This study examines the level of data privacy and security awareness (DPSA) among Malaysian university students who depend on smartphones for academic activities. An enhanced cybersecurity education (CE) technological proficiency–perceived control (CTP) model is proposed, incorporating technological innovation and cultural norms (TICN) as a mediating factor between technological proficiency (TP) and awareness. A total of 356 students from public and private institutions in Melaka participated. The Krejcie and Morgan table was used to determine the sample size. Descriptive analysis was conducted using IBM SPSS 27, and SmartPLS-SEM was used to evaluate both measurement and structural models. Reliability and validity were confirmed through a pilot study with 50 respondents. Findings show that TICN significantly strengthens the translation of technical skills into protective behavior, outperforming the original model that used frequency of smartphone usage (FSU) as a mediator. The enhanced model provides a deeper understanding of the socio-technical determinants of smartphone privacy awareness. Implications, limitations, and directions for future research are also discussed.

Cyber-threat Malaysia; Data privacy awareness; Data protection; Mobile internet users; Smartphone privacy