In the context of the Industrial Revolution 4.0 with the Internet of Things, online platforms, especially social networks, have grown constantly and play an important part in people’s lives, making the issue of data security increasingly important and urgent. This study focuses on users' perception of data security risks, and to learn and measure the influencing factors in the process of risk perception formation in relation to perceived benefits and behaviours of sharing information on social networks. The survey of 419 users in metropolitan cities in Northern Vietnam was conducted and results showed that social media users of different generations have distinctive risk perception, resulting in different information-sharing intentions and behaviours. The authors applied SPSS 26.0 software to evaluate the scale reliability based on Cronbach's Alpha test, exploratory factor analysis EFA, confirmatory factor analysis CFA and structural equation modelling SEM, One-way ANOVA test. The findings show that the scales are reliable and the hypotheses are accepted. The study thereby aims at proposing strategic suggestions for businesses on marketing solutions, recommendations for consumers and authorities on creating fair legal corridors to facilitate the businesses’ development.

The remarkable development of science - technology has been opening up great opportunities and breaking boundaries. Along with the great possibilities come the limitations in other aspects of life. While the Industrial Revolution 4.0 had an impact on human rights to some extent in terms of both legislation and implementation, the development of the internet and social networks posed various legal challenges to the process of recognition and assurance of human rights in Vietnam. Regarding privacy, certain new issues related to personal data protection rights, the right to be forgotten (droit a loubli) require codification with legal provisions, which Vietnam has yet to pass any separate privacy law to regulate, despite being mentioned in the 2013 Constitution. As mentioned above, technology has enabled many actors, including governments and companies, to collect data, track and monitor conversations, exchanges, commercial transactions and other activities of service users, which raised the question of their personal privacy being violated and can worsen the power imbalance between individual users and institutions. The issue of whether users are aware of data security and privacy or not has become so urgent that it affects not only the users themselves but also other involved parties. Although there have been several conducted studies on data security and the process of perceiving those risks, some of which aimed at learning the subject’s impact within the context of social networks, there are still limitations on the number of research works being done, as well as the scope of the study. Based on such a study gap, this research paper is done to study the Influences of data security risk perception on the behavior of sharing information on social media by residents of metropolitan areas in Northern Vietnam, thereby giving important user insights and raising the users’ awareness of the mentioned subject.

Two classical models were used to measure behaviour intention as follows:

Theory of reasoned action - TRA

The Theory of Reasoned Action was first developed in 1967 by Fishbein, and then modified and extended [1]. According to this theory, the individuals have the basis and motivation in their decision-making process and make a reasonable choice among the best solutions and tools to judge whether their behaviour is an intention which is determined by their behavioural intention (BI). Behavioural intention will be influenced by attitudes and subjective norms to behavioural intention (Figure 1).

Figure 1: Theory of reasoned action – TRA model.

Theory of planned behaviour – TPB

Developed from the Theory of Reasoned Action [1]. This theory was created due to limitations of the previous theory on assuming that human behaviour is purely due to rational control. Similar to TRA, the central factor of the Theory of Planned Behaviour is the individual’s intention to perform a certain behaviour (Figure 2).

Figure 2: Theory of planned behaviour - TPB model.

The information seeking has positive impacts on systematic information processing. The demand for information stimulates people to seek and process the information systematically. Its work’s findings also revealed that the higher the intent to seek information, the more thorough and systematic the information processing will be (Figure 3).

Figure 3: Model.

Based on the above mentioned theories, the following hypotheses were built in order to re-check the relationship between systematic information processing, risk perception, benefit perception and information sharing behaviour on social media.

H1: Perceived knowledge about data security has a negative impact on users’ lack of information about data security on social media

The concept of gaps, or lack of knowledge, as defined in the work on “interplay between knowledge gap and perceived risk in motivating risk information seeking” (Shadi Shakeri, Nicholas Evangelopoulos and Oksana Zavalina) are related to the concept of lack of information, used in the Risk Information Seeking and Processing model (RISP), and The Planned Risk Information Seeking model (PRISM) [2]. Lack of information is defined as the difference between an individual’s current knowledge and the amount of information he/she deems necessary, in order to deal with a given situation (ie, well-informed). However, the knowledge gap, as defined herein, refers to realizing such differences. In view of lack of information, a more cognitive approach to information gap is adopted, removing emotional factors. The current study has been carried out based on the classical concept of knowledge gap as a cognitive-emotional driver for information seeking.

H2: Perceived knowledge on data security has negative impacts on information seeking about data security on social networks

According to people rarely need information for information only, but they need it as a means to serve different purposes [3]. The works in health risks confirm that people actively seek information on risks they are aware that they are facing a crucial decision i.e. when topics become relevant and important for them. The Information Searching Process Model claims that the information searching is initiated when a person becomes aware about the lack of information he or she needs in order to understand a problem or perform a specific activity. Focusing on this cognitive aspect of the information searching process, ASK (Anomalous State of Knowledge) model also states that the gap between the available information and the desired one reflects a person’s information needs, motivating him/her to seek information [4,5].

H3: Information insufficiency has positive impacts on information seeking about data security on social networks

The concept of Lack of information in the RISP model is derived from the Completeness principle in the heuristic?systematic model of which people are cognitively optimistic and always make the least possible effort however, they can easily try harder if motivated [6,7]. The Completeness principle suggests that people are “capable of trying until they are confident enough that they have well accomplished their set goals”. When an individual’s current knowledge does not meet the level of confidence to fulfil his or her goals, they may fall into a lack of information. Then, according to the RISP model, when such lack of information reaches high enough, such persons start searching for information. In addition, then, he/she is more motivated to participate in systematic processing (in-depth and thorough evaluation of information) rather than in empirical processing (superficial evaluation of information).

H4: Systematic information processing is positively influenced by perceived knowledge about data security

Background knowledge is a factor affecting the hypothetical information processing in the HSM system [8]. The previous literature has shown that the background knowledge has positive impact on the systematic information processing. Trumbo and McComas have shown that people are motivated and capable of applying the systematic strategies to process information as they acquire more knowledge. “Systematic information processing is positively affected by available knowledge” is also supported after accreditation.

H5: Information seeking has impacts on systematic processing

The systematic processing is deliberative and conducted by analysing, comparing, and judging information, whereas heuristic processing is based on simple decision rules to arrive at a judgment [9]. HSM assumes that individuals often perceive things in a simplified way and that heuristic processing is preferred because it requires less effort. However, the heuristic processing tends to make subsequent judgments and behaviours less stable than the systematic one. Therefore, the authors have used the systematic processing to put into the model and test hypotheses [10].

H6: Information insufficiency has impacts on systematic processing

The lack of information is again influenced by affective responses to risks (emotions) and informational subjective norms. Firstly, strong emotional responses such as anxiety or anger are likely to worsen the lack of information, which in turn leads to information seeking. Secondly, the lack of information is influenced by the informational subjective norms. Those norms refer to individuals’ perceptions of whether others think they should know about a particular risk, and the higher they are, the worse the lack of information becomes. Recently, have noted that the informational subjective norms do not only indirectly influence the information searching and processing due to the lack of information but can also directly affect the same [11].

H7: Systematic processing has impacts on perceived risks

Information processing is another determinant of risk perception. The previous scholars have extended the information processing model according to the HSM to figure out influences of the information processing on individuals’ risks.

H8: Systematic processing has impacts on perceived benefits

In the study on “Consumers’ perception and information processing affect their acceptance of genetically modified foods in China: A risk communication perspective'' it was assumed that the benefit perception directly affects the consumers’ purchasing intentions for the same. However, the influence of benefit perception on information processing has not been proposed in previous studies. The perceived benefit has positive impacts on the systematic processing”. The hypothesis set as the following model has been proved to be significant, thereby confirming the relationship of perceived benefits and systematic processing. However, there still exists a research gap in the social network context in Vietnam, so in order to test the relationship between the systematic processing and the perceived values, the authors have made a hypothesis that the systematic processing has impacts on perceived benefits.

H9: Perceived knowledge about data security has positive impacts on data security perceived risks

The studies with various findings have been performed on relationship the perceived knowledge about data security and perceived risks of the same. The work formalized the relationships between the three constructs, by considering knowledge gap as both a cause of perceived risk and a driver for information seeking. The knowledge gap is recognized by individuals when “they encounter differences or lack of awareness in their environment” Many scientific literature has considered uncertainty as a component of perceived risk and have found a link between the knowledge gap and the sense of uncertainty or perceived risk [12]. The study, has hypothesized: The knowledge gap has positive impacts on data security risk perception.

H10: Perceived risks have negative impacts on intention to share information on social networks

According, there are 5 factors of risk perception that often come into mind, consisting of: financial, performance, physical, psychological, and social risk. In addition, pointed out that time risk perception is also an important component of risk perception factor group. The time risk perception is related to the perception of time loss, convenience. The time risk perception is more common in online situations and social media; and many studies have shown that the time/convenience risk is the Consumers’ experience of inconvenience and time consuming due to difficulties in website navigation or data security. In the current growing social network context, users’ sharing information through social networks hides a certain degree of risk.

H11: Data security perceived benefits have positive impacts on a users’ intention to share information on social networks

Intention is seen as a direct predictor of actual behaviour. The stronger a participant’s intention or attempt for behaviour is, the more successful they are expected to be in implementing that behaviour. However, the degree of success will depend not only on one’s wishes or intentions, but also on non-material factors such as availability of necessary opportunities and resources (for example: time, money, skills, cooperation of others, etc.) To the extent that a person has the necessary opportunities and resources and intends to behave, he/she will be successful in executing such behaviour, the intention will be the correct predictor of the actual behaviour [13].

H12: Impact of intention on the behaviour of sharing information on social networks

The intention is a driver of human consciousness to take action [14,15]. The intention to continue sharing information on social networks is what users think they will decide whether to continue sharing information or not argues that intention is considered to be an indicator of the degree of willingness to approach a certain behaviour and their attempt to do the same. In addition, the research model mentioned in H11 also confirms that the intention to share information positively affects information sharing behaviour on online communities. So whether the intention to continue sharing information on social networks really affects the behaviour of sharing the same or not, if so, what is its influence degree, impact on the behaviour? To answer this question, the research team proposed the research hypothesis: Impact of intention on the behaviours of sharing information on social networks.

From actual growth of social networking associated with the risks of data security and the necessity for research on influences of data security risks on users’ use of social networks, together with summary of the works of previous scholars, the research team has proposed the following model (Figure 4).

Figure 4: Proposed research model

Data collection method

The secondary data used in the study are collected from statistics from various sources such as the Ministry of Information and Communications, Department of Cyber Security, etc. through previous relevant domestic and international research papers, reports, documents, theses on data security perceived risk and information sharing on social networks: factors and theories that have been given and proven previously to have impacts on the users’ behaviour of sharing information on social networks. The primary data sources are collected by distributing online questionnaires via email and social network groups (Facebook); distributing questionnaires directly in 9 provinces/cities in the Northern Vietnam, consisting of Hanoi, Hai Phong, Vinh Phuc, Bac Ninh, Ha Nam, Thanh Hoa, Thai Binh, Nam Dinh, Quang Ninh. Regarding the survey via email and social networks, the research teams received 450 responses within 4 weeks (After cleaning, there were 419 valid votes) [16].

Data analysis method

Through document review, the research team selected the questionnaires, refined the data, encoded the necessary information in the questionnaire, entered data and analysed the same using SPSS software version 26.0 with the following steps: Making statistics of characteristics of the research samples, assessing scale reliability, testing the scale value by the exploratory factor analysis – EFA which is evaluated through the following criteria: KMO coefficient, Bartlett test, factor load factor and variance extracted, thereby synthesizing main factor groups. Then, the scale was tested by confirmatory factor analysis - CFA and structural equation modelling SEM to check the model’s appropriateness and the research hypotheses. Finally, the One-way ANOVA test was carried out. The study thereby tested the hypotheses given at the beginning and assessed the regulatory effects on the user’s behaviour of information sharing on social networks. The study learned 419 respondents’ opinions related to the criteria of factors affecting information sharing behaviour. The scale using SPSS software initially 419 respondents initially shows that the variable RISK6 is removed because it fails to meet the scale reliability requirement which requires all variables to be within the allowable confidence level (Cronbach's Alpha coefficient > 0.6 and load factor > 0.5). After removing non-conforming variables, the remaining variables were tested for the scale by CFA method. The CFA test results of all groups of variables are consistent with market data and differentiated value is reached because the correlation coefficient between the variables is less than 0.9 [17-19].

Analysis of synthetic reliability test results and variance extracted

The synthesis results of assessing the scale reliability are qualified, so the authors can continue to analyse in the SEM model based on SEM indexes, consisting of TLI = 0.988, IFI = 0.919, CFI = 0.918, GFI = 0.875, CMIN/df = 1.856 and RMSEA = 0.045, although the variance extracted of the SP variable is slightly low. Based on the calculations of the synthesis reliability and the variance extracted, it is concluded that the research concepts have achieved differentiated values (Table 1).

Table 1: Calculation of synthetic reliability and variance extracted.

Analysis of research hypotheses test results

Figure 5: SEM model.

In addition to the SEM test results, the hypotheses also show (Figure 6).

Figure 6: Research hypotheses test results.

Based on the results shown in the figure above, all the hypotheses are accepted and statistically significant with P-value of less than 5%. There are 3 easily recognizable negative correlations which are Perceived knowledge about Data Security towards Information Seeking and Information Insufficiency (-0.144 and -0.225); Risk awareness towards Users’ intention to share information on social networks (-0.132). For the remaining relationships, the user’s behaviour of sharing information on social networks is most strongly influenced by their intention to share information (regression index reaches 0.657). And the Data Security Perceived Risk gets the least positive impact from the Perceived Knowledge about Data Security. It can be seen that information processing positively affects data security risks and benefits perception. In addition, the perceived benefits have positive impacts on the information sharing intention while the perceived risk has negative impacts on the same. The more users become aware of the possible risks of information sharing, the more they consider their intentions. The information sharing intention has positive impacts on the information sharing behaviour and has the strongest impact (0.657).

Analysis of test results of hypotheses about differences between factors in the research model

When testing the differences among different generations of the factors in the research model, the authors concluded that all judgments, except for that related to the systematic processing, are true. However, there is still a need for more representative studies with more practical questions which better describe meanings of the factors in order to have more evidence to support these judgments (Table 2).

Table 2: Test results of hypotheses about differences between factors in the research model.

For users-For Baby Boomer generation (those born between 1955 and 1964): Baby Boomers are the oldest generation to participate in this study and one with the latest and shortest time exposed to technology and social media. Due to their generational characteristics, Baby Boomers did not pay much attention to issues related to technology or social networks, nor did they have many opportunities to access and adopt the new “tricks”, which results in their little knowledge about the risks of information sharing on social networks, especially in Vietnam. It is suggested that Baby Boomers limit the risks of using social networks by learning more about personal data security on social networks through their younger family members or acquaintances, such as the Z Generation who are highly quick with social media.

For X Generation (those born between 1965 and 1979): Generation X, like Baby Boomers, are suggested to seek more information upon data security on social networks from various sources. In today’s world where the tool of social listening is being fully utilized to collect users’ data through their digital footprints, personal information is even more vulnerable.

For Y Generation (those born between 1980 and 1994): Born and raised in the era of the Internet, the Y Generation is, to some extent, exposed to technology which has, in turn, partly influences their behaviour. According to the data output, Generation Y is the most aware of the risks, negative perspectives, and consequences of information sharing on social networks, leading to their needing to seek more knowledge. Therefore, the study recommends that Y Generation continue to learn more about the issue to perform rational intentions and behaviours on social networks, and prevent risks of data security violation from business, organizations, or third parties.

For Z Generation (those born between 1995 and 2008): Born and currently living in the era of digital technology development, which comes with a gigantic amount of data, Generation Z is forced to make more efforts in seeking and selecting information. The Z Generation should enrich their knowledge about data security, specifically on privacy policies and how to secure their data since the current technology world is rapidly changing day by day.

For businesses

Recently, CSR (Corporate Social Responsibility) is very popular and has been widely applied in many companies, proving its power in long-term growth, which requires special attention from businesses in general and those operating on social networking platforms. In terms of CSR, protection of customers’ personal information for businesses in the 4.0 era should ensure the following aspects:

Firstly, it should be aimed at realizing the compliance of the business with social network users through its commitments to protecting personal information as well as enhancing security. In addition to good protection of users’ data, the businesses need to eliminate violations to the users’ data.

Secondly, in terms of information transparency: Social networking platforms should develop and declare their information protection policies on websites. In this policy, the businesses should clearly state their purpose of collecting personal information, commitments to personal information protection and confidentiality, and corporate responsibilities for disclosure of personal information, etc.

Thirdly, the corporate social responsibility is not about flashy, attention-grabbing activities but the true act of protecting its customers. In the field of social networks, CSR can come from the deed of actively tightening privacy terms and policies. Setting up a “barrier” to secure users’ data will help users feel more secure and safe on the social networking platform.

Fourthly, to organize propaganda and education activities for everyone about network security, how to protect their data when using social networking platforms. Today, social networking has become an indispensable need in every person’s life; the social networks are used anytime, anywhere.

In addition to CSR activities, the businesses should also increase their security system to avoid attacks, minimize cyber frauds and comply with policies and laws enacted by authorities to avoid unfortunate circumstances such as lawsuits between users and social networking platforms.

For state management agency

Firstly, it is necessary to build a unified law for this issue to overcome the current dissipation of many documents and concretize and supplement stronger and stricter legal enforcement institutions. Secondly, there should be a national data strategy that serves as the foundation for an overall national action framework, which covers coherent coordination of all three sectors: public, business, and social functions. The introduction of good policies for the users’ interest protection will contribute to increasing their trust in social networks, thereby promoting the development and sharing of information on social networks. The government, agencies, departments, and ministries should focus on researching and proposing policies for social network users’ personal information and data protection. Also, effective channels should be built to help users easily access, reflect and receive information such as Facebook pages, Official portals of Ministries, Agencies, and Departments. The management agencies and authorities should have solutions to raise users’ awareness of the importance of information security on social networks. The Ministry of Information and Communications should have policies and reforms to facilitate the businesses to enter the Vietnamese market, and those who have been involved or will be involved in cyber security. Besides, there should also be regulations and penalties for social networks which work with a third party to illegally use their users’ information; prevent unauthorized access and attacks of other types on the internet.

The research results show that all hypotheses are accepted in this study. There are 3 hypotheses with negative correlation, which are H1 - information seeking, H2 - perceived knowledge about data security, showing the impact of background knowledge about data security on the lack of information and information seeking; and hypothesis H10 data security perceived risk has negative impacts on the users intention of information sharing on social networks. The variable of intention has the strongest impact on the behaviour of information sharing on social networks, reaching 65.7%. In the last part, the authors test the differences of factor groups among different generations. The results show that except for the Systematic Processing, the remaining factors have differences among the four targeted generations (Baby Boomers, X, Y, and Z generations). The data was collected in metropolitan areas in Northern Vietnam however, respondents are focused in the central cities such as Hanoi and Hai Phong. These are developed cities, where people are familiar with using social networks in general and information sharing behaviours in particular and already had a certain level of perception about the risks of data security on social networks. As such, the authors, thereby, could not conclude the same for other cities/provinces. The study also had difficulty in examining subjects for generations as it was carried out in the Covid-19 outbreak and social distancing, leading to obstacles in in-depth research. All of these can make this study less comprehensive and representative for all generations. Despite the above limitations, it is expected that future studies will overcome these problems and bring innovative findings in this regard

Thank you editors, friends and Mr Dinh Tran Ngoc Huy to assist this publication.

1. Ajzen I. From intentions to actions: A theory of planned behaviour. Action Control. 1985; 11-39.
2. Agarwal S, Teas RK. Cross-national applicability of a perceived quality model. J Product Brand Management. 2002; 11: 213-236.
3. Atkin CK. Instrumental utilities and information seeking. In P Clarke edition new models for mass communication research. Beverly Hills, CA. Sage Pub. 1973; 205-242.
4. Afifi WA, Weiner JL. Toward a theory of motivated information management. Commun Theory. 2004; 14: 167-190.
5. Andreassen TW, Lindestad B. Customer loyalty and complex services. Int J Service Industry Management. 1998; 9: 7-23.
6. Chen S, Duckworth K, Chaiken S. Motivated heuristic and systematic processing. Psychol Inquiry. 1999; 10: 44-49.
7. Chaiken S, Liberman A, Eagly A. Heuristic and systematic processing within and beyond the persuasion context. Northwestern Uni. 1989; 212-252.
8. Bauer RA. Consumer behaviour as risk taking. Dynamic Marketing for a Changing World Proceedings of the 43rd. 1960; 389-398.
9. Bauer RA. Consumer behaviour as risk taking. Risk taking and information handling in consumer behavior. Boston, MA: Harvard University Press. 1960; 23-33.
10. Bhatnagar A, Ghose S. Segmenting consumers based on the benefits and risks of internet shopping. J Bus Res. 2004; 57; 1352-1360.
11. Clarke CE, McComa K. Seeking and processing influenza vaccine information: A study of health care workers at a large urban hospital. Health Communication. 2012; 27: 244-256.
12. Cole C. Information need: a theory connecting information search to knowledge formation by Cole Charles. Medford, NJ: Information Today. J Am Soc Inf Sci Tech. 2021.
13. Cronin JJ, Brady MK, Hult GTM. Assessing the effects of quality, value, and customer satisfaction on consumer behavioural intentions in service environments. J Retailing. 2020; 76: 193-218.
14. Cunningham SM. The major dimensions of perceived risk. Risk taking and information handling in consumer behavior. 1967; 82-108.
15. Huy DTN. Estimating beta of Vietnam listed construction companies groups during the crisis. J Integration Development. 2021; 15: 57-71.
16. Huy DTN, Loan BT, Anh PT. Impact of selected factors on stock price: a case study of Vietcombank in Vietnam. Entrepreneurship Sustainability Issues. 2020; 7: 2715-2730.
17. Huy DTN, Dat PM, Anh PT. Building and econometric model of selected factors impact on stock price: a case study. J Security Sustainability Issues. 2020; 9: 77-93.
18. Huy DTN, Nhan VK, Bich NTN, Hong NTP, Chung NT, Huy PQ, et al. Impacts of internal and external macroeconomic factors on firm stock price in an expansion econometric model, a case in vietnam real estate industry. Data Sci Financial Econ Studies Computational Intelligence. 2021; 898.
19. Tuan PV. Factors hindering the behaviour of purchasing hygiene and safe food by residents of metropolitan areas in Vietnam. J Advanced Res Dynamical Control Systems. 2020.