International Journal of Communication

Following the notion that both individual privacy attitudes and (national) privacy regulation need to be addressed when understanding the privacy governance system, this article focuses on the relationship between information privacy risk perceptions and regulation preferences in two regulatory systems: Germany and the United States. Empirically, the study relies on semistructured interviews with German and U.S. smartphone users (N = 55). We analyze privacy risk perceptions and perceived control over privacy (RQ1), carving out four domains of privacy risks (governmental, criminal, and commercial misuse, as well as social risks). Furthermore, we focus on preferences for privacy regulation (RQ2), investigating preference for do-it-yourself privacy, as well as state- and market-based regulation. Findings support the notion that while privacy risks are shared among German and U.S. participants, U.S. users feel more in control over their data. A discrepancy between German and U.S. users with respect to their preferences for state- versus market-based regulation also exists.