Using Accountability Theory to Determine How Curiosity Affects Policy Compliance

Insider abuse is one of the most dangerous issues facing information security professionals due to employees’ existing authorization within organizational systems and knowledge of critical data structures housing confidential information. Although prior research has examined ways to mitigate access policy violations through the implementation of accountability artifacts within systems, employees may still be motivated to violate policies due to their innate curiosity about information that has been withheld from their knowledge. In this paper, we discuss how curiosity may impact the previously demonstrated effects of accountability features on intention to violate policies. We propose a factorial survey design to explore the interaction of curiosity and accountability in determining employees’ intentions to violate data access policies.