DECISION CRITERIA FOR EVALUATION OF CONSUMER PRIVACY AND SECURITY ASPECTS IN PLATFORM BUSINESS MODELS: A STUDY ON SRI LANKA PLATFORM BUSINESSES
##plugins.themes.bootstrap3.article.main##
##plugins.themes.bootstrap3.article.sidebar##
Published
Mar 20, 2026
Indra Mahakalanda
Ishari Siriwardena
Abstract
In the evolving landscape of digital economies, platform business models—also known as digital business models—have emerged as dominant forces driving innovation, connectivity, and commerce. However, the pervasive integration of data within these platforms, data monetization, and intra/inter-firm benefit sharing have associated privacy-related costs for consumers. Thus, firm-consumer interactions have amplified concerns regarding privacy tensions among consumers, firms, and regulators. We explore the multifaceted criteria of privacy within digital platform business models, highlighting its critical importance. The objective of this article is to develop a Fuzzy Analytic Hierarchy Process (FAHP) for the evaluation of consumer privacy and security criteria of platform business models, taking into consideration the judgments of decision makers. First, it identifies six criteria and fourteen sub-criteria that constitute consumer privacy and security aspects in digital business models. The FAHP questionnaire survey collects data from industry experts and the FAHP assigns weights for each criterion, enabling decision makers the ability to rank them based on their importance level. This study only focuses on the main criteria for evaluation of consumer privacy and security in digital platforms. Results of the FAHP analysis rank the user awareness and education and compliance and regulatory framework criteria with the highest importance, while assigning the lowest weight to the data collection practices criterion. Our multi-criteria decision framework provides a comprehensive understanding of privacy’s pivotal role in the success and sustainability of platform business models. Ultimately, this study contributes to the ongoing discourse on privacy, advocating for robust privacy strategies that balance innovation and ethical responsibility in the digital age.
How to Cite
Mahakalanda, I., & Siriwardena, I. (2026). DECISION CRITERIA FOR EVALUATION OF CONSUMER PRIVACY AND SECURITY ASPECTS IN PLATFORM BUSINESS MODELS: A STUDY ON SRI LANKA PLATFORM BUSINESSES. International Journal of the Analytic Hierarchy Process, 18(1). https://doi.org/10.13033/ijahp.v18i1.1346
Downloads
Download data is not yet available.
##plugins.themes.bootstrap3.article.details##
Keywords
Platform Business Models, Consumer Privacy and Security, Multi-Criteria Decision Analysis, Analytical Hierarchy Process
References
Abeysekara, T. B., & Ranasinghe, A. E. (2022). Holistic approach in introducing proper legal framework to regulate data protection and privacy in Sri Lanka. Journal of Business Research and Insights, 8(I), 169–200. https://doi.org/10.31357/vjm.v8iI.5608.
Acquisti, A., Brandimarte, L., & Loewenstein, G. (2015). Privacy and human behavior in the age of information. Science, 347(6221), 509–514.
https://www.cmu.edu/dietrich/sds/docs/loewenstein/PrivacyHumanBeh.pdf
Al-Rashdi, Zahir, Dick, M., & Storey, I. (2015). “A conceptual framework for accountability in cloud computing service provision”. Austrailian Conference on Information Systems 2015 Proceedings, 76. https://aisel.aisnet.org/acis2015/76
Altman, M., Wood, A., O’Brien, D. R., & Gasser, U. (2018). Practical approaches to big data privacy over time. International Data Privacy Law, 8(1), 29–51. https://doi.org/10.1093/idpl/ipx027
Aruldoss, M., Lakshmi, T. M., & Venkatesan, V. P. (2013). A survey on multi criteria decision making methods and its applications. American Journal of Information Systems, 1(1), 31–43. https://doi.org/10.12691/ajis-1-1-5
Behzadian, M., Otaghsara, S. K., Yazdani, M., & Ignatius, J. (2012). A state-of the-art survey of TOPSIS applications. Expert Systems with Applications, 39(17), 13051–13069.
https://doi.org/10.1016/j.eswa.2012.05.056
Bhola, P., Chronis, A. G., Kotsampopoulos, P., & Hatziargyriou, N. (2023). Business model selection for community energy storage: a multi criteria decision making approach. Energies, 16(18), 6753. https://doi.org/10.3390/en16186753
Campbell, J. E., & Carlson, M. (2002). Panopticon. com: Online surveillance and the commodification of privacy. Journal of Broadcasting & Electronic Media, 46(4), 586–606. https://doi.org/10.1207/s15506878jobem4604_6
Cao, C., Zheng, M., Ni, L. (2022). Improving consumer data privacy protection and trust in the context of the digital platform. In A. Moallem (Ed.) HCI for cybersecurity, privacy and trust. HCII 2022. Lecture Notes in Computer Science , 13333, 16-29. Springer. https://doi.org/10.1007/978-3-031-05563-8_2
Camcı, A., Yıldız, A., & Kılıç, S. (2021). Selection of contract type in construction projects using spherical AHP method. In H. A. Abbass, M. A. Bakar, & M. A. Abdullah (Eds.), Proceedings of the International Online Conference on Intelligent Decision Science (pp. 509–518). Springer. https://doi.org/10.1007/978-3-030-66501-2_42
Cavus, N., & Adeoluwa, A. (2022). Security and privacy concerns in mobile payment services. Global Journal of Information Technology: Emerging Technologies, 12(2), 82–94. https://doi.org/10.18844/gjit.v12i2.8264
Chakravorti, B. (2024). AI’s trust problem. Harvard Business Review. https://bpb-us-w2.wpmucdn.com/sites.uab.edu/dist/6/536/files/2024/09/AIs-Trust-Problem.pdf
Chang, M. K., Cheung, W., & Lai, V. S. (2005). Literature derived reference models for the adoption of online shopping. Information & Management, 42(4), 543–559.
https://doi.org/10.1016/j.im.2004.02.006
Chan, Yolande E. and Greenaway, & Kathleen E. (2005). Theoretical explanations for firms’ information privacy behaviors. Journal of the Association for Information Systems, 6(6), 171–198. https://doi.org/10.17705/1jais.00068
Cheng, E. W., Li, H., & Ho, D. C. (2002). Analytic hierarchy process (AHP) A defective tool when used improperly. Measuring Business Excellence, 6(4), 33–37.
https://doi.org/10.1108/13683040210451697
Ciurea, C., & Filip, F. G. (2015). Multi-Criteria Analysis in choosing IT&C platforms for creative digital works. Uncommon Culture, 6(2), 20–27. https://journals.uic.edu/ojs/index.php/UC/article/view/6200
Culnan, M. (1993). How did they get my name? An exploratory investigation of consumer attitudes toward secondary information use. MIS Quarterly, 17(3), 341–362.
https://doi.org/10.2307/249775
Culnan, M. J. (2000). Protecting privacy online: Is self-regulation working? Journal of Public Policy & Marketing, 19(1), 20–26. https://doi.org/10.1509/jppm.19.1.20.16944
Culnan, M. J., & Bies, R. J. (2003). Consumer privacy: Balancing economic and justice considerations. Journal of Social Issues, 59(2), 323–342. https://doi.org/10.1111/1540-4560.00067
D’Adamo, I., Rosa, P., & Sassanelli, C. (2023). The Analytic Hierarchy Process as an innovative way to enable stakeholder engagement for sustainability reporting in the food industry. Environment, Development and Sustainability, 25, 15025–15042. https://doi.org/10.1007/s10668-022-02700-0.
Dias Jr, A., & Ioannou, P. G. (1996). Company and project evaluation model for privately promoted infrastructure projects. Journal of Construction Engineering and Management, 122(1), 71–82. https://doi.org/10.1061/(ASCE)0733-9364(1996)122:1(71)
Deloitte Insights. (2024, November 19). Deepfake disruption: A cybersecurity-scale challenge and its far-reaching consequences.
https://www2.deloitte.com/us/en/insights/industry/technology/technology-media-and-telecom-predictions/2025/gen-ai-trust-standards.html
Dhirani, L. L., Mukhtiar, N., Chowdhry, B. S., & Newe, T. (2023). Ethical dilemmas and privacy issues in emerging technologies: A review. Sensors, 23(3), 1151.
https://doi.org/10.3390/s23031151
DLA Piper. (2023 January). DLA Piper GDPR fines and data breach survey. https://www.dlapiper.com/en/insights/publications/2023/01/dla-piper-gdpr-fines-and-data-breach-survey-january-2023
Eke, D., & Stahl, B. (2024). Ethics in the governance of data and digital technology: An analysis of European data regulations and policies. Digital Society, 3(1), 11. https://doi.org/10.1007/s44206-024-00101-6.
Falana, O. J., Ojeaga, T., Naeem, H., Aborisade, D. O., Alsirhani, A., Alserhani, F., & Alserhani, F. (2024). FHG-PR: A hybridized fuzzy-AHP and game theory model for assessing privacy risk on social media platforms. Frontiers in Computer Science, 6, 1–18. https://doi.org/10.3389/fcomp.2024.1389223
Fassnacht, M., Leimstoll, J., Benz, C., Heinz, D., & Satzger, G. (2024). Data sharing practices: The interplay of data, organizational structures, and network dynamics. Electronic Markets, 34(1), 47. https://doi.org/10.1007/s12525-024-00732-0.
Fernando, J., & Wickramasinghe, S. (2022). Sri Lanka personal data protection legislation–An overview. https://dx.doi.org/10.2139/ssrn.4246818
Fox, G., Lynn, T. & Rosati, P. (2022). Enhancing consumer perceptions of privacy and trust: a GDPR label perspective. Information Technology & People, 35(8), 181–204. https://doi.org/10.1108/ITP-09-2021-0706
Greenleaf, G. (2022). Sri Lanka’s personal data protection act is finalized with a stronger DPA, 177 Privacy Laws & Business International Report 25-27, UNSW Law Research Paper No. 22–53. http://dx.doi.org/10.2139/ssrn.4181012
Gurung, A. & Raja, M.K. (2016). Online privacy and security concerns of consumers. Information and Computer Security, 24(4), 348–371. https://doi.org/10.1108/ICS-05-2015-0020.
Hiller, J. S., & Cohen, R. (2001). Internet law and policy. Prentice-Hall.
Ishizaka, A., & Labib, A. (2011). Review of the main developments in the analytic hierarchy process. Expert Systems with Applications, 38(11), 14336-14345.
https://doi.org/10.1016/j.eswa.2011.04.143
Kabir, G., & Hasin, M. A. A. A. (2011). Evaluation of customer-oriented success factors in mobile commerce using fuzzy AHP. Journal of Industrial Engineering and Management (JIEM), 4(2), 361–386. https://doi.org/10.3926/jiem..v4n2.p361-386
Kahraman, C., Cebeci, U., & Ruan, D. (2004). Multi-attribute comparison of catering service companies using fuzzy AHP: The case of Turkey. International Journal of Production Economics, 87(2), 171–184.
https://doi.org/10.1016/S0925-5273(03)00099-9
Khan., M. (2021). Data minimization – a practical approach. https://www.isaca.org/resources/news-and-trends/industry-news/2021/data-minimization-a-practical-approach
Khan, M. Z., Shoaib, M., Husain, M. S., Ul Nisa, K., & Quasim, M. T. (2024). Enhanced mechanism to prioritize the cloud data privacy factors using AHP and TOPSIS: A hybrid approach. Journal of Cloud Computing, 13, 42. https://doi.org/10.1186/s13677-024-00606-y
KPMG. (2024, September), KPMG global tech report. https://kpmg.com/kpmg-us/content/dam/kpmg/corporate-communications/pdf/2024/KPMG%20tech%20report%202024_US%20Market.pdf
Kumar, R., Bilga, P. S., & Singh, S. (2017). Multi objective optimization using different methods of assigning weights to energy consumption responses, surface roughness and material removal rate during rough turning operation. Journal of Cleaner Production, 164, 45–57. https://doi.org/10.1016/j.jclepro.2017.06.077
Liu, Y., Eckert, C. M., & Earl, C. (2020). A review of fuzzy AHP methods for decision-making with subjective judgements. Expert Systems with Applications, 161, 113738.
https://doi.org/10.1016/j.eswa.2020.113738
Liu, Y., Tse, W. K., Kwok, P. Y., & Chiu, Y. H. (2022). Impact of social media behavior on privacy information security based on Analytic Hierarchy Process. Information, 13(6), 280. https://doi.org/10.3390/info13060280
Lutz, C., Hoffmann, C. P., Bucher, E., & Fieseler, C. (2018). The role of privacy concerns in the sharing economy. Information. Communication & Society, 21(10), 1472–1492. https://doi.org/10.1080/1369118X.2017.1339726
Majumder, M. (2015). Multi Criteria Decision Making. In Impact of Urbanization on Water Shortage in Face of Climatic Aberrations, SpringerBriefs in Water Science and Technology, (pp. 35–47). Springer. https://doi.org/10.1007/978-981-4560-73-3_2
Martin, K. (2018). The penalty for privacy violations: How privacy violations impact trust online. Journal of Business Research, 82, 103–116. https://doi.org/10.1016/j.jbusres.2017.08.034
Martin, K., & Murphy, P. E. (2017). The role of data privacy in marketing. Journal of the Academy of Marketing Science, 45(2), 135–155. https://doi.org/10.1007/s11747-016-0495-4
Martín-Peña, M. L., Lorenzo, P. C., & Meyer, N. (2024). Digital platforms and business ecosystems: a multidisciplinary approach for new and sustainable business models. Review of Managerial Science, 1-18. https://doi.org/10.1007/s11846-024-00772-y
Mattsson, U. (2020). Practical data security and privacy for GDPR and CCPA. ISACA Journal, 3(3). https://www.isaca.org/resources/isaca-journal/issues/2020/volume-3/practical-data-security-and-privacy-for-gdpr-and-ccpa
McKinsey & Company. (2022, April 27). The consumer data opportunity and the privacy imperative. https://www.mckinsey.com/capabilities/risk-and-resilience/our-insights/the-consumer-data-opportunity-and-the-privacy-imperative
Nissenbaum, H. (2004). Privacy as contextual integrity. Washington Law Review, 79, 119. https://digitalcommons.law.uw.edu/wlr/vol79/iss1/10
Nooren, P., Van Gorp, N., van Eijk, N., & Fathaigh, R. Ó. (2018). Should we regulate digital platforms? A new framework for evaluating policy options. Policy & Internet, 10(3), 264–301. https://doi.org/10.1002/poi3.177
Okoli, C., & Pawlowski, S. D. (2004). The Delphi method as a research tool: an example, design considerations and applications. Information & Management, 42(1), 15–29.
https://doi.org/10.1016/j.im.2003.11.002
Palmer, B. W. (2021). Informed consent. In S. Panicker & B. Stanley (Eds.), Handbook of research ethics in psychological science (pp. 55–71). American Psychological Association. https://doi.org/10.1037/0000258-004
Padilla, J., Piccolo, S., & Vasconcelos, H. (2022). Business models, consumer data and privacy in platform markets. Journal of Industrial and Business Economics, 49(3), 599–634. https://doi.org/10.1007/s40812-022-00218-0.
Peppard, J., & Ward, J. (2016). The strategic management of information systems: Building a digital strategy. John Wiley & Sons.
Prince, C., Omrani, N. & Schiavone, F. (2024). Online privacy literacy and users’ information privacy empowerment: the case of GDPR in Europe. Information Technology & People, 37(8), 1–24. https://doi.org/10.1108/ITP-05-2023-0467
Prayogo, D. H., Santoso, A. S., & Wibowo, A. (2024). The key factors for improving returns management in e-commerce in Indonesia from customers’ perspectives—An AHP approach. Sustainability, 16(17), 7303. https://doi.org/10.3390/su16177303
Quach, S., Thaichon, P., Martin, K. D., Weaven, S., & Palmatier, R. W. (2022), Digital technologies: tensions in privacy and data. Journal of the Academy of Marketing Scences, 50, 1299–1323. https://doi.org/10.1007/s11747-022-00845-y
Rahnama, H., & Pentland, A. (2022). The new rules of data privacy. Harvard Business Review, 25.
Rochet, J. C., & Tirole, J. (2003). Platform competition in two-sided markets. Journal of the European Economic Association, 1(4), 990–1029. https://doi.org/10.1162/154247603322493212
Rowe, G., & Wright, G. (1999). The Delphi technique as a forecasting tool: issues and analysis. International Journal of Forecasting, 15(4), 353–375.
https://doi.org/10.1016/S0169-2070(99)00018-7
Saaty, T. L. (1977). A scaling method for priorities in hierarchical structures. Journal of Mathematical Psychology, 15(3), 234–281.
https://doi.org/10.1016/0022-2496(77)90033-5
Saaty, T. L., & Vargas, L. G. (1991). Prediction, projection, and forecasting: applications of the analytic hierarchy process in economics, finance, politics, games, and sports. SpringerNature Link.
Saaty, T. L. (2008). The analytic hierarchy and analytic network measurement processes: applications to decisions under risk. European Journal of Pure and Applied Mathematics, 1(1), 122–196.
https://doi.org/10.29020/nybg.ejpam.v1i1.6
Sargiotis, D. (2024). Data security and privacy: Protecting sensitive information. In Data Governance (pp. 217–245). Springer. https://doi.org/10.1007/978-3-031-67268-2_6
Shokri, R., & Shmatikov, V. (2015). Privacy-preserving deep learning. Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, 1310–1321. https://doi.org/10.1145/2810103.2813687
Smith, H. J., Dinev, T., & Xu, H. (2011). Information privacy research: An interdisciplinary review. MIS Quarterly, 35(4), 989–1015. http://dx.doi.org/10.2307/41409970
Soleimani, M. (2022). Buyers’ trust and mistrust in e-commerce platforms: a synthesizing literature review. Information Systems and e-Business Management, 20(1), 57–78.
https://doi.org/10.1007/s10257-021-00545-0
Stabauer, M. (2019). The effects of privacy awareness and content sensitivity on user engagement. In F.H. Nah, K. Siau. (Eds.) HCI in Business, Government and Organizations. Information Systems and Analytics. HCII 2019. Lecture Notes in Computer Science, 11589, 242 – 255. Springer. https://doi.org/10.1007/978-3-030-22338-0_20
Stalla-Bourdillon, S. (2014). Privacy versus security… are we done yet?. Springer. https://ssrn.com/abstract=2493109
Solove, D. J. (2006). A taxonomy of privacy, 154 U. Pa. L. Rev. 477 (2006). https://scholarship.law.upenn.edu/penn_law_review/vol154/iss3/1
Su, Y., & Jin, L. (2022). The impact of online platforms’ revenue model on consumers’ ethical inferences. Journal of Business Ethics, 1-15. https://doi.org/10.1007/s10551-021-04798-0
Taddeo, M., & Floridi, L. (2018). How AI can be a force for good. Science, 361(6404), 751–752. https://doi.org/10.1126/science.aat5991
Taherdoost, H. (2023). Legal, regulatory, and ethical considerations in e-business. In E-Business Essentials. EAI/Springer Innovations in Communication and Computing, 379–402. Springer. https://doi.org/10.1007/978-3-031-39626-7_15.
Tavares, R. M., Tavares, J. L., & Parry-Jones, S. L. (2008). The use of a mathematical multicriteria decision-making model for selecting the fire origin room. Building and Environment, 43(12), 2090– 2100. https://doi.org/10.1016/j.buildenv.2007.12.010
Täuscher, K., & Laudien, S. M. (2018). Understanding platform business models: A mixed methods study of marketplaces. European Management Journal, 36(3), 319–329.
https://doi.org/10.1016/j.emj.2017.06.005
Tenopir, C., Rice, N. M., Allard, S., Baird, L., Borycz, J., Christian, L., ... & Sandusky, R. J. (2020). Data sharing, management, use, and reuse: Practices and perceptions of scientists worldwide. PloS One, 15(3), e0229003. https://doi.org/10.1371/journal.pone.0229003.
Tsai, H. Y., Chang, C. W., & Lin, H. L. (2010). Fuzzy hierarchy sensitive with Delphi method to evaluate hospital organization performance. Expert Systems with Applications, 37(8), 5533–5541. https://doi.org/10.1016/j.eswa.2010.02.099
Tufekci, Z. (2008). Can you see me now? Audience and disclosure regulation in online social network sites. Bulletin of Science, Technology & Society, 28(1), 20–36.
Van Laarhoven, P. J., & Pedrycz, W. (1983). A fuzzy extension of Saaty's priority theory. Fuzzy Sets and Systems, 11(1-3), 229–241.
https://doi.org/10.1016/S0165-0114(83)80082-7
Van Looy, A., Poels, G., & Snoeck, M. (2017). Evaluating business process maturity models. Journal of the Association for Information Systems, 18(6), 1.
https://doi.org/10.17705/1jais.00460
Vaidya, O. S., & Kumar, S. (2006). Analytic hierarchy process: An overview of applications. European Journal of Operational Research, 169(1), 1–29.
https://doi.org/10.1016/j.ejor.2004.04.028
Vijayasarathy, L. R. (2004). Predicting consumer intentions to use on-line shopping: the case for an augmented technology acceptance model. Information & Management, 41(6), 747–762. https://doi.org/10.1016/j.im.2003.08.011
Wang, R. J. H. (2020). Branded mobile application adoption and customer engagement behavior. Computers in Human Behavior, 106, 106245. https://doi.org/10.1016/j.chb.2020.106245
Westin, A. F. (2000). Intrusions. Public Perspective, 11(6), 8–11.
Wind, Y., & Saaty, T. L. (1980). Marketing applications of the analytic hierarchy process. Management Science, 26(7), 641–658.
https://doi.org/10.1287/mnsc.26.7.641
Wisniewski, P.J., Page, X. (2022). Privacy theories and frameworks. In B.P. Knijnenburg, X. Page, P. Wisniewski, H.R. Lipford, N. Proferes, J. Romano (Eds.) Modern socio-technical perspectives on privacy (pp. 15–41). Springer. https://doi.org/10.1007/978-3-030-82786-1_2
Whitman, M. E., & Mattord, H. J. (2022). Principles of information security (7th ed.). Cengage.
Wu, K. W., Huang, S. Y., Yen, D. C., & Popova, I. (2012). The effect of online privacy policy on consumer privacy concern and trust. Computers in Human Behavior, 28(3), 889–897. https://doi.org/10.1016/j.chb.2011.12.008
Xu, H., Dinev, T., Smith, H. & Hart, P. (2008). Examining the formation of individual's privacy concerns: Toward an integrative view. ICIS 2008 Proceedings, 6.
https://aisel.aisnet.org/icis2008/6
Zhou, J., Leung, V. C., & Li, H. (2020). Privacy-preserving technologies for smart cities. IEEE Communications Magazine, 58(6), 20–26. http://dx.doi.org/10.1109/ACCESS.2018.2853985
Acquisti, A., Brandimarte, L., & Loewenstein, G. (2015). Privacy and human behavior in the age of information. Science, 347(6221), 509–514.
https://www.cmu.edu/dietrich/sds/docs/loewenstein/PrivacyHumanBeh.pdf
Al-Rashdi, Zahir, Dick, M., & Storey, I. (2015). “A conceptual framework for accountability in cloud computing service provision”. Austrailian Conference on Information Systems 2015 Proceedings, 76. https://aisel.aisnet.org/acis2015/76
Altman, M., Wood, A., O’Brien, D. R., & Gasser, U. (2018). Practical approaches to big data privacy over time. International Data Privacy Law, 8(1), 29–51. https://doi.org/10.1093/idpl/ipx027
Aruldoss, M., Lakshmi, T. M., & Venkatesan, V. P. (2013). A survey on multi criteria decision making methods and its applications. American Journal of Information Systems, 1(1), 31–43. https://doi.org/10.12691/ajis-1-1-5
Behzadian, M., Otaghsara, S. K., Yazdani, M., & Ignatius, J. (2012). A state-of the-art survey of TOPSIS applications. Expert Systems with Applications, 39(17), 13051–13069.
https://doi.org/10.1016/j.eswa.2012.05.056
Bhola, P., Chronis, A. G., Kotsampopoulos, P., & Hatziargyriou, N. (2023). Business model selection for community energy storage: a multi criteria decision making approach. Energies, 16(18), 6753. https://doi.org/10.3390/en16186753
Campbell, J. E., & Carlson, M. (2002). Panopticon. com: Online surveillance and the commodification of privacy. Journal of Broadcasting & Electronic Media, 46(4), 586–606. https://doi.org/10.1207/s15506878jobem4604_6
Cao, C., Zheng, M., Ni, L. (2022). Improving consumer data privacy protection and trust in the context of the digital platform. In A. Moallem (Ed.) HCI for cybersecurity, privacy and trust. HCII 2022. Lecture Notes in Computer Science , 13333, 16-29. Springer. https://doi.org/10.1007/978-3-031-05563-8_2
Camcı, A., Yıldız, A., & Kılıç, S. (2021). Selection of contract type in construction projects using spherical AHP method. In H. A. Abbass, M. A. Bakar, & M. A. Abdullah (Eds.), Proceedings of the International Online Conference on Intelligent Decision Science (pp. 509–518). Springer. https://doi.org/10.1007/978-3-030-66501-2_42
Cavus, N., & Adeoluwa, A. (2022). Security and privacy concerns in mobile payment services. Global Journal of Information Technology: Emerging Technologies, 12(2), 82–94. https://doi.org/10.18844/gjit.v12i2.8264
Chakravorti, B. (2024). AI’s trust problem. Harvard Business Review. https://bpb-us-w2.wpmucdn.com/sites.uab.edu/dist/6/536/files/2024/09/AIs-Trust-Problem.pdf
Chang, M. K., Cheung, W., & Lai, V. S. (2005). Literature derived reference models for the adoption of online shopping. Information & Management, 42(4), 543–559.
https://doi.org/10.1016/j.im.2004.02.006
Chan, Yolande E. and Greenaway, & Kathleen E. (2005). Theoretical explanations for firms’ information privacy behaviors. Journal of the Association for Information Systems, 6(6), 171–198. https://doi.org/10.17705/1jais.00068
Cheng, E. W., Li, H., & Ho, D. C. (2002). Analytic hierarchy process (AHP) A defective tool when used improperly. Measuring Business Excellence, 6(4), 33–37.
https://doi.org/10.1108/13683040210451697
Ciurea, C., & Filip, F. G. (2015). Multi-Criteria Analysis in choosing IT&C platforms for creative digital works. Uncommon Culture, 6(2), 20–27. https://journals.uic.edu/ojs/index.php/UC/article/view/6200
Culnan, M. (1993). How did they get my name? An exploratory investigation of consumer attitudes toward secondary information use. MIS Quarterly, 17(3), 341–362.
https://doi.org/10.2307/249775
Culnan, M. J. (2000). Protecting privacy online: Is self-regulation working? Journal of Public Policy & Marketing, 19(1), 20–26. https://doi.org/10.1509/jppm.19.1.20.16944
Culnan, M. J., & Bies, R. J. (2003). Consumer privacy: Balancing economic and justice considerations. Journal of Social Issues, 59(2), 323–342. https://doi.org/10.1111/1540-4560.00067
D’Adamo, I., Rosa, P., & Sassanelli, C. (2023). The Analytic Hierarchy Process as an innovative way to enable stakeholder engagement for sustainability reporting in the food industry. Environment, Development and Sustainability, 25, 15025–15042. https://doi.org/10.1007/s10668-022-02700-0.
Dias Jr, A., & Ioannou, P. G. (1996). Company and project evaluation model for privately promoted infrastructure projects. Journal of Construction Engineering and Management, 122(1), 71–82. https://doi.org/10.1061/(ASCE)0733-9364(1996)122:1(71)
Deloitte Insights. (2024, November 19). Deepfake disruption: A cybersecurity-scale challenge and its far-reaching consequences.
https://www2.deloitte.com/us/en/insights/industry/technology/technology-media-and-telecom-predictions/2025/gen-ai-trust-standards.html
Dhirani, L. L., Mukhtiar, N., Chowdhry, B. S., & Newe, T. (2023). Ethical dilemmas and privacy issues in emerging technologies: A review. Sensors, 23(3), 1151.
https://doi.org/10.3390/s23031151
DLA Piper. (2023 January). DLA Piper GDPR fines and data breach survey. https://www.dlapiper.com/en/insights/publications/2023/01/dla-piper-gdpr-fines-and-data-breach-survey-january-2023
Eke, D., & Stahl, B. (2024). Ethics in the governance of data and digital technology: An analysis of European data regulations and policies. Digital Society, 3(1), 11. https://doi.org/10.1007/s44206-024-00101-6.
Falana, O. J., Ojeaga, T., Naeem, H., Aborisade, D. O., Alsirhani, A., Alserhani, F., & Alserhani, F. (2024). FHG-PR: A hybridized fuzzy-AHP and game theory model for assessing privacy risk on social media platforms. Frontiers in Computer Science, 6, 1–18. https://doi.org/10.3389/fcomp.2024.1389223
Fassnacht, M., Leimstoll, J., Benz, C., Heinz, D., & Satzger, G. (2024). Data sharing practices: The interplay of data, organizational structures, and network dynamics. Electronic Markets, 34(1), 47. https://doi.org/10.1007/s12525-024-00732-0.
Fernando, J., & Wickramasinghe, S. (2022). Sri Lanka personal data protection legislation–An overview. https://dx.doi.org/10.2139/ssrn.4246818
Fox, G., Lynn, T. & Rosati, P. (2022). Enhancing consumer perceptions of privacy and trust: a GDPR label perspective. Information Technology & People, 35(8), 181–204. https://doi.org/10.1108/ITP-09-2021-0706
Greenleaf, G. (2022). Sri Lanka’s personal data protection act is finalized with a stronger DPA, 177 Privacy Laws & Business International Report 25-27, UNSW Law Research Paper No. 22–53. http://dx.doi.org/10.2139/ssrn.4181012
Gurung, A. & Raja, M.K. (2016). Online privacy and security concerns of consumers. Information and Computer Security, 24(4), 348–371. https://doi.org/10.1108/ICS-05-2015-0020.
Hiller, J. S., & Cohen, R. (2001). Internet law and policy. Prentice-Hall.
Ishizaka, A., & Labib, A. (2011). Review of the main developments in the analytic hierarchy process. Expert Systems with Applications, 38(11), 14336-14345.
https://doi.org/10.1016/j.eswa.2011.04.143
Kabir, G., & Hasin, M. A. A. A. (2011). Evaluation of customer-oriented success factors in mobile commerce using fuzzy AHP. Journal of Industrial Engineering and Management (JIEM), 4(2), 361–386. https://doi.org/10.3926/jiem..v4n2.p361-386
Kahraman, C., Cebeci, U., & Ruan, D. (2004). Multi-attribute comparison of catering service companies using fuzzy AHP: The case of Turkey. International Journal of Production Economics, 87(2), 171–184.
https://doi.org/10.1016/S0925-5273(03)00099-9
Khan., M. (2021). Data minimization – a practical approach. https://www.isaca.org/resources/news-and-trends/industry-news/2021/data-minimization-a-practical-approach
Khan, M. Z., Shoaib, M., Husain, M. S., Ul Nisa, K., & Quasim, M. T. (2024). Enhanced mechanism to prioritize the cloud data privacy factors using AHP and TOPSIS: A hybrid approach. Journal of Cloud Computing, 13, 42. https://doi.org/10.1186/s13677-024-00606-y
KPMG. (2024, September), KPMG global tech report. https://kpmg.com/kpmg-us/content/dam/kpmg/corporate-communications/pdf/2024/KPMG%20tech%20report%202024_US%20Market.pdf
Kumar, R., Bilga, P. S., & Singh, S. (2017). Multi objective optimization using different methods of assigning weights to energy consumption responses, surface roughness and material removal rate during rough turning operation. Journal of Cleaner Production, 164, 45–57. https://doi.org/10.1016/j.jclepro.2017.06.077
Liu, Y., Eckert, C. M., & Earl, C. (2020). A review of fuzzy AHP methods for decision-making with subjective judgements. Expert Systems with Applications, 161, 113738.
https://doi.org/10.1016/j.eswa.2020.113738
Liu, Y., Tse, W. K., Kwok, P. Y., & Chiu, Y. H. (2022). Impact of social media behavior on privacy information security based on Analytic Hierarchy Process. Information, 13(6), 280. https://doi.org/10.3390/info13060280
Lutz, C., Hoffmann, C. P., Bucher, E., & Fieseler, C. (2018). The role of privacy concerns in the sharing economy. Information. Communication & Society, 21(10), 1472–1492. https://doi.org/10.1080/1369118X.2017.1339726
Majumder, M. (2015). Multi Criteria Decision Making. In Impact of Urbanization on Water Shortage in Face of Climatic Aberrations, SpringerBriefs in Water Science and Technology, (pp. 35–47). Springer. https://doi.org/10.1007/978-981-4560-73-3_2
Martin, K. (2018). The penalty for privacy violations: How privacy violations impact trust online. Journal of Business Research, 82, 103–116. https://doi.org/10.1016/j.jbusres.2017.08.034
Martin, K., & Murphy, P. E. (2017). The role of data privacy in marketing. Journal of the Academy of Marketing Science, 45(2), 135–155. https://doi.org/10.1007/s11747-016-0495-4
Martín-Peña, M. L., Lorenzo, P. C., & Meyer, N. (2024). Digital platforms and business ecosystems: a multidisciplinary approach for new and sustainable business models. Review of Managerial Science, 1-18. https://doi.org/10.1007/s11846-024-00772-y
Mattsson, U. (2020). Practical data security and privacy for GDPR and CCPA. ISACA Journal, 3(3). https://www.isaca.org/resources/isaca-journal/issues/2020/volume-3/practical-data-security-and-privacy-for-gdpr-and-ccpa
McKinsey & Company. (2022, April 27). The consumer data opportunity and the privacy imperative. https://www.mckinsey.com/capabilities/risk-and-resilience/our-insights/the-consumer-data-opportunity-and-the-privacy-imperative
Nissenbaum, H. (2004). Privacy as contextual integrity. Washington Law Review, 79, 119. https://digitalcommons.law.uw.edu/wlr/vol79/iss1/10
Nooren, P., Van Gorp, N., van Eijk, N., & Fathaigh, R. Ó. (2018). Should we regulate digital platforms? A new framework for evaluating policy options. Policy & Internet, 10(3), 264–301. https://doi.org/10.1002/poi3.177
Okoli, C., & Pawlowski, S. D. (2004). The Delphi method as a research tool: an example, design considerations and applications. Information & Management, 42(1), 15–29.
https://doi.org/10.1016/j.im.2003.11.002
Palmer, B. W. (2021). Informed consent. In S. Panicker & B. Stanley (Eds.), Handbook of research ethics in psychological science (pp. 55–71). American Psychological Association. https://doi.org/10.1037/0000258-004
Padilla, J., Piccolo, S., & Vasconcelos, H. (2022). Business models, consumer data and privacy in platform markets. Journal of Industrial and Business Economics, 49(3), 599–634. https://doi.org/10.1007/s40812-022-00218-0.
Peppard, J., & Ward, J. (2016). The strategic management of information systems: Building a digital strategy. John Wiley & Sons.
Prince, C., Omrani, N. & Schiavone, F. (2024). Online privacy literacy and users’ information privacy empowerment: the case of GDPR in Europe. Information Technology & People, 37(8), 1–24. https://doi.org/10.1108/ITP-05-2023-0467
Prayogo, D. H., Santoso, A. S., & Wibowo, A. (2024). The key factors for improving returns management in e-commerce in Indonesia from customers’ perspectives—An AHP approach. Sustainability, 16(17), 7303. https://doi.org/10.3390/su16177303
Quach, S., Thaichon, P., Martin, K. D., Weaven, S., & Palmatier, R. W. (2022), Digital technologies: tensions in privacy and data. Journal of the Academy of Marketing Scences, 50, 1299–1323. https://doi.org/10.1007/s11747-022-00845-y
Rahnama, H., & Pentland, A. (2022). The new rules of data privacy. Harvard Business Review, 25.
Rochet, J. C., & Tirole, J. (2003). Platform competition in two-sided markets. Journal of the European Economic Association, 1(4), 990–1029. https://doi.org/10.1162/154247603322493212
Rowe, G., & Wright, G. (1999). The Delphi technique as a forecasting tool: issues and analysis. International Journal of Forecasting, 15(4), 353–375.
https://doi.org/10.1016/S0169-2070(99)00018-7
Saaty, T. L. (1977). A scaling method for priorities in hierarchical structures. Journal of Mathematical Psychology, 15(3), 234–281.
https://doi.org/10.1016/0022-2496(77)90033-5
Saaty, T. L., & Vargas, L. G. (1991). Prediction, projection, and forecasting: applications of the analytic hierarchy process in economics, finance, politics, games, and sports. SpringerNature Link.
Saaty, T. L. (2008). The analytic hierarchy and analytic network measurement processes: applications to decisions under risk. European Journal of Pure and Applied Mathematics, 1(1), 122–196.
https://doi.org/10.29020/nybg.ejpam.v1i1.6
Sargiotis, D. (2024). Data security and privacy: Protecting sensitive information. In Data Governance (pp. 217–245). Springer. https://doi.org/10.1007/978-3-031-67268-2_6
Shokri, R., & Shmatikov, V. (2015). Privacy-preserving deep learning. Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, 1310–1321. https://doi.org/10.1145/2810103.2813687
Smith, H. J., Dinev, T., & Xu, H. (2011). Information privacy research: An interdisciplinary review. MIS Quarterly, 35(4), 989–1015. http://dx.doi.org/10.2307/41409970
Soleimani, M. (2022). Buyers’ trust and mistrust in e-commerce platforms: a synthesizing literature review. Information Systems and e-Business Management, 20(1), 57–78.
https://doi.org/10.1007/s10257-021-00545-0
Stabauer, M. (2019). The effects of privacy awareness and content sensitivity on user engagement. In F.H. Nah, K. Siau. (Eds.) HCI in Business, Government and Organizations. Information Systems and Analytics. HCII 2019. Lecture Notes in Computer Science, 11589, 242 – 255. Springer. https://doi.org/10.1007/978-3-030-22338-0_20
Stalla-Bourdillon, S. (2014). Privacy versus security… are we done yet?. Springer. https://ssrn.com/abstract=2493109
Solove, D. J. (2006). A taxonomy of privacy, 154 U. Pa. L. Rev. 477 (2006). https://scholarship.law.upenn.edu/penn_law_review/vol154/iss3/1
Su, Y., & Jin, L. (2022). The impact of online platforms’ revenue model on consumers’ ethical inferences. Journal of Business Ethics, 1-15. https://doi.org/10.1007/s10551-021-04798-0
Taddeo, M., & Floridi, L. (2018). How AI can be a force for good. Science, 361(6404), 751–752. https://doi.org/10.1126/science.aat5991
Taherdoost, H. (2023). Legal, regulatory, and ethical considerations in e-business. In E-Business Essentials. EAI/Springer Innovations in Communication and Computing, 379–402. Springer. https://doi.org/10.1007/978-3-031-39626-7_15.
Tavares, R. M., Tavares, J. L., & Parry-Jones, S. L. (2008). The use of a mathematical multicriteria decision-making model for selecting the fire origin room. Building and Environment, 43(12), 2090– 2100. https://doi.org/10.1016/j.buildenv.2007.12.010
Täuscher, K., & Laudien, S. M. (2018). Understanding platform business models: A mixed methods study of marketplaces. European Management Journal, 36(3), 319–329.
https://doi.org/10.1016/j.emj.2017.06.005
Tenopir, C., Rice, N. M., Allard, S., Baird, L., Borycz, J., Christian, L., ... & Sandusky, R. J. (2020). Data sharing, management, use, and reuse: Practices and perceptions of scientists worldwide. PloS One, 15(3), e0229003. https://doi.org/10.1371/journal.pone.0229003.
Tsai, H. Y., Chang, C. W., & Lin, H. L. (2010). Fuzzy hierarchy sensitive with Delphi method to evaluate hospital organization performance. Expert Systems with Applications, 37(8), 5533–5541. https://doi.org/10.1016/j.eswa.2010.02.099
Tufekci, Z. (2008). Can you see me now? Audience and disclosure regulation in online social network sites. Bulletin of Science, Technology & Society, 28(1), 20–36.
Van Laarhoven, P. J., & Pedrycz, W. (1983). A fuzzy extension of Saaty's priority theory. Fuzzy Sets and Systems, 11(1-3), 229–241.
https://doi.org/10.1016/S0165-0114(83)80082-7
Van Looy, A., Poels, G., & Snoeck, M. (2017). Evaluating business process maturity models. Journal of the Association for Information Systems, 18(6), 1.
https://doi.org/10.17705/1jais.00460
Vaidya, O. S., & Kumar, S. (2006). Analytic hierarchy process: An overview of applications. European Journal of Operational Research, 169(1), 1–29.
https://doi.org/10.1016/j.ejor.2004.04.028
Vijayasarathy, L. R. (2004). Predicting consumer intentions to use on-line shopping: the case for an augmented technology acceptance model. Information & Management, 41(6), 747–762. https://doi.org/10.1016/j.im.2003.08.011
Wang, R. J. H. (2020). Branded mobile application adoption and customer engagement behavior. Computers in Human Behavior, 106, 106245. https://doi.org/10.1016/j.chb.2020.106245
Westin, A. F. (2000). Intrusions. Public Perspective, 11(6), 8–11.
Wind, Y., & Saaty, T. L. (1980). Marketing applications of the analytic hierarchy process. Management Science, 26(7), 641–658.
https://doi.org/10.1287/mnsc.26.7.641
Wisniewski, P.J., Page, X. (2022). Privacy theories and frameworks. In B.P. Knijnenburg, X. Page, P. Wisniewski, H.R. Lipford, N. Proferes, J. Romano (Eds.) Modern socio-technical perspectives on privacy (pp. 15–41). Springer. https://doi.org/10.1007/978-3-030-82786-1_2
Whitman, M. E., & Mattord, H. J. (2022). Principles of information security (7th ed.). Cengage.
Wu, K. W., Huang, S. Y., Yen, D. C., & Popova, I. (2012). The effect of online privacy policy on consumer privacy concern and trust. Computers in Human Behavior, 28(3), 889–897. https://doi.org/10.1016/j.chb.2011.12.008
Xu, H., Dinev, T., Smith, H. & Hart, P. (2008). Examining the formation of individual's privacy concerns: Toward an integrative view. ICIS 2008 Proceedings, 6.
https://aisel.aisnet.org/icis2008/6
Zhou, J., Leung, V. C., & Li, H. (2020). Privacy-preserving technologies for smart cities. IEEE Communications Magazine, 58(6), 20–26. http://dx.doi.org/10.1109/ACCESS.2018.2853985
Issue
Section
Articles
Copyright of all articles published in IJAHP is transferred to Creative Decisions Foundation (CDF). However, the author(s) reserve the following:
- All proprietary rights other than copyright, such as patent rights.
- The right to grant or refuse permission to third parties to republish all or part of the article or translations thereof. In case of whole articles, such third parties must obtain permission from CDF as well. However, CDF may grant rights with respect to journal issues as a whole.
- The right to use all or parts of this article in future works of their own, such as lectures, press releases, reviews, textbooks, or reprint books.
- The authors affirm that the article has been neither copyrighted nor published, that it is not being submitted for publication elsewhere, and that if the work is officially sponsored, it has been released for open publication.
The only exception to the statements in the paragraph above is the following: If an article published in IJAHP contains copyrighted material, such as a teaching case, as an appendix, then the copyright (and all commercial rights) of such material remains with the original copyright holder.
CDF will receive permission for publication of copyrighted material in IJAHP. This permission is not transferable to third parties. Permission to make electronic and paper copies of part or all of the articles, including all computer files that are linked to the articles, for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage.
This permission does not apply to previously copyrighted material, such as teaching cases. In paper copies of the article, the copyright notice and the title of the publication and its date should be visible. To copy otherwise is permitted provided that a per-copy fee is paid.
To republish, to post on servers, or redistribute to lists requires that you post a link to the IJAHP article, which is available in open access delivery mode. Do not upload the article itself.
Authors are permitted to present a talk, based on a paper submitted to or accepted by IJAHP, at a conference where the paper would not be published in a copyrighted publication either before or after the conference and where the author did not assign copyright to the conference or related publisher.