{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,26]],"date-time":"2026-06-26T05:39:12Z","timestamp":1782452352878,"version":"3.54.5"},"reference-count":36,"publisher":"MDPI AG","issue":"3","license":[{"start":{"date-parts":[[2025,7,14]],"date-time":"2025-07-14T00:00:00Z","timestamp":1752451200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"DOI":"10.13039\/501100012456","name":"National Social Science Foundation of China","doi-asserted-by":"publisher","award":["20BGL284"],"award-info":[{"award-number":["20BGL284"]}],"id":[{"id":"10.13039\/501100012456","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["JTAER"],"abstract":"<jats:p>As data becomes a core driver of modern business innovation, mobile applications increasingly collect and process users\u2019 personal information, posing significant challenges to the effectiveness of informed consent and the legitimacy of user authorization. Existing research on privacy informed consent mechanisms has predominantly focused on privacy policy texts and normative legal discussions, often overlooking a critical touchpoint\u2014the launch-time privacy pop-up window. Moreover, empirical investigations from the user\u2019s perspective remain limited. To address these issues, this study employs a two-stage approach combining compliance audit and grounded theory. The preliminary audit of 21 mobile apps assesses the compliance of privacy pop-ups, and the formal study uses thematic analysis of interviews with 19 participants to construct a dual-path explanatory framework. Key findings reveal that: (1) while the reviewed apps partially safeguarded users\u2019 right to be informed, compliance deficiencies still persist; (2) trust and privacy fatigue emerge as dual motivations driving user consent. Trust plays a critical role in amplifying the impact of positive messages within privacy pop-ups by enhancing the consistency among users\u2019 cognition, affect, and behavior, thereby reducing resistance to privacy consent and improving the effectiveness of the current informed consent framework. Conversely, privacy fatigue increases the inconsistency among these factors, undermining consent effectiveness and exacerbating the challenges associated with informed consent. This study offers a user-centered framework to explain the dynamics of informed consent in mobile privacy pop-ups and provides actionable insights for regulators, developers, and privacy advocates seeking to enhance transparency and user autonomy.<\/jats:p>","DOI":"10.3390\/jtaer20030179","type":"journal-article","created":{"date-parts":[[2025,7,14]],"date-time":"2025-07-14T09:56:54Z","timestamp":1752487014000},"page":"179","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":6,"title":["Trust, Privacy Fatigue, and the Informed Consent Dilemma in Mobile App Privacy Pop-Ups: A Grounded Theory Approach"],"prefix":"10.3390","volume":"20","author":[{"given":"Ming","family":"Chen","sequence":"first","affiliation":[{"name":"Glorious Sun School of Business and Management, Donghua University, Shanghai 200051, China"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Meimei","family":"Chen","sequence":"additional","affiliation":[{"name":"Glorious Sun School of Business and Management, Donghua University, Shanghai 200051, China"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"1968","published-online":{"date-parts":[[2025,7,14]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","unstructured":"Hurd, H.M. (2018). The normative force of consent. The Routledge Handbook of the Ethics of Consent, Routledge.","DOI":"10.4324\/9781351028264-5"},{"key":"ref_2","doi-asserted-by":"crossref","first-page":"S13","DOI":"10.1086\/689753","article-title":"Self-regulation and competition in privacy policies","volume":"45","year":"2016","journal-title":"J. Leg. Stud."},{"key":"ref_3","doi-asserted-by":"crossref","first-page":"21","DOI":"10.1080\/16522354.2014.11073574","article-title":"Non-informed consent cultures: Privacy policies and app contracts on Facebook","volume":"11","author":"Bechmann","year":"2014","journal-title":"J. Media Bus. Stud."},{"key":"ref_4","doi-asserted-by":"crossref","unstructured":"Jensen, C., and Potts, C. (2004, January 24\u201329). Privacy policies as decision-making tools: An evaluation of online privacy notices. Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, Vienna, Austria.","DOI":"10.1145\/985692.985752"},{"key":"ref_5","doi-asserted-by":"crossref","first-page":"238","DOI":"10.1509\/jppm.25.2.238","article-title":"A longitudinal assessment of online privacy notice readability","volume":"25","author":"Milne","year":"2006","journal-title":"J. Public Policy Mark."},{"key":"ref_6","doi-asserted-by":"crossref","unstructured":"Slavin, R., Wang, X., Hosseini, M.B., Hester, J., Krishnan, R., Bhatia, J., Breaux, T.D., and Niu, J. (2016, January 14\u201322). Toward a framework for detecting privacy policy violations in android application code. Proceedings of the 38th International Conference on Software Engineering, Austin, TX, USA.","DOI":"10.1145\/2884781.2884855"},{"key":"ref_7","first-page":"39","article-title":"Disagreeable privacy policies: Mismatches between meaning and users\u2019 understanding","volume":"30","author":"Reidenberg","year":"2015","journal-title":"Berkeley Technol. Law J."},{"key":"ref_8","doi-asserted-by":"crossref","first-page":"20","DOI":"10.1177\/0007650317718185","article-title":"Data capitalism: Redefining the logics of surveillance and privacy","volume":"58","author":"West","year":"2019","journal-title":"Bus. Soc."},{"key":"ref_9","doi-asserted-by":"crossref","first-page":"55","DOI":"10.1037\/0708-5591.38.2.55","article-title":"Informing for consent: Concepts and methods","volume":"38","author":"Tymchuk","year":"1997","journal-title":"Can. Psychol.\/Psychol. Can."},{"key":"ref_10","unstructured":"Faden, R.R., and Beauchamp, T.L. (1986). A History and Theory of Informed Consent, Oxford University Press."},{"key":"ref_11","doi-asserted-by":"crossref","first-page":"272","DOI":"10.1111\/1467-8551.12343","article-title":"Big data analytics capabilities and innovation: The mediating role of dynamic capabilities and moderating effect of the environment","volume":"30","author":"Mikalef","year":"2019","journal-title":"Br. J. Manag."},{"key":"ref_12","doi-asserted-by":"crossref","first-page":"99","DOI":"10.2307\/1884852","article-title":"A behavioral model of rational choice","volume":"69","author":"Simon","year":"1955","journal-title":"Q. J. Econ."},{"key":"ref_13","doi-asserted-by":"crossref","unstructured":"B\u00f6hme, R., and K\u00f6psell, S. (2010, January 10\u201315). Trained to accept? A field experiment on consent dialogs. Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, Atlanta, GE, USA.","DOI":"10.1145\/1753326.1753689"},{"key":"ref_14","doi-asserted-by":"crossref","unstructured":"Gray, C.M., Kou, Y., Battles, B., Hoggatt, J., and Toombs, A.L. (2018, January 21\u201326). The dark (patterns) side of UX design. Proceedings of the 2018 CHI Conference on Human Factors in Computing Systems, Montreal, QC, Canada.","DOI":"10.1145\/3173574.3174108"},{"key":"ref_15","first-page":"171","article-title":"The crisis of consent: How stronger legal protection may lead to weaker consent in data protection","volume":"16","author":"Schermer","year":"2014","journal-title":"Ethics Inf. Technol."},{"key":"ref_16","first-page":"1880","article-title":"Privacy self-managementand the consent dilemma","volume":"126","author":"Solove","year":"2013","journal-title":"Harv. Law Rev."},{"key":"ref_17","doi-asserted-by":"crossref","unstructured":"Van den Berg, B., and Van der Hof, S. (2012). What happens to my data? A novel approach to informing users of data processing practices. First Monday, 17.","DOI":"10.5210\/fm.v17i7.4010"},{"key":"ref_18","first-page":"331","article-title":"Nano-notice: Privacy disclosure at a mobile scale","volume":"3","author":"McDonald","year":"2013","journal-title":"J. Inf. Policy"},{"key":"ref_19","doi-asserted-by":"crossref","unstructured":"Baarslag, T., Alan, A.T., Gomer, R.C., Liccardi, I., Marreiros, H., Gerding, E.H., and Schraefel, M. (2016, January 7\u201312). Negotiation as an interaction mechanism for deciding app permissions. Proceedings of the 2016 CHI Conference Extended Abstracts on Human Factors in Computing Systems, San Jose, CA, USA.","DOI":"10.1145\/2851581.2892340"},{"key":"ref_20","doi-asserted-by":"crossref","first-page":"32","DOI":"10.1162\/DAED_a_00113","article-title":"A contextual approach to privacy online","volume":"140","author":"Nissenbaum","year":"2011","journal-title":"Daedalus"},{"key":"ref_21","unstructured":"(2020). Information Security Technology\u2014Personal Information Security Specification (Standard No. GB\/T35273-2020)."},{"key":"ref_22","first-page":"1","article-title":"The effect of the GDPR on privacy policies: Recent progress and future promise","volume":"12","author":"Zaeem","year":"2020","journal-title":"ACM Trans. Manag. Inf. Syst. (TMIS)"},{"key":"ref_23","doi-asserted-by":"crossref","first-page":"364","DOI":"10.1097\/00006199-196807000-00014","article-title":"The discovery of grounded theory; strategies for qualitative research","volume":"17","author":"Glaser","year":"1968","journal-title":"Nurs. Res."},{"key":"ref_24","first-page":"1","article-title":"The creation of theory: A recent application of the grounded theory method","volume":"2","author":"Pandit","year":"1996","journal-title":"Qual. Rep."},{"key":"ref_25","doi-asserted-by":"crossref","first-page":"1212","DOI":"10.1177\/1049732315588501","article-title":"Critical analysis of strategies for determining rigor in qualitative inquiry","volume":"25","author":"Morse","year":"2015","journal-title":"Qual. Health Res."},{"key":"ref_26","first-page":"130","article-title":"Belief, Attitude, Intention, and Behavior: An Introduction to Theory and Research","volume":"10","author":"Fishbein","year":"1977","journal-title":"Philos. Rhetor."},{"key":"ref_27","doi-asserted-by":"crossref","first-page":"495","DOI":"10.1007\/s10257-014-0249-0","article-title":"From positive and negative cognition perspectives to explore e-shoppers\u2019 real purchase behavior: An application of tricomponent attitude model","volume":"13","author":"Chih","year":"2015","journal-title":"Inf. Syst. E-Bus. Manag."},{"key":"ref_28","doi-asserted-by":"crossref","first-page":"667","DOI":"10.1016\/j.jbusres.2020.02.006","article-title":"Does self-disclosure matter? A dynamic two-stage perspective for the personalization-privacy paradox","volume":"124","author":"Zeng","year":"2021","journal-title":"J. Bus. Res."},{"key":"ref_29","doi-asserted-by":"crossref","first-page":"1342","DOI":"10.1287\/isre.1120.0416","article-title":"Effects of Individual Self-Protection, Industry Self-Regulation, and Government Regulation on Privacy Concerns: A Study of Location-Based Services","volume":"23","author":"Heng","year":"2012","journal-title":"Inf. Syst. Res."},{"key":"ref_30","doi-asserted-by":"crossref","first-page":"1174","DOI":"10.1108\/ITP-03-2018-0132","article-title":"What drives self-disclosure in mobile payment applications? The effect of privacy assurance approaches, network externality, and technology complementarity","volume":"33","author":"Gong","year":"2020","journal-title":"Inf. Technol. People"},{"key":"ref_31","doi-asserted-by":"crossref","unstructured":"Acquisti, A., and Gross, R. (2006). Imagined communities: Awareness, information sharing, and privacy on the Facebook. International Workshop on Privacy Enhancing Technologies, Springer.","DOI":"10.1007\/11957454_3"},{"key":"ref_32","doi-asserted-by":"crossref","unstructured":"Hsu, C.-L., Liao, Y.-C., Lee, C.-W., and Chan, L.K. (2022). Privacy concerns and information sharing: The perspective of the u-shaped curve. Front. Psychol., 13.","DOI":"10.3389\/fpsyg.2022.771278"},{"key":"ref_33","unstructured":"O\u2019Maonaigh, C., and Saxena, D. (2021). Investigating personalisation-privacy paradox among young Irish consumers: A case of smart speakers. arXiv."},{"key":"ref_34","doi-asserted-by":"crossref","first-page":"285","DOI":"10.1002\/ejsp.2049","article-title":"Is the privacy paradox a relic of the past? An in-depth analysis of privacy attitudes and privacy behaviors","volume":"45","author":"Dienlin","year":"2015","journal-title":"Eur. J. Soc. Psychol."},{"key":"ref_35","doi-asserted-by":"crossref","first-page":"42","DOI":"10.1016\/j.chb.2017.12.001","article-title":"The role of privacy fatigue in online privacy behavior","volume":"81","author":"Choi","year":"2018","journal-title":"Comput. Hum. Behav."},{"key":"ref_36","doi-asserted-by":"crossref","unstructured":"Tian, X., Chen, L., and Zhang, X. (2022). The role of privacy fatigue in privacy paradox: A psm and heterogeneity analysis. Appl. Sci., 12.","DOI":"10.3390\/app12199702"}],"container-title":["Journal of Theoretical and Applied Electronic Commerce Research"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/0718-1876\/20\/3\/179\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,9]],"date-time":"2025-10-09T18:09:31Z","timestamp":1760033371000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/0718-1876\/20\/3\/179"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,7,14]]},"references-count":36,"journal-issue":{"issue":"3","published-online":{"date-parts":[[2025,9]]}},"alternative-id":["jtaer20030179"],"URL":"https:\/\/doi.org\/10.3390\/jtaer20030179","relation":{},"ISSN":["0718-1876"],"issn-type":[{"value":"0718-1876","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,7,14]]}}}