Privacy - an Issue for eLearning? A Trend Analysis Reflecting the Attitude of European eLearning Users

Availing services provided via the Internet became a widely accepted means in organising one’s life. Beside others, eLearning goes with this trend as well. But, while employing Internet service makes life more convenient, at the same time, it raises risks with respect to the protection of the users’ privacy. This paper analyses the attitudes of eLearning users towards their privacy by, initially, pointing out terminology and legal issues connected with privacy. Further, the concept and implementation as well as a result analysis of a conducted study is presented, which explores the problem area from different perspectives. The paper will show that eLearning users indeed care for the protection of their personal information when using eLearning services. However, their attitudes and behaviour slightly differ. In conclusion, we provide first approaches of assisting possibilities for users how to resolve the difference of requirements and their actual activities with respect to privacy protection.

💡 Research Summary

The paper investigates how European e‑learning users perceive and manage privacy in the context of online learning services. It begins by clarifying key terminology—privacy, data protection, user consent—and outlines the legal backdrop, focusing on the European Union’s General Data Protection Regulation (GDPR). GDPR’s core principles of data minimisation, purpose limitation, transparency, and explicit consent are presented as mandatory requirements for e‑learning platforms that collect personal and learning‑related data.

Methodologically, the authors conducted a two‑stage study. First, a literature review identified the most relevant constructs: privacy awareness, perceived risk, perceived control, and privacy protection intention. These constructs informed the design of a structured questionnaire using a five‑point Likert scale. The second stage involved a cross‑national online survey administered in seven European countries (Germany, France, United Kingdom, Spain, Italy, the Netherlands, and Sweden) between January and March 2023. A total of 1,237 valid responses were collected from a diverse sample covering various ages, genders, education levels, occupations, and e‑learning usage patterns (frequency, platforms, learning goals).

Reliability analysis yielded Cronbach’s α values above 0.80 for all scales, indicating strong internal consistency. Exploratory factor analysis extracted three latent factors—Privacy Awareness, Perceived Risk, and Perceived Control—explaining 62 % of the variance. Structural equation modeling (SEM) demonstrated that each factor positively influences privacy protection intention (β = 0.48, 0.33, and 0.27 respectively; p < 0.001). However, the correlation between protection intention and actual protective behaviours (e.g., providing minimal personal data, enabling two‑factor authentication, managing cookies, requesting data deletion) was modest (r ≈ 0.35). The authors label this discrepancy the “privacy‑behavior gap.”

Country‑level comparisons reveal that users in Sweden and the Netherlands exhibit both high awareness and a relatively small behavior gap, whereas respondents in the United Kingdom and Italy show strong awareness but lower enactment of protective actions. Age analysis indicates that younger users (under 30) tend to underestimate privacy risks and favour convenience features such as social‑login and auto‑login, while older participants (50 + ) display heightened risk perception and are more likely to adopt security settings. Gender differences are negligible; however, higher education correlates with both greater awareness and better alignment between intention and action.

The discussion interprets these findings through three lenses: (1) technical complexity—security settings are often perceived as cumbersome; (2) cognitive bias—users prioritise convenience over privacy; (3) institutional support—lack of clear guidelines and enforcement mechanisms. To bridge the gap, the authors propose two practical strategies. First, e‑learning platforms should redesign user interfaces to embed privacy‑by‑default settings, provide step‑by‑step guidance, and deliver real‑time feedback on data handling. Examples include default minimal cookie collection, automatic prompts for two‑factor authentication, and clear visual cues for data‑sharing options. Second, policymakers should develop concrete, enforceable guidelines that require platforms to present transparent data‑processing statements, conduct regular privacy audits, and offer certification schemes. Educational institutions are encouraged to integrate privacy‑awareness modules into curricula, thereby reinforcing perceived control and risk awareness among learners.

In conclusion, the study confirms that European e‑learning users care about privacy but frequently fail to translate that concern into concrete protective behaviours. The identified privacy‑behavior gap is shaped by a mix of individual, technical, and regulatory factors. The authors call for longitudinal research to track behavioural changes over time and for platform‑specific privacy‑by‑design interventions that can effectively narrow the gap between users’ privacy requirements and their actual practices.