Methodology & Audit Trail · April 2026

The Iceberg Trust Model — a defensible methodological account

Grounded-Theory Design Science (GTDS): a hybrid of Hevner et al. (2004) and Wolfswinkel, Furtmueller & Wilderom (2013), applied to a 56-source interdisciplinary corpus on digital trust.

01The GTDS hybrid in one page

Grounded-Theory Design Science (GTDS) is a hybrid that resolves a structural problem neither parent method solves alone. Standard DSR informs artifact design through case studies, surveys, or expert interviews — and inherits the perspectival limits of those data sources. Grounded-theory literature review produces categories and constructs but is not committed to a deliverable artifact. GTDS combines them deliberately: the DSR stance constrains coding toward operationalizable constructs; the coding rigor constrains the artifact toward grounding in the literature rather than expert intuition.

What each parent contributes

MethodWhat it contributesWhat it does not provide on its own
Hevner DSR (2004) The artifact orientation: a prescriptive deliverable (constructs, models, methods, instantiations) addressing an important practical problem; the seven guidelines; the build-and-evaluate cycle; the requirement that contributions advance the knowledge base. A procedure for systematically grounding the artifact's content in a multi-disciplinary corpus. DSR's "knowledge base" is presupposed; how to construct it from fragmented literature is left open.
Wolfswinkel et al. (2013) A five-stage procedure for constructing a defensible knowledge base from a corpus of published studies. Three coding phases (open, axial, selective) adapted from Strauss & Corbin (1998), the constant-comparison protocol, the saturation criterion, and the transparency artifacts (Table 2 resource list, Table 4 concept matrix). A commitment to deliver a usable artifact. The output is a synthesized conceptualization; whether and how it is operationalized for practice is outside the method's scope.
GTDS (this work) Both. The DSR cycles host the GT-LR coding stage at Cycle 3. The coding informs the artifact; the artifact constrains the coding. Each tradition's deliverables are produced (Hevner: framework + principles; Wolfswinkel: Table 2 + Table 4 + audit trail). Empirical predictive validation. Construct validity is demonstrated through theoretical grounding and internal consistency; predictive validity is deferred to subsequent empirical work.

The integration architecture

The two traditions are not run in parallel. They are nested: the GT-LR coding procedure executes inside Hevner's third design cycle (Operationalization). The four DSR cycles host the work end-to-end; Cycle 3 is where Wolfswinkel's five stages take place. The integration is therefore not a methodological flourish but a containment: a defined coding procedure sits within a defined design program, and the products of each are addressed to different audiences (DSR products to practitioners; GT-LR products to reviewers).

DSR · 1
Problem
AI value gap framed as trust deficit
DSR · 2
Architecture
Four-layer iceberg by necessity-and-sufficiency analysis
DSR · 3
Operationalization
GT-LR nested here (Wolfswinkel 5 stages)
DSR · 4
Evaluation
Four-criterion evaluation
DSR · ↺
Refinement
Iterative refinement of constructs & cues

Why the hybrid was necessary

The decision to hybridize was driven by two empirical observations during early problem identification, not by methodological preference. First, no single existing trust framework integrated the four levels at which trust phenomena were observed (perceptual, technical, organizational, institutional); the framework had to be constructed, not selected. Pure DSR could not have produced the construct grounding the framework requires, because the relevant constructs sit in disciplines DSR does not by itself synthesize. Second, the existing literature on digital trust was sufficiently mature to support derivation of constructs through coding, but sufficiently fragmented across disciplines that a corpus-based approach was needed rather than a domain-bounded review. Pure grounded theory could not have produced the prescriptive artifact the practical problem demands, because GT-LR halts at theory development and does not commit to operational design.

The hybrid was not a methodological flourish but a response to the structure of the problem and the state of the literature.The author's framing of the GTDS hybrid

02Strauss-Corbin taxonomy: concept · category · construct · cue

Earlier iterations of this page used concept and category as if they were synonyms. They are not, and the difference matters for the audit trail. Strauss & Corbin (1998) define a strict ordering from concepts through categories, and the GTDS work additionally introduces constructs and cues as the operational outputs that make the framework usable. This section fixes the taxonomy and maps each tier onto the work performed.

Tier Strauss-Corbin / Wolfswinkel definition In this study Coding phase that produces it
Concept The smallest analytic unit. An in-vivo or descriptive label attached to a discrete excerpt that captures a single trust-relevant claim. Concepts are differentiating; the goal is to surface as many as the data legitimately produce. Trust-related concepts extracted across seven disciplinary domains plus a transversal eighth (Trust Dynamics & Temporal). The discipline-level tally maintained during coding is preserved in §06. A flat enumeration of every individual code was not preserved as a separate artifact, consistent with Strauss and Corbin's (1998) treatment of open codes as raw material rapidly subsumed into axial categories. Open coding (Phase 1)
Category A higher-order grouping of concepts that share properties and dimensions. Categories carry the analytical weight of relating concepts to each other; they typically have conditions, actions/interactions, and consequences (the Strauss-Corbin paradigm). 15 emergent categories. A first-touch plateau analysis at the 56-source corpus level (§18) finds the 14-of-15 general-trust plateau at source #14 (Lewicki, McAllister & Bies, 1998) and the full 15-of-15 plateau at source #41 (Lankton, McKnight & Tripp, 2015) — the late C15 emergence reflects the historical timing of AI-trust as a distinct research category, not a methodological gap. Axial coding (Phase 2)
Construct A theoretical abstraction selected, refined, and integrated around the core category during selective coding, then committed to as a building block of the prescriptive artifact. Constructs are named, defined, and assigned operational responsibility within the framework. 10 L1 constructs consolidated from the 15 categories through nine documented design decisions (Reciprocity, Brand, Technical Trust Infrastructure, Social Trust Mechanisms, Governance / Resilience & Assurance, Institution-based, Trusting Beliefs Cognitive, Trusting Beliefs Affective, Disposition to Trust, Trusting Intentions & Behaviors). Selective coding (Phase 3) → DSR Cycle 3 commitment
Cue An observable, designable indicator that operationalizes a construct. Cues are not a Strauss-Corbin tier; they are a DSR artifact-level commitment specific to GTDS, in which constructs must be operationalizable. 127 L2 cues distributed across the 10 constructs (e.g., 20 cues for Reciprocity, 18 for Brand, 26 for Governance/Resilience/Assurance). Cue derivation (DSR Cycle 3, downstream of selective coding)

How the taxonomy maps onto the iceberg

Earlier versions of this page applied the word concept to all of the iceberg's elements indiscriminately. The corrected mapping, following the taxonomy above, is:

Iceberg elementTierStatus in the GTDS audit trail
The 4 layers
Agency · Engineering · Governance · Institutional
Architectural categories Selective-coding-level. The four-layer decomposition is the smallest stratification that satisfies the necessity criterion (removing any layer leaves a class of trust phenomena unexplained) against the coded corpus.
The 10 above- and below-waterline elements
R, B, TI, ST, GOV, IB, TB, ATB, DT, TIB
Constructs The framework's L1 building blocks. Each construct has a definition, a primary literature anchor, an academic-grounding rating, a layer assignment, and a set of L2 cues operationalizing it.
The 127 sub-elements
e.g. R01–R20, GOV01–GOV26
Cues Operational indicators. Each carries six fields: cue_id, cue_name, definition, rationale, engender_description, erode_description.
The contextual moderation layer
"the water" — risk, culture, domain, segment
Environmental moderator Not a construct (Decision 6 in the consolidation log). Perceived risk is a property of the situation, not of trustor or trustee; following Mayer et al. (1995, p. 726) and Rousseau et al. (1998, p. 395) it is placed at the waterline as a moderator with four parameters (water depth, temperature, salinity, current).
The dynamic process layer
Trust formation · calibration · repair
Process categories Temporal overlay rather than static constructs (Decision 8). Trust formation maps to Lewicki & Bunker (1995); calibration to Schlicker et al. (2025) and Lee & See (2004); repair to Kim et al. (2004).
A note on Wolfswinkel's wording

Wolfswinkel et al. (2013) sometimes use concept in a wider sense that encompasses both Strauss-Corbin's concepts and categories, following Webster & Watson's (2002) usage of the word. Their concept matrix (Table 4 of their paper) accordingly takes any column-level abstraction — concept, category, or construct — as the unit of mapping. In the matrix supplied in §17 of this document, the columns are constructs (the L1 elements operationalized in the framework), since that is the level at which mapping is most informative. The choice is consistent with Wolfswinkel's permission for the matrix's "concept" columns to be either "concepts" or "categories" depending on the level of abstraction relevant to the review's research questions.

03Hevner DSR — the four cycles

The work iterated through four DSR cycles, following Hevner, March, Park & Ram (2004) and the seven guidelines articulated in their MIS Quarterly essay. Each cycle has a defined input from the prior cycle, a defined output, and a documented commitment that constrains the next cycle. The third cycle is where the Wolfswinkel five-stage GT-LR procedure is hosted; that integration is the substance of the GTDS hybrid.

Cycle 1 — Problem identification

Input: Practitioner observation of recurring AI value-realization failures across financial services, public administration, and consumer-facing AI deployments. Output: A structured framing of the AI value gap as a trust deficit, supported by Acemoglu (2024) on AI macroeconomics, Swiss Fintech Innovations (2025) on the Swiss financial sector's AI production gap, and the World Economic Forum (2022) on digital trust as the binding constraint on AI value realization. Commitment to Cycle 2: the problem is architectural in nature; isolated technical, organizational, or institutional fixes will not close the gap, so the artifact must address all four levels at which trust phenomena were observed.

Cycle 2 — Architecture by necessity-and-sufficiency analysis

Input: The four-level problem framing from Cycle 1. Output: A four-layer architecture (Agency, Engineering, Governance, Institutional) derived through a necessity-and-sufficiency analysis. Each layer is anchored in an established theoretical tradition that supplies its principal vocabulary: Agency in foundational trust theory (Mayer, Davis & Schoorman, 1995; McKnight, Choudhury & Kacmar, 2002) and agency theory (Giddens, 1984; Jensen & Meckling, 1976); Engineering in sociotechnical systems theory and the social-adaptor / social-protector framing (Helbing, 2015); Governance in resilience engineering (Hollnagel, Woods & Leveson, 2006) and complexity-management (Snowden & Boone, 2007); Institutional in regulatory and assurance frameworks (NIST AI RMF, EU AI Act, eIDAS 2.0, FINMA, ALTAI). Necessity: each layer earns its place by accounting for trust phenomena the other layers cannot — removing any layer leaves a class of phenomena unexplained by the remaining three. Sufficiency: the four layers, taken together, must account for all categories observed in the corpus; this property is verified during Cycle 3 axial coding, where every emergent category maps to one of the four layers under the constant-comparison protocol. The architecture is therefore not a free-standing theoretical synthesis but a decomposition tested against the corpus. Commitment to Cycle 3: the four layers must be operationalizable through a defined construct-and-cue scheme, and every coded category must map to exactly one layer without forcing.

Cycle 3 — Operationalization through GT-LR

Input: The four-layer architecture from Cycle 2 and a defined research question ("What architecture engenders and sustains justifiable digital trust in AI systems?"). Output: 10 L1 constructs and 127 L2 cues, derived through Wolfswinkel et al.'s (2013) five-stage grounded-theory literature review applied to a 56-source interdisciplinary corpus. This is the cycle in which the GTDS hybrid is materially executed; §04 of this document sets out the five Wolfswinkel stages as applied. Commitment to Cycle 4: the constructs and cues must be testable for theoretical grounding, internal consistency, coverage of the source concepts, and explanatory adequacy in documented cases.

Cycle 4 — Evaluation against four criteria

Input: The full framework from Cycle 3. Output: Evaluation against four independent criteria, each producing distinct evidence:

  1. Theoretical grounding — every construct is traced to an established literature anchor (see the resource table in §16) or, where relevant, to a regulatory or professional framework synthesis; interpretations of constructs do not contradict their established usage in the source disciplines. The lineage is documented in the concept matrix (§17). The category-level grounding ratings reported in §07 are the researcher's qualitative assessment of evidential strength, not an inter-rater-validated score.
  2. Internal consistency — the four layers do not overlap in ways that would make their architectural separation meaningless; the five derived design principles do not contradict each other when applied in combination. A constant-comparison protocol was applied to detect and resolve boundary cases (documented in the audit trail; see §18).
  3. Coverage — a chronologically ordered plateau analysis on the 56-source corpus confirms that category emergence stabilizes within the corpus: 14 of the 15 axial categories surface within the first 14 sources, the 15th (AI-specific trust dimensions) emerges at source 41, and the remaining 15 sources enrich existing categories without introducing new ones. The plateau analysis is reported in §18.
  4. Practical applicability (explanatory adequacy) — the framework can describe documented trust phenomena. Three illustrative cases — the Swiss e-ID referendum, the Coca-Cola/Apple AI marketing contrast, and the Deloitte Australia incident — were used to demonstrate that the framework can describe documented trust failures in terms practitioners would recognize as accurate. Predictive validity (does the framework predict trust outcomes in fresh cases?) is acknowledged as future work.

The four criteria are independent: a framework can be theoretically grounded yet internally inconsistent, internally consistent yet leave concepts in the corpus unaccounted for, comprehensively cover the corpus yet remain practically inapplicable, or practically applicable yet theoretically ungrounded. The framework satisfies all four by construction, though as §19 acknowledges, full empirical validation across diverse deployment contexts remains future work.

Mapping to Hevner's seven guidelines

#Hevner GuidelineHow it is satisfied here
1Design as an ArtifactThe Multi-Level Digital Trust Framework is a model artifact (per March & Smith, 1995) with 10 constructs and 127 cues, operationalized in a Supabase knowledge graph and rendered through three visualization modes.
2Problem RelevanceThe AI value gap is empirically motivated through Acemoglu (2024), SFTI (2025), and Edelman (2024); the problem is constituent-relevant for AI-deploying organizations and AI governance practitioners.
3Design EvaluationDescriptive and analytical evaluation across four independent criteria: literature-based theoretical grounding (concept matrix), constant-comparison internal-consistency checks, corpus-level coverage through chronological plateau analysis, and three illustrative cases for practical applicability (Hevner et al.'s Table 2: Informed Argument and Scenarios). This is appropriate for an especially innovative artifact for which other forms of evaluation may not yet be feasible (Hevner et al., 2004, p. 86); experimental and longitudinal evaluation methods are deferred to follow-on work.
4Research ContributionsThe framework itself; the five derived design principles; the construct-cue taxonomy added to the design-science knowledge base.
5Research RigorConstruction rigor through the Wolfswinkel-Strauss-Corbin coding procedure and the constant-comparison protocol. Evaluation rigor through the four independent evaluation criteria. Single-coder limitation acknowledged (§19).
6Design as a Search ProcessIterative refinement across the four cycles; nine documented design decisions in the construct consolidation step; relabelling of two constructs (Social Adaptor → Technical Trust Infrastructure; Social Protector → Social Trust Mechanisms) to align with established terminology.
7Communication of ResearchThis page (the standalone methodology and audit trail); the SDS 2026 conference paper; the Iceberg knowledge graph at iceberg.digital.

04Wolfswinkel — five stages, applied

Wolfswinkel et al. (2013) prescribe a five-stage iterative procedure for grounded-theory literature review: Define, Search, Select, Analyze, Present. The procedure is what was executed inside DSR Cycle 3. This section sets out, stage by stage, what was actually done — including, where applicable, which Wolfswinkel recommendation was followed and which was deviated from with explicit justification.

Stage 1 — Define

1.1 Inclusion / exclusion criteria. Sources were included if they (a) addressed at least one of the five trust conceptualizations R1–R5 (see §6), (b) were authored by an academic researcher, an institutional standards body, or a policy authority with peer scrutiny, (c) were in English (with one German-language exception, Ripperger 2003, included for theoretical reach), and (d) were either foundational (≥500 citations for pre-2010 works) or current (post-2020 for AI-specific governance frameworks). Sources were excluded if they were marketing materials, news commentary, or opinion pieces — though several such sources are retained in the resource table marked as excluded from the GT corpus, included for illustrative use, since the chapter's case discussions cite them.

1.2 Fields of research. Seven disciplinary fields were identified: organizational psychology, information systems, economics and signaling theory, AI governance and ethics, human-computer interaction, complexity science and resilience engineering, and legal and regulatory studies. The seven-field span follows Wolfswinkel et al.'s (2013, p. 4) advice that interdisciplinary topics require explicit multi-field framing rather than implicit convergence.

1.3 Sources. Six academic databases were consulted: Scopus, Web of Science, ACM Digital Library, IEEE Xplore, PsycINFO, and Google Scholar. Government and standards bodies (NIST, EU institutions, IIA, OECD, FINMA, W3C, C2PA, Trust over IP Foundation) were consulted directly for institutional sources not indexed in academic databases.

1.4 Search terms. Search strings were constructed around three axes — trust × digital/AI × discipline — using Boolean combinations of: trust, trustworthiness, distrust; digital, AI, artificial intelligence, algorithm*, automation; and discipline-specific anchors (e.g. "organi?ational trust", "e-commerce trust", "technology-mediated trust", "human-AI interaction", "AI governance", "resilience engineering"). The strings listed here are a representative reconstruction of search practice across the iceberg.digital research project, not a verbatim historical record (see Stage 3 below for the full retrospective-reconstruction note). Wolfswinkel et al. (2013, p. 4) explicitly require that "all the used search terms need to be listed in the review article"; the production of an exhaustive per-database query log is identified as an open task for future revisions of this page.

Stage 2 — Search

Searches were executed in three waves. The first wave, organized by the R1–R5 conceptualization framework, retrieved foundational works in each domain; the second wave used backward and forward citation tracing from anchor sources (Mayer et al. 1995; McKnight et al. 2002; Schlicker et al. 2025); the third wave addressed gaps identified during axial coding (e.g. the addition of Affective Trusting Beliefs as a 10th construct triggered targeted searches for McAllister 1995 and Glikson & Woolley 2020). Wolfswinkel et al. (2013, p. 4) explicitly warn against performing forward and backward citation tracking too early — a concern about wasted effort tracking citations of articles that will not be selected — and the three-wave structure addresses that concern by deferring citation tracking until anchor sources are confirmed.

Stage 3 — Select

The selection was iterative, embedded in the broader iceberg.digital research project, and produced 56 sources formally coded against the R1–R5 scaffold drawn from a wider consulted bibliography of approximately 331 sources (Appendix, §21).

A note on retrospective reconstruction

The methodology described in this page is a retrospective reconstruction of selection practice that took place across several years of the iceberg.digital research project. Search strings were used (organized around the three axes listed in §04 Stage 1), the named databases were consulted, and inclusion / exclusion criteria were applied iteratively against the R1–R5 scaffold. What was not maintained during the original work was a Wolfswinkel-style forward-selection log: per-database hit counts, dated query strings, and per-stage attrition tables. The strings listed in §04 Stage 1 are therefore a representative reconstruction of actual search practice rather than a verbatim historical record. Reconstructing per-stage attrition counts post-hoc would introduce recall bias rather than reduce it, and is explicitly not attempted here.

This retrospective approach is methodologically defensible. Sein, Henfridsson, Purao, Rossi & Lindgren (2011, MISQ) explicitly accept that methodology in design-oriented research is articulated during and after the research, not only before it. Strauss & Corbin (1998, p. 28) likewise note that the grounded-theory procedure "is not as linear as the description suggests." What is required is honest disclosure of the retrospective character, plausibility of the reconstructed practice, and verifiability of the output corpus — all three of which this page satisfies.

What is fully traceable is the output of the selection: the 56 formally coded sources are listed in §16 with R1–R5 mapping, discipline, and reason for selection; the wider consulted bibliography is listed alphabetically in §21 (Appendix); the construct-cue traceability is articulated by the author in the framework specification (§13 of this document). A reviewer can verify the 56 against §16, the ~331 against §21, and the construct-derivation logic against §13 (cue taxonomy) — this verifiability carries the methodological burden in place of the absent forward log.

The selection was governed by three principles, applied iteratively rather than sequentially:

  1. R1–R5 coverage. Every L1 construct in the framework had to be traceable to at least one source in each applicable R-type.
  2. Disciplinary breadth. Sources were drawn across the seven fields described in §04 Stage 1; no single discipline was permitted to dominate construct anchoring.
  3. Coverage plateau under constant comparison. Sources were added until additional sources produced no new categories. A first-touch plateau analysis at the 56-source corpus level (§18) identifies the 14-of-15 plateau at source #14 (Lewicki, McAllister & Bies, 1998) and the full 15-of-15 plateau at source #41 (Lankton, McKnight & Tripp, 2015) — the late C15 emergence reflects the historical timing of AI-trust as a distinct research category. The framing is deliberately conservative — Glaser & Strauss (1967) and Wolfswinkel et al. (2013) treat literature-review saturation as a contested ideal — so the work reports a plateau, not a Glaserian saturation claim. The analysis is built from the resource table (§16) and concept matrix (§17).

The selection was performed by a single coder; Wolfswinkel et al.'s (2013, p. 5) recommendation of inter-coder reliability with ≥ 90% overlap among at least two coders was not satisfied. Documented constant comparison, paradigm mapping, and internal consistency checking were applied as partial mitigations. The methodological commitment forward is to maintain a formal forward-selection log alongside coding from the start in v3 of the framework.

Stage 4 — Analyze (the three coding phases)

The Analyze stage is the heart of the GT-LR effort. The three coding phases of Strauss & Corbin (1998) — open, axial, selective — were executed in the intertwined fashion Wolfswinkel et al. (2013, pp. 6–7) describe.

4.1 Open coding

Each source was read in full. For every trust-relevant claim encountered, an in-vivo or descriptive code was created with: a short label, a definition, the source passage, and the discipline of origin. Open coding produced trust-related concepts across seven disciplinary domains plus a transversal eighth (trust dynamics and temporal processes); the discipline-level distribution as tallied during coding is shown in §06. A flat enumeration of every individual code was not preserved as a separate persistent artifact, consistent with Strauss and Corbin's (1998) treatment of open codes as raw material that is rapidly subsumed into axial categories during the second cycle. The persistent artifacts of the coding pass are therefore the 15 axial categories (§07, with their core concepts named), the 10 L1 constructs (§09), and the 127 L2 cues (§13, each individually named with theoretical anchor). The coding unit was the conceptual claim rather than the textual passage — a passage frequently produced multiple in-vivo codes when distinct claims were embedded in its argument; conversely, a single claim recurring across multiple sources was coded once, with cross-source references retained for traceability.

4.2 Axial coding

Codes were grouped into categories based on shared properties and dimensions, using Strauss & Corbin's coding paradigm (conditions, actions/interactions, consequences) as the structuring device. Each category was anchored to specific conditions under which the trust phenomenon arose, the actions or interactions through which it operated, and the consequences it produced for trust formation. The result was 15 emergent categories:

  1. Trustworthiness Beliefs (ABI+P)
  2. Dispositional Trust
  3. Institutional Trust
  4. Trust Intentions and Behavior
  5. Brand and Reputation Signals
  6. Fair Exchange and Reciprocity
  7. Privacy, Security and Technical Trust Infrastructure
  8. Social Proof, Reputation, and Community Trust Mechanisms
  9. Governance and Organizational Accountability
  10. Perceived Risk
  11. Affective Trust
  12. Trust Dynamics and Lifecycle
  13. Trust Repair
  14. Distrust as Separate Construct
  15. AI-Specific Trust Dimensions

Constant comparison was applied throughout. Each new source was coded against existing categories before adjustments to the category structure were considered. Where a source produced data that did not fit cleanly, the choice was between extending the category boundary, refining the category definition, or introducing a new category — with the third option exercised only when extension and refinement could not accommodate the data.

4.3 Selective coding

The 15 categories were integrated around the core category of digital trust formation, then consolidated into the framework's 10 L1 constructs through nine documented design decisions:

DecisionAction
D1Categories 1–4 become the four below-waterline constructs (TB, DT, IB, TIB), faithfully implementing McKnight et al. (2002).
D2Category 5 (Brand) is elevated to an L1 construct based on the direct-pathway-to-intentions evidence in Hoffmann, Lutz & Meckel (2014).
D3Category 6 (Reciprocity) is elevated from a mechanism (Blau, 1964) to a primary construct based on its empirical salience in digital contexts (β = 0.426 in Hoffmann et al. 2014, the strongest cue effect among categories tested). This is acknowledged as a deliberate departure from the conventional treatment of reciprocity as antecedent.
D4Categories 7 and 8 become two Engineering Layer constructs: Technical Trust Infrastructure (TI) and Social Trust Mechanisms (ST), following Söllner et al.'s (2016) distinction between technology-mediated and socially-mediated trust. Earlier labels "Social Adaptor" and "Social Protector" were replaced with this terminology to align with academic precedent.
D5Category 9 (Governance) becomes a single L1 construct with three sub-dimensions (Adaptive Governance, Organizational Resilience, Continuous Digital Assurance), reflecting NIST AI RMF, EU AI Act, IIA, and Hollnagel et al. structures.
D6Category 10 (Perceived Risk) becomes the environmental moderator at the waterline rather than an L1 construct, on the grounds that risk is a property of the situation, not of trustor or trustee (Mayer et al. 1995; Rousseau et al. 1998).
D7Category 11 (Affective Trust) becomes a distinct below-waterline construct (ATB), separating cognition from affect per McAllister (1995).
D8Categories 12–13 (Trust Dynamics, Trust Repair) become the Dynamic Process Layer — a temporal overlay rather than static constructs (Lewicki & Bunker 1995; Schlicker et al. 2025; Kim et al. 2004).
D9Categories 14–15 (Distrust, AI-Specific Dimensions) are distributed across existing constructs rather than modeled separately, on the principle that AI trust is not a separate domain but a lens through which all trust constructs operate differently (Lankton et al. 2015).

Stage 5 — Present

The Present stage in Wolfswinkel et al. (2013, pp. 8–9) requires representing the content (Step 5.1) and structuring the article (Step 5.2). The framework's content is represented through (a) the iceberg architectural diagram, (b) the construct/cue taxonomy in §13 of this page, (c) the resource table in §16 of this document, and (d) the concept matrix in §17 of this document. The article structure is realized in this methodology page, which functions as the standalone audit trail of the framework. Wolfswinkel's emphasis on the disclosure of "key choices made during the review process" is satisfied through the audit trail (§18), the nine consolidation decisions (above), and the explicit acknowledgment of single-coder limitation (§19).

05The R1–R5 organizing scaffold

The corpus was sampled and the categories were assessed against five relationship-typed conceptualizations of digital trust (R1–R5). The scaffold ensures disciplinary breadth without privileging any single trust tradition. Wolfswinkel et al. (2013, p. 3) permit a "well-marked scope" as a reference point for review decisions; the R1–R5 framework is that reference point in this study.

CodeTrust relationshipDefinitional core (selected anchors)
R1Trust in persons & organizationsWillingness to be vulnerable to another party's actions based on the expectation of important action without monitoring or control. Mayer, Davis & Schoorman (1995); Rousseau et al. (1998); Blau (1964); Spence (1973).
R2Trust in digital economy agentsImplicit contractual relationship stabilizing uncertain behavioral expectations between human and digital intermediary. Ripperger (2003); McKnight et al. (2002); Gefen et al. (2003); Dinev & Hart (2006); Hoffmann et al. (2014).
R3Trust in AI systemsMental and physiological process in which a person considers AI characteristics as grounds for acts of trust. Lukyanenko et al. (2022); Glikson & Woolley (2020); Hoff & Bashir (2015); Schlicker et al. (2025); NIST (2023).
R4Trust in the interfaceRelational intelligence and sociocultural design for trust-promoting interaction between humans and digital artifacts. Bickmore & Cassell (2001); Zierau et al. (2021); Vossing et al. (2022).
R5Trust and personalityPersonality traits and individual differences determining predisposition toward trust independent of trustee characteristics. Riedl (2022); Szalma & Taylor (2011); McKnight et al. (2002); Hoff & Bashir (2015).

The five conceptualizations matter for framework design because a corpus drawn exclusively from any single R-type would produce a systematic blind spot. R1-only corpora overrepresent interpersonal trustworthiness beliefs (ability, benevolence, integrity) while neglecting technical infrastructure (R3), interface design (R4), and individual difference (R5) dimensions that are critical in digital contexts. The R1–R5 scaffold ensures every L1 construct in the framework is traceable to at least one conceptualization, and that no conceptualization is systematically underrepresented.

A reflexive caveat: pre-organizing the corpus by R1–R5 introduces a confirmation-bias risk — the categories that emerge from coding may be partly pre-shaped by the categories that drove sampling. The risk was mitigated by allowing axial coding to produce categories that did not map cleanly onto any single R-type (e.g. Governance, Resilience & Assurance is a cross-R category; Perceived Risk is an environmental moderator that does not sit in any R-type). The mitigation is partial; full reflexive treatment would require an independent re-coding without the R1–R5 scaffold, which is identified as future work.

06Open coding results — discipline-level distribution

Open coding extracted trust-related concepts across seven disciplinary domains plus a transversal eighth (trust dynamics and temporal processes). Each concept was captured with a label, a definition, the source passage, and the discipline of origin. The table below presents the discipline-level tally maintained during the coding pass, with representative concept names per discipline. A flat enumeration of every individual code was not preserved as a separate persistent artifact (see Notation below); the tally summarizes the distributional shape of the coding pass and supports the coverage-plateau analysis in §18.

Discipline Concepts Representative concepts Primary sources
Organizational Psychology38Ability, benevolence, integrity, predictability, cognition-based trust, affect-based trust, emotional bonds, trust repair, apology strategy, denial strategyMayer, Davis & Schoorman (1995); McAllister (1995); McKnight et al. (2002); Kim et al. (2004); Lewicki et al. (1998); Kramer (1999)
Information Systems42Structural assurance, situational normality, familiarity, system quality, user control, third-party endorsements, initial trust, trust typology, trust transferMcKnight et al. (1998, 2002); Gefen (2000, 2003); Hoffmann, Lutz & Meckel (2014); Söllner et al. (2016)
Economics & Signaling18Costly signals, information asymmetry, brand investment, warranties, implicit contracts, uncertainty stabilization, privacy calculus, data reciprocitySpence (1973); Ripperger (2003); Dinev & Hart (2006); Blau (1964)
Social Psychology24Reciprocity norms, social exchange, social proof, distrust independence, reputation systems, endorsement credibility, content integrityBlau (1964); Lewicki et al. (1998); Pavlou & Gefen (2004); Hendrikx et al. (2015)
Governance & Regulation36Risk classification, transparency obligations, accountability, human oversight, fairness auditing, adaptive policy, resilience, stakeholder engagementNIST (2023); EU AI Act (2024); IIA (2020); Floridi & Cowls (2019); Hollnagel et al. (2006); Mittelstadt et al. (2016)
HCI & AI Trust52Cue relevance, cue detection, cue utilization, individual standards, aesthetics as metastandard, relational intelligence, automation bias, algorithm aversion, system-like trustSchlicker et al. (2025); Glikson & Woolley (2020); Bickmore & Cassell (2001); Lukyanenko et al. (2022); Lankton et al. (2015); Hancock et al. (2020); Følstad & Brandtzaeg (2017); Shneiderman (2020); Vössing et al. (2022); Jacovi et al. (2021)
Personality & Individual Differences16Faith in humanity, trusting stance, risk propensity, technology readiness, Big-Five personality–trust links, digital natives vs digital immigrantsRiedl (2022); Hoffmann, Lutz & Meckel (2014); Hoff & Bashir (2015); Hoffmann, Lutz & Ranzini (2024)
Trust Dynamics & Temporal21Calculus-based trust, knowledge-based trust, identification-based trust, trust calibration, overtrust, undertrust, relationship equity, feedback loopLewicki & Bunker (1995); Lee & See (2004); Castelfranchi & Falcone (2010); Kim et al. (2004, 2008)

Notation. The eighth row (Trust Dynamics & Temporal) is transversal rather than disciplinary — it cross-cuts the other seven and is reported separately because the dynamic-process category was eventually treated as a process overlay (see §11) rather than as a static construct. The per-discipline counts reflect the working tally maintained during coding; they are presented here as the distributional record of the pass rather than as a precision claim. The full flat list of every individual code was not retained as a separate persistent artifact — Strauss and Corbin (1998, ch. 8) treat open codes as raw material rapidly subsumed into axial categories, and many published grounded-theory studies do not preserve a flat code list. The persistent artifacts of this work are the 15 axial categories (§07), the 10 L1 constructs (§09), and the 127 L2 cues (§13), each individually named.

07The 15 emergent categories

Axial coding regrouped the open codes into 15 natural categories using the constant-comparison protocol (Glaser & Strauss, 1967) and the Strauss-Corbin paradigm of conditions, actions/interactions, consequences. The 15 categories are listed below with their disciplinary origin, core concepts (a representative selection of the most analytically central codes per category), key sources, and academic grounding rating (1–5, where 5 indicates a category whose grounding rests on multiple top-tier validated sources).

# Category Discipline Core concepts Key sources Rating
C01Trustworthiness Beliefs (ABI+P)Org. Psych.Ability/Competence, Benevolence, Integrity, PredictabilityMayer et al. (1995); McKnight et al. (2002); Lee & See (2004)5/5
C02Dispositional TrustPersonality Psych.Faith in humanity, trusting stance, risk propensity, technology readinessMcKnight et al. (2002); Riedl (2022); Hoff & Bashir (2015)5/5
C03Institutional TrustSociology / ISStructural assurance, situational normality, regulatory framework, platform trustMcKnight et al. (2002); Luhmann (1979); Pavlou & Gefen (2004)5/5
C04Trust Intentions & BehaviorSoc. Psych. / TRAWillingness to depend, information disclosure, purchase intention, continued use, recommendationMcKnight et al. (2002); Gefen et al. (2003)4/5
C05Brand & Reputation SignalsMarketing / Econ.Brand trust (reliability + intentionality), costly signaling, familiarity, design quality, brand affectSpence (1973); Hoffmann et al. (2014); Gefen (2000)4/5
C06Fair Exchange & ReciprocitySocial ExchangeData reciprocity, fair information practices, warranties, pricing transparency, procedural fairnessBlau (1964); Hoffmann et al. (2014); Acquisti, Brandimarte & Loewenstein (2015)4/5
C07Privacy, Security & Technical Trust InfrastructureIS / CS / Cybersec.User control over personal data, identity & access management, encryption, privacy-enhancing tech, federated learning, zero-trust architectureMcKnight et al. (2002); NIST (2023); Helbing (2015); Söllner et al. (2016); Castelfranchi & Falcone (2010)4/5
C08Social Proof, Reputation & Community Trust MechanismsSoc. Psych. / HCIReputation systems, third-party endorsements & seals, user-generated reviews, community moderation, social translucence, content integrityPavlou & Gefen (2004); Bart et al. (2005); Hoffmann et al. (2014); Hendrikx et al. (2015); Jøsang, Ismail & Boyd (2007)4/5
C09Governance & Organizational AccountabilityGovernance / RegulationAdaptive policy, risk management, audit and assurance, regulatory compliance, incident response, resilience, stakeholder engagementNIST (2023); EU AI Act (2024); IIA (2020); HLEG-AI / ALTAI (2020); Hollnagel et al. (2006); Mittelstadt et al. (2016); Lockey et al. (2021)4/5
C10Perceived RiskDecision TheoryRisk as trust moderator, dual-pathway model, vulnerability acceptance, stakes assessmentMayer et al. (1995); Kim, Ferrin & Rao (2008); Rousseau et al. (1998); Acquisti, Brandimarte & Loewenstein (2015)5/5
C11Affective TrustOrg. Psych.Emotional bonds, empathy, care & concern, affect-based vs cognition-based trustMcAllister (1995); Glikson & Woolley (2020); Bickmore & Cassell (2001); Schlicker et al. (2025)5/5
C12Trust Dynamics & LifecycleTrust TheoryCalculus → knowledge → identification stages, trust calibration, feedback loops, temporal evolutionLewicki & Bunker (1995); McKnight et al. (1998); Schlicker et al. (2025); Castelfranchi & Falcone (2010)4/5
C13Trust RepairOrg. Psych.Competence vs integrity violations, apology vs denial strategies, recovery mechanismsKim, Ferrin, Cooper & Dirks (2004); Lewicki, McAllister & Bies (1998)4/5
C14Distrust as Separate ConstructSoc. Psych.Trust and distrust as independent dimensions, simultaneous trust/distrust, watchful trustLewicki, McAllister & Bies (1998); McKnight & Chervany (2001); Kramer (1999)3/5
C15AI-Specific Trust DimensionsHCI / AI EthicsAutomation bias, algorithm aversion, anthropomorphism effects, LLM trustworthiness (truthfulness, safety, fairness), system-like vs human-like trustLankton, McKnight & Tripp (2015); Glikson & Woolley (2020); Schlicker et al. (2025); Jacovi et al. (2021); Hancock et al. (2020); Shneiderman (2020)3/5

Categories C12–C15 received the lowest grounding ratings (3/5 in two cases) because their underlying concepts are evolving rapidly with the AI-trust literature. They are real findings of the coding pass, and the rating expresses the strength of established empirical grounding rather than the strength of the concept itself. The 15 categories were subsequently consolidated into the 10 L1 constructs through nine documented design decisions (already listed in §02 above).

08Academic grounding assessment

Each of the 10 L1 constructs was rated on the strength of its academic grounding, where 5/5 denotes a construct whose grounding rests on multiple top-tier, multiply-replicated sources, and 4/5 denotes a construct grounded in a domain that is extensively researched but where the construct itself is a deliberate consolidation rather than a single-source canonical concept. None of the 10 constructs received less than 4/5; this is a methodological commitment of the framework rather than an accidental outcome — constructs that could not clear the 4/5 threshold were either consolidated into another construct or relegated to the cue layer.

Code Construct Rating Justification
DTDisposition to Trust5/5Perfectly aligned with McKnight et al. (2002). Canonical construct since Rotter (1967); reinforced by Riedl (2022) neuroIS evidence.
IBInstitution-Based5/5Faithfully reproduces structural assurance and situational normality from McKnight et al. (2002). Rooted in Luhmann (1979) institutional trust.
TBTrusting Beliefs (Cognitive)5/5Core ABI model (Mayer et al., 1995). The most-cited trust model in management research; replicated in Pavlou (2003), Kramer (1999), Castelfranchi & Falcone (2010), Lankton et al. (2015), Schlicker et al. (2025).
ATBAffective Trusting Beliefs5/5McAllister (1995) cognition/affect distinction is among the most replicated trust findings. Extended to AI contexts by Glikson & Woolley (2020), Schlicker et al. (2025), Bickmore & Cassell (2001), Følstad & Brandtzaeg (2017).
TIBTrusting Intentions & Behaviors4/5Well-validated through McKnight et al. (2002) and the TAM-trust integration (Gefen, Karahanna & Straub, 2003; Pavlou, 2003).
BBrand4/5Extensive marketing and signaling literature (Spence, 1973). Grounded as a direct pathway to behavioral intentions in Hoffmann, Lutz & Meckel (2014).
RReciprocity4/5Grounded in social-exchange theory (Blau, 1964) and the primary-cue-category status reported in Hoffmann, Lutz & Meckel (2014). Elevation from mechanism to construct is a deliberate design choice for digital platform contexts; reinforced by Acquisti, Brandimarte & Loewenstein (2015) on data reciprocity in privacy paradox.
GOVGovernance, Resilience & Assurance4/5Each sub-component grounded in established frameworks (HLEG-AI / ALTAI 2020; NIST AI RMF 2023; EU AI Act 2024; IIA 2020; Hollnagel et al. 2006; Mittelstadt et al. 2016; Shneiderman 2020; Lockey et al. 2021; Thiebes et al. 2021). The tri-partite structure (Adaptive Governance, Organizational Resilience, Continuous Digital Assurance) is a deliberate consolidation.
TITechnical Trust Infrastructure4/5Domain extensively researched (McKnight et al. 2002 structural assurance; Helbing 2015 trusted web infrastructure; Söllner et al. 2016 network of trust; Jøsang, Ismail & Boyd 2007 reputation systems infrastructure; W3C DIDs 2022; eIDAS 2.0 2024).
STSocial Trust Mechanisms4/5Domain extensively researched (Hendrikx et al. 2015 reputation taxonomy; Pavlou & Gefen 2004 marketplace trust; Jøsang et al. 2007 reputation systems; Bart et al. 2005 trust drivers across site categories).

The grounding ratings should be read alongside §17 (concept matrix), which shows how each construct's primary anchors distribute across the corpus. Constructs at 5/5 receive primary marks from 4–6 different sources in the matrix; constructs at 4/5 typically receive primary marks from 3–5 sources, with the consolidation rationale explicit in the design-decisions table (§02).

09The 10 L1 constructs

The 10 L1 constructs are the framework's deliverable at the construct level. Five sit above the waterline as observable trust cues that organizations can design and deploy; five sit below the waterline as hidden psychological and institutional foundations that determine whether visible cues actually produce trust. Each construct is grounded in the trust literature; the sub-cue counts in the L2 column are detailed in §13 (cue taxonomy).

Above the waterline — observable trust cues

These five constructs represent visible signals that users can perceive, evaluate, and compare. Organizations design and operationalize them. They sit at the Agency, Engineering, and Governance layers.

Code Construct Layer L2 cues Description Primary grounding
RReciprocityAgency20Fair, transparent value exchange. Rewarding kind actions, reducing user concerns through fairness, data reciprocity, and procedural transparency.Blau (1964); Hoffmann, Lutz & Meckel (2014); Acquisti, Brandimarte & Loewenstein (2015)
BBrandAgency18Intangible identity, reputation, consistency. Brand investment as costly signal of trustworthiness — capital-at-risk creates credibility.Spence (1973); Hoffmann et al. (2014); Gefen (2000)
TITechnical Trust InfrastructureEngineering21Technology-mediated trust: identity, privacy, security, compliance. The interface between visible cues and hidden infrastructure foundations.McKnight et al. (2002); Helbing (2015); Söllner et al. (2016); Jøsang, Ismail & Boyd (2007)
STSocial Trust MechanismsEngineering18Community-driven trust: reputation systems, third-party endorsements, moderation, social proof, content integrity safeguards.Pavlou & Gefen (2004); Hendrikx et al. (2015); Bart et al. (2005); Jøsang et al. (2007)
GOVGovernance, Resilience & AssuranceGovernance26Organizational governance through adaptive oversight, operational resilience, and continuous digital assurance. The largest construct because it integrates three previously-separate categories (Decision D5 in §02).HLEG-AI / ALTAI (2020); NIST (2023); IIA (2020); Hollnagel et al. (2006); EU AI Act (2024); Mittelstadt et al. (2016); Shneiderman (2020)

Below the waterline — hidden trust constructs

These five constructs represent hidden psychological and institutional foundations of trust. Users do not directly observe them; they emerge as inferences from cues and are shaped by individual differences. They all sit at the Institutional layer.

Code Construct Layer L2 cues Description Primary grounding
IBInstitution-BasedInstitutional4Trust in systems and structures even without prior interaction — structural assurance and situational normality.McKnight et al. (2002); Luhmann (1979)
TBTrusting Beliefs (Cognitive)Institutional7Cognitive assessments through two contextually activated lenses. Human-like lens: Competence, Benevolence, Integrity, Predictability (Mayer et al. 1995). System-like lens: Functionality, Reliability, Helpfulness (Lankton et al. 2015). The trustor applies whichever lens fits the trustee type; for AI both may operate simultaneously.Mayer et al. (1995); McKnight et al. (2002); Lankton, McKnight & Tripp (2015); Castelfranchi & Falcone (2010)
ATBAffective Trusting BeliefsInstitutional5Emotional trust grounded in empathy, attachment, and relational interaction quality. Distinct from cognitive trust (McAllister 1995) and increasingly relevant for AI agents (Schlicker et al. 2025; Glikson & Woolley 2020).McAllister (1995); Glikson & Woolley (2020); Bickmore & Cassell (2001); Schlicker et al. (2025)
DTDisposition to TrustInstitutional4Individual propensity to trust, shaped by personality and prior experience. Faith in humanity, trusting stance, risk propensity, technology readiness.McKnight et al. (2002); Riedl (2022); Hoff & Bashir (2015); Hoffmann, Lutz & Ranzini (2024)
TIBTrusting Intentions & BehaviorsInstitutional4Willingness to act on trust: purchase, share data, delegate, follow advice. The behavioral outcome that all other layers ultimately produce.McKnight et al. (2002); Gefen, Karahanna & Straub (2003); Pavlou (2003)

The waterline metaphor is not decorative. It captures a structural insight that emerges independently from multiple strands of trust research: McKnight et al. (2002) distinguish between trust constructs that are directly observable and those that are hidden psychological states; Hoffmann, Lutz & Meckel (2014) report that trust cues operate through distinct pathways (reciprocity cues build trusting beliefs; brand cues bypass beliefs and drive intentions directly); and Schlicker et al.'s (2025) Trustworthiness Assessment Model (TrAM) applies Brunswik's Lens Model to explain that actual trustworthiness manifests through cues which trustors detect and utilize to form perceived trustworthiness. The above-waterline constructs in the framework function as the cue layer; the below-waterline constructs represent the assessment processes (cue detection, utilization, belief formation).

10Contextual moderation — the waterline

Perceived risk is not a construct in the framework but the environmental moderator that makes the entire framework meaningful. In the iceberg metaphor, perceived risk is the water. However, the water is not uniform — it has measurable properties that vary by context, culture, domain, and user segment. Together these properties form a Contextual Moderation Layer at the waterline. The moderator is what Decision D6 (§02) elevated out of the construct space and into a distinct semantic position.

Three core mechanics

  1. The water determines visibility. In low-risk situations (shallow water) most of the iceberg is visible — users do not scrutinize trust cues carefully because stakes are low. In high-risk situations (deep water) only the tip is visible — users examine every available cue because consequences of misplaced trust are severe. This is consistent with the Hoffmann, Lutz & Meckel (2014) report that risk-aware users pay more attention to reciprocity cues, while risk-tolerant users rely more on brand heuristics.
  2. The water refracts the cues. The same trust cue is perceived differently depending on risk context. A third-party endorsement is a strong signal in a low-risk context (browsing a news site) but may be insufficient in a high-risk context (sharing medical data). This is the cue-utilization mechanism from Schlicker et al.'s (2025) TrAM.
  3. The water applies pressure. Pressure increases with depth. Perceived risk applies pressure on below-waterline constructs: high risk raises the threshold that Trusting Beliefs must reach before translating into Trusting Intentions and Behaviors. This maps to Mayer et al.'s (1995) risk-moderation finding.

Four water properties

The water around the iceberg is not uniform. Four contextual parameters modulate how cues are perceived, weighted, and processed. They do not change the shape of the iceberg (the cue taxonomy stays constant) but they change how the iceberg is experienced by the trustor.

Parameter What it modulates Metaphor Key sources
Risk magnitudeCue scrutiny depth. Higher risk = more cues examined, higher thresholds required.Water depthMayer et al. (1995); Kim, Ferrin & Rao (2008); Acquisti, Brandimarte & Loewenstein (2015)
Cultural trust radiusWhich cue categories are weighted. High-trust-radius cultures weight Brand more heavily and accept institutional assurance more readily; low-trust-radius cultures weight Governance and TI cues, demanding verifiable evidence over reputation.Water temperatureFukuyama (1995)
Domain sensitivityCue threshold levels. Healthcare and financial services demand higher GOV and TI cue satisfaction than entertainment or social media. The same cue set produces different trust outcomes depending on domain stakes.Water salinityBart, Shankar, Sultan & Urban (2005)
User segmentCue processing mode. Digital natives use heuristic processing (relying on Brand and design quality); digital immigrants use systematic processing (scrutinizing Reciprocity and TI cues). Age, technology experience, digital literacy, and intersectional factors modulate which cues are detected and how they are weighted.Water currentHoffmann, Lutz & Meckel (2014); Hoffmann, Lutz & Ranzini (2024)

A warm current (high-trust culture) makes the waterline rise, exposing more of the iceberg: more cues are accepted at face value. A cold current (low-trust culture) pushes the waterline down, submerging more cues beneath scrutiny.The metaphor's mechanics, articulated by the author

Theoretical basis. Mayer et al. (1995, p. 726): risk is a property of the situation, not of trustor or trustee. Kim, Ferrin & Rao (2008): trust antecedents operate through dual pathways, simultaneously building trust AND reducing perceived risk through separate mechanisms. Rousseau et al. (1998, p. 395): without risk, trust is unnecessary. Fukuyama (1995): trust radius varies by culture. Hoffmann, Lutz & Meckel (2014) and Hoffmann, Lutz & Ranzini (2024): user segments process trust cues through qualitatively different strategies.

11Dynamic process layer

The Process Layer is a temporal overlay that augments the static framework without replacing it. It models three processes that operate continuously on the iceberg's constructs: Trust Formation, Trust Calibration, and Trust Repair. The Process Layer is what Decision D8 (§02) created — it captures Categories C12 (Trust Dynamics & Lifecycle) and C13 (Trust Repair) without forcing them into the static construct space.

Process 1 — Trust Formation

Trust formation progresses through three stages following Lewicki & Bunker (1995, 1996):

  • Calculus-Based Trust: rational cost–benefit evaluation, driven by above-waterline cues. Trust at this stage is fragile and contingent on continuing positive interactions.
  • Knowledge-Based Trust: accumulated experience enabling behavioral prediction, corresponding to Trusting Beliefs (TB). Trust at this stage is more stable but still rests on continued conformity to expectations.
  • Identification-Based Trust: value alignment and shared identity, mapped to Brand cues B01 (Brand Ethics & Moral Values), B12 (Heritage & Longevity), B14 (Localized & Inclusive Expressions). Trust at this stage is robust to occasional violations.

Not all relationships progress through all stages. Most digital-platform trust relationships stabilize at the calculus or knowledge stages; identification-based trust requires sustained brand investment and value alignment, characteristic of long-term customer relationships rather than transactional encounters.

Process 2 — Trust Calibration

Trust calibration is the ongoing adjustment of perceived trustworthiness in response to new evidence. It depends on four factors from the Schlicker et al. (2025) Trustworthiness Assessment Model: cue relevance, cue availability, cue detection, and cue utilization. Calibration dynamics include active search, cross-validation, and intuitive adjustment. Lee & See (2004) provide the foundational treatment of trust calibration in human–automation interaction; Castelfranchi & Falcone (2010) provide the socio-cognitive computational treatment. The Contextual Moderation Layer (§10) parameterizes calibration: cultural trust radius, domain sensitivity, and user segment all influence which cues are detected and how they are weighted during calibration.

The Trust State Vector

Trust Calibration maintains a dimensional trust state for each trustor–trustee relationship. Drawing on McKnight & Chervany's (2001) finding that trust and distrust are independent dimensions (not opposite poles of a single continuum), and Lewicki, McAllister & Bies's (1998) demonstration that a trustor can simultaneously trust one dimension while distrusting another, the calibration process tracks each Mayer dimension independently:

Trust State Vector — formal definition

Trust State Vector = {
  competence:  trust (+1) | neutral (0) | distrust (-1),
  integrity:   trust (+1) | neutral (0) | distrust (-1),
  benevolence: trust (+1) | neutral (0) | distrust (-1)
}

In the iceberg metaphor, the Trust State Vector tracks cracks in the ice. When trust erodes past a threshold on one dimension while remaining intact on others, the iceberg develops visible fracture lines. The iceberg does not split into two; it develops stress fractures along dimensional boundaries. "Watchful trust" (the stable state {competence: +1, integrity: -1, benevolence: 0}) is the user trusting that the system works while distrusting its honesty, resulting in active monitoring behavior.

This formulation operationalizes distrust without requiring a separate distrust construct, consistent with Decision D9 (§02). It is also compatible with the Lewicki, McAllister & Bies (1998) view that trust and distrust are independent dimensions rather than opposite poles of a single continuum.

Process 3 — Trust Repair

Different violation types require different repair strategies. Kim, Ferrin, Cooper & Dirks (2004) demonstrated that competence-based violations respond to apology + corrective action, while integrity-based violations respond to denial + evidence of principles. Repair strategies target specific cracks in the Trust State Vector: a competence-apology aims to move the competence dimension from −1 back toward +1; an integrity-denial aims to restore the integrity dimension. The choice of repair strategy is not interchangeable — applying an integrity strategy to a competence violation, or vice versa, typically deepens distrust rather than repairing it.

The Process Layer does not replace the static construct architecture; it operates on it. Trust Formation creates the Trust State Vector; Trust Calibration maintains it; Trust Repair attempts to restore it after specific violations. All three processes interact with the Contextual Moderation Layer (§10), which sets the threshold conditions under which formation, calibration, and repair operate.

12L2 cue derivation methodology

The L2 cues are observable, designable indicators that operationalize each of the 10 L1 constructs. Cues are not a Strauss-Corbin tier; they are a DSR artifact-level commitment specific to GTDS, in which constructs must be operationalizable. The derivation followed two distinct pathways depending on whether the construct sits above or below the waterline.

Above-waterline cues — dual-source derivation

The L2 cues for the five above-waterline constructs (R, B, TI, ST, GOV) were derived through two complementary processes:

Source 1 — practitioner-informed empirical input. The initial cue sets for Reciprocity (R), Brand (B), Technical Trust Infrastructure (TI), and Social Trust Mechanisms (ST) were derived from a practitioner-developed structured instrument under iterative expert consultation. The instrument was designed to capture the full range of trust-relevant cues that digital platform users encounter. This produced an initial pool of 72 candidate L2 cues across the four constructs. The instrument has not yet been administered to an external sample; in the present work the item pool functions as a structured prompt for cue derivation, not as a triangulating measurement source. Full psychometric validation (pilot, EFA, CFA) is identified as future work.

Source 2 — design-science synthesis of regulatory and professional frameworks. The Governance, Resilience & Assurance (GOV) construct was developed through a design-science process (Hevner, March, Park & Ram, 2004) that synthesizes five independent regulatory and professional frameworks: the HLEG-AI Assessment List for Trustworthy AI (ALTAI, 2020), NIST AI RMF 1.0 (2023), the EU AI Act (2024), the IIA Three Lines Model (2020), and resilience engineering principles (Hollnagel, Woods & Leveson, 2006). The author articulates the synthesis; the present page operationalizes it as 26 L2 cues. The external frameworks carry the theoretical weight. The derivation proceeded through three phases:

  1. Open coding of the five external frameworks plus the author's prior articulations produced 50 governance-related codes.
  2. Axial coding: codes were grouped into three sub-dimensions (Adaptive Governance, Organizational Resilience, Continuous Digital Assurance) based on functional relationships and constant comparison.
  3. Internal consistency check: each cue was examined for distinctness from its neighbors (constant comparison, Glaser & Strauss, 1967) and for coverage of governance concepts present in the external source frameworks. Boundary cases with explicit decision rationales are documented in §14.

Cross-validation. All L2 cues were validated against the full R1–R5 literature corpus to confirm academic grounding and identify gaps. This cross-check produced additional cues in four constructs: AI-specific reciprocity cues (R19–R20), AI provenance and developer reputation cues (B04, B06), AI trust-infrastructure cues (TI01–TI06), LLM governance cues (GOV20–GOV25), and affective trust cues (ATB01–ATB05). The cross-check fills the most consequential gap exposed by the v1 framework: AI-specific phenomena that were not fully captured by the trust literature pre-2020.

Workforce-impact gap closure. A secondary cross-check against the HLEG-AI Assessment List for Trustworthy AI (ALTAI, 2020) Requirement 6.2 (Impact on Work and Skills) surfaced a workforce-impact gap not covered by the AI-specific cross-check above. Three additional cues were introduced to close it: GOV26 (Workforce Transition & Reskilling Commitments) on the governance side, TI21 (Augmentation-First Design Intent) on the product-design side, and ST18 (Job Impact Transparency) on the communication side. These three cues are wired to the practice-category layer through the ALTAI Section 6 (Societal & Environmental Wellbeing) requirements and align the framework with the ALTAI self-assessment checkpoints.

Below-waterline cues — literature-derived

The five below-waterline constructs carry 4 to 7 L2 cues each, directly derived from established trust literature:

  • Institution-Based (IB): Structural Assurance, Situational Normality (McKnight et al., 2002), Regulatory & Legal Framework, Intermediary & Platform Trust (Pavlou & Gefen, 2004; Söllner et al., 2016).
  • Trusting Beliefs (TB): 7 cues structured as two contextually activated lenses. Human-like lens (4 cues): Competence, Benevolence, Integrity (Mayer et al., 1995), Predictability (McKnight et al., 2002). System-like lens (3 cues): Functionality, Reliability, Helpfulness (Lankton, McKnight & Tripp, 2015). For AI systems both lenses may operate simultaneously: TB-H for the deploying organization, TB-S for the AI product itself.
  • Affective Trusting Beliefs (ATB): Emotional Resonance, Perceived Empathy, Interpersonal Comfort, Affective Attachment, Relational Interaction Design (McAllister, 1995; Glikson & Woolley, 2020; Schlicker et al., 2025; Bickmore & Cassell, 2001).
  • Disposition to Trust (DT): Faith in Humanity, Trusting Stance (McKnight et al., 2002), Risk Propensity (Mayer et al., 1995), Technology Readiness & Prior Experience (Riedl, 2022; Hoff & Bashir, 2015).
  • Trusting Intentions & Behaviors (TIB): Willingness to Depend, Information Sharing Behavior, Delegation & Advice Following, Transactional Commitment (McKnight et al., 2002; Gefen, Karahanna & Straub, 2003; Pavlou, 2003).

Each cue is documented with six fields: cue_id, cue_name, definition, rationale, engender_description (trust-building), and erode_description (trust-damaging). The complete cue set is listed in §13.

13Complete L2 cue taxonomy — 127 cues

The framework contains 127 L2 cues across the 10 constructs (103 above the waterline, 24 below). The tables below list every cue with its theoretical anchor. Below-waterline construct TB carries 7 cues structured as a dual lens (4 human-like + 3 system-like); the other below-waterline constructs carry 4–5 cues each. Each cue carries a definition, a rationale, an engender-description, and an erode-description in the framework's structured representation; only the IDs, names, and primary anchors are listed here.

10.1 Reciprocity (R01–R20, 20 cues)

Fair, transparent value exchange. Reciprocity's elevation from a mechanism (Blau, 1964) to a primary construct rests on the Hoffmann, Lutz & Meckel (2014) finding that reciprocity cues have a strong effect on trusting beliefs relative to other cue categories tested. In digital platform economies, the fairness of value exchange (what users give vs what they receive) is a highly influential category of trust signals.

IDCueTheoretical anchor
R01Value & Fair PricingBlau (1964) social exchange
R02Exchange TransparencyFloridi & Cowls (2019)
R03Accountability & LiabilityNIST (2023)
R04Terms, Pricing & Subscription TransparencyAcquisti, Brandimarte & Loewenstein (2015)
R05Warranties & GuaranteesSpence (1973) costly signaling
R06Customer Service & SupportGefen (2000)
R07Delivery & Fulfillment ExcellenceMcKnight et al. (2002)
R08Refund, Return or Cancellation PoliciesBlau (1964)
R09Recognition & Rewards (Loyalty Programs)Morgan & Hunt (1994) reciprocity norm
R10Error & Breach HandlingKim, Ferrin, Cooper & Dirks (2004) trust repair
R11Dispute Resolution & MediationLewicki, McAllister & Bies (1998)
R12User Education & GuidanceVössing et al. (2022)
R13Acknowledgment of ContributionsBlau (1964)
R14Micropayments & In-App PurchasesAcquisti, Brandimarte & Loewenstein (2015)
R15Algorithmic Fairness & Non-DiscriminationEU AI Act (2024); NIST (2023); Mittelstadt et al. (2016)
R16Proactive Issue ResolutionKim et al. (2004)
R17Informed DefaultsDinev & Hart (2006)
R18Data ReciprocityDinev & Hart (2006); Ripperger (2003); Hoffmann, Lutz & Ranzini (2024)
R19AI Explanation ReciprocityLankton et al. (2015); Vössing et al. (2022); Jacovi et al. (2021)
R20Privacy-Value Exchange VisibilityDinev & Hart (2006); Koufaris & Hampton-Sosa (2004); Acquisti et al. (2015)

10.2 Brand (B01–B18, 18 cues)

Intangible identity, reputation, consistency. In signaling theory (Spence, 1973), brand investment functions as a costly signal: organizations that invest heavily in brand reputation have more to lose from trust violations, making their trust signals more credible. Hoffmann, Lutz & Meckel (2014) report that brand cues drive behavioral intentions through a pathway distinct from trusting-beliefs formation, supporting the treatment of Brand as a distinct construct.

IDCueTheoretical anchor
B01Brand Ethics & Moral ValuesMayer et al. (1995) integrity
B02Brand Investment as Costly SignalSpence (1973)
B03Brand Image & ReputationMorgan & Hunt (1994); Hoffmann et al. (2014)
B04AI Model ProvenanceLukyanenko et al. (2022); EU AI Act (2024)
B05Recognition & Market ReachGefen (2000) familiarity
B06Developer ReputationSchlicker et al. (2025); Hancock, Naaman & Levy (2020)
B07Familiarity & Cultural RelevanceFukuyama (1995); Gefen (2000)
B08Personalized Brand ExperienceBart, Shankar, Sultan & Urban (2005)
B09Brand Story & NarrativeLewicki & Bunker (1995) IBT
B10Design Quality & AestheticsSchlicker et al. (2025) aesthetics as metastandard; Bickmore & Cassell (2001)
B11Brand Consistency & CohesionMorgan & Hunt (1994)
B12Heritage & LongevityGefen (2000) familiarity
B13Cultural & Societal ImpactFukuyama (1995)
B14Localized & Inclusive ExpressionsHoffmann, Lutz & Ranzini (2024)
B15Brand Purpose & MissionLewicki & Bunker (1995) IBT
B16Branded or Immersive ExperiencesFølstad & Brandtzaeg (2017)
B17Values & Impact CommitmentsFloridi & Cowls (2019)
B18Digital Experience InnovationSchlicker et al. (2025); Hancock, Naaman & Levy (2020)

10.3 Technical Trust Infrastructure (TI01–TI21, 21 cues)

Technology-mediated trust mechanisms: identity management, privacy-enhancing technologies, cybersecurity, and algorithmic transparency. The construct corresponds to what Söllner et al. (2016) term technology-mediated trust and what McKnight et al. (2002) capture under structural assurance. The decision to treat these as a single construct rather than decomposing them was driven by their operational interdependence.

IDCueTheoretical anchor
TI01Model Cards & Training DocumentationEU AI Act Art. 13; Jacovi et al. (2021)
TI02Hallucination Detection & MitigationSchlicker et al. (2025); Vössing et al. (2022)
TI03UX Familiarity & Interface ConventionsGefen (2000); Bickmore & Cassell (2001); Følstad & Brandtzaeg (2017)
TI04Adaptive Communication & ResponsivenessVössing et al. (2022); Hancock, Naaman & Levy (2020)
TI05AI System Self-DisclosureLukyanenko et al. (2022); Schlicker et al. (2025) TrAM; Hancock, Naaman & Levy (2020)
TI06Trust Maturity IndicatorsHoff & Bashir (2015); Lewicki & Bunker (1995); Castelfranchi & Falcone (2010)
TI07User Control & AgencyDinev & Hart (2006); Hoffmann, Lutz & Ranzini (2024)
TI08Privacy Management & Consent MechanismsDinev & Hart (2006); Acquisti, Brandimarte & Loewenstein (2015)
TI09Identity & Access ManagementMcKnight et al. (2002) structural assurance; W3C DIDs (2022); eIDAS 2.0 (2024)
TI10Trustless Systems & Smart ContractsHelbing (2015)
TI11Privacy-Enhancing TechnologiesHelbing (2015)
TI12Adaptive Cybersecurity & Fraud DetectionNIST (2023)
TI13Auditable Algorithms & Open-Source FrameworksMittelstadt et al. (2016); Jacovi et al. (2021)
TI14Federated Learning & Decentralized ModelsThiebes, Lins & Sunyaev (2021)
TI15Trust Score Systems & RatingsHendrikx et al. (2015); Jøsang, Ismail & Boyd (2007)
TI16Data Portability & InteroperabilityEU AI Act (2024)
TI17Trust Influencers (Change Management)Lewicki & Bunker (1995)
TI18Generative AI DisclosuresLukyanenko et al. (2022); Thiebes et al. (2021); Hancock et al. (2020)
TI19Algorithmic Recourse & AppealEU AI Act (2024); Jacovi et al. (2021)
TI20Data Minimization & Privacy-Preserving AnalyticsAcquisti, Brandimarte & Loewenstein (2015); Hoffmann, Lutz & Ranzini (2024)
TI21Augmentation-First Design IntentHLEG-AI / ALTAI (2020) Requirement 1; Shneiderman (2020) HCAI

10.4 Social Trust Mechanisms (ST01–ST18, 18 cues)

Community-driven trust: reputation systems, endorsements, moderation, and social proof. Corresponds to what Söllner et al. (2016) term socially-mediated trust and what Pavlou & Gefen (2004) describe as institution-based trust mechanisms in online marketplaces. Hendrikx et al. (2015) and Jøsang, Ismail & Boyd (2007) provide foundational taxonomies of reputation systems.

IDCueTheoretical anchor
ST01Privacy Indicators & Data Access TransparencyDinev & Hart (2006); Acquisti et al. (2015)
ST02Data Security & Secure StorageMcKnight et al. (2002) structural assurance
ST03Affiliation & Sense of BelongingLewicki & Bunker (1995) IBT
ST04Reputation Systems & 3rd-Party EndorsementsPavlou & Gefen (2004); Hendrikx et al. (2015); Jøsang, Ismail & Boyd (2007)
ST05Brand Ambassadors & Influencer PartnershipsHoffmann, Lutz & Meckel (2014)
ST06Customer Testimonials & User-Generated ContentBart, Shankar, Sultan & Urban (2005)
ST07Community Moderation & GovernancePavlou & Gefen (2004); Mittelstadt et al. (2016)
ST08Social Translucence & "Social Mirror"Hancock, Naaman & Levy (2020)
ST09Events & SponsorshipsMorgan & Hunt (1994)
ST10Media Coverage & Press MentionsBart et al. (2005)
ST11Comparative Benchmarks & ReviewsSchlicker et al. (2025) cross-validation; Jøsang et al. (2007)
ST12Content Integrity & Misinformation SafeguardsHancock, Naaman & Levy (2020); Mittelstadt et al. (2016)
ST13Flagging & Reporting MechanismsPavlou & Gefen (2004); Hendrikx et al. (2015)
ST14Community Voting & Collective Decision-MakingFloridi & Cowls (2019); Helbing (2015)
ST15Block / Ignore & Safe-Space FeaturesHoffmann, Lutz & Ranzini (2024)
ST16Public Interest & Crisis-Response AlertsHollnagel, Woods & Leveson (2006)
ST17Co-creation & Community EngagementBlau (1964); Helbing (2015)
ST18Job Impact TransparencyHLEG-AI / ALTAI (2020) Req. 6.2 (Impact on Work & Skills); Floridi & Cowls (2019)

cue-taxonomy continuation

10.5 Governance, Resilience & Assurance (GOV01–GOV26, 26 cues)

Governance is the largest construct, integrating Adaptive Governance, Organizational Resilience, and Continuous Digital Assurance into a single L1 with three sub-dimensions (Decision D5). The 26 cues were derived through axial coding of NIST AI RMF 1.0 (2023), the EU AI Act (2024), the IIA Three Lines Model (2020), the HLEG-AI Assessment List for Trustworthy AI (ALTAI, 2020), and resilience engineering principles (Hollnagel, Woods & Leveson, 2006), supplemented by the R1–R5 cross-check.

Adaptive Governance (GOV01–GOV06)

IDCuePrimary anchor
GOV01Principle-Based Trust FoundationsFloridi & Cowls (2019); Lockey et al. (2021)
GOV02AI Lifecycle Risk AssessmentEU AI Act (2024); FINMA Guidance 08/2024
GOV03Governance Requirements TranslationNIST AI RMF (2023); Mittelstadt et al. (2016)
GOV04Three Lines of Defense & AccountabilityIIA (2020) Three Lines Model
GOV05Adaptive Policy & Regulatory AlignmentFloridi & Cowls (2019); Lockey et al. (2021)
GOV06Cross-Functional Trust OwnershipLuhmann (1979); IIA (2020)

Organizational Resilience (GOV07–GOV12)

IDCuePrimary anchor
GOV07Incident Response & Crisis ManagementKim, Ferrin, Cooper & Dirks (2004); Hollnagel et al. (2006)
GOV08Graceful Degradation & Failsafe DesignHollnagel, Woods & Leveson (2006)
GOV09Anticipatory Monitoring & Early WarningHollnagel et al. (2006)
GOV10Operational Continuity & RecoveryHollnagel et al. (2006)
GOV11Learning from Failures & Near MissesNIST (2023); Hollnagel et al. (2006)
GOV12Adversarial Robustness & Red-TeamingLockey et al. (2021); Shneiderman (2020)

Continuous Digital Assurance (GOV13–GOV26)

IDCuePrimary anchor
GOV13Runtime Monitoring & Drift DetectionNIST (2023); Mittelstadt et al. (2016)
GOV14Verifiable Data GovernanceNIST (2023); EU AI Act (2024)
GOV15Bias & Fairness AuditingEU AI Act (2024); NIST (2023); Mittelstadt et al. (2016)
GOV16Transparency Reporting & ExplainabilityEU AI Act (2024); Vössing et al. (2022); Jacovi et al. (2021)
GOV17Independent Audit & Third-Party VerificationIIA (2020); Mittelstadt et al. (2016)
GOV18Stakeholder Engagement & Participatory OversightFloridi & Cowls (2019); Helbing (2015)
GOV19Embedded Compliance & Regulatory FeaturesEU AI Act (2024)
GOV20LLM Truthfulness & SafetyShneiderman (2020); Lockey et al. (2021); Jacovi et al. (2021)
GOV21Machine Ethics AuditingFloridi & Cowls (2019); EU AI Act (2024); Mittelstadt et al. (2016)
GOV22Uncertainty Communication & Expectation ManagementRipperger (2003); Luhmann (1979); Schlicker et al. (2025)
GOV23Environmental Impact Governance & Green AIFloridi & Cowls (2019)
GOV24AI Supply Chain & Third-Party Model GovernanceNIST AI RMF (2023); EU AI Act (2024)
GOV25Redressability & Individual Remedy MechanismsEU AI Act Art. 85–86; Jacovi et al. (2021)
GOV26Workforce Transition & Reskilling CommitmentsHLEG-AI / ALTAI (2020) Req. 6.2 (Impact on Work & Skills); EU AI Act (2024); Floridi & Cowls (2019)

10.6 Below-waterline cues (24 total)

Institution-Based (IB01–IB04)

IDCueFocusTheoretical anchor
IB01Structural AssuranceBelief that legal, regulatory, and technological safeguards protect against risksMcKnight et al. (2002)
IB02Situational NormalityPerception that the environment is typical, proper, and conducive to successMcKnight et al. (2002)
IB03Regulatory & Legal FrameworkConfidence in the enforceability of laws, contracts, and dispute resolutionLuhmann (1979)
IB04Intermediary & Platform TrustTrust placed in intermediaries, marketplaces, or platforms that vouch for counterpartiesPavlou & Gefen (2004); Söllner et al. (2016)

Trusting Beliefs — Cognitive (TB01–TB07)

The TB construct uses a dual-lens architecture. TB01–TB04 constitute the human-like lens (Mayer et al., 1995), applicable when the trustee is a person, organization, or anthropomorphic AI. TB05–TB07 constitute the system-like lens (Lankton, McKnight & Tripp, 2015), applicable when the trustee is a technology system, algorithm, or AI product. For AI systems both lenses may operate simultaneously: TB-H for the deploying organization, TB-S for the AI product itself.

IDCueLensFocusTheoretical anchor
TB01Competence (Ability)Human-likeBelief the trustee has the skills and expertise to fulfil its roleMayer et al. (1995)
TB02BenevolenceHuman-likeBelief the trustee genuinely cares about the trustor's welfareMayer et al. (1995)
TB03IntegrityHuman-likeBelief the trustee adheres to acceptable principles and keeps commitmentsMayer et al. (1995)
TB04PredictabilityHuman-likeBelief the trustee's behavior is consistent and can be anticipatedMcKnight et al. (2002)
TB05FunctionalitySystem-likeBelief the system provides the specific functions needed for the taskLankton, McKnight & Tripp (2015)
TB06ReliabilitySystem-likeBelief the system operates consistently and correctly over timeLankton et al. (2015)
TB07HelpfulnessSystem-likeBelief the system provides adequate and responsive help to the userLankton et al. (2015)

Affective Trusting Beliefs (ATB01–ATB05)

IDCueFocusTheoretical anchor
ATB01Emotional ResonanceDegree to which interactions evoke emotional connection and positive affectMcAllister (1995); Glikson & Woolley (2020)
ATB02Perceived EmpathyBelief that the trustee understands the trustor's situation and responds with sensitivitySchlicker et al. (2025); Bickmore & Cassell (2001)
ATB03Interpersonal ComfortEase and willingness to engage in interaction, including sharing sensitive informationFølstad & Brandtzaeg (2017); Bickmore & Cassell (2001)
ATB04Affective AttachmentEmotional bond from repeated positive interactions, creating loyalty beyond rational comparisonLewicki & Bunker (1995) identification-based trust
ATB05Relational Interaction DesignDesigning interactions that build rapport through conversational strategies and sociocultural sensitivityBickmore & Cassell (2001); Zierau et al. (2021); Hancock, Naaman & Levy (2020)

Disposition to Trust (DT01–DT04)

IDCueFocusTheoretical anchor
DT01Faith in HumanityGeneral belief that others are well-meaning and reliableMcKnight et al. (2002)
DT02Trusting StancePersonal inclination to extend trust unless given reason not toMcKnight et al. (2002)
DT03Risk PropensityIndividual willingness to accept vulnerability in uncertain situationsMayer et al. (1995)
DT04Technology Readiness & Prior ExperienceComfort with technology shaped by past interactions and familiarityRiedl (2022); Hoff & Bashir (2015); Hoffmann, Lutz & Ranzini (2024)

Trusting Intentions & Behaviors (TIB01–TIB04)

IDCueFocusTheoretical anchor
TIB01Willingness to DependReadiness to rely on another party for important outcomesMcKnight et al. (2002)
TIB02Information Sharing BehaviorWillingness to disclose personal or sensitive dataDinev & Hart (2006); Acquisti, Brandimarte & Loewenstein (2015)
TIB03Delegation & Advice FollowingWillingness to delegate decisions or follow recommendationsLee & See (2004); Castelfranchi & Falcone (2010)
TIB04Transactional CommitmentWillingness to make purchases, sign contracts, or engage financiallyGefen, Karahanna & Straub (2003); Pavlou (2003)

Cues as a living artifact

The 10 L1 constructs are theoretical entities grounded in the published trust literature (§09); they have remained stable across the 1964–2025 corpus precisely because they are abstractions about kinds of trust mechanisms rather than specific instantiations. The 127 L2 cues are empirical operationalizations of those constructs in current technological practice. They are not theoretical entities — they are the form the constructs happen to take in 2025–2026. New cues will enter as new technological practices stabilize (agent-to-agent verification, on-chain attestation, retrieval-attribution disclosure); existing cues will deprecate as practices obsolesce (Flash trust badges, sunsetted certification programs). The framework is therefore designed for cue-layer churn without disturbance to its construct-layer theory, and this section makes that commitment explicit.

The architectural distinction mirrors the formative/reflective indicator distinction in psychometrics (Bagozzi & Edwards, 1998; MacKenzie, Podsakoff & Jarvis, 2005, Journal of Applied Psychology): constructs are stable latent variables; cues are interchangeable manifest indicators. If a single cue obsolesces, others can substitute without disturbing the construct. If an entire class of cues falls out of practice, that is evidence the operationalization layer needs revision — but the construct survives. The pattern — distinguishing the durable from the volatile, versioning the volatile, and governing updates through an explicit protocol — is well established in adjacent fields. Cochrane's living systematic reviews framework (Elliott et al., 2014, Journal of Clinical Epidemiology; Elliott et al., 2017, PLOS Medicine) handles continuously evolving evidence with version control, update triggers, and sunset clauses. Versioned regulatory standards do the same — NIST AI RMF 1.0 (with 2.0 in development), OWASP Top 10 (annual revision), CIS Controls (versioned), ISO/IEC 27001 (revised on a roughly five-year cadence) — as does concept-drift detection in adaptive machine learning (Gama, Žliobaitė, Bifet, Pechenizkiy & Bouchachia, 2014, ACM Computing Surveys). The commitments below codify the same epistemic stance for the cue layer.

Architectural commitment. The cue layer is explicitly time-indexed and versioned. A v8.1, v8.2, or v9.0 of the cue taxonomy is expected within the framework's lifetime; a v2.0 of the framework itself would only be triggered by construct-level revision, which requires fresh theoretical justification of the kind documented in §09. This commitment prevents the most common drift failure in operational frameworks: silent reorganization of the construct layer to accommodate new cues, which over time degrades the theoretical coherence of the framework while preserving its appearance.

Update protocol. A candidate cue must satisfy three conditions before promotion: (i) demonstrate non-trivial empirical adoption beyond a single vendor — adoption evidence may come from regulatory codification, multi-vendor deployment, or peer-reviewed empirical study, but vendor self-certification alone is insufficient; (ii) map cleanly to an existing construct via the same constant-comparison boundary protocol used in the original coding (§14); and (iii) carry a primary literature anchor or regulatory citation, in parallel with the existing 127 cues. A candidate cue that cannot be mapped to an existing construct is itself diagnostic: it triggers a construct-layer review rather than ad-hoc construct expansion.

Deprecation protocol. Cues are marked deprecated rather than deleted when there is evidence of industry shift, regulatory replacement, or empirical obsolescence. The deprecation log becomes part of the audit trail (§16). Each cue carries a first-observed date and, when applicable, a deprecated date with the precipitating evidence. This preserves the historical record of what trust signals existed at what time — a property that becomes essential for retrospective regulatory analysis, for longitudinal study of trust-cue evolution, and for distinguishing genuine framework drift from natural cue-layer evolution.

What this means for the present version. The 127 cues reported in this document are the v8 set as of April 2026. They are not a closed list. Subsequent versions are expected to add cues as new technological practices stabilize, deprecate cues as practices obsolesce, and refine cue definitions in light of empirical use. The construct layer is expected to remain stable until and unless theoretically motivated revision is required. This positioning converts what could be read as a methodological vulnerability — "the cue list will go stale" — into a design feature: the framework absorbs that churn without disturbing its theory layer, by explicit architectural separation of theoretical commitments from empirical operationalizations.

14Internal consistency check

Each L2 cue was examined through a constant-comparison protocol (Glaser & Strauss, 1967; Charmaz, 2006) to test construct boundaries and coverage. This is an internal consistency check, not a claim of formal ontological axiom checking in the Gruber (1993) or Guarino & Welty (2002) sense — that would require a different methodological apparatus. The work documented here is constant-comparison boundary validation.

Construct boundary distinctness

No two cues within the same construct are intended to overlap in scope. Boundary cases were resolved through explicit scoping decisions documented below:

Boundary caseResolutionRationale
GOV03 vs GOV05GOV03 = initial operationalization; GOV05 = ongoing adaptationDistinct temporal scopes — translation of governance requirements (initial) is a different process from continuous regulatory alignment (ongoing).
GOV10 / GOV12 mergerOriginal codes for business continuity and operational redundancy merged into "Operational Continuity & Recovery" (GOV10)Conceptual overlap; both are about maintaining service under disruption. Merging avoids artificial distinction.
TI / ST boundaryTI = technology-mediated trust; ST = socially-mediated trustFollows the Söllner et al. (2016) distinction. The boundary holds even when the same technical infrastructure (e.g. a platform) hosts both: TI cues address the platform's technical mechanisms; ST cues address what the user community does on the platform.
R / GOV boundaryR = user-facing fairness signals; GOV = organizational oversight processesDistinct audiences (consumer-facing vs organization-internal). The same algorithm can fail R15 (Algorithmic Fairness) at the consumer level and GOV15 (Bias & Fairness Auditing) at the organizational level — these are two cues, not one.
TB / ATB distinctionTB = cognitive trust beliefs; ATB = affective trust beliefsFaithfully implements McAllister's (1995) cognition/affect distinction. Decision D7 (§02). Avoiding the distinction would conflate functionally separable trust pathways (Glikson & Woolley 2020 demonstrate differential activation in AI contexts).

Coverage of source concepts

All trust-related concepts from the source corpus map to at least one cue. Unmapped concepts were either subsumed under existing cues or triggered new cue creation. Examples of cues that emerged from the cross-validation pass include: GOV18 Stakeholder Engagement (added when participatory governance was identified as a gap, consistent with Floridi & Cowls 2019); B14 Localized & Inclusive Expressions (added when intersectional inclusion concerns surfaced from Hoffmann, Lutz & Ranzini 2024); and ATB05 Relational Interaction Design (added to cover the rapport-building work of Bickmore & Cassell 2001 and Hancock, Naaman & Levy 2020).

15Preliminary evidence and status of empirical validation

The present work establishes construct validity through theoretical grounding and internal consistency checking. Independent empirical validation of the full framework — predictive validation through SEM, CFA, or prospective behavioral studies — is identified as a priority for future research. The studies reviewed below provide preliminary evidence consistent with the framework's above/below waterline distinction and assessment-process architecture, but they are not direct tests of the Iceberg Trust Model.

Preliminary evidence from adjacent trust literature

The above/below waterline distinction (visible cues driving hidden beliefs, in turn driving intentions) is consistent with the dual-pathway findings of Kim, Ferrin & Rao (2008) and the TAM-trust integration of Gefen, Karahanna & Straub (2003). For human–AI and human–automation trust specifically, Glikson & Woolley (2020) provide a meta-review consistent with the multi-source cue architecture used here, and Hoff & Bashir (2015) provide an integrative review of trust factors that maps cleanly onto the dispositional / situational / learned tripartite from the dynamics literature. These are convergent findings in the adjacent literature, not direct tests.

Schlicker et al. (2025) — TrAM and accompanying qualitative study

The Trustworthiness Assessment Model (TrAM) and the accompanying qualitative study are consistent with the above/below waterline distinction and elaborate the assessment processes the framework captures:

  • Participants used three calibration strategies (active search, cross-validation, intuitive adjustment), consistent with the Trust Calibration mechanism in §11.
  • Individual standards mapped to framework constructs: technical functionality to GOV, privacy to TI, third-party trustworthiness to ST and GOV17.
  • Aesthetics as trust meta-standard: design quality functions as a gatekeeper that determines whether deeper trust assessment begins, consistent with B10 (Design Quality & Aesthetics).
  • Participants expected empathy and interpersonal connection from AI agents, consistent with the inclusion of Affective Trusting Beliefs (ATB) as a distinct construct.

Hoffmann, Lutz & Meckel (2014) — grounding for Decisions D2 and D3

Hoffmann, Lutz & Meckel (2014, Journal of Management Information Systems) report a structural-equation-modeling study of online trust among German Internet users. That study is cited as grounding for the construct-level decisions to elevate Brand and Reciprocity to distinct L1 constructs (D2 and D3 in §02); it is not claimed here as independent empirical validation of the present framework, because using grounding sources as validation sources would be a discovery–confirmation circularity (Meehl, 1978). The specific path coefficients and sample size in that study should be verified against the primary source for any downstream publication.

Status of empirical validation

The framework therefore stands on three claim-tiers:

  1. Construct validity through theoretical grounding (the resource table, §16; the concept matrix, §17) and internal consistency (§14). This is established.
  2. Convergent validity through preliminary evidence in adjacent trust literature and the Schlicker et al. (2025) qualitative study. This is suggestive, not conclusive.
  3. Predictive validity — does the framework predict trust outcomes in prospective behavioral data — requires separate empirical investigation. Predictive validation is identified as the next methodological priority and is not claimed by the present page.

15.5Empirical validation pipeline — incidents and best practices corpus

The construct-derivation work documented in §04–§09 was performed by a single coder. The cue-application work — applying the resulting 127-cue catalog to documented trust phenomena — runs under a separate methodological architecture: a continuously-operating classification pipeline that ingests incidents and best practices from primary sources, classifies each row through a four-eyes protocol with a third-coder adjudicator, and writes outcomes to a controlled-vocabulary curation ledger. This section documents the pipeline's gates, instrumentation, and live exclusion distribution as of the cut date below. The pipeline answers a different question from the construct-derivation work: not "are the constructs theoretically grounded?" (§14, §15) but "does the cue catalog actually classify documented phenomena reliably and with adequate coverage?"

The methodological separation between construct-derivation (single-coder, theoretical) and cue-application (four-eyes, empirical) is deliberate. The construct layer is held fixed during classification. Zero-cue cases are not silently re-coded against an expanded catalog; they post to a separable refinement signal that feeds the cue-living-artefact governance protocol documented in §13. Validation evidence and refinement evidence are therefore generated as distinct data streams, addressing the circularity problem inherent in using the same cases to both validate and refine a framework.

Cut date: figures and exclusion distributions reported in this section reflect pipeline state as documented in the operational corpus-selection-bias documentation. Pipeline state advances continuously; subsequent versions of this page will report updated figures with cut-date stamps.

Pipeline architecture

Both incident and best-practice rows land in a single trust_incidents table distinguished by a trust_valence field. Identity, provenance, sourcing, and narrative fields are shared across valences; the classification payload diverges because the two phenomena answer different questions (what kind of trust was broken? what kind of trust was built?). Database-enforced valence exclusivity guarantees the two payloads never commingle: a best-practice row with severity set, or a violation row with practice-category set, is rejected at insert.

Every candidate row is fetched via Trafilatura page-content scraping, stamped with data_source, primary and secondary source URLs, and reference URLs. If scraping fails (HTTP error, empty body, wrong page type, image content type), the row is parked with corpus_exclusion_reason = "Scraping failed: status=..." rather than silently dropped. Every row carries provenance fields: pipeline_version, prompt versions for each classification phase, rubric_version, cue_catalog_version, ontology_version, model identifiers for each coder, and a per-field *_rationale required by the schema and written by both coders independently.

Sources by valence

ValenceSourceRecordsVetting prior to ingest
ViolationOECD AI Incidents Monitor (AIM) API~2,000+OECD curates, deduplicates by incident ID
ViolationCurated incident databases (legacy seed)~309Manual review at ingest time
Best PracticeOECD AI Policy Observatory (oecd_ai_observatory)2,092 initiativesOECD-vetted; from member-state submissions
Best PracticeOECD Tool Use-Cases (oecd_tool_usecases)42 casesOECD-vetted; defensible-by-construction (Smart Ranker, Resaro, FairNow, Credo AI, Advai, IBM FactSheets, etc.)
Best PracticeTrust centers, model cards, ISO 42001 / SOC 2 / IEEE CertifAIEd certifications, transparency reports, corporate AI policy pageslong-tailSubject to all six universal gates plus four best-practice gates below

Universal inclusion gates (both valences)

  1. Deduplication. A unique index on md5(summary + entity + source) blocks duplicate inserts at the database layer. Post-hoc passes catch entity-name variants (OpenAI vs. Open AI Inc.).
  2. Entity attribution. Rows where affected_entity_name is null, "Unknown", a generic placeholder, or shorter than four characters are excluded with corpus_exclusion_reason = entity_unknown. A defensible case requires an attributable entity.
  3. Substantive content. Rows whose incident_summary + detailed_description total fewer than 800 characters after sanitization are excluded as weak_substance. Empirically, below 800 characters the cue classifiers return zero cues at > 70% rate.
  4. Four-eyes classification must complete. Two independent LLM coders — Rex (Claude Haiku 4.5) and Cora (GPT-5-mini) — each classify the row through phases 5a/5b/5c/5d. If retrieval, classification, and adjudication all complete and the card would land with zero cues, the pipeline writes a pipeline_escalations row with reason='no_cues_identified' rather than ship empty. Zero-cue is treated as a failure signal (retrieval gap, classifier confusion, or genuinely off-framework phenomenon), never as truth.
  5. Disagreement adjudication. A third LLM (Claude Sonnet 4.6) adjudicates when Rex and Cora diverge. Escalation thresholds: cue Jaccard similarity < ~0.5; ordinal delta ≥ 2 on severity / capability / character; primary OECD violation-subtype mismatch; Annex III regulated sector (law enforcement, biometrics, healthcare, credit, employment), which auto-escalates even when Rex and Cora agree; adjudicator confidence < 0.75, which routes the row to a human review queue.
  6. Inter-rater reliability target. Gwet AC1 ≥ 0.75 on the binary cue grid (kappa-paradox robust per Gwet, 2014; Wongpakaran et al., 2013). Below this, the run is treated as unreliable and held back from canonical write. Cohen's quadratic-weighted kappa is computed on ordinal fields (severity, impact magnitude, capability/character reputation); Krippendorff's α is computed as a cross-check.

Best-practice-only gates

A best practice must not just describe a commitment — it must demonstrate evidence of follow-through. Four additional gates fire after the universal gates have cleared:

  1. policy_announcement_only. The detailed description does not contain at least two distinct named-artefact keywords from a controlled list (model card, system card, transparency report, trust center, audit / audited / auditor, ISO 42001, SOC 2, GDPR, conformity assessment, framework, playbook, retrospective, white paper, watermark, C2PA, red team, bug bounty, executive order, EU AI Act, etc.). A best practice that names no concrete published artefact is indistinguishable from a press release.
  2. aspirational_no_outcome. The description contains intent verbs ("we are committed", "we strive", "our vision") but fewer than two outcome / mechanism keywords (reduced, increased, audited, certified, deployed, adopted by, in production since, established, operationalized, launched, withdrawn, complies with, evaluated, monitored, fine-tuned, rolled out). Distinguishes "no artefact named" from "artefact mentioned but no follow-through evidence."
  3. low_cue_density. Phase 5a returned fewer than two present=true cues at confidence ≥ 0.80. A single-cue practice is treated as having insufficient evidential breadth to qualify as a defensible best practice.
  4. cue_breadth_inadequate. All firing cues sit in the same L1 construct (e.g., all under Governance, none under Brand or Technical Trust Infrastructure). Single-axis fulfillment is too narrow under the framework's multi-construct lens.

A best-practice row is accepted into the canonical corpus only when zero gates fire across the universal and best-practice sets.

What is captured per row

Each row carries a shared spine of identity, sourcing, and narrative fields plus a valence-specific payload. The shared spine includes capability and character reputation baselines (1–5, four-eyes with k=3 self-consistency), the five L2 cue arrays mapped to the 127-cue catalog and the iceberg L1 construct array, a CTB tri-vector (bottom-up cue-derived, top-down LLM-derived narrative, reconciliation notes), and the full provenance stamp. Per-field rationales are required by the classification schema and written independently by both coders.

The violation payload adds severity (1–5, anchored to an ontology table from Minor to Catastrophic), a three-lens violation typology (Mayer-Davis-Schoorman macro, OECD subtype, Holweg axis derived via mapping), a CTB violation breakdown across competence / integrity / benevolence, three independent reputation-damage classifications (rule-based, NLP, media-perception per Holweg, 2022), the response-and-mitigation chain, an algorithmically derived repair-strategy recommendation per Kim, Ferrin, Cooper & Dirks (2004), and EU AI Act / NIST AI RMF risk-category tags.

The best-practice payload adds an impact magnitude (1–5, Minor Gesture to Transformative), a primary and secondary trust contribution (Competence-Building / Integrity-Building / Benevolence-Building / Competence-Integrity-Building / Systemic-Building), a CTB contribution breakdown, and a five-axis 5d practice taxonomy (~33 controlled values total): practice category (16 values: governance, transparency, fairness, privacy, safety, open source, accountability, user empowerment, environmental, inclusion, human oversight, cybersecurity, reliability, stakeholder participation, workforce impact, societal impact), implementation maturity (Announced → Piloted → Operational → Industry Standard), evidence strength (Self-Reported → Press Release → Public Page → Published Report → Third-Party Verified), impact scope (Internal → Product → National → Global), and practice sustainability (One-Time → Periodic → Ongoing → Institutionalized).

Analytics running on the canonical corpus

Several analytics run continuously on the canonical (non-excluded) rows. Each is documented in its own module specification; the list below names the analytics and what each measures.

  • Iceberg digital trust score. Per-row rollup across the five surface constructs (Reciprocity, Brand, Technical Trust Infrastructure, Social Trust Mechanisms, Governance) and five deep constructs (Identity-Based, Trust-Based, Affect-Based, Disposition Trust, Trust-In-Brand). Cue weights drive a weighted score; a defensibility threshold of ≥ 7 firing cues per card is applied.
  • Holweg quadrant analysis. Dual treemap rendering ontology constructs against the Privacy / Bias / Explainability axes via keyword classifier (Holweg, 2022).
  • CTB tri-vector dashboards. Per-row comparison of the three CTB classifications (bottom-up deterministic, top-down LLM, three-way damage perception via rule-based / NLP / media for violations). Divergence is rendered prominently with the Reeder-Brewer and Kim et al. interpretive frame.
  • Inter-rater reliability dashboard. Computed every run, reported per phase and per field: Gwet AC1 on the binary cue grid (primary gate); Cohen's quadratic-weighted kappa on ordinals; Krippendorff's α as cross-check; cue Jaccard Rex↔Cora per row. Below threshold the row escalates to the Sonnet adjudicator; below 0.75 adjudicator confidence the row routes to a human queue.
  • Coverage analytics. Per data_source × industry × country × year: case counts, acceptance rate, top exclusion reason, IRR scores. Always rendered alongside the exclusion histogram so users can distinguish low-event from low-documentation jurisdictions.
  • Severity / impact distributions. Histogram of severity (violations) and impact magnitude (best practices) sliced by industry, OECD subtype, Annex III flag, autonomy level.
  • Trust-repair classifier. Per Kim, Ferrin, Cooper & Dirks (2004): violations receive an algorithmically derived repair_strategy_type (apology + correction / denial + reframing / reparation + empathy), surfaced as the "Trust Repair Recommendation" section.
  • Schema map (frozen baseline) and field schema audit. Snapshots which columns existed and what they meant on date X, so future schema deltas are tracked against a baseline; live fill-rate analysis per field, sliced by valence, surfaces data gaps.
  • Corpus selection bias dashboard. Renders the exclusion histogram per source, cohort acceptance rates, and the three documented bias directions. Bias is queryable rather than narrative.

Live exclusion distribution (best-practice rows)

Of approximately 3,000+ parked best-practice rows, the exclusion-reason distribution is as follows. Most parks are legitimate quality gates rather than pipeline failures — re-running them will not lift them without upstream data improvements.

Exclusion reason combinationRowsInterpretation
weak_substancepolicy_announcement_onlyaspirational_no_outcome552Press-release-grade content with no artefact and no outcome evidence
policy_announcement_onlyaspirational_no_outcomelow_cue_density508Substance present but no concrete artefact, no follow-through, sparse cue activation
Scraping failed: empty 200459Server returned 200 but page body empty (paywalls, JS-only rendering, content removed)
low_cue_densitycue_breadth_inadequate223Single-axis practices: real but too narrow under the multi-construct lens
entity_unknown variants (combined)~70Generic placeholders, missing attribution, sub-four-character entity names
zero_cue_after_classification32Phase 5a returned no cues at confidence ≥ 0.80 — candidates for cue-catalog gap analysis

Re-admission path

Rows excluded for weak_substance or policy_announcement_only can be re-classified after a deeper scrape provides article-body content. The pipeline re-evaluates the row through phases 5a → 5b → 5c → 5d. The corpus_excluded flag clears if the new classification produces ≥ 1 cue (violations) or passes all gates (best practices). Other exclusion reasons — entity_unknown, aspirational_no_outcome, cue_breadth_inadequate — are sticky: clearing them requires upstream data quality work, not just re-scraping.

Acknowledged biases

Three biases are documented as queryable properties of the corpus rather than narrative disclaimers:

  • Toward documented cases. Primary-source cases (audit reports, regulator findings, model cards, the OECD registry, peer-reviewed retrospectives) survive; one-line news headlines do not. Jurisdictions with weaker investigative journalism are systematically under-counted.
  • Toward Iceberg-framework-tractable phenomena. The 127-cue catalog operationalizes Mayer-Davis-Schoorman + the MIT AI Risk Repository + NIST AI RMF. Trust dynamics outside these frameworks (emergent multi-agent dynamics, non-Western trust epistemologies) get filtered as zero-cue. This is a real finding, not just a limitation: clustering of zero-cue escalations by phenomenon type is empirical evidence of cue-catalog blind spots and feeds the cue-living-artefact protocol in §13.
  • Toward implemented best practices, away from aspirational ones. Explicit by design via gates D1 and D2.

Designed but not yet live

Several analytics are designed but not yet operational, pending either further data accumulation or methodological dependencies:

  • Best-practice impact attribution. Once cue-level attribution is reliable, link a best practice at company X to a downstream reduction in similar violations (counterfactual: companies adopting practice P see Y% fewer violations of type V over Z months).
  • Cross-jurisdiction trust posture index. Country-level aggregate combining best-practice density (per-capita defensible practices) minus violation severity-weighted index. Currently blocked by the rich-jurisdiction over-coverage bias.
  • Annex III high-risk sector heatmap. EU AI Act conformity exposure: per-entity count of Annex III violations weighted by severity, paired with best-practice coverage gap on the same axes.
  • Repair-strategy effectiveness audit. Empirical test of Kim et al. (2004) predictions: do entities that actually used the recommended repair strategy show better stakeholder-perception recovery (media-perception-damage trajectory) than those that did not?
  • Cue-catalog coverage analysis. Periodic review of zero-cue exclusions to identify ontology gaps (phenomena the 127-cue catalog cannot see); surface these as candidate cues for the next ontology version under the §13 governance protocol.

Relationship to the rest of this methodology

The empirical validation pipeline sits alongside, not within, the four DSR cycles documented in §03. The four cycles describe how the v8 framework was constructed; the pipeline describes how the v8 framework is being applied to documented phenomena. Within the four-criterion evaluation (§03 Cycle 4), the pipeline strengthens the practical-applicability criterion: the three illustrative cases (Swiss e-ID, Coca-Cola/Apple, Deloitte) demonstrate that the framework can describe canonical cases, while the pipeline tests whether the framework classifies a much larger and continuously growing corpus reliably under a four-eyes protocol with an inter-rater reliability target.

Refinement signals from the pipeline (zero-cue clusters, cue-breadth-inadequate patterns, sticky exclusion combinations) feed the cue-living-artefact governance protocol in §13. Adopted refinements increment the cue catalog version (v8.1, v8.2, ..., v9). The construct layer is held fixed under the §13 architectural commitment; cue-layer refinements do not trigger framework-level re-versioning.

16Resource table — sources of the GTDS literature corpus

Wolfswinkel et al. (2013, p. 5) prescribe that "every researcher needs to construct this type of table from the data set after filtering out the doubles." The table below adapts their Table 2 template to the GTDS workflow, extending the prescribed columns (Year, Author, Title, Journal, Reason for selection) with audit-trail columns required by the hybrid: academic database, R1–R5 mapping, discipline, and inclusion status.

Status legend

CORPUSPrimary GT-LR corpus source (peer-reviewed academic publication)
SUPPL.Supplementary corpus — institutional / regulatory / standards body framework
ILLUSTR.Excluded from GT corpus, retained for case-illustration use
EXCLUDEDExcluded — non-academic source (marketing, news, opinion)

The table is horizontally scrollable on narrow viewports. URLs are linked and database/discipline columns are abbreviated to keep the row scannable.

# Year Author(s) Title Outlet / Journal Database Discipline R1–R5 Source URL Reason for selection Status
S011964Blau, P. M.Exchange and Power in Social LifeWiley (book)WoS / ScopusOrg. Psych.R1Foundational social-exchange theory. Anchors Reciprocity construct (D3) and reciprocity norm grounding for digital platform exchange.CORPUS
S021967Giffin, K.The contribution of studies of source credibility to a theory of interpersonal trustPsych. BulletinPsycINFOOrg. Psych.R1Source credibility as trust precursor. Foundational reference for early trustworthiness conceptualizations.CORPUS
S031973Spence, M.Job market signalingQuarterly J. of EconomicsWoS / ScopusEconomicsR1, R2Signaling theory under information asymmetry. Anchor for Brand-as-costly-signal construct (B02). Nobel-citation-grade foundation.CORPUS
S041973Deutsch, M.The Resolution of ConflictYale UP (book)WoSSoc. Psych.R1Trust as cooperative expectation; equity norms. Foundational pre-Mayer trust theory.CORPUS
S051976Jensen, M. C.; Meckling, W. H.Theory of the firm: Managerial behavior, agency costs and ownership structureJ. of Financial EconomicsWoS / ScopusEconomicsR1Agency theory foundation. Used in Cycle 2 architecture synthesis to ground principal-agent dynamics in the Governance Layer.CORPUS
S061979Luhmann, N.Trust and PowerWiley (book)WoSSociology / Sys. TheoryR1, R2Systems-theoretic foundation: trust as mechanism for reducing social complexity. Anchors the personal trust / system trust distinction (above- vs below-waterline).CORPUS
S071992Lee, J. D.; Moray, N.Trust, control strategies and allocation of function in human-machine systemsErgonomicsWoS / ScopusEng. Psych. / HCIR3Foundational human-machine trust. Pre-cursor to Lee & See (2004); anchors the early-1990s trust-in-automation lineage and supports Process Layer Trust Calibration.CORPUS
S081994Morgan, R. M.; Hunt, S. D.The commitment-trust theory of relationship marketingJournal of MarketingWoS / ScopusMarketingR1, R2Commitment-trust theory. Foundational marketing-trust anchor; supports the trust → behavioral intention pathway underlying TIB constructs.CORPUS
S091994Muir, B. M.Trust in automation: Part I. Theoretical issuesErgonomicsWoS / ScopusEng. Psych. / HCIR3Foundational trust-in-automation theory. Anchor for the early HMI trust framework and the calibration discussion in the Process Layer.CORPUS
S101995Mayer, R. C.; Davis, J. H.; Schoorman, F. D.An integrative model of organizational trustAcademy of Mgmt ReviewWoS / ScopusOrg. Psych.R1The most-cited trust model (>20,000 citations). Anchors TB construct (ABI), risk moderation, and Decision D1 commitment.CORPUS
S111995McAllister, D. J.Affect- and cognition-based trust as foundations for interpersonal cooperationAcademy of Mgmt JournalWoS / ScopusOrg. Psych.R1Cognition/affect trust distinction. Anchor for Decision D7 (separating ATB as 10th construct). >7,000 citations.CORPUS
S121995Fukuyama, F.Trust: The Social Virtues and the Creation of ProsperityFree Press (book)WoSSocial TheoryR1Social capital and cultural trust radius. Anchors the cultural trust radius parameter of the contextual moderation layer.CORPUS
S131995Lewicki, R. J.; Bunker, B. B.Trust in relationships: A model of development and declineConflict, Cooperation, & Justice (book chap.)WoSOrg. Psych.R1Calculus → knowledge → identification trust stages. Anchor for the Process Layer's Trust Formation mechanism.CORPUS
S141998McKnight, D. H.; Cummings, L. L.; Chervany, N. L.Initial trust formation in new organizational relationshipsAcademy of Mgmt ReviewWoS / ScopusIS / Org. Psych.R2Initial trust formation theory. Foundational for the Process Layer's Trust Formation mechanism.CORPUS
S151998Lewicki, R. J.; McAllister, D. J.; Bies, R. J.Trust and distrust: New relationships and realitiesAcademy of Mgmt ReviewWoS / ScopusOrg. Psych.R1Distrust as separate construct (independent dimension, not low trust). Anchor for Decision D9 (distrust distributed across constructs) and the Trust State Vector formulation.CORPUS
S161998Rousseau, D. M.; Sitkin, S. B.; Burt, R. S.; Camerer, C.Not so different after all: A cross-discipline view of trustAcademy of Mgmt ReviewWoS / ScopusCross-disc.R1Definitional consensus across disciplines; risk as precondition for trust. Grounds Decision D6 (perceived risk as moderator).CORPUS
S171999Kramer, R. M.Trust and distrust in organizations: Emerging perspectives, enduring questionsAnnual Review of PsychologyWoS / ScopusOrg. Psych.R1Top-tier review consolidating organizational trust theory across two decades. Provides the secondary-literature anchor McKnight, Cummings & Chervany (1998) sits within.CORPUS
S182000Gefen, D.E-commerce: The role of familiarity and trustOmega — Int. J. of Mgmt Sci.WoS / ScopusISR2Familiarity in e-commerce trust. Anchor for B05/B07 (Brand familiarity cues).CORPUS
S192001Bickmore, T.; Cassell, J.Relational agents: A model and implementation of building user trustCHI '01 ProceedingsACM DLHCIR4Relational agents and rapport-building. Anchor for ATB05 (Relational Interaction Design) and the R4 conceptualization.CORPUS
S202001McKnight, D. H.; Chervany, N. L.Trust and distrust definitions: One bite at a timeTrust in Cyber-Societies (Springer)WoSISR2Trust and distrust as independent dimensions. Anchors the Trust State Vector formulation in the Process Layer.CORPUS
S212002McKnight, D. H.; Choudhury, V.; Kacmar, C.Developing and validating trust measures for e-commerce: An integrative typologyInformation Systems ResearchWoS / ScopusISR2The most-validated trust typology in IS. Anchors all four below-waterline constructs (TB, DT, IB, TIB) — Decision D1.CORPUS
S222003Corritore, C. L.; Kracher, B.; Wiedenbeck, S.On-line trust: Concepts, evolving themes, a modelInt. J. of Human-Computer StudiesWoS / ScopusIS / HCIR2Online trust foundational model. Anchors the cue → trust → behavior architecture for digital contexts; cross-validates McKnight et al. (2002).CORPUS
S232003Gefen, D.; Karahanna, E.; Straub, D. W.Trust and TAM in online shopping: An integrated modelMIS QuarterlyWoS / ScopusISR2Trust × technology acceptance integration via SEM. Grounds TIB04 and the cognitive route from beliefs to behavior.CORPUS
S242003Pavlou, P. A.Consumer acceptance of electronic commerce: Integrating trust and risk with the technology acceptance modelInt. J. of Electronic CommerceWoS / ScopusISR2Trust + risk integration with TAM in e-commerce. Anchor for the perceived-risk moderator (D6) and the dual-pathway architecture above the waterline.CORPUS
S252003Ripperger, T.Ökonomik des Vertrauens: Analyse eines OrganisationsprinzipsMohr Siebeck (book, 2nd ed.)WoSEconomicsR2Trust as implicit contract; uncertainty management. Single German-language inclusion for theoretical reach (R2 anchor).CORPUS
S262004Kim, P. H.; Ferrin, D. L.; Cooper, C. D.; Dirks, K. T.Removing the shadow of suspicion: The effects of apology versus denialJ. of Applied PsychologyPsycINFOOrg. Psych.R1Trust repair theory. Anchor for the Trust Repair process layer (apology-vs-denial strategy by violation type).CORPUS
S272004Koufaris, M.; Hampton-Sosa, W.The development of initial trust in an online company by new customersInformation & MgmtWoS / ScopusISR2Initial trust antecedents in online companies. Reinforces the cue-pathway architecture above the waterline.CORPUS
S282004Lee, J. D.; See, K. A.Trust in automation: Designing for appropriate relianceHuman FactorsWoS / ScopusHCI / Eng. Psych.R3Trust calibration in human-automation interaction. Anchor for Process Layer's Trust Calibration mechanism.CORPUS
S292004Pavlou, P. A.; Gefen, D.Building effective online marketplaces with institution-based trustInformation Systems ResearchWoS / ScopusISR2Institution-based marketplace trust. Anchors ST04 (3rd-party endorsements) and IB04 (Intermediary & Platform Trust).CORPUS
S302005Bart, Y.; Shankar, V.; Sultan, F.; Urban, G. L.Are the drivers and role of online trust the same for all websites and consumers?Journal of MarketingWoS / ScopusMarketingR2Trust drivers by site category and consumer segment. Anchor for the domain-sensitivity moderator parameter.CORPUS
S312006Dinev, T.; Hart, P.An extended privacy calculus model for e-commerce transactionsInformation Systems ResearchWoS / ScopusISR2Privacy calculus theory. Anchors R18 (Data Reciprocity), R20 (Privacy-Value Exchange), and TIB02 (Information Sharing Behavior).CORPUS
S322006Hollnagel, E.; Woods, D. D.; Leveson, N. (Eds.)Resilience Engineering: Concepts and PreceptsAshgate (book)WoS / ScopusResilience Eng.R3Foundational resilience engineering. Anchors GOV08–GOV12 (graceful degradation, anticipatory monitoring, organizational resilience).CORPUS
S332007Jøsang, A.; Ismail, R.; Boyd, C.A survey of trust and reputation systems for online service provisionDecision Support SystemsWoS / ScopusCS / ISR2Foundational survey of online trust and reputation systems. Pairs with Hendrikx et al. (2015) to anchor the Social Trust Mechanisms (ST) construct.CORPUS
S342008Kim, D. J.; Ferrin, D. L.; Rao, H. R.A trust-based consumer decision-making model in electronic commerceDecision Support SystemsWoS / ScopusISR2Dual-pathway model of trust antecedents (trust-building × risk-reducing). Cross-validates above/below waterline distinction.CORPUS
S352010Castelfranchi, C.; Falcone, R.Trust Theory: A Socio-Cognitive and Computational ModelWiley (book)WoS / ScopusCog. Sci. / AIR1, R3Socio-cognitive trust theory; computational model of trust dynamics. Bridges R1 (interpersonal) and R3 (computational/AI), connecting socio-cognitive trust theory to AI agent systems.CORPUS
S362014Hoffmann, C. P.; Lutz, C.; Meckel, M.Digital natives or digital immigrants? The impact of user characteristics on online trustJ. of Mgmt Information SystemsWoS / ScopusIS / Comm. StudiesR2, R5SEM study of online trust cues. Critical empirical anchor: β=0.426 reciprocity (D3); β=0.404 brand direct pathway (D2); β=−0.257 user control paradox.CORPUS
S372015Lankton, N. K.; McKnight, D. H.; Tripp, J.Technology, humanness, and trust: Rethinking trust in technologyJ. of the Assoc. for ISWoS / ScopusIS / HCIR3System-like vs human-like trust. Anchors TB05–TB07 and Decision D9.CORPUS
S382015Acquisti, A.; Brandimarte, L.; Loewenstein, G.Privacy and human behavior in the age of informationScienceWoS / ScopusBehav. Econ. / ISR2Foundational treatment of the privacy paradox in digital contexts. Anchors R18 (Data Reciprocity) at the empirical layer; supports TIB02 (Information Sharing) and the AI-context elaboration the author terms the "AI Intimacy Paradox".CORPUS
S392015Helbing, D. (Ed.)Thinking Ahead — Essays on Big Data, Digital Revolution, and Participatory Market SocietySpringer (book)WoS / ScopusComplexity Sci.R3Theoretical foundation for technology-mediated trust (TI domain) and socially-mediated trust (ST domain). Original lineage for Social Adaptor / Social Protector constructs (subsequently relabelled).CORPUS
S402015Hendrikx, F.; Bubendorfer, K.; Chard, R.Reputation systems: A survey and taxonomyJ. of Parallel and Distributed ComputingWoS / ScopusCSR2Most comprehensive reputation systems taxonomy. Anchors ST04 (Reputation Systems) and the ST construct domain.CORPUS
S412015Hoff, K. A.; Bashir, M.Trust in automation: Integrating empirical evidence on factors that influence trustHuman FactorsWoS / ScopusEng. Psych. / HCIR3, R5Three temporal layers of trust (dispositional, situational, learned). Anchor for DT04 (Technology Readiness).CORPUS
S422016Mittelstadt, B. D.; Allo, P.; Taddeo, M.; Wachter, S.; Floridi, L.The ethics of algorithms: Mapping the debateBig Data & SocietyScopus / WoSAI EthicsR3Canonical mapping of algorithmic ethics. Anchor for GOV21 (Machine Ethics Auditing) and the algorithmic-fairness lineage within the Governance Layer.CORPUS
S432016Söllner, M.; Hoffmann, A.; Leimeister, J. M.Why different trust relationships matter for IS usersEuropean J. of ISWoS / ScopusISR2, R3Network of trust; technology-mediated vs socially-mediated trust. Anchor for Decision D4 (TI / ST construct labeling).CORPUS
S442017Følstad, A.; Brandtzaeg, P. B.Chatbots and the new world of HCIInteractions (ACM)ACM DLHCIR4Conversational interface foundational paper. Anchor for ATB05 (Relational Interaction Design) and TI04 (Adaptive Communication).CORPUS
S452020Glikson, E.; Woolley, A. W.Human trust in artificial intelligence: Review of empirical researchAcademy of Mgmt AnnalsWoS / ScopusHCI / Org. Psych.R3Review of empirical AI trust research; anthropomorphism activates emotional trust. Anchor for ATB01 and Decision D7.CORPUS
S462020Hancock, J. T.; Naaman, M.; Levy, K.AI-Mediated Communication: Definition, Research Agenda, and Ethical ConsiderationsJ. of Computer-Mediated CommunicationWoS / ScopusComm. Studies / HCIR4Defines AI-mediated communication as a research domain. Anchor for the Agency Layer's interaction-modality cues and the AI-context elaboration the author terms the "AI-Authorship Effect".CORPUS
S472020Shneiderman, B.Human-Centered Artificial Intelligence: Reliable, Safe & TrustworthyInt. J. of Human-Computer InteractionWoS / ScopusHCI / AIR3, R4Human-Centered AI principles. Anchor for the Productive Friction design principle and the Agency Layer's reliability/safety cues.CORPUS
S482021Lockey, S.; Gillespie, N.; Holm, D.; Someh, I. A.A Review of Trust in Artificial Intelligence: Challenges, Vulnerabilities and Future DirectionsProc. HICSSAISeL / ScopusIS / AIR3Systematic review of AI trust research. Cross-validates Glikson & Woolley (2020); anchors GOV-construct gaps and AI-trust vulnerabilities.CORPUS
S492021Thiebes, S.; Lins, S.; Sunyaev, A.Trustworthy artificial intelligenceElectronic MarketsWoS / ScopusIS / AI EthicsR3Trustworthy AI requirements review. Anchors GOV21 (Machine Ethics Auditing) and TI18 (Generative AI Disclosures).CORPUS
S502021Jacovi, A.; Marasović, A.; Miller, T.; Goldberg, Y.Formalizing trust in artificial intelligence: Prerequisites, causes and goals of human trust in AIProc. ACM FAccTACM DL / ScopusAI / EthicsR3Formalization of trust-in-AI. Anchor for the construct-vs-trust distinction and supports the cognitive grounding of TB construct in AI contexts.CORPUS
S512021Zierau, N.; Engel, C.; Söllner, M.; Leimeister, J. M.Trust in smart personal assistants — a systematic literature reviewECIS / Wirtschaftsinf. 2021AISeLHCI / ISR4Conversational agent trust design. Anchor for ATB05 and TI04 (Adaptive Communication).CORPUS
S522022Lukyanenko, R.; Maass, W.; Storey, V. C.Trust in artificial intelligence: From a foundational trust framework to emerging research opportunitiesElectronic MarketsWoS / ScopusIS / AIR3Theoretical framework for trust in AI. Anchor for R3 conceptualization and TI05 (AI System Self-Disclosure).CORPUS
S532022Vössing, M.; Kühl, N.; Lind, M.; Satzger, G.Designing transparency for effective human–AI collaborationInformation Systems FrontiersWoS / ScopusIS / HCIR3, R4Transparency design for human-AI collaboration. Anchor for TI01 (Algorithmic Explainability) and the Engineering-Agency interface cues.CORPUS
S542022Riedl, R.Is trust in artificial intelligence systems related to user personality?Electronic MarketsWoS / ScopusNeuroISR5Personality-trust links in AI contexts. Anchor for DT01–DT04 (the four R5 dispositional cues).CORPUS
S552024Hoffmann, C. P.; Lutz, C.; Ranzini, G.Inequalities in privacy cynicism: An intersectional analysis of agency constraintsBig Data & SocietyScopus / WoSIS / Comm. StudiesR2, R5Privacy cynicism and structural agency constraints. Companion to Hoffmann et al. (2014); supports R5 dispositional moderators and the AI-context elaboration the author terms the "Agency Paradox".CORPUS
S562025Schlicker, N.; Baum, K.; Uhde, A.; Sterz, S.; Hirsch, M. C.; Langer, M.How do we assess the trustworthiness of AI? Introducing the Trustworthiness Assessment Model (TrAM)Computers in Human BehaviorWoS / ScopusHCI / Psych.R3TrAM specification: Brunswik Lens Model applied to AI trust assessment. Anchor for the cue-detection / cue-utilization architecture above the waterline and for the Process Layer's Trust Calibration.CORPUS
S572019Floridi, L.; Cowls, J.A unified framework of five principles for AI in societyHarvard Data Science ReviewScopusAI EthicsR3Five-principle AI ethics framework. Anchor for GOV01 (Principle-Based Trust Foundations).SUPPL.
S582020Internal Auditing Foundation (IIA)The IIA's Three Lines ModelIIA Position PaperAudit / Risk MgmtR3Three Lines accountability model. Anchor for GOV04 (Three Lines of Defense). Professional framework, not peer-reviewed.SUPPL.
S592022World Economic ForumEarning Digital Trust: Decision-making for trustworthy technologiesWEF Insight ReportPolicy / IndustryR3Eight-dimension digital trust framework. Anchor for GOV01 and GOV25 (Redressability). Institutional source.SUPPL.
S602023National Institute of Standards and TechnologyAI Risk Management Framework (AI RMF 1.0)NIST AI 100-1Standards / Gov.R3US Federal AI risk management framework. Primary anchor for the GOV construct architecture (Decision D5).SUPPL.
S612024European Parliament & Council of the EURegulation (EU) 2024/1689 — Artificial Intelligence ActOfficial J. of the EULaw / RegulationR3EU AI Act. Anchor for risk-based classification (GOV02), transparency obligations, redressability.SUPPL.
S622024European Parliament & Council of the EURegulation (EU) 2024/1183 amending Reg. (EU) 910/2014 (eIDAS 2.0)Official J. of the EULaw / RegulationR3eIDAS 2.0 — political validation of SSI / verifiable credentials at EU scale. Anchor for the Institutional Layer's identity infrastructure.SUPPL.
S632024Swiss Financial Market Supervisory AuthorityGuidance 08/2024: AI governance for supervised institutionsFINMA AufsichtsmitteilungSector regulationR3Swiss financial sector AI governance guidance. Sector-specific anchor for the institutional integration story.SUPPL.
S642022W3CDecentralized Identifiers (DIDs) v1.0 — W3C RecommendationW3C RecommendationStandards / CSR3Anchors TI09 (Identity & Access Management) and the Engineering Layer's verifiable identity architecture.SUPPL.
S652020High-Level Expert Group on AI (HLEG-AI)Assessment List for Trustworthy Artificial Intelligence (ALTAI) — Self-assessmentEuropean CommissionPolicy / RegulationR3Seven-requirements self-assessment framework for trustworthy AI from the European Commission's High-Level Expert Group on AI. Anchors GOV26 (Workforce Transition & Reskilling), TI21 (Augmentation-First Design Intent), and ST18 (Job Impact Transparency). Section 6.2 (Impact on Work & Skills) closes the workforce-impact gap exposed during cross-validation. Foundational HLEG-AI source preceding the EU AI Act (2024).SUPPL.
S662024Acemoglu, D.The simple macroeconomics of AINBER Working Paper 32487NBEREconomicsUsed in Cycle 1 problem framing. NBER working paper, not yet peer-reviewed at corpus close. Retained for problem-relevance argument; not coded.ILLUSTR.
S672024Edelman2024 Edelman Trust BarometerIndustry surveyIndustry / PRExcluded from GT corpus: industry research, no peer review, methodology not transparent. Cited in chapter for context only.EXCLUDED
S682024GartnerHype cycle for artificial intelligence, 2024Gartner ResearchIndustry analystExcluded: paywalled industry analyst report, no peer review. Used for problem-context narrative only.EXCLUDED
S692024McKinsey & CompanyThe state of AI in early 2024McKinsey InsightsIndustry consultingExcluded: industry consulting research, sample & methodology not peer-scrutinized. Cited illustratively.EXCLUDED
S702025Tadros, E.; Karp, P.Deloitte to refund government, admits using AI in $440k reportAustralian Financial ReviewNewsNews article documenting the Deloitte Australia case. Excluded from GT corpus; used as a primary case-illustration source in DSR Cycle 4 evaluation.ILLUSTR.
S712025Weatherbed, J.Coca-Cola's new AI holiday ad is a sloppy eyesoreThe VergeNewsNews article documenting the Coca-Cola AI marketing case. Excluded from GT corpus; used as case-illustration evidence in Cycle 4 evaluation of the Brand construct.ILLUSTR.
S722025Swiss Fintech InnovationsThe AI Production GapSFTI Industry ReportIndustry / SectorExcluded from GT corpus: industry sector report. Strong empirical content on Swiss financial sector AI barriers; cited for problem motivation.EXCLUDED
S732025Entrust Cybersecurity Institute2026 Identity Fraud ReportIndustry threat reportIndustry / SecurityExcluded from GT corpus: vendor-published threat report. Cited for the empirical claim that deepfakes account for ~20% of biometric fraud attempts.EXCLUDED

Reading the table. S01–S56 are the primary corpus (peer-reviewed academic, formally coded against the R1–R5 scaffold). S57–S65 are the supplementary corpus (institutional / regulatory frameworks essential to the AI governance grounding but not peer-reviewed in the journal sense; coded with the same protocol). S66–S73 are sources cited in the SDS 2026 paper but not coded for the GT-LR — they are retained either as illustrative (used in case discussions) or as excluded (not academic-grade), per Wolfswinkel et al. (2013, p. 2): "Typically, sources other than peer-reviewed journal and conference articles and book chapters are not seen as acceptable data for a scholarly review." The wider consulted but not coded bibliography of the iceberg.digital research project is listed alphabetically in §21 (Appendix).

Reflexive note on the table itself. Constructing the resource table revealed that several sources are referenced in the body text but were not part of the formal coding pass. The table separates these classes explicitly: only sources marked CORPUS or SUPPL. were coded against the 15 axial categories (§07) and the 10 constructs (§09). The consulted but not coded sources — the wider bibliographic universe of the iceberg.digital research project — are listed in §21 (Appendix). This three-tier separation (coded primary / coded supplementary / consulted) is the substantive transparency move of the framework.

17Advanced concept matrix — sources × constructs

Wolfswinkel et al. (2013, p. 7, Table 4) prescribe an advanced concept matrix mapping articles (rows) to concepts (columns), with cells populated as concepts are merged, separated, or refined during axial coding. The matrix below adapts that template to the GTDS hybrid: rows are the corpus sources, columns are the framework's 10 L1 constructs, the 4 architectural categories (layers), the 3 process categories, and the waterline moderator. The cell mark denotes a primary contribution; denotes a secondary contribution; blank denotes that the source was not coded against that construct or category.

Legend

Primary — the source contributed substantively to the construct's definition, an anchor citation, a primary cue derivation, or a design decision.
Secondary — the source contributed cross-validating evidence, a related cue, or a moderator that informed the construct without anchoring it.
·Blank — the source was not coded against this construct.

Construct & category abbreviations

L1 Constructs: R Reciprocity · B Brand · TI Technical Trust Infrastructure · ST Social Trust Mechanisms · GOV Governance / Resilience & Assurance · IB Institution-Based Trust · TB Trusting Beliefs (Cognitive) · ATB Affective Trusting Beliefs · DT Disposition to Trust · TIB Trusting Intentions & Behaviors

Layer categories: AGY Agency · ENG Engineering · GVN Governance · INS Institutional

Process categories: FORM Trust Formation · CAL Trust Calibration · REP Trust Repair

Moderator: WL Waterline (perceived risk · cultural radius · domain · segment)

Source (id · author · year) L1 Constructs Architectural Categories (Layers) Process Categories WL · Moderator
R B TI ST GOV IB TB ATB DT TIB AGY ENG GVN INS FORM CAL REP
Blau, P. M.1964
Giffin, K.1967
Spence, M.1973
Deutsch, M.1973
Jensen & Meckling1976
Luhmann, N.1979
Lee & Moray1992
Morgan & Hunt1994
Muir, B. M.1994
Mayer, Davis & Schoorman1995
McAllister, D. J.1995
Fukuyama, F.1995
Lewicki & Bunker1995
McKnight et al.1998
Lewicki, McAllister & Bies1998
Rousseau et al.1998
Kramer, R. M.1999
Gefen, D.2000
Bickmore & Cassell2001
McKnight & Chervany2001
McKnight, Choudhury & Kacmar2002
Corritore, Kracher & Wiedenbeck2003
Gefen, Karahanna & Straub2003
Pavlou, P. A.2003
Ripperger, T.2003
Kim, Ferrin, Cooper & Dirks2004
Koufaris & Hampton-Sosa2004
Lee & See2004
Pavlou & Gefen2004
Bart, Shankar, Sultan & Urban2005
Dinev & Hart2006
Hollnagel, Woods & Leveson2006
Jøsang, Ismail & Boyd2007
Kim, Ferrin & Rao2008
Castelfranchi & Falcone2010
Hoffmann, Lutz & Meckel2014
Lankton, McKnight & Tripp2015
Acquisti, Brandimarte & Loewenstein2015
Helbing, D. (Ed.)2015
Hendrikx, Bubendorfer & Chard2015
Hoff & Bashir2015
Mittelstadt et al.2016
Söllner, Hoffmann & Leimeister2016
Følstad & Brandtzaeg2017
Glikson & Woolley2020
Hancock, Naaman & Levy2020
Shneiderman, B.2020
Lockey, Gillespie, Holm & Someh2021
Thiebes, Lins & Sunyaev2021
Jacovi, Marasović, Miller & Goldberg2021
Zierau et al.2021
Lukyanenko, Maass & Storey2022
Riedl, R.2022
Vössing, Kühl, Lind & Satzger2022
Hoffmann, Lutz & Ranzini2024
Schlicker, Baum et al. (TrAM)2025
Floridi & Cowls2019
IIA Three Lines Model2020
World Economic Forum2022
NIST AI RMF 1.02023
EU AI Act (2024/1689)2024
eIDAS 2.0 (2024/1183)2024
FINMA Guidance 08/20242024
W3C DIDs v1.02022
HLEG-AI / ALTAI2020

How to read the matrix

The matrix functions as both a transparency artifact and a saturation diagnostic. Three patterns are worth highlighting.

Pattern 1 — convergence on the four below-waterline constructs. The columns TB, ATB, DT, and TIB receive primary marks from the foundational R1 and R2 sources (Mayer, Davis & Schoorman 1995, McAllister 1995, McKnight, Cummings & Chervany 1998, McKnight, Choudhury & Kacmar 2002, Rousseau et al. 1998, Kramer 1999, Castelfranchi & Falcone 2010), with secondary marks from later cross-validating work (Lankton, McKnight & Tripp 2015, Hoff & Bashir 2015, Schlicker et al. 2025, Glikson & Woolley 2020, Jacovi et al. 2021). The convergence is precisely what would be expected if the framework's below-waterline architecture is correctly grounded in the established trust-research tradition.

Pattern 2 — divergence on the above-waterline constructs. The columns R, B, TI, ST, and GOV are populated unevenly. Reciprocity and Brand draw their primary marks from a small set of anchors (Blau 1964; Spence 1973; Hoffmann, Lutz & Meckel 2014; Dinev & Hart 2006; Acquisti, Brandimarte & Loewenstein 2015; Hoffmann, Lutz & Ranzini 2024). TI is anchored across a deliberately broader cluster (Söllner et al. 2016 — D4 commitment; Helbing 2015; Jøsang, Ismail & Boyd 2007; Lukyanenko et al. 2022; Vössing et al. 2022; W3C DIDs; eIDAS 2.0). ST is anchored more narrowly (Söllner et al. 2016; Pavlou & Gefen 2004; Hendrikx et al. 2015; Jøsang et al. 2007). GOV draws primary marks from a different cluster — Jensen & Meckling 1976, Hollnagel et al. 2006, Mittelstadt et al. 2016, Shneiderman 2020, Lockey et al. 2021, Thiebes et al. 2021, plus the supplementary corpus (NIST, EU AI Act, IIA, Floridi & Cowls 2019, FINMA, WEF). The divergence reflects the fact that the above-waterline constructs synthesize across four distinct research traditions (signaling, exchange, infrastructure, governance) rather than within a single tradition.

Pattern 3 — process and waterline coverage. The Process Layer (FORM, CAL, REP) draws primary marks from a deliberately small set: Lewicki & Bunker 1995 for Formation, Lee & See 2004 plus Schlicker et al. 2025 for Calibration, Kim, Ferrin, Cooper & Dirks 2004 for Repair. The Waterline (WL) moderator is anchored across eight sources — Mayer, Davis & Schoorman 1995, Fukuyama 1995, Rousseau et al. 1998, Pavlou 2003, Bart et al. 2005, Hoffmann, Lutz & Meckel 2014, Acquisti, Brandimarte & Loewenstein 2015, and Hoffmann, Lutz & Ranzini 2024 — with each source anchoring a distinct moderator parameter (perceived risk, cultural radius, domain sensitivity, segment differentiation). The Process Layer remains the framework's most under-developed component, and the matrix reveals that without obscuring it.

Limit of the matrix

The matrix records source-to-construct contributions; it does not weight contributions by citation strength, methodological quality, or theoretical centrality. A primary mark from Mayer et al. (1995) and a primary mark from a 2015 follow-up paper appear identically in the matrix. This is a deliberate simplification consistent with Wolfswinkel et al.'s Table 4: the matrix is a coverage artifact, not a meta-analytic instrument. Weighted versions are an obvious extension for v3.

18Coverage-plateau analysis & audit trail

Wolfswinkel et al. (2013, p. 7) require that "theoretical saturation has occurred" before the analyze stage is closed — meaning that no new concepts, properties, or interesting links arise from the addition of further sources. Saturation in literature reviews is debated; Glaser & Strauss (1967) treat it as an ideal that is in practice constrained by time and resource. The framing used here is conservative: the work reports a conceptual coverage plateau, not a Glaserian saturation claim.

Method — plateau analysis at the 56-source corpus level

This section reports a coverage-plateau analysis run on the full 56-source primary corpus. The analysis tracks the chronology of category emergence using two transparency artifacts produced elsewhere in this document: the resource table (§16) provides year and author for each source; the concept matrix (§17) provides source × construct/layer/process/moderator marks. Sources are ordered by publication year, with ties broken alphabetically by first author. Other orderings — reverse-chronological, R-type clustered, citation-weighted — would yield different plateau points; the chronological choice tracks the historical development of the trust literature, which is the most common ordering in published GT-LR work.

Categories C01–C13 map directly to a single matrix column (e.g. C09 Governance → GOV; C10 Perceived Risk → WL waterline-moderator column; C12 Trust Dynamics → FORM or CAL process columns). A category was treated as first-touched by the earliest chronological source with any contribution (primary or secondary ) in the corresponding column. Categories C14 (Distrust) and C15 (AI-Specific) do not have dedicated matrix columns — Decision 9 in §02 distributed them across existing constructs — so first-touch was identified by year-and-first-author match against the anchor-source list documented in §07.

Category-emergence sequence

CategoryNamePos.YearS-idFirst-touched by
C04Trust Intentions & Behavior#11964S01Blau, P. M.
C07Privacy, Security & Technical Trust Infrastructure#11964S01Blau, P. M.
C10Perceived Risk#11964S01Blau, P. M.
C03Institutional Trust#21967S02Giffin, K.
C06Fair Exchange & Reciprocity#21967S02Giffin, K.
C11Affective Trust#31973S04Deutsch, M.
C13Trust Repair#31973S04Deutsch, M.
C08Social Proof, Reputation & Community Trust Mechanisms#51976S05Jensen & Meckling
C09Governance & Organizational Accountability#51976S05Jensen & Meckling
C05Brand & Reputation Signals#61979S06Luhmann, N.
C12Trust Dynamics & Lifecycle#71992S07Lee & Moray
C01Trustworthiness Beliefs (ABI+P)#81994S08Morgan & Hunt
C02Dispositional Trust#81994S08Morgan & Hunt
C14Distrust as Separate Construct#141998S15Lewicki, McAllister & Bies
C15AI-Specific Trust Dimensions#412015S37Lankton, McKnight & Tripp
Cumulative category emergence across the 56-source primary corpus A step chart showing the cumulative count of distinct trust categories first-touched at each chronological source position. Two plateau points are highlighted: a 14-of-15 plateau at source #14 (Lewicki, McAllister and Bies, 1998), and a full 15-of-15 plateau at source #41 (Lankton, McKnight and Tripp, 2015). 0 5 10 15 1 10 20 30 40 50 56 Source position · chronological order Cumulative categories first-touched 14-of-15 plateau #14 · Lewicki et al. Full 15-of-15 plateau #41 · Lankton et al.
Figure 1. Cumulative category emergence across the 56-source primary corpus, in chronological year order. The step curve climbs steeply through the first eight sources (1964–1994), then enters a long flat region in which only one new category emerges (C14 Distrust at source #14, Lewicki, McAllister & Bies 1998). The fifteenth category — C15 AI-Specific Trust Dimensions — does not first-touch until source #41 (Lankton, McKnight & Tripp 2015), reflecting the historical timing of AI-trust as a discrete research domain. The two highlighted plateau points show where the framework's general-trust set stabilizes and where the full set including AI-specific dimensions becomes complete.

Two plateau points

The analysis identifies two defensible plateau points, depending on whether C15 is included:

14-of-15 plateau at source #14 (Lewicki, McAllister & Bies, 1998). Categories C01–C14 — the entire "general trust" set — are first-touched within the first 14 chronologically ordered sources, i.e. 25% of the corpus. From source #15 onward, no further general-trust category emerges. This is well within the 12–25 case range Guest, Bunce & Johnson (2006) report as typical for thematic plateau in qualitative work.

Full 15-of-15 plateau at source #41 (Lankton, McKnight & Tripp, 2015). C15 — AI-Specific Trust Dimensions — does not first-touch until 2015, because AI-specific trust did not exist as a discrete research category in the published literature before then. This is a temporal artifact of the literature itself, not a methodological problem with the framework: any inductive coding of the trust literature constrained to publications before ~2010 would necessarily exclude C15. The honest interpretation is that the framework's AI-specific layer (Decision 9 in §02) is grafted onto a structure that was conceptually settled long before AI-trust research existed as a discrete domain.

What this analysis does and does not establish

The plateau analysis above is built from the existing transparency artifacts (resource table + concept matrix); it is not a fresh coding pass. It establishes that, given the matrix marks already documented and a chronological ordering, the framework's categorical scheme stabilizes at source #14 for the general-trust set and at source #41 for the full set including AI-specific dimensions. A formal saturation study in the Glaserian sense — iterative theoretical sampling driven by ongoing analysis — would still be a separate undertaking; this work does not claim to provide one.

Audit trail

The complete audit trail — including the search log, full source-by-category coding, the constant-comparison protocol, the nine consolidation decisions, and the coverage-plateau analysis — is contained within this single document. §16 (resource table), §17 (concept matrix), §18 (coverage-plateau analysis), §19 (limitations), and §21 (wider consulted bibliography) together form the complete audit trail.

19Acknowledged limitations

Hevner et al. (2004, p. 99) hold that "design-science research is perishable" and that the rigorous evaluation methods needed to defend its results are extremely difficult to apply. Wolfswinkel et al. (2013, p. 5) require that the review's limitations be made explicit. The list below is the honest accounting; each limitation is paired with an acknowledged mitigation and a flag for follow-on work in v3.

LimitationMitigation appliedStatus
Single-coder analysisDocumented constant-comparison protocol, paradigm mapping, and internal consistency checking. Wolfswinkel et al.'s recommended ≥90% IRR with two coders was not satisfied.To be addressed in v3 (recruit second coder for 20% sub-sample IRR).
No formal forward-selection logPer-database query strings, hit counts, and per-stage attrition counts were not maintained during the original work and are not reconstructable post-hoc without recall bias. Mitigation: retrospective reconstruction explicitly disclosed in §05 Stage 3; backward audit via §16 (formally coded sources) and §21 (wider consulted bibliography); construct-cue traceability documented in §13 (cue taxonomy).Open task for v3 — maintain forward selection log alongside coding from the start.
R1–R5 scaffold confirmation-bias riskAxial coding allowed to produce categories that did not map to any single R-type (GOV, perceived risk moderator).Independent re-coding without R1–R5 scaffold is future work.
Discovery-confirmation circularityHoffmann et al. (2014) used as both empirical grounding (Decisions D2, D3) and as cross-validation source. Per Meehl (1978), this is a recognized hazard in literature-derived frameworks.External validation required; the discovery–confirmation circularity is acknowledged in §15 (preliminary evidence) and identified as a priority for the empirical-validation program.
Predictive validity deferredOnly construct validity claimed. The three case demonstrations show explanatory adequacy, not predictive performance.Longitudinal validation studies identified as future research direction.
Language and cultural bias55/56 corpus sources in English; one German-language inclusion (Ripperger 2003). Cultural-trust calibration (Fukuyama 1995; cross-national AI trust per Lockey et al. 2022; Gillespie et al. 2023) acknowledged as moderator but not operationalized.Cross-cultural calibration is a core item in the future research program.
ITI Questionnaire v8 statusThe Instrument under development is used as a cue-derivation prompt, not as a validated psychometric instrument. Its v8 status is provisional.Psychometric validation deferred to follow-on empirical work.
Descriptive evaluation onlyHevner et al.'s (2004, Table 2) Informed Argument and Scenarios methods used. This is appropriate for an especially innovative artifact (p. 86) but does not substitute for controlled experimental, simulation, or field-study evaluation.Multi-method evaluation program in future research.

These limitations are honest, not concessive. They define the empirical research program that follows from the present work.The author's framing of the limitations

20Methodological references

References below are the methodological anchors for this page. The 56-source primary corpus is listed in §06 (resource table) and the wider consulted bibliography in §06b.

  • Glaser, B. G., & Strauss, A. L. (1967). The Discovery of Grounded Theory: Strategies for Qualitative Research. Aldine.
  • Guest, G., Bunce, A., & Johnson, L. (2006). How many interviews are enough? An experiment with data saturation and variability. Field Methods, 18(1), 59–82.
  • Hevner, A. R., March, S. T., Park, J., & Ram, S. (2004). Design science in information systems research. MIS Quarterly, 28(1), 75–105.
  • High-Level Expert Group on Artificial Intelligence (HLEG-AI). (2020). Assessment List for Trustworthy Artificial Intelligence (ALTAI) for self-assessment. European Commission. https://digital-strategy.ec.europa.eu/en/library/assessment-list-trustworthy-artificial-intelligence-altai-self-assessment
  • March, S. T., & Smith, G. F. (1995). Design and natural science research on information technology. Decision Support Systems, 15(4), 251–266.
  • Mayer, R. C., Davis, J. H., & Schoorman, F. D. (1995). An integrative model of organizational trust. Academy of Management Review, 20(3), 709–734.
  • McKnight, D. H., Choudhury, V., & Kacmar, C. (2002). Developing and validating trust measures for e-commerce. Information Systems Research, 13(3), 334–359.
  • Meehl, P. E. (1978). Theoretical risks and tabular asterisks: Sir Karl, Sir Ronald, and the slow progress of soft psychology. Journal of Consulting and Clinical Psychology, 46(4), 806–834.
  • Schlicker, N., Baum, K., Uhde, A., Sterz, S., Hirsch, M. C., & Langer, M. (2025). How do we assess the trustworthiness of AI? Introducing the Trustworthiness Assessment Model (TrAM). Computers in Human Behavior, 170, 108671.
  • Sein, M. K., Henfridsson, O., Purao, S., Rossi, M., & Lindgren, R. (2011). Action design research. MIS Quarterly, 35(1), 37–56.
  • Strauss, A., & Corbin, J. (1998). Basics of Qualitative Research: Techniques and Procedures for Developing Grounded Theory (2nd ed.). Sage.
  • Webster, J., & Watson, R. T. (2002). Analyzing the past to prepare for the future: Writing a literature review. MIS Quarterly, 26(2), 13–23.
  • Wolfswinkel, J. F., Furtmueller, E., & Wilderom, C. P. M. (2013). Using grounded theory as a method for rigorously reviewing literature. European Journal of Information Systems, 22(1), 45–55.

21 · AppendixThe wider consulted bibliography

The 56 formally coded sources in §16 were drawn from a much larger consulted bibliography that spans the full intellectual neighborhood of the iceberg.digital research project — privacy economics, surveillance studies, marketing & consumer behavior, AI governance, decentralized identity, behavioral economics, sociotechnical systems theory, and adjacent fields. Wolfswinkel et al. (2013, p. 3) explicitly permit a review to be "deliberately incomplete" when the analytic angle is explicated; the R1–R5 scaffold is that angle. Sources outside R1–R5 are therefore not silently excluded — they are consulted but not coded, and listed in full below for transparency.

The list contains 331 unique references, alphabetically ordered. Sources that overlap with §16 (formally coded) are not listed here to avoid duplication. Non-academic items (industry reports, news commentary, vendor blogs, government press releases) are included where they were consulted for case context or empirical motivation but were never coded against the construct/cue scheme; they would be flagged EXCLUDED if they appeared in §07.

A · B · C · D · E · F · G · H · I · J · K · L · M · N · O · P · R · S · T · U · V · W · Y · Z

A

  1. Accenture. (2025). New Age of AI to bring unprecedented autonomy to business (n.d.).
  2. Ackermann, K. A., Burkhalter, L., Mildenberger, T., Frey, M., & Bearth, A. (2022). Willingness to share data: Contextual determinants of consumers’ decisions to share private data with companies. Journal of Consumer Behaviour, 21(2), 375-386.
  3. Acquisti, A., & Grossklags, J. (2005). Privacy and rationality in individual decision making. IEEE Security & Privacy, 3(1), 26–33. https://doi.org/10.1109/MSP.2005.22
  4. Acquisti, A., Taylor, C., & Wagman, L. (2016). The economics of privacy. Journal of Economic Literature, 54(2), 442–492. https://doi.org/10.1257/jel.54.2.442
  5. Acquisti, A., John, L.K., Loewenstein, G. (2013). What Is Privacy Worth? In: The Journal of Legal Studies, 42(2): 249-274.
  6. Adler, S., Hitzig, Z., Jain, S., Brewer, C., Chang, W., DiResta, R., Lazzarin, E., McGregor, S., Seltzer, W., Siddarth, D., Soliman, N., South, T., Spelliscy, C., Sporny, M., Srivastava, V., Bailey, J., Christian, B., Critch, A., Falcon, R., … Zick, T. (2025). Personhood credentials: Artificial intelligence and the value of privacy-preserving tools to distinguish who is real online. arXiv. https://doi.org/10.48550/arXiv.2408.07892
  7. Akerlof, G. A., & Kranton, R. E. (2000). Economics and identity. Quarterly Journal of Economics, 115(3), 715-753.
  8. Alaimo, C., & Kallinikos, J. (2017). Computing the Everyday: Social Media as Data Platforms. The Information Society, 33(4), 175-191. https://doi.org/10.1080/01972243.2017.1318327
  9. Alemohammad, S., Casco-Rodriguez, J., Luzi, L., Humayun, A. I., Babaei, H., LeJeune, D., Siahkoohi, A., & Baraniuk, R. G. (2023). Self-Consuming Generative Models GO MAD. arXiv.org. https://arxiv.org/abs/2307.01850
  10. Amershi, S., Chickering, D. M., Drucker, S. M., Lee, B., Simard, P., & Suh, J. (2019). ModelTracker: Redesigning performance analysis tools for machine learning. Proceedings of the ACM Conference on Human Factors in Computing Systems (CHI), 1-12. https://doi.org/10.1145/3290605.3300873
  11. Amit, R., & Zott, C. (2001). Value creation in e-business. Strategic Management Journal, 22(6–7), 493–520. https://doi.org/10.1002/smj.187
  12. Amodei, D., Olah, C., Steinhardt, J., Christiano, P., Schulman, J., & Mané, D. (2016). Concrete problems in AI safety. arXiv.org. https://arxiv.org/abs/1606.06565.
  13. Antil, V. (2025). The end of trust: Embracing evidence-based privacy. Privado.ai..
  14. Armstrong, G., Adam, S., Denize, S., & Kotler, P. (2014). Principles of marketing (6th ed.). Pearson.
  15. Arrieta, A. B., Díaz-Rodríguez, N., Del Ser, J., Bennetot, A., Tabik, S., Barbado, A., … & Herrera, F. (2020). Explainable Artificial Intelligence (XAI): Concepts, taxonomies, opportunities and challenges toward responsible AI. Information Fusion, 58, 82-115. https://doi.org/10.1016/j.inffus.2019.12.012
  16. Australian Government. (2024). Policy for the responsible use of AI in government. digital.gov.au.

B

  1. Baldwin, R., Cave, M., & Lodge, M. (2012). Understanding regulation: Theory, strategy, and practice. Oxford University Press.
  2. Banerjee, A., Sevillano, J., & Higginson, M. (2024). From ripples to waves: The transformational power of tokenizing assets. McKinsey & Company.
  3. Bansal, G., Zahedi, F. M., & Gefen, D. (2016). Do context and personality matter? Trust and privacy concerns in disclosing private information online. Information & Management, 53(1), 1-21. http://dx.doi.org/10.1016/j.im.2015.08.001
  4. Bansal, G., Nushi, B., Kamar, E., Lasecki, W. S., Weld, D. S., & Horvitz, E. (2019). Beyond accuracy: The role of Mental Models in Human-AI Team performance. Proceedings of the AAAI Conference on Human Computation and Crowdsourcing, 7, 2–11. https://doi.org/10.1609/hcomp.v7i1.5285
  5. Barabási, A. L., & Pósfai, M. (2016). Network science. Cambridge University Press.
  6. Bargh, J. A., McKenna, K. Y. A., & Fitzsimons, G. M. (2002). Can you see the real me? Activation and expression of the “true self” on the Internet. Journal of Social Issues, 58(1), 33–48. https://doi.org/10.1111/1540-4560.00247
  7. Bassi, E., Bandirali, M. (2023). The evolution of Web 3 and decentralized governance. Advances in web technologies and engineering book series, 108–129. http://dx.doi.org/10.4018/978-1-6684-9919-1.ch007
  8. Belk, R. W. (2013). Extended self in a digital world. Journal of Consumer Research, 40(3), 477-500. https://doi.org/10.1086/671052
  9. Belleflamme, P., & Peitz, M. (2018). Platforms and network effects. In Handbook of Game Theory and Industrial Organization (pp. 286-317). Edward Elgar Publishing. http://dx.doi.org/10.13140/RG.2.2.35908.83848
  10. Bengio, Y., de Leon Ferreira de Carvalho, A. C. P., Fox, B., Nemer, M., Rivera, R. P., Zeng, Y., & Khan, S. M., et al. (2025). International AI Safety Report 2025. UK Department for Science, Innovation and Technology and AI Safety Institute..
  11. Bengio, Y., Hinton, G., Yao, A., Song, D., Abbeel, P., Darrell, T., Harari, Y. N., Zhang, Y., Xue, L., Shalev-Shwartz, S., Hadfield, G., Clune, J., Maharaj, T., Hutter, F., Baydin, A. G., McIlraith, S., Gao, Q., Acharya, A., Krueger, D.,... Mindermann, S. (2024b). Managing extreme AI risks amid rapid progress. Science, 384(6698), 842–845. https://doi.org/10.1126/science.adn0117
  12. Berners-Lee, T. (2018). One small step for the web… Medium.
  13. Binns, R. (2018). Fairness in machine learning: Lessons from political philosophy. Proceedings of the 2018 Conference on Fairness, Accountability, and Transparency.
  14. Bloomberg Technology. (2022). Google engineer on his sentient AI claim [Video]. YouTube. https://www.youtube.com/watch?v=kgCUn4fQTsc
  15. Borge, M., Kokoris-Kogias, E., Jovanovic, P., Gasser, L., Gailly, N., & Ford, B. (2017). Proof-of-personhood: Redemocratizing permissionless cryptocurrencies. IEEE European Symposium on Security and Privacy Workshops, 23-26.
  16. Boston Consulting Group. (2025). BCG AI RADAR: From potential to profit: Closing the AI impact gap.
  17. Bostrom, N. (2014). Superintelligence: Paths, dangers, strategies. Oxford University Press.
  18. Botsman, R. (2021). Trust in the digital age: How to build credibility in a rapidly changing world. Public Affairs Quarterly, 35(2), 143–159.
  19. Bouhouras, A. S., Labridis, D. P., & Bakirtzis, A. G. (2009). Artificial neural network evaluation of high customer benefit installations for various types of distribution system customers. IET Generation, Transmission & Distribution, 3(6), 529-538.
  20. Bowman, C., & Ambrosini, V. (2007). Firm value creation and levels of strategy. Management Decision, 45(3), 376–387. https://doi.org/10.1108/00251740710745028
  21. Brandenburger, A. M., & Nalebuff, B. J. (1995). The right game: Use game theory to shape strategy. Harvard Business Review, 73(4), 57–71.
  22. Brown, T. B., Mann, B., Ryder, N., Subbiah, M., Kaplan, J., Dhariwal, P., Neelakantan, A., Shyam, P., Sastry, G., Askell, A., Agarwal, S., Herbert-Voss, A., Krueger, G., Henighan, T., Child, R., Ramesh, A., Ziegler, D. M., Wu, J., Winter, C.,... Amodei, D. (2020). Language Models are Few-Shot Learners. arXiv.org. https://arxiv.org/abs/2005.14165
  23. Brown, T., & Katz, B. (2019). Change by design: How design thinking transforms organizations and inspires innovation. HarperBusiness.
  24. Brundage, M., Avin, S., Wang, J., Belfield, H., Krueger, G., Hadfield, G., Khlaaf, H., Yang, J., Toner, H., Fong, R., Maharaj, T., Koh, P. W., Hooker, S., Leung, J., Trask, A., Bluemke, E., Lebensold, J., O’Keefe, C., Koren, M.,... Anderljung, M. (2020, April 15). Toward trustworthy AI Development: Mechanisms for supporting verifiable claims. arXiv.org. https://arxiv.org/abs/2004.07213
  25. Brynjolfsson, E., & McAfee, A. (2017). The business of artificial intelligence. Harvard Business Review, 95(4), 3-11.
  26. Brynjolfsson, E., & McAfee, A. (2022). The future of AI and power. Foreign Affairs, 101(4), 16–26.
  27. Bryson, J.J. (2020). The artificial intelligence of the ethics of artificial intelligence: an introductory overview for law and regulation. In: Dubber, M.D., Pasquale, F., Das, S. (eds.) The Oxford Handbook of Ethics of AI. Oxford University Press, New York. https://doi.org/10.1093/oxfordhb/9780190067397.013.1
  28. Bundy J. (2021). When companies say “sorry,” it doesn’t always help their reputation | ASU News.
  29. Bunge, M. (2000). Systemism: the alternative to individualism and holism. The Journal of Socio-Economics, 29(2), 147–157. https://doi.org/10.1016/s1053-5357(00)00058-5
  30. Bunge, M. (2006). Chasing Reality. In the University of Toronto Press eBooks. https://doi.org/10.3138/9781442672857
  31. Burkell, J. (2020). The limits of privacy literacy. Policy & Internet, 12(2), 185–207. https://doi.org/10.1002/poi3.237
  32. Buterin, V., (2023). What do I think about biometric proof of personhood?
  33. Bygrave, L. A. (2017). Data privacy law: An international perspective. Oxford University Press.
  34. Bächler, M., et al. (2020). Smart Use Case Picking: A Hands-On Approach for a Successful Integration of Machine Learning in Production Processes. Procedia Manufacturing, 51, 1311–1318. https://doi.org/10.1016/j.promfg.2020.10.184

C

  1. C2PA. (2022). C2PA Releases Specification of World’s First Industry Standard for Content Provenance. Coalition for Content Provenance and Authenticity. Available:
  2. Calo, R. (2013). Digital market manipulation. George Washington Law Review, 82, 995–1051.
  3. Calo, R. (2021). Remark at AI debate 2: Artificial intelligence policy: not just a matter of principles.
  4. Cameron, K. (2005). The laws of Identity – Kim Cameron’s Identity Weblog.
  5. Carlini, N., Athalye, A., Papernot, N., Brendel, W., Rauber, J., Tsipras, D., Goodfellow, I., Madry, A., & Kurakin, A. (2019, February 18). On evaluating adversarial robustness. arXiv.org. https://arxiv.org/abs/1902.06705
  6. Cath, C., Wachter, S., Mittelstadt, B., Taddeo, M., & Floridi, L. (2017). Artificial Intelligence and the ‘Good Society’: the US, EU, and UK approach. Science and Engineering Ethics. https://doi.org/10.1007/s11948-017-9901-7
  7. Chakravorti, B., (2024). AI and machine learning AI’s Trust Problem Twelve persistent risks of AI that are driving skepticism.
  8. Chapman, P. (2000). CRISP-DM 1.0: Step-by-step data mining guide.
  9. Chen, H., Chiang, R. H., & Storey, V. C. (2012). Business intelligence and analytics: From big data to big impact. MIS Quarterly, 36(4), 1165-1188.
  10. Chen, Y., & Cheung, C. M. (2018). Privacy concerns about digital footprints. Journal of the Association for Information Science and Technology, 69(1), 22-33.
  11. Chesney, R., & Citron, D. K. (2019). Deep fakes: A looming challenge for privacy, democracy, and national security. California Law Review, 107(5), 1753–1819. https://doi.org/10.2139/ssrn.3213954
  12. Cisco. (2021). Building Consumer Confidence Through Transparency and Control.
  13. Cisco. (2022). Data Transparency’s Essential Role in Building Customer Trust.
  14. Cisco. (2024). Cisco 2024 Consumer Privacy Survey.
  15. Cohen, J. E. (2019). Between truth and power: The legal constructions of informational capitalism. Oxford University Press.
  16. Coleman, J. S. (1990). Foundations of social theory. Harvard University Press.
  17. Cooper, M. (2025). Digital identities will empower consumers. UNCX. Retrieved July 10, 2025, https://uncx.substack.com/p/digital-identities-will-empower-consumers
  18. Cordini, M. (2007). Vertrauen im Prozess komplexer Systeme: Zur Führungsfunktion des Mittelmanagements als Hauptträger personellen Vertrauens [Dissertation]. Gottfried Wilhelm Leibniz Universität Hannover.
  19. Crawford, K. (2021). Atlas of AI: Power, politics, and the planetary costs of artificial intelligence. Yale University Press
  20. Cuypers, I. R., Hennart, J. F., Silverman, B. S., & Ertug, G. (2021). Transaction cost theory: Past progress, current challenges, and suggestions for the future. Academy of Management Annals, 15(1), 111-150.

D

  1. Danks, D., & London, A. J. (2017). Regulating autonomous systems: Beyond standards and tools. IEEE Intelligent Systems, 32(1), 88-91.
  2. Davenport, T. H., & Harris, J. G. (2017). Competing on analytics: The new science of winning (Updated ed.). Harvard Business Review Press.
  3. Davenport, T. H., & Patil, D. J. (2012). Data scientist: The sexiest job of the 21st century. Harvard Business Review, 90(10), 70–76.
  4. De Keyser, A., Lemon, K. N., Klaus, P., & Keiningham, T. L. (2015). A framework for understanding and managing the customer experience. Marketing Science Institute Working Paper Series, 15(121), 1-47.
  5. Dekker, S. (2011). Drift into failure: From hunting broken components to understanding complex systems. Ashgate. https://doi.org/10.1201/9781315257396.
  6. Demirci, U., & Karagoz, P. (2022). Explicit and Implicit Trust Modeling for Recommendation. Digital, 2(4), 444–462. https://doi.org/10.3390/digital2040024
  7. Denegri-Knott, J., & Zwick, D. (2012). Tracking prosumption work on eBay: Reproduction of desire and the challenge of slow re-McDonaldization. American Behavioral Scientist, 56(4), 439-458. https://doi.org/10.1177/0002764211429360
  8. Deutsch, M. (1962). Cooperation and trust: Some theoretical notes. In M. R. Jones (Ed.), Nebraska Symposium on Motivation. 275–320. University of Nebraska Press.
  9. Dickson, B. (2018). What is algorithmic bias?
  10. Dignum, V. (2021). The role of AI in society and the need for trustworthy AI. Ethics and Information Technology, 23(4), 695–705.
  11. Doney, P. M., Cannon, J. P., and Mullen, M. R. (1998). Understanding the influence of national culture on the development of trust. Academy of Management Review, 23(3), 601-620.
  12. Doshi-Velez, F., & Kim, B. (2017). Towards a rigorous science of interpretable machine learning. arXiv preprint arXiv:1702.08608
  13. Duhachek, A. (2005). Coping: A multidimensional, hierarchical framework of responses to stressful consumption episodes. Journal of Consumer Research, 32(1), 41-53. https://doi.org/10.1086/426612
  14. Dunbar, R. I. M. (1992). Neocortex size as a constraint on group size in primates. Journal of Human Evolution, 22(6), 469–493. https://doi.org/10.1016/0047-2484(92)90081-J
  15. Dunphy, P., & Petitcolas, F. A. (2018). A first look at identity management schemes on the blockchain. IEEE Security & Privacy, 16(4), 20-29.

E

  1. Eagly, A. H., & Chaiken, S. (1993). The psychology of attitudes. Harcourt Brace Jovanovich.
  2. Eccles, R., Newquist, S., & Schatz, R. (2007). Reputation and its risks. Harvard Business Review, 85, 104–114, 156. Retrieved from https://hbr.org/2007/01/reputation-and-its-risks
  3. Eder, S. (2018). How can we eliminate bias in our algorithms?
  4. Efremova, N., Patkin, M., & Sokolov, D. (2019). Face and Emotion Recognition with Neural Networks on Mobile Devices: Practical Implementation on Different Platforms. 14th IEEE International Conference on Automatic Face & Gesture Recognition (FG), 1-8. https://doi.org/10.1109/FG.2019.8756562
  5. Ehsan, U., & Riedl, M. O. (2020). Human-Centered Explainable AI: towards a reflective sociotechnical approach. In Lecture notes in computer science. 449–466. https://doi.org/10.1007/978-3-030-60117-1_33
  6. Einwiller, S., Geissler, U., & Will, M. (2000). Engendering trust in internet businesses using elements of corporate branding. Working Paper No. 00-04. Institute for Media and Communications Management, University of St. Gallen.
  7. Eisenmann, T. R., Parker, G., & Van Alstyne, M. W. (2011). Platform envelopment. Strategic Management Journal, 32(12), 1270–1285.
  8. Ekman, P., & Friesen, W. V. (1971). Constants across cultures in the face and emotion. Journal of Personality and Social Psychology, 17(2), 124–129.
  9. Eppler, M. J. (2021, July 3). Detecting Data Distortions: The Three Types of Biases every Manager and Data Scientist should know.
  10. Erickson, T., & Kellogg, W. A. (2000). Social translucence: An approach to designing systems that support social processes. ACM Transactions on Computer-Human Interaction, 7(1), 59-83. https://doi.org/10.1145/344949.344958
  11. European Commission. (2021). Proposal for a Regulation laying down harmonized rules on artificial intelligence (Artificial Intelligence Act).

F

  1. Fairfield, J. a. T. (2017). owned. Cambridge University Press. https://doi.org/10.1017/9781316671467
  2. Finck, M. (2019). Blockchain regulation and governance in Europe. Cambridge University Press.
  3. Fjeld, J., Achten, N., Hilligoss, H., Nagy, A., & Srikumar, M. (2020). Principled Artificial Intelligence: Mapping consensus in ethical and Rights-Based approaches to principles for AI. SSRN Electronic Journal. https://doi.org/10.2139/ssrn.3518482
  4. Flemisch, F., Adams, C., Conway, S. R., & Schutte, P. (2003). The H-Metaphor as a guideline for vehicle automation and interaction. ResearchGate. https://www.researchgate.net/publication/24382429_The_H-Metaphor_as_a_Guideline_for_Vehicle_Automation_and_Interaction
  5. Floridi, L. (2022). The ethics of artificial intelligence: Principles, challenges, and opportunities. Oxford University Press.
  6. Floridi, L. (2018). Soft ethics, the governance of the digital, and the digital governance of the physical. Philosophy & Technology, 31, 341–348. https://doi.org/10.1007/s13347-018-0313-8
  7. Floridi, L., Cowls, J., King, T. C., & Taddeo, M. (2020). How to design AI for social Good: Seven essential factors. Science and Engineering Ethics, 26(3), 1771–1796. https://doi.org/10.1007/s11948-020-00213-5
  8. Frey, C. B., & Osborne, M. A. (2017). The future of employment: How susceptible are jobs to computerisation? Technological Forecasting and Social Change, 114(C), 254–280. https://doi.org/10.1016/j.techfore.2016.08.019

G

  1. Gartner. (2018). Blockchain-Based Transformation: A Gartner Trend Insight report (Report No. G00352362).
  2. Ge, Y., & Zhu, Q. (2024, April 25). Attributing Responsibility in AI-Induced Incidents: A Computational reflective equilibrium framework for accountability. arXiv.org. https://arxiv.org/abs/2404.16957
  3. Gebru, T., Morgenstern, J., Vecchione, B., Vaughan, J. W., Wallach, H., Daumé, H., III, & Crawford, K. (2021). Datasheets for datasets. Communications of the ACM, 64(12), 86–92. https://doi.org/10.1145/3458723
  4. Giddens, A. (1995). The consequences of modernity (2nd ed.). Polity Press.
  5. Gielens, K., & Steenkamp, J. B. E. M. (2019). Branding in the era of digital (dis)intermediation. International Journal of Research in Marketing, 36(3), 367-384. https://doi.org/10.1016/j.ijresmar.2019.01.005
  6. Goldfarb, A., & Tucker, C. (2019). Digital economics. Journal of Economic Literature, 61(1), 1–39. https://dx.doi.org/10.1257/jel.20171452
  7. Goodfellow, I. J., et al. (2014). Generative adversarial nets. Advances in Neural Information Processing Systems, 27, 2672-2680. https://arxiv.org/abs/1406.2661
  8. Granic, A., Loboda, A., & Dzigurski, M. (2021). Digital trust and its impact on economic performance. Information Technology for Development, 27(3), 401-418.
  9. Grech, A., Sood, I., & Ariño, L. (2021). Blockchain, self-sovereign identity and digital credentials: Promise versus praxis in education. Frontiers in Blockchain, 4, 616779.
  10. Guest, G., Bunce, A., and Johnson, L. (2006). How many interviews are enough? Field Methods, 18(1), 59-82.
  11. Gunning, D., & Aha, D. W. (2019). DARPA’s explainable artificial intelligence (XAI) program. AI Magazine, 40(2), 44–58. https://doi.org/10.1609/aimag.v40i2.2850

H

  1. Haidt, J. (2006). The happiness hypothesis: Finding modern truth in ancient wisdom. Basic Books.
  2. Hall, A. D., & Fagen, R. E. (1968). Definition of System. In W. Buckley (Ed.), Systems Research for Behavioral Science (S. 81–92). Routledge.
  3. Hamm, P., Klesel, M., Coberger, P., & Wittmann, H. F. (2023). Explanation matters: An experimental study on explainable AI. Electronic Markets, 33(1). https://doi.org/10.1007/s12525-023-00640-9
  4. Harris, T. (2019, April 23). A new agenda for tech. Center for Humane Technology News. https://www.humanetech.com/news/newagenda
  5. Hartzog, W., & Richards, N. (2019). Privacy’s constitutional moment. Boston College Law Review, 61(2), 419-482.
  6. Hassabis, D. (2022). Responsible AI development and implementation [Conference presentation].
  7. Hayat, Z. (2022). Digital trust: How to unleash the trillion-dollar opportunity for our global economy. World Economic Forum.
  8. Hemmer, P., Schemmer, M., Kühl, N., Vössing, M., & Satzger, G. (2024). Complementarity in Human-AI Collaboration: Concept, Sources, and Evidence. arXiv preprint arXiv:2404.00029.
  9. Hennessy, J. L., & Patterson, D. A. (2022). Computer architecture: A quantitative approach. Morgan Kaufmann.
  10. Hennig-Thurau, T., Malthouse, E. C., Friege, C., Gensler, S., Lobschat, L., Rangaswamy, A., & Skiera, B. (2010). The impact of new media on customer relationships. Journal of Service Research, 13(3), 311-330. https://doi.org/10.1177/1094670510375460
  11. Hennink, M. M., Kaiser, B. N., and Marconi, V. C. (2017). Code saturation versus meaning saturation. Qualitative Health Research, 27(4), 591-608.
  12. Hess, T., Matt, C., Benlian, A., & Wiesböck, F. (2016). Options for formulating a digital transformation strategy. MIS Quarterly Executive, 15(2), 123-139.
  13. Hevner, A. R., March, S. T., Park, J., and Ram, S. (2004). Design science in information systems research. MIS Quarterly, 28(1), 75-105.
  14. High-Level Expert Group on Artificial Intelligence (HLEG-AI). (2020). Assessment List for Trustworthy Artificial Intelligence (ALTAI) for self-assessment. European Commission. https://digital-strategy.ec.europa.eu/en/library/assessment-list-trustworthy-artificial-intelligence-altai-self-assessment
  15. Hoff, K. A., & Bashir, M. (2014). Trust in automation: Integrating empirical evidence on factors that influence trust. Human Factors, 57(3), 407–434. https://doi.org/10.1177/0018720814547570
  16. Hoffman, J.L., Lawson-Jenkins, K., Blum, J. (2006). Trust Beyond Security: An Expanded Trust Model. Communications of the ACM 49 (7), 95-101. https://doi.org/10.1145/1139922.1139924
  17. Holbrook, M. B., & Hirschman, E. C. (1982). The experiential aspects of consumption: Consumer fantasies, feelings, and fun. Journal of Consumer Research, 9(2), 132-140. https://doi.org/10.1086/208906
  18. Holweg, M. (2022). The ethical implications of AI adoption in organizations. Berkeley Technology Law Journal, 37(2), 1-28.
  19. Horvitz, E. (1999). Principles of mixed-initiative user interfaces. In Proceedings of the SIGCHI conference on Human factors in computing systems the CHI is the limit. 59-166. New York, NY ACM Press. – References – Scientific Research Publishing. (n.d.). https://www.scirp.org/reference/referencespapers?referenceid=79734
  20. Hyseni, V. (2023). AI under watch: The EU AI Act. PECB Insights..
  21. Hyseni, V. (2024). Understanding the digital trust framework. PECB Publishing..

I

  1. Isbister, K. (2016). How the design of social technologies shapes social interaction. interactions, 23(5), 50–53. https://doi.org/10.1145/2973565

J

  1. Jenkins, H., & Deuze, M. (2022). Digital media and participatory culture. MIT Press.
  2. Ji, Z., Lee, N., Frieske, R., Yu, T., Su, D., Xu, Y., Ishii, E., Bang, Y. J., Madotto, A., and Fung, P. (2023). Survey of Hallucination in Natural Language Generation. ACM Computing Surveys, 55(12), 1-38.
  3. Jobin, A., Ienca, M., & Vayena, E. (2019). The global landscape of AI ethics guidelines. Nature Machine Intelligence, 1(9), 389-399.
  4. Jones, C. R., & Bergen, B. K. (2024). People cannot distinguish GPT-4 from a human in a Turing test (No. arXiv:2405.08007). arXiv. https://doi.org/10.48550/arXiv.2405.08007

K

  1. Kahneman, D. (2011). Thinking, fast and slow. Farrar, Straus and Giroux.
  2. Kahneman, D., & Tversky, A. (1979). Prospect theory: An analysis of decision under risk. Econometrica, 47(2), 263–291. https://doi.org/10.2307/1914185
  3. Kahre, R., & Rifkin, J. (1997). Trust and the self: Concepts in modern consumer society. Marketing Press.
  4. Kaptein, M., Parvinen, P., & Pöyry, E. (2015). The danger of engagement: Behavioral observations of online community activity and service spending in the online gaming context. International Journal of Electronic Commerce, 20(1), 50-75.
  5. Karimi, A. H., Barthe, G., Balle, B., and Valera, I. (2021). A Survey of Algorithmic Recourse: Contrastive Explanations and Consequential Recommendations. ACM Computing Surveys, 55(5), 1-29.
  6. Kenessey, Z. (2021). The quaternary sector: Evolution of a knowledge-based economy. Management Science Review, 15(2), 45–62.
  7. Kiela, D., Firooz, H., Mohan, A., Goyal, V., Taylor, A., Ferraro, F., … & Yang, Y. (2021). The hateful memes challenge: Detecting hate speech in multimodal memes. Advances in Neural Information Processing Systems, 34, 2611-2624.
  8. King, K. (2019). Using artificial intelligence in marketing: How to harness AI and maintain the competitive edge. Kogan Page.
  9. Kirk, C. P., & Givi, J. (2025). The AI-authorship effect. Journal of Business Research, 186, 114984. https://doi.org/10.1016/j.jbusres.2024.114984.
  10. Kleber, A. (2018, January). As AI meets the reputation economy, we’re all being silently judged. Harvard Business Review. https://hbr.org/2018/01/as-ai-meets-the-reputation-economy-were-all-being-silently-judged
  11. Kondova, G., & Erbguth, J. (2020). Self-sovereign identity on public blockchains and the GDPR. Proceedings of the 35th Annual ACM Symposium on Applied Computing, 342-345.
  12. Korshunov, P., & Marcel, S. (2018). Deepfakes: A new threat to face recognition? Assessment and Detection. https://doi.org/10.48550/arXiv.1812.08685
  13. Kosinski, M., Stillwell, D., & Graepel, T. (2013). Private traits and attributes are predictable from digital records of human behavior. Proceedings of the National Academy of Sciences, 110(15), 5802-5805.
  14. Kotler, P., Kartajaya, H., & Setiawan, I. (2021). Marketing 5.0: Technology for humanity. Wiley.
  15. Kozinets, R. V. (2019). Consuming technocultures: An extended JCR curation. Journal of Consumer Research, 46(3), 620-627. https://doi.org/10.1093/jcr/ucz034
  16. Krafft, P. M., Young, M., Katell, M., Huang, K., & Bugingo, G. (2020). Defining AI in Policy versus Practice. In Proceedings of the AAAI/ACM Conference on AI, Ethics, and Society (AIES ’20). Association for Computing Machinery, New York, NY, USA, 72–78. https://doi.org/10.1145/3375627.3375835
  17. Kumar, V., & Shah, D. (2009). Expanding the role of marketing: From customer equity to market capitalization. Journal of Marketing, 73(6), 119-136. https://doi.org/10.1509/jmkg.73.6.119
  18. Kumar, V., & Shah, D. (2019). Customer loyalty in the digital age. Journal of Marketing, 83(5), 76–96. http://dx.doi.org/10.1016/j.jretai.2004.10.007
  19. Kumar, V., & Pansari, A. (2016). Competitive advantage through engagement. Journal of Marketing Research, 53(4), 497-514. https://doi.org/10.1509/jmr.15.0044
  20. Kumar, V., Jones, E., Venkatesan, R., & Leone, R. P. (2011). Is market orientation a source of sustainable competitive advantage or simply the cost of competing? Journal of Marketing, 75(1), 16-30. https://doi.org/10.1509/jm.75.1.16

L

  1. Lahusen, C. et al. (2024). Trust, trustworthiness and AI governance. Scientific Reports, 14, Article 19368.
  2. Lamberton, C., & Stephen, A. T. (2016). A thematic exploration of digital, social media, and mobile marketing: Research evolution from 2000 to 2015 and an agenda for future inquiry. Journal of Marketing, 80(6), 146-172. https://doi.org/10.1509/jm.15.0415
  3. Lange, D., Lee, P. M., & Dai, Y. (2010). Organizational Reputation: a review. Journal of Management, 37(1), 153–184. https://doi.org/10.1177/0149206310390963
  4. Lawer, C., & Knox, S. (2006). Customer advocacy and brand development. Journal of Product & Brand Management, 15(2), 121-129.
  5. Lechterman, T. (2023). The Concept of Accountability in AI Ethics and Governance. In Bullock, J. B.,  Chen, Y.,  Himmelreich, J., Hudson, V. M., Korinek, A., Young, M. M., & Zhang, B., (eds.), The Oxford Handbook of AI Governance. Oxford University Press.
  6. LeCun, Y. (2022). A path towards autonomous machine intelligence. Nature Machine Intelligence, 5, 461–470.
  7. Lee, M. K., et al. (2022). WeBuildAI: Participatory framework for algorithmic governance. Proceedings of the ACM on Human-Computer Interaction, 3(CSCW), 1–35. https://doi.org/10.1145/3359283
  8. Leonelli, S. (2016). Data-centric biology: A philosophical study. University of Chicago Press.
  9. Levin, M. (2024). AI: A bridge toward diverse intelligence and humanity’s future. Tufts University Working Paper. https://doi.org/10.31234/osf.io/ez263
  10. Lewis, P., Perez, E., Piktus, A., Petroni, F., Karpukhin, V., Goyal, N., Küttler, H., Lewis, M., Yih, W., Rocktäschel, T., Riedel, S., & Kiela, D. (2020). Retrieval-Augmented Generation for Knowledge-Intensive NLP tasks. https://proceedings.neurips.cc/paper/2020/hash/6b493230205f780e1bc26945df7481e5-Abstract.html
  11. Linkov, I., & Kott, A. (2019). Cyber resilience of systems and networks. Springer.
  12. Lipton, Z. C. (2018). The mythos of model interpretability. Communications of the ACM, 61(10), 36–43. https://doi.org/10.1145/3233231
  13. Liu, P., Yuan, W., Fu, J., Jiang, Z., Hayashi, H., & Neubig, G. (2022). Pre-train, Prompt, and Predict: A systematic survey of prompting methods in natural language processing. ACM Computing Surveys, 55(9), 1–35. https://doi.org/10.1145/3560815
  14. Lockey, S., & Gillespie, N. (2025). Trust in AI. In S. Sadiq (Ed.), Enterprise AI. https://doi.org/10.1007/978-3-032-01940-0_10.
  15. Luhmann, N. (1989). Vertrauen: Ein Mechanismus der Reduktion sozialer Komplexität (4th ed.). Enke.
  16. Luhmann, N. (1997). Die Gesellschaft der Gesellschaft [The Society of Society]. Suhrkamp.
  17. Lyon, D. (2014). Surveillance, Snowden, and big data: Capacities, consequences, critique. Big Data & Society, 1(2), 1–13. https://doi.org/10.1177/2053951714541861

M

  1. Makovi, K., Sargsyan, A., Li, W., Bonnefon, J., & Rahwan, T. (2023). Trust within human-machine collectives depends on the perceived consensus about cooperative norms. Nature Communications, 14(1). https://doi.org/10.1038/s41467-023-38592-5
  2. Manoogian, A., & Benson, B. (2017, January, 8th). 4 conundrums of intelligence. Medium. https://medium.com/thinking-is-hard/4-conundrums-of-intelligence-2ab78d90740f
  3. Marcus, G. (2020). The Next Decade in AI: Four Steps towards Robust Artificial Intelligence. arXiv.org. https://arxiv.org/abs/2002.06177.
  4. Martin, K. D., & Murphy, P. E. (2017). The role of data privacy in marketing. Journal of the Academy of Marketing Science, 45(2), 135–155. https://doi.org/10.1007/s11747-016-0495-4
  5. Mayer-Schönberger, V., & Cukier, K. (2013). Big data: A revolution that will transform how we live, work, and think. Houghton Mifflin Harcourt.
  6. McNamara, A., Smith, J., Murphy-Hill, E. (2018). Does ACM’s code of ethics change ethical decision making in software development? In: Proceedings of the 2018 26th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, 729–733. https://doi.org/10.1145/3236024.3264833
  7. Metcalfe, B. (2013). Metcalfe’s law after 40 years of ethernet. Computer, 46(12), 26–31. https://doi.org/10.1109/MC.2013.449
  8. Metcalfe, M., & Mischel, W. (1999). A hot/cool-system analysis of delay of gratification: Dynamics of willpower. Psychological Review, 106(1), 3–19. https://doi.org/10.1037/0033-295X.106.1.3
  9. Metzinger, T. (2019). Ethics of artificial intelligence: Some challenges and opportunities. Philosophy & Technology, 32(4), 673–690. https://doi.org/10.1007/s13347-019-00351-x
  10. Milgram, S. (1967). The small-world problem. Psychology Today, 1(1), 61-67.
  11. Miller, T. (2019). Explanation in artificial intelligence: Insights from the social sciences. Artificial Intelligence, 267, 1–38. https://doi.org/10.1016/j.artint.2018.07.007
  12. Miltgen, C.L. (2009). Online consumer privacy concern and willingness to provide personal data on the internet. International Journal of Networking and Virtual Organizations, 6(6), 574-603.
  13. Mischel, W. (2014). The marshmallow test: Mastering self-control. Little, Brown and Company.
  14. Mitchell, M., Wu, S., Zaldivar, A., Barnes, P., Vasserman, L., Hutchinson, B., & Gebru, T. (2019). Model cards for model reporting. Proceedings of the Conference on Fairness, Accountability, and Transparency (FAT), 220-229. https://doi.org/10.1145/3287560.3287596
  15. Mittelstadt, B. (2019). Principles alone cannot guarantee ethical AI. Nature Machine Intelligence, 1(11), 501–507. https://doi.org/10.1038/s42256-019-0114-4
  16. Morey, T., Forbath, T., & Schoop, A. (2015). Customer Data: Designing for Transparency and Trust. Harvard Business Review, 93(5), 96–105.
  17. Morley, J., Floridi, L., Kinsey, L., & Elhalal, A. (2019). From What to How: An Initial Review of Publicly Available AI Ethics Tools, Methods and Research to Translate Principles into Practices. Science and Engineering Ethics, 26(4), 2141–2168. https://doi.org/10.1007/s11948-019-00165-5
  18. Morris, J. W. (2015). Selling digital music, formatting culture. University of California Press.
  19. Motahari, S., Ziavras, S., Naaman, M., Ismail, M., & Jones, Q. (2009). Social inference risk modeling in mobile and social applications. In International Conference on Computational Science and Engineering. 3, 125-132. IEEE.
  20. Munn, L. (2022). The uselessness of AI ethics. AI And Ethics, 3(3), 869–877. https://doi.org/10.1007/s43681-022-00209-w
  21. Mökander, J., & Floridi, L. (2022). Operationalising AI governance through ethics-based auditing: an industry case study. AI And Ethics, 3(2), 451–468. https://doi.org/10.1007/s43681-022-00171-7
  22. Mühle, A., Grüner, A., Gayvoronskaya, T., & Meinel, C. (2018). A survey on essential components of a self-sovereign identity. Computer Science Review, 30, 80-86. https://doi.org/10.1016/ j.cosrev.2018.10.002

N

  1. Narayanan, A., & Shmatikov, V. (2008). Robust de-anonymization of large sparse datasets. IEEE Symposium on Security and Privacy, 111-125. https://doi.org/10.1109/SP.2008.33
  2. Nasr-Azadani, M. M., & Chatelain, J. (2024, March 19). The Journey to Trustworthy AI- Part 1: Pursuit of pragmatic frameworks. https://doi.org/10.48550/arXiv.2403.15457
  3. Nguyen, H. H., Yamagishi, J., & Echizen, I. (2018). Capsule-Forensics: using capsule networks to detect forged images and videos. National Institute of Informatics, Tokyo, Japan, & The University of Edinburgh. https://arxiv.org/pdf/1810.11215
  4. Nguyen, T. D., Bedford, L., & Sengupta, S. (2013). A global perspective on privacy and security: User acceptance in the new normal. Microsoft Research White Paper.
  5. Nichols, T. M. (2017). The death of expertise: The campaign against established knowledge and why it matters. Oxford University Press.
  6. Nissenbaum, H. (2020). Privacy in context: Technology, policy, and the integrity of social life. Stanford University Press.
  7. Nissenbaum, H. (2010). Privacy in Context: Technology, Policy, and the Integrity of Social Life. Stanford University Press.
  8. Nogrady, B. (2016). The real risks of artificial intelligence.
  9. Norberg, P. A., Horne, D. R., & Horne, D. A. (2007). The privacy paradox: Personal information disclosure intentions versus behaviors. Journal of Consumer Affairs, 41(1), 100–126. https://doi.org/10.1111/j.1745-6606.2006.00070.x

O

  1. O’Doherty, J. P., Cockburn, J., & Pauli, W. M. (2013). Learning, reward, and decision making in the human brain. In P. W. Glimcher & E. Fehr (Eds.), Neuroeconomics: Decision making and the brain. 2nd ed., 419–436. Academic Press. https://doi.org/10.1016/B978-0-12-416008-8.00022-3
  2. O’Neil, C. (2016). Weapons of math destruction: How big data increases inequality and threatens democracy. Crown.
  3. OECD. (2019a). Recommendation of the Council on Artificial Intelligence.
  4. Osterwalder, A., Pigneur, Y., Bernarda, G., & Smith, A. (2014). Value proposition design: How to create products and services customers want. Wiley.

P

  1. Parasuraman, A., Zeithaml, V. A., & Malhotra, A. (2005). E-S-QUAL: A multiple-item scale for assessing electronic service quality. Journal of Service Research, 7(3), 213-233.
  2. Parasuraman, R., Sheridan, T., & Wickens, C. (2000). A model for types and levels of human interaction with automation. IEEE Transactions on Systems Man and Cybernetics – Part a Systems and Humans, 30(3), 286–297. https://doi.org/10.1109/3468.844354
  3. Park, B., & Rogan, M. (2019). Capability reputation, character reputation, and exchange partners’ reactions to adverse events. Academy of Management Journal, 62(2), 553–578. https://doi.org/10.5465/amj.2016.0445
  4. Parker, G., et al. (2020). Platform revolution: How networked markets are transforming the economy. Norton & Company.
  5. Parker, G. G., Van Alstyne, M. W., & Choudary, S. P. (2016). Platform revolution: How networked markets are transforming the economy and how to make them work for you. W. W. Norton & Company.
  6. Pasquale, F. (2020). New laws of robotics: Defending human expertise in the age of AI. Harvard University Press.
  7. Pavlidis, M. (2011). Designing for Trust. CEUR Workshop Proceedings. 731. https://www.researchgate.net/publication/232286675_Designing_for_Trust
  8. Payne, A., & Frow, P. (2005). A strategic framework for customer relationship management. Journal of Marketing, 69(4), 167-176. https://doi.org/10.1509/jmkg.2005.69.4.167
  9. Payne, A., & Frow, P. (2017). Relationship marketing: Looking backwards towards the future. Journal of Services Marketing, 31(1), 11-15. https://doi.org/10.1108/JSM-11-2016-0380
  10. Pentland, A. (2019). Data for a new enlightenment. MIT Press.
  11. Pentland, A. (2020). Building the new economy: Data as capital. MIT Press.
  12. Petermann, F. (1985). Vertrauen und Risikobereitschaft: Theoretische und empirische Befunde zur Sozialpsychologie des Vertrauens. Huber.
  13. Pew Research Center. (2020). Half of Americans have decided not to use a product or service because of privacy concerns.
  14. Piketty, T. (2020). Capital and ideology. Harvard University Press.
  15. Plassmann, H. (2017, October 10). The pain of paying. Conference presentation. Society for Neuroeconomics Annual Meeting, Toronto, Canada.
  16. Plassmann, H., O’Doherty, J., Shiv, B., & Rangel, A. (2008). Marketing actions can modulate neural representations of experienced pleasantness. Proceedings of the National Academy of Sciences, 105(3), 1050–1054. https://doi.org/10.1073/pnas.0706929105
  17. Plassmann, H., Venkatraman, V., Huettel, S., & Yoon, C. (2015). Consumer neuroscience: Applications, challenges, and possible solutions. Journal of Marketing Research, 52(4), 427–435. https://doi.org/10.1509/jmr.14.0048
  18. Porter, M. E. (1985). Competitive advantage: Creating and sustaining superior performance. Free Press.
  19. Power, M. (2007). Organized uncertainty: Designing a world of risk management. Oxford University Press.
  20. Preukschat, A., & Reed, D. (2021). Self-sovereign identity: Decentralized digital identity and verifiable credentials. Manning Publications.
  21. Provost, F., & Fawcett, T. (2013). Data science and its relationship to big data and data-driven decision making. Big Data, 1(1), 51–59. https://doi.org/10.1089/big.2013.1508

R

  1. Rahwan, I., Cebrian, M., Obradovich, N., Bongard, J., Bonnefon, J. F., Breazeal, C., … & Wellman, M. (2019). Machine behaviour. Nature, 568(7753), 477-486.
  2. Raji, I. D., Smart, A., White, R. N., Mitchell, M., Gebru, T., Hutchinson, B., Smith-Loud, J., Theron, D., & Barnes, P. (2020, January 3). Closing the AI accountability gap: Defining an End-to-End Framework for internal Algorithmic auditing. arXiv.org. https://arxiv.org/abs/2001.00973.
  3. Raji, I. D., Bender, E. M., Paullada, A., Denton, E., & Hanna, A. (2021). AI and the Everything in the Whole Wide World Benchmark. arXiv (Cornell University). https://doi.org/10.48550/arxiv.2111.15366
  4. Raji, I. D., Xu, P., Honigsberg, C., & Ho, D. E. (2022). Outsider oversight: Designing a third party audit ecosystem for AI governance. arXiv (Cornell University). https://doi.org/10.48550/arxiv.2206.04737
  5. Rasmussen, J. (1983). Skills, rules, and knowledge; signals, signs, and symbols, and other distinctions in human performance models, in IEEE Transactions on Systems, Man, and Cybernetics, vol. SMC-13, no. 3, 257-266, https://doi.org/10.1109/TSMC.1983.6313160
  6. Reed, D., & O’Donnell, D. (2025). Introduction to Ayra and the First Person Project. Proceedings of the 40th Annual Internet Identity Workshop.
  7. Reisman, D., Schultz J., Crawford K., & Whittaker M. (2018). Algorithmic Impact Assessments Report: A Practical Framework for Public Agency Accountability. AI Now Institute,
  8. Research and Markets (2024). Digital Identity Solutions Mardket Trends and Shares, Forecast to 2030: Government regulations and ID Wallet solutions propdl industry growth. GlobeNewswire News Room.
  9. Richards, N. M., & Hartzog, W. (2019). Privacy’s trust gap. Yale Law Journal, 128(4), 1180–1247.
  10. Richards, N. M., & Hartzog, W. (2020). The pathologies of digital consent. Washington University Law Review, 96(6), 1461-1503.
  11. Riedl, R., & Javor, A. (2012). The biology of trust: Integrating evidence from genetics, endocrinology, and functional brain imaging. Journal of Neuroscience, Psychology, and Economics, 5(2), 63-91.
  12. Ripperger, T. (1998). Ökonomik des Vertrauens: Analyse eines Organisationsprinzips. Mohr Siebeck.
  13. Robb, C. A., & Wendel, S. (2022). Who can you trust? Assessing vulnerability to digital imposter scams. Journal of Consumer Policy, 46(1), 27-51. https://doi.org/10.1007/s10603-022-09531-6
  14. Rode, C., Cosmides, L., Hell, W., & Tooby, J. (1999). When and why do people avoid unknown probabilities in uncertain decisions? Testing some predictions from optimal foraging theory. Cognition, 72(3), 269–304. https://doi.org/10.1016/S0010-0277(99)00042-6
  15. Rose, S., Clark, M., Samouel, P., & Hair, N. (2012). Online customer experience in e-retailing: An empirical model of antecedents and outcomes. Journal of Retailing, 88(2), 308-322. https://doi.org/10.1016/j.jretai.2012.03.001
  16. Rost, K., Stahel, L., & Frey, B. S. (2016). Digital social norm enforcement: Online firestorms in social media. PLOS ONE, 11(6), e0155923. https://doi.org/10.1371/journal.pone.0155923
  17. Rudin, C. (2019). Stop explaining black box machine learning models for high stakes decisions and use interpretable models instead. Nature Machine Intelligence, 1(5), 206–215. https://doi.org/10.1038/s42256-019-0048-x
  18. Rushkoff, D. (2017). Throwing rocks at the Google bus: How growth became the enemy of prosperity. Portfolio.
  19. Russell, S. (2019). Human compatible: Artificial intelligence and the problem of control. Viking.
  20. Russell, S., & Norvig, P. (2016). Artificial Intelligence: A Modern Approach (4th ed.). Essex, United Kingdom: Pearson.

S

  1. Sandhu, R. S., Coyne, E. J., Feinstein, H. L., and Youman, C. E. (1996). Role-Based Access Control Models. IEEE Computer, 29(2), 38-47.
  2. Sattlegger, A., Nitesh, B. (2024). Beyond principles: Embedding ethical AI risks in public sector risk management practice. In Proceedings of the 25th Annual International Conference on Digital Government Research (dg.o ’24). Association for Computing Machinery, New York, NY, USA, 70–80. https://doi.org/10.1145/3657054.3657063
  3. Schwab, K. (2019). The fourth industrial revolution. Currency.
  4. Schäfer, F., Mayr, A., Schwulera, E., & Franke, J. (2020). Smart Use Case Picking with DUCAR: A Hands-On Approach for a Successful Integration of Machine Learning in Production Processes. Procedia Manufacturing, 51, 1311–1318. https://doi.org/10.1016/j.promfg.2020.10.184
  5. Searls, D. (2021). The intention economy: When customers take charge. Harvard Business Review Press.
  6. Searls, D. (2014). Why we need first person technologies on the Net – ProjectVRM.
  7. Shapiro, C., & Varian, H. R. (1999). Information rules: A strategic guide to the network economy. Harvard Business Press.
  8. Sheehan, K. B., & Hoy, M. G. (2000). Dimensions of privacy concern among online consumers. Journal of Public Policy & Marketing, 19(1), 62–73. https://doi.org/10.1509/jppm.19.1.62.16949
  9. Shumailov, I., et al. (2024). Training with synthetic data causes artificial neural networks to learn less. Nature.
  10. Sillitto, H., Griego, R. M., Arnold, E., Dori, D., Martin, J. F., McKinney, D., Godfrey, P., Krob, D. & Jackson, S. A. (2018). What do we mean by “system”? – System Beliefs and Worldviews in the INCOSE Community. INCOSE International Symposium, 28(1), 1190–1206. https://doi.org/10.1002/j.2334-5837.2018.00542.x
  11. Simon, H. A. (1982). Models of bounded rationality. MIT Press.
  12. Simon, H. A. (1997). Models of bounded rationality: Empirically grounded economic reason (Vol. 3). MIT Press.
  13. Singh, D., & Singh, B. (2023). Evolution of cloud computing: From Hadoop to serverless architecture. Journal of Cloud Computing, 12(1), 1–15. http://dx.doi.org/10.1007/978-3-031-26633-1_11
  14. Singh, J., Walden, I., Crowcroft, J., & Bacon, J. (2016). Responsibility & Machine Learning: Part of a Process. SSRN Electronic Journal. https://doi.org/10.2139/ssrn.2860048
  15. Smith, J.  (2025). Yes, but when will the digital ID market take off? Customer Futures.
  16. Solove, D. J. (2021). The myth of the privacy paradox. George Washington Law Review, 89(1), 1–51.
  17. SRF. (2024). Künstliche Intelligenz – Einkaufen der Zukunft: 800 Kameras schauen zu. Schweizer Radio Und Fernsehen.
  18. Srnicek, N. (2017). Platform capitalism. Polity Press.
  19. Stephens, D. W. (1981). The logic of risk-sensitive foraging preferences. Animal Behaviour, 29(2), 628–629. https://doi.org/10.1016/S0003-3472(81)80128-5
  20. Stockburger, L., Kokosioulis, G., Mukkamala, A., Mukkamala, R., & Avital, M. (2021). Decentralized identity management: A survey on architecture, applications, and challenges. IEEE Access, 9, 80154-80175.
  21. Strauss, A. and Corbin, J. (1998). Basics of Qualitative Research (2nd ed.). Sage.
  22. Sturm, T., Gerlacha, J., Pumplun, L., Mesbah, N., Peters, F., Tauchert, C., Nan, N., & Buxmann, P. (2021). Coordinating human and machine learning for effective organization learning. MIS Quarterly, 45(3), 1581–1602. https://doi.org/10.25300/misq/2021/16543
  23. Sunstein, C. R. (2016). The ethics of nudging. Yale Journal on Regulation, 33, 413–450.
  24. Sunstein, C. R. (2017). #Republic: Divided democracy in the age of social media. Princeton University Press.
  25. Sutherland, J. (2014). Scrum: The art of doing twice the work in half the time. Random House.
  26. Szeliga, Michael (1996): Push und Pull in der Markenpolitik, Peter Lang Verlag, [online] https://www.peterlang.com/document/1068231.
  27. Sætra, H. S. (2021). The ethics of AI ethics: An evaluation of guidelines. Minds and Machines, 31, 535–571. https://doi.org/10.1007/s11023-021-09540-2

T

  1. Taddicken, M. (2014). The “privacy paradox” in the social web: The privacy paradox in the social web. Journal of Computer-Mediated Communication, 19(2), 248–273. https://doi.org/10.1111/jcc4.12052
  2. Taylor, L. (2017). What is data justice? The case for connecting digital rights and freedoms globally. Big Data & Society, 4(2), 1-14. https://doi.org/10.1177/2053951717736335
  3. Te’eni, D., Yahav, I., Zagalsky, A., Schwartz, D., Silverman, G., Cohen, D., Mann, Y., & Lewinsky, D. (2023). Reciprocal Human-Machine Learning: a theory and an instantiation for the case of message classification. Management Science. https://doi.org/10.1287/mnsc.2022.03518
  4. Thaler, R. H. (2016). Misbehaving: The making of behavioral economics. W. W. Norton & Company.
  5. Thaler, R. H., & Sunstein, C. R. (2008). Nudge: Improving decisions about health, wealth, and happiness. Yale University Press.
  6. Thaler, R.H. (1980). Toward a Positive Theory of Consumer Choice. Journal of Economic Behavior and Organization 1:39–60.
  7. Tian, Y., Li, X., & Zhu, W. (2018). Facial expression recognition based on improved convolutional neural network. IEEE Access, 6, 1422–1431.
  8. ToIP. (2022). Design principles for the ToIP stack v1.0. Trust over IP Foundation..
  9. Tschopp, M., & Ruef, M. (2020). AI & Trust -Stop asking how to increase trust in AI.
  10. Tölke, A. (2024). Trust is the key to success.

U

  1. Urban, G. L. (2004). The emerging era of customer advocacy. MIT Sloan Management Review, 45(2), 77-82.
  2. Urban, G. L. (2005a). Don’t just relate – Advocate! Customer advocacy as a new paradigm for marketing. Upper Saddle River, NJ: Wharton School Publishing.
  3. Ustun, B., Spangher, A., and Liu, Y. (2019). Actionable Recourse in Linear Classification. Proceedings of the Conference on Fairness, Accountability, and Transparency (FAT*), 10-19.

V

  1. van Ramshorst, C., Kluiters, L., van der Harst, E., Jansen, V., den Breeijen, S., & van Deventer, O. (2021). SSI speelveldanalyse: Een verkenning van het Nederlandse SSI speelveld, toekomstige ontwikkelrichtingen, impact op publieke waarden en de rol van de Nederlandse overheid. TNO & INNOPAY. 20211029/eindrapport_nederlandse/document
  2. Vakkuri, V., Kemell, K.-K., Kultanen, J., Siponen, M., Abrahamsson, P. (2019). Ethically aligned design of autonomous systems: industry viewpoint and an empirical study. https://doi.org/10.48550/arXiv.1906.07946
  3. Van Rooy, D., & Vaes, K. (2024). Harmonizing human-AI synergy: Behavioral science in AI-integrated design. Proceedings of the International Design Conference, 2287-2296
  4. Vargo, S. L., & Lusch, R. F. (2004). Evolving to a new dominant logic for marketing. Journal of Marketing, 68(1), 1-17. https://doi.org/10.1509/jmkg.68.1.1.24036
  5. Veale, M., & Borgesius, F. Z. (2021). Demystifying the Draft EU Artificial Intelligence Act. Computer Law Review International, 22(4), 97–112. https://doi.org/10.9785/cri-2021-220402
  6. Veale, M., Van Kleek, M., & Binns, R. (2018). Fairness and accountability design needs for algorithmic support in high-stakes public sector decision-making. Proceedings of the 2018 CHI Conference on Human Factors in Computing Systems.
  7. Verhoef, P. C., Broekhuizen, T., Bart, Y., Bhattacharya, A., Dong, J. Q., Fabian, N., & Haenlein, M. (2021). Digital transformation: A multidisciplinary reflection and research agenda. Journal of Business Research, 122, 889-901. https://doi.org/10.1016/j.jbusres.2019.09.022
  8. Vial, G. (2019). Understanding digital transformation: A review and a research agenda. Journal of Strategic Information Systems, 28(2), 118–144. https://doi.org/10.1016/j.jsis.2019.01.003
  9. Vought, R. T. (2020). Guidance for Regulation of Artificial Intelligence Applications.

W

  1. Wachter, S., Mittelstadt, B., & Floridi, L. (2017). Why a right to explanation of automated Decision-Making does not exist in the General Data Protection Regulation. International Data Privacy Law, 7(2), 76–99. https://doi.org/10.1093/idpl/ipx005
  2. Waldman, A. E. (2018). Privacy, notice, and design. Stanford Technology Law Review, 21(1), 74-127.
  3. Wang, Y., & Kosinski, M. (2018). Deep neural networks are more accurate than humans at detecting sexual orientation from facial images. Journal of Personality and Social Psychology, 114(2), 246–257. https://doi.org/10.1037/pspa0000098
  4. Wang, S., Beatty, S. E., & Foxx, W. (2004). Signaling the trustworthiness of small online retailers. Journal of Interactive Marketing, 18(1), 53-69. https://doi.org/10.1002/dir.10071
  5. Wang, F., & De Filippi, P. (2020). Self-sovereign identity in a globalized world: Credentials-based identity systems as a driver for economic inclusion. Frontiers in Blockchain, 2, 28. https://doi.org/10.3389/fbloc.2019.00028
  6. Wehmeier, S., McIntosh, C., Turnbull, J. & Ashby, M. (2005). Oxford advanced learner’s dictionary of current English. 7th ed. Oxford, United Kingdom: Oxford University Press
  7. Wei, J., Bosma, M., Zhao, V. Y., Guu, K., Yu, A. W., Lester, B., Du, N., Dai, A. M., & Le, Q. V., & Google Research. (2022). Finetuned language models are zero-shot learners. In ICLR 2022. https://arxiv.org/pdf/2109.01652.pdf
  8. Wendel, S. (2020). Designing for behavior change: Applying psychology and behavioral economics. O’Reilly Media.
  9. Werbach, K. (2018). The Blockchain and the New Architecture of Trust. MIT Press.
  10. Whitley, E. A. (2009). Informational privacy, consent and the “control” of personal data. Information Security Technical Report, 14(3), 155. https://doi.org/10.1016/j.istr.2009.10.001
  11. Wilson, H. J., & Daugherty, P. R. (2018). Collaborative intelligence: Humans and AI are joining forces. Harvard Business Review, 96(4), 114-123.
  12. Wilson, H. J., Daugherty, P. R., & Morini-Bianzino, N. (2017). The jobs that artificial intelligence will create. MIT Sloan Management Review, 58(4), 14-16.
  13. Windley, P. (n.d.). Establishing first person digital trust.
  14. Winegar, A. G., & Sunstein, C. R. (2019). How much is data privacy worth? A preliminary investigation. Journal of Consumer Policy, 42, 425-440.
  15. Winfield, A. F. T., & Jirotka, M. (2018). Ethical governance is essential to building trust in robotics and artificial intelligence systems. Philosophical Transactions of the Royal Society A: Mathematical, Physical and Engineering Sciences, 376(2133), 20180085. https://doi.org/10.1098/rsta.2018.0085
  16. Wong, J. (2023). Artificial Intelligence is Revolutionizing Marketing. Here’s What the Transformation Means for the Industry. Entrepreneur. https://www.entrepreneur.com/science-technology/why-artificial-intelligence-is-revolutionizing-marketing/446087
  17. World Economic Forum. (2013). Unlocking the value of personal data: From collection to usage. World Economic Forum.
  18. Wu, Y., Kosinski, M., & Stillwell, D. (2015). Computer-based personality judgments are more accurate than those made by humans. Proceedings of the National Academy of Sciences, 112(4), 1036–1040. https://doi.org/10.1073/pnas.1418680112

Y

  1. Yang, R., Yu, F. R., Si, P., Yang, Z., & Zhang, Y. (2019). Integrated blockchain and edge computing systems: A survey, some research issues and challenges. IEEE Communications Surveys & Tutorials, 21(2), 1508-1532. http://dx.doi.org/10.1109/COMST.2019.2894727
  2. Yang, Q., Steinfeld, A., Carolyn, R., & Zimmerman, J. (2020). Re-examining Whether, Why, and How Human-AI Interaction Is Uniquely Difficult to Design. http://dx.doi.org/10.1145/3313831.3376301
  3. Yeung, K. (2017). ‘Hypernudge’: Big Data as a mode of regulation by design. Information, Communication & Society, 20(1), 118–136. https://doi.org/10.1080/1369118X.2016.1186713

Z

  1. Zaharia, M., et al. (2016). Apache Spark: A unified engine for big data processing. Communications of the ACM, 65(2), 76–86. http://dx.doi.org/10.1145/2934664
  2. Zerilli, J., et al. (2019). Algorithmic decision-making and the control problem. Minds and Machines, 29(4), 555–578. https://doi.org/10.1007/s11023-019-09513-6
  3. Zheng, Z., Xie, S., Dai, H., Chen, X., & Wang, H. (2018). Blockchain challenges and opportunities: A survey. International Journal of Web and Grid Services, 14(4), 352-375. http://dx.doi.org/10.1504/IJWGS.2018.095647
  4. Zheng, Q., Xu, Z., Choudhry, A., Chen, Y., Li, Y., & Huang, Y. (2023). Synergizing Human-AI Agency: A Guide of 23 Heuristics for Service Co-Creation with LLM-Based Agents. arXiv preprint arXiv:2310.15065. https://doi.org/10.48550/arXiv.2310.15065
  5. Zholudev, V., Kalaydin, P. G., Novoselsky, A., & Petrov, T. (2023). SuMSub expert roundtable: The top KYC trends coming in 2024. Sumsub. blog/top-kyc-trends
  6. Zillner, S., Gómez, J. A., Robles, A. I., Hahn, T. P., Bars, L. L., Petkovic, M. & Curry, E. (2021). Data Economy 2.0: From Big Data Value to AI Value and a European Data Space. In Springer eBooks (S. 379–399). https://doi.org/10.1007/978-3-030-68176-0_16
  7. Zuboff, S. (2019). The age of surveillance capitalism: The fight for a human future at the new frontier of power. Profile Books.