Information privacy concern at individual, group, organization and societal level - a literature review

Purpose – In today ’ s digitized environment, information privacy has become a prime concern for everybody. The purpose of this paper is to provide an understanding of information privacy concern arising because of the application of computer-based information system in the various domains (E-Governance, E-Commerce, E-Health, E-Banking and E-Finance), and at different levels, i.e. individual, group, organizational andsocietal. Design/methodology/approach – The authors performed an in-depth analysis of different research articles related to information privacy concerns and elements affecting those at certain level of applications. The primary sources of literature were articles retrieved from online databases. Various online journal and scholarly articleswere searched in detailto locate informationprivacy-relatedarticles. Findings – The authors have carried out a detailed literature review to identify the different levels where the privacy is a big challenging task. This paper provides insights whether information privacy concern may obstruct in the successful dispersal and adoption of different applications in various application domains. Consumers ’ attitude towards information privacy concerns have enlightened and addressed at individual levels in numerous domains. Privacy concerns at the individual level, as suggested by our analysis, seem to have been suf ﬁ ciently addressed or addressed. However, information privacy concerns at other levels – group, organizational and societal levels – need the attention of researchers. Originality/value – In this paper,theauthors have posited that it will help the researchersto morefocus at grouplevel privacy perspectivein theinformationprivacy era.


Introduction
The deployment of computer-based information system (CBIS) is continuously increasing in various spheres of human life, such as education, health care, commerce, transportation, governance, the social network and various other areas. The purpose of CBIS deployment is to make information processing, storage and sharing with effective and efficient (Yadav, 2006). Undoubtedly, the CBIS applications have brought convenience and efficiency to daily human life by collecting, processing and communicating users' information. There are two major concerns of individuals came in to picture, i.e. privacy and security, when their information stored and processed in the CBIS.

Privacy and security concern
In the CBIS, the service provider collects information about individuals and uses it for analytics (Straub and Collins, 1990). They use those resources to design and develop new products. The design of modern CBISs allows the system to pry on all the activities of an individual continuously. With communicated technologies, data can be collected, stored and reused to a significant volume (Malhotra et al., 2004). As computers, networks, mobile devices are increasing the use of communication, business process automation and other facets of life; privacy is becoming a concern of high importance. While the applications bring convenience to daily life, different agencies also collect information regarding the users, which is necessary to tailor the information to bring convenience. The data gathered about individuals might be used even without the consent of an individual. This information gathering and storage has raised two main information concerns: (1) Security concern (2) Privacy concern Security concern. Security is a fundamental component in any transaction data processing system. Security is a robust requirement in all computing systems (Gonzalez et al., 2012), and this is a significant concern in today's current progressive environment. We considered that security is a concern where all information is stored and used for analytics purpose. Nowadays, security is a significant challenge in protecting individual information (Straub and Collins, 1990). The security concern has direct implication towards resource sharing. Moreover, at this point security concern deals with sources of information to be kept and used by the right person, right time, right value and right location (Burton et al., 2012) with efficiently and effectively. Any security breaches will lead to the mishaps in the whole system. Privacy concern. Privacy is an intangible apprehension of an individual property. Privacy is someone or something, which is not observed or disturbed by others -"an individual right to keep the personal information and matters secret and control over the information". Privacy may also is a state free from unwanted intrusions and disturbances; the ability of an individual to certain ways publicized in a specific way (Fried, 1968). Private to individual means something is unique and sensitive to them. Vocabulary such as private, isolation, quietness, interruption, intrusion and lack of disturbances, characterizes individual privacy. It may be connected directly or indirectly with a person's ownership of information and control over sharing mechanism. In general, individuals are more concern towards information privacy concern due to their engagement and the growing habitat nature towards adopting the new technologies. The privacy of resources which have a value needs to be protected. So, privacy concern raised by individuals is a significant issue in the context of the information storing, analysing, sharing and maintaining in CBIS. Figure 1 highlights the overview of information privacy at different stakeholders.

Literature review
We performed an in-depth analysis of information privacy concerns (IPC) by searching for various research articles from online peer-reviewed journals. We reviewed the literature to XJM understand the status quo of this issue around the world. Keywords combinations, such as "privacy concern," "privacy concern of information system", "data privacy and electronic system", were used to find relevant literature. A total of 124 literature related to information privacy concern have been reviewed, and 84 scholarly articles were found to be fit for our review and analysis, and hence, taken into consideration.
The objective of this review is to provide a concise but clear picture of information privacy concern (IPC) in an information system environment at different levels and different domain applications around the world. Some research papers focus on concern for internet privacy, digital privacy, the multilevel effect of information privacy and internet purchasing behaviour related to privacy concerns. Privacy-related research has a cultural dimension, and most research has focused on the western context. Through this cross-sectional view of information privacy concern (IPC); this paper aims to provide a better picture of information privacy concern at different levels. Table 1 profiles the definitions of information privacy concern.
Privacy concern in various domains In this study, we have tried to analyse the interrelationship and the influencing factors affecting the privacy concern and how different applications are associated with privacy concerns. Privacy concern is of the utmost importance for applications like health-care domain, banking, governance, e-commerce, financial institutions, the internet, cloud computing, social networking and education. Privacy concern on different domain applications are as follows:

E-business
Electronic business (E-business) refers to transforming business transactions through the internet. These business transactions include a process in buying and selling, customer service, managing process on production, payment processing, collaboration with trading partners (Swani and Brown, 2011). The financial privacy (Jentzsch, 2001) is related to an individual's financial transactions are recorded with the proper process, and it ensures that all information to be covered by avoiding fraud. However, the actual required personal identifying information is collected using a certain mining software (Li and Sarkar, 2006). In social contract theory, (Donaldson and Dunfee, 1994) researcher explained the privacy concern by which the fair means of a collection of personal information on the web through online are only justified if the consumer given the preferences of control and the way of using that information. In a certain way, consumers are vulnerable towards the utility of their personal information (Culnan and Williams, 2009) and the inability to control over the information utilization. Moreover, unknown to individual data can be collected, additional data without the individual being aware (Belanger and Hiller, 2006). Often data is shared for a particular purpose but ends up being used for an entirely different purpose. There is privacy paradox, where individual privacy information does not match actual behaviour when they are Table 1. Profiles the definitions of information privacy concern S.N.
Source/Author Definition 1 Warren and Brandeis (1890) Right to be alone in the right to privacy described as the right of a person to be alone by isolation from the attention of others 2 Fried (1968) An individual right to keep the personal information and matters secret and control over the information and also privacy may be explored as a state free from unwanted intrusions and disturbances; the ability of an individual to select to be publicized in a certain way 3 Westin and Louis (1970) Information privacy is the ability of a person who has control over the data and to what extent the data would communicate to others 4 Posner (1983) Information privacy as an option to secrecy by that everyone has the right to restrict the information about themselves in public and where outsiders should not be encouraged to take advantage of it 5 Kufer (1987) Privacy can be observed with autonomy, a segment closely associated with personhood 6 Smith et al. (1996) Information privacy is the relationship between technology and the individual's ownership of collection and sharing of data 7 Jentzsch (2001) Financial privacy is related to a person's financial transactions are recorded with proper process, and it ensures that all information to be covered by avoiding fraud 8 Dinev and Hart (2004) In internet privacy, the information of each concern would be kept preserved with more security by the utilization of new technology 9 Skinner et al. (2006) Information privacy contexts examine the four dimensions of privacy: Personal behavior privacy, personal privacy, communication privacy and data privacy 10 Dinev and Hart (2006) Information privacy concern explains the level of privacy with various dependent variables such as eagerness, willingness to provide the personal information over the internet. In general, individual perception of users, who are using the internet, be afraid in mind that what happens with the data they provided over the internet 11 Smith et al. (2011) Information privacy is the relationship between technology and the individual's ownership of collection and sharing of data XJM sharing information (Norberg and Horne, 2007). In some cases, individuals prefer to state their actual information through online purchase (Brown and Muchira, 2004) when they find it convenient.

Health-care domain
The health-care system is the management of the organization, consisting of resources, policies, people and services, which dealt with to deliver health-related information to the people concern. Modern health-care system activities use information technology as a baseline to deliver better and effective service to citizens (Ovengalt et al., 2017). Health-care practices cover with disease diagnosis, hospital activities and human health checkup. By the utilization of technology, it becomes easy to serve medical treatment with quality service by adopting new, developed infrastructural equipment (Raval and Jangale, 2016). The patient is in a state to provide all the necessary information to the concerned authority at the time of disease diagnosis (Tham et al., 2014). However, fear factors arise in the mind of a patient, whether private information is kept confidential. This observation creates fear and reduces trust in the hospital practitioner. Here, trust plays a major role and form a different association between patient and practitioner.
Banking and finance domain Privacy and security concerns in banking industries tend to be a significant concern at the individual level as well as organizational level. Individuals have good faith and trust in bankers (Omariba et al., 2012) that their private data would never be made public. The banking system follows some standards which are a crucial concept to be maintained by every banker. In some cases, bankers themselves have breached the system and information has been leaked (Amor, 2002). To protect the privacy information of the customers, banks have taken major steps by formulating protection policy to accumulate the confidence of the customers (Normalini and Ramayah, 2017). Moreover, the bank also assured that, at any cost, the transaction record would not have transmitted to the public domain. Banks have committed to their privacy policies, not to disclose private and confidential information (Sohail and Al-Jabri, 2014).

Social networking
The current scenario shows that social networking has changed the way people communicate and their lifestyle. People interact with their friends, relatives and family members on a single platform, and this possibly poses a privacy risk (Alashoor et al., 2017).
The hackers access detailed private information from those social network sites (Kyei-BlanksonIyer and Subramanian, 2016) by sending the adware or malicious links, and they use it to transfer all that private information. So, it becomes a significant challenge to tackle in current scenario because social media and social networking sites are heavily accessible by the youth of many nations (Spottswood and Hancock, 2017). Maintaining privacy through the social networking site is the right of the individual to show the personal information, storing the personal information, access to third parties and displaying the information via the web (Black et al., 2015).

Governance
In the recent trend of digital transformation over the internet, there are multiple opportunities available doing business and deliver excellent quality services. Nevertheless, as the information collected, processed, stored and analysed by the organizations Information privacy concern (Singh and Chauhan, 2012), it becomes an increasing challenge towards data security, information privacy and related state of compliance. A sound governance system is one where people are working together by using three resources togetherhuman resource, information process and technology applications. In this connection, the privacy concern of everyone to be maintained by collecting and processing the personally identifiable information (Kharade, 2016) together by keeping the trade secret with confidential information. In general, technology is an integral part of information security, threat alert and risk management (Saha et al., 2010). Employees concerned should have clearly defined roles and responsibilities, essential resources and clear guidance to handle the objectives of the organization (Martin, 2016).

Methodology
To present a concise and refined perspective, this paper considers not only scholarly articles on information privacy but also specific online resources which deal with privacy and security concerns. Useful articles from electronic databases like EBSCO, JSTOR, Taylor  The preliminary search of results had thrown up many cases, of false results, so the search had to be refined. For example, specific search results dealt with other dimensions of privacy like culture, act and policy rather than with information privacy concern. Most of these false articles could be eliminated based on a brief reading of the title. We decided on the relevance of the other articles after a reading of the abstracts. Hence, in this paper, the literatures on information privacy concern are reviewed through four perspectives. First, there is a chronological study of literature, where the paper looks at how research on information privacy concern has developed and how different papers described the IPC. Second, this paper looks at how different application/area concern towards IPC and elaborate factors which influence IPC. Third, this paper looks at the various levels that have emerged in the field of information privacy concern, thus highlighting the different issues that people face in privacy concern at individual, group, organizational and societal levels. Finally, the paper looks at how the multilevel effect of analysis has progressed across different geographical nations and cultures. Several research articles describe and reflect on information privacy; that is, how various factors influence privacy concerns and what is the built-in relationship existed between them and how hierarchical multilevel effects influence others.

Result and discussion
Information is defined as a structured way of representation of the raw data after processing, summarizing and transforming. Data is processed, stored and shared in a certain way, and an arrangement meaningfully represents it. By the utilization of computer-based information system (CBIS), data is collected, processed, stored, analysed and transformed into a meaningful way. Information privacy is defined as the right of an individual over the personal data, who can manage the data and takes decision to what extent the personal data would communicate to others (Westin and Louis, 1970). In the literature review, Skinner identified privacy in three different levelsindividual, group and organization. Societal level (Smith et al., 2011) explained as one which is used for analysis in privacy concern within cross-cultural or across the nation. APCO macro XJM model (Smith et al., 2011) "Antecedents => Privacy Concerns =>Outcomes", considered by examining the central construct "Privacy Concerns" (e.g. perception, beliefs), antecedents (privacy experiences, privacy awareness, demographic difference, culture), and then focus on the outcomes (regulations, behavioural reactions, trust, privacy calculus) and associated relationships.

The dimensions of information privacy
The privacy concern measures the degree of control by consumers (Fletcher and Peters, 1997) over the personally identifiable information. Milberg et al. (2000) explained in a study, which revealed that the privacy concern influences the attitude of individuals such as acceptance, willingness, preferences. It depends upon the individual perceptions to evaluate the correspondence of privacy concern by taking different dimensional factors (Van Slyke et al., 2006). In the process of conceptualization of IPC, Hong and Thong (2013) identified six key dimensions, and those are errors, usage, improper access, collection, control and awareness. Fear is another dimension where one is browsing details can be monitored and captured (Dinev and Hart, 2004). If there is an advancement in technology, then inappropriate accessibility of personal information could have restricted, and it will limit the inappropriate access in public domain of all stakeholders. Personal information and identity issues, with the uncertainty of user identification over the internet are gathered using the collection dimension.
Researchers have also tried to explain other dimensions by focusing on instruments like CFIPconcern for information privacy and IUIPC -Internet user's data privacy concerns. The CFIP has focused on four dimensions includes data collection, error in data, unauthorized use of data and unauthorized access (Smith et al., 1996). At a later stage, a new version of the internet user's information privacy concerns construct has evolved and focused on three main dimensionscollection mechanism, awareness and control (Malhotra et al., 2004). The willingness of a person in a transaction varies in internet user's information privacy concerns instrument than concern for information privacy.

Theoretical contributions
There are theoretical contributions to information privacy research using from Gregor's (2006) designed framework concept, which classifies them into five different typesanalysing, explaining, predicting, explaining and predicting and the last one is design and action (Gregor, 2006). First theory type describes the essence of information privacy, and it explains by analysing the necessity of its state. Second theory type explains details on information privacy research, and it does not contribute any expectations. Third theory type explains that it gives some concrete predictable results without developing real relationships. Fourth theory type explains both the testable results and explains the causal relationship between them. Fifth theory type explains the design and action type which specially designed tool for providing information privacy. Reagle and Cranor (1999) and Cranor et al. (2006) defined that each website has their own privacy protection protocol framework to define their own website related protection policy, and it matches with the user's privacy preferences. The tools would confirm them about their utilization of websites for the transaction, and it would assure them for safe use, and after then, this increases the behavioural trust of a consumer for the websites. Also, it could encourage consumers to measure the privacy attitude when transacting with a website.
The level of analysis in information privacy concerns Skinner et al. (2006) identified individual, group and organizational as three levels of information privacy. After then, the article written by Smith et al. classified and described Information privacy concern four levels of privacy as an individual, group, organizational and societal. Most of the information privacy research conducted first at individual levels, and it has implications at other levels. In the second level analysis researcher conceptualized privacy as a multilevel concept, and it has identified research effect on the phenomenon occurring at or across multilevel occurrences concurrently. In some cases, researchers look at some point of interaction between individuals and organizational approaches (Miyazaki and Krishnamurthy, 2002); Milne and Gordon (1993) gave insight on IPC at individuals as well as to the societal level of analysis. Smith (2004) and Schwaig et al. (2005) gave on organizational approaches on social culture which give an insight of multilevel approaches, and it encourages further study of the multilevel concept. The key identifiers of different literatures are listed in the appendix of our study. Researchers addressed the IPC in the lens of multilevel concept, on how customer needs to be achieved by fair information practice (FIP). Earp et al. (2005) identified that all the privacy policies are meet the objectives of company's viewpoint and not related from the customer's side. Few literatures confirm that only a limited number of the population read and understand the privacy policies (Meinert et al., 2006) or people do not like or recognize privacy concern (Awad and Krishnan, 2006). To derive value from individual data and to make the balance between consumers for privacy protection and the desire for dealing business led to the design of FIP standards.
The classification of literature is based on the level of analysis and the area of research has been done so far. Table 2 summarizes (journal articles) that very limited research has been done on information privacy (IP) at different levels. Individual, group and organization are the levels of information privacy been classified and defined by Skinner et al. (2006). After then, Smith et al. (2011) uses four levels of analysis by adding a new societal level into the existing classification, and these levels are studied rigorously by following the previous research by Clark et al. (2007). In Table 2, it is found that information privacy been considered in various articles and few journal articles are found which counted more than one. Due to the availability of validated instruments, the individual level of study has been conducted sufficiently by collecting and analysing data from a huge number of individuals. Besides individual levels, we are not found sufficient literatures for other level of information privacy research. Table 2 reveals that several researches done at organizational level of study and that has been carried out in the area as information privacy practices. We have found that at the organizational level there are not much work has been done so far in IP research. With regards to e-business, organization always eager to know the impact of IP concern, which can influence a decisive achievement of the online business activity. We have found a very limited study has been done at group level IP research and researcher needs to focus more on these levels of study. Societal level is another level of approach where culture play a vital role in it. These approaches which give more in-depth information of different construct of privacy, and it varies differently in culture and various cultural values in different countries (Milberg et al., 2000). It is better to understand the information privacy of citizens in a standardized way because of the exponential growing appeal towards the corporation and government from a worldwide crowd. XJM So, we cannot overlook the growing advent of societal effect in privacy research and researcher needs to give more attention towards the societal level of analysis. At societal level, it includes all the societal phenomenon with the group, organization and individuals in the IP level of analysis.

Individual level
The statement, right to be alone in the right to privacy, described as the right of a person to be alone by isolation from the attention of others (Warren and Brandeis, 1890). Information privacy as an option to secrecy by that everyone has the right to restrict the information about themselves in public and where outsiders should not be encouraged to take advantage of it (Posner, 1983). Privacy can be observed with autonomy (Kufer, 1987), a segment closely associated with personhood. Privacy and autonomy (Kufer, 1987), are segments closely associated with personhood. An independent self-concept explains oneself as a "purposeful, self-determining, responsible agent" and awareness of an individual to control the boundary and to control who may access and to what extent. Personal privacy relates to each concern where it will be restricted to protect personal decorum. Information privacy is the relationship between technology and the individual's ownership of collection and sharing of data (Smith et al., 2011). The individual's perceptions of privacy is identified using the multidimensional development theory (MDT)and develop the framework (Laufer and Wolfe, 1977). MDT focuses on the multidimensional conceptmainly environmental concept, interpersonal interactions, and self-development. France Belanger and Robert Crossler (Belanger and Crossler, 2011) explained in the first phase of the multilevel framework of I.S. research at the individual level. We have considered three areas of concern in this research, i.e.
(1) Attitude Information privacy attitude refers to the individual perceptions and reactions to the information policies, practices and tools and technologies. Privacy attitude includes preparedness to provide private data (Dillon et al., 2008). The main issues of privacy attitude are mentioned as each study conceptualizes the attitude differently, and some case it is focused towards privacy in general (Razzouk et al., 2008). Cao and Everard (2008) explained attitude can be used as dependent variables and in some cases, privacy attitude can be independent variables that used for preserving influence on behaviours and capability of adaptation of new technology towards information sharing's (Alge et al., 2006;Thiesse, 2007;Webster, 1998). There are some finding of the attitude toward the privacy concern is that transparent information practices to be established to organize and manage the data security, and it will be protected enough that people automatically shared information through online by the faith and trust attribute (Culnan and Armstrong, 1999).
(2) Practices Information privacy practice refers to organizational as well as individual actions about the protection of privacy with various interdependent factors which affect such privacy practices (Belanger and Crossler, 2011). There is some information that falsifying personal data and forcing towards deleting unwanted work attributes comes under individual privacy practice (Chen and Rea, 2004). There are some factors which affect privacy practices, include the different types of websites viewed and the originality of a site (Hsu, 2006). Sometimes, people may not know the actual practices they should follow when they are surfing on internet sites (Klasnja et al., 2009). Fair information practices (FIP) provide assessments to the policies that maintained in organizational practice. Jensen and Potts (2004) explained and Information privacy concern some corresponding literature reveals that some companies do not give appropriate information about their privacy protection policies. In this case, consumers are not in a good mood to share their private information due to the lack of privacy protection policies. Some companies do not have such a policy when they comply with fair information practice standard (Liu and Arnett, 2002;Ryker et al., 2002).
(3) Technology Information privacy tools and technologies (Belanger and Crossler, 2011) research refers to the use of technological advancement on the evaluation of information privacy in a different dimension. Information privacy tools and techniques deal with privacy threats. There is research on tools and technologies which organization used to follow to abstract the privacy information of customers through the utilization of spyware and adware (Dobosz et al., 2006), to violate on consumers' information privacy, and trust is another factor which seals organizations (Moores and Dhillon, 2003) used to protect information privacy of consumers.

Group level
In groups, the privacy information shared among the group members and outside.
Researchers have found certain factors which influence group performance when it comes to privacy concerns. The factors are trust, fears, willingness and faithfulness, which influence the group dynamics behaviour among the members of the group. Information privacy on group behaviour is different from users from one group to another. In a group, when a person is trying to interact, privacy is becoming a constraint for the person (Westin, 1968). Nov and Wattal (2009) explained how an individual shows interest when trying to disclose private information in different group cultures and characteristics. Individual within a group is a core component when taken for analysis (Morgeson and Hofmann, 1999), and different groups also consisting of specific structures, constructs and identity (Watson-Manheim and Belanger, 2002). Watson-Manheim and Belanger (2007) defined that how technologies can be enhanced within groups with privacy policies to curbed the communication within the groups. Floridi (2017) defined group dynamics is the external factor concern which represents different variables like group distribution, group significance, group cohesion or group characteristics like size. Loi and Christen (2019) introduced two concepts in group privacy. They explained what confidential information shared with the group members and restrict to outside members. Furthermore, they clarified the inferential privacy where it manages the derivations that can be made about a group of individuals characterized by highlight, common by all person in a group. They contend that inferential privacy is unpersuasive to both of individual or group.

Organizational level
In the case of an organization, its policy dictates how the data is maintained. Organizational privacy (Smith et al., 1996) concern refers to the information which is confidential and not disclosed to the public. Government organizations, corporates and private societies are adopting various alternatives to maintain data confidentiality and keep data in a secret form and restricting to give access to unwanted purpose. Organizational privacy concerns mainly represented by organizational leaders. Organizational leaders have access permission to those sources of information where privacy concern of individual also linked (Belanger and Crossler, 2011). Those concerns mainly arise from management privacy practices and related policies.

Societal level
Human beings are social by nature, who cannot survive without social co-operation and other association. In a society, there are lots of online platforms available where people are engaging themselves to interact among themselves (Alashoor et al., 2017). They execute the command themselves to share their personal information either knowingly or unknowingly. However, some users are not known such type of concern at all when such information shared at the public domain in a bounded society (Spottswood and Hancock, 2017;Black et al., 2015). Researchers also find that critical dimensions like own willingness, ability, preferences and openness, which are related to privacy concern at individual levels (Belanger and Crossler, 2011). As government and corporations are appealing more on the public interface, and they should give proper attention in favour of citizen-centric culture, employees of organization and consumers about the privacy concern.
Issues/barriers in information privacy The increase in sharing information may lead to, in some ways, breaches in privacy. The state of privacy (Hughes, 2012) defined in different types of barriers in privacy concern. They are mainly physical, behavioural and normative. Physical barriers are the touchable observation of personal assets which restrict access from others. Behavioural barriers are maintaining privacy while communicating verbally or non-verbally. Normative barriers present laws and social norms that limit a person from intruding into the private life of others. Privacy has largely one of the ethical, social and legal issues in this digital world (Culnan and Bies, 2003). Angst and Agarwal (2009) defined that due to the huge utilization of internet technology and gathering of personal information, there are new challenges come to picture and it leads to information privacy concern. Also, people expected higher government involvement concern (Dinev et al., 2006a), but a weak relation in use of e-business and privacy concern are observed (Dinev et al., 2006b). Some companies give accurate data related to privacy concerns, but some refuse to give private information to the government (Sydell, 2006). The questions arise why such distinct behaviour of two companies within the same specific country. Some cases, individuals and organizations become contradictory to each other with respect to privacy. For example, if we take e-commerce transactions where a consumer desired that his/her information is to be used only for the transactions what they opted for. But in reality, the personal information has been used by the e-commerce website without known to the consumers. In this case, consumers' behaviour becomes unrealistic and creating a conflicting nature towards the organization and raise concern to privacy.
Conclusion and future directions of our research This paper has limited itself to studying a part of the available literature on privacy concern in an information system. A more detailed overview can examine the same by increasing the number of articles with the specific domain application model included in the review. Research needs to focus on whether privacy concern is more as generality across the globe, or it is concerned with specified cultural domain and researchers to provide more testable results. Information system researchers need to investigate more on privacy concern in different countries. Research can also focus on various countries, how organization and individual relate together for the concerns for information privacy. Investigation can focus on why information privacy policy and protection laws are different for different companies in the same country. Due to the increase in usage of information technology, it becomes a challenge for keeping the information update concerning the stakeholder's privacy and security concern and how it can be managed suitably.

Information privacy concern
Future research could be to find out the privacy attitude and privacy concerns for within and between organizations. It needs to extract, how the business model enhanced to measure the privacy. Future studies can be explored with wide range of diversity like age, gender, income rather to student centric data. Students are keener to open towards their data rather than a professional. How can this be relating to privacy that affect adverse to the study. Other types of organization beyond e-commerce sites, such as government organizations, need to be investigated to extend the study further on privacy policy, privacy policy and protection. A great deal of research has been covered the individual level of analysis of privacy concern. Group concern for information privacy is a potentially fascinating and fruitful area for future research. How and what types of designed tools can be used to protect the concern towards privacy in a group where all the members are communicating with each other. Researchers have tried little research on group, organizational and societal level analysis. A multilevel analysis approach will lead in future research to adhere better insight that how different level of analysis can be enhanced.