Article Preview
TopIntroduction
The exponential growth of e-commerce, posting details of individual life events on social media platforms, and growing usage of the internet for everything (banking, education, etc.) has led to a significant amount of personal information available to the outside world beyond the user protected domain (Ndombi et al., 2014; Ganshani, 2013). Today, in the world, billions of bytes of data seem to be falling out of control. Data lost or stolen is one primary concern under the broad topic of security. Whereas data that's volunteered to be collected about by individuals have a tremendous impact on privacy, and at times it is analyzed without consent (Belanger and Hiller, 2006). In the present epoch of the information age, the collection of digital information by governments, corporations, and individuals has created tremendous opportunities for information-based decision-making. The technology landscape (data mining, business intelligence, big data analytics, cloudification) may expose data to potential privacy breaches. Driven by mutual benefits or regulations requiring specific data to be published, there is a demand for the exchange and publication of data among various parties opening doors for potential violation of privacy (Fung et al., 2010). In recent times, several well-known organizations like Google (Stempel, 2020), Facebook (Romm, 2019), Amazon (Telford, 2021), and T-Mobile (Lima, 2021) have faced privacy-related repercussions. IBM-sponsored research and analysis of approximately 537 real-world data breaches conducted by Ponemon Institute reported a 10% year-over-year rise in the average data breach cost. According to their cost of a data breach report (CODBR), remote working and digital transformation during the pandemic led to the average cost of a data breach to a seventeen-year-high of $4.24 million per breach (Todd, 2021). The privacy rights clearinghouse reported that 10.38 billion records were compromised since 2005 in the United States (U.S.) (Clearinghouse, 2022).
Concerns regarding data privacy have kept creeping from individual to organization levels over the past decade (Bélanger and Crossler, 2011). Not all individuals are likely to be aware of the need to protect their personal information, and neither are they willing to participate in safeguarding their information privacy (Bélanger and Crossler, 2011). However, individuals avoid transactions with organizations that do not protect their privacy (Greenaway et al., 2015). When viewing this issue from an organizational perspective, factors such as Enterprise liability, strengthened data protection laws, and business impact is shifting the focus of privacy study from individuals to organizations. Culnan and Armstrong (1999) state that privacy is an organizational issue. Organizations should care more about what they do with customers' information rather than leave it to customers to exercise their privacy options. Holistically, privacy protection is a shared responsibility and requires more awareness and understanding among individuals, organizations, and government bodies (Haney et al., 2021).
Privacy awareness among individuals has a significant impact on how individuals interact with organizations (Paramarta et al., 2019), while most users do not bother about privacy policies (Meinert et al., 2006) but may have increased trust if organizations have such policies in place (Moores and Dhillon, 2003). Lack of Trust due to privacy breaches by the Organization has led governments to adopt privacy regulations (Anant et al., 2020). As per United Nations Conference for Trade and Development (UNCTAD), due to the swift increase in online social and economic activities across the world, 66% (128 out 194) of the member countries have already adopted regulations to protect data and privacy while 10% countries are with draft legislation (UNCTAD, 2021).