Privacy Protection Overseas as Perceived by USA-Based IT Professionals

Abstract

Privacy laws for the Internet are difficult to develop and implement domestically and internationally. A clear problem is how such laws are limited to national jurisdictions. What is legal in one country may be illegal in another. Due to differences in cultures and values, and government types, it may not be possible to establish global standards and legislations to ensure privacy. Due to the nonexistence of global privacy standards, multinational (international) companies usually select one of the following two possible solutions: (1) implement a most restrictive “one size fits all” privacy policy that is used across various countries, or (2) implement different privacy policies that meet the privacy regulations of different countries and expectations of those citizens. In order to investigate a solution that may be used by multinational companies, and how companies view domestic privacy laws, the authors conducted a survey of U.S.-based employees of domestic and multinational companies. The results of the survey suggest that the majority of the multinational companies prefer the first solution—most restrictive “one size fits all” approach. They develop and implement a single set of privacy policies that is used across their operations in different countries. The majority of the companies surveyed consider domestic privacy laws in the United States to be practical, but ineffective.