concerns, website experience, and stricter data security regulations and their effect on the willingness to disclose personal information online. This study analyses 163 responses gathered through a survey that was distributed on the University campus of the Rijksuniversiteit Groningen and via social media. The PROCESS Macro developed by Andew F. Hayes was used to perform a binary logistic regression to analyse the effects of the aforementioned variables on consumers’ willingness to disclose personal information.
The results of this research show that a good (previous) website experience does not have an effect on privacy concerns. In turn, privacy concerns do not have an effect on the willingness to share personal information. Stricter data security regulations do not have a direct effect on willingness to disclose personal information nor does it moderate the relationship between privacy concerns and willingness to disclose personal information. Evidence was found that a good usable website has an effect on the willingness to disclose personal information.
Keywords: Privacy concerns, website experience, data security regulations, willingness to disclose personal information.
TABLE OF CONTENT
1. INTRODUCTION 4
2. LITERATURE REVIEW 8
2.1 Willingness to disclose personal information 9
2.2 Website experience 10
2.3 Privacy concerns 11
2.4 Data security regulations 13
2.5 Control variables 15
3. METHODOLOGY 16
3.1 Type of data collection method 16
3.2 Population and sampling method 16
3.3 Operational definitions 16
3.4 Research design 17
3.5 Plan of analysis 18
4. RESULTS 19
4.1 Data cleaning 19
4.2 Descriptive statistics 20
4.3 Correlation analysis 20
4.4 Principal Component Analysis 20
4.5 Reliability analysis 23
4.6 Assumption testing 24
4.6.1 Absence of outliers & dichotomous outcome 24
4.6.2 Absence of multicollinearity 24
4.6.3 Linearity of data 25
4.7 Binary Logistic Regression 26
5. DISCUSSION 29
5.1 Discussion of findings 29
5.2 Conclusion 31
5.3 Theoretical and managerial implications 31
5.4 Limitations and future research 32
LITERATURE 34
APPENDIX A 47
1. INTRODUCTION
In the current ‘digital’ age companies are more and more relying on personal information of consumers. Companies are routinely capturing personal information online via websites or mobile applications. These websites and mobile apps provide companies with enormous amounts of data about how individuals behave, feel, interact with products or services, and how they interact with marketing campaigns (Wedel & Kannan, 2016). For most companies, and especially companies focussed on the online environment, personal data plays a big factor in how they perform and operate (Feijóo, Gomez-Barroso, & Voigt, 2014). Feijóo et al. (2014, p.
248) described the importance of personal data: “Personal data are becoming one of the main assets of many modern markets, to the point that they can be considered the new oil of the internet and the new currency of the digital world”. It is thus clear that personal data is important to companies. In times where personal data has increased in importance to companies, consumers are more and more worried about their personal information being used for purposes they did not foresee and are reluctant to share this information (Norberd, Horne & Horne, 2007).
Advertisers receive large benefits by tracking the consumer online. Having personal data about consumers delivers great value to advertisers since they can reach consumers with more relevant advertisements based on their personal information (Cofone, 2017). Advertisers can thus, based on personal data, reach the right consumer with the right message at the right time (Malthouse & Li, 2017). Advertisers collect personal data by implementing cookies on their websites. “Cookies are files stored on a users’ computer (the server) when the client’s web browser communicates with the server’s website” (Oppenheimer, 2006: 385). Cookies are thus an important source of information for advertisers since these cookies store information about what the user is doing online. This information can later be accessed by the party that placed them (Palmer, 2005).
At the time this thesis was written the Data Protection Directive allows cookies to be placed without the explicit consent of the individual who is browsing online. The only thing advertisers have to do is inform the consumer that they have placed cookies. This will change. The European Union has accepted new legislation around data privacy, the General Data Protection Regulation (GDPR from now on), which will be enforced from May 25th 2018. In short, GDRP obliges companies to ask for explicit consent for each type of data that they want to collect from individuals through cookies. This makes all the old cookie-pools useless unless they get the
consumer to once again give them consent. Cookies are not the only source of personal information for firms. People are also providing personal information to websites owned by retailers when ordering products online. In addition to providing information to retailers’
websites, people are providing social networking sites like Facebook and Instagram with huge amounts of personal information (e.g. name, address, phone number, what they like). This information can also be used by firms to profile individuals and target them with relevant offers.
The capability to reach the right consumer with the right message at the right time has its pros and cons. Consumers will see a more relevant ad which they perceive as more appealing and will lead to a higher chance of clicking on the ad. The shadow side is that consumers could develop privacy concerns when they are targeted with a very relevant banner online. Consumers might get the feeling that they are being watched, develop privacy concerns, which could put them off (Tucker, 2014). Getting too personal thus might lead to privacy concerns in the mind of the consumer because they get the feeling companies know every bit of information there is to know about them (Phelps, Nowak & Ferrel, 2000). Getting too personal could also result in so called ‘reactance’. Reactance is defined as “a motivational state where consumers resist something they find coercive by behaving in the opposite way to the one intended” (Tucker, 2014, p. 546). As a result, firms have to be very cautious and thoughtful about how often, when, and in what way they try to reach consumers.
Nowadays, the customer experience is important for most firms. Pine & Gilmore (1998) were one of the first authors to write about the construct customer experience. They observed that when services and products became more of a commodity, firms that were leading the pack were firms that had their focus on differentiating themselves through excellent customer experiences. To survive in today’s economy, providing consumers with good products and services alone is not enough. Firms have to compete on customer experiences throughout all the stages of the customer journey (Klaus, 2015). Literature states that whatever the service or product, consumers buying or receiving will have an experience. This experience can be bad, indifferent, or good (Carbone & Heckel, 1994; Berry & Carbone, 2007; Voss & Zomerdijk, 2007). It is very important to provide consumers with a good customer experience since it has an influence on customer satisfaction (Liljander & Strandvik, 1997), provides firms with loyal customers (Mascarenhas, Kesavan, & Bernacchi, 2006; Pullman & Gross, 2004), provides support for the brand (Berry & Carbone, 2007; Grace & O’Cass, 2004), influences expectations
of consumers (Flanagan, Johnston, & Talbot, 2005), and creates an emotional bond with consumers (Pullman & Gross, 2004).
Since the new stricter data security legislation forces firms to ask consent for storing and using personal information for marketing efforts again, and personal information is more important than ever, it is relevant to research what companies can do to increase individuals’ willingness to disclose personal information. The effect of the GDPR on the willingness to disclose personal information is also interesting to research. By looking into this, companies know whether they should communicate the fact that they are compliant with GDPR in their privacy statements to increase individuals’ willingness to disclose personal information. Having more information about the drivers of the individuals’ willing to share information is important for companies.
When asking for consent companies should take these drivers into account. Also, with customer experiences increasing in importance it is very relevant to look into the effect of a good (previous) online customer experience on the willingness to disclose personal information.
Rose, Clark, Samouel, and Hair (2012) state that continued studies with different factors in the area of online customer experience is necessary since it is really important for the success of online companies. Xu, Teo, Tan, and Agarwal (2009) state that laws and regulations reduce concerns individuals have and increase trust (Acquisti, Brandimarte, & Loewnstein, 2015). This study was conducted in Singapore, which is known for its harsh enforcement of laws and regulations. This might have influenced the privacy behaviour of their research sample. They propose other environments should be examined, where Europe and North-America would be most interesting. Hui, Teo, and Lee (2007) found that privacy statements provided by firms leads to a higher disclosure of personal information. They state that since their study was conducted in Singapore, and Singaporeans probably are less sensitive to concerns about privacy because of their cultural characteristics, this might to different results in other cultures.
This research will focus on the effect of privacy concerns individuals feel in relation to their willingness to disclose personal information and the effect of stricter data security regulations on this relationship. The effect of a (previous) good website experience on privacy concerns will also be investigated. The research question is as follows: What is the relationship between a good (previous) website experience and privacy concerns, and how do privacy concerns influence an individuals’ willingness to disclose personal information? The sub question of this
research is the following: How does the stricter data security regulation influence the relationship between privacy concerns and willingness to disclose personal information?
This research contributes to existing literature in a couple of ways. First, by investigating the relationship between a good (previous) website experience and privacy concerns. Secondly, by looking into the effect of the new data security regulation (GDPR) on the relationship between privacy concerns and willingness to disclose personal information. Thirdly, by providing insight the effect of website experience on the willingness to disclose personal information. The results of this research provide managers with valuable information about factors influencing the consumer’s willingness to disclose personal information. This study also provides managers with information about the importance of providing consumers with an excellent website experience.
The structure of this thesis is as follows: first a literature review will be provided to serve as a basis for the research at hand. Next the data collection and analysis method will be discussed in the methodology chapter. The results of the analyses conducted during this research will be discussed after the methodology chapter. After the results of this research have been presented the discussion chapter will elaborate on the results from the analysis, provide concluding remarks, and provides the reader with the theoretical and managerial implications. Directions for further research will also be provided in this chapter.
2. LITERATURE REVIEW
In the recent past only a handful of firms were actively tracking individual consumer characteristics and online behaviour with the use of computer databases that held personal information (Phelps, Nowak & Ferrel, 2000). Nowadays almost all companies are storing and analysing personal data, ranging from retailers to non-profit organizations. Personal information of individuals is becoming a resource that is growing in importance since the competitive environment of today is moving towards mass personalisation and good personal services (Premazzi, Castaldo, Grosso, Raman, Brudvig, & Hofacker, 2010). Companies collect information about individuals through cookies that track their online behaviour and via information that the individuals themselves provide to the website. All the information gathered through cookies does require the consent of the individual. Individuals can thus decide whether or not they are willing to share their personal information or browsing behaviour to the websites they visit and third parties. At the time this research was written, consent under current European legislation is defined as “any freely given specific and informed indication of his wishes by which the data subject signifies his agreement to personal data relating to him being processed” (Data Protection Directive Art. 2h). As can be deducted from the definition of consent under the current legislation in Europe, consent is based on an opt-out basis. This is going to change when the new stricter data security regulation (GDPR) will come into effect.
Then consent will be given on a opt-in basis and companies have to get consent again since the old consent is not valid anymore. It is thus of utmost importance that companies know exactly what the most important factors are which influence an individual’s willingness to provide personal information and how they can influence this. Companies that know how to influence individuals to disclose their personal information in an online setting are more likely increase their revenue of the online channel (Gupta, Iyer, & Weisskirch, 2010).
To give the reader an idea of what is going to be investigated during this research the conceptual model for this research is provided in figure 1.
FIGURE 1 - CONCEPTUAL MODEL
2.1 Willingness to disclose personal information
Because individuals have the ability to opt-out of giving their personal information to companies and personal information sharing is crucial for some retailers and social media platforms, it is important to look into what is known about the factors that influence the willingness to disclose personal information. The definition used in this research of willingness to disclose personal information is provided by Mothersbaugh, Foxx II, & Beatty (2012, p. 77):
“an individual’s willingness to reveal personal information to a firm online”. This definition is suitable for this research since it is about the sharing of personal information in an online setting, excluding the offline component.
When individuals are asked to disclose personal information by a website they have to make a trade off or a cost-benefit analysis. The cost of this exchange is that individuals have to give up some of his or her privacy which may lead to concerns because they do not control who has access to their data (Mohamed & Achmad, 2012). Benefits of this exchange can be access to the website or offers that are more relevant (Chellappa & Sin, 2005). This exchange can be explained by a theory developed by Thibaut & Kelley in 1959, the social exchange theory. This theory states that people evaluate exchanges based on the costs and benefits it brings them (Schumann, Wangenheim & Groene, 2014; Malhotra, Kim, Agarwal, 2004; Park et al, 2012).
This calculation is not always done objectively (Min & Kim, 2015). Assessing whether
something is worth the costs is also done via the means of heuristics (Tversky & Kahneman, 1974), through which an individual can make a cost-benefit analysis by giving subjective values to the perceived benefits which could be completely wrong (Acquisti & Grossklags, 2007).
Another theory underlying this trade-off is the privacy calculus theory developed by Laufer and Wolfe in 1977. This theory is, just like the social-exchange theory, used to get a better understanding of the information sharing behaviour of individuals (Lee et al., 2015). This theory states that individuals assess the pros and cons before disclosing information. They calculate the outcome of sharing information and subsequently decide whether they want to disclose their personal information. Individuals who make this calculation expect a “break- even” outcome and are more likely to disclose personal information and are willing to embrace the loss of their privacy when the perceived benefits are greater. Culnan and Armstrong (1999) state that the economic or social value an individual expects to get must be enough for them to disclose personal information. Individuals are thus willing to share information with companies, as long as the perceived benefits outweigh the perceived costs (Culnan & Bies, 2003; Schumann et al., 2014).
2.2 Website experience
Customer experience, and especially the online customer experience is of increasing interest for companies (Verhoef et al., 2009). Studies have stated the importance of the online experience for consumers on their behaviour (Klaus, 2013). In an online context the customer experience is referred to as “online customer experience” (OCE from now on). Novak, Hoffman
& Yung (2000, p. 22) define OCE as “the cognitive state experienced during navigation”. Rose, Clark, Samouel, & Hair (2012) extend this definition by including the affective state in their conceptualization of OCE. According to their article, individuals both cognitively and affectively process sensory information from a website which results in an impression stored in their memory. For the purpose of this research, the definition of online customer experience is adopted from the work of Rose et al. (2012, p. 309): “the psychological state manifested as a subjective response to the website”. This definition suits this research since it is focussed on the online website component of the customer experience.
Literature identifies a couple of characteristics of OCE. Firstly, previous experiences have an influence on future behaviour (Ling, Chai, and Piew, 2010). OCE is thus an accumulation of
previous experiences. Secondly, the website owner does not totally control all of the aspects of the OCE since the contact takes place online and not in a physical store (Verhoef et al., 2009;
McColl-Kennedy, Gustafsson, Jaakkola, Klaus, Radnor, Perks, & Friman, 2015). Previous studies identified three outcomes of a good OCE which are satisfaction, trust and repurchase intention (Ha and Perks, 2005; Janda and Ybarra, 2005; So, Wong and Sculli, 2005; Jin, Park, and Kim 2008; Ranaweera, Bansal, and McDougall, 2008).
A holistic and positive customer experience with a firm or brand results in customer engagement in the long run (Bilgihan, Kandampully, & Zhang, 2016). Providing individuals with a positive website experience is very important for building and maintaining a good relationship, increasing loyalty and reputation, and in the end survival in the marketplace (Duhé, 2007; Vorvoreanu, 2008). According to Luo et al (2011), a good online customer experience will lead to improved customer loyalty. For a consumer to be loyal to a firm, there has to be a certain amount of trust (Sirdeshmukh, Singh, & Sabol, 2002; Jin & Park, 2006).
Rose et al. (2012) posit that trust is an outcome of a good online customer experience. Trust is also closely related to privacy concerns. Trust and privacy concerns are negatively related which means that the higher amount of trust, the lower the amount of privacy concerns an individual has (Chellappa & Sin, 2005; Acquisti, Brandimarte, & Loewnstein, 2015). Based on the information provided in the previous section, the following hypothesis has been constructed:
H1: A positive (previous) website experience is negatively related to privacy concerns.
2.3 Privacy concerns
Privacy is a construct on which a lot of research has been conducted throughout the years and especially in the past decades there has been a resurgence in privacy literature. One of the first pieces of literature came from Warren and Brandeis in 1890, who defined privacy as “the right to be left alone”. Privacy has become an important topic in recent years, especially in the current digital age where personal information is abundant. With the rapid development of technology that gives marketers the option to store and analyse large amounts of personal data, privacy concerns have increased substantially (Norberd, Horne & Horne, 2007). Nevertheless, there still is not one clear definition of privacy (Walsh, Parisi & Passerini, 2017). Different studies have identified multidimensional definitions of privacy. They propose that there are four kinds of privacy: informational privacy, accessibility privacy, physical privacy, and expressive
privacy (Buchanan, Paine, Joinson, & Reips, 2007). In this thesis the focus is on informational privacy since it deals with the control individuals have over their personal information. For this research the definition of informational privacy as described by Buchanan et al. (2007, p. 158) is used: “informational privacy relates to an individual’s right to determine how, when, and to what extent information about the self will be released to another person or organization”. This definition seems fitting in the light of this research since it deals with the factors that influence the willingness to disclose personal information to companies that use that information for their marketing efforts.
Individuals nowadays are very concerned about their privacy and whether their personal information is safe, but one will freely give up personal information to get access to services (i.e. website visit, social media usage) (Evens & Van Damme, 2016; Taddicken, 2017;
Kokolakis, 2017). Some individuals that have privacy concerns do not just provide their personal information but try to manage these concerns: they (1) read the privacy and security policies that firms have in place and decide whether they want to share their information or not (2) do not share personal information at all (3) choose to opt-out of marketing efforts (4) use software that makes them “invisible” to marketers (5) use false identities (Sheehan & Hoy, 2000; Gauzente, 2004; Lanier & Saini, 2008).
There are still some differences in findings in the privacy literature regarding privacy concerns and its relation to willingness to disclose personal information. Multiple studies find no significant relationship between privacy concerns and willingness to disclose personal information (LaRose, 2004; Metzger, 2006; Motherbaugh et al., 2012). This can be due to the privacy-calculus theory discussed earlier, where individuals still share information regardless of their privacy concerns. Contrasting that, multiple studies found a negative relationship between privacy concerns and willingness to disclose information (Castañeda & Montoro, 2007; Walrave & Heirman, 2013). The work of Dinev and Hart (2006) found that the risks of opportunistic behaviour of firms online with personal information negatively influenced willingness to disclose personal information. Nam, Song, Park, & Ik (2006) state that individuals rather do not share personal information online because of concerns for their privacy. Thus, the more privacy concerns an individual has, the less likely he or she is to disclose personal information to a firm. Therefore, following hypothesis is constructed:
H2: Privacy concerns are negatively related to the willingness to disclose personal information.
2.4 Data security regulations
With the rise of technology that enables companies to automatically store large quantities of personal data across the world in mere seconds the need for the protection of this data also emerged. The first effort to answer to the need for protection of personal data in Europe came from the Organization for Economic Cooperation and Development (OECD) in 1980. The OECD came with “Recommendations of the Council Concerning Guidelines Governing the Protection of Privacy and Trans-Border Flows of Personal Data” in which they included seven principles which could be added to national legislations or serve as a base for countries that did not yet have legislations for data privacy (OECD, 1980).
The OECD does not have the power to legally bind countries to make use of these principles in order to secure the personal data that is being collected from Europeans. On the 25h of October in 1995 the European Parliament and the European Council introduced the Data Protection Directive, officially named Directive 95/46/EC, which was implemented on 24th of October 1998. This is a directive “on the protection of individuals with regard to the processing of personal data and the free movement of such data and contains all of the seven aforementioned principles issued by the OECD (Directive 95/46/EC).
Because of the changing online information landscape, the European Parliament and Council decided that the Data Protection Directive was not sufficient anymore and came with a new regulation regarding personal data in the European Union, the General Data Protection Regulation. The General Data Protection Regulation (GDPR) will be enforced from the 25th of May 2018 onwards. The GDPR has a much broader scope than the Data Protection Directive.
The goal of the GDPR is that individuals in the European Union have more control over what happens with their information and who uses it. Next to the fact that consumers have to opt-in instead of opt-out there are more changes. Companies can no longer use the long and complicated user agreements anymore. The descriptions used in the cookie request have to be short and clear for what purpose the information is collected. The consequence of this is that companies have to change their current user agreements. Also, each type of data requires a different consent so that the consumer does not get the feeling they are giving consent for all or none of their information. Under the GDPR consumers will have a lot more rights than under the previous data protection legislation. One thing that is clear is that individuals will have substantially more control over their personal data under the GDPR.
Phelps, Nowak & Ferrell (2000) state that giving consumers more control over the use of their personal information can lower privacy concerns that they might have. Olivero and Lunt (2004) also state that providing individuals with more control will lead them to think that they can avoid unwanted privacy intrusions. Literature states that privacy concerns have an influence on trust individuals feel towards companies. The higher the privacy concerns about a firm, the less they trust that firm (Wu, Huang, Yen, Popova, 2012). From this relationship one can infer that if an individual trusts a company, they have low feelings of privacy concern towards that firm.
Lee and Joseph (2013) state that organizations who are transparent are seen as trustworthy in the eye of the consumer. Transparency will thus lead to less privacy concerns.
The new data protection regulations will provide the individual with a high degree of control and transparency. Since control (Hong & Thong, 2014; Olivero & Lunt, 2004) and transparency (Morey, Forbath & Schoop, 2015) are important antecedents of an individual’s trust towards a firm, and trust is an important antecedent of willingness to share information (Heirman, Walrave, & Ponnet, 2013; Metzger, 2006), the following hypothesis is constructed:
H3: Stricter Data Protection Regulations (GDPR) are positively related to willingness to disclose personal information.
As touched upon earlier, a good online experience will lead to loyalty and trust in individuals that have that experience. Because the GDPR provides the consumer with more control over their personal information, one could also argue that these stricter regulations might mitigate an individual’s reluctance to disclose personal information. This might counter the negative experience they have on a website. Individuals that had a bad experience on a website on for example a retailer’s website might be willing to provide the site with their information if they are aware of the data security regulations that are in place. Flavian & Guinalui (2006) state that the consumers’ perceived security of their data is an important antecedent of trust. Flavian and Guinalui (2006, p. 604) posit that perceived security can be defined as “the probability with which consumers believe that their personal information (private and monetary) will not be viewed, stored, and manipulated during transit and storage by inappropriate parties in a manner consistent with their confident expectations”. With the new data security regulations, these processes have been arranged very strictly and anyone who is not compliant will face serious fines and penalties. (General Data Protection Regulation, Art. 83-5). Consumers who do not have a lot of trust in a website because of a negative experience might find the website more
trustworthy if they know that privacy legislation is in place. In contrast, if an individual has a good experience with a website, (s)he will most likely develop even more trust towards that website knowing legislation protects him or her. Knowing that there are strict data regulations in place to ensure the safety and proper use of their data will only strengthen this. Next to data security and a good website experience giving individuals feelings of trust, willingness to disclose information towards firms and privacy concerns also rely heavily on trust individuals feel towards those firms. Acquisti et al. (2015) also state that data security regulation that are in place lower privacy concern and increase trust. Therefore, the following hypothesis is constructed:
H4: Stricter Data Protection Regulations (GDPR) weakens the relationship between privacy concerns and willingness to disclose personal information.
2.5 Control variables
This research makes use of four control variables. The control variables included in this research are: age, income, trust in website, and internet experience. Literature states that as people get older, they are less willing to disclose information. Privacy concerns also increase as people get older (Goldfarb & Tucker, 2012). Younger people are therefore also more inclined to provide information because they cannot oversee the consequences of them sharing information (Taraszow, Aristodemou, Shitta, Laouris, & Arsoy, 2010). Younger people are also more inclined to trust that data protection legislation that is in place will protect them than older people (Hoofnagle, King, Li, & Turow, 2010). Gender is also associated with differences in privacy concerns and willingness to share information. Women have more privacy concerns than men (Hoy & Milne, 2010). Next to women having more privacy concerns they also seem to disclose more information than men (Mesch & Beker, 2010). This seeming paradox can be explained by the privacy behaviour to protect themselves that women undertake (Hoy & Milne, 2010). Income also has an effect on how much privacy concern one has. Zukowski and Brown (2007) found that the higher the income of an individual, the higher the privacy concerns are that individual has. Internet experience is also found to decrease privacy concerns in the individual (Bellman, Johnson, Kobrin & Lohse, 2004; Malhotra, Kim, & Agarwal, 2004). The last control variable in this research is trust in websites. Bansal, Zahedi, and Gefen (2016) state that trust is a crucial part in determining the extend of privacy concerns an individual has and whether (s)he wants to share information.
3. METHODOLOGY
This chapter will discuss the research sample so that the reader has a good view of what data was used to test the hypotheses.
3.1 Type of data collection method
This research made use of a web-based survey for the data collection. This survey was posted on social media (Facebook & LinkedIn) and was further distributed inside the University Library of Groningen and the University of Groningen Campus location Zernike. The distribution within the University Library and the Campus location Zernike was done by printing small leaflets with the link to the survey. The leaflets were placed in front of each computer with the message if they could help by filling out the survey. This type of data collection was chosen because it is a relatively easy way to collect a lot of data without a lot of resources (Blumberg, Cooper & Schindler, 2014). This type of data collection method is very convenient since everybody that sees it is able to share it to their own network. It has the potential to reach a lot of people with relatively little resources.
3.2 Population and sampling method
The target group for this research consists of everybody that uses the internet, so almost everybody in modern times. The sampling method used in this research is convenience sampling combined with snowball sampling. Convenience sampling is a sampling method that is very easy and cheap to use since this entails choosing respondents that are available. Snowball sampling is choosing initial respondents to participate and those initial participants can identify further respondents. Since time and resources are limited, both these sampling methods are ideal for this research since they are very easy to use and (Blumberg, Cooper, & Schindler, 2014). Combining these two sampling methods will lead to a relatively easy data collection with a great reach within the limited timeframe.
3.3 Operational definitions
For each variable included in this research, operational definitions were taken from existing literature. For most constructs a 7-point Likert scale was used. The scale ranged from one
(strongly disagree) to seven (strongly agree). According to Croasmun and Ostrom (2011) a Likert scale with seven points will deliver a high reliability. Making use of a Likert scale with more points will result in an increase of reliability that is so minimal it is not worth the extra work. The constructs were measured through items that were taken from existing literature and translated into Dutch. These items were used to make sure the survey was valid and reliable. In total, 21 items were taken from literature. The variable website experience was measured using eight items taken from the work of Sauro and Lewis (2016). For the privacy concern variable, two construct from literature were used: (i) General Privacy Concerns and (ii) Informational privacy concerns. The general privacy concern items were adopted from the work of Malhotra et al. (2004). The four items for the informational privacy concerns construct were taken from the work of Lee et al. (2015). The effect of stricter data security regulations was measured by showing 50% of respondents some information about what it entails and how it protects them.
The other 50% were not given any information. Willingness to disclose personal information was measured by asking the respondent whether they are willing to share personal information with the website. The item for the control variable internet experience was taken from the article of Lee et al. (2015). The four items of the control variable trust in website were taken from the research of Taylor, Davis, and Jillapalli (2009). The items of each construct can be found in Appendix A.
3.4 Research design
The online available tool Qualtrics was used to make the survey. Qualtrics is software which can be used to make surveys and collect data. Respondents first saw a message thanking them for their participation, then the real survey began. Half of the respondents were shown information about the new data security regulation (GDPR). They were informed about what the GDPR is all about and given bullet-points with information about what benefits the new legislation offers them. The other 50% were not given this information. The respondents were then asked to think of the website they last visited when filling out the questionnaire.
The questions about the two types of privacy concerns were asked first. Then the questions about website experience were asked. Followed by the question if they would be willing to share personal information to their website of choice. In the end the questions about the control variables were asked. It was expected that if the questions about the variables were asked last, respondents would be more likely to drop out since these consisted of more items to answer.
Therefore, it was decided to ask the control variable question at the very since these questions were very short and could be answered the quickest.
3.5 Plan of analysis
The analyses for this research were conducted with the 23rd version of the Statistical Package for Social Sciences (SPSS). Before any analysis was done, the data gathered from the survey was cleaned, which entailed checking for missing values and outliers. To check whether the items within a construct were related, a correlation analysis was conducted. Significant correlations between items within a construct give a small indication that these items can be taken together for further analysis. To check whether this actually was the case, a principal component analysis (PCA) and reliability analysis were conducted.
A principle factor analysis (PCA) was conducted to check whether the items within a construct were valid. After the principal factor analysis, a reliability analysis was conducted to check whether the items within a construct are internally consistent. To check for internal consistency, the Cronbach’s Alpha value was inspected. The Cronbach’s Alpha is one of most widely used measure of reliability (Tavakol & Dennick, 2011).
Since the dependent variable of this research is binary (0 = not willing to share personal information, 1 = willing to share information), a binary logistic regression was conducted. This research deals with a moderated (GDPR) mediation model (Privacy Concerns). The PROCESS Macro developed by Andrew F. Hayes was used since with this macro a logistic moderated mediation model can be performed at once (Hayes, 2012). The conceptual model developed for this research is the same as the 14th model develop by Hayes.
4. RESULTS
In this chapter the results of the analyses conducted will be discussed. In this research 163 respondents were found. 33 participants did not finish the entire survey, which means that there was a dropout rate of 20,2%. All missing responses could be imputed, except for gender. Since the control variable gender was asked at the end of the survey, all responses that were incomplete did not specify gender. Gender is a nominal variable and cannot be imputed.
Including gender for the analysis would mean that 33 responses had to be deleted, which would have a significant impact on the analyses conducted. Since gender a control variable, and is not a variable on which this research is built on, it was decided to leave gender out of the analysis.
The analyses were therefore done with the complete set of 163 respondents. Respondents were forced to answer each question so that they could not skip one.
4.1 Data cleaning
Before analysing the gathered data, a couple of steps have to be taken to be sure the data is complete and clean. The data is examined so that data entry and other errors are located and fixed. The first step was to look at potential outliers in the dataset. An outlier is a data point that is really far outside the norm for a particular variable (Osborne & Overbay, 2004). To check whether there were any outliers in the data, every variable was explored on face value and the descriptive statistics were studied. Next to the descriptive statistics, boxplots and histograms were also examined. All the items measured on a 7-point Likert scale showed, as expected, no strange values. All answers were between one and seven. The age variable varied from 17 to 65. These are numbers that make sense and here no outliers or odd values were detected. After concluding that no outliers were present in the data, the next step was to look at the missing values that the dataset had. As touched upon earlier, there were some missing data points in the dataset due to the fact that not everybody finished the survey completely. All missing values were imputed by taking the series mean and using that mean as the entry. Since the variable Gender cannot be imputed and performing the analysis with the gender variable included would result in 33 responses not being used, it was decided to leave this variable out of the analysis.
The control variable income had an option in which respondents could choose to rather not say their income. These answers were deleted and replaced by the mean of the series as well.
4.2 Descriptive statistics
The dataset thus consists of 163 respondents. Out of the respondents who did fill out their gender, 63,1% was male and 39,9% female. The average age of respondents is 31 (M = 30,79, SD = 12.06). The youngest person to respond was 17 years old and the oldest person was 65 years old. The average height of income was the third option in the data set, 20.000-29.000 (M
= 3,17, SD = 1,65).
4.3 Correlation analysis
The first step in analysing the data is to check whether the items within a construct correlate with each other. All items within the constructs General Privacy Concerns, Informational Privacy Concerns, Trust in Website showed significant correlations with each other. The only construct in which the items did not always show significant correlation with each other is the construct Website Experience. Website Experience was measured through means of eight items: WX1 through WX8. The correlation table shows significant correlations between WX1, WX2, WX6, WX7, and WX8. These items showed no significant correlation with WX3, WX4, and WX5. The three items that did not have significant correlations (WX3, WX4, & WX5) with the other items did show significant correlation with each other.
The correlation analysis showed that there is a possibility that the items for the General Privacy Concerns, Information Privacy Concerns, Trust in Website construct can be taken as one for further analysis. The two sets of website experience items that showed correlations can also be investigated further.
4.4 Principal Component Analysis
After the correlation analysis, a Factor Analysis was conducted to see whether the items within the constructs actually measure the same underlying dimension. Variables that are correlated with each other but differ from other variables in the dataset are combined and put into factors.
These factors reflect the underlying process that are the cause of the correlation (Tabachnick &
Fidell, 2013; Field, 2013).
Before conducting a factor analysis, two assumptions have to be met to make sure it is useful and suited. The first assumption was that the Kaiser-Meyer-Olkin should be above 0.6 and the second that the Bartlett’s Test of Sphericity should be significant. These assumptions were met with a Kaiser-Meyer-Olkin score of 0.781 and a significant Bartlett’s Test of Sphericity. Since both assumptions have been met a principal component analysis is suited for this research.
The principal components analysis analyzes variance between all variables in the model (Tabachnick & Fidell, 2013). The constructs General Privacy Concerns (GPC), Informational Privacy Concerns (IPC), Website Experience (WX) and Trust in Website (TIW) were entered into the analysis. To discover how many factors are actually identified by the Factor Analysis, the eigenvalues, scree plot, and the rotated component matrix were inspected. The optimal amount of factors can be identified by looking how many of the components have an eigenvalue higher than one, how many components explain more than 60% of the total variance explained, and which factors explain more than 5% individually. The analysis showed four components with an eigenvalue higher than one. Five components explained more than 5% of variance individually. Three components explained more than 60% of the cumulative variance. This does not give final proof of how many factors are suited for this research. Therefore, the scree plot was inspected. The scree plot showed that four factors can be identified. According to Cattell (1966), one should look at the point on which there is a significant drop or break in the scree plot, in other words: where the line evens out. Lastly, the rotated component matrix was inspected.
The rotated component matrix identified four components in which the items loaded. The rotation method used was the Varimax with Kaiser Normalization, which is an Orthogonal method of rotation. Orthogonal rotation methods make sure the variables are uncorrelated with each other (Tabachnick & Fidell, 2013). The loading scores can be found in table 1.
TABLE 1 – ROTATED COMPONENT MATRIX
1 2 3 4
GPC1 .687 (.687)
GPC2 .648 (.646) GPC3 .825 (.825) IPC1 .835 (.834) IPC2 .803 (.804) IPC3 .789 (.790) IPC4 .776 (.777)
WX1 .815 (.818)
WX2 .852 (.856)
WX3 .838 (.843)
WX4 .860 (.865)
WX5 .530 (.546)
WX6 .537 (.527)
WX7 .663 (.657)
WX8 .781 (.780)
TIW1 .819 (.827)
TIW2 .836 (.834)
TIW3 .918 (.915)
TIW4 .656 (deleted) .626 (deleted)
The general privacy concerns and informational privacy concern constructs loaded into the same component. This factor thus describes privacy concerns (PC) people have. When taking the correlation analysis into consideration, we would expect that the WX1, WX2, WX6, WX7 and WX8 would load into the same factor. Also, it is expected that WX3, WX4, WX5 load into the same component. This is exactly what happened. The items that were correlated loaded into their own respective components. The factor consisting of WX1, WX2, WX6, WX7, and WX8 relates to the usability and attractiveness of the website and WX3, WX4 WX5 relate to the trustworthiness of the information on the website. The items of the control variable trust in website also loaded in their own factor. This factor (TIW) thus resembles the trust people have in the website itself and in how this website handles their personal information. As can be seen in table 1, the fourth item of Trust in Website loaded equally in two factors.
Costello and Osborne (2005) state that sometimes dropping a problematic item can solve this problem. They also state that when three items are still left in a factor with strong loadings of above 0.5 indicates a strong component. Since both components in which TIW4 loaded still have three factors left with strong loadings above 0.5, it was decided to delete the TIW4 item
and run the factor analysis again. The new scores can be found within brackets in table 1. The loadings of the other items did not change a lot after deletion.
Based on the previous analyses the General Privacy Concerns and Informational Privacy Concerns it seems that these items can be taken together for further analyses. The same is true for the items for Trust in Website. The five Website Experience items (WX1, WX2, WX6, WX7, WX8) also look like they can be taken together. This also stands true for WX3, WX4 and WX5.
4.5 Reliability analysis
After the factor analysis was conducted and showed evidence for the fact that the individual items of the construct can be taken together for further analysis, the Cronbach’s Alpha was calculated. The Cronbach’s Alpha was developed “to provide a measure of the internal consistency of a test or scale; it is expressed as a number between 0 and 1” (Tavakol & Dennick, 2011, p. 53). The internal consistency can be described as to which extent items within a construct measure the same underlying dimension, so it is about the relatedness between items within a concept (Tavakol & Dennick, 2011).
The level from which items are acceptably internally consistent is when a Cronbach’s alpha of 0,7 is reached (Tavakol & Dennick, 2011). The scale of items of the control variable Trust in Website showed to be highly reliable (α = 0.927). The items for Informational Privacy concern showed to be highly reliable as well (α = 0.883). The General Privacy concerns’ items were also highly reliable (α = 0.731). Since the factor analysis showed that Informational and General privacy concerns loaded into the same factor, these items were also entered into a reliability analysis to check for internal consistency. These items showed to be highly reliable as well (α
= 0.888). With a Cronbach’s alpha of α = 0.798 for the first set of website experience items (WX1, WX2, WX6, WX7, WX8) showed to be highly reliable. The second set of website experience items (WX3, WX4, WX5) also showed to be highly reliable (α = 0.768).
New variables were constructed by calculating the average of all the items within the construct based on the correlation, principal component, and reliability analyses. All the remaining trust in website items were computed into a new variable TIW. All general and informational privacy concerns items were computed into a new variable named PC. Two new variables were made
for the website experience variable, since this construct loaded into two different components;
WX1 and WX2. The new variable WX1 consists of the five factors WX1, WX2, WX6, WX7 and WX8. The new variable WX2 consists of the remaining three items WX3, WX4 and WX5.
4.6 Assumption testing
To see what the effects of the independent and control variables are on the willingness to disclose personal information, a regression has to be conducted. Because the outcome variable is dichotomous and multiple independent variables are present (categorical or continuous), a binary logistic regression fits this research best. Theoretically this analysis suits the kind of model that is being investigated best. Before conducting the actual analysis, first a couple of assumptions have to be tested to check whether the binary logistic regression is suited: absence of outliers, dichotomous outcome, absence of multicollinearity, and linearity of data (Tabachnick & Fidell, 2013).
4.6.1 Absence of outliers & dichotomous outcome
The first assumption is that there are no outliers present in the dataset. Since during the cleaning of the data set no significant outliers were found, this assumption is met. The dependent variable in this research is dichotomous (0 = not willing to share personal information, 1 = willing to share information), the assumption that the outcome variable should be binary is also met.
4.6.2 Absence of multicollinearity
The second assumption is that there should be no multicollinearity between variables.
Multicollinearity arises when there “are high correlations between latent exogenous constructs”
(Grewal, Cote, & Baumgartner, 2004, p. 519). A high degree of multicollinearity between exploratory variables will lead to very large variances (and as a consequence standard errors) on the coefficients of the regression. This leads to low quality estimates of the parameters (Willis & Perlack, 1978). It is therefore important to check this and if present, remedy it. In this research multicollinearity was checked by looking at the VIF (Variance Inflation Factors) scores of the model. Although multicollinearity may still be present, values lower than 10 on the VIF scores indicated that it will not have an impact on the parameter estimates (Griffith &
Harvey, 2001). The analysis used to check for multicollinearity was a linear regression. All sum variables of the independent variables and the control variables were entered as independent
variables, with the willingness to disclose personal information as independent. All VIF score loadings can be found in table 2.
TABLE 2 – RESULTS MULTICOLLINEARITY TEST
Variable VIF Tolerance
WX1 1.126 0.888
WX2 1.489 0.672
PC 1.037 0.965
TIW 1.427 0.701
Age 1.604 0.623
IX 1.049 0.953
Income 1.679 0.596
Field (2013) states that when the largest VIF value is higher than ten, there is a problem. Also, when the mean of the VIF values is much higher than one, the regression may face a bias problem. Field (2013) also states that the tolerance level (1/VIF) should not be below 0.2. Since all VIF scores are below two and the tolerance levels are also satisfactory there is no multicollinearity in the dataset.
4.6.3 Linearity of data
The third assumption is that the continuous variables used in this research are related to the log of the dependent variable. To test this assumption, a logistic regression was conducted where the interaction between each of the predictors and the log are included. To test this, a couple of steps had to be taken first. First, a new variable was made. This variable consists of the log of the original variable. These new log variables were entered into a binary logistic regression together with the original variables. Next to the log and original variables, the interaction between the log and original variables were also included. All these variables were regressed on the dependent variable. For testing linearity, one is only interested in the interaction effect and whether these have a significant effect on the dependent variable. If an interaction effect is significant, then the assumption of linearity in the logistic is not met (Field, 2013). Table 3 shows the significance of each interaction variable in relation to the dependent variable.
TABLE 3 – TEST FOR LINEARITY
Variable Significance
PC * Ln(PC) .552
WX1 * Ln(WX1) .911
WX2 * Ln(WX2) .600
TIW * Ln(TIW) .801
Age * Ln(Age) .631
IX * Ln(IX) .997
Income * Ln(Income) .152
As table 3 shows, not a single interaction has a significant effect on the dependent variable.
This means that the assumption of linearity is not violated. Since all assumption for a binary logistic regression are met, the analysis can proceed.
4.7 Binary Logistic Regression
The conceptual model of this research consists of the independent variable Website Experience (WX), a mediator variable Privacy Concerns (PC), a moderator variable Stricter Data Security Regulations (GDPR), some control variables and a dependent variable Willingness to Disclose Personal Information (WTDPI). The model is the same as Hayes’ 14th model. Since the factor analysis showed that the website experience construct did not load into one component, there are two independent variables. According to Hayes (2017), multiple independent variables can be added into one model as long as these variables are not correlated. Independent variables that are highly correlated could cancel out each others’ effect. Since the correlation matrix showed that the two sets of items were not correlated, one model was estimated including both website experience constructs.
To test for significance a confidence interval of 95% was used in combination with a bootstrapping sample of 1000. The PROCESS Macro for the binary logistic regression develops two models for the moderated mediator model. The first model takes the mediator as the outcome variable. The second model takes the dependent variable willingness to disclose personal information as the outcome variable. The results of the moderated mediation model can be found in table 4.
TABLE 4 – RESULTS MODERATED MEDIATION MODEL
CONSEQUENT
M (PC) Y (WTDPI)
ANTECEDENT Coeff. SE p Coeff. SE p
X (WX1) -.187 .142 .190 .845 .306 .006**
X (WX2) -.034 .113 .765 -.467 .260 .072*
M (PC) - - - .357 .262 .173
V (GDPR) - - - 1.688 1.444 .243
M X V - - - -.495 .332 .136
AGE -.004 .010 .674 -.019 .018 .299
IX -.155 .171 .365 -.945 .788 .230
TIW -.092 .098 .349 .271 .206 .189
INCOME .014 .071 .845 -.130 .139 .350
CONSTANT 6.846 1.469 .000* 3.367 5.941 .571
𝑅"= 0.0353 F(6, 156) = 0.952, p = 0.460
McFadden 𝑅"= 0.1189 Cox-Snell 𝑅"= 0.1363 Nagelkerke 𝑅"= 0.1924
P = 0.005
The first model as a whole is not significant (𝑅" = 0.0353, F(6,156) = 0.952, p = 0.460). The model itself, and none of the variables included in this model, are significant. This means that H1 is not supported. No evidence was found that a good (previous) website experience lowers privacy concerns people have.
The second model was significant with a p-value of 0.0045. This means the significant relationships within this model can be interpreted. Looking at the p-values for this model, one can see that the WX1 construct, which represented the usability and attractiveness of the website during the website visit, shows a significant relationship with willingness to disclose personal information (β = .845, p = < .006). This means that there is a significant direct relationship between part of the independent and dependent variable. The rest of the variables did not show a significant effect on the willingness to disclose personal information. The WX2 construct showed no significant relationship with willingness to disclose personal information (β = -.467, p = 0.072). Privacy concerns do not have a significant effect on peoples’ willingness to share information (β = .357, p = .173). This means that H2 is not supported. Since there is no significant relationship between being aware of stricter data regulations and willingness to
disclose personal information (β = 1.688, p = .243), H3 is not supported as well. The other variables also do not significantly influence peoples’ willingness to disclose personal information. Unfortunately, the interaction term of privacy concerns * GDPR is not significant.
This means that H4 is not supported. The consequence of the absence a moderation effect is that moderated mediation is not present. This is confirmed by looking at the index of moderated mediation provided in the output of the Hayes PROCESS Macro. When looking at the lower and upper level confidence intervals (LLCI and ULCI), one can observe that the values cross zero. This means that zero is a probable value. This implies that there is no moderated mediation. The upper and lower confidence intervals were inspected. Since the moderator in dichotomous, this tests the equality of the conditional effects in the two groups. The results are shown in table 5.
TABLE 5 – INDEX OF MODERATED MEDIATION
INDEX SE LLCI ULCI
PC .0924 .1298 -.0508 .5438
Since a good (previous) website experience does not have a significant effect on privacy concerns and privacy concerns do not have a significant effect on willingness to disclose personal information, mediation is also not present.
For interpretation of the significant variables in the logistic regression, the exponent of β is be inspected. Taking the exponent of β will result in an odds ratio. An odds ratio is “an outcome will occur given a particular exposure, compared to the odds of the outcome occurring in the absence of that exposure” (Szumilas, 2010, p. 227). For the WX1, the usability of the website, construct this is exp(0.845) = 2.33. This means that if a usability of a website increases with one unit, the odds that that someone will be the willing to disclose personal information compared to not willing to disclose personal information goes up with 133%. The other variables’ effect on the willingness to disclose personal information cannot be interpreted since they are not significant.
5. DISCUSSION
5.1 Discussion of findings
In the first part of this chapter the results of the performed analyses will be discussed. The second part will provide the reader with the theoretical and practical implications. Lastly, the limitations of this research will be discussed and directions for further research will be provided.
The first hypothesis developed for this research looked into the effect of a good (previous) website experience on privacy concerns. A negative relationship between a good (previous) website experience and privacy concerns was expected. A good (previous) website experience was thus expected to result in lower privacy concerns. This hypothesis was not supported by the data. An explanation for this outcome can be deducted through use of literature. Literature identifies trust as an one of the outcomes of a good customer experience (Lemon and Verhoef, 2016; Rose et al., 2012). Trust is also identified as a very important antecedent of privacy concerns. Literature has stated that trust lowers privacy concerns (Krasnova, Spiekermann, Koroleva, & Hildebrand, 2010; Tadei & Contena, 2013). A possible explanation could be that the developed trust through a good website experience may not be enough to counter the privacy concerns individuals feel. A good website experience alone might not be enough to lower privacy concerns.
The second hypothesis looked into the effect of privacy concerns on willingness to disclose personal information. It was expected that privacy concerns were negatively related to willingness to disclose personal information. Higher privacy concerns were thus expected to lead to a lower willingness to disclose personal information. In contrast to expectation, this hypothesis was not supported. Privacy literature provides a reason for this outcome. Several studies also found that privacy concerns do not per se lead to a lower willingness to disclose personal information (Spiekermann, Grossklags, & Berendt, 2001; Metzger, 2006, Motherbaugh et al., 2012). The reason can be found in the so called privacy calculus theory (Laufer and Wolfe, 1977). This theory states that even when individuals experience privacy concerns, he or she is still willing to disclose personal information if the perceived benefits outweigh the costs. Individuals thus make a calculation whether they think the loss of privacy is worth the potential benefit. These benefits can range from discounts, more personalized offers or access to a particular website. When filling out the survey, participants might have made this
calculation and decided that the loss of privacy was worth the perceived benefits and were thus still willing to share personal information.
The third hypothesis developed in this research looked into the relationship between stricter data security regulation (GDPR) and peoples’ willingness to disclose personal information. The expectation was that if individuals were aware of the new data security regulation, their willingness to disclose personal information would go up. This hypothesis was not supported by the data. Being aware of the data security legislation that provides people with more control and transparency did not significantly influence people’s willingness to disclose personal information. This result is strange since people’s willingness to disclose personal information relies heavily on the perception of degree of control individuals have over their data, which lowers privacy concerns and increases trust (Nowak & Ferrell, 2000; Wu et al., 2012). A logical reason for this outcome is the many data scandals that have seen the light of day in the last couple of years. Especially the recent scandal involving the companies Facebook and Cambridge Analytica, where the personal information of 87 million Facebook users was compromised and used for political goals (Cadwalladr, 2017), had a large impact on trust people have in data security. This scandal was world news and almost everybody knew about what happened. Wirtz and Lwin (2009) state that the consequence of data breaches is lower feelings of trust. Baumeister, Bratslavsky, and Finkenauer (2001) state that events that are perceived as bad have a larger impact than good ones. Remembering the data breaches will thus most likely outweigh the effect of stricter data regulations, which seems to be a reasonable explanation to this surprising finding.
The fourth and last hypothesis of this research looked into the moderating effect of being aware of the stricter data regulation on the relationship between privacy concerns and willingness to disclose personal information. The expectation was that stricter data security legislation would weaken this relationship. This means that if people are aware of the stricter data security regulation, the effect of privacy concerns on willingness to disclose personal information would be lower compared to people who were not aware of this regulation. This hypothesis was not supported by the data. The reason for this can be found in the same area as why the third hypothesis was not supported. The new data security legislation provides the consumer with more control over their information and increases the the transparency about what is done by it. Both control and transparency are antecedents of trust. Trust lowers privacy concerns (Chellappa and Sin, 2005), and increases willingness to disclose personal information (Acquisti
