Information Privacy: Corporate Management and National Regulation

The 1990s have seen a resurgence of interest in information privacy. Public opinion surveys show that many citizens are becoming greatly concerned about threats to their information privacy, with levels of such concern reaching all-time highs. Perhaps as a response to the growing concerns of citizens, the media are devoting more attention to privacy issues, and governmental regulation of the corporate privacy environment is increasing in many countries. Almost all developed countries have grappled with the trade-offs between open access to information--which enables economic efficiency--and an individual's right to privacy. Consistent with these trade-offs, many recent incidents suggest that regulatory approaches to information privacy, corporate management of personal data, and consumer reactions are becoming tightly interwoven around the world. To provide some insights into these relationships, we develop a conceptual model and test it with a cross-cultural sample from 19 different countries.In general, we find that a country's regulatory approach to the corporate management of information privacy is affected by its cultural values and by individuals' information privacy concerns. In addition, as governments become more involved in the corporate management of information privacy, internal management of such issues seems to tighten. This result supports previous observations that most firms take a primarily reactive approach to managing privacy by waiting for an external threat before crafting cohesive policies that confront their information practices. Moreover, when corporations are not perceived to adequately manage information privacy issues, and/or when privacy concerns rise, individuals are more inclined to prefer government intervention and be distrustful of firm self-regulation. As such, citizens may look to lawmakers to enact stricter regulation to reduce their privacy concerns. These findings and several international trends suggest that the self-regulatory model of privacy governance may not be sustainable over the long term.Findings from this research constitute an important contribution to the emerging theoretical base of information privacy research and should be particularly enlightening to those managing information privacy issues. Several directions for future research are also discussed.

[1]  J. March,et al.  A Behavioral Theory of the Firm , 1964 .

[2]  John Leubsdorf,et al.  Privacy and Freedom , 1968 .

[3]  David H. Flaherty,et al.  Privacy in colonial New England , 1972 .

[4]  Henry Mintzberg The Nature of Managerial Work , 1974, Operational Research Quarterly (1970-1977).

[5]  E. Bergqvist Computers and privacy , 1976, British medical journal.

[6]  T. Cooper Department of Health, Education, and Welfare. , 1976, Military medicine.

[7]  Rob Kling,et al.  Value conflicts and social choice in electronic funds transfer system developments , 1978, CACM.

[8]  James E. Krier,et al.  Pollution and Policy: A Case Essay on California and Federal Experience With Motor Vehicle Air Pollution, 1940-1975 , 1978 .

[9]  R. Sitgreaves Psychometric theory (2nd ed.). , 1979 .

[10]  G. Hofstede,et al.  Culture′s Consequences: International Differences in Work-Related Values , 1980 .

[11]  C. Fornell,et al.  Evaluating structural equation models with unobservable variables and measurement error. , 1981 .

[12]  A. Tversky,et al.  The framing of decisions and the psychology of choice. , 1981, Science.

[13]  Paul D. Tolchinsky,et al.  Employee perceptions of invasion of privacy: A field simulation experiment. , 1981 .

[14]  F. Bookstein,et al.  Two Structural Equation Models: LISREL and PLS Applied to Consumer Exit-Voice Theory: , 1982 .

[15]  Hal G. Gueutal,et al.  A Field Experiment Comparing Information-Privacy Values, Beliefs, and Attitudes Across Several Types of Organizations , 1983 .

[16]  R. Posner Philosophical Dimensions of Privacy: An economic theory of privacy , 1984 .

[17]  Marcia P. Miceli,et al.  The Relationships Among Beliefs, Organizational Position, and Whistle-Blowing Status: , 1984 .

[18]  S. Samiee Transnational Data Flow Constraints: A New Challenge for Multinational Corporations , 1984 .

[19]  R. Mason Four ethical issues of the information age , 1986 .

[20]  J. W. Graham,et al.  Principled organizational dissent: A theoretical essay. , 1986 .

[21]  David A. Ricks,et al.  Is Transnational Data Flow Regulation a Problem? , 1988 .

[22]  R. Bagozzi,et al.  On the evaluation of structural equation models , 1988 .

[23]  Peter M. Bentler,et al.  EQS : structural equations program manual , 1989 .

[24]  K. Mccrohan Information Technology, Privacy, and the Public Good , 1989 .

[25]  P. Hernon Protecting privacy in surveillance societies: By David H. Flaherty. Chapel Hill, North Carolina:The University of North Carolina Press, 1989, 483 pages, $45.00. IBSN: 0-8078-1871-2. , 1990 .

[26]  Bodo B. Schlegelmilch,et al.  Do Corporate Codes of Ethics Reflect National Character? Evidence from Europe and the United States , 1990 .

[27]  Terry L. Anderson,et al.  Free Market Environmentalism , 2019 .

[28]  Alan J. Dubinsky,et al.  A Cross-National Investigation of Industrial Salespeople's Ethical Perceptions , 1991 .

[29]  C. Goodwin Privacy: Recognition of a Consumer Right , 1991 .

[30]  Blake Ives,et al.  Applications of Global Information Technology: Key Issues for Management , 1991, MIS Q..

[31]  William T. Ross,et al.  Making Inferences about Missing Information: The Effects of Existing Information , 1992 .

[32]  Marcia P. Miceli,et al.  Blowing the whistle : the organizational and legal implications for companies and employees , 1993 .

[33]  Russell S. Winer,et al.  An Empirical Analysis of Internal and External Reference Prices Using Scanner Data , 1992 .

[34]  Colin J. Bennett Regulating privacy: data protection and public policy in europe and the u , 1992 .

[35]  Catherine C. Langlois National character in corporate philosophies: How different is Japan? , 1993 .

[36]  Jeff Smith,et al.  Privacy policies and practices: inside the organizational maze , 1993, CACM.

[37]  Mary J. Culnan,et al.  "How Did They Get My Name?": An Exploratory Investigation of Consumer Attitudes Toward Secondary Information Use , 1993, MIS Q..

[38]  Ernest A. Kallman,et al.  Ethical decision making and information technology , 1993 .

[39]  H. J. Smith,et al.  Database Marketing: New Rules for Policy and Practice , 1993 .

[40]  Effy Oz Ethics for the Information Age , 1993 .

[41]  M. E. Gordon,et al.  Direct Mail Privacy-Efficiency Trade-offs within an Implied Social Contract Framework , 1993 .

[42]  M. Drumwright Socially Responsible Organizational Buying: Environmental Concern as a Noneconomic Buying Criterion , 1994 .

[43]  H. J. Smith,et al.  Managing Privacy: Information Technology and Corporate America , 1994 .

[44]  Florence M. Mason,et al.  Ethics of information management , 1995 .

[45]  H. Jeff Smith,et al.  Values, personal information privacy, and regulatory approaches , 1995, CACM.

[46]  Charles Franklin,et al.  Business guide to privacy and data protection legislation , 1996 .

[47]  H. Jeff Smith,et al.  Information Privacy: Measuring Individuals' Concerns About Organizational Practices , 1996, MIS Q..

[48]  Richard Matthews,et al.  Islands of automation , 1997 .

[49]  J Hagel,et al.  The coming battle for customer information. , 1997, Harvard business review.

[50]  Anil Menon,et al.  Enviropreneurial Marketing Strategy: The Emergence of Corporate Environmentalism as Market Strategy , 1997 .

[51]  M. Culnan,et al.  The Second Exchange: Managing Customer Information in Marketing Relationships , 1998 .

[52]  Mark E. Budnitz Privacy Protection for Consumer Transactions in Electronic Commerce: Why Self-Regulation Is Inadequate , 1998 .

[53]  H. Jeff Smith,et al.  Ethics and Information Systems: The Corporate Domain , 1999, MIS Q..