Search results

1 – 10 of 121
Article
Publication date: 7 July 2023

Steven Muzatko and Gaurav Bansal

This research examines the relationship between the timeliness in announcing the discovery of a data breach and consumer trust in an e-commerce company, as well as later…

Abstract

Purpose

This research examines the relationship between the timeliness in announcing the discovery of a data breach and consumer trust in an e-commerce company, as well as later trust-rebuilding efforts taken by the company to compensate users impacted by the breach.

Design/methodology/approach

A survey experiment was used to examine the effect of both trust-reducing events (announced data breaches) and trust-enhancing events (provision of identity theft protection and credit monitoring) on consumer trust. The timeliness of the breach announcement by an e-commerce company was manipulated between two randomly assigned groups of subjects; one group viewed an announcement of the breach immediately upon its discovery, and the other viewed an announcement made two months after the breach was discovered. Consumer trust was measured before the breach, after the breach was announced, and finally, after the announcement of data protection.

Findings

The results suggest that companies that delay a data breach announcement are likely to suffer a larger drop in consumer trust than those that immediately disclose the data breach. The results also suggest that trust can be repaired by providing data protection. However, even after providing identity theft protection and credit monitoring, companies that fail to promptly disclose a breach have lower repaired trust than companies that promptly disclose.

Originality/value

This study contributes to the literature on e-commerce trust by examining how a company's forthrightness in reporting a data breach impacts user trust at the time of the disclosure of the data breach and after subsequent efforts to repair trust.

Details

Internet Research, vol. ahead-of-print no. ahead-of-print
Type: Research Article
ISSN: 1066-2243

Keywords

Article
Publication date: 3 March 2023

Shing Cheong Hui, Ming Yung Kwok, Elaine W.S. Kong and Dickson K.W. Chiu

Although cloud storage services can bring users valuable convenience, they can be technically complex and intrinsically insecure. Therefore, this research explores the concerns of…

Abstract

Purpose

Although cloud storage services can bring users valuable convenience, they can be technically complex and intrinsically insecure. Therefore, this research explores the concerns of academic users regarding cloud security and technical issues and how such problems may influence their continuous use in daily life.

Design/methodology/approach

This qualitative study used a semi-structured interview approach comprising six main open-ended questions to explore the information security and technical issues for the continuous use of cloud storage services by 20 undergraduate students in Hong Kong.

Findings

The analysis revealed cloud storage service users' major security and technical concerns, particularly synchronization and backup issues, were the most significant technical barrier to the continuing personal use of cloud storage services.

Originality/value

Existing literature has focused on how cloud computing services could bring benefits and security and privacy-related risks to organizations rather than security and technical issues of personal use, especially in the Asian academic context.

Details

Library Hi Tech, vol. ahead-of-print no. ahead-of-print
Type: Research Article
ISSN: 0737-8831

Keywords

Article
Publication date: 6 September 2022

Dona Budi Kharisma and Alvalerie Diakanza

This paper aims to identify the reasons why cases of leakage of patient personal data often occur in the health sector. This paper also analyzes personal data protection…

Abstract

Purpose

This paper aims to identify the reasons why cases of leakage of patient personal data often occur in the health sector. This paper also analyzes personal data protection regulations in the health sector from a comparative legal perspective between Indonesia, Singapore and the European Union (EU).

Design/methodology/approach

This type of research is legal research. The research approach used is the statute approach and conceptual approach. The focus of this study in this research is Indonesia with a comparative study in Singapore and the EU.

Findings

Cases of leakage of patient personal data in Indonesia often occur. In 2021, the data for 230,000 COVID-19 patients was leaked and sold on the Rapid Forums dark web forum. A patient’s personal data is a human right that must be protected. Compared to Singapore and the EU, Indonesia is a country that does not yet have a law on the protection of personal data. This condition causes cases of leakage of patients’ personal data to occur frequently.

Research limitations/implications

This study analyzes the regulation and protection of patients’ personal data in Indonesia, Singapore and the EU to construct a regulatory design for the protection of patients’ personal data.

Practical implications

The results of this study are useful for constructing regulations governing the protection of patients’ personal data. The regulation is to protect the patient’s personal data like a patient’s human right.

Social implications

The ideal regulatory design can prevent data breaches. Based on the results of comparative studies, in Singapore and the EU, cases of personal data leakage are rare because they have a regulatory framework regarding the protection of patients’ personal data.

Originality/value

Legal strategies that can be taken to prevent and overcome patient data breaches include the establishment of an Act on Personal Data Protection; the Personal Data Protection Commission; and management of patients’ personal data.

Details

International Journal of Human Rights in Healthcare, vol. ahead-of-print no. ahead-of-print
Type: Research Article
ISSN: 2056-4902

Keywords

Article
Publication date: 27 February 2024

Nofie Iman

Personal data is a powerful tool. The more someone know about us, the more power they got over us. But who will control the most of our personal data? Does the government and the…

Abstract

Purpose

Personal data is a powerful tool. The more someone know about us, the more power they got over us. But who will control the most of our personal data? Does the government and the big tech really care about our personal data? This paper aims to look at data practices, data-related policy making as well as its economic consequences in the context of emerging economies.

Design/methodology/approach

Using qualitative methods such as literature review and analysis of numerous government documents, this paper inquires into the dynamics in the use of data by the business sectors, explains how data governance can add value to the business sectors while ensuring customers’ data privacy protection based on the data governance mechanism framework and details what it takes.

Findings

Using the case of Indonesian recent development on data privacy regulation, this paper describes the problems and threats to personal data protection. The advent of latest computing and mobile technology is shifting power relations between the governments, the big tech, as well as the end users. To conclude, the strategy and policy recommendations for implementing data privacy protection are also presented.

Originality/value

This paper provides a timely synthesis of data practices in the context of developing countries, particularly in relation to policy making and economic consequences. This paper also identifies and shares several promising future research ideas.

Details

International Journal of Law and Management, vol. ahead-of-print no. ahead-of-print
Type: Research Article
ISSN: 1754-243X

Keywords

Article
Publication date: 18 May 2023

Xiukun Ge

This article analyses the existing retail and distribution legal framework in which Internet companies operate, focusing on data breaches and other issues of relevance to these…

Abstract

Purpose

This article analyses the existing retail and distribution legal framework in which Internet companies operate, focusing on data breaches and other issues of relevance to these companies. In order to identify who should be responsible for the largest share of improving people's quality of life, this study takes into account the perspectives of both consumers and businesses (or service provider). The author states that where there is a high probability of a security or privacy breach and the customer suffers moderate to severe damage, the burden of proof may shift to the corporation. However, the customer's obligation is conditioned by factors such as the customer's risk tolerance, the customer's losses and the efficiency of the security investment.

Design/methodology/approach

The author suggests that the decentralized nature of blockchain, information sharing, immutability and smart contracting capabilities have the potential to disrupt established business models and social norms. Challenges related to trust, customs oversight and payments are discussed, as well as the process of creating the framework for electronic commerce. As part of this research, the author has taken into consideration the increasing popularity of Internet shopping.

Findings

The author demonstrates that due to the worldwide reach of the internet and the fast advancement of computer technology, the economies of the globe have grown increasingly linked. Even though e-commerce has been growing rapidly in recent years due to innovations in both technology and international retail and distribution forms, it still confronts a number of challenges.

Research limitations/implications

In e-commerce that makes use of blockchain technology, there are significant costs associated with transferring data formats, a lack of consensus and limited emissivity in the flow of law and information. Reduced costs and associated negative externalities would be tremendously beneficial for both private enterprise and forward-thinking public policy.

Practical implications

This paper examines the potential liability concerns that may arise in the context of electronic transactions should a breach of security or privacy occur, as the author shows from a practical standpoint. Computers, mobile devices, tablets, sensors, smart meters and even autos are just some of the many channels via which data may be sent. It is conceivable for data flows in e-commerce, cloud and the Internet of Things to follow a regular pattern. This may endanger the confidentiality or security of the data. These have evolved into a significant barrier that web stores must overcome.

Originality/value

The author argues that resolving disputes related to the processing of electronic transactions is crucial to the growth of e-commerce businesses since customer happiness is directly correlated with business success.

Details

International Journal of Retail & Distribution Management, vol. ahead-of-print no. ahead-of-print
Type: Research Article
ISSN: 0959-0552

Keywords

Article
Publication date: 19 February 2024

Donia Waseem, Shijiao (Joseph) Chen, Zhenhua (Raymond) Xia, Nripendra P. Rana, Balkrushna Potdar and Khai Trieu Tran

In the online environment, consumers increasingly feel vulnerable due to firms’ expanding capabilities of collecting and using their data in an unsanctioned manner. Drawing from…

Abstract

Purpose

In the online environment, consumers increasingly feel vulnerable due to firms’ expanding capabilities of collecting and using their data in an unsanctioned manner. Drawing from gossip theory, this research focuses on two key suppressors of consumer vulnerability: transparency and control. Previous studies conceptualize transparency and control from rationalistic approaches that overlook individual experiences and present a unidimensional conceptualization. This research aims to understand how individuals interpret transparency and control concerning privacy vulnerability in the online environment. Additionally, it explores strategic approaches to communicating the value of transparency and control.

Design/methodology/approach

An interpretivism paradigm and phenomenology were adopted in the research design. Data were collected through semi-structured interviews with 41 participants, including consumers and experts, and analyzed through thematic analysis.

Findings

The findings identify key conceptual dimensions of transparency and control by adapting justice theory. They also reveal that firms can communicate assurance, functional, technical and social values of transparency and control to address consumer vulnerability.

Originality/value

This research makes the following contributions to the data privacy literature. The findings exhibit multidimensional and comprehensive conceptualizations of transparency and control, including user, firm and information perspectives. Additionally, the conceptual framework combines empirical insights from both experiencers and observers to offer an understanding of how transparency and control serve as justice mechanisms to effectively tackle the issue of unsanctioned transmission of personal information and subsequently address vulnerability. Lastly, the findings provide strategic approaches to communicating the value of transparency and control.

Details

Internet Research, vol. ahead-of-print no. ahead-of-print
Type: Research Article
ISSN: 1066-2243

Keywords

Article
Publication date: 6 February 2024

Rahul Sindhwani, Abhishek Behl, Vijay Pereira, Yama Temouri and Sushmit Bagchi

The COVID-19 pandemic has showcased the lack of resilience found in the global value chains (GVCs) of multinational enterprises (MNEs). Existing evidence shows that MNEs have only…

Abstract

Purpose

The COVID-19 pandemic has showcased the lack of resilience found in the global value chains (GVCs) of multinational enterprises (MNEs). Existing evidence shows that MNEs have only recently and slowly started recovering and attempting to rebuild the resilience of their GVCs. This paper analyzes the challenges/inhibitors faced by MNEs in building their resilience through their GVCs.

Design/methodology/approach

A four-stage hybrid model was used to identify the interrelationship among the identified inhibitors and to distinguish the most critical ones by ranking them. In the first stage, we employed a modified total interpretive structural modeling (m-TISM) approach to determine the inter-relationship among the inhibitors. Additionally, we identified the inhibitors' driving power and dependency by performing a matrix multiplication applied to classification (MICMAC) analysis. In the second stage, we employed the Pythagorean fuzzy analytic hierarchy process (PF-AHP) method to determine the weight of the criteria. The next stage followed, in which we used the Pythagorean fuzzy combined compromise solution (PF-CoCoSo) method to rank the inhibitors. Finally, we performed a sensitivity analysis to determine the robustness of the framework we had built based on the criteria and inhibitors.

Findings

We find business sustainability to have the highest importance and managerial governance as the most critical inhibitor hindering the path to resilience. Based on these insights, we derive four research propositions aimed at strengthening the resilience of such GVCs, followed by their implications for theory and practice.

Originality/value

Our findings contribute to the extant literature by uncovering key inhibitors that act as barriers to MNEs. We link out our findings with a number of propositions that we derive, which may be considered for implementation by MNEs and could help them endow their GVCs with resilience.

Details

Management Decision, vol. ahead-of-print no. ahead-of-print
Type: Research Article
ISSN: 0025-1747

Keywords

Article
Publication date: 27 March 2024

Haroon Iqbal Maseeh, Charles Jebarajakirthy, Achchuthan Sivapalan, Mitchell Ross and Mehak Rehman

Smartphone apps collect users' personal information, which triggers privacy concerns for app users. Consequently, app users restrict apps from accessing their personal…

Abstract

Purpose

Smartphone apps collect users' personal information, which triggers privacy concerns for app users. Consequently, app users restrict apps from accessing their personal information. This may impact the effectiveness of in-app advertising. However, research has not yet demonstrated what factors impact app users' decisions to use apps with restricted permissions. This study is aimed to bridge this gap.

Design/methodology/approach

Using a quantitative research method, the authors collected the data from 384 app users via a structured questionnaire. The data were analysed using AMOS and fuzzy-set qualitative comparative analysis (fsQCA).

Findings

The findings suggest privacy concerns and risks have a significant positive effect on app usage with restricted permissions, whilst reputation, trust and perceived benefits have significant negative impact on it. Some app-related factors, such as the number of apps installed and type of apps, also impact app usage with restricted permissions.

Practical implications

Based on the findings, the authors provided several implications for app stores, app developers and app marketers.

Originality/value

This study examines the factors that influence smartphone users' decisions to use apps with restricted permission requests. By doing this, the authors' study contributes to the consumer behaviour literature in the context of smartphone app usage. Also, by explaining the underlying mechanisms through which the principles of communication privacy management theory operate in smartphone app context, the authors' research contributes to the communication privacy management theory.

Details

Information Technology & People, vol. ahead-of-print no. ahead-of-print
Type: Research Article
ISSN: 0959-3845

Keywords

Article
Publication date: 1 March 2024

Mohan Thite and Ramanathan Iyer

Despite ongoing reports of insider-driven leakage of confidential data, both academic scholars and practitioners tend to focus on external threats and favour information…

Abstract

Purpose

Despite ongoing reports of insider-driven leakage of confidential data, both academic scholars and practitioners tend to focus on external threats and favour information technology (IT)-centric solutions to secure and strengthen their information security ecosystem. Unfortunately, they pay little attention to human resource management (HRM) solutions. This paper aims to address this gap and proposes an actionable human resource (HR)-centric and artificial intelligence (AI)-driven framework.

Design/methodology/approach

The paper highlights the dangers posed by insider threats and presents key findings from a Leximancer-based analysis of a rapid literature review on the role, nature and contribution of HRM for information security, especially in addressing insider threats. The study also discusses the limitations of these solutions and proposes an HR-in-the-loop model, driven by AI and machine learning to mitigate these limitations.

Findings

The paper argues that AI promises to offer many HRM-centric opportunities to fortify the information security architecture if used strategically and intelligently. The HR-in-the-loop model can ensure that the human factors are considered when designing information security solutions. By combining AI and machine learning with human expertise, this model can provide an effective and comprehensive approach to addressing insider threats.

Originality/value

The paper fills the research gap on the critical role of HR in securing and strengthening information security. It makes further contribution in identifying the limitations of HRM solutions in info security and how AI and machine learning can be leveraged to address these limitations to some extent.

Details

Personnel Review, vol. ahead-of-print no. ahead-of-print
Type: Research Article
ISSN: 0048-3486

Keywords

Article
Publication date: 26 May 2023

Derrick Boakye, David Sarpong, Dirk Meissner and George Ofosu

Cyber-attacks that generate technical disruptions in organisational operations and damage the reputation of organisations have become all too common in the contemporary…

Abstract

Purpose

Cyber-attacks that generate technical disruptions in organisational operations and damage the reputation of organisations have become all too common in the contemporary organisation. This paper explores the reputation repair strategies undertaken by organisations in the event of becoming victims of cyber-attacks.

Design/methodology/approach

For developing the authors’ contribution in the context of the Internet service providers' industry, the authors draw on a qualitative case study of TalkTalk, a British telecommunications company providing business to business (B2B) and business to customer (B2C) Internet services, which was a victim of a “significant and sustained” cyber-attack in October 2015. Data for the enquiry is sourced from publicly available archival documents such as newspaper articles, press releases, podcasts and parliamentary hearings on the TalkTalk cyber-attack.

Findings

The findings suggest a dynamic interplay of technical and rhetorical responses in dealing with cyber-attacks. This plays out in the form of marshalling communication and mortification techniques, bolstering image and riding on leader reputation, which serially combine to strategically orchestrate reputational repair and stigma erasure in the event of a cyber-attack.

Originality/value

Analysing a prototypical case of an organisation in dire straits following a cyber-attack, the paper provides a systematic characterisation of the setting-in-motion of strategic responses to manage, revamp and ameliorate damaged reputation during cyber-attacks, which tend to negatively shape the evaluative perceptions of the organisation's salient audience.

Details

Information Technology & People, vol. ahead-of-print no. ahead-of-print
Type: Research Article
ISSN: 0959-3845

Keywords

1 – 10 of 121