Xem mẫu
Online Information Privacy
consumer information privacy is that by letting people opt-in on mailing lists you will create a more valuable list, thereby reducing transaction costs (Scholtz, 2001). Privacy protections can in IDFWEHGHVLJQHGWRHQVXUHPRUHDFFXUDWH¿OHV DQGEULQJDERXWPRUHHI¿FLHQWGDWDPDQDJHPHQW representing savings for a business. It is, Smith DUJXHVZKHQV\VWHPVKDYHWREHUHWUR¿WWHG to accommodate privacy demands that the costs accumulate.
Consumer Privacy as a Factor of Consumer Trust
Upholding consumer information privacy may not only be good for business in terms of increas-LQJLQIRUPDWLRQHI¿FLHQF\DQGUHGXFLQJSULYDF\ concern, it also may help to engender consumer WUXVWRQOLQH7UXVWKDVEHHQGHFODUHGWKH³sine qua non of the digital economy” (Papadopoulou, Andreou, Kanellis, & Matrakos, 2001). Indeed, Rao and Singhapakdi (1997) assert that customer trust is an organisation’s most precious asset. The absence of FRQ¿GHQFHHQJHQGHULQJPHDVXUHV such as physical proximity, handshakes, body language, and so forth may not be exclusive to Internet relationships, however, the online envi-ronment also suffers from a lack of common legal jurisdiction, along with the high perception of risk normally associated with recent technology (Clarke, 2001).
For Internet commerce to continue to develop and grow, there must be a relationship of mutual trust between buyers and sellers (Fukuyama, 1999), however, privacy concerns will inevitably harm this process, potentially turning long-term relationship-based business deals into short-term transactional ones. In fact, Harrison-McKnight and Chervany’s comprehensive model ofcustom-er trust in an e-commerce relationship indicates that Web site information practices (including the XVHRISULYDF\SROLFLHVDQGVHDOVLVDPDMRULQÀX-ence on trust-related Internet behaviours such as purchasing (2001). Enhanced customer trust also
increases the likelihood that a relationship will be continued. The question for many companies should therefore not be how much good informa-tion practices will cost, but what the price of not having them would be.
CONSUMER PRIVACY AS AN ETHICAL CHOICE
Under ethical theory, e-businesses have an obliga-tion to treat consumer information fairly. Indeed, many consumers, employees, and shareholders do not view the practice of making commercial gain IURPWKHVDFUL¿FHRIHWKLFDOSULQFLSOHVDVDSSUR-priate. As a result, corporate liability is no longer limited to products and services, but extends to their processes and their associated consequences for individuals and society (Posch, 1993). Many ¿QDQFLDODQDO\VWVHYHQYLHZHWKLFDOSHUIRUPDQFH as a measure of corporate performance.
One way that organisations can govern their ethical behaviour is to view their interactions with society as part of an implicit social contract. This implies that organisations have an obligation to be socially responsible and comply with social norms, such as respect for information privacy (Milne & Gordon, 1993). In such a situation, consumers consent for their information to be collected, as long as their information privacy rights are respected.
Increasingly, consumers are applying social criteria to purchasing decisions (Reder, 1995), and therefore expect ethical corporate behaviour (Creyer, 1997). Murphy and Laczniak (1981) and Singhapakdi, Rawwas, Matra, and Ahmed (2001) both found that consumers initially make an ethical judgement about an organisation that is likely to LQÀXHQFHWKHLUSXUFKDVLQJEHKDYLRXU,QDGGLWLRQ &UH\HUIRXQGWKDWFXVWRPHUV³UHZDUGHG´ ethical corporate behaviour through a willing-ness to pay a higher price, and while consumers ZHUHVWLOOOLNHO\WREX\IURPDQXQHWKLFDO¿UP
2074
Online Information Privacy
they would want do so at lower prices, in effect ³SXQLVKLQJ´WKHXQHWKLFDODFWV
Unethical information practice also may break WKHFRQVXPHU³value chain,” where consumers return to Web sites, receive offers, and provide feedback for ongoing improvement (Culnan, 1999). Further, Culnan (1999) found that when fair procedures are in place to protect individual privacy, customers showed a greater willingness to disclose information to businesses.
In effect, consumer privacy can be viewed as an ethical choice (by both consumers and companies), as a factor of consumer trust, which is imperative in the online environment, and as JRRGEXVLQHVVSUDFWLFHLQWHUPVRIHI¿FLHQF\RI information systems.
FORMULATING A PRIVACY TYPOLOGY
Information privacy concerns may manifest in VSHFL¿FFRQVXPHUDWWLWXGHVDQGEHKDYLRXUV,I individuals can be categorised according to their privacy orientations, it may be possible for busi-QHVVHVWRVXI¿FLHQWO\PHHWWKHLUSULYDF\GHPDQGV and manage the contextual and individualistic nature of online information privacy. Therefore, this chapter reports and discusses the results of an empirical study which aimed to identify and model Australian Internet users’ online informa-WLRQSULYDF\RULHQWDWLRQVE\FRPELQLQJVSHFL¿F demographic and attitudinal measurements with behavioural data.
The foundation for this research lies in Westin’s tripartite typology, developed in conjunction with a regular American consumer opinion poll by Harris & Associates, based upon their attitudes toward privacy(1). The most recent poll conducted in 2003 found that at one end of the spectrum are ³SULYDF\IXQGDPHQWDOLVWV´RIFRQVXPHUV The fundamentalists are most protective of their privacy, and therefore are unlikely to engage in behaviour that might compromise it. At the other
HQGRIWKHVSHFWUXPDUHWKHPLQRULW\³SULYDF\ unconcerned” (10%) who least value their pri-vacy, frequently trading it off in favour of other interests or values. Between these extremes lies DQLQWHUPHGLDWHJURXS:HVWLQUHIHUVWRDV³SULYDF\ pragmatists,” who though concerned about their privacy, try to reach an equilibrium between the SRWHQWLDO EHQH¿WV DQG WKUHDWV DVVRFLDWHG ZLWK yielding their privacy (Taylor, 2003).
In summary, Westin’s model is succinct and is certainly well acknowledged in the literature, however, it fails to capture the subtle distinctions between and within each category. Indeed, one could argue that in an environment such as the Internet, where privacy appears to be even more context-dependent than traditional off-line envi-ronments (Sheehan, 2002), it may be impossible to accurately depict the nuances of online privacy in a tripartite model. Further, the original model is based on responses to three closed-ended at-titudinal questions which do not encompass the many underlying dimensions of information privacy. Westin’s typology is also based on a study of American consumers, therefore, cul-tural differences (including privacy legislative frameworks) may mean that it is not applicable to Internet users of other countries.
Finally, it also is important to note that privacy, OLNHRWKHUYDOXHVSUHGLFWVEXWGRHVQRWFRQ¿UP behaviour. Privacy is the desirable, however, our actions are relative to both the individual and the context (Hofstede, 2001) because even the PRVW SULYDWH LQGLYLGXDOV PD\ ¿QG WKHPVHOYHV trading off privacy in favour of other compet-ing interests. Any substantial instrument should therefore include both attitudinal and behavioural measurements.
THE PRIVACY-SOPHISTICATION INDEX (PSI)
This study extends Westin’s typology by utilis-ing an instrument that measures the underlying
2075
Online Information Privacy
dimensions of online information privacy by com-bining demographic and attitudinal information with the behavioural characteristics of Internet users. We refer to the resultant typology as the SULYDF\VRSKLVWLFDWLRQLQGH[36,³3ULYDF\´UH-fers to individuals’ attitudes and behaviour toward RQOLQHLQIRUPDWLRQSULYDF\ZKLOH³VRSKLVWLFDWLRQ´ refers to the level of the individual’s Internet H[SHULHQFH7KXV,QWHUQHWXVHUVDUHGH¿QHGDV ³H[SHULHQFHG´RU³LQH[SHULHQFHG´DFFRUGLQJWR
ii) institution-based trust, or the per-ceived propriety of the conditions within which trust is required, includ-ing laws, regulations, and so forth; and
iii) initial trusting beliefs, including repu-tation, initial contact, and so forth. (Papadopoulou et al., 2001; Harrison-McKnight & Chervany, 2001)
factors such as length of Internet use and number of activities performed online (e.g., banking, shop-ping). As such, the typology is developed:
Each of these constructs appears to have an effect on the way people value privacy. For instance, Lyon (1996, p. 15) posits that in a highly-regulated environment, concern for
1. inexperienced privacy unconcerned (IPU) 2. experienced privacy unconcerned (EPU) 3. inexperienced privacy pragmatist (IPP)
4. experienced privacy pragmatist (EPP) 5. inexperienced privacy concerned (IPC) 6. experienced privacy concerned (EPC)
privacy is less apparent. This is measured in the PSI by the extent to which third-party YHUL¿FDWLRQGHYLFHVIRUSULYDF\SUDFWLFHV VXFKDV75867HLQÀXHQFHVGDWDGLVFORVXUH Further, reputation, or an individual’s per-ception of the organisation, also may lower or raise our privacy thresholds. In fact, initial
In order to develop a validated measurement instrument and privacy typology, it was necessary for the dimensionality of the construct information privacy to be considered. The internal, external/ environmental, and behavioural privacy factors ZHUH LGHQWL¿HG DIWHU D FRPSUHKHQVLYH UHYLHZ of the literature, pilot tests, and discussion with expert judges.
Internal Factors
trusting beliefs even extend to the industry in which the organisation resides, as some sectors are perceived to be more trustworthy than others (Long, Hogg, Hartley, & Angold, 1999). This factor is measured in the PSI by the extent to which a Web site’s reputation LQÀXHQFHVGDWDGLVFORVXUH
2. 3HUFHLYHG YDOXH RI EHQH¿WV UHFHLYHG LQ exchange for loss of privacy
Individuals often trade-off privacy in return IRULPSOLHGRUH[SHFWHGEHQH¿WVLQUHWXUQ
1. Trust
Privacy and trust share an interdependent relationship; trust is both necessary for and dependent on privacy (Fried, 1996, p. 212). When people disclose personal information to a Web site, they trust that the information ZLOOUHPDLQFRQ¿GHQWLDODQGRXUSULYDF\ZLOO be maintained.
There are three constructs of trust:
These may include tangible rewards such as competition entry or a free gift for comple-tion of a market research survey, or less WDQJLEOHEHQH¿WVVXFKDVWKHFRQYHQLHQFHRI D:HEVLWH³UHPHPEHULQJ´\RXUUHJLVWUDWLRQ details, thus streamlining the purchasing SURFHVV7KHVHEHQH¿WVPD\WKHUHIRUHDIIHFW an individual’s willingness to relinquish privacy (Phelps, Nowak, & Ferrell, 2000; Sheehan & Grubbs Hoy, 2000; Long et al.,
i) disposition to trust, including person-ality and cultural factors;
1999). This factor is measured in the PSI by the extent to which the value received in
2076
Online Information Privacy
exchange for the information will affect an individual’s willingness to disclose personal information.
3. Familiarity/previous history with the organisation involved
People’s previous experience with an organisation fundamentally shapes their future interactions. Sheehan and Grubbs
5. Individual personality factors
Smith, Milberg, and Burke (1996) found that DQXPEHURISHUVRQDOLW\IDFWRUVLQÀXHQFHG concern for information privacy. Distrust was found to positively correlate with con-cern, as did paranoia and the extent to which an individual engages in social criticism.
Hoy (2000) and Lyon and Zuriek (1996, p. External/Environmental Factors 15) assert that the more familiar individuals
are with an organisation, the less they are likely to believe that their privacy will be compromised. Of course, this relies on the individual experiencing only favourable encounters; a negative experience with an organisation may actually raise our privacy levels even if it does not end the relationship. To this end, the PSI measures the extent to
6. Information management practices
2QHRIWKHPRVWVLJQL¿FDQWLQÀXHQFHVRQ our privacy thresholds is the way in which our information is managed (Long et al., 1999). Information management practices include:
i) control over information;
which individuals depend on their familiar-ity with a Web site before disclosing personal information to them.
4. Perceived risk
When individuals enter into a transaction with an organisation, they — consciously or not — will make an assessment with regard to the extent of the potential harm to themselves. There are many factors that contribute to perceived risk in the context
ii) transparency of information collec-tion;
iii) intended primary and secondary uses of the data;
iv) whether the data will be shared with other entities;
v) type, amount, and age of the informa-tion requested; and
vi) level of anonymity offered.
of privacy. If the individual has been sub- Behavioural Factors ject to a privacy invasion previously, or the
perceived propriety of the conditions is low, concern for privacy is likely to be high. Perceived risk may change over time; this may be due to the direct effects of the rela-tionship with the organisation (e.g., positive or negative encounters) or indirect factors such as a heightened awareness of threats to privacy due to media reports (Smith, Milberg, & Burke, 1996). The PSI assesses the relationship between perceived risk and privacy by measuring the extent to which the sensitivity of the data required and the reputation/trustworthiness of the Web site LQÀXHQFHVGDWDGLVFORVXUH
7. Privacy-seeking behaviour
Individuals may adopt a number of strate-gies to protect their privacy online. These LQFOXGH ³KDUG´ WHFKQRORJLFDO DSSURDFKHV such as encryption or using anonymising VRIWZDUHRUWKHLU³VRIW´FRXQWHUSDUWVVXFK as the use of a separate e-mail account for ³MXQNPDLO´RUVHWWLQJ,QWHUQHWEURZVHUVWR detect and reject cookies. Non-technological alternatives include inaccurate or incomplete data disclosure, or other avoidance strate-gies. This behaviour is a product of our YDOXHVUDWKHUWKDQDQLQÀXHQFHRQSULYDF\ therefore, individuals who exhibit privacy-
2077
Online Information Privacy
seeking behaviour are likely to value privacy more highly (Sheehan, 2002; Phelps, Nowak, & Ferrell, 2000). To this extent, the PSI measures individuals’ privacy-protecting behaviours.
8. Internet experience
A number of studies have found that privacy concerns are inversely related to Internet experience. The more sophisticated people are in terms of Internet usage, the lower their privacy thresholds are likely to be (Culnan, 1993; NUA, 1998). The direction RIWKHLQÀXHQFHEHWZHHQWKHWZRFRQVWUXFWV is, however, less apparent. On the one hand, SULYDF\PD\LQÀXHQFHH[SHULHQFH)RULQ-stance, Smith, Milberg, and Burke (1996) found that individuals were less likely to engage in activities which may require data disclosure if they had high levels of privacy concern. In the context of the Internet, this may suggest that concern for privacy may prevent individuals performing online ac-tivities such as purchasing goods or services, thereby increasing our Internet experience. Yet, equally, an individuals’ Internet expe-rience may alter their privacy thresholds. Phelps, D’Souza, and Nowak (2001) found an inverse relationship between privacy concern and purchase behaviour among cata-logue shoppers; thus, the more experienced shoppers were less concerned about privacy. In other words, positive online experience may serve to allay our concerns and decrease our privacy thresholds in future interactions. In this study, we posit that experience is a GH¿QLQJLQÀXHQFHRQSHRSOH¶VRQOLQHLQ-formation privacy thresholds. As such, the
9. Frequency of data disclosure
Sheehan (2002) found a correlation between privacy concern and the frequency with which individuals register for Web sites; those individuals who most highly valued privacy were less likely to disclose personal information. The PSI, therefore, measures the frequency with which individuals dis-close information to Web sites.
10. Complaining behaviour
Smith, Milberg, and Burke (1996) found that individuals with higher levels of concern for privacy were more likely to contact RI¿FLDO DJHQFLHV RU FRPSDQLHV UHJDUGLQJ information management practices, while Sheehan (2002) supported this contention by correlating privacy concern with the fre-quency with which an individual complains to their Internet service provider (ISP) about unsolicited e-mail. However, given the pro-liferation of unsolicited e-mail since 1998 when Sheehan conducted the study, it could be argued that although many individuals PD\VWLOOFRQVLGHU³MXQNPDLO´WREHDQLQ-vasion of privacy, it may not be feasible to complain to an ISP after every instance. The PSI, therefore, measures the likelihood of an LQGLYLGXDOFRQWDFWLQJDFRQVXPHU³ZDWFK-dog” organisation, the Privacy Commission (an Australian federal organisation) or their Web service provider in the event that they had an unresolved complaint about the way their personal information was treated by a Web site. Further, it was posited that the most concerned individuals would be more likely to contact the Privacy Commission.
PSI measures Internet experience in terms Demographic Factors of length and frequency of usage, and the
number of online activities the individual has performed, including purchasing goods or services, online banking, or participating LQRQOLQH³FKDW´
11. Gender
A number of studies have found that women exhibit more privacy concerns than men (Dembeck, 1999; Cranor, Reagle, & Acker-man, 1999; Sheehan & Hoy, 1999), although
2078
...
- tailieumienphi.vn
nguon tai.lieu . vn