Media users’ and professionals’ responses to personal data receipts: A mixed methods study

Abstract

European General Data Protection Regulation requires organisations to request the data subject’s consent for personal data processing. Data controllers must be able to demonstrate valid consent was obtained (‘transparency’). Media often struggle to meet GDPR requirements in practice. We identified several issues with existing consent procedures amongst which a need for trustworthy approaches to record and track consent. In this article, we evaluate a specific transparency initiative: a Personal Data Receipt (PDR) for news personalisation. We investigated how European media users and media professionals evaluated the PDR. We conducted qualitative surveys and interviews to explore and describe individuals’ viewpoints on/responses to the PDR. The main strengths highlighted in this study are: GDPR compliance and improved data processing transparency which leads to more control and user trust. PDR weaknesses are mainly related to users not reading the receipt, lack/overload of information, and design issues. Based on our findings, we identified missing elements and formulated recommendations for PDR improvement to optimise consent strategies. By examining how individuals responded to this specific transparency tool, and rhetorical tactics connected to it (placation, diversion, jargon, and misnaming), our study provides informed suggestions for ways out of digital resignation (Draper & Turow, 2019).

Keywords

Media and communication studies user research personal data processing GDPR consent Personal Data Receipt transparency accountability trust

1. Introduction

A standard question after money-based transactions is: Would you like a receipt? This records the price paid/received for products or services. Receipts provide “bedrock for trust, autonomy and freedom from abuse” in consumer law (Lizar & Hodder, 2014, p. 648). This is similar for online purchases. But what about companies offering ‘free’, (personalised) media content in exchange for disclosing personal data (age, gender, interests)? Exchanging services for personal data is a practice currently applied by nearly all media organisations. European General Data Protection Regulation (GDPR) requires organisations to request consent for personal data processing to protect the consumer. Nevertheless, we identified several issues with consent procedures. Most users agree with privacy policies without reading them (Lizar & Wunderlich, 2014; Meadows & Hatzakis, 2018; Nati, 2018; Vanhaelewyn & De Marez, 2018). The format of consent requests is often problematic. Terms and conditions (T&Cs) are generally unclear, cumbersome to read, and hinder information on altering choices (Lizar & Hodder, 2014; Lizar & Pandit, 2019; Nati, 2018; Santolalla, 2018). Digital apps and services’ consent procedures are “structurally and practically flawed” (LeVasseur & Maler, 2019, p. 52). Consent also often remains unrecorded and untraceable for users (Lizar & Hodder, 2014; Lizar & Pandit, 2019). Organisations obtain ‘green light’ for using consumer data, yet users have limited control and do not understand/remember to whom they gave consent and for what purposes (Meadows & Hatzakis, 2018; Santolalla, 2018; Su et al., 2016). Users are also unaware of personal data value (Van Buggenhout & Van den Broeck, 2020). Furthermore, personal data has economic value for media companies, but public awareness is low about societal benefits like economic growth (Styliari & Nati, 2016; Su et al., 2016). This results in an unfair value-exchange between industry and users (Van Buggenhout & Van den Broeck, 2020). Control is concentrated in a few hands – ‘siloed’ (Hardjono & Pentland, 2019). Organisations exploit user data for profiling, product/service development (personalisation), marketing, customer relationship management, and user research (Ibid; Nati et al., 2019; Politou et al., 2018; Van Buggenhout & Van den Broeck, 2020). Users on the other hand value privacy and desire control of personal data processing by organisations and governments, but they feel unable to do so (Draper & Turow, 2019). “Surveillance is inescapable”, this sense of futility or helplessness is conceptualized as ‘digital resignation’ (Ibid, p. 1825).

Lack of digital transparency, security, and accountability are critical challenges for personal data processing trustworthiness (Lizar & Pandit, 2019). Organisations must prevent misuse and increase user trust (Nati, 2018; Nati et al., 2019; Patachi, 2018). They should improve transparency and control for users (Nati, 2018). Organisations need best practices for communicating about personal data processing value, benefits, and risks towards users (Van Buggenhout, Van den Broeck & Ballon, 2020; Van Zeeland et al., 2019).

In this article, we evaluate a specific transparency initiative: a Personal Data Receipt (PDR) for news personalisation. This could be considered a viable solution for organisations to improve user trust in personal data processing, like proof-of-purchase receipts (Styliari & Nati, 2016). PDR track information being collected, linked to processing purposes and record consent (Meadows & Hatzakis, 2018; Lizar & Wunderlich, 2014). This eliminates the problem of (not) reading T&Cs for users, being unaware of information you shared, and reconstructing the data trails you left behind (Lizar & Pandit, 2019; Styliari & Nati, 2016). Organisations’ adoption and PDR implementation are low, however, like user awareness of this tool (Leu, 2019; Santolalla, 2018). These insights fuelled two research questions:

1)
Do PDR provide actual transparency for media users?
2)
Do professionals assess PDR as effective transparency tool to improve user trust in personal data processing?

Our study focused on the PDR applied in the European H2020 project Content Personalisation Network (CPN). The PDR is a standardised, digital/human-readable transparency tool to improve user control (Nati, 2018). Effective to communicate “why personal information is gathered and how it is used” (Ibid, pp. 8–11). CPN tested a personalised news application (2017–2020). “A new, trustworthy approach to personalise digital content” (https://www.projectcpn.eu/vision). CPN users received the PDR via email:

“a record of the permissions they gave the CPN platform to hold and process their data […] Any time the user changes their permissions within the platform, they will receive a new PDR with their updated consent and preferences, so they can check how these have changed over time” (ibid) (Fig. 1).

Figure 1.
PDR (CPN Consortium, 2019).

Our findings result from mixed methods research (inductive). We examined European media users’ and professionals’ responses to PDR (qualitative surveys and interviews), and the connected rhetorical tactics (Draper & Turow, 2019). We identified PDR strengths and weaknesses along with recommendations for its improvement. Our study contributes to consent standard refinement, user and institutional data literacy, and the establishment of collaborations using PDR as prerequisite in data transactions (Nati, 2018; Styliari & Nati, 2016). We provide informed suggestions for best practices in transparency initiatives and ways out of digital resignation (Draper & Turow, 2019).

After this introduction, we delve into the conceptual framework of the study. Based on literature, we substantiate importance of personal data processing transparency, review (dis)advantages as well as similarities and differences between consent receipts and PDR. Next, we describe the methods and report the results of media users’ and professionals’ appreciation of PDR. We integrate and discuss the meaning of our findings in Section 5, followed by a conclusion.
2. Personal data processing transparency

We follow GDPR art. 4 (1), (2), (4), (7), (8), and (11) definitions of the following concepts, to evaluate personal data processing transparency. Applied to the media context we are focusing on in this article, processing is personal data collection, storage, alteration, use, disclosure, etc. In the case of PDR, controllers/processors are media organisations which determine processing means and purposes (i.e., profiling), and process user data (‘subjects’). Users’ consent for personal data processing must be freely given, specific, informed, and unambiguous. In ethical and moral-philosophical sense, consent is necessary to permit conduct that would otherwise be ‘wrongful’ or ‘impermissible’ (Miller & Wertheimer, 2010; Simmons, 1998). Media must process data in ways that users reasonably expect and demonstrate GDPR compliance (GDPR Recital 74; ICO, s.d.). It should be transparent to users what personal data are collected, to what extent information is or will be processed, by whom, and for what purposes (GDPR Recital 39, 42). “Transparency empowers data subjects to hold data controllers and processors accountable and exercise control over their personal data” i.e., provide/revoke consent (WP29, 2018, p. 5). Media must provide clear, concise, comprehensible (plain language), and easily accessible information to users (GDPR art. 12–14; WP29, 2018; Nati et al., 2019). Efficient and succinct communication avoids ‘information fatigue’, and users prefer immediate access rather than having to scroll through long T&Cs (WP29, 2018). Media must take appropriate measures to inform users, GDPR does not prescribe the format or modality – ‘how’ to provide clear information (GDPR art. 12 (1); WP29, 2018).

These concepts provide clear grounds and define the playing field for media to process European users’ data. Several organisations however struggle to apply GDPR in practice. Examples of efficient communication are lacking (Van Buggenhout et al., 2020; Van Zeeland et al., 2019). Communication should be open, clear, and without deception (Butarbutar, 2020). Transparency and control positively influence users’ willingness-to-share information, this enhances organisations’ access to quality user data (Ibid; Nati, 2018; Robinson, 2018). Some organisations introduced transparency initiatives for users to view and amend the information companies collect i.e., Google privacy dashboard and Facebook ad preferences (Draper & Turow, 2019). These tools often (are intended to) obfuscate data practices; cultivate digital resignation, rather than provide effective transparency (Ibid). Four rhetorical tactics characterize the obfuscation process (Ibid):

•
Placation: Falsely appease concerns, suggest user empowerment and control, while giving little insight into actual practices.
•
Diversion: Shift individuals’ focus away from controversial practices, not providing the necessary information to achieve actual transparency.
•
Jargon: Complex terminology to discourage users from engaging with information about data processing.
•
Misnaming: Misleading labels to impede insight in industrial practices.

2.1 Consent standards and receipts

There is a clear need for privacy-friendly business models to generate economic value from data processing (Meadows & Hatzakis, 2018). “Web standards have emerged for the specification and implementation of consent procedures in online environments” (Politou, Alepis & Patsakis, 2018, p. 8). Data protection regulations and consent standards being GDPR, User Managed Access (UMA) and Minimum Viable Consent Record (MVCR)1

¹
Kantara Initiative developed UMA1.0 and MVCR0.7.1 in 2015, and UMA2.0 in 2018 (Hardjono et al., 2015; Lizar, 2016; Maler et al., 2018).

build trust in personal data processing, and improve user control (Su et al., 2016). GDPR defines the legal framework for informed consent and transparency, UMA and MVCR offer technologies to address GDPR requirements (Su et al., 2016). MVCR outlines requirements for digital consent records – ‘receipts’ providing information for users to authorise data access i.e., processing purposes (Ibid). Consent Receipts (CR) facilitate co-regulation, all data transaction parties receive a notice (Lizar & Hodder, 2014). This is required for data ownership governance and provides insight for regulators and users into opaque consent procedures like T&Cs (Ibid; Nati et al., 2019). A digital ‘consent transaction receipt’ standard establishes control in a simple, usable way (Lizar & Hodder, 2014).

Kantara Initiative created the Consent Receipt Specification (CR1.0) in 2017 (Greig, 2017; Lizar & Turner, 2017; Politou et al., 2018; Lizar & Wunderlich, 2014; Styliari & Nati, 2016). No effective standard/common format existed for recording consent nor for providing consent receipts; users could not track consent, monitor data processing, or hold controllers accountable i.e., for privacy breach (Greig, 2017; Lizar & Turner, 2017). CR1.0 provided a standardised consent notice when users agreed to personal data processing – like “a cash register receipt as a personal record of a purchase transaction” (Greig, 2017). The ‘artefact’ describes to users what information controllers collect, and for what purposes (Hardjono & Maler, 2017). CR have three content fields: transaction details (consent timestamp, receipt ID), transaction parties (controllers’ and users’ contact information), and processing details i.e., data categories, processing purposes and third-party disclosure (Ibid). Consent receipts are personal data, it “links multiple data sources with an identifier” (Ibid, p. 18). CR1.0 was a “promising standard” but not GDPR compliant considering terminology and human readability (Santolalla, 2018). Table 1 summarises CR1.0 strengths and weaknesses mentioned in previous studies. The overview illustrates consent receipts have several benefits, but there are still opportunities for improvement.

Table 1

CR1.0 evaluation

Strengths
GDPR compliance – Transparency: • Proof of consent requirements. • Reduces personal data processing opacity. • Improved transparency. • Legally binding. • Compliance tool.	Greig, 2017; Leu, 2019; Patachi, 2018; Santolalla, 2018; Styliari & Nati, 2016
Accountability: • ‘Artefact’, ‘vehicle for noticed information’, ‘record’, ‘proof’, or ‘evidence’ of consent to personal data processing (non-repudiation). • Like physical receipts. Allows ‘auditing’. • Equal ‘record-keeping’ opportunities for data subjects and controllers. • Oversight of personal data management for regulators. • Consistent consent practices. • Automatically record/organize personal data you (un)knowingly share with companies and governments. • Track changes in privacy polies.	Greig, 2017; Hardjono & Maler, 2017; Hardjono & Pentland, 2019; Hughes, 2018; Jesus, 2020; LeVasseur & Maler, 2019; Lizar & Hodder, 2014; Lizar & Pandit, 2019; Leu, 2019); Lizar & Turner, 2017; Lizar & Wunderlich, 2014; Patachi, 2018; Politou, Alepis & Patsakis, 2018; Santolalla, 2018; Styliari & Nati, 2016;
Communication – Exercise data rights: • Facilitate communication between data subject and controller. • Actionable transparency. • Sufficient information to exercise data rights i.e., revoke consent.	Hughes, 2018; Lizar & Hodder, 2014; Politou, Alepis & Patsakis, 2018
Control: • Improved user control and knowledge. • Track and understand data governance. • ‘Reverse cookie’: Track personal data processing by third parties. • Consent management: Ability to maintain/manage permissions for personal data by data subjects and controllers. • Independent data control system.	Blum, 2017; Greig, 2017; Politou, Alepis & Patsakis, 2018; Lizar & Turner, 2017; Lizar & Wunderlich, 2014; Lizar & Pandit, 2019; Lizar & Hodder, 2014
Interoperability – Standardisation: • Consent management/storage protocols (standardisation). • Guarantee for interoperability between jurisdictions and industries. • Data portability. • Easily built into existing, global consent and choice infrastructures online.	Cooper, 2017; Greig, 2017; Lizar & Hodder, 2014; Lizar & Turner, 2017; Lizar & Wunderlich, 2014; Pandit et al., 2019b; Vargas, 2019
Machine-readable: • JSON: Widespread open standard file format. • Contextual transparency: Machine-readable record of the ‘state’ of privacy, produced when (first) interacting with a service. This ‘captured’ state can be compared against future states. • Readable from a well-known endpoint i.e., mobile device. • Easily organised in personal cloud or email.	Hardjono & Pentland, 2019; Lizar & Hodder, 2014; Lizar & Pandit, 2019; Lizar & Turner, 2017; Pandit et al., 2019a; Santolalla, 2018
Open and free: • Common tool for people to see their data control and sharing. • First open, global consent receipt. • Standard digital format to record/track consent.	Lizar & Turner, 2017; Patachi, 2018
Choice: • Compare different consent service offerings (added value, price, service quality).	Cooper, 2017

Table 1, continued
Strengths
Trust: • Increases users’ and controllers’ confidence in consent management market stability. This attracts investment and innovation. • Increases trust for companies. Cheap and easy way to comply with GDPR.	Cooper, 2017; Lizar & Wunderlich, 2014
Data literacy: • Untangle obscure T&Cs: Understand which data you share, with whom, and why (how it is used).	Styliari & Nati, 2016
Economic – Societal development: • Improves economic policy performance by solving issues in identity management.	Lizar & Wunderlich, 2014
Weaknesses
GDPR compliance – Terminology: • Not compliant with GDPR vocabulary and terminology.	Pandit, Debruyne, O’Sullivan & Lewis, 2019; Pandit et al., 2019b
Human-readable – Format and layout: • CR1.0 promotes machine and human understandable consent practices. • Includes definitions for both ‘machine readable’ and ‘human-readable’ version of consent receipts. • Human-readable layout and format are however out-of-scope of the CR1.0 Specification. • Making a document human-readable is trickier than it sounds. • Legal text is to be avoided (like T&Cs). Most users ignore it.	Greig, 2017; Hardjono & Maler, 2017; Jesus, 2020; Lizar & Turner, 2017; Pandit et al., 2019b; Santolalla, 2018;

2.2 Personal data receipt

DigiCat developed PDR inspired by CR1.0 (Nati, 2018; Politou et al., 2018; Styliari & Nati, 2016). The developers leveraged the existing standard to “generate awareness of a consumer-centric consent process for increasing consumers’ trust in organisations” (Styliari & Nati, 2016, p. 4). DigiCat describes PDR as:

“a human-readable digital record summarising in a simple and clear way what personal data an organisation is collecting about an individual, for what purpose, how it’s stored, for how long and if any third-party sharing is allowed” (Nati, 2018, p. 5).

PDR are provided before or after consent is given. PDR aim to improve data processing transparency, by clearly informing users. Simultaneously, PDR should be less overloading for end-users than T&Cs for example, as they offer more transparency through less text.

PDR concept viability was tested at DigiCat (Nati, 2018; Styliari & Nati, 2016). User-feedback demonstrated PDR should contain which data is collected, processing purposes, third-parties, retention periods, and contact details for users to request data removal or revoke consent (Ibid). “The main benefit is perhaps societal, by triggering a change in the way we conduct data transactions” (Styliari & Nati, 2016, p. 15). PDR comply with GDPR requirements and terminology (Nati, 2018). PDR are machine and human-readable, “issued as mobile-friendly email when customers join a new digital service” – “ideal format” (Jesus, 2020, p. 25385; Nati, 2018, p. 5). PDR include visual and textual information like icons, which are “meaningful and easy-to-understand” (Nati, 2018; Styliari & Nati, 2016, p. 4). Addressing “consumer needs for simple privacy statements” (Nati, 2018, p. 1). PDR enhance data literacy, user empowerment, control, and “educate individuals […] to take action when they are not satisfied about the use of it” (Ibid, pp. 10–11). DigiCat’s PDR and Kantara’s consent receipt benefits are similar, but PDR overcome CR1.0 weaknesses. PDR are GDPR compliant and machine/human readable.

3. Methods

We evaluated the PDR as implemented in the European H2020 project CPN (real-life setting). We focused on media users’ and professionals’ appraisal of PDR. Actual user data was collected for a new digital service (personalised news). Users were informed via a customized PDR, after consent to data processing by CPN (Fig. 1). This article presents an in-depth view on how individuals responded to this specific transparency initiative. The participants had no prior knowledge, nor experience with PDR.

3.1 Exploring end users’ perspective

We surveyed CPN app testers (Feb–Mar 2020). The news app provided personalised news in English, Greek, and Dutch. CPN partners accommodated news in three countries: Deutsche Welle (DW – English content) in Germany, DIAS in Cyprus – Greek content, and VRT in Belgium – Dutch content. The survey was conducted in the three languages and examined how users experienced personalised news. We included an item (Net Promoter Score – ‘NPS’) to determine PDR transparency2

²
Exclusively for DW and DIAS testers (mobile and web CPN-app). VRT MYNWS users did not receive PDR.

. We asked to what extend users perceived the PDR as a transparent approach towards personal data processing. 212 respondents rated the PDR between 0 (not at all transparent) and 10 (very transparent). They fall into one of three categories: promoters score 9–10 (loyal, enthusiastic); passives score 7–8 (satisfied); detractors score 0–6 (unhappy, unlikely to reuse the service, and may discourage others from using it)3

https://www.qualtrics.com/uk/experience-management/customer/net-promoter-score/.

. NPS-scores are reported between

-

100 to

+

100, a higher score is desirable. NPS-scores below 0 are low, medium between 0–30, and high from 30–100 (Grigore, 2020).

As second end-user activity, five students in communications and young media professionals evaluated the PDR during an online brainstorm, organised for the [imec-SMIT-VUB] Media Economics Postgraduate 2020. Participants formulated feedback from a consumer perspective via polling and group discussion (in real-time). We recorded audio/video (anonymised ranscripts). We manually coded, clustered and analysed research data following the grounded theory principles of open, axial, and selective coding (Glaser & Strauss, 2017).

3.2 Investigating professionals’ viewpoint

To examine media professionals’ perspective, we surveyed an expert panel4

⁴
Ten Flemish media professionals, eight academics, one media advisory board, and Belgian data protection regulator.

online (Jan-May 2020). The study explored personal data value for media (Van Buggenhout et al., 2020). We asked to what extent experts think PDR enhance personal data processing transparency for users (NPS-score). Experts rated the PDR between 0 (not at all) and 10 (very likely). Additionally, we interviewed sixteen media professionals i.e., journalists and editors (Feb-Apr 2020).5

⁵

Three VRT interviewees, eight DW respondents, and five DIAS interviewees.

We explored if media organisations should inform users about profiling, news personalisation criteria, and how the proposed transparency tool (PDR) could contribute to this. We interviewed individuals in their ‘mother tongue’ (Dutch, English, and Greek). Interviews were transcribed in English and interviewees anonymised for data analysis (manual three-step coding).

Table 2

PDR NPS-scores (end users)

	Response count		NPS-categories						PDR
	Survey	NPS- question	Promoters	Average PDR- score	Passives	Average PDR- score	Detractors	Average PDR- score	NPS- score
DW CPN-app	6	4	2 (50%)	9/10	/	/	2 (50%) *	4,5/10	0 medium
DIAS web-app	227	200	64 (32%)	9,73/10	68 (34%)	7,5/10	68 (34%)	4,43/10	$-$ 2 low
DIAS CPN-app	8	8	3 (37,5%) *	9,67	1 (12,5%) *	7/10	4 (50%)	5,75/10	$-$ 12,5 low

*Did not explain their answer.

Table 3

PDR evaluation (end users)

PDR evaluation	NPS-category
	Promoters	Passives	Detractors
Strengths
GDPR compliance: • Strict legislation. • Everything is in line with the law.	X
Transparency and trust: • Truth matters. • Ensures transparency. • Shows responsibility and professionalism. • Improves trust for data subjects and controllers. • No reason to doubt the facts are as presented on the PDR. • Reasonable.	X	X
Prevention of personal data misuse: • PDR might weaken corruption.	X
Informativeness: • Provides sufficient and clear information. • All the necessary details and certifications. • Well-explained why controllers need this information.	X	X	X
Positive attitude and willingness towards sharing personal data: • If you have nothing to hide, you have nothing to fear.		X
Data literacy: • Information about data processing is important. • Helps users understand who uses their data, and why (for what purposes).		X
Personal data processing benefits for users: • Provides information to users adapted to their age, interests, and needs.		X	X
Weaknesses
(Not) reading PDR: • Easily ignored. • Insufficient notice that personal data is being collected.		X	X
Language: • In English only.		X
Format and layout • Impersonal.			X
Negative attitude and unwillingness towards sharing personal data: • Some information is for private/personal use only (‘sensitive’) like email or phone number.			X
Personal data misuse: • Information is used by controllers/third parties based on personal interest.			X
More information is needed: • Depends on PDR existence/implementation in real-life. How can users know if it is really applied? • Information about processing purposes is important.			X

4. Results

4.1 PDR appreciation by end users

Table 2 summarises the surveys6

⁶
We descriptively analysed and reported the survey data (CPN-/web-app). There were too few survey responses to perform in-depth statistical analysis.

and NPS-question response count, NPS-categories, and PDR NPS-scores. The NPS-scores range from

-

12,5 to 0 (low to medium). Respondents provided different motivations concerning PDR strengths and weaknesses. The negative NPS-scores indicate PDR improvement is necessary as there are still several issues to be addressed. We identified and clustered themes in quotes of promoters, passives, and detractors (Table 3). Promoters (34,9% of 212 participants) described PDR strengths. DW respondents mentioned the PDR is “very transparent” but did not elaborate on their opinion. DIAS web-app respondents provided clarification in PDR strengths: GDPR compliance, transparency, trust, prevention of personal data misuse, and informativeness. A promoter noticed missing elements: “What about third parties? Are my personal data used for targeted ads? If so, do you refer it somewhere?”. The passives (DIAS web-app) described both PDR weaknesses and strengths. Positive evaluative claims referred to a positive attitude and willingness towards sharing personal data, transparency, trust, informativeness, data literacy, and personal data processing benefits for users. Negative responses mentioned (not) reading PDR, and language. Detractors indicated PDR weaknesses: (not) reading PDR, format and layout, negative attitude, and unwillingness towards sharing personal data, misuse of personal data, and more information is needed about i.e., processing purposes. Detractors who scored the PDR on average 5/10 answered they had “no opinion” or were “in the middle”. The only PDR benefits detractors described are usefulness i.e., “for checking and controlling my personal data” (DIAS web-app tester). This respondent was concerned about “forwarding data to other, larger companies”. PDR are informative but not transparent according to another detractor:

“Users cannot be sure that only the above personal data is processed. However, it is positive that users have a clear description of how long data will be processed in an electronic document.” (DIAS CPN-app tester).

Our results indicate mixed user perspectives on the role of PDR regarding personal data processing transparency. Arguments in favour are the icons and bullet points make it simple and user-friendly. PDR are more comprehensive than other approaches for providing information about personal data processing. For example, T&Cs contain legal text that most people do not understand. PDR are useful for people who are digitally illiterate, but with a more extensive explanation. Arguments against are i.e., it is still “vague”. A participant suggested information is missing about the monetary value of personal data:

“Concrete numbers with maybe a sum in dollars or euros […] It only says what is stored but not what the value of it all is to a media organisation or to yourself”.

This viewpoint raised interest and questions from the group like “How can you quantify that?” and “Isn’t it difficult to put a price on someone’s data? That will be different from person to person”. The participant replied that quantifying personal data value is not difficult i.e., “by comparing ad income divided by [the number of] users”. Personal data prices should be calculated per individual. PDR should be ‘personalised’ with prices adapted to individual users: “data is personal so why can’t the form be personal then?”. Participants unanimously approved this idea. We asked how they evaluated the approach of emailing PDR when users register for a service and if settings change. A participant responded PDR enhance data literacy, “you are aware of everything that is going on in your account”.

Table 4

PDR NPS-scores (expert panel)

Response count		NPS-categories						PDR NPS-score
Survey	NPS- question	Promoters	Average PDR-score	Passives	Average PDR-score	Detractors	Average PDR-score
20	20	7 (35%)	9,29/10	7 (35%)	7,57/10	6 (30%)	5/10	5 medium

Table 5

PDR evaluation (expert panel)

PDR evaluation	NPS-category
	Promoters	Passives	Detractors
Strengths
Transparency, trust, consent, control, and accountability: • Clear, transparent, and recoverable overview of what happens with user data (processing purposes). • Increased control, informed consent, and data management improves user trust and relationship with media. • Understandable and reactive approach (follow-up communication).	X	X
Usefulness for users: • Ability to adjust settings. • Users receive a link to exercise data rights i.e., revoke/remove/portability.	X	X
Informativeness and readability: • Everything is clearly explained in a manageable way. • Icons and bullet points increase readability (instead of long continuous text).	X	X
Weaknesses
(Not) reading PDR: • A lot of information to consume. • Most users do not think, read, or ask questions about this. • Only highly interested users will benefit from it.	X	X	X
User-friendliness: • Information overload if users receive an email from every service provider/every time privacy settings change.		X
Word-usage: • High-level, too technical, general, and vague (‘catch-all’ concepts). • Depends on users’ familiarity with certain terms. • For example, data processing to get “further insight on user preferences”. Is news personalisation based on these insights?		X	X
Personal data misuse: • Unclear if the information is also used for other purposes than news personalisation.			X
More information is needed: • Click-through on specific parts.	X		X
Missing elements: • Some information required by GDPR is missing i.e., rectification (data rights). It is commercially interesting to know e.g., if a user does not have a cat but two dogs. • Link between collected data and insights. • How personal data processing contributes to a strategic advantage for the controller.			X

4.2 PDR evaluation by media professionals

Table 4 summarises survey and PDR-question response count, NPS-categories, and PDR NPS-score. We discerned themes and bundled quotes of promoters, passives, and detractors (Table 5). Most promoters described PDR strengths related to transparency, trust, consent, control, accountability, and usefulness for users. Two promoters identified PDR weaknesses. PDR comprehensiveness depends on users’ data literacy. More information is needed, but (not) reading PDR is problematic. “It can be done in more detail, but nobody will read that” (data protection and privacy expert at public broadcaster). Passives illustrated PDR strengths and weaknesses; detractors put forward mostly weaknesses. Five of twenty respondents across different NPS-categories expect PDR improvements and future iterations (three detractors, one passive and one promoter). They indicated i.e., ‘good start’, ‘test project’, ‘interesting concept’ and ‘step in the right direction’.

From a professional perspective, the sixteen interviewees agreed media should inform users when they create a profile about them. This is mandatory under European rules. The media professionals think people should have control over this. It is better if users create their own profile and choose (not) to share data with certain organisations or for specific purposes. ‘Opt-in’ is preferred. Maybe users are already aware:

“We believe that once users visit a webpage and sign in, they know that a profile is being created for them. But it is proper that there is some informative material that they are entering a ‘personalization phase’ (DIAS interviewee)”.

Whether users should be informed depends on “what personal data is collected and how anonymous this is” (VRT journalist). Media grudgingly provide information about this, “it is unethical for a news organization to do that without the user being aware of it” (DIAS interviewee). DW respondents commented user profiles must be ‘transparent’, ‘accessible’, ‘adjustable’, and users should be able to ‘delete’ their profiles. It is important to inform users in a general way, communicate about how the profile was created, what it entails, and explain how data is analysed. There should be transparency towards users, from an ethical perspective, this is expected by audiences or required by law. Media should inform their users about personalisation criteria used to recommend news content. A DW respondent partially agreed with this statement and commented “if the user wants to know more (s)he should be able to request and receive the information easily”. Transparency is important, “otherwise it [personalisation] will be criticised quickly” (VRT journalist). Is it unethical to do personalisation under the radar? “That [transparency] is quite a discussion and depends a bit on how far you go in it” (VRT data analytics expert). A DW interviewee recommended to stop personal data processing solely based on selling more products and services. Van Buggenhout and Van den Broeck (2020) encountered this practice in their research on personal data value. Media organisations cast a ‘wide net’ and collect more data than needed to provide personalised services (Viala, 2018).

When it comes to user notifications, interviewees described standard, contrived solutions such as email or pop-ups. For example, a confirmation email when users register, explaining which data is stored about you. It can be a blog post, or an email automatically sent after users ‘opted-in’ to personalised news. Notwithstanding, not every user should be informed in a personal way. This information can be displayed on the tab/page where personalised news is provided. DIAS interviewees furthermore proposed “a link with continuous notifications” or “notification at the time the user visits the organisations’ website” (continuous vs one-off notifications). Explanations should be easy to understand. “Not informing is a worse thing than informing” (VRT social media and video production expert). In the case of CPN, two media professionals disagreed users should be informed about which personal data is used for news personalisation:

“I do not think it is necessary, though it might be a good practice. I see it from the opposite viewpoint, not that of the user. […] From the viewpoint of users, it would be good. Maybe there should be a list with news categories from which they can choose and give their consent” (DIAS interviewee).

There is a common sense among the experts that users should be informed, but the specific format in which this could or should happen differs. We confronted them with PDR as a specific transparency tool to inform users about personal data processing. All interviewees positively evaluated PDR. For example, it provides overview to users. “Something like this is often missing from data handlers or it is long and complex” (DW professional). Interviewees affirmed PDR improve transparency and trust. For example, “a good approach to ensure mutual trust” (DIAS interviewee), “boost confidence” (VRT data analytics expert), and “open” (VRT social media and video production expert). A DIAS interviewee mentioned PDR increase accountability, “like having a lawyer signing papers”, for (consenting to) personal data processing. Correspondingly, a VRT interviewee asked: “I assume that something like that evolves or expands as more data is collected over time?”. Users indeed receive a revised PDR (email) if data processing settings change. PDR user-friendliness decreases “if it changes too often and you get too much information” (VRT interviewee). Two interviewees indicated the issue of users (not) reading the PDR. “It’s yet another email” (DW interviewee). The PDR terminology is often legal text and discouraging for people to read. There are missing elements, PDR are “unspecific in regard to what was actually stored (no links to repositories/overviews) and what exactly it is being used for” (DW interviewee). There are no technical barriers for PDR implementation from media professionals’ perspective, but the benefits, complexity and obstacles for users need further investigation before media are willing to actualize PDR provision. “Take the current cookie messages you get on websites if you are accessing them from Europe. People get annoyed by those if they are not easy to handle” (DW interviewee).

5. Discussion

We investigated how media users and media professionals evaluate PDR considering transparency and trust. Our guiding research questions were: do PDR provide actual transparency from media users’ perspective, and do professionals expect PDR to effectively improve user trust in personal data processing? In this study, we found that PDR is appreciated as a valuable transparency tool by media users and professionals (clear, comprehensive, and trustworthy), a step in the right direction, but PDR improvement is also needed i.e., regarding standardization, provision, usability, and user experience. Based on the qualitative survey findings NPS-scores are mixed (ranging from low to medium, $-$ 12,5 to 0 for end-users, and 5 for professional users). The respondents provided different motivations for these mixed scores. Negative PDR-scores indicate several issues exist i.e., customer experience (Grigore, 2020). NPS-scores of 0 and 5 are a better range to be in however there is still room for progress. We enriched the descriptive survey results with detailed insights from the student brainstorm and expert interviews to delineate PDR strengths and weaknesses. We did not define transparency with participants before the interviews, as the research was inductive. Perspectives on what is transparent are influenced by participants’ positionality and transparency-estimates are based on ‘situated knowledges’ (Haraway, 1988). Establishing a dialogue between different stakeholders like media organisations and users could bridge different perspectives on transparency.

The main PDR strengths described in this study are:

•
PDR help media to achieve GDPR compliance and improve privacy.
•
Personal data processing transparency and user trust increases. PDR value depends on the user’s trust in the controller (Styliari & Nati, 2016). Users perceive PDR created by trustworthy organisations as more valuable than PDR provided by untrustworthy organisations, if provided at all. Standardisation is important. PDR should be “universal” (Styliari & Nati, 2016, p. 13).
•
Consent and control for users, accountability for controllers.
•
Convincing approach if users’ attitude is positive towards data processing.
•
PDR provision creates a barrier for personal data misuse.
•
Informativeness and readability (use of icons). PDR are more comprehensive than other approaches (T&Cs). Also demonstrated by Nati (2018) and Styliari & Nati (2016).
•
Clear description of data processing benefits for users.
•
Improves data literacy.
•
Useful to exercise data rights.
•
Simple, user-friendly format and lay-out.

Study participants put forward PDR weaknesses:

•
Not reading PDR. Most CPN users did not remember having received PDR (Wagner et al., 2019). PDR testing at DigiCat demonstrated 50% of individuals who received PDR ( $n=$ 180) opened the email, and 11% interacted with it – effectiveness of email as communication channel was nevertheless confirmed (Nati, 2018). Like cash-based receipts it is not a problem for validity if users do not read/remember PDR, but in the context of transparency it is better if they do read/know about PDR. It is important users receive and store PDR as non-disputable evidence of consent regarding data they (do not) share with controllers for specific purposes.
•
Unconvincing approach if users’ attitude is negative towards data processing and/or the controller itself.
•
Fear of personal data misuse.
•
More information is needed regarding PDR implementation. Consumers still question if media are genuinely transparent and provide the necessary information i.e., resale to third parties.
•
Language (in English only).
•
Too technical, general, and vague terminology. Meaningful PDR are clear, simple, and unambiguous (Jesus, 2020; Nati, 2018). PDR should be short and include web links in specific sections with detailed information (Styliari & Nati, 2016).
•
Impersonal format and layout.
•
User-friendliness decreases if people receive PDR when settings change (information overload). This corroborates Cooper’s (2017) statement “consent receipts are all over the place”, users need trustworthy storage solutions to consolidate all PDR into a single view. For example, PDR wallets or blockchain-based notice registries.

Is the PDR an effective transparency initiative or obfuscatory communication practice to cultivate digital resignation? We performed a post hoc analysis, but it could also be useful before the interviews. We aimed to interpret research data, explore, and describe participants’ perspectives, with a minimum of bias (‘not-knowing stance’) and maximum of empathy. Grounded in the research data, we understand PDR do not falsely appease user concerns, but more insight into actual data practices is necessary. For example, how data circulate in the broader systems that give them meaning (Draper & Turow, 2019). PDR do not divert individuals and are an effective tool to improve personal data processing transparency. Additional explanation is needed for users to understand the information to which they have been granted access (Ibid). The PDR terminology is too complex (jargon). PDR labels are not misleading.

Table 6
PDR improvement

Missing element Recommendation

Standardisation (format and layout) Standardisation overcomes the issue of not reading PDR. Common/unified PDR for multiple media brands reduce the burden for users of being confronted with different T&Cs. Previous attempts to organise a single sign-on (SSO), ‘Media ID’ in Flanders/Belgium was unsuccessful (Komorowski, Coppens, Van den Broeck & Braet, 2016).

Third parties: Processing purposes (targeted advertising) Users wonder if personal data is used for other purposes than mentioned on PDR. Complete information about data processing is important, including purposes for which data are not used. PDR should contain a section on access requests by (new) service providers, explain processing purposes, and declare controllers’ reputation score (Nati et al., 2019).

Monetisation: Personal data value One respondent suggested to make users aware they are paying for ‘free’ services with their data (Kuneva, 2009). For example, ‘personalised PDR’ with data prices adapted per individual. We do not believe adding monetary personal data value (‘pricing’) is the best approach. This stretches the PDR purpose too far. We advocate increasing user awareness about data as ‘currency’. This is indicated in ‘premium’ services, people pay to consume content without advertisements. Using ‘free’ services implies you agree with targeted ads.

Link between data and insights It is unclear which personal data is processed for personalisation. Transparency and ‘opt-out’ are suitable solutions, acknowledging users will receive a less personalised service.

Data rights: rectification Users should have a single contact to remove/rectify personal data. Contacts are included in PDR-design, but it must be explicit this is for rectification and removal.

Based on our analysis, we identified missing elements and formulated recommendations for PDR improvement (Table 6). We advocate standardization of PDR format and lay-out. PDR should inform users on third parties’ access to user data for purposes like targeted advertising. PDR could also inform users about monetisation (data as ‘currency’). Acknowledging users’ right to be informed about personal data value could improve transparency (Malgieri & Custers, 2018). PDR could clarify the link between collected user data and generated insights. Finally, PDR should provide complete information on users’ data rights.
6. Conclusions

Missing element	Recommendation
Standardisation (format and layout)	Standardisation overcomes the issue of not reading PDR. Common/unified PDR for multiple media brands reduce the burden for users of being confronted with different T&Cs. Previous attempts to organise a single sign-on (SSO), ‘Media ID’ in Flanders/Belgium was unsuccessful (Komorowski, Coppens, Van den Broeck & Braet, 2016).
Third parties: Processing purposes (targeted advertising)	Users wonder if personal data is used for other purposes than mentioned on PDR. Complete information about data processing is important, including purposes for which data are not used. PDR should contain a section on access requests by (new) service providers, explain processing purposes, and declare controllers’ reputation score (Nati et al., 2019).
Monetisation: Personal data value	One respondent suggested to make users aware they are paying for ‘free’ services with their data (Kuneva, 2009). For example, ‘personalised PDR’ with data prices adapted per individual. We do not believe adding monetary personal data value (‘pricing’) is the best approach. This stretches the PDR purpose too far. We advocate increasing user awareness about data as ‘currency’. This is indicated in ‘premium’ services, people pay to consume content without advertisements. Using ‘free’ services implies you agree with targeted ads.
Link between data and insights	It is unclear which personal data is processed for personalisation. Transparency and ‘opt-out’ are suitable solutions, acknowledging users will receive a less personalised service.
Data rights: rectification	Users should have a single contact to remove/rectify personal data. Contacts are included in PDR-design, but it must be explicit this is for rectification and removal.

Our study contributes to privacy paradox literature. There are few viable solutions to span the gap between user intention and behaviour (Barth & de Jong, 2017). Users are concerned about privacy, but act to the contrary, agreeing with T&Cs without reading them (Ibid). PDR provide more transparency by offering relevant information more concisely. PDR can create privacy awareness and help users to avoid paradoxical behaviour (Pötzsch, 2009). The tool reminds users about their privacy intentions and supports people to make informed decisions about information disclosure (Ibid). PDR can be considered as Transparency Enhancing Technology (TETs) as it helps “a user to regain control over her personal sphere” (Hedbom, 2008, p. 67). PDR allow users and professionals to keep track on which information is stored, by whom it is used and for what purposes (auditing). PDR are an interactive tool; users can actively influence the stored data and processing (exercise data rights).

Despite their potential, PDR are not yet an ubiquitous transparency tool. Several challenges remain for widespread implementation by media and user adoption. Some organisations hesitate or do not implement PDR, as they reveal (too) much information to users with “one quick read” (Styliari & Nati, 2016, p. 15). “Even a brilliant and popular technical solution can be defeated by lousy regulations or a lack of international consensus” (Santolalla, 2018). After all, it is difficult to cooperate at national level. “One-off approaches rarely result in broad social change […] individual responses seldom succeed in undermining powerful systems” (Draper & Turow, 2019, p. 1833). PDR do not work as “stand-alone” (Nati, 2018, p. 6). “But alongside many consent receipts, used in every data transaction, they will be powerful and can change the way we trust organisations and share our data” (Styliari & Nati, 2016, p. 10). This creates an accountable and auditable ‘Web-of-Receipts’/WoR for users, and media can demonstrate that valid consent was obtained for personal data processing (Jesus, 2020). Providing digital receipts – ‘proof’ – each time users consent to personal data processing, creates an ‘audit trail’ for subjects and controllers (Morrow, 2017; Patachi, 2018). “Each will have undisputable evidence of the (personal data) transaction details” – like ‘normal’ purchases (Jesus, 2020, p. 25384). It improves digital transparency and trust (Styliari & Nati, 2016). This makes people more amenable to share information with media (Robinson, 2018). WoR will impact controllers’ consent procedures and reverse “the power relationship from solely organisations to a shared, “one on one”, responsibility” (Ibid, p. 25387). Transparency tools like PDR have business and technical trust implications (Hardjono & Maler, 2017). PDR usage and management is technically challenging and requires development, evaluation, and adaption of trustworthy storage solutions. Users should self-manage (store/retrieve) PDR in a ‘Receipt Wallet’ i.e., cloud storage or a trusted third party can aid users in managing the large number of receipts (Jesus, 2020). For example, the Consentua Consent Repository and the Open Notice Registry could be used for this (Cooper, 2017; Lizar & Hodder, 2014).

Based on our analysis, we see an important future role for PDR along with continuation of PDR research. If media implement the provided recommendations and users recognize PDR value, a top-down approach is likely needed to establish PDR adoption. Future studies should leverage media professionals and experts to expand PDR research and focus on current barriers for PDR adoption. For example, examining whether PDR provide too much transparency that can impede market adoption. Consent interactions are increasingly automated, categorizing consent considering scenario and outcome, PDR function as “bridge to bring all the receipts together into one place (a virtual place) […] dynamic store of consent” (Cooper, 2017). It would be fruitful to further investigate to which extent sector-wide support exists in the media for implementing PDR on regional, national, or European scale. Our research focused on media, but PDR would benefit all sectors that use personal data for personalisation and other purposes (banking, energy, health, etc). The study raises important questions for policymakers. For example, should PDR be legally required? It would be an important step towards transparency, but it also requires scrutinizing of existing PDR-storage solutions, which we see as an interesting topic for future work.

Scrutinizing the role of PDR in a broader context and considering societal debates, it is an improvement in terms of transparency and data literacy. On the other hand, the question of responsibility – should this be in the hands of users or companies? – remains. We argue that it is a shared responsibility. Users should not resign to a privacy paradox and must improve their understanding of data processing consequences. Companies must provide clear information about processing purposes. PDR provision nevertheless might result in a false sense of control (individuals can only agree to what the company proposes), and therefore also of user agency.

Trying to achieve true control of data and privacy is impossible for individuals in a networked world and will only lead to frustration; “data is more persistent, replicable, searchable, and scalable than ever before” (Boyd, 2012, p. 349). PDR contribute to our understanding of privacy in context and address the need for alternate models to deal with networked privacy, by focusing on usage and interpretation rather than permission at the data acquisition level (Nissenbaum, 2009; Boyd, 2012). The tool provides insight into who has the right to interpret personal data and offers mechanisms by which users can challenge how they have been interpreted (Ibid). This is an important step towards transparency.

Funding

This work was supported by the CPN project and received funding from the European Unionâ€™s Horizon 2020 research and innovation programme under grant No 761488 and by the Vrije Universiteit Brussel Strategic Research Program (SRP), exchange value and public value of content and communication services in future media ecosystems.

Ethics

This study was approved and conducted within the H2020 project CPN. We followed all ethical principles, guidelines, and advice of the ethical advisor, as stated in the project Data Management Plan and ethical deliverable (Bosco et al., 2018).

Footnotes

Authors biographies

Natasja van Buggenhout is a PhD researcher at imec-SMIT (Vrije Universiteit Brussel). Her doctoral research considers personal data value for media industry, users, and governments in small media markets (2018–2022). Natasja is currently a member of the Media and Society Program and Media, Innovation and Living Labs Unit at SMIT. She has expertise in research methods for social sciences. Her professional interests are (new) media and ICT, user research, data, advertising, and personalisation.

Wendy Van den Broeck is an assistant professor in communication studies at the Vrije Universiteit Brussel. She is also head of the living labs unit and senior researcher within the imec-smit research group. Her main research expertise is in the domain of personalised and immersive media and smart education. She also has an interest in research methodology and focuses mainly on living lab research and user research methods.

References

Barth

, & De Jong

M. D.

(2017). The privacy paradox – Investigating discrepancies between expressed privacy concerns and actual online behavior – A systematic literature review. Telematics and Informatics, 34(7), 1038-1058.

Bosco

Croce

Danezis

De Ruyck

Gerits

Jennes

Kisselmann

Mattheijssens

, & Van Buggenhout

(2018, February, 28). D6.2: Data Management Plan. CPN. https://www.projectcpn.eu/work-packages-and-deliverables.

Boyd

(2012). Networked privacy. Surveillance & Society, 10(3), 348-350. doi: 10.24908/ss.v10i3/4.4529.

Blum

(2017, November 1). Digital Identity – Will the New Oil Create Fuel or Fire in Today’s Economy. ISACA Journal, 6, 1-3. https://www.isaca.org/resources/isaca-journal/issues/2017/volume-6/digital-identitywill-the-new-oil-create-fuel-or-fire-in-todays-economy.

Butarbutar

(2020, March). Initiating New Regulations on Personal Data Protection: Challenges for Personal Data Protection in Indonesia. In 3rd International Conference on Law and Governance (ICLAVE 2019), Atlantis Press, pp. 154-163.

Cooper

(2017, November 21). Why Consent Receipts are Important. Consentua. https://consentua.com/blog/2017/11/21/why-consent-receipts-are-important/.

CPN Consortium (2019, August 19). How CPN puts users in control of their personal data. https://www.projectcpn.eu/news-3/2019/8/19/how-cpn-puts-users-in-control-of-their-personal-data.

Draper

N. A.

, & Turow

(2019). The corporate cultivation of digital resignation. New Media & Society, 21(8), 1824-1839.

Glaser

B. G.

, & Strauss

A. L.

(2017). The Discovery of Grounded Theory: strategies for qualitative research. Routledge.

10.

Greig

(2017, June 20). Kantara Initiative Releases the First Open, Global Consent Receipt Specification; Meets GDPR Requirements, Free for Download [Press release]. https://kantarainitiative.org/kantara-initiative-releases-first-open-global-consent-receipt-specification/.

11.

Grigore (2020, March 5). What is a Good Net Promoter Score? (2020 NPS Benchmark). Retently. https://www.retently.com/blog/.

12.

Haraway

(1988). Situated knowledges: The science question in feminism and the privilege of partial perspective. Feminist Studies, 14(3), 575-599.

13.

Hardjono

, & Maler

(2017, June 5). Report from the Blockchain and Smart Contracts Discussion Group to the Kantara Initiative. Kantara Initiative. https://kantarainitiative.org/file-downloads/report-from-the-blockchain-and-smart-contracts-discussion-group-to-the-kantara-initiative-v1/.

14.

Hardjono

Maler

Machulak

, & Catalano

(2015, December 28). User-Managed Access (UMA) Profile of OAuth 2.0. Kantara Initiative. https://docs.kantarainitiative.org/uma/rec-uma-core.html.

15.

Hardjono

, & Pentland

(2019). Data Cooperatives: Towards a Foundation for Decentralized Personal Data Management. arXiv, 1905.08819, 1-12. https://arxiv.org/abs/1905.08819.

16.

Hedbom

(2008, September). A survey on transparency tools for enhancing privacy. In IFIP Summer School on the Future of Identity in the Information Society. Springer, Berlin, Heidelberg, pp. 67-82.

17.

Hughes

(2018, November 11). Consent Receipt. IDIM Musings. https://idimmusings.com/tag/consent-receipt/.

18.

ICO (s.d.). Principle (a): Lawfulness, fairness and transparency. ICO.org.uk. https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/principles/lawfulness-fairness-and-transparency/.

19.

Jesus

(2020). Towards an Accountable Web of Personal Information: The Web-of-Receipts. IEEE Access, 8, 25383-25394.

20.

Komorowski

Coppens

Van den Broeck

, & Braet

(2016). Lowering the barriers for online cross-media usage: Scenarios for a Belgian single sign-on solution. Telematics and Informatics, 33(4), 916-924.

21.

Kuneva

. European Consumer Commissioner (2009, March 31). Keynote Speech Roundtable on Online Data Collection, Targeting and Profiling [Press release]. http://europa.eu/rapid/press-release_SPEECH-09-156_en.htm.

22.

Leu

(2019, January 10). What Is A Consent Receipt And Why It Matters. Clym. https://www.clym.io/articles/what-is-a-consent-receipt-and-why-it-matters.

23.

LeVasseur

, & Maler

(2019). Beyond Consent: A Right-to-Use License for Mutual Agency. IEEE Communications Standards Magazine, 3(4), 52-59.

24.

Lizar

(2016, February 1). MVCR v0.7.1. Kantara Initiative. https://github.com/KI-CISWG/MVCR.

25.

Lizar

, & Hodder

(2014). Usable consents: tracking and managing use of personal data with a consent transaction receipt. In Proceedings of the 2014 ACM International Joint Conference on Pervasive and Ubiquitous Computing: Adjunct Publication pp. 647-652.

26.

Lizar

, & Pandit

H. J.

(2019). OPN: Open Notice Receipt Schema, Semantics, Berlin, Germany, pp. 1-5.

27.

Lizar

, & Turner

(2017, April 25). Consent Receipt Specification. Kantara Initiative. https://kantarainitiative.org/file-downloads/file-download-consent-receipt-recommendation-v1-0-report/.

28.

Lizar

, & Wunderlich

(2014). Consent Receipts [presentation]. Open Notice. https://kantarainitiative.org/wp-content/uploads/2014/10/Kantara-Consent-Receipt-Presentation.pdf.

29.

Maler

Machulak

, & Richer

(2018, January 7). User-Managed Access (UMA) 2.0 Grant for OAuth 2.0 Authorization. Kantara Initiative. https://kantarainitiative.org/file-downloads/rec-oauth-uma-grant-2-0-pdf/.

30.

Malgieri

, & Custers

(2018). Pricing privacy – the right to know the value of your personal data. Computer Law & Security Review, 34(2), 289-303.

31.

Meadows

, & Hatzakis

(2018). Getting to know you? New business models for privacy and the quantified self. Social Business, 8(1), 13-20.

32.

Miller

, & Wertheimer

. (2010). The Ethics of Consent: Theory and Practice. Oxford University Press.

33.

Morrow

(2017, September 25). Identity data in the world of GDPR. CSOonline.com. https://www.csoonline.com/article/3227912/identity-data-in-the-world-of-gdpr.html.

34.

Nati

(2018, March). Personal Data Receipts: How transparency increases consumer trust. Digital Catapult. https://www.digicatapult.org.uk/news-and-insights/publication/pdr-report.

35.

Nati

Mayer

Capossele

, & Missier

(2019). Toward trusted open data and services. Internet Technology Letters, 2(1), 1-5. https://onlinelibrary.wiley.com/doi/full/10.1002/itl2.69.

36.

Nissenbaum

(2009). Privacy in Context: Technology, Policy, and the Integrity of Social Life. Palo Alto: Stanford Law Books.

37.

Pandit

H. J.

Debruyne

O’Sullivan

, & Lewis

(2019a). Gconsent – A Consent Ontology based on the GDPR. In European Semantic Web Conference, Springer, Cham, pp. 270-282.

38.

Pandit

H. J.

Polleres

Bos

Brennan

Bruegger

Ekaputra

F. J.

Gachpaz Hamed

Kiesling

Lizar

Schlehan

Steyskal

, & Wenning

(2019b, October). Creating a Vocabulary for Data Privacy. In OTM Confederated International Conferences: On the Move to Meaningful Internet Systems, Springer, Cham, pp. 714-730.

39.

Patachi

(2018, December 12). How Big Companies Should Behave Under Europe’s New Cookie Regulations. CPO Magazine. https://www.cpomagazine.com/data-protection/how-big-companies-should-behave-under-europes-new-cookie-regulations/.

40.

Politou

Alepis

, & Patsakis

(2018). Forgetting personal data and revoking consent under the GDPR: Challenges and proposed solutions. Journal of Cybersecurity, 4(1), 1-20. https://academic-oup-com-s.web.bisu.edu.cn/cybersecurity/article/4/1/tyy001/4954056.

41.

Pötzsch

(2008, September). Privacy awareness: A means to solve the privacy paradox? In IFIP Summer School on the Future of Identity in the Information Society, Springer, Berlin, Heidelberg, pp. 226-236.

42.

Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation). Retrieved from https://eur-lex.europa.eu/eli/reg/2016/679/oj.

43.

Robinson

S. C.

(2018). Factors predicting attitude toward disclosing personal data online. Journal of Organizational Computing and Electronic Commerce, 28(3), 214-233.

44.

Santolalla

(2018, March 21). What is Consent Receipt. Ubisecure. https://www.ubisecure.com/data-protection/what-is-consent-receipt/. aaa(000) Simmons, A. (1998). Consent. The Routledge Encyclopedia of Philosophy. Taylor and Francis. doi: 10.4324/9780415249126-S011-1.s aaa(000) Styliari, T. C., & Nati, M. (2016, September). Researching the transparency of personal data sharing: Designing a consent receipt. Digital Catapult. https://nottingham-repository.worktribe.com/output/833415. aaa(000) Su, X., Hyysalo, J., Rautiainen, M., Riekki, J., Sauvola, J., Maarala, A. I., & Honko, H. (2016). Privacy as a Service in Digital Health. arXiv, 1605.00833, 1-6. https://arxiv.org/abs/1605.00833.

45.

Van Buggenhout

, & Van den Broeck

(2020). Dark patterns or informed consent, PI disclosure decision and trade-off? A study exploring the value of sharing personal information (PI) with media companies in Flanders, Belgium. NEM Summit 2020. https://nem-initiative.org/nem-summit-2020-program/.

46.

Van Buggenhout

, & Van Zeeland

(2020, June). Tussenrapportage expertbevraging reflectie 2: Relevantie, noodzaak en risico’s van data delen met mediaorganisaties. p. 27. https://smit.vub.ac.be/studie-naar-waardepropositie-van-data-delen-in-online-media.

47.

Van Buggenhout

Van den Broeck

, & Ballon

(2020). Exploring the Value of Media Users’ Personal Information (PI) Disclosure to Media Companies in Flanders, Belgium. Mediální Studia, 14(1), 75-103.

48.

Van Zeeland

Van Buggenhout

, & Pierson

(2019). Personal data protection in the media sector: Roundtable report: for Chair ‘Data Protection on the Ground’. Brussels. p. 12. https://www.vub.be/foundation/leerstoel/dataprotection-on-the-ground#publications.

49.

Vanhaelewyn

, & De Marez

(2018). Imec Digimeter, 2017. https://www.imec-int.com/nl/digimeter.

50.

Vargas

J. C.

(2019). Blockchain-based consent manager for GDPR compliance. Open Identity Summit. https://dl.gi.de/handle/20.500.12116/20985.

51.

Viala

(2018, October 7). Businesses collect more data than they can handle, reveals Gemalto [Press release]. https://www.thalesgroup.com/en/markets/digital-identity-and-security/press-release/businesses-collect-more-data-than-they-can-handle-reveals-gemalto.

52.

Wagner

Kisselmann

Mattheijssen

Van Lier

Coppens

Danezis

Konstantinou

Harrison

, & Demeester

(2019, August 27). D4.3: Cycle 3 Piloting Report. CPN. https://www.projectcpn.eu/work-packages-and-deliverables.

53.

WP29 (2018, April 11). Guidelines on transparency under Regulation 2016/679. Article 29 Working Party EU Directive 95/46/EC. https://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=622227.

Media users’ and professionals’ responses to personal data receipts: A mixed methods study

Abstract

Keywords

1. Introduction

1 Kantara Initiative developed UMA1.0 and MVCR0.7.1 in 2015, and UMA2.0 in 2018 (Hardjono et al., 2015; Lizar, 2016; Maler et al., 2018).

3. Methods

3.1 Exploring end users’ perspective

2 Exclusively for DW and DIAS testers (mobile and web CPN-app). VRT MYNWS users did not receive PDR.

4 Ten Flemish media professionals, eight academics, one media advisory board, and Belgian data protection regulator.

4.1 PDR appreciation by end users

6 We descriptively analysed and reported the survey data (CPN-/web-app). There were too few survey responses to perform in-depth statistical analysis.

5. Discussion

Funding

Ethics

Footnotes

Authors biographies

References

¹
Kantara Initiative developed UMA1.0 and MVCR0.7.1 in 2015, and UMA2.0 in 2018 (Hardjono et al., 2015; Lizar, 2016; Maler et al., 2018).

²
Exclusively for DW and DIAS testers (mobile and web CPN-app). VRT MYNWS users did not receive PDR.

⁴
Ten Flemish media professionals, eight academics, one media advisory board, and Belgian data protection regulator.

⁶
We descriptively analysed and reported the survey data (CPN-/web-app). There were too few survey responses to perform in-depth statistical analysis.