Abstract
A widely promoted preventative measure against becoming a victim of cybercrime is the control of personal information online; however, little is known about what predicts the use of this type of protective safety behaviour. This study examines the utility of the Theory of Planned Behaviour in predicting online protective behaviours. Participants (N=150) completed measures of online privacy attitudes, normative influence, perceived behavioural control (PBC), intention to use and actual use of online protective behaviours. Path analysis indicated the effects of online privacy attitudes and normative beliefs on online protective safety behaviours were mediated through intention, while PBC had a significant direct effect on online protective safety behaviours. The model explained 81 per cent of the variance in protective online safety behaviours. The results of this study facilitate understanding of the psychological processes underlying the use of online protective behaviours, and can be used in the development of educational materials and cyber-identity theft prevention strategies.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Ajzen, I. (1991) The theory of planned behaviour. Organisational Behaviour and Human Decision Processes 50 (2): 179–211.
Ajzen, I. (2002) Residual effects of past on later behaviour: Habituation and reasoned action perspectives. Personality and Social Psychology Review 6 (2): 107–122.
Ajzen, I. (2006) Theory of planned behaviour, http://people.umass.edu/aizen/index.html, accessed 19 February 2009.
Ajzen, I. and Fishbein, M. (1980) Understanding Attitudes and Predicting Social Behaviour. Englewood Cliffs, NJ: Prentice-Hall.
Ajzen, I. and Madden, T.J. (1986) Prediction of goal-directed behavior: Attitudes, intentions, and perceived behavioral control. Journal of Experimental Social Psychology 22 (5): 453–474.
Alkaabi, A., Mohay, G.M., McCullagh, A.J. and Chantler, A.N. (2010) Dealing with the problem of cybercrime. In: Conference Proceedings of 2nd International ICST Conference on Digital Forensics & Cyber Crime, 4–6 October, Abu Dhabi.
Armitage, C.J. and Conner, M. (2001) Efficacy of the theory of planned behavior: A meta-analytic review. British Journal of Social Psychology 40 (4): 471–499.
Baron, R.M. and Kenny, D.A. (1986) The moderator-mediator variable distinction in social psychological research: Conceptual, strategic, and statistical considerations. Journal of Personality and Social Psychology 51 (6): 1173–1182.
Benet-Martínez, V. and Karakitapoglu-Aygün, Z. (2003) The interplay of cultural syndromes and personality in predicting life satisfaction. Journal of Cross-cultural Psychology 34 (1): 38–60.
Buchanan, T., Paine, C., Joinson, A.N. and Reips, U. (2007) Development of measures of online privacy concern and protection for use on the internet. Journal of the American Society for Information Science and Technology 58 (2): 157–165.
Cho, H., Lee, J.S. and Chung, S. (2010) Optimistic bias about online privacy risks: Testing the moderating effects of perceived controllability and prior experience. Computers in Human Behaviour 26 (5): 987–995.
Cho, H., Rivera-Sanchez, M. and Lim, S.S. (2009) A multinational study on online privacy: Global concerns and local responses. New Media & Society 11 (3): 395–416.
Cohen, J.A. (1992) A power primer. Psychological Bulletin 112 (1): 155–159.
Dinev, T., Goo, J.M., Hu, Q. and Nam, K. (2009) User behaviour towards protective information technologies: The role of national cultural differences. Information Systems Journal 19 (4): 391–412.
Dinev, T. and Hu, Q. (2007) The centrality of awareness in the formation of user behavioral intention toward protective information technologies. Journal of the Association for Information Systems 8 (7): 386–408.
Goritz, A.S. (2006) Incentives in web studies: Methodological issues and a review. International Journal of Internet Science 1 (1): 58–70.
Henson, B., Reyns, B.W. and Fisher, B.S. (2011) Security in the 21st century. Criminal Justice Review 36 (3): 253–268.
Higgins, G.E. and Blakely, C.R. (2010) Cybercrime: An Introduction to an Emerging Phenomenon. New York: McGraw-Hill Higher Education.
Kline, R.B. (2005) Principles and Practice of Structural Equation Modelling, 2nd edn. New York: Guilford Press.
Koops, B. (2010) The internet and its opportunities for cybercrime. In: M. Herzog-Evans (ed.) Transnational Criminology Manual. Nijmegen: WLP, pp. 735–754.
Koops, B. and Brenner, S.W. (2006) Cybercrime jurisdiction: An introduction. Cybercrime and Jurisdiction: A Global Survey. The Hague, The Netherlands: TMC Asser Press, pp. 1–7.
Lewis, K., Kaufman, J. and Christakis, N. (2008) The taste for privacy: An analysis of college student privacy settings in an online social network. Journal of Computer-mediated Communication 14 (1): 79–100.
Lewis, S. and Lewis, D.A. (2011) Digitalizing crime prevention theories: How technology affects victim and offender behavior. International Journal of Criminology and Sociological Theory 4 (2): 756–769.
LoPucki, L.M. (2001) Human identification theory and the identity theft problem. Texas Law Review 80 (1): 89–135.
Marsh, H.W., Hau, K.T. and Wen, Z. (2004) In search of golden rules: Comment on hypothesis-testing approaches to setting cutoff values for fit indexes and dangers in overgeneralizing Hu and Bentler's (1999) findings. Structural Equation Modeling 11 (3): 320–341.
Martin, N. and Rice, J. (2010) Building better Government IT: Understanding community beliefs and attitudes towards smart card technologies. Behaviour and Information Technology 29 (4): 433–444.
Martin, N. and Rice, J. (2011) Cybercrime: Understanding and addressing the concerns of stakeholders. Computers & Security 30 (8): 803–814.
Metzger, M. and Docter, S. (2003) Public opinion and policy initiatives for online privacy protection. Journal of Broadcasting and Electronic Media 47 (3): 350–374.
Milne, G. and Culnan, M. (2004) Strategies for reducing online privacy risks: Why consumers read (or don’t read) online privacy notices. Journal of Interactive Marketing 18 (3): 15–29.
Milne, G.R., Rohm, A.J. and Bahl, S. (2004) Consumers’ protection of online privacy and identity. Journal of Consumer Affairs 38 (2): 217–232.
Miyazaki, A.D. and Fernandez, A. (2001) Consumer perceptions of privacy and security risks for online shopping. Journal of Consumer Affairs 35 (1): 27–44.
Ngo, F.T. and Paternoster, R. (2011) Cybercrime victimization: An examination of individual and situational level factors. International Journal of Cyber Criminology 5 (1): 773–793.
Norberg, P.A., Horne, D.R. and Horne, D.A. (2007) The privacy paradox: Personal information disclosure intentions versus behaviours. Journal of Consumer Affairs 41 (1): 100–126.
O'Neil, D. (2001) Analysis of internet users’ level of online privacy concerns. Social Science Computer Review 19 (1): 17–31.
Ouellette, J.A. and Wood, W. (1998) Habit and intention in everyday life: The multiple processes by which past behaviour predicts future behaviour. Psychological Bulletin 124 (1): 54–74.
Phair, N. (2007) Cybercrime: The Reality of the Threat. Kambah, Australia: Nigel Phair.
Reyns, B.W. (2010) A situational crime prevention approach to cyberstalking victimization: Preventive tactics for Internet users and online place managers. Crime Prevention and Community Safety 12 (2): 99–118.
Reyns, B.W. (2011) Online routines and identity theft victimization: Further expanding routine activity theory beyond direct-contact offenses. Journal of Research in Crime and Delinquency, published online 8 November. doi: 10.1177/0022427811425539.
Rhodes, R.E. and Courneya, K.S. (2003) Modelling the theory of planned behaviour and past behaviour. Psychology, Health and Medicine 8 (1): 57–68.
Roberts, L. (2008) Cyber-victimisation in Australia: Extent, Impact on Individuals and Responses. Briefing Paper no. 6: Tasmanian Institute of Law Enforcement Studies.
Roberts, L. (2009a) Cyber-victimisation. In: R. Luppicini and R. Adell (eds.) Handbook of Research on Technoethics. New York: Information Science Reference, pp. 575–592.
Roberts, L. (2009b) Cyber identity theft. In: R. Luppicini and R. Adell (eds.) Handbook of Research on Technoethics. New York: Information Science Reference, pp. 542–557.
Schoeman, F. (1984) Philosophical Dimensions of Privacy. Cambridge: Cambridge University Press.
Sharp, T., Shreve-Neiger, A., Fremouw, W., Kane, J. and Hutton, S. (2004) Exploring the psychological and somatic impact of identity theft. Journal of Forensic Sciences 49 (1): 131–136.
Sheehan, K.B. (1999) An investigation of gender differences in online privacy concerns and resultant behaviours. Journal of Interactive Marketing 13 (4): 24–38.
Sheeran, P., Orbell, S. and Trafimow, D. (1999) Does the temporal stability of behavioral intentions moderate intention-behavior and past behavior-future behavior relations? Personality and Social Psychology Bulletin 25 (6): 724–734.
Thomas, D. and Loader, B.D. (eds.) (2000) Cybercrime: Law Enforcement, Security and Surveillance in the Information Age. New York: Routledge.
Yao, M.Z. and Linz, D.G. (2008) Predicting self-protections of online privacy. CyberPsychology and Behaviour 11 (5): 615–617.
Yao, M.Z., Rice, R.E. and Wallis, K. (2007) Predicting user concerns about online privacy. Journal of the American Society for Information Science and Technology 58 (5): 710–722.
Acknowledgements
The authors thank the significant contribution of the anonymous reviewers in the revision process of this article.
Author information
Authors and Affiliations
Corresponding author
Appendix
Appendix
Perceived behavioural control items
Even if I want to, I don’t have the necessary confidence to protect my privacy online
Even if I want to, I don’t have the necessary ability to protect my privacy online
Even if I want to, I don’t have the necessary knowledge to protect my privacy online
Even if I want to, I don’t have the necessary resources to protect my privacy online
Subjective norms items
Most people that are important to me think that I should protect my online privacy
It is expected of me that I protect my online privacy
The people in my life whose opinions I value would approve of me protecting my online privacy
To the extent of my knowledge, most people who are important to me protect their online privacy
Many people like me protect their online privacy
Rights and permissions
About this article
Cite this article
Burns, S., Roberts, L. Applying the Theory of Planned Behaviour to predicting online safety behaviour. Crime Prev Community Saf 15, 48–64 (2013). https://doi.org/10.1057/cpcs.2012.13
Published:
Issue Date:
DOI: https://doi.org/10.1057/cpcs.2012.13