Information Privacy: Implementation and Perception of Laws and Corporate Policies by CEOs and Managers

Information Privacy: Implementation and Perception of Laws and Corporate Policies by CEOs and Managers

Garry L. White (Texas State University – San Marcos, USA), Francis A. Méndez Mediavilla (Texas State University – San Marcos, USA) and Jaymeen R. Shah (Texas State University – San Marcos, USA)
DOI: 10.4018/978-1-4666-2050-6.ch004


In the Web dependent world, companies must respect and protect individuals’ information privacy. Companies develop and implement corporate information privacy policies to comply with the domestic and international information privacy laws and regulations. This paper investigates: (a) the approach used by multinational and domestic companies to develop and implement corporate information privacy policies; and (b) the perception of corporate managers/professionals toward information privacy legislation and secondary use of personally identifiable information (PII) that organizations collect. A survey was conducted to collect data from corporate CEOs, managers, and technical professionals of national and multinational companies. Findings indicate the following: 1) Views regarding the practicality and effectiveness of information privacy legislations are similar for respondents from the national and multinational companies. 2) Respondents are undecided about whether the privacy laws of the United States and foreign countries are equally restrictive. 3) Multinational companies do not favor developing and implementing uniform information privacy policies or different information privacy policies across countries of operations. 4) Respondents strongly agreed that unauthorized secondary use of personal information is unacceptable.
Chapter Preview


The emergence of social networking and cloud computing, and enhancements in the Internet and Web technologies have significantly increased the use of the Web by businesses and individuals. Increase in the use of the Web and global e-commerce together with the advances in online data collection technologies and online marketing techniques have created potential threats to consumers’ information privacy that are invisible to many users (Camp, 1999; Pedley, 2002; Zhang et al., 2007). Using sophisticated automated data collection technologies, companies now collect, store, and transfer across the borders ever more personally identifiable information (PII) in electronic form, often without individuals’ knowledge, which has significantly increased information privacy concerns (Cassini et al., 2008). Collecting PII about individuals without their knowledge is not fair. Further, one of the consequences of the use of global information infrastructure developed to support global e-commerce is that companies can almost instantaneously move individuals’ personal data collected by them across national jurisdictions. This is easy as unlike physical goods, data freely flows across national jurisdictions without any checks. Although, the free flow of information is one of the most essential requirements for the economic growth of an organization (Oz, 1994), flow of individuals’ PII across national jurisdictions substantially increase individuals’ concerns regarding information privacy and expose companies to criminal liability (Gilbert, 2008). Transborder data flows makes it difficult to deal with information privacy problems as the majority of the existing privacy laws do not address this issue. This has resulted in information privacy to become one of the most critical issues of international concern that threatens the growth of global e-commerce (Stephens, 2007; Zuckerman, 2001; Chandran et al., 1987).

Results of a study by Ranganathan and Ganapathy (2002) indicated that information privacy concerns have a significant impact on the purchasing intent of consumers. Individuals’ are concerned regarding their information privacy when they use the Web. A consumer survey revealed that almost 61% of the Internet users refuse to shop online due to concerns regarding information privacy (Ryker et al., 2002). To alleviate consumers’ information privacy concerns and build consumer trust online, most companies develop information privacy policies and post them on their websites. To be effective in alleviating individuals’ privacy concerns, these policies must explicitly state what data the company collects, and how the company will use the collected data. A survey by Milne and Culnan (2004) found that 66.3% of online users who read the information privacy policy posted on a company’s website, but did not understand how their personal information will be used by the company, did not use the website to make any purchases. This result clearly suggests that online users are concerned regarding companies making unauthorized secondary use of their personal information, and sharing and selling it to business partners without obtaining prior authorization from them.

Complete Chapter List

Search this Book: