special issue on distributed participatory design, sjis 2009, issue 1

8/14/2019 Special Issue on Distributed Participatory Design, SJIS 2009, Issue 1

1/111

2009V l. 21, N . 1E abli hed 1989

C o N t E N t s :

Editorial 1

Consumers' Views on Privacy in E-CommerceT. Kaapu & T. Tiainen

3

A Special Issue EditorialK. D. berg, D. Gumm & A. M. Naghsh

23

Distributed Development to Enable User Participation: Multilevel design in theHISP network O. H. Titlestad, K. Staring & J. Braa

27

Inter-Contextual Distributed Participatory Design: Communicating designphilosophy and enriching user experience H. Obendorf, M. Janneck & M. Finck

51

Furthering Distributed Participative Design: Unlocking the walledgardens C. Loebbecke & P. Powell

77

ISSN 0905-0167

s c a n d i n a v i a n J o u r n a l o f I n f o r m a t i o n s y t e m 2

0 0 9 V o l .2 1

, N o .1

scandinavian Journal of Information sy tem


2/111

Scandinavian Journal of Informa on Systems


3/111

Publishing

Copyright 2009 Scandinavian Journal o In ormation Systems. Te IRIS Associatiborg University, Department o Computer Science, Selma Lagerl s Vej 300, DK-9borg, Denmark.

ISSN: 0905-0167ISBN: 9788799142576

Publication date: 30th June, 2009.

Production team: Peter Axel Nielsen (director) and Annette Moss (editing).Electronic journal: www.e-sjis.org; available ree o charge.

See www.e-sjis.org or scope, submission o articles, and subscription to the printed j


4/111

Editorial Board

Bjrn Erik Munkvold, University o Agder, Norway, Coordinating Editor.Rikard Lindgren, I University o Gothenburg & Viktoria Institute, Sweden, Ed

Keld Bdker, Roskilde University, Denmark, Editor.Samuli Pekkola, ampere University o echnology, Finland Editor.

Advisory Board

Richard Boland, Case Western Reserve University.one Bratteteig, Oslo University

Susanne Bdker, Aarhus University.Bo Dahlbom, I University o Gteborg. Jan Damsgaard, Copenhagen Business School. Jukka Heikkila, University o Jyvskyl.Ola Hen ridsson, Viktoria Institute.Karl Kautz, Copenhagen Business School.Finn Kensing, University o Copenhagen.Karlheinz Kautz, Copenhagen Business School.Kalle Lyytinen, Case Western Reserve University.Lars Mathiassen, Georgia State University.Eric Monteiro, Norwegian University o Science and echnology. Joe Nandhakumar, Warwick Business School.Ojelanki Ngwenyama, Ryerson University.Peter Axel Nielsen, Aalborg University.Sandeep Purao, Penn State University.Matti Rossi, Helsinki School o Economics.Ulrike Schultze, Southern Methodist University.

Jesper Simonsen, Roskilde University. Susan Leigh Star, Santa Clara University.Erik Stolterman, Indiana University.Carsten Srensen, London School o Economics.Pl Srgaard, elenor Research & Innovation.Virpi uunainen, Helsinki School o Economics.Geo Walsham, University o Cambridge. Youngjin Yoo, emple University.


5/111


6/111

Editorial

Keld Bdker

Rikard Lindgren

Bjrn Erik Munkvold

Samuli Pekkola

Te rst issue o the SJIS volume 21 eatures one research article and a special issue onand opportunities o distributed participatory design. Te research article by aina Kaa

arja iainen presents a phenomenographical analysis o consumers interpretation o e-commerce, identi ying a number o di erent privacy conceptions. Teir results illustthe consumers view o privacy is situated and dynamically constructed based on newtion and experience. Te guest editors o the special issue were Karin Danielsson berg

Gumm and Amir M. Naghsh. We thank them or their contribution to the journal, anconsiderable e orts they have put into serving as guest editors. With this issue, Bjrn Erik Munkvold has taken over rom Matti Rossi as coordina

tor or SJIS. We are grate ul to Matti or his valuable service or the journal and the cand welcome Samuli Pekkola as the new Finnish representative on the SJIS editorial b

Scandinavian Journal o In ormation Systems, 2009, 21(1), 12


7/111


8/111


Consumers Views on Privacy in E-Commerce

Taina KaapuDepartment of Computer Sciences, University of Tampere, Finlandtaina.kaapu@uta.

Tarja TiainenDepartment of Computer Sciences, University of Tampere, Finland

[email protected].

Abstract. Informa on privacy protec on and invasion of privacy in e-commerce have be-come important topics in both everyday ac vi es and scien c discussions. The aim of this study is to understand how consumers regard privacy in business-to-consumer e-com-merce. As this study focuses on consumers own interpreta ons of privacy, the researchapproach is empirical, rather than theore cal. Based on a phenomenographical analysisof consumer interviews, we iden fy di erent layers of understanding by focusing on the

referen al objects and the structural components of informa on privacy. The result in-cludes 25 di erent privacy concep ons, showing that consumers view of privacy is situatedand constantly under construc on as the consumer gets new informa on or experiences.

Key words: informa on privacy, consumer, e-commerce, phenomenography.

Introduc on1

Understanding consumer behaviour is vitally important in online shopping. One precoor the growth o e-commerce is that the consumers use online channels. Tese chanchosen at each stage in the purchase process: requirements determination, vendor sepurchase, and a ter-sales service (Choughury and Karahanna 2008). Te process is coto the consumers trust in e-purchase and e-vendors, and to the consumers perception(Choughury and Karahanna 2008; Verhagen et al. 2006). Te number o online consumgrown; at the same time, the ears regarding in ormation privacy have also increasedet al. 2004). Te biggest concerns to Internet users are viruses, spam, spyware and hackeet al. 2007). I these problems are not solved, the consumers whose privacy concerns


9/111

4 Kaapu & Tiainen

been addressed may delay their purchases or even orgo them, and some concerned cmight pre er traditional ways o purchasing (Prabhaker 2000).

o deal with these concerns, privacy enhancing technologies (PE s) have been devso tware programs, hardware devices and even publications, which help users to regaivacy lost on the Internet (Camp and Osorio 2003). Legal instruments or increased secubeen ormulated as well: or example, the European Union (EU) requires all its memblegislate to ensure that their citizens have a right to privacy (Directive 95/46/EC).

On a practical level, e-vendors work to increase online purchasing. Research in intion systems (IS) and consumer studies aims to increase understanding about e-commconsumers online behaviour (see e.g., Cassidy and Chae 2006; Hui et al. 2007; Malho2004). Our paper belongs to the same research area, although we ocus solely on inprivacy. According to the traditional de nition, in ormation privacy is the ability o viduals to control in ormation about themselves (Westin 1967). Instead o concentratiditional and direct marketing, as done in several ormer studies (e.g., Smith et al. 1996and Segars 2002), we seek to understand how consumers view in ormation privacy into-consumer (B2C) e-commerce. In doing so we aim to present and discuss the subject mthat business and legislative authorities can adequately respond to and address these coneeds and ears. Tis is necessary to allow maximizing the potential o e-commerce.

Teory testing with surveys is a commonly used research method in studying Internvacy. A typical study asks about in ormants attitudes towards speci c privacy statem

xed scale (e.g., Cassidy and Chae 2006; Malhotra et al. 2004). In theory testing studresearcherbased on the theory under testingde nes how in ormation privacy is coized. However, it is important to take a step back and investigate how consumers undprivacy in everyday practice.

o ll this gap in the literature, we decided to use a qualitative research approach oa richer picture o consumers views. Instead o seeking the dominant view or an av we ocus on the di erences in views. We decided to concentrate on the variation o cinterpretations as consumers are not a homogenous group. In most consumer studies, cers are divided to groups based on their demographical variables, income or attitudescategorized consumers based on their attitudes towards privacy; to categories o privamentalists (who eel that they have lost their privacy), privacy pragmatists (who propersonal in ormation), and privacy unconcerned (who have no real concerns about ( aylor 2003).

Our aim is to ocus on all types o consumers views on in ormation privacy wiegorizing consumers be orehand. First, we seek what earlier studies say on consumpretations o in ormation privacy. In doing this, we brie y describe the concept o discussed in the previous literature. Ten, we describe the research methods used in ouas we look or alternative views, we use phenomenography and consumer interviewsmethodological part, we o er the results in a orm o categorization o consumers von the analysis o the interview material. Te results show that consumers interpretain ormation privacy is situated; it varies between amiliar, trusted cases and unknownceived as suspicious. Finally, we present the discussion and conclusion.


10/111

Consumers Views on Privacy in E-Commerce 5

Research background2

In this section, we describe the scope o Internet privacy studies or locating our stuappropriate scienti c eld. Privacy is characterized according to the traditional de niticlaim o individuals, groups, or institutions to determine or themselves when, how, an

extent in ormation about them is communicated to others (Westin 1967, (pp. 6-7). Ino privacy occur when individuals cannot maintain an adequate degree o control opersonal in ormation and its use (Chung 2003). We ollow the generally accepted viewmation privacy by seeing it as the ability o individuals to control in ormation about t(e.g., Cheung and Lee 2006; Grae and Harmon 2002; Udo 2001).

Online in ormation privacy has been studied in the disciplines o law and publicmarketing, organisational behaviour, and IS (Malhotra et al. 2004). One way to see prto understand it as a legal concept (e.g., Curran and Richards 2004). Although the conprivacy itsel may sound straight orward, the regulatory laws vary between cultures (

al. 1995). Developed societies have made di erent assumptions about privacy in theirregulatory approaches. Te societies can be roughly sorted into two categories: First, t who view privacy as a human right, as is the case in the EU (Bygrave 1998), or exammeasures that address all the data collection and use within society are being introducond, to societies which view privacy as a matter or contractual negotiation, such as thStates and Japan, or example, where the laws are speci c to various sectors (e.g., me(Smith 2004).

Tere exist contradictory views on privacy and bene ts or consumers, or example collection o personal in ormation. It can be seen as a positive matter, since personalices cannot be created without personal in ormation. However, consumers hopes in are paradoxical: easy, personalized services are in demand but collecting personal inis resisted (Awad and Krishnan 2006). While the reedom o movement o in ormatbene ts to the general public have been emphasized (e.g., Bergkamp 2002; Rubin and2002), the somewhat opposite view sees personal in ormation registers as unreliableaim o the laws has been to limit their use. Tus, the latter view ocuses on threats such widespread pro ling when handling personal in ormation (e.g., Grae and Harmon 2et al. 2005) and consumers continuous on-line monitoring (e.g., Kruck et al. 2002; Mand Rogerson 2004; Smith 2004).

Consumers lack o trust constitutes a major psychological barrier to the adoptio

commerce (Cheung and Lee 2006). Consumers privacy concerns have been studied wretically based surveys, with varying results (e.g., Udo 2001; Malhotra et al. 2004). Forconsumers privacy concerns are stated to be related to the ollowing aspects o dataand use (Smith et al. 1996; Stewart and Segars 2002): 1) unauthorized collection, 2related to the integrity o databases, 3) unauthorized secondary use, and 4) improper personal data. Some studies present concerns in a more concrete way, as listed in the (e.g., Cassidy and Chae 2006; Chung 2003):


11/111

6 Kaapu & Tiainen

Visits to websites might be secretly tracked.1.E-mail addresses and other personal in ormation could be taken and used witho2.mission or marketing or other purposes.Personal in ormation could be sold without permission to third parties.3.

Credit card in ormation could be stolen.4.One o the other types o categorizations is presented by Paine et al. (2007), which sthe consumers main concerns about online privacy are viruses, spam, spyware and Malhotra et al. (2004) conceptualize Internet users in ormation privacy concerns as

Te degree to which an Internet user is concerned about online marketers collectionpersonal in ormation, the users control over the collected in ormation, and the uawareness o how the collected in ormation is used (Malhotra et al, p. 338).

Tey also developed a causal model to describe how concerns in uence a consumers de

release or not release personally identi able data.E-vendors can do a lot or mitigating the consumers ears related to privacy. Inon how companies maintain and use personal in ormation increases consumers trust (2005). Te presence o a vendors online privacy policy decreases consumers privacy(Hui et al. 2007; Jensen et al. 2005; Pan and Zinkhan 2006). At least in some cases, cotrust e-vendors (e.g., Ge en et al. 2003) and are not a raid o privacy problems with tas e-vendors selling personal in ormation to third parties (Cheung and Lee 2006).

Te above studies present at least partly contradictory ndings, which makes consviews on in ormation privacy an important issue to study urther. Consumers behavioally studied in a conventional direct marketing environment (Phelps et al. 2000). Teseies are most o ten based on demographical actors, and the di erences that are oun(Grae and Harmon 2002):

Gender di erences: men are less concerned about privacy issues than women, ahave more aith in purchasing on the Internet;Class di erences: the consumers with high incomes want to know more abouin ormation a ter collection than other consumers; Age di erences: older people are less likely to believe that their in ormation msold to others or marketing purposes.

Furthermore, the global nature o e-commerce makes privacy issues even more complethe perceptions o privacy and air in ormation practices depend on government regulvary across cultures (Bellman et al. 2004; Milberg et al. 1995).

In ormation privacy is ocused in di erent areas, such as consumers behaviour (1 or a summary). Although some studies (e.g., Jensen et al. 2005; Paine et al. 2007a deeper understanding o consumers thought-models, almost all studies have used testing research approach with surveys or laboratory tests. Te only exception we couldthe study by Hui et al. (2007), in which eld observations were made in a local rm oprivacy statements. Our study belongs to the same empirically based approach amongtive studies, ocusing on the consumers own interpretations o in ormation privacy.


12/111


proach, rather than building our research on some earlier studies with their underlying tions, we must be as open minded as possible to reach the consumers own thought-modaim is to nd out what these consumers exactly mean when they discuss in ormation

However, the concept o in ormation privacy may signi y di erent issues or codi erent people. Tis paper aims to clari y this with the help o a categorization o coviews o in ormation privacy in e-commerce. Te study has both theoretical and practtributions. On the theoretical side, we discuss the consequences o our empirical resultthe existing literature. On the practical side, we give important guidelines in order to unconsumers concerns about privacy in the online environment.

Areas o in ormation privacy studies Example re erences 1. De ning privacy Westin 19672. Legal issues about privacy Bygrave 1998

Cassidy and Chae 20063. echnology or privacy (Privacy Enhancing echnologies) Camp and Osorio 20034. Vendors actions to increase privacy McRobb and Rogerson 2004

Prabhaker 20005. Consumers actions in relations to privacy, which is

studied based on:- Consumers demographic actors- Consumers attitudes, values

and behavior

Awad and Krishnan 2006Grae and Harmon 2002

aylor 2003

6. Consumers privacy concerns:- Personal in ormation: collection, unauthorized

secondary use, improper access, errors, stealing- On-line monitoring- Viruses, spam, spyware and hackers

Chung 2003Malhotra et al. 2004Paine et al. 2007Stewart and Segars 2002

able 1: Focal areas o in ormation privacy studies

Methodology3

Our aim is to understand how consumers see privacy and to describe the di erences views in e-commerce. For studying peoples own interpretations o a concept (in ormvacy in this case) a qualitative method which ocuses on peoples narration is needviduals views are socially constructed; however, the individuals own background, their education and experience, can also have e ect on their views. Methods such as analysis, grounded theory (G ), and phenomenography can thus be considered. In chooresearch method, we discarded discourse analysis, since it has its ocus on social interaas shared (communal) views and argumentations (Alvesson and Karreman 2000).

A decision between G and phenomenography was made based on their di eren

aims. Although they both itemize individuals talk to its elements, the target o that


13/111

8 Kaapu & Tiainen

is di erent. G re-ties the elements together or a whole picture o the phenomenostudy (Glaser and Strauss 1973), whereas phenomenography aims or reaching all thtive views or the structures o individual thought-models (Marton and Booth 1997). Athought-models are richer and more versatile than others, the result orms a hierarchiture. Phenomenography is about individual meaning construction, which results in a ction re erring to conceiving and understanding something. Humans experience o tis constituted as an internal relation between the experiencing people and the world (1981). Conceptions are regarded as ground or action (Slj 1994).

Phenomenography was introduced by educational researchers (Marton 1982). It haused or educational studies also in the IS eld in clari ying computer science studentions o recursion (Booth 1992) and in nding out about moral con icts in the projecourse (Vartiainen 2007). Te method is also used or analysing IS pro essionals assabout the human being (e.g., Isomki 2002). Here we use the method or analysing Iviews. Our study ocuses on non-pro essional people whose knowledge o technolited; they might have erronous views about what is possible and what is not over the Regardless, in this study we do not evaluate the workability o their presented assumis enough that the in ormant believes in them, and that they thus may a ect his/her beTese concepts will be made explicit to allow IS pro essionals to understand them.

In phenomenography, empirical material is typically collected by interviewing a resmall number o relevant in ormants. Te main point when choosing these is to reach thpossible di erentiation in their views (Marton and Booth 1997), similar to theoretical in other qualitative methods (see e.g., Glauser and Strauss 1973). We maximize the dition in privacy conceptions with the help o two interview settings. Te rst one ocprivacy, and the views there were directly elicited rom the interviewees: they were as

scribe privacy in the Internet setting in their own words. When a question about a phenois asked directly, there is a chance that the in ormants repeat the dominant discourse othis can be regarded as the shared view by the society (Hynes et al. 2006). In this study was to reach all the alternative views: there ore, besides o direct asking, we also discuindirectly. Te second interview ocused on the use o electronic services; privacy wasto be an underlying assumption to emerge in the interviews.

Te interviewees were sought in several ways. One criterion in the selection was agein many studies that use young in ormants (e.g., Cheung and Lee 2006; Ge en et al. 2also sought older peoples views. Having them in our interview group increased the celiciting a larger variety o concepts: the older people seem to be the most passive in dation issues while well-educated, young, heavy Internet users are the most active groupand Joo 1999; Muttilainen 2006).

In the rst interview set, individuals known by the researchers were directly asked views. Also, the snowball method was used; the interviewees were asked to name otheinterviewees, especially those who might have (di erent) opinions on privacy. Te rst iset based on direct questions about in ormation privacy included twelve interviews.

For the second interview set, volunteers were ound by advertising on a local new website and in an e-commerce seminar. Volunteers needed to ll in an Internet orm intheir age, sex, and values. For identi ying the values, the volunteers rated each o the land speci ed the most and the least important values. Te list o values included: 1. s


14/111


belonging, 2. excitement, 3. warm relationship with others, 4. sel - ul llment, 5. beinspected, 6. un and enjoyment in li e, 7. security, 8. sel -respect, and 9. sense o acco(based on List o Values (LOV) by Kahle et al. 1986). In the selection o interviewee was to maximize the di erentiation in participants views. As the ormer studies hig

ormation privacy concerns, we decided to use two values that are related to sa ety (seexcitement). O the twenty volunteers who lled in the orm we selected ve securiand ve excitement-minded consumers. Teir interview ocused on the use o e-servic

We did not study the relationship between the interviewees background and the view, so the interviewees backgrounds are not signi cant or the analysis. However, wthat the variation among interviewees background might help in reaching the largest variation in views. A brie description o their backgrounds is shown in able 2. Tis the reader to better understand the empirical base o this study.

Te aim o phenomenographical study is to describe the di erentiation between indias regards the phenomenon under study. In collecting data, the interview situation a epeople say and how they say it; urthermore, due to bias caused by personal education background, researchers may ignore some ideas mentioned by the in ormants (Erikseo minimize this problem, we varied the interview situation: in the rst interview set tone interviewer, and in the second set there were two interviewers.

Interviewees Female Male otal Age Between 25 and 35 years 4 4 8Between 36 and 54 years 4 1 5Between 55 and 66 years 5 4 9otal 13 9 22

Occupational background Business and administration 4 4 8Health and social a airs 4 2 6eaching and education 3 1 4echnological sector 2 1 3

Agriculture - 1 1otal 13 9 22

able 2: Consumers interviewed

Otherwise, the interviewing progress was alike in both o the interview sets. Te indivterviews were open-ended, and only the topics were decided be orehand. Te interview

rom a general discussion about the interviewees backgrounds (as consumers in e-cand were ollowed by a discussion about the main issue (which concerned, in the privacy issues in e-commerce and, in the second set, e-services in the orm o e-journcommerce). Te duration o the interview situations varied rom thirty minutes up to twand thirty minutes. Te interviewers role was to ollow the interviewees ideas and exp

narration.


15/111

10 Kaapu & Tiainen

Te interviews were collected during spring and summer 2004 in Finland. Tey were scribed and their text then analysed. In phenomenographical studies, the analysis otwo components in the in ormants experiences o the phenomenon; the re erentianentwhich describes what the phenomenon means in everyday languageand the stcomponentwhich re ers to a deeper level o phenomenal meaning (Marton and BooTe

what aspect directs individuals thought to the object, which can be physical or men

nature. Tehow aspect re ers to the thought processes by which an object o thought is lin relation to its environment (Marton 1981). In phenomenography, the conceptions atentional with respect to the two intertwined aspects, which signi y the qualitative diamong conceptions. Te aspects render the relation that a conception constitutes betweindividual and the surrounding world as contextual (Marton and Booth 1997).

In our study, at rst the ocus in analysis was on the re erential component, i.e., oninterviewees meant with privacy on the level o everyday language. Tey described theprivacy and the problems related to keeping their privacy. Te interview texts were split itemseach o them included one aspect or a problem o privacy. Te items were catin order to obtain a single dimension o the categorization at time rst, thewhat aspect o thenal categorization. Te analysis continued by ocusing on the structural component oviews. Structure is reached by analysing the target o the re erential component. Incategorization, this is thehow aspect.

Result: Categoriza on of consumers views4

Our study deals with how consumers see in ormation privacy. Te results present di ereo understanding in two dimensions. Te rst dimension is the re erential componen

ocuses on the meaning o privacy in the interviewees everyday language ( able A-E;What ). Te second dimension is the structural component which ocuses on the o

What

How

A. Use and misuse o customer

in ormation

B. Monitoring consumers

C. Treat o spam

D. Danger o hackers and

viruses

E. Risk with payment

1. Product ande-vendor 1A 1B 1C 1D 1E

2. echnology 2A 2B 2C 2D 2E3. Societal

norms3A 3B 3C 3D 3E

4. Consumerhim/hersel

4A 4B 4C 4D 4E

5. Fellow men 5A 5B 5C 5D 5E

able 3: Summary o the categorization o consumers in ormation privacy conceptioe-commerce


16/111


thought when the interviewees talk about privacy ( able 3 rows 1-5;How ). By the two dimen-sions we identi y a total o 25 di erent privacy conceptions. able 4 includes one exeach conception to illustrate the content.

Te re erential component (thewhat aspect) o in ormation privacy consists o ve objeUse and misuse o customer in ormationincludes consumers personal in ormation and how is used, especially concerning its misuse. Te second object,

monitoring consumers,re ers to

monitoring consumers actions when they are using e-commerce systems.Treat o spamre ersto e-mails that a consumer interprets as spam as a part o privacy demands.Danger o hackers and viruses relates to hackers (who spread viruses) as a actor to intrude privacy.Risk with payment re ers to issues related to making payments on the Internet that can create problems oTe other dimension, structural components (rows in able 3, or thehow aspect) shows di er-ent orms o thought and stress the structural aspect o the conceptions. It includes When a consumer gives personal in ormation in order to purchase a product in a certaithe ocus is on products and maybe also on the e-vendor. Furthermore, there are systechnology) to deliver the product to the right person. It may be regarded as sa er to orthe home country than rom abroad (societal norms), the consumer may make an erro writing the order (consumer him/hersel ), and there may be a amily member watchinher shoulder ( ellow men).

Referen al objects of informa on privacy4.1

Te re erential objects ( able 3: columns) are presented in the order o which they wersized by the interviewees as a group, taking into account how much they discussed eac

All (22) interviewees talked about use and misuse o customer in ormation. 20 interviewees talked about monitoring consumers.15 interviewees talked about threat o spam.14 interviewees talked about danger o hackers and viruses.9 interviewees talked about risk with payment.

When the interviewees described in ormation privacy, in most o the cases they conto possible problems. Four categories o the re erential components ocus on proband just one on both use and misuse. Te result o our study does not state anything ab

requency o speci c views among the whole population; however, all the ve re ereexist in peoples thinking about privacy.

Object A: Use and misuse of customer information.In the interviews, the consumers mostly discuss their personal in ormation as customer in ormation. Tis is in ormation whicdors collect by asking it rom consumers. Some o the interviewees use the concept in ormation, others underline their own viewpoint by talking about my in ormatione-vendor has or knows. In general, the interviewees are reluctant to give their in oand they are a raid o misuse o their personal in ormation but only i they do noe-vendor be orehand. Nevertheless, the consumers interviewed also understand the b


17/111

12 Kaapu & Tiainen

Use and misuse

o customer in orma-

tion

Conception Content illustrated with anexample rom the interviews

1A (product) Te consumer gives personal details, e.g., when:- he/she is amiliar with the product.

2A (technology) - the system o registration is easy to use.3A (soc norms) - he/she eels that laws ensure security.4A (consumer) - he/she can give as little in ormation as possible.5A ( ellow men) - his/her son helps to log in to e-vendors pages.

Monitoring consumers

1B (product)Te consumer eels that the use o e-commerce and personal in ormation are monitored when:- he/she is interested in products such as explosives.

2B (technology) - he/she thinks that the e-vendor gets logs o web visits withouconsumers knowledge.3B (soc norms) - a certain intelligence service may be monitoring.4B (consumer) - he/she is not able to see the statistics o visits.5B ( ellow men) - a amily member is watching over the shoulder.

Treat o spam

1C (product)Te consumer receives mail that disturbs and invades personal privacy when:- he/she participates in the e-vendors lotteries.

2C (technology) - the system in his/her computer does not work properly.3C (soc norms) - he/she uses oreign e-services, or example, newspapers.4C (consumer) - until he/she started to use the lter program.5C ( ellow men) - until the son installed the lter program.

Danger o hackers and

viruses

1D (product) Te consumer believes that hackers use viruses to steal personal in ormation when:- the consumer uses some strange e-services.

2D (technology) - the computer is using a wireless connection.3D (soc norms) - the consumer uses oreign e-vendors.4D (consumer) - the consumer does not have a rewall.5D ( ellow men) - the son hasnt installed virus protection.

Risk with payment

1E (product)Te consumer is not a raid to use e-bank and give personal in ormation when:- he/she knows that the e-vendor is reliable.

2E (technology) - the payment system uses secure actions.3E (soc norms) - the payment transaction is conducted within ones owncountry.4E (consumer) - he/she is amiliar with the secure transactions.5E ( ellow men) - he/she asks advice rom a net community.

able 4: Te contents o the conceptions illustrated with interview examples

getting personalized o ers rom e-vendors. One problem is that giving in ormation i

cated (Conception 2A):


18/111


But it (the registration) must not be made too difcult or complicated. Tere are somany registration orms; ll in this eld, this one, that one, so I wont do it. I think, it. Anyway, I cant stand writing my whole biography to some registration ( orms).

Object B: Monitoring consumers.Te interviewees describe two kinds o monitoring. Teytell that some one may watch when they are using the computer. Tis is the same as tradmonitoring: the one who is monitored and the one who monitors are in the same physicaBesides o the traditional monitoring the interviewees are concerned i there exists virtoring which happens over the Internet. For example, the interviewees state that some ekeep an eye on consumer purchase behaviour or that the police monitors the Internet. monitoring means that the visits to websites are monitored secretly and in ormation aternet use is added to visitors personal in ormation. Te interviewees claim that it sho

undamental right (o Internet privacy) to visit web pages anonymously.Some o the interviewees are more a raid o monitoring than others. Te most care

say that monitoring occurs only on a small scale or that their personal in ormation isevant to strangers. Some interviewees admit that they do not know enough and theynot like giving their personal in ormation, because they do not actually know what hathe in ormation or what is possible to do over the Internet. One o the intervieweesexample where her own level o knowledge about technology a ects her concerns withmonitoring (Conception 2B):

Ive heard about user tracing. When I hadnt used the net or a very long time I gnoti cation saying you are running out o ink. Oh my god, I thought, did I run ouink so ast? Ten I realized that it was an advertisement. Im still wondering i they c

know whether I was running out o ink.

Object C: Treat of spam. All the interviewees agree that unwanted e-mail is annoying amost o them see a con ict between spam and privacy. However, they clearly di eretween spam and other uses o customer in ormation (object: use and misuse o customation); especially when the unsolicited mail or directed ads originate rom their own it seems acceptable. We use the word spam because the interviewees cite the term; ingarbage and junk were also used. Spam usually re ers to unwanted e-mails, whharm at least by lling, and occasionally choking (malicious attacks), ones mailbox.

difcult to determine whether an e-mail is wanted or not; or de ning that, the recipientpretation is needed. Besides o de ning what spam is, protection against it, and the coown actions are important, as seen in the next quotation (Conception 3C):

O course, one actor is that i lots o spam start coming. -- But I havent done anness with un amiliar vendors and I have indeed avoided oreign rms - any contathem.

Object D: Danger of hackers and viruses.Te concept o hacker is used here because theinterviewees use it. Tey usually add that hackers use viruses to get their personal in o


19/111

14 Kaapu & Tiainen

rom e-vendors. While the interviewees trust in their own e-vendors (in believing tdo not misuse consumers personal in ormation), the trust to the e-vendors ability toconsumers in ormation is rather low. Te interviewees blame the e-vendors o not takcare o their in ormation. Te next quotation rom among the interviews presents an (Conception 2D):

I someone gets my personal in ormation and can take money rom my bank acc... Te way anyone can get to ones les and nd whatever rom them. Ten someonindeed might empty my bank account my empty bank account.

In the interviews, the danger o hackers and viruses is mentioned o ten, but the intervnot speci y their views, not even when probed by the interviewer.

Object E: Risk with payment.Tis object re ers to how issues related to making payment othe Internet entail privacy problems: the interviewees are concerned that credit card incan be stolen or used somewhere without their permission. Only a ew o the interviewhaving used their credit cards on the web. Although most o them requently use Intering, they do not talk about it in a context o risk with payments; the bank is seen as antion that can be trusted it seems. E-shopping could be paid in two main ways accordininterviewees: with a credit card or in a post ofce when the consumer receives the produinterviewees said that now it is also possible to pay e-shopping directly via an Internet

Te interview quoted below shows that even though some o the consumers intervmay eel a raid using their credit cards, they have nevertheless used them because o perceived (Conception 1E):

When you use some trustworthy and large vendors you get (the ordered product) i week or so Ten you will get the right product at the right time, and the bill comesthe same time (with the product). When you pay with a Visa (credit card) it is chanc wouldnt otherwise use it (Visa credit card), but you have to use it ( or paying) abrTe products are cheaper there.

Structural components of informa on privacy4.2

Besides the above mentioned re erential objects, the categorization includes a second dthe structural components o in ormation privacy. Te components show di erent mthought and stress the structural aspect o the conceptions.

Component 1: Product and e-vendor. When privacy is understood as related to the component o the product and the e-vendor, all interviewees express very similar opinions. that it is easier to order and give in ormation i you know exactly what you are gettingthe e-vendor is. First, the interviewees underline that they trust well-known e-vendomentioned many amiliar Finnish brands such as Veikkaus (a betting company, alsoonline) and NetAnttila (an e-shop or clothes and household goods) as places wheret


20/111


to give their personal in ormation. Te main principle seemed to be: you can only truscompanies on the web, not all.

Besides the amiliarity o the e-vendor, the amiliarity o the product also matterest to buy online i the product is amiliar and standard, as the ollowing interview illustrates (Conception 1E):

I I want to order a bottle o Scotch once a month then I could type it there as a ment to any international bank account. But i you do not know anything about tproduct

Component 2: echnology. In the second component, privacy is understood through techngy. Te interviewees re er to technology using words such as the system, their compucomputer, and e-vendors register. In addition, the e-vendors www-pages and theinance are understood as technology. Te interviewees usually claim that in ormation sas ar as privacy is concerned, re ers to the security o a bank account or the con da credit card number; they also mention rewalls or virus protection. However, the inees also mention many positive sides o e-commerce systems: or example, a systemi there are typing errors; it is easier to compare di erent products; the use o an e-csystem may be cheaper and aster. Te use o technology may also be worthwhile romsumers viewpoint (Conception 2A):

Computers are good, as they can check right away that you are doing the right thi With a person, mistakes may happen. A computer admits without scruples when sothing is not working. I there was a person, it would take time be ore getting a comthat something is wrong.

Component 3: Societal norms.Te interviewees describe that di erences in national laws anbehavioural norms a ect on their actions in e-commerce. Te third component is calledSocietal norms since it concentrates on others expected behaviour based on images o commerand technological expertise in certain countries. Te interviewees have very strong vsecurity in di erent countries and the opinions are similar among all interviewees. Tethat ordering rom abroad is not sa e; in other words, they would not give their persomation abroad. Te interviewees emphasize their perception that in ormation security iin Finland, and that it is easier to give personal in ormation to Finnish vendors than t(Conception 3D):

I have been interested in high quality artistic tools. And there (abroad) are plentythem (artistic tools) that are not available here (in Finland). Sometimes I have triedorder them. However, there is still this problem o privacy... Some hacker may steain ormation and I dont receive my packet at all.

Component 4: Consumer him/herself.Te interviewees can also understand the implicationso their own actions regarding privacy in e-commerce. Te interviewees describe probl

how their own behaviour can provide solutions. Te problems mentioned in this respe


21/111

16 Kaapu & Tiainen

connected to the use o e-services, or example, to the difculties o changing ones sonal in ormation or remembering user names and passwords. Te interviewees policOne solution is to avoid giving any in ormation to the e-vendor, thus re using to deacommercethe reason stated can be: it is not sa e. Another solution is to avoid givown personal in ormation, using a ake personality instead, such as Donald Duck. Tsolution is to use the power o a community, which is easier via the Internet, as explain

ollowing quotation (Conception 4E):Ive o ten noted that it (virtual community) is a very good deterrence. I a ter buyingo somewhere (to a virtual community) and you ask whether this should be really soso Usually when the rm nds out that somebody has been making inquiries abtheir products, the service can improve suddenly.

Component 5: Fellow men.Besides o the interviewees own actions there are other peo whose actions a ect the interviewees privacy situation. Focusing on the whole intervieation the interviewees also described what problems other people could cause to themcategory o Fellow men, the people are known by name and they belong to the same coas the interviewee. Tey can be amily members, work colleagues, or riends also rocommunity. Tese known persons can help in the use o e-commerce, but they can alsharm, as in the next interview quoted, in which the interviewee discusses monitoringinjures privacy (Conception 5B):

When I am using the computer, there can be so-called distractions. I nd them distuing. (-) Sometimes my husband is trying to peek at what I am doing.

Discussion5

Our study dealt with how consumers view in ormation privacy. Te result is a categor which reveals consumers anxiety in the re erential objects o privacy (use and mistomer in ormation, monitoring consumers, threat o spam, danger o hackers and vi with payment). When we discussed privacy with the interviewees, they pointed our sevand threats. In the categorization, only one object, use and misuse o customer in o

contains both positive and negative sides o privacy; all other objects o privacy are rrather negative. Besides o the objects, we also identi ed the structural components oabout privacy. Tese were: product and e-vendor, technology, societal norms, consumehersel , and ellow men.

As we described earlier, there are contradictory views about consumers ears o inprivacy. While several studies (Cassidy and Chae 2006; Chung 2003; Liu et al. 200that consumers are worried o their personal in ormation use in e-commerce, Cheung(2006) state that consumers are not a raid o invasions o privacy. Our study explains

or the contradictory ndings. Cheung and Lee studied the ears o privacy concerns


22/111


text o e-commerce with known e-vendors. Te consumers were asked to evaluate the statements (Cheung and Lee 2006):

Internet vendors will sell my personal in ormation to third parties without my p1.sion,Internet vendors are concerned about consumers privacy,2.Internet vendors will not divulge consumers personal data to other parties.3.

Cheung and Lee (2006) ound that consumers trust the e-vendor with who they makmerce and have no ear o the e-vendor misusing their personal in ormation. Our stuthat only ew consumers ear invasion o privacy caused directly by their own vendorless, this does not mean that consumers do not have any concerns. Instead, the interviewa raid o anonymous surveillance, spam (other than that related to their vendors) andusing viruses which might be the context o other in ormation privacy studies.

Already be ore our study, we knew that consumers privacy behaviour varies. Westi

ed three types o people in this respect: privacy undamentalists, unconcerned and pr( aylor 2003). Westins segmentation is a use ul conceptual ramework when thinkihow an e-service might be used; however, it does not work when the ocus is a consumo view. Te consumers interviewed about privacy do not demonstrate a single attitude;they act di erently in di erent situations and contexts.

Our study indicates that Internet privacy is not a stable and homogenous concept tsumers. While in one case the interviewee described hersel as being care ul about wmation she gave to an e-vendor, in another case she was not that concerned about in oprivacy. She was not concerned when she acted with her own bank and e-supplier, sincused their e-services several times. She seemed to eel sa e in amiliar situations, bsituation with an unknown vendor she is care ul and does not provide whatever in oo get a good idea o the consumers privacy views, the in ormant needs to be asked

both amiliar situations, such as e-banking and e-actions with a long-standing vendor,situations in which the vendor is unknown as in casual Internet purchasing activities. studies (e.g., Cheung and Lee 2006) this di erentiation was not used.

Furthermore, the chosen method (phenomenography) ocuses on the second-order ptive, which means that we described consumers views on privacy in e-commerce as pea certain group o people. Tis kind o approach helps to understand the variety o cono privacy. When the nature o the concerns is understood, it o ers building blocks

research. For example, the researchers have to take situationality into account also in thin ormation privacy.In phenomenography the world is described the way in ormants see it. Te validity

study is based on that some in ormants (or at least one in ormant) see the phenomendescribed conceptions. However, some o the conceptions can be totally unrealistic anthe current scienti c knowledge about the phenomenon. For example, one o the intequoted previously was wondering whether somebody, through the Internet, could knothe ink was running short in her printer. Te example illustrates how consumers unju

ears might a ect their judgement. Tus, unrealistic statements orming part o (some)


23/111

18 Kaapu & Tiainen

ers views on the phenomenon, need to be analysed as well in order to understand the vconsumers thought-models.

Our experiences indicate that the method o phenomenography is rich and rewardiat the same time, that the method requires time and hard work. Since there are no ormgathering and analysis methods ( or example as compared to grounded theory) and asearch is conducted phase by phase, phenomenography demands good organizing skthe researcher.

Phenomenography is a qualitative method, and is there ore prone to the same polimitations as other qualitative studies. One o these limitations is the impossibility mining when the number o in ormants is sufciently large. About twenty in ormantto be a large enough group or a theoretical saturation (e.g., Alexandersson 1994). Winterviewees which seem to be enough, since the same objects and views were repeatelast in ormants did not contribute new elements to the categorization.

For e-vendors, the results o this study show that it is crucially important to undonline consumers concerns about privacy in order to maximize the potential o e-coUnderstanding how consumers view privacy issues provides a means to understand people would be open to marketing e orts which require in ormation sharing and inexchange. In addition, the results help to understand what sa eguards and other actiobe in place to ensure that consumers are willing to give their in ormation and use e-cosystems. Te interviewees regard e-vendors as benevolent but not sufciently competent ing care o in ormation privacy. For taking better care about privacy and making the cvisible to their customers the e-vendors should:

describe how consumers personal in ormation is taken care o and used,give consumers more advice on giving and handling personal in ormation sa estate i some third party is allowed to use their personal in ormation or mpurposes,take good care o their own brands, reputation and usability,enable their customers to check, correct and delete their own personal in ormandbe worthy o trust.

Conclusion6

Te aim o this study is to describe the di erences in how consumers view privacy inmerce. In privacy issues we need more understanding rom a consumer viewpoint (CaChae 2006; Dinev et al. 2006; Malhotra et al. 2004). Te result o our study is a categoo consumers views on in ormation privacy. It includes di erent layers o underst

ocusing on re erential objects and structural components o in ormation privacy.


24/111


Besides o the categorization itsel , an important nding is that consumers views (and privacy concerns) are situated; it depends on the context. A amiliar situatione. with a known e-vendoris regarded as sa e, whereas a new, unknown situation is seenand risky. New experiences (e.g., using a new web site several times) and new in orm

rom media) a ect the consumers behaviour. Te view o privacy should thus not be as stable, but as constantly under social construction.

Acknowledgment7

Te authors would like to grate ully acknowledge the help ul comments on earlier vethis paper rom the Associate Editor, Pro essor Bjrn Erik Munkvold, the three anoreviewers, Dr Hannakaisa Isomki, Pro essor Pertti Jrvinen, Dr Minna-Kristiina Pa

ero Vartiainen, and the members o Dr Viveca Asproths working group in IRIS28

Kristiansand, Norway. We thank Steve Legrand or making our English more readable

References8

Alexandersson, M., Metod och medvetande, (Method and Awareness, in Swedish),Acta Universita-tis Gothoburgensis, Gteborg, 1994.

Alvesson M., and Karreman, D., Varieties o discourse: On the study o organizationdiscourse analysis,Human Relation,(53:9), 2000, pp. 1125-1149.

Awad, N. F. and Krishnan, M. S., Te Personalization Privacy Paradox: An Empirical Etion o In ormation ransparency and the Willingness to be Pro led Online or Pertion, MIS Quarterly,(30:1), 2006, pp. 13-28.

Bellman, S., Johnson, E. J., Kobrin, S. J., and Lohse, G. L., International di erences mation privacy concerns: a global survey o consumers,Te In ormation Society,(20), 2004,pp. 313-324.

Bergkamp, L., EU data protection policy. Te privacy allacy: adverse e ects o Europrotection policy in an in ormation-driven economy,Computer Law & Security Report, (18:1), 2002, pp. 31-47.

Booth, S. A.,Learning to program: A phenomenographic perspective , Acta Universitatis Gothobur-gensis, Gteborg, 1992.Bygrave, L. A. Data Protection Pursuant to the Right to Privacy in Human Rights r

International Journal o Law and In ormation echnology,(6), 1998, pp. 247-284Camp, L. J., and Osorio, C.,Privacy Enhancing echnologies or Internet Commerce,rust in the

Network Economy, Springer-Verlag, Berlin, Germany, 2003.Cassidy, C. M., and Chae, B., Consumer In ormation Use and Misuse in Electronic B

An Alternative to Privacy Regulation,In ormation Systems Management,Summer 2006,pp. 75-87.


25/111

20 Kaapu & Tiainen

Cheung, C. M. K., and Lee, M. K. O., Understanding Consumer rust in Internet Sho A Multidisciplinary Approach, Journal o the American Society or In ormation Science and

echnology,(57:4), 2006, pp. 479-492.Choughury, V. and Karahanna, E., Te Relative Advantage o Electronic Channels: A M

mensional View, MIS Quarterly (32:1), 2008, pp. 179-200.Chung, W., A Snoop at Privacy Issues on the Internet in New Zealand,

Business Review , Uni-

versity o Auckland, (4:3), 2003, pp. 2-15.Curran, C. M., and Richards, J. I., Misplaced Marketing. Public Privacy and Politics Journal

o Consumer Marketing , (21:1), 2004, pp. 7-9.Dinev, ., Bellotto, M., Hart, P., Russo, V., Serra, I., and Colautti, C., Privacy calculus

in e-commerce a study o Italy and the United States,European Journal o In ormationSystems,(15), 2006, pp. 389-402.

Directive (95/46/EC) o the European Parliament and o the Council o 24 October the protection o individuals with regard to the processing o personal data and onmovement o such data.

Eriksen, . H.,Small Places, Big Issues. An Introduction to Social and Cultural Anthropology,PlutoPress, London, UK, 2001.Ge en, D., Karahanna, E., and Straub, D. W., rust and AM in Online Shopping: a

grated Model, Management In ormation Systems Quarterly , (27:1), 2003, pp. 51-90.Glaser, B. G., and Strauss, A.,Te Discovery o Grounded Teory, Strategies or Qualitative Re-

search, Aldine publishing company, Chicago, 1973.Grable, J. E. and Joo, S., Factors related to risk tolerance: a urther examination,Consumer

Interests Annual,(45), 1999, pp. 53-58.Grae , . R., and Harmon, S., Collecting and using personal data: consumers aware

concerns, Journal o Consumer Marketing,(19:4), 2002, pp. 302-318.Hui, K.-L., eo, H. H., and Lee, S.-Y. ., Te Value o Privacy Assurance: An ExploratoExperiment, MIS Quarterly (31:1), 2007, pp. 19-33.

Hynes, D., iainen, ., Koivunen, E.-R., and Paakki, M.-K., Articulating IC Use Nain Everyday Li e, In EM rauth (Ed.),Encyclopedia o Gender and In ormation echnology .Idea Group Re erence, London, UK. 2006, pp. 37-43.

Isomki, H.,Te Prevailing Conceptions o the Human Being in In ormation Systems DevelopmenSystems Designers Re ection,Department o computer and in ormation sciences, Univero ampere, ampere, 2002.

Jensen, C., Potts, C., and Jensen, C., Privacy practices o Internet users: Sel -repoobserved behavior,International Journal o Human-Computer Studies (63), 2005, pp. 203-227.

Kahle, L. R., Beatty, S. E., and Homer, P, Alternative Measurement Approaches to CoValues: Te List o Values (LOV) and Values and Li e Style (VALS), Journal o Consumer Research,(13), 1986, pp. 405-409.

Kruck, S. E., Gottovi, D., Moghadami, F., Broom, R., and Forcht, K. A. Protecting pprivacy on the Internet,In ormation Management & Computer Security,(10:2), 2002, pp.77-84.


26/111


Liu, C., Marchewka, J. ., Lu, J., and Yu, C-S., Beyond concerna privacy-trust-beintention model o electronic commerce,In ormation and Management,(42), 2005, pp.289-304.

Malhotra, N. K., Kim, S. S., and Agarwal, J., Internet Users In ormation Privacy C(IUIPC): Te Construct, the Scale, and a Causal Model,In ormation Systems Research, (15:4), 2004, pp. 336-355.

Marton, F., Phenomenography describing conceptions o the world around us,Instructional science , (10), 1981, pp. 177-200.

Marton, F., owards phenomenography o learning, Integratial experiments aspects,University o Gothenburg Dept. Education, Gothenburg, 1982.

Marton, F., and Booth, S.,Learning and awareness.Mahwah, N.J.: Lawrence Erlbaum, 1997.McRobb, S., and Rogerson, S., Are they really listening? An investigation into publish

privacy policies at the beginning o the third millennium,In ormation echnology & People, (17:4), 2004, pp. 442-461.

Milberg, S. J., Burke, S. J., Smith, H. J., and Kallman, E. A., Values, personal in oprivacy concerns, and regulatory approaches,Comm. ACM , (38:12), 1995, pp. 65-74.Muttilainen, V., Suomalaiset ja henkiltietojen suoja. Kyselytutkimusten ja viranomtojen tietoja 1990-luvulta ja 2000-luvun alusta, (Finnish people and security o pin ormation. Surveys and statistics o state authority 1990s and in the beginning in Finnish), Oikeuspoliittisen tutkimuslaitoksen julkaisuja, (218), Oikeuspoliittinenkimuslaitos, Helsinki, 2006.

Paine, C., Reips, U.-D., Stieger, S., Joinson, A., and Buchanan, ., Internet users pero privacy concerns and privacy actions,International Journal o Human-Computer Stud-ies , (65), 2007, pp. 526-536.

Pan, Y. and Zinkhan, G. M., Exploring the impact o online privacy disclosures on ctrust, Journal o Retailing Volume (82:4), 2006, pp. 331-338.Phelps, J., Nowak, G., and Ferrell, E. Privacy Concerns and Consumer Willingness to

Personal In ormation, Journal o Public Policy Marketing,(19:1), 2000, pp. 27-41.Prabhaker, P. R., Who owns the online consumer?, Journal o Consumer Marketing,(17:2),

2000, pp. 158-171.Rubin, P. H., and Lenard, . M.,Privacy and the commercial use o personal in ormation,Boston:

Te Progress & Freedom Foundation / Kluwer Academic Publishers, 2002.Smith, H. J., In ormation Privacy and Its Management, MIS Quarterly Executive,(3:4), 2004,

pp. 291-313.Smith, H. J., Milberg, S. J., and Burke, S. J., In ormation privacy: Measuring individu

cerns about organizational practices, MIS Quarterly,(20:2), 1996, pp. 167-196.Stewart, K. A., and Segars, A. H., An empirical examination o the concern or in

privacy instrument,In ormation Systems Research,(13:1), 2002, pp. 36-49.Slj, R., Minding action. Conceiving the world versus participating in cultural pra

Nordisk Pedagogik , (14), 1994, pp. 71-80.aylor, H., Most people are privacy pragmatists who, while concerned about priv

sometimes trade it o or other bene ts,Te Harris Poll,(17), 2003, March 19.Udo, G. J., Privacy and security concerns as major barriers or e-commerce: a surve

In ormation Management & Computer Security,(9:4), 2001, pp. 165-174.


27/111

22 Kaapu & Tiainen

Vartiainen, ., Moral Con icts in eaching Project Work: A Job Burdened by RStrains,Communications o the Association or In ormation Systems,(20, article 43), 2007.

Verhagen, ., Meents, S., and an, Y.-H., Perceived risk and trust associated with ping at electronic marketplaces,European Journal o In ormation Systems (15), 2006, pp.542555.

Westin, A. F.,Privacy and Freedom, Atheneum, New York, 1967.


28/111


A Special Issue EditorialDistributed PD: Challenges and opportuni es

Karin Danielsson bergUme University, Sweden kdson@informa k.umu.se

Dorina Gumme ec ve WEBWORK GmbH, Germany gumm@e ec ve-webwork.de

Amir M NaghshShe eld Hallam University, UK [email protected]

Participatory design (PD) has been one o the important contributions o Scandinasearchers to in ormation systems (Floyd et al. 1989). For a considerable amount o importance and use ulness o the approach has been illustrated during the design osystems or work. Te Scandinavian Journal o In ormation Systems (SJIS) serves as tant contribution to the history and development o the approach. Already in its rst published in 1989, PD research was represented. Te PD approach ocuses on the collabbetween designers and users, supporting direct involvement o users in the design pro while allowing designers to participate in the users world (c ., Kyng 1998).

Globalisation and organisational networksand the implicit distribution coming

with thisincreasingly determine so tware development (Audy et al. 2004). Te distribcollaboration in design and development processes has become a key challenge or cially when one considers participation that was originally developed with a ocus on design activities. Tis view o activity was developed to allow users and designers to c

ace-to- ace, building on their mutual learning through the design process. Howevevolvement o a large number o users and other stakeholders who may be distributed aspace and organisational structures, has challenged developed PD research and activit

Distributed design teams are by no means a new aspect in participatory design. Ao research work reports on projects that ace some kind o distributedness (e.g., Div2000; Irestig et al. 2002, Bdker et al. 2004). Moreover, support o such distributed p


29/111

24 A Special Issue Editorial

in terms o an e ective acilitation o communication and knowledge sharing in distrtings, has become one o the main considerations in the eld o computer supported co work (CSCW). Although PD does not necessarily argue or, or include, computers insupport group work during design (Bannon 1993), the two communities could beneeach other (Kensing and Blomberg 1998).

In addition other research domains like open source so tware development (OSSDcellini et al. 2008) or distributed so tware development (DSD) (Heeks et al. 2001; Daal. 2003; Coar 2004, Gumm 2006) explore the complexities and challenges related to uted people and groups. However, although this research has developed a considerabo knowledge, the understanding about distinct challenges o and solutions or pardesign in distributed environments is still evolving.

Tis SJIS special issue on distributed PD, has its origins in a series o events includ workshops conducted at NordiCHI 2006 and CHI 2008 and a panel discussion held a2008. Our intention or the workshops and the panel was to enable researchers with tinterest to meet and share experiences and knowledge. Several interesting articles romand practice were presented at these workshops, enabling creative and encouraging diamong participants.

Te call or papers or this special issue attracted 13 submissions and we are pleasethat a variety o European countries were represented by the submitting authors such aItaly, United Kingdom, Germany, Belgium, and the Scandinavian countries Sweden, Nand Finland. Tis illustrates the widespread and ongoing interest regarding Distributed Europe, but also a special attention among the Scandinavian countries. Trough three ro double-blind reviews, three papers were selected or publication in this special issuclude experiences gathered rom extensive distributed PD project research as well as

re ections about PDs relation to other research areas.Longitudinal case studies provide the possibility to re ect on changing project settithe evolution o distribution within a project. Te rst two papers o this special issue rvery di erent case projects in which a so tware system, initially developed or a partgroup, has been adapted to a growing range o use contexts. Such expansion require with the diversity o roles and cultures. In the rst article entitled Distributed develoenable user participation: Multilevel design in the HISP network, Ola Hodne itlestaStaring and Jrn Braa explore distributed participation within and across countries thlong term, globally targeted e ort o networked action research projects. Tey introdudiscuss the concepts o sca olding and boundary spanners as approaches to cope withgraphical and organisational distribution and diversity o roles.

Te development and expansion o the domain application also requires new approacope with requirements emerging rom di erent contexts o usage. In the second articIntercontextual distributed participatory design: Communicating design philosophy riching user experience, Hartmut Obendor , Monique Janneck and Matthias Finck rea project in which a so tware application has been developed or a growing amount otexts, ranging rom universities and schools across reelancer networks and other kinand organisations. Te authors introduce two new methods, intercontextual user workand commented case studies that support the participation o users and mutual undersacross di erent communities o practice.


30/111

A Special Issue Editorial 25

Finally, the challenges accompanied by distribution are not limited to Participatorybut arise whenever collaborative methods are applied. In the third and nal article o thissue, entitled Furthering distributed participative design: Unlocking the walled gardendia Loebbecke and Philip Powell analyse the similarities between participatory desigscience and action research. By thoroughly analysing 15 papers rom these research apthey demonstrate how they match in research contributions, roots and methodologicalines. Te authors argue that insight into some o the issues raised by participatory dedistributed contexts may arise i PD looks outside o its walled garden.

Given distributed participatory designs growing importance, the re ection o existicipatory methods, experiences with new methods and the connection to other imporsearch areas are required. Although signi cant progress has taken place in the area o dPD, much still needs to be done.

With this special issue we hope the knowledge and expertise among researchers antioners will reach urther than be ore; hope ully, this is the departure and not the endpride that we hand this special issue over to you and hope that you will enjoy the readmuch as we have preparing this valuable set o papers. At last but not the least, we would like to acknowledge the important work o our r

or this special issue: Andrea Herrman, Andrew Warr, Andy Dearden, Anna Croon Fgitta Bergvall-Kreborn, Brendon Clark, Charlotte Wiberg, Chris Roast, Christina MDaniela Damian, Erik Stolterman, Jonny Holmstrm, Jos Abdelnour-Nocera, MarcelMikael Wiberg, Monique Janneck, Peter Wright, Sari Kujala, Steve Sawyer, ony GorscVictor Kaptelinin. Tank you or your hard and quality work.

We would also like to take this opportunity to thank Andy Dearden and Andy Warhave been co-workers at the workshops, and the invited panellists at PDC 2008: Jeanette

erg, one Bratteteig, Jose Abdelnour-Nocera, and Gerhard Fischer. We would like to send our greatest gratitude to the participants o the two workshopout you there would not have been this special issue.

Finally, we would like to thank editor Matti Rossi or his support and work with thiissue.

References1

Audy, J., Evaristo, R. & Watson-Manheim, M. B., Distributed analysis: Te last rontiHICSS 04 , IEEE Computer Society , 2004, p. 10010.2.Barcellini, F., Dtienne, F., Burkhardt, J.M. Users and developers mediation in an Open

So tware Community: boundary spanning through cross participation in online sions,Int. J. Human-Computer Studies , 66, 2008 pp. 558570.

Bannon, L. CSCW: An initial exploration, inScandinavian Journal o In ormation Systems , 1993,Vol. 5, pp. 3-24.

Bdker, K., Pors, J. K. & Simonsen, J., Implementation o web-based in ormation sdistributed organizations, inScandinavian Journal o In ormation Systems , 2004, Vol 16,85116.


31/111

26 A Special Issue Editorial

Coar, K., Te sun never sets on distributed development,Distributed Development 1(9), 2004,pp. 3239.

Damian, D. E., Eberlein, A., Shaw, M. L. & Gaines, B. R., An exploratory study o in distributed requirements engineering,Requirements Engineering 8(1), 2003, 2341.

Divitini, M., Farshchian, B. A. & uikka, ., Internet-based groupware or user partiin product development,SIGCHI Bulletin32(1), 2000, pp. 3135.

Floyd, C., Mehl, W.M., Reisin, F.M., Schmidt, G. & Wol , G. , Out o Scandinavia: Ative approaches to so tware design and system development,Human-Computer Interaction4(4), 1989, pp. 253350.

Gumm, D.-C. (2006b), Distribution dimensions in so tware development projects: Amy, IEEE So tware. Special Issue on GSD, 2006, 23(5), 4551.

Heeks, R., Krishna, S., Nicholson, B. & Sahay, S., Synching or sinking: Global so twsourcing relationships,IEEE So tware - Global So tware Development 18(2), 2001, 5460.

Irestig, M. & impka, ., Dynamic interactive participatory design: a method or exparticipatory design to large system development projects, inProceedings Participatory De-sign Con erence , CPSR, 2002, pp. 317322.Kyng, M., Users and computers: A contextual approach to design o computer arteScandinavian Journal o In ormation Systems , 1998, Vol. 10, No. 1&2, pp. 7-44.


32/111


Distributed Development to Enable UserPar cipa on

Mul level design in the HISP network

Ola Hodne TitlestadDepartment of Informa cs, University of Oslo, Norway ola @i .uio.no

Knut StaringDepartment of Informa cs, University of Oslo, Norway knutst@i .uio.no

Jrn BraaDepartment of Informa cs, University of Oslo, Norway jbraa@i .uio.no

Abstract. Through the study of a long term, globally targeted e ort to design health in-forma on systems in the Global South, we explore challenges to distributed par cipa onwithin and across countries, and describe e orts at addressing these. Networked ac onresearch projects can enable pooling of resources, skills, best prac ces and tools, and cross-country collabora on does not have to preclude local ownership, as illustrated by the casematerial in this ar cle. We highlight speci cally the need for circula on of people, artefacts,and standards, to both support local prac ces and foster the capacity of all stakeholders totake ac ve part in the design and implementa on of informa on systems. The deep e ectsof global technological change call for a mul level approach bridging local implementa onswith global research and par cipatory design e orts and co-evolu on of standardised tools.

Key words: Distributed par cipatory design, boundary spanning, sca olding, innofusion,Global South


33/111


34/111

Distributed Development to Enable User Participation 29

technology (Bjerknes and Bratteteig 1995). Even so, the early PD projects had little imside singular research sites, and there ore also ailed to become sustainable. Summarexperiments, Engelstad and Gustavsen (1993) suggested that the action research comneeded to move beyond isolated e orts; ocus should be shi ted rom single organi work places [...] to networks (ibid., p. 219). Adding to this the globalisation a ordthen by the Internet makes it interesting to examine approaches to user involvement inin distributed networks (Obendor et al this issue).

Te Health In ormation Systems Programme (HISP) is a multinational research andopment network aiming at developing in ormation systems to strengthen local healthin the Global South. Explicitly rooted in the PD tradition (e.g., receiving the Art ul Int Award at the Participatory Design Con erence in 2006 or action research and desigcountry and community contexts), the project has increasingly imbibed lessons romtributed so tware development (DSD) literature. HISP was initiated in South A rica inresearchers rom local and Norwegian universities, and health activists rom the antistruggle. Te project was part o the new ANC governments Reconstruction and DevelProgram (ANC 1994a), and began as a participatory system design project in three ptricts, aimed at supporting newly de ned health districts (ANC 1994b). Te project hamajor elements: 1) de nition o an integrated essential data set, including data romrange o health programs and services, to be collected rom all health acilities, and ment o a so tware application called the District Health In ormation So tware (DHIage the data being collected and integrate with other data sources such as population cthe period 1999 - 2001, use o the DHIS application gradually spread, leading it to beofcial national system in South A rica (Braa and Hedberg 2002).

A ter the turn o the millennium, HISP activities spread to other countries in A

Asia. oday, HISP comprises a global network o universities, health authorities anrom around 15 countries in the Global South. Trough persistent e orts, the network inin design and development o the so tware also slowly expanded rom a two-man tea A rica to a global team distributed across 7-8 countries in A rica, Asia, and Scandinabution and coordination o activities within HISP have been enabled by an internationprogram with more than 25 students rom A rica and Asia and the establishment o Mgrams in health in ormatics in several countries ( anzania, Mozambique, Malawi, EthLanka) unded by the Norwegian government, where students conduct research within work and circulate between countries, enabling the sharing o experiences and best pr

Organisation o the article: Te next section reviews the literature on participatory in distributed contexts and related concepts, ollowed by a section outlining the methoSection our details the increasing distribution o design and development activities inproject. Tis is ollowed by a discussion where we draw on the case study to describeapproach to participation across boundaries. Te last section sums up our contributions.


35/111

30 Titlestad, Staring & Braa

Literature and background2

Tis section discusses the concept o participatory design in relation to recent trends in thtion o widely dispersed so tware development and deployment o standard in ormatin diverse settings. o analyze the role o participatory design in a globalized world, we

concepts around learning and innovation across boundaries with the help o standards

DPD, DSD and standards2.1

Tere has been a marked growth in standards based, generic in ormation systems, designed oruse throughout whole industry sectors, such as health care, or even across sectors, sucsystems (Pollock et al. 2007). Tus, there is a need or approaches to distributed systvelopment that both ensure coherence and can support diverse local settings, striking abetween global standards and local needs (Rolland and Monteiro 2002). o be able to global so tware systems, modularisation and generi cation strategies become paramthis is re ected in both organisational arrangements and so tware architecture (Starintlestad 2008).

Te diversity o distributed use settings should be distinguished analytically rom tribution o so tware developers. Te latter is explored in the literature on distributed development, which discusses challenges in terms o coordination and sharing o kbeyond those aced by collocated teams (Lings et al. 2006). Tis is particularly relevadevelopers are spread across cultures and time zones, as is common in o shore out(Sahay et al. 2003). O shoring arrangements are usually seen mostly as cost-saving m

but as pointed out by the Open Innovation literature (Chesbrough 2003; West and Gal2006), the preponderance o ingenuity in the world is distributed outside o any partiganisation, and one should seek to harness it. Tis would seem to be all the more the caspotential users are also widely dispersed.

1 Have Clear Distribution Rationale2 Clari y All Understandings3 Leverage Modularity 4 Use Cultural Mediation5 Facilitate Human Communication

6 Manage Processes7 Develop a Sense o eamness8 Encourage emporary Collocation9 Encompass Heterogeneity 10 Develop an E ective ool Base

able 1: en strategies or DSD, rom Lings et al. (2006)

Te distribution o developers geographically introduces problems o mutual unders which are very similar to issues that PD approaches seek to address, and Gumm (2006asks whether the concept o DPD embodies a contradiction in terms. Furthermore, wDSD has so ar been studied mostly in commercial settings, PD is o ten associated wior public sector e orts. In our view, this makes it even more pertinent to compare the twies o research. For example, it is interesting to note that the strategies suggested orDSD (see able 1) are quite similar to PD methods or bridging the gap between us


36/111


developers, or example items 2, 5, 8 and 9. In other words, DSD research provides malleviate many o the challenges increased distribution poses, which can help make DPSimilarly, Loebbecke and Powel (2009) analyse links to action research and design sci

PD in the Global South and learning2.2

Over time, the ocus o much PD research has shi ted in a more pragmatic directionbaum and Kyng 1991). A key PD principle is to bridge and blur the user-designer dis

rom both directions, through mutual learning processes. By this approach, users must engage with the arte act under design, and designers should build a thorough understathe li e-world(s) o the users, to have a more complete perspective o the system in usand Bratteteig 1995). E ective methods to achieve this usually rely on prototyping and

ace-to- ace interaction between users and designers, such as close observation o thetices o users, joint workshops, and scenarios (Kensing 2003). In the Global South, co

ised in ormation systems are still ew and ar between, and potential users in the healtor have no or extremely limited prior exposure to them. Tis amounts to a signi cant thhindering participation, and a visual, interactive prototype is essential to overcome suchand enable meaning ul reciprocal learning between designers and users (Kimaro and2005). Such prototypes become signi cant boundary objects shared between problemcontexts (Star 1989). In new product development, boundary objects help establish a bin rastructure used to manage knowledge across a given boundary (Carlile 2002).

Mutual design processes are there ore likely to initially have characteristics o eand struggle to make things work, captured in the related concepts o inno usion (Fleand learning by trying (Fleck 1994). Complex arte acts such as organisational technolikely to require processes o experimentation in the contexts in which they are implTey may need to be taken apart, broken down, adapted and recon gured, and sometimtechnology may be more or less completely re-invented in its implementation and use. Rrecon guration o components into systems that t particular contexts thus blurs thetween innovation and di usion, leading to the notion o inno usion (Fleck 1988).

Similarly, learning by trying re ers to the knowledge created during inno usion occasionally amount to signi cant changes in technological knowledge bases (Peine5). Learning occurs due to an initial mis t between product characteristics and its use ment that leaves room or improvements through the operating experience (ibid). AccPeine, i the initial pioneering phase o radical change results in a working product, thbecomes one o learning by using , with smaller, progressive modi cations to the unctionisystem. Once the product stabilises and there is less scope or urther improvementtakes on more o a character o on-the-job training, re erred to aslearning by doing.However,in the Global South, with sparse technological in rastructure and knowledge base, thsequence becomes blurred, with the categories o learning occurring in parallel: am with technology and design o an appropriate system o necessity become intertwineplace simultaneously.

Furthermore, when considering the Scandinavian PD lessons in the context o the

South, an important di erence is that the typical arena or movements or social chan


37/111

32 Titlestad, Staring & Braa

veloping countries is the political grassroots, rather than the workplace (Braa 1996). Ta community based approach is recommended (Byrne and Sahay 2003). As the user-gap in knowledge o and experience with I solutions is o ten wider in the Global Soin Scandinavian settings, PD approaches aiming at ostering mutual learning are actumore appropriate and relevant in such contexts (Braa et al. 1993).

Te concept o inno usion is particularly apt when we make the transition rom bsystems or a single site to more distributed in ormation systems. In order to cope variety o present and uture contexts, Fischer (2008) introduces the concept o meta-design,meaning design that aims to empower users to engage actively in continuous, iterative ment, rather than being restricted to the use o existing systems. Meta-design strategie

exible standards, modularisation and black-boxing can acilitate generi cation proceet al. 2007). Te meta-design approach strives at creating not only a exible technical bdesign, but also social in rastructures in which users can participate actively as co-deshape and reshape socio-technical systems.

Boundary spanning and sca olding2.3

Success ul examples o global scale DSD can be ound when studying the phenomeand Open Source So tware (FOSS), which is usually characterised by a communitarichronous and mediated design practice where both users and developers are widely d(Barcellini et al. 2008). FOSS projects typically blur the separation o roles through trprocesses and open communication and intensive use o online media (Fogel 2005; LaMorner 2005). Indeed, the FOSS approach can be considered as a continuous orm ended distributed participatory design, where new unctionalities can always be prodi erent kinds o participants, regardless o their stake in the project, and users can pbe involved in all phases o the development process (Barcellini et al 2008; von HippIn order to create success ul organisational systems, design teams should include botharchitects and domain experts. Tus, mutual learning processes are crucial, though difcaccomplish (Gumm 2006a). A success ul FOSS project will consist o people llinroles (sometimes simultaneously), such as project leader, administrator, developer, and varying levels o engagement. In particular, the FOSS literature stresses the role o a who participate by assisting newcomers, reporting bugs, or proposing new eatures (FoPreece et al. 2004).

Prominent ways to cope with the geographical and organisational distribution and do roles in FOSS projects include boundary spanners and sca olding. Boundary spapersons who act as mediators, traversing boundaries between organisations and teamsing in ormal communication across networks (Sarant 2004; Sonnenwald 1996). Bboundary spanners implies having developed skills and competencies in the di erent are spanned. Boundary spanners are well aware o all practices and have achieved legicredibility in the domains they span (Barcellini et al. 2008:560). Te multiple dimensidistribution in FOSS projects (and in DPD more generally) mean that many boundarieto be bridged, and this implies a strong need or developers, implementers and coordina

can span organisational contexts and geographical boundaries. Whereas with in ras


38/111


so tware like databases or operating systems, developers are usually also users, the diperspective is larger or organisational so tware, and thus the need or boundary spangreater. Te gap can best be bridged by technically conversant people who engage in imping the system and training end-users, and who are also adept at communicating with developer team. More than just super-users, such mediators normally work closely witmake systems work and there ore understand their problems, but also know at least sodevelopers by name and can relate to them (Finck et al 2004).

Supplementing and enabling the activities o boundary spanners are material meandiation and support or the design process. Seeing parallels between design and lear

nd Orlikowskis (2006) use o the concept o sca olding use ul or understandingcan succeed. A sca old is not part o the nal product, but serves temporary support Sca olds are exible and can be set up according to local conditions, and are also porthey can quickly be assembled and modi ed in di erent places. Tus the metaphor he

ocus on the temporary and situated engagement o technology in knowledgeable actis, or the duration o a particular human practice, actors draw on various arte acts, sin rastructures to conduct their activities (ibid., p. 462), or what Orlikowski terms tolding o knowledgeability. Moreover, sca olds are generative, in the sense that thebasis or other (creative) work, acilitating the per ormance o activities that wouldimpractical without material augmentation (ibid., p. 462).

Tus, the challenges o DPD can be addressed through the combination o a netwcollaborators ormed around boundary spanners and sca olding in rastructure such amaterial or the typical technical arte acts employed by FOSS communities (see sectiocording to OReilly (2003), the truly distinguishing characteristic that FOSS o ers isavailability o the source code, but an overall architecture o participation, both ma

social. Te experiences rom the case presented below suggest the contours o such anture or the Global South.

Method3

Our empirical investigations are grounded in the Scandinavian action research traditionemphasises engagement in the eld. A long-term distributed action research e ort, the a

ollowed in HISP builds on the literature on networked action research (Elden and C1993; Engelstad and Gustavsen 1993), and has elsewhere been termedNetworks o Action(Braaet al. 2004a). In essence, it is based on the premise that action should not take place inunits, but only as part o a greater community where sharing o experiences, learningand support are acilitated. Te Networks o Action approach is speci cally designedresource limited conditions in

special issue on distributed participatory design, sjis 2009, issue 1

Documents