Many users welcome personalized services, but are reluc-tant to provide the information about themselves that personalization requires. Performing personalization exclusively at the client side (e.g., on one’s smartphone) may conceptually increase privacy, because no data is sent to a remote provider. But does client-side personalization (CSP) also increase users’ perception of privacy?

We developed a causal model of privacy attitudes and behaviors in personalization, and validated it in an experi-ment that contrasted CSP with personalization at three remote providers: Amazon, a fictitious company, and the “cloud”. Participants gave roughly the same amount of personal data and tracking permissions in all four condi-tions. A structural equation modeling analysis shows the reasons: CSP raises the fewest privacy concerns, but does not lead in terms of perceived protection and satisfaction. However, we found that adding security features in CSP will raise its perceived protection significantly. Our model predicts that CSP will then sharply improve on all other privacy measures as well.