Information Privacy: Understanding How Firms Behave Online

Information Privacy: Understanding How Firms Behave Online

Gerald C. Kane (Boston College, USA), Kathy Stewart Schwaig (Kennesaw State University, USA) and Veda C. Storey (Georgia State University, USA)
DOI: 10.4018/978-1-60960-521-6.ch005


The acquisition and use of personal information by large corporations continues to be a leading issue in the age of virtual communication and collaboration. This research reviews and analyzes the privacy policies of large US companies to evaluate the substance and quality of their stated information practices. Six factors are identified that indicate the extent to which a firm is dependent upon consumer personal information, and therefore, more likely to develop high quality privacy statements. The study’s findings provide practical and theoretical implications for information privacy issues, particularly for consumers who need to decide whether to disclose their personal identifying information to firms. The research also highlights the complexity and challenges of managing personal private information.
Chapter Preview


Identification is ever important in the online world with identity-related crime a related, growing problem (Koops et al., 2009). Much more information is being digitized, increasing the ability of companies to use and analyze this data. People are sharing more information than ever before via social networking sites and other means, and companies are increasingly using this information to improve their ability to both relate and market to consumers. People are sharing increasingly personal types of information in niche social media communities. For instance, on an online social network called PatientsLikeMe, people with chronic – often terminal – diseases share their disease progress and treatments used (Kane et al, 2010). New forms of personal information are increasingly becoming available automatically with the development of new technological capabilities, such as location-aware computing (Xu et al., 2009).

Companies are increasingly dependent on consumer information, and the degree to which they can collect and use that information without alienating or angering the customer increases the company’s ability to engage in effective customer relationships (Son and Kim 2008). In this age of e-commerce, real time enterprises, and globalization, firms collect consumer information to provide customized services, identify buying trends, and target goods and services for specific markets (Kobsa, 2007; Chellappa & Sin, 2005). Although privacy is highly valued, most people believe that absolute privacy is not attainable. Consumers make choices with respect to how much and what type of privacy they are willing to give up in exchange for outcomes that are valuable to them (Diney & Hart, 2006).

Increased globalization means that companies not only need to consider US privacy policies, but also the privacy policies of other countries. With globalization, a company can be registered in one country, hosted in another, and do business with consumers anywhere in the world (Jensen et al., 2007). In some cases, consumers and privacy advocates protest the use of personal identifying information by asserting the right of any individual to control the way companies collect, store, and use their personal information (Culnan, 1995; 2000). Stakeholders include those who have privacy interests in a system (Preibusch et al., 2007).

Although the use of individual personal information is regulated in some industries, the majority of information privacy protection is voluntary. Extending protection to consumers, however, is not without costs. First, companies promise to limit their use of consumer information in particular ways and, presumably, surrender some of the potential value of the information compared to unrestricted collection, storage, and use. Second, since privacy protection is voluntary, most companies are subject to legal repercussions only after they develop privacy promises. Thus, although companies are not required to make any privacy guarantees to consumers, once companies do make such promises, they are legally bound to deliver on the promises made (Chan, et. al., 2004). Finally, the direct cost of addressing information privacy concerns is high. Writing and enforcing a privacy policy as well as implementing other privacy enhancing mechanisms are time-consuming and costly. Providing information privacy protection is a complex issue. Privacy is an important determinant in customer behavior (Castañeda & Montoro, 2007, Tang et al. 2007, Yao et al., 2007). Yet, as companies are increasingly dependent upon consumer information for customization and target marketing purposes, they seek control over such information.

Complete Chapter List

Search this Book: