Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
skip to main content
article

Company information privacy orientation: a conceptual framework

Published: 01 November 2015 Publication History

Abstract

Contemporary organisations struggle to develop effective responses to the complex challenge of deploying sophisticated information technology systems in an era characterised increasingly by customer demands for privacy. In this paper, we develop a conceptual framework of Company Information Privacy Orientation that attempts to reconcile the differences between the organisation's information management objectives and its ethical and legal obligations to address customers' privacy. Control theory and justice theory are utilised to build an organisation-level framework that is composed of a firm's ethical obligation to its customers, its customer information management strategy and its assessment of the risks to its business created by legal demands to provide customer information privacy. The four different types of company privacy orientation profiles that emerge from this conceptual framework are then discussed, along with implications for future research.

References

[1]
Anglen, R. 2015 For Uber, the road ahead is uncertain, in: USA Today, Gannett Company, pp.5B.
[2]
Apple2015a Manage your privacy, Retrieved January 26, 2015 from "http://www.apple.com/privacy/manage-your-privacy/".
[3]
Apple2015b Privacy built in, Retrieved January 26, 2015 from "http://www.apple.com/privacy/privacy-built-in/".
[4]
Apple2015c Privacy policy, Retrieved January 26, 2015 from "https://www.apple.com/legal/privacy/en-ww/".
[5]
Awad, N.F. &Krishnan, M.S. 2006 The personalization privacy paradox: an empirical evaluation of information transparency and the willingness to be profiled online for personalization. MIS Quarterly, Volume 30, pp.13-28.
[6]
Bélanger, F. &Crossler, R.E. 2011 Privacy in the digital age: a review of information privacy research in information systems. MIS Quarterly, Volume 35, pp.1017-1041.
[7]
Bennett, C.J. &Raab, C.D. 2008 The governance of privacy: policy instruments in global perspective. Jurimetrics, Volume 48, pp.349-356.
[8]
Bordoloi, B., Mykytyn, K. &Mykytyn, P.P.Jr. 1996 A framework to limit systems developers' legal liabilities. Journal of Management Information Systems, Volume 12, pp.161-185.
[9]
Bose, I. &Leung, A.C.M. 2013 The impact of adoption of identity theft countermeasures on firm value. Decision Support Systems, Volume 55, pp.753-763.
[10]
Brian, M. 2014 What you need to know about the 'right to be forgotten' on Google, from "http://www.engadget.com/2014/06/02/right-to-be-forgotten-explainer/".
[11]
Brill, J. 2013 Data industry must step up to protect consumer privacy, Retrieved January 3, 2014 from "http://adage.com/article/guest-columnists/data-industry-step-protect-consumer-privacy/244971/".
[12]
Brohman, M.K., Watson, R.T., Piccoli, G. &Parasurama, A. 2003 Data completeness: a key to effective net-based customer service systems. Communications of the ACM, Volume 46, pp.47-51.
[13]
Canada2013 Investigation into the personal information handling practices of whatsapp Inc., Retrieved January 1, 2014 from "http://www.priv.gc.ca/cf-dc/2013/2013_001_0115_e.asp".
[14]
Caudill, E.M. &Murphy, P.E. 2000 Consumer online privacy: legal and ethical issues. Journal of Public Policy & Marketing, Volume 19, pp.7-19.
[15]
Cavoukian, A. &Hamilton, T.J. 2002 Privacy Payoff: How Successful Businesses Build Customer Trust. McGraw-Hil Ryerson, Toronto, Canada.
[16]
Chan, Y. 2003 Competing through information privacy. In: Competing in the Information Age: Align in the Sand. J.N.Luftman Ed., pp. pp.350-361. Oxford University Press, New York, NY, USA.
[17]
Charters, D. 2002 Electronic monitoring and privacy issues in business-marketing: the ethics of the DoubleClick experience. Journal of Business Ethics, Volume 35, pp.243-254.
[18]
Chau, M. &Xu, J. 2012 Business intelligence in blogs: understanding consumer interactions and communities. MIS Quarterly, Volume 36, pp.1189-1216.
[19]
Conrath, C. 2005 Pipeda hurdles remain in sight, say the experts, Retrieved December 31, 2013 from "http://www.itworldcanada.com/article/pipeda-hurdles-remain-in-sight-say-the-experts/10272".
[20]
Culnan, M.J. 1993 'How did they get my name?': an exploratory investigation of consumer attitudes toward secondary information use. MIS Quarterly, Volume 17, pp.341.
[21]
Culnan, M.J. 1999 Georgetown Internet Privacy Policy Survey: Report to the Federal Trade Commission, in: Washington. Georgetown University, The McDonough School of Business, DC.
[22]
Culnan, M.J. 2000 Protecting privacy online: is self-regulation working? Journal of Public Policy & Marketing, Volume 19, pp.20-26.
[23]
Culnan, M.J. &Armstrong, P.K. 1999 Information privacy concerns, procedural fairness, and impersonal trust: an empirical investigation. Organization Science, Volume 10, pp.104.
[24]
Culnan, M.J. &Bies, R.J. 2003 Consumer privacy: balancing economic and justice considerations. Journal of Social Issues, Volume 59, pp.323-342.
[25]
Culnan, M. &Smith, H. 1995 Lotus marketplace: households-managing information privacy concerns. In: Computers, Ethics, and Social Values. D.G.Johnson, H.Nissenbaum Eds., pp. pp.269-277. Prentice Hall, Upper Saddle City, NJ, USA.
[26]
Culnan, M., Smith, H. &Bies, R. 1994 Law, privacy, and organizations: the corporate obsession to know versus the individual right not to be known. In: The Legalistic Organization. S.Sitkin, R.Bies Eds., pp. pp.199-211. Sage, Thousand Oaks, CA, USA.
[27]
Culnan, M.J. &Williams, C.C. 2009 How ethics can enhance organizational privacy: lessons from the choicepoint and TJX data breaches. MIS Quarterly, Volume 33, pp.673-687.
[28]
Davenport, T.H. &Prusak, L. 1998 Working Knowledge. Harvard Business School Press, Boston, MA.
[29]
Davison, R.M., Clarke, R., Smith, H., Langford, D. &Kuo, B. 2003 Information privacy in a globally networked society: implications for IS research. Communications of the Association for Information Systems, Volume 12, pp.341-365.
[30]
DeMarco, D.A. 2006 Understanding consumer information privacy in the realm of internet commerce: personhood and pragmatism, pop-tarts and six-packs. Texas Law Review, Volume 84, pp.1013-1064.
[31]
Dinev, T., Xu, H., Smith, J. &Hart, P. 2013 Information privacy and correlates: an empirical attempt to bridge and distinguish privacy-related concepts. European Journal of Information Systems, Volume 22, pp.295-316.
[32]
Ernst & Young2013 Privacy trends 2013: The uphill climb continues, Retrieved June 3, 2014 from "http://www.ey.com/Publication/vwLUAssets/Privacy_trends_2013_-_The_uphill_climb_continues/$FILE/Privacy%20trends%202013%20-%20The%20uphill%20climb%20continues.pdf".
[33]
FTC2009 FTC staff revises online behavioral advertising principles, Retrieved January 1, 2014 from "http://www.ftc.gov/news-events/press-releases/2009/02/ftc-staff-revises-online-behavioral-advertising-principles".
[34]
FTC2011 Mobile apps developer settles FTC charges it violated children's privacy rule, from "http://www.ftc.gov/opa/2011/08/w3mobileapps.shtm".
[35]
FTC2012 FTC approves final settlement with Facebook, Retrieved January 1, 2014 from "http://www.ftc.gov/news-events/press-releases/2012/08/ftc-approves-final-settlement-facebook".
[36]
FTC2013 Path social networking app settles FTC charges it deceived consumers and improperly collected personal information from users' mobile address books, Retrieved January 1, 2014 from "http://www.ftc.gov/news-events/press-releases/2013/02/path-social-networking-app-settles-ftc-charges-it-deceived".
[37]
Geist, M. 2014 Why Uber has a Canadian privacy problem, Retrieved January 2, 2015 from "http://www.thestar.com/business/2014/11/21/why_uber_has_a_canadian_privacy_problem.html".
[38]
George, J.F. 1996 Computer-based monitoring: common perceptions and empirical results. MIS Quarterly, Volume 20, pp.459-480.
[39]
Google2015a About Google, Retrieved January 26, 2015 from "https://www.google.com/intl/en/about/".
[40]
Google2015b Our products and services, Retrieved January 26, 2015 from "https://www.google.com/intl/en/about/company/products/".
[41]
Greenaway, K.E. &Chan, Y.E. 2005 Theoretical explanations for firms' information privacy behaviors. Journal of the Association for Information Systems, Volume 6, pp.171-198.
[42]
Greenaway, K.E. &Chan, Y.E. 2013 Designing a customer information privacy program aligned with organizational priorities. MIS Quarterly Executive, Volume 12, pp.137-150.
[43]
Greenberg, J. 1987 A taxonomy of organizational justice theories. Academy of Management Review, Volume 12, pp.9-22.
[44]
Gregor, S. 2006 The nature of theory in information systems. MIS Quarterly, Volume 30, pp.611-642.
[45]
Griswold, A. 2014 While you were complaining about Uber's ethics, its investors gave it another $1.2 billion, Retrieved January 2, 2015 from "http://www.slate.com/blogs/moneybox/2014/12/04/uber_raises_1_2_billion_new_funding_gives_travis_kalanick_s_ride_service.html".
[46]
Halliday, J. 2014 Google search results may indicate 'right to be forgotten' censorship, from "http://www.theguardian.com/technology/2014/jun/08/google-search-results-indicate-right-to-be-forgotten-censorship".
[47]
Hoffman, D., Novak, T.P. &Peralta, M. 1999 Building consumer trust online. Communications of the ACM, Volume 42, pp.80-85.
[48]
Ives, B. &Jarvenpaa, S.L. 1991 Applications of global information technology: key issues for management. MIS Quarterly, Volume 15, pp.33-49.
[49]
Jackson, S.E. &Dutton, J.E. 1988 Discerning threats and opportunities. Administrative Science Quarterly, Volume 33, pp.370-387.
[50]
Kim, B. &Han, I. 2009 What drives the adoption of mobile data services? an approach from a value perspective. Journal of Information Technology, Volume 24, pp.35-45.
[51]
Korsgaard, M.A., Schweiger, D.M. &Sapienza, H.J. 1995 Building commitment, attachment, and trust in strategic decision-making teams: the role of procedural justice. Academy of Management Journal, Volume 38, pp.60-84.
[52]
Laufer, R.S. &Wolfe, M. 1977 Privacy as a concept and a social issue: a multidimensional developmental theory. Journal of Social Issues, Volume 33, pp.22-42.
[53]
Lewis, B.R., Snyder, C.A. &Rainer, R.K.Jr. 1995 An empirical assessment of the information resource management construct. Journal of Management Information Systems, Volume 12, pp.199-223.
[54]
Lind, E.A. &Tyler, T.R. 1988 The Social Psychology of Procedural Justice. Plenum Publishing Corporation, New York, NY, USA.
[55]
Malhotra, N.K., Kim, S.S. &Agarwal, J. 2004 Internet users' information privacy concerns IUIPC: the construct, the scale, and a causal model. Information Systems Research, Volume 15, pp.336-355.
[56]
Mason, R.O. 1986 Four ethical issues of the information age. MIS Quarterly, Volume 10, pp.5.
[57]
Mason, R.O. 1995 Applying ethics to information technology issues. Communications of the ACM, Volume 38, pp.55-57.
[58]
Maxfield, J. 2014 The bank of Wal-Mart is open for business, Retrieved January 2, 2015 from "http://www.fool.com/investing/general/2014/09/24/the-bank-of-walmart-is-open-for-business.aspx".
[59]
McCarthy, C. 2009 Ad industry groups agree to privacy guidelines, Retrieved January 1, 2014 from "http://news.cnet.com/8301-1023_3-10278182-93.html".
[60]
McDonald, G. 2000 Business ethics: practical proposals for organisations. Journal of Business Ethics, Volume 25, pp.169-184.
[61]
McGarry, C. 2014 Why Uber's long PR nightmare will end in a user privacy win, from "http://www.macworld.com/article/2850884/why-uber-s-long-pr-nightmare-will-end-in-a-user-privacy-win.html".
[62]
McGrath, M. 2014 Wal-Mart snaps same-store sales losing streak, Retrieved January 2, 2015 from "http://www.forbes.com/sites/maggiemcgrath/2014/11/13/wal-mart-same-store-sales-grow-for-the-first-time-in-7-quarters/".
[63]
Milberg, S.J., Smith, H.J. &Burke, S.J. 2000 Information privacy: corporate management and national regulation. Organization Science, Volume 11, pp.35.
[64]
Milne, G.R. 2000 Privacy and ethical issues in database/interactive marketing and public policy: a research framework and overview of the special issue. Journal of Public Policy & Marketing, Volume 19, pp.1-6.
[65]
Milne, G.R. &Culnan, M.J. 2002 Using the content of online privacy notices to inform public policy: a longitudinal analysis of the 1998-2001 US web surveys. The Information Society, Volume 18, pp.345-359.
[66]
Miyazaki, A.D. &Fernandez, A. 2000 Internet privacy and security: an examination of online retailer disclosures. Journal of Public Policy & Marketing, Volume 19, pp.54-61.
[67]
Mogull, R. 2014 Why Apple really cares about your privacy, Retrieved January 26, 2015 from "http://www.macworld.com/article/2366921/why-apple-really-cares-about-your-privacy.html".
[68]
Oz, E., Glass, R. &Behling, R. 1999 Electronic workplace monitoring: what employees think. Omega, Volume 27, pp.167-177.
[69]
Pan, S.L. &Lee, J. 2003 Using e-CRM for a unified view of the customer. Communications of the ACM, Volume 46, pp.95-99.
[70]
Panzarino, M. 2013 Yahoo will follow Google in encrypting data center traffic, customer data flow by q1 '14, Retrieved January 2, 2014 from "http://techcrunch.com/2013/11/18/yahoo-will-follow-google-in-encrypting-data-center-traffic-all-traffic-between-company-and-customers-by-q1-14/".
[71]
Park, S., Huh, S., Oh, W. &Han, S.P. 2012 A social network-based inference model for validating customer profile data. MIS Quarterly, Volume 36, pp.1217-1237.
[72]
Price Waterhouse Coopers2014 10 minutes on data privacy, Retrieved June 3, 2014 from "http://www.pwc.com/en_US/us/10minutes/assets/pwc-data-privacy.pdf".
[73]
Rosch, E.H. 1978 Principles of categorization. In: Cognition and Categorization. E.Roach, B.B.Lloyd Eds., pp. pp.27-48. Erlbaum Associates, Hillsdale, NJ, USA.
[74]
Rousseau, D.M. 1985 Issues of level in organizational research: multi-level and cross-level perspectives. Research in Organizational Behavior, Volume 7, pp.1-37.
[75]
Ryker, R., Lafleur, E., McManis, B. &Cox, K.C. 2002 Online privacy policies: an assessment of the Fortune e-50. Journal of Computer Information Systems, Volume 42, pp.15-20.
[76]
Schwaig, K.S., Kane, G.C. &Storey, V.C. 2005 Privacy, fair information practices and the Fortune 500: the virtual reality of compliance. The Data Base for Advances In Information Systems, Volume 36, pp.49-63.
[77]
Schwartz, E.H. 2014 Uber's PR problems are good news for Lyft, from "http://inthecapital.streetwise.co/2014/12/02/ubers-pr-problems-good-lyft/".
[78]
Sharma, S. &Vredenburg, H. 1998 Proactive corporate environmental strategy and the development of competitively valuable organizational capabilities. Strategic Management Journal, Volume 19, pp.729-753.
[79]
Sheehan, K.B. &Hoy, M.G. 2000 Dimensions of privacy concern among online consumers. Journal of Public Policy & Marketing, Volume 19, pp.62-73.
[80]
Shey, H. 2014 Privacy becomes a competitive differentiator in pp.2015, Retrieved January 26, 2015 from "http://blogs.forrester.com/heidi_shey/14-11-12-privacy_becomes_a_competitive_differentiator_in_2015".
[81]
Smith, H.J. 1993 Privacy policies and practices: Inside the organizational maze. Association for Computing Machinery. Communications of the ACM, Volume 36, pp.104.
[82]
Smith, H.J. 2001 Information privacy and marketing: what the US should and shouldn't learn from Europe. California Management Review, Volume 43, pp.8-33.
[83]
Smith, H.J., Dinev, T. &Xu, H. 2011 Information privacy research: an interdisciplinary review. MIS Quarterly, Volume 35, pp.989-1015.
[84]
Smith, H.J. &Hasnas, J. 1999 Ethics and information systems: the corporate domain. MIS Quarterly, Volume 23, pp.109-127.
[85]
Smith, H.J., Milberg, S.J. &Burke, S.J. 1996 Information privacy: Measuring individuals' concerns about organizational practices. MIS Quarterly, Volume 20, pp.167.
[86]
Stewart, K.A. &Segars, A.H. 2002 An empirical examination of the concern for information privacy instrument. Information Systems Research, Volume 13, pp.36-49.
[87]
Stone, E.F. &Stone, D.L. 1990 Privacy in organizations: theoretical issues, research findings, and protection mechanisms. In: Research in Personnel and Human Resources Management. G.R.Ferris Ed., pp. pp.349-411. JAI Press, Greenwich, CT, USA.
[88]
Straub, D.W. &Collins, R.W. 1990 Key information liability issues facing managers: software piracy, proprietary databases, and individual rights to privacy. MIS Quarterly, Volume 22, pp.143-156.
[89]
Sutanto, J., Palme, E., Tan, C.H. &Phang, C.W. 2013 Addressing the personalization-privacy paradox: an empirical assessment from a field experiment on smartphone users. MIS Quarterly, Volume 37, pp.1141-1164.
[90]
Toohey, T. 2013 Designing for privacy & web success, Retrieved January 2, 2015 from "http://www.jdsupra.com/legalnews/designing-for-privacy-web-success-71797/".
[91]
Trope, R.L. 2012 " There's no app for that": calibrating cybersecurity safeguards and disclosures. Business Lawyer, Volume 68, pp.183-195.
[92]
Tung, L. 2014 Google loses 'right to be forgotten' fight in Europe's top court, Retrieved June 10, 2014 from "http://www.zdnet.com/google-loses-right-to-be-forgotten-fight-in-europes-top-court-7000029383/".
[93]
Tushman, M.L. &Nadler, D.A. 1978 Information processing as an integrating concept in organizational design. Academy of Management Review, Volume 3, pp.613-624.
[94]
UK2013 Enforcement notice against Google Inc., Retrieved January 1, 2014 from "http://www.ico.org.uk/enforcement/~/media/documents/library/Data_Protection/Notices/google-inc-enforcement-notice-11062013.pdf".
[95]
Walmart2015 Walmart privacy policy, Retrieved January 26, 2015 from "http://corporate.walmart.com/privacy-security/walmart-privacy-policy".
[96]
Wang, Y. 2008 Assessing e-commerce systems success: a respecification and validation of the DeLone and McLean model of IS success. Information Systems Journal, Volume 18, pp.529-557.
[97]
Watson, A. 2013 Fraud: it's closer to home than you think. Computer Fraud & Security, Volume 2013, pp.9-11.
[98]
Webster, J. 1998 Desktop videoconferencing: experiences of complete users, wary users, and non-users. MIS Quarterly, Volume 22, pp.257-286.
[99]
Winer, R.S. 2001 A framework for customer relationship management. California Management Review, Volume 43, pp.89-105.
[100]
Winkler, R. &Barr, A. 2014 Google profit engine rolls on, Retrieved January 2, 2015 from "http://www.wsj.com/articles/google-reports-22-revenue-growth-1405628219".
[101]
Xu, H., Teo, H.-H., Tan, B.C. &Agarwal, R. 2012 Research note-effects of individual self-protection, industry self-regulation, and government regulation on privacy concerns: a study of location-based services. Information Systems Research, Volume 23, pp.1342-1363.

Cited By

View all
  1. Company information privacy orientation: a conceptual framework

      Recommendations

      Comments

      Information & Contributors

      Information

      Published In

      cover image Information Systems Journal
      Information Systems Journal  Volume 25, Issue 6
      November 2015
      94 pages
      ISSN:1350-1917
      EISSN:1365-2575
      Issue’s Table of Contents

      Publisher

      John Wiley & Sons, Inc.

      United States

      Publication History

      Published: 01 November 2015

      Author Tags

      1. control agency theory
      2. information management
      3. organisational level privacy
      4. privacy conceptual framework
      5. privacy ethics
      6. privacy laws
      7. privacy orientation
      8. procedural justice

      Qualifiers

      • Article

      Contributors

      Other Metrics

      Bibliometrics & Citations

      Bibliometrics

      Article Metrics

      • Downloads (Last 12 months)0
      • Downloads (Last 6 weeks)0
      Reflects downloads up to 20 Feb 2025

      Other Metrics

      Citations

      Cited By

      View all
      • (2024)A Review of Online Information Privacy Theories Advanced in Eight AIS Journals Over the Last DecadeInformation Resources Management Journal10.4018/IRMJ.34997737:1(1-22)Online publication date: 17-Sep-2024
      • (2024)A Design Theory for Transparency of Information Privacy PracticesInformation Systems Research10.1287/isre.2019.023935:3(956-977)Online publication date: 1-Sep-2024
      • (2022)Information Privacy Assimilation in IT OrganizationsInformation Systems Frontiers10.1007/s10796-021-10158-024:5(1497-1513)Online publication date: 1-Oct-2022
      • (2017)Datification and its human, organizational and societal effectsThe Journal of Strategic Information Systems10.1016/j.jsis.2017.08.00226:3(185-190)Online publication date: 1-Sep-2017
      • (2017)Debating big dataThe Journal of Strategic Information Systems10.1016/j.jsis.2017.07.00326:3(191-209)Online publication date: 1-Sep-2017

      View Options

      View options

      Figures

      Tables

      Media

      Share

      Share

      Share this Publication link

      Share on social media