No Trust, No Use! Numerous studies from the human-machine interaction field have confirmed the no trust, no use hypothesis. In a nutshell, these studies have shown, that trust is an important predictor of reliance, understood as to how people make use of technology. Our research focuses on conversational AI, also called digital, voice or smart assistants, because we believe that conversational user interfaces (CUI’s) differ from traditional technologies, offering new research agendas. They don’t require users to focus directly and interact directly with the device, through touch, for example, so they are rather intuitive. At the same time the device often elicits some sort of presence and is part of the most private areas of users’ social life. More specifically, we aim to better understand the role of trust in conversational AI, or human-AI interaction. Evidence from one of our pilot studies presented at an AI4EU workshop supports the no trust, no use hypothesis: We found that actual users of conversational AI have a significant higher level of trust (Tschopp et al., 2021).

However, this is only part of the picture to better explain the role of trust in human-AI interaction. It may be worthwhile to be more accurate with the witty no trust, no use slogan: The negatively-framed hypothesis implies a positive, congruent trust-use relationship: The more users trust a technology , the more likely they use it, their behavior follows their attitude. However, this rationale fails to address incongruent behavior. No trust, no use is not adequate for explaining other scenarios, for instance, that some people who do not trust a certain technology will still use it. Little do we know what actual reliance behaviors of people with no or low trust attitudes look like. Drawing upon the learnings from privacy researchers on the privacy paradox, we aim to better understand the no trust but use relationship, which can be interpreted as actual reliance behavior not congruent with the respective trust attitude.

Attitude Behavior Gap in Privacy Research: The Privacy Paradox

Much of consumer psychology is about consumer choices: Researchers aim to understand how attitudes, values, beliefs or knowledge are formed and how these variables affect consumer behavior. Most people would find it normal, that people who have a certain attitude, would act upon this attitude. However, this is not always the case. The phenomenon, that people behave against their attitudes, is called attitude-behavior gap, and has found particular interest in privacy research. Numerous studies have found, that people’s use of technology is characterized by the so-called privacy paradox (Norberg, 2007): People say they care about privacy or have privacy concerns, but they are careless when it comes to their actual behavior. The figure below shows in a simplified manner, that an attitude is formed, influencing the intention, which then leads to an action.

As seen in the image above, it is important to differentiate between intention and behavior. Although intention is found to be generally a strong predictor of behavior, studies on the privacy paradox have shown that the intention is not accurate enough to explain actual behavior. Unfortunately, intention is mostly studied as an outcome variable as it is much easier and cheaper to operationalize than actual usage variables (Sheeran, 2002. Kokalakis (2015) suggest differentiating privacy concerns (e.g., stalking, secondary use by a third party or improper access by employers) and privacy attitudes (e.g., I care about privacy). Moreover one can differentiate between privacy intention and privacy behavior: Adoption, for instance, purchase or privacy protection behaviors, such as refusing to provide information or providing false information (Son & Kim, 2008).

The Privacy Paradox is Context-Sensitive

Most studies focus on social networks and e-commerce, with growing literature on smartphones. Research in the area of smartphone usage often attempts to explain issues related to privacy paradox in the context of the Uses and Gratification Theory (UGT) or the Information Boundary Theory (IBT) (Sutanto 2013). Other avenues of research tackle emotions. In a study conducted shortly after the Facebook scandal involving Cambridge Analytica, Sarabia-Sanchez et al. (2019) find that there is no relationship between the intensity of the reported emotions and the management of privacy setting by the surveyed facebook users. A large portion of research regarding privacy paradox in the digital field addresses cybersecurity. In what they call the intention-behavior gap Jenkins et al. (2021) find that people’s desire to minimize required effort negatively moderate their actual security behavior . In their study of security behavior of smartphone users Das and Kahn (2016) find that the most consistent predictors of security behavior are the perceived efficacy and cost of adopting security responses. Another approach to explaining the privacy paradox in the digital context relates to rational fatalism according to which the level of fatalistic belief about technologies and business impacts the likelihood of users to protect their privacy on the internet in general (Xie et al. 2019).

There is an emerging stream focusing on the privacy paradox in the context of conversational AI. It has been shown that the nature of the technology and the kind of information to be shared (age, weight, income, etc.) makes a difference. Smart speakers are per se intrusive as they share their users’ most private social sphere. Furthermore, GDPR privacy recommendations are only poorly implemented due to the conversational interface (CUI) and thus hard to access (Brüggemeier & Lalone, 2022). Another factor that differentiates conversational AI from other contexts is based on the CASA paradigm (people tend to treat computers as social actors) and anthropomorphism (the tendency of humans to humanize machines). Smart speakers likely create a social presence, for instance, the perception of a companion relationship which has been shown to foster undesirable disclosure of personal information (unintended nudging). These singular characteristics justify an an investigation of the attitude-behavior gap specifically in the context of conversational AI, as conclusions drawn from studies on other technologies cannot be generalized.

Challenging the Privacy Paradox: Contradicting Results and Methodological Limitations

Researching the privacy paradox has produced contradicting results. Researchers tried to challenge the privacy paradox in various contexts . One stream of research focused on finding evidence that people’s behavior is consistent with their privacy attitudes and/or intentions, thus, paradoxical behavior was not found (e.g., Young and Quan-Haase, 2013 in social networks; Wakefield, 2013 in e-commerce). The fact mentioned above that privacy behavior is highly contextual, privacy concerns should be differentiated, and that it depends on what kind of information was at dispute, complicates comparability and explains different interpretations of studies. Overall, most of the studies have shortcomings in the methodology. This is a major problem as it questions interpretation and generalizability. This hard problem should have the highest priority for the field to move forward. Surveys and experiments (mostly based on convenience samples) are most used, raising issues of validity and generalizability. The biggest problem might be the reliance on self-reported concerns, attitudes, and intentions.

We believe that digital privacy is a desirable societal value, mirrored by the establishment of the GDPR and promoted by ethicists or so-called privacy activists. It is plausible that individual privacy attitudes and concerns are largely biased due to the phenomena of social desirability. This bias is the tendency of respondents to answer questionnaires in a generally favorable manner. Hence, the question many ask is: How much do people really care about privacy? If you could establish a real measure of privacy attitudes, this would be the shortest way to challenge the existence of the privacy paradox. Since, this is impossible, as with all latent variables, researchers need to be even more creative.

Kehr et al. (2015) suggest that the “social representation about privacy is not yet formed by lay users”. In line with this statement, Barth et al., (2019) found the paradoxical behavior in their experiment (controlling for technical knowledge, financial resources and privacy awareness), however, they could not find a representation of privacy in their respondents’ reviews of the technology used. They conclude, that privacy is not rated important. Furthermore, functionality, design and perceived benefit are more important than privacy.

Can we Translate the Privacy Paradox into a Trust Paradox?

The EU has developed a framework for trustworthy AI, to foster responsible use of artificial intelligence . They suggest a close relationship between trustworthiness (as properties of AI systems) and the attitude of trust, with privacy being one of the components of trustworthiness. It is plausible, that the learnings from the privacy paradox can be translated (or modified) to a potential trust paradox. A theoretical framework of a trust paradox does not exist and could be developed, for instance, based on the review of the multidimensional approach of privacy and smart speakers by Lutz and Newlands (2020). Taking into account the above points, a trust paradox is likely to be context-sensitive (which is why we focus only on conversational AI), with the variables to be theorized from relevant trust literature compared to the privacy research. The role of knowledge, financial resources as found in the article by Barth et al. in the IOT context (2019) could be highly relevant, for example. What may be specifically important is to integrate the different actors that play a role in the trust framework: The actual smart speaker (Alexa) versus the company behind it (Amazon), and other third parties that may play a role (e.g., Philips smart light bulbs or NHS in the UK giving health advice over Alexa). Looking at the variety of explanations of paradoxical behavior in the privacy context, it is plausible that the interpretations for a trust paradox are similar. Based on the privacy paradox literature, interpretations can be similar, except for the social theory interpretation, which probably only occurs in social networks (e.g., disclose personal information to maintain their online lives).

1. People could perform trust calculus, performing a cost-benefit analysis when using the system
2. People’s decision-making processes are affected by cognitive biases and heuristics
3. People lack conscious decision-making due to bounded rationality and information asymmetry or lack of information
4. People are giving up and don’t feel they can change the way data are handled (see Turow et al., 2015)

Investigating a potential trust paradox will face the same methodological challenges as stated above, like self-report measurement and lack of detail, for instance, differentiating trust concerns and trust attitude. Trust may even be more difficult, as various measures exist and in opposition to privacy, there is no official law or anything comparable that could serve as a threshold to what ‘adequate’ trust is and what not. The EU Guidelines for trustworthy AI may serve as theoretical background. There is a high danger of recreating the same problems if methods are not chosen creatively and simply focus on the intention to use. On the other hand, investigating intention to use may serve well as a pilot study and might be good enough due to the novelty of the problem.

Open questions remain: What is the equivalent measure for trust concerns in performance, process and purpose of the conversational AI? What kind of trust awareness is relevant (compared to the relatively clear concept of privacy awareness)? How to operationalize technical knowledge in the context of conversational AI? How to integrate the different actors of trust relationships? And, while you can adapt compare the adequacy of individual privacy decisions to existing rules and regulations, what are adequate individual trust decisions?

Conclusion

We believe that the respectable work of privacy researchers is a valuable opportunity to better understand trust in human-AI interaction, more specifically, trust in conversational AI, which is our topic of interest. Research on the privacy paradox has produced contradictory results and faces shortcomings in methodology, thus remaining a wide-open issue with a lack of knowledge specifically in the field of conversational AI (Kokalakis, 2015; Barth et al., 2019; Sun et al., 2020; Lutz & Newlands, 2021). However, these challenges also pave way for innovative research agendas. It is plausible, that a trust paradox can be found in human-AI interaction, similar to the privacy paradox, including the tough challenges observed. Trust is a complex construct with cognitive and emotional elements and although we expect to find many similarities to the privacy paradox, we also theorize to find differences to the trust paradox in hope to generate useful recommendations for research and practice.

Finally, the findings regarding the attitude-behavior gap must be separated from the ensuing expectations or the perception individuals have with regards to how the providers of these services should act. Martin (2016) finds that individuals retain strong privacy expectations even after disclosing information, meaning that their willingness to allow e-commerce, social media, smartphone, browser, smart assistants or other service providers gain access to private data does not change their attitude with regards to privacy.

Authorship and Aknowledgement

This article was written by Marisa Tschopp and Pierre Rafih. Pierre Rafih is Professor of Investment and Finance, Corporate Management and Controlling at the University of Applied Management, in Ismaning near Munich. His research areas are in Behavioral Finance with a focus on Investor Behavior, Financial Innovation and Financial Literacy. We also want to thank Prof. Dr. Dagmar Monett (HWR Berlin) for valuable discussions on this topic and feedback.

References

• vBarth, S., Jong, M. D.T. de, Junger, M., Hartel, P. H., & Roppelt, J. C. (2019). Putting the privacy paradox to the test: Online privacy and security behaviors among users with technical knowledge, privacy awareness, and financial resources. Telematics and Informatics, 41(6221), 55-69. https://doi.org/10.1016/j.tele.2019.03.003
• Brüggemeier, B., & Lalone, P. (2022). Perceptions and reactions to conversational privacy initiated by a conversational user interface. Computer Speech & Language, 71(1), 101269. https://doi.org/10.1016/j.csl.2021.101269
• Das, A., Khan H. U. (2016). Security behaviors of smartphone users. Information & Computer Security, 24(1), 116-134. https://dx.doi.org/10.1108/ICS-04-2015-0018
  EU Guidelines for Trustworthy AI. https://www.aepd.es/sites/default/files/2019-12/ai-ethics-guidelines.pdf
• Jenkins, J. L., Durcikova, A., Nunamaker J. F. Jr. (2021). Mitigating the Security Intention-Behavior Gap: The Moderating Role of Required Effort on the Intention-Behavior Relationship. Journal of the Association for Information Systems, 22(1), 246-272. https://doi.org/10.17705/1jais.00660
• Kehr, F., Kowatsch, T., Wentzel, D., & Fleisch, E. (2015). Blissfully ignorant: The effects of general privacy concerns, general institutional trust, and affect in the privacy calculus. Information Systems Journal, 25(6), 607-635. https://doi.org/10.1111/isj.12062
• Kokolakis, S. (2017). Privacy attitudes and privacy behaviour: A review of current research on the privacy paradox phenomenon. Computers & Security, 64(8), 122-134. https://doi.org/10.1016/j.cose.2015.07.002
• Lutz, C., & Newlands, G. (2021). Privacy and smart speakers: A multi-dimensional approach. The Information Society, 37(3), 147-162. https://doi.org/10.1080/01972243.2021.1897914
• Malik, A., Hiekkanen, K., Dhir, A, Nieminen, M. (2016). Impact of privacy, trust and user activity on intentions to share Facebook photos. Journal of Information, Communication and Ethics in Society, 14(4), 364-382. https://doi.org/10.1108/JICES-06-2015-0022
• Martin, K. (2020). Breaking the Privacy Paradox: The Value of Privacy and Associated Duty of Firms. Business Ethics Quarterly, 30(1), 65-96.
  Massara, F., Raggiotto F. (2021). Unpacking the privacy paradox of consumers: A psychological perspective. Psychology & Marketing, 38(10), 1814-1827. https://doi.org/10.1002/mar.21524
• Nass, C., & Moon, Y. (2000). Machines and Mindlessness: Social Responses to Computers. Journal of Social Issues, 56(1), 81-103. https://doi.org/10.1111/0022-4537.00153
• NORBERG, P. A., HORNE, D. R., & HORNE, D. A. (2007). The Privacy Paradox: Personal Information Disclosure Intentions versus Behaviors. Journal of Consumer Affairs, 41(1), 100-126. https://doi.org/10.1111/j.1745-6606.2006.00070.x
• Sarabia-Sánchez, F.-J., Aguado, J.-M., & Martínez-Martínez, I. J. (2019). Privacy paradox in the mobile environment: The influence of the emotions. El Profesional de La Información, 28(2), 1-11. https://doi.org/10.3145/epi.2019.mar.12
• Sun, Q., Willemsen, M. C., & Knijnenburg, B. P. (2020). Unpacking the intention-behavior gap in privacy decision making for the internet of things (IoT) using aspect listing. Computers & Security, 97(1), 101924. https://doi.org/10.1016/j.cose.2020.101924
• Sutanto, J., Palme, E., Tan, C-H., Phang, C. W. (2013). Addressing the personalization-privacy paradox: An empirical assessment from a field experiment on smartphone users. MIS Quarterly, 37(4), 1141-1164.
  Taddicken, M. (2014), “The “Privacy paradox” in the social web: The impact of privacy concerns, individual characteristics, and the perceived social relevance on different forms of self-disclosure”, Journal of Computer-Mediated Communication, 19(2), 248-273.
• Tschopp, M., Scharowski, N., & Wintersberger, P. (2021, September 2-3). Do Humans Trust AI or Its Developers? Exploring Benefits of Differentiating Trustees Within Trust in AI Frameworks [Conference Presentation]. Venice, Italy. https://www.unive.it/pag/36810/
• Turow, J., & Hennessy, M. (2015). The Tradeoff Fallacy: How Marketers are Misrepresenting American Consumers and Opening Them Up to Exploitation. SSRN Electronic Journal, 3(2), 75. https://doi.org/10.2139/ssrn.2820060
• Waytz, A., Epley, N., & Cacioppo, J. T. (2010). Social Cognition Unbound: Insights Into Anthropomorphism and Dehumanization. Current Directions in Psychological Science, 19(1), 58-62. https://doi.org/10.1177/0963721409359302
• Xie, W., Fowler-Dawson, A., Tvauri, A. (2019). Revealing the relationship between rational fatalism and the online privacy paradox. Behaviour & Information Technology, 38(7), 742-759. https://doi.org/10.1080/0144929×.2018.1552717

Links

• https://journals.sagepub.com/doi/10.1177/0018720818816838
• https://www.ai4europe.eu/news-and-events/events/ai-event/culture-trustworthy-ai-public-debate-education-practical-learning
• https://www.fham.de/personen/professoren/pierre-rafih/
• https://www.hwr-berlin.de/hwr-berlin/ueber-uns/personen-von-a-bis-z/462-dagmar-monett-diaz/
• https://www.sciencedirect.com/topics/computer-science/social-presence