Author
Listed:
- Ebert, Nico
- Fischer-Hübner, Simone
- Human, Soheil
- Kitkowska, Agnieszka
- Kollnig, Konrad
- Mitrović, Jelena
- Pan, Shidong
- Schaltegger, Thierry
- Schaub, Florian
- Smullen, Daniel
- Xian, Lu
Abstract
Information privacy is an integral part of users' lives, as many digital services and their business models heavily rely on personal data. For example, conversational agents will use massive amounts of user conversations to hyper-personalize ads. Although privacy information is provided through policies and app notifications, and regulation increasingly adopts risk-based approaches, users remain largely uncertain about the risks they face. Design tweaks such as privacy icons or nutrition labels have yielded little improvement, as the central issue lies not in how privacy information is presented, but in what is omitted: the emphasis on disclosing data practices alone does not sufficiently reduce users’ uncertainty about potential harms. This paper develops an argument for complementing the current paradigm of “procedural transparency” with “risk transparency.” Risk transparency prioritizes the clear communication of privacy risks to individuals using digital services, similar to established practices in domains such as drug safety, public health, or consumer protection, where explicitly informing users about risks is considered the main priority. In this article, we discuss risk transparency terminology, illustrate how risk can be communicated, and review the evidence on the effectiveness of risk communication as well as its associated challenges. A shift towards privacy risk transparency aims to provide consumers and data subjects with more meaningful information that supports their informed decision-making in the data economy.
Suggested Citation
Ebert, Nico & Fischer-Hübner, Simone & Human, Soheil & Kitkowska, Agnieszka & Kollnig, Konrad & Mitrović, Jelena & Pan, Shidong & Schaltegger, Thierry & Schaub, Florian & Smullen, Daniel & Xian, Lu, 2026.
"From procedures to peril: Towards risk transparency in information privacy for users,"
Telecommunications Policy, Elsevier, vol. 50(5).
Handle:
RePEc:eee:telpol:v:50:y:2026:i:5:s0308596126000455
DOI: 10.1016/j.telpol.2026.103195
Download full text from publisher
As the access to this document is restricted, you may want to
for a different version of it.
Corrections
All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:eee:telpol:v:50:y:2026:i:5:s0308596126000455. See general information about how to correct material in RePEc.
If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.
We have no bibliographic references for this item. You can help adding them by using this form .
If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.
For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Catherine Liu (email available below). General contact details of provider: http://www.elsevier.com/wps/find/journaldescription.cws_home/30471/description#description .
Please note that corrections may take a couple of weeks to filter through
the various RePEc services.
Printed from https://ideas.repec.org/a/eee/telpol/v50y2026i5s0308596126000455.html