Understanding Data Breach Information: How lay Individuals Interpret Breach Notifications
| Field | Value | Language |
| dc.contributor.author | Hu, Muqing | |
| dc.date.accessioned | 2025-05-20T04:58:48Z | |
| dc.date.available | 2025-05-20T04:58:48Z | |
| dc.date.issued | 2025 | en |
| dc.identifier.uri | https://hdl.handle.net/2123/33921 | |
| dc.description.abstract | This thesis investigates how lay individuals interpret and respond to current data breach notifications(DBNs). By demonstrating DBN as a new form of accounting information, this thesis calls for “rethinking expertise” (Collins & Evans, 2019) in accounting information use and extends the current literature from professional users to lay users in the context of data breaches. Central to this research is the question of how ambiguities within current DBNs exacerbate the vulnerability and interpretation challenges lay individuals face. Drawing on Ellsberg’s ambiguity aversion theory (1961), this thesis employs phenomenological interviews to capture nuanced subjective interpretations and qualitative experiments to further assess lay individuals’ preferences in the face of ambiguity in DBNs. Findings reveal that current DBNs are largely ineffective, characterised by substantial ambiguities that hinder lay individuals’ interpretation. As a result, lay individuals prefer to adopt a rational “protective” strategy to prioritise clarity over negativity in breach information. Moreover, the thesis identifies a “power dynamic” (Carr & Beck, 2022) between DBN providers (breached organisations) and recipients (lay individuals), highlighting the critical need to amplify lay individuals’ voices in breach disclosure practices. Based on empirical insights, the thesis provides practical recommendations for individuals, organisations, and policymakers to reduce ambiguity in current DBNs and proposes a framework for more effective breach disclosures that empower lay users and promote greater accountability in the aftermath of data breaches. | en |
| dc.language.iso | en | en |
| dc.title | Understanding Data Breach Information: How lay Individuals Interpret Breach Notifications | en |
| dc.type | Thesis | |
| dc.type.thesis | Masters by Research | en |
| dc.rights.other | The author retains copyright of this thesis. It may only be used for the purposes of research and study. It must not be used for any other purposes and may not be transmitted or shared with others without prior permission. | en |
| usyd.faculty | SeS faculties schools::The University of Sydney Business School::Discipline of Accounting, Governance and Regulation | en |
| usyd.degree | Master of Philosophy M.Phil | en |
| usyd.awardinginst | The University of Sydney | en |
| usyd.advisor | ANDREW, JANE |
Associated file/s
Associated collections