Search results

1 – 5 of 5
To view the access options for this content please click here
Article
Publication date: 9 July 2018

Adéle Da Veiga

This paper aims to propose an information privacy culture index framework (IPCIF) with a validated information privacy culture index instrument (IPCII) to measure…

Abstract

Purpose

This paper aims to propose an information privacy culture index framework (IPCIF) with a validated information privacy culture index instrument (IPCII) to measure information privacy culture across nations. The framework is based on consumers’ privacy expectations, their actual experiences when organisations process their personal information and their general privacy concerns.

Design/methodology/approach

A survey method was deployed to collect data in South Africa – the first participating country in the study – to start building a global information privacy culture index (IPCI) and to validate the questionnaire.

Findings

The IPCI revealed that there seems to be a disconnect between what consumers expect in terms of privacy and the way in which organisations are honouring (or failing to honour) those expectations, which results in a breach of trust and the social contract being violated.

Practical implications

Governments, information regulators and organisations can leverage the results of the privacy culture index to implement corrective actions and controls aimed at addressing the gaps identified from a consumer and compliance perspective. The validated IPCII can be used by both academia and industry to measure the information privacy culture of an institution, organisation or country to identify what to improve to address consumer privacy expectations and concerns.

Originality/value

The IPCIF and validated IPCII are the first tools that combine the concepts of consumer expectations and their confidence levels in whether organisations are meeting their privacy expectations, which are in line with the fair information practice principles and the privacy guidelines of the Organisation for Economic Cooperation and Development, to determine gaps and define improvement plans.

To view the access options for this content please click here
Article
Publication date: 28 August 2019

Adéle Da Veiga, Ruthea Vorster, Fudong Li, Nathan Clarke and Steven M. Furnell

The purpose of this study was to investigate the difference between South Africa (SA) and the United Kingdom (UK) in terms of data protection compliance with the aim to…

Abstract

Purpose

The purpose of this study was to investigate the difference between South Africa (SA) and the United Kingdom (UK) in terms of data protection compliance with the aim to establish if a country that has had data protection in place for a longer period of time has a higher level of compliance with data protection requirements in comparison with a country that is preparing for compliance.

Design/methodology/approach

An insurance industry multi-case study within the online insurance services environment was conducted. Personal information of four newly created consumer profiles was deposited to 10 random insurance organisation websites in each country to evaluate a number of data privacy requirements of the Data Protection Act and Protection of Personal Information Act.

Findings

The results demonstrate that not all the insurance organisations honored the selected opt-out preference for receiving direct marketing material. This was evident in direct marketing material that was sent from the insurance organisations in the sample to both the SA and UK consumer profiles who opted out for it. A total of 42 unsolicited third-party contacts were received by the SA consumer profiles, whereas the UK consumer profiles did not receive any third-party direct marketing. It was also found that the minimality principle is not always met by both SA and UK organisations.

Research limitations/implications

As a jurisdiction with a heavy stance towards privacy implementation and regulation, it was found that the UK is more compliant than SA in terms of implementation of the evaluated data protection requirements included in the scope of this study, however not fully compliant.

Originality/value

Based upon the results obtained from this research, it suggests that the SA insurance organisations should ensure that the non-compliance aspects relating to direct marketing and sharing data with third parties are addressed. SA insurance companies should learn from the manner in which the UK insurance organisations implement these privacy requirements. Furthermore, the UK insurance organisations should focus on improved compliance for direct marking and the minimality principle. The study indicates the positive role that data protection legislation plays in a county like the UK, with a more mature stance toward compliance with data protection legislation.

To view the access options for this content please click here
Article
Publication date: 31 May 2006

Sheila A. Millar

A legal obligation to adopt reasonable information security procedures exists in a variety of laws around the world, such as the EU Data Directive (Directive 95/46)…

Abstract

A legal obligation to adopt reasonable information security procedures exists in a variety of laws around the world, such as the EU Data Directive (Directive 95/46), Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA), and sectoral and state privacy laws in the U.S. The latter include security breach notification laws, and laws establishing a general duty of security. This paper compares and contrasts the privacy and information security landscape inside and outside the U.S. and offers suggestions for corporate “best practices” in data security designed to enhance consumer trust and minimize liability.

Details

Journal of International Trade Law and Policy, vol. 5 no. 1
Type: Research Article
ISSN: 1477-0024

Keywords

To view the access options for this content please click here
Article
Publication date: 6 July 2021

Yuanyuan Guo, Xin Wang and Chaoyou Wang

This study examines how the different dimensions of a privacy policy separately influence perceived effectiveness of privacy policy, as well as the mediating mechanisms…

Abstract

Purpose

This study examines how the different dimensions of a privacy policy separately influence perceived effectiveness of privacy policy, as well as the mediating mechanisms behind these effects (i.e. vulnerability, benevolence). In addition, this study considers privacy concern as a significant moderator in the research model, to examine if the relative influences of privacy policy content are contingent upon levels of users' privacy concern.

Design/methodology/approach

The survey experiment was conducted to empirically validate the model. Specifically, three survey experiments and six scenarios were designed to manipulate high and low levels of the three privacy policy dimensions (i.e. transparency, control and protection). The authors totally distributed 450 copies of the questionnaire, of which 407 were valid.

Findings

This paper found that (1) all the three privacy policy dimensions directly influence perceived effectiveness of privacy policy; (2) all the three privacy policy dimensions indirectly influence perceived effectiveness of privacy policy by enhancing perceived corporate benevolence, whereas control also affects perceived effectiveness of privacy policy by reducing perceived vulnerability; and (3) individuals with high-privacy concern are much more impacted by privacy policy contents than individuals with low-privacy concern.

Practical implications

The findings could provide website managers with guidelines on how to design privacy policy contents by reducing user perceptions of vulnerability and enhancing user perceptions of corporate benevolence. The managers need to focus on customers' perceived vulnerability and corporate benevolence when launching or updating privacy policies. Furthermore, the managers also need to attend to users' privacy concerns, especially for multinational companies or companies with specific consumer groups.

Originality/value

This study extends the current privacy policy literature by articulating the separate influences of the three privacy policy dimensions and their impact mechanisms on perceived effectiveness of privacy policy. It also uncovers privacy concerns as a boundary condition that influence the effects of privacy policy contents on users' privacy perceptions.

Details

Journal of Enterprise Information Management, vol. ahead-of-print no. ahead-of-print
Type: Research Article
ISSN: 1741-0398

Keywords

To view the access options for this content please click here
Article
Publication date: 2 July 2020

Maria Petrescu, Anjala Krishen and My Bui

The purpose of this paper is to evaluate the impact of internet of everything (IoE) on marketing analytics, the benefits and challenges it presents and the implications of…

Abstract

Purpose

The purpose of this paper is to evaluate the impact of internet of everything (IoE) on marketing analytics, the benefits and challenges it presents and the implications of its policy and legal framework.

Design/methodology/approach

Qualitative research methods are used across privacy statements and consumer social media data to determine factors of concern for business and consumers.

Findings

The qualitative analysis of privacy statements and consumer social media data unveils factors of concern that are common for businesses and consumers, such as user consent and data security, as well as problems specific to the IoE, including the use of mobile devices and various service providers. The study also shows a differentiation in the levels of information privacy concerns for marketing practice, the use of personal information, sharing information with third parties and consumer consent and agreement to critical terms.

Practical implications

Recommendations for policymakers, practitioners and researchers, especially concerning the need for more studies related to the issues of data security, information privacy and personal information are addressed.

Originality/value

There is a need to assess the potential implications that the use of marketing analytics in the IoE can have for marketing policy, governmental regulations and industry self-regulation. The purpose of this research is to perform an exploratory evaluation of the impact of IoE on marketing analytics, the benefits and challenges it presents and the implications of its policy and legal framework.

Details

Journal of Consumer Marketing, vol. 37 no. 6
Type: Research Article
ISSN: 0736-3761

Keywords

1 – 5 of 5