Trust , Risk and Economic Benefits in Online Environments

Lack of trust is identified as one of the main constraints on online environments, particularly in terms of consumer protection. Although the elements that contribute to building trust can be identified in broad terms, there are still many uncertainties in defining and establishing trust in online environments. This paper investigates these uncertainties by studying the relationship between trust and the risk perceptions of users. We discuss issues such as trust as an economic good, risks to procedural fairness, and the relationship between the two. We posit that without an organizational policy governing fair use of personal information, organizations face the risk that information used inappropriately by a single employee or by a single department can have negative consequences for the entire firm. We stress the need for organizations to consider user perceptions of risk when establishing trust with their customers, and we show that economic decision-making in online environments without consideration of trust and risk is not likely to result in optimal choices.

[1]  Kailash C. Kapur,et al.  Reliability and Maintainability , 2007 .

[2]  Jan Willemson On the Gordon & Loeb Model for Information Security Investment , 2006, WEIS.

[3]  Paul A. Pavlou,et al.  Psychological Contract Violation in Online Marketplaces: Antecedents, Consequences, and Moderating Role , 2005, Inf. Syst. Res..

[4]  Thomas Johnson,et al.  Computer Security Incident Handling Guide , 2005 .

[5]  Shamkant B. Navathe,et al.  A Management Perspective on Risk of Security Threats to Information Systems , 2005, Inf. Technol. Manag..

[6]  R. Sugden,et al.  Economics and Social Interaction: Why interpersonal relations matter for economics , 2005 .

[7]  Vittorio Pelligra Economics and Social Interaction: Under trusting eyes: the responsive nature of trust , 2005 .

[8]  Robert Sugden,et al.  Economics and Social Interaction: Accounting for Interpersonal Relations , 2005 .

[9]  Shamkant B. Navathe,et al.  Assessing Damages of Information Security Incidents and Selecting Control Measures, a Case Study Approach , 2005, WEIS.

[10]  B. Gui,et al.  Economics and Social Interaction: From transactions to encounters: the joint generation of relational goods and conventional values , 2005 .

[11]  Paul R Kleindorfer,et al.  Drivers of accident preparedness and safety: evidence from the RMP Rule. , 2004, Journal of hazardous materials.

[12]  Neha Jain,et al.  Specifying privacy policies with P3P and EPAL: lessons learned , 2004, WPES '04.

[13]  Colin Potts,et al.  Privacy policies as decision-making tools: an evaluation of online privacy notices , 2004, CHI.

[14]  T. Earle,et al.  Thinking Aloud about Trust: A Protocol Analysis of Trust in Risk Management , 2004, Risk analysis : an official publication of the Society for Risk Analysis.

[15]  George Deodatis,et al.  Probabilistic Benefit-Cost Analysis for Earthquake Damage Mitigation: Evaluating Measures for Apartment Houses in Turkey , 2004 .

[16]  P R Kleindorfer,et al.  Environmental justice: frequency and severity of US chemical industry accidents and the socioeconomic status of surrounding communities , 2003, Journal of epidemiology and community health.

[17]  Martin P. Loeb,et al.  CSI/FBI Computer Crime and Security Survey , 2004 .

[18]  L. Jean Camp,et al.  Pricing Security - A Market in Vulnerabilities , 2004, Economics of Information Security.

[19]  Mary Pat McCarthy,et al.  Risk from the CEO and Board Perspective , 2003 .

[20]  Shamkant B. Navathe,et al.  Managing vulnerabilities of information systems to security incidents , 2003, ICEC '03.

[21]  Daniel E. Geer,et al.  Information Security: Why the Future Belongs to the Quants , 2003, IEEE Secur. Priv..

[22]  P. Pavlou,et al.  Consumer Acceptance of Electronic Commerce: Integrating Trust and Risk with the Technology Acceptance Model , 2003 .

[23]  Lei Zhou,et al.  The Economic Cost of Publicly Announced Information Security Breaches: Empirical Evidence from the Stock Market , 2003, J. Comput. Secur..

[24]  Paul A. Pavlou,et al.  Consumer Acceptance of Electronic Commerce: Integrating Trust and Risk with the Technology Acceptance Model , 2003, Int. J. Electron. Commer..

[25]  Gerardo A. Guerra,et al.  Economics of Trust in the Information Economy: Issues of Identity, Privacy and Security , 2003 .

[26]  E. Michel-Kerjan Risques catastrophiques et réseaux vitaux : de nouvelles vulnérabilités , 2003 .

[27]  Izak Benbasat,et al.  Trust-Related Arguments in Internet Stores: A Framework for Evaluation , 2003, J. Electron. Commer. Res..

[28]  Howard Kunreuther,et al.  Risk Analysis and Risk Management in an Uncertain World 1 , 2002, Risk analysis : an official publication of the Society for Risk Analysis.

[29]  G. Stoneburner,et al.  Risk Management Guide for Information Technology Systems: Recommendations of the National Institute of Standards and Technology , 2002 .

[30]  Shawn A. Butler Security attribute evaluation method: a cost-benefit approach , 2002, ICSE '02.

[31]  Ross J. Anderson Why information security is hard - an economic perspective , 2001, Seventeenth Annual Computer Security Applications Conference.

[32]  L Sjöberg,et al.  Information Technology Risks as Seen by the Public , 2001, Risk analysis : an official publication of the Society for Risk Analysis.

[33]  Giorgio Topa,et al.  Social interactions, local spillovers and unemployment , 2001 .

[34]  Richard Lippmann,et al.  The 1999 DARPA off-line intrusion detection evaluation , 2000, Comput. Networks.

[35]  Michael M. May,et al.  How much is enough? A risk management approach to computer security , 2000 .

[36]  W. Allen,et al.  Social networks and self-employment , 2000 .

[37]  Pauline Ratnasingham,et al.  Risks in low trust among trading partners in electronic commerce , 1999, Comput. Secur..

[38]  Sandra G. Behrens,et al.  Software risk evaluation (SRE) method description (version 2.0) , 1999 .

[39]  M. Culnan,et al.  Information Privacy Concerns, Procedural Fairness, and Impersonal Trust: An Empirical Investigation , 1999 .

[40]  Gareth R. Jones,et al.  The experience and evolution of trust: Implications for cooperation and teamwork , 1998 .

[41]  염흥렬,et al.  [서평]「Applied Cryptography」 , 1997 .

[42]  K. Jones Trust as an Affective Attitude , 1996, Ethics.

[43]  David L. Deephouse,et al.  Does Isomorphism Legitimate? , 1996 .

[44]  H. Jeff Smith,et al.  Information Privacy: Measuring Individuals' Concerns About Organizational Practices , 1996, MIS Q..

[45]  P. Pettit The Cunning of Trust , 1995 .

[46]  Robert J. Gerard,et al.  Winning the Service Game , 1995 .

[47]  Daniel J. McAllister Affect- and Cognition-Based Trust as Foundations for Interpersonal Cooperation in Organizations , 1995 .

[48]  John Dobson Messages, Communication, Information Security and Value , 1994, Proceedings New Security Paradigms Workshop.

[49]  Avraham Shtub,et al.  Project management: engineering, technology, and implementation , 1994 .

[50]  Rachelle D. Hollander,et al.  Acceptable Evidence: Science and Values in Risk Management , 1994 .

[51]  F. B. Vernadat,et al.  Decisions with Multiple Objectives: Preferences and Value Tradeoffs , 1994 .

[52]  Howard E. Aldrich,et al.  Fools Rush in? The Institutional Context of Industry Creation , 1994 .

[53]  Paul Slovic,et al.  Perceived risk, trust, and democracy , 1993 .

[54]  Carl E. Landwehr,et al.  A Taxonomy of Computer Program Security Flaws, with Examples , 1993 .

[55]  M. E. Gordon,et al.  Direct Mail Privacy-Efficiency Trade-offs within an Implied Social Contract Framework , 1993 .

[56]  M. Rabin Published by: American , 2022 .

[57]  Diego Gambetta Trust : making and breaking cooperative relations , 1992 .

[58]  Ernest J. Henley,et al.  Probabilistic risk assessment : reliability engineering, design, and analysis , 1992 .

[59]  Frederick B. Cohen,et al.  A cost analysis of typical computer viruses and defenses , 1991, Comput. Secur..

[60]  T. Tyler,et al.  The Social Psychology of Procedural Justice , 1988 .

[61]  J. Greenberg,et al.  A Taxonomy of Organizational Justice Theories , 1987 .

[62]  A. Baier Trust and Antitrust , 1986, Ethics.

[63]  P. Gove Webster's Third New International Dictionary , 1986 .

[64]  R. Keeney,et al.  Acceptable Risk , 1986, IEEE Transactions on Reliability.

[65]  B. Fischhoff,et al.  How safe is safe enough? A psychometric study of attitudes towards technological risks and benefits , 1978 .

[66]  Records, Computers and the Rights of Citizens , 1973 .

[67]  James P Anderson,et al.  Computer Security Technology Planning Study , 1972 .

[68]  C. Starr Social benefit versus technological risk. , 1969, Science.

[69]  Howard Raiffa,et al.  Applied Statistical Decision Theory. , 1961 .

[70]  H. Horsburgh,et al.  The Ethics of Trust , 1960 .

[71]  K. Arrow Essays in the theory of risk-bearing , 1958 .