{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,31]],"date-time":"2026-03-31T08:42:32Z","timestamp":1774946552070,"version":"3.50.1"},"reference-count":59,"publisher":"Emerald","issue":"5","license":[{"start":{"date-parts":[[2017,11,13]],"date-time":"2017-11-13T00:00:00Z","timestamp":1510531200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.emerald.com\/insight\/site-policies"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["ICS"],"published-print":{"date-parts":[[2017,11,13]]},"abstract":"<jats:sec><jats:title content-type=\"abstract-subheading\">Purpose<\/jats:title><jats:p>This paper presents an initial development of a personal data attitude (PDA) measurement instrument based on established psychometric principles. The aim of the research was to develop a reliable measurement scale for quantifying and comparing attitudes towards personal data that can be incorporated into cybersecurity behavioural research models. Such a scale has become necessary for understanding individuals\u2019 attitudes towards specific sets of data, as more technologies are being designed to harvest, collate, share and analyse personal data.<\/jats:p><\/jats:sec><jats:sec><jats:title content-type=\"abstract-subheading\">Design\/methodology\/approach<\/jats:title><jats:p>An initial set of 34 five-point Likert-style items were developed with eight subscales and administered to participants online. The data collected were subjected to exploratory and confirmatory factor analyses and MANOVA. The results are consistent with the multidimensionality of attitude theories and suggest that the adopted methodology for the study is appropriate for future research with a more representative sample.<\/jats:p><\/jats:sec><jats:sec><jats:title content-type=\"abstract-subheading\">Findings<\/jats:title><jats:p>Factor analysis of 247 responses identified six constructs of individuals\u2019 attitude towards personal data: protective behaviour, privacy concerns, cost-benefit, awareness, responsibility and security. This paper illustrates how the PDA scale can be a useful guide for information security research and design by briefly discussing the factor structure of the PDA and related results.<\/jats:p><\/jats:sec><jats:sec><jats:title content-type=\"abstract-subheading\">Originality\/value<\/jats:title><jats:p>This study addresses a genuine gap in research by taking the first step towards establishing empirical evidence for dimensions underlying personal data attitudes. It also adds a significant benchmark to a growing body of literature on understanding and modelling computer users\u2019 security behaviours.<\/jats:p><\/jats:sec>","DOI":"10.1108\/ics-11-2016-0085","type":"journal-article","created":{"date-parts":[[2017,10,3]],"date-time":"2017-10-03T19:12:43Z","timestamp":1507057963000},"page":"560-579","source":"Crossref","is-referenced-by-count":26,"title":["Measuring attitude towards personal data for adaptive cybersecurity"],"prefix":"10.1108","volume":"25","author":[{"given":"Joyce Hoese","family":"Addae","sequence":"first","affiliation":[]},{"given":"Michael","family":"Brown","sequence":"additional","affiliation":[]},{"given":"Xu","family":"Sun","sequence":"additional","affiliation":[]},{"given":"Dave","family":"Towey","sequence":"additional","affiliation":[]},{"given":"Milena","family":"Radenkovic","sequence":"additional","affiliation":[]}],"member":"140","reference":[{"key":"key2020120501385685300_ref001","first-page":"36","year":"2006"},{"key":"key2020120501385685300_ref002","year":"2016"},{"key":"key2020120501385685300_B2a","first-page":"602","year":"2016"},{"key":"key2020120501385685300_ref003","unstructured":"Australian Government (2014), Privacy amendment (enhancing privacy protection) act 2012, Australian Government. [accessed]."},{"key":"key2020120501385685300_ref004","first-page":"13","article-title":"The personalization privacy paradox: an empirical evaluation of information transparency and the willingness to be profiled online for personalization","year":"2006","journal-title":"MIS Quarterly"},{"issue":"2","key":"key2020120501385685300_ref005","doi-asserted-by":"crossref","first-page":"138","DOI":"10.1016\/j.dss.2010.01.010","article-title":"The impact of personal dispositions on information sensitivity, privacy concern and trust in disclosing health information online","volume":"49","year":"2010","journal-title":"Decision Support Systems"},{"issue":"3\/4","key":"key2020120501385685300_ref006","first-page":"245","article-title":"Trustworthiness in electronic commerce: the role of privacy, security, and site attributes","volume":"11","year":"2002","journal-title":"The Journal of Strategic Information Systems"},{"key":"key2020120501385685300_ref007","volume-title":"Location Privacy in Ubiquitous Computing","year":"2005"},{"key":"key2020120501385685300_ref008","first-page":"217","article-title":"Methods for testing discriminant validity","year":"2011","journal-title":"Management & Marketing-Craiova"},{"issue":"3","key":"key2020120501385685300_ref009","first-page":"25","article-title":"Exploring interpretations of data from the internet of things in the home","volume":"25","year":"2013","journal-title":"Interacting with Computers"},{"issue":"2","key":"key2020120501385685300_ref010","doi-asserted-by":"crossref","first-page":"157","DOI":"10.1002\/asi.20459","article-title":"Development of measures of online privacy concern and protection for use on the internet","volume":"58","year":"2007","journal-title":"Journal of the American Society for Information Science and Technology"},{"key":"key2020120501385685300_ref011","article-title":"Information technology program students\u2019 awareness and perceptions towards personal data protection and privacy","year":"2013"},{"key":"key2020120501385685300_ref012","volume-title":"The Essentials of Factor Analysis","year":"2006"},{"issue":"1","key":"key2020120501385685300_ref013","doi-asserted-by":"crossref","first-page":"61","DOI":"10.1287\/isre.1060.0080","article-title":"An extended privacy calculus model for e-commerce transactions","volume":"17","year":"2006","journal-title":"Information Systems Research"},{"issue":"2","key":"key2020120501385685300_ref014","doi-asserted-by":"crossref","first-page":"105","DOI":"10.1207\/s15327744joce1602_2","article-title":"Information privacy in the service sector: an exploratory study of health care and banking professionals","volume":"16","year":"2006","journal-title":"Journal of Organizational Computing and Electronic Commerce"},{"key":"key2020120501385685300_ref015","first-page":"359","volume-title":"Attitudes on data protection and electronic identity in the European Union","author":"EU Commission","year":"2011"},{"key":"key2020120501385685300_ref016","volume-title":"Encyclopedia of Statistics in Behavioral Science","year":"2005"},{"issue":"5","key":"key2020120501385685300_ref017","doi-asserted-by":"crossref","first-page":"967","DOI":"10.1177\/014920639502100509","article-title":"A review of scale development practices in the study of organizations","volume":"21","year":"1995","journal-title":"Journal of Management"},{"issue":"1","key":"key2020120501385685300_ref018","doi-asserted-by":"crossref","first-page":"3","DOI":"10.1093\/idpl\/ipr025","article-title":"Who is responsible for \u201cpersonal data\u201d in cloud computing?\u2014the cloud of unknowing, part 2","volume":"2","year":"2012","journal-title":"International Data Privacy Law"},{"key":"key2020120501385685300_ref019","doi-asserted-by":"crossref","first-page":"275","DOI":"10.25300\/MISQ\/2013\/37.1.12","article-title":"Internet privacy concerns: an integrated conceptualization and four empirical studies","volume":"37","year":"2013","journal-title":"MIS Quarterly"},{"issue":"1","key":"key2020120501385685300_ref020","first-page":"53","article-title":"Structural equation modelling: guidelines for determining model fit","volume":"6","year":"2008","journal-title":"Electronic Journal of Business Research Methods"},{"key":"key2020120501385685300_ref021","first-page":"19","article-title":"The value of privacy assurance: an exploratory field experiment","year":"2007","journal-title":"MIS Quarterly"},{"issue":"1","key":"key2020120501385685300_ref022","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1561\/1100000004","article-title":"End-user privacy in human-computer interaction","volume":"1","year":"2007","journal-title":"Foundations and Trends\u00ae in Human-Computer Interaction"},{"key":"key2020120501385685300_ref023","volume-title":"Key definitions of the Data Protection Act","author":"Information Commissioner\u2019s Office","year":"2015"},{"key":"key2020120501385685300_ref024","first-page":"334","article-title":"Measuring internet privacy attitudes and behavior: a multi-dimensional approach","volume":"32","year":"2006","journal-title":"Journal of Information Science"},{"key":"key2020120501385685300_ref025","unstructured":"Kalapesi, C. (2013), \u201cUnlocking the value of personal data: from collection to usage\u201d, World Economic Forum Technical Report."},{"key":"key2020120501385685300_ref026","volume-title":"Privacy-Enhanced Web Personalization. The Adaptive Web","year":"2007"},{"key":"key2020120501385685300_ref027","article-title":"Social networking and personal data security: a study of attitudes and public awareness in Ireland","year":"2009"},{"issue":"6","key":"key2020120501385685300_ref028","doi-asserted-by":"crossref","first-page":"440","DOI":"10.1007\/s00779-004-0304-9","article-title":"Personal privacy through understanding and action: five pitfalls for designers","volume":"8","year":"2004","journal-title":"Personal and Ubiquitous Computing"},{"issue":"3","key":"key2020120501385685300_ref029","doi-asserted-by":"crossref","first-page":"301","DOI":"10.1207\/s15327906mbr1403_2","article-title":"Distortions in a commonly used factor analytic procedure","volume":"14","year":"1979","journal-title":"Multivariate Behavioral Research"},{"key":"key2020120501385685300_ref030","volume-title":"Guide to Protecting the Confidentiality of Personally Identifiable Information","year":"2010"},{"issue":"4","key":"key2020120501385685300_ref031","doi-asserted-by":"crossref","first-page":"336","DOI":"10.1287\/isre.1040.0032","article-title":"Internet users\u2019 information privacy concerns (IUIPC): the construct, the scale and a causal model","volume":"15","year":"2004","journal-title":"Information Systems Research"},{"key":"key2020120501385685300_ref032","volume-title":"Big Data: The Next Frontier for Innovation, Competition, and Productivity","year":"2015"},{"issue":"1","key":"key2020120501385685300_ref033","doi-asserted-by":"crossref","first-page":"66","DOI":"10.1080\/1369118X.2011.616518","article-title":"Defining \u2018personal data\u2019 in e-social science","volume":"15","year":"2012","journal-title":"Information, Communication & Society"},{"key":"key2020120501385685300_ref034","volume-title":"Cluster Analysis","year":"2010"},{"issue":"1","key":"key2020120501385685300_ref035","doi-asserted-by":"crossref","first-page":"100","DOI":"10.1111\/j.1745-6606.2006.00070.x","article-title":"The privacy paradox: personal information disclosure intentions versus behaviors","volume":"41","year":"2007","journal-title":"Journal of Consumer Affairs"},{"key":"key2020120501385685300_ref036","unstructured":"OPM (2015), Review of Public and Professional Attitudes towards Confidentiality of Healthcare Data, General Medical Council."},{"key":"key2020120501385685300_ref037","volume-title":"OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data","author":"Organisation for Economic Co-Operation and Development","year":"2002"},{"key":"key2020120501385685300_ref038","doi-asserted-by":"crossref","first-page":"16","DOI":"10.52041\/serj.v4i1.523","article-title":"Factor structure of the \u201cattitudes toward research\u201d scale","volume":"4","year":"2005","journal-title":"Statistics Education Research Journal"},{"issue":"2","key":"key2020120501385685300_ref039","article-title":"Assessing information security attitudes: a comparison of two studies","volume":"24","year":"2016","journal-title":"Information and Computer Security"},{"key":"key2020120501385685300_ref040","article-title":"Privacy, security and trust in cloud computing","volume-title":"Privacy and Security for Cloud Computing","year":"2013"},{"issue":"2","key":"key2020120501385685300_ref041","doi-asserted-by":"crossref","first-page":"234","DOI":"10.1111\/j.1365-2702.2006.01573.x","article-title":"Essential elements of questionnaire design and development","volume":"16","year":"2007","journal-title":"Journal of Clinical Nursing"},{"issue":"3","key":"key2020120501385685300_ref042","doi-asserted-by":"crossref","first-page":"287","DOI":"10.1037\/1040-3590.12.3.287","article-title":"Factor analysis and scale revision","volume":"12","year":"2000","journal-title":"Psychological Assessment"},{"issue":"8","key":"key2020120501385685300_ref043","doi-asserted-by":"crossref","first-page":"92","DOI":"10.1145\/257874.257896","article-title":"Privacy, information technology, and health care","volume":"40","year":"1997","journal-title":"Communications of the ACM"},{"issue":"1","key":"key2020120501385685300_ref044","doi-asserted-by":"crossref","first-page":"104","DOI":"10.1136\/jme.2003.005157","article-title":"Public attitudes towards the use of primary care patient record data in medical research without consent: a qualitative study","volume":"30","year":"2004","journal-title":"Journal of Medical Ethics"},{"key":"key2020120501385685300_ref045","volume-title":"Personal Data in the Cloud: A Global Survey of Consumer Attitudes","year":"2010"},{"issue":"6","key":"key2020120501385685300_ref046","doi-asserted-by":"crossref","first-page":"853","DOI":"10.1016\/j.apergo.2013.02.005","article-title":"Usability, human factors and geographic information (editorial)","volume":"44","year":"2013","journal-title":"Applied Ergonomics"},{"key":"key2020120501385685300_ref047","volume-title":"Americans\u2019 Privacy Strategies Post-Snowden","year":"2015"},{"key":"key2020120501385685300_ref048","doi-asserted-by":"crossref","first-page":"344","DOI":"10.17705\/1jais.00161","article-title":"An experimental study on ubiquitous commerce adoption: impact of personalization and privacy concerns","volume":"9","year":"2008","journal-title":"Journal of the Association for Information Systems"},{"key":"key2020120501385685300_ref049","volume-title":"Public and Professional attitudes to Privacy of Healthcare Data: a Survey of the Literature","year":"2008"},{"issue":"2","key":"key2020120501385685300_ref050","doi-asserted-by":"crossref","first-page":"167","DOI":"10.2307\/249477","article-title":"Information privacy: measuring individuals concerns about organizational practices","volume":"20","year":"1996","journal-title":"Management Information Systems Quarterly"},{"key":"key2020120501385685300_ref051","unstructured":"United States: Ppsc (1977), Personal Privacy in an Information Society: the Report of the Privacy Protection Study Commission, The Commission: for sale by the Supt. of Docs., US Govt. Print. Off."},{"key":"key2020120501385685300_ref052","volume-title":"Guidance on the Protection of Personal Identifiable Information","author":"US Department of Labor","year":"2015"},{"key":"key2020120501385685300_ref053","volume-title":"Measuring Attitudes Towards Mobile Information Services: An Empirical Validation of the HED\/UT Scale","year":"2002"},{"issue":"6","key":"key2020120501385685300_ref054","doi-asserted-by":"crossref","first-page":"782","DOI":"10.1016\/j.clsr.2015.08.006","article-title":"Privacy trust crisis of personal data in china in the era of big data: the survey and countermeasures","volume":"31","year":"2015","journal-title":"Computer Law & Security Review"},{"key":"key2020120501385685300_ref057","volume-title":"Unlocking the Value of Personal Data: From Collection to Usage","author":"WEF","year":"2013"},{"key":"key2020120501385685300_ref055","unstructured":"Wellcome Trust (2013), Summary Report of Qualitative Research Into Public Attitudes to Personal Data and Linking Personal Data, The Wellcome Trust, London."},{"key":"key2020120501385685300_ref056","volume-title":"Privacy and Freedom","year":"1967"},{"key":"key2020120501385685300_ref058","first-page":"1","article-title":"Understanding and minimizing identity exposure in ubiquitous computing environments","year":"2009"}],"container-title":["Information &amp; Computer Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/ICS-11-2016-0085\/full\/xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/ICS-11-2016-0085\/full\/html","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,25]],"date-time":"2025-07-25T01:23:18Z","timestamp":1753406598000},"score":1,"resource":{"primary":{"URL":"http:\/\/www.emerald.com\/ics\/article\/25\/5\/560-579\/189101"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017,11,13]]},"references-count":59,"journal-issue":{"issue":"5","published-print":{"date-parts":[[2017,11,13]]}},"alternative-id":["10.1108\/ICS-11-2016-0085"],"URL":"https:\/\/doi.org\/10.1108\/ics-11-2016-0085","relation":{},"ISSN":["2056-4961"],"issn-type":[{"value":"2056-4961","type":"print"}],"subject":[],"published":{"date-parts":[[2017,11,13]]}}}