Search results
1 – 10 of 121Steven Muzatko and Gaurav Bansal
This research examines the relationship between the timeliness in announcing the discovery of a data breach and consumer trust in an e-commerce company, as well as later…
Abstract
Purpose
This research examines the relationship between the timeliness in announcing the discovery of a data breach and consumer trust in an e-commerce company, as well as later trust-rebuilding efforts taken by the company to compensate users impacted by the breach.
Design/methodology/approach
A survey experiment was used to examine the effect of both trust-reducing events (announced data breaches) and trust-enhancing events (provision of identity theft protection and credit monitoring) on consumer trust. The timeliness of the breach announcement by an e-commerce company was manipulated between two randomly assigned groups of subjects; one group viewed an announcement of the breach immediately upon its discovery, and the other viewed an announcement made two months after the breach was discovered. Consumer trust was measured before the breach, after the breach was announced, and finally, after the announcement of data protection.
Findings
The results suggest that companies that delay a data breach announcement are likely to suffer a larger drop in consumer trust than those that immediately disclose the data breach. The results also suggest that trust can be repaired by providing data protection. However, even after providing identity theft protection and credit monitoring, companies that fail to promptly disclose a breach have lower repaired trust than companies that promptly disclose.
Originality/value
This study contributes to the literature on e-commerce trust by examining how a company's forthrightness in reporting a data breach impacts user trust at the time of the disclosure of the data breach and after subsequent efforts to repair trust.
Details
Keywords
Shing Cheong Hui, Ming Yung Kwok, Elaine W.S. Kong and Dickson K.W. Chiu
Although cloud storage services can bring users valuable convenience, they can be technically complex and intrinsically insecure. Therefore, this research explores the concerns of…
Abstract
Purpose
Although cloud storage services can bring users valuable convenience, they can be technically complex and intrinsically insecure. Therefore, this research explores the concerns of academic users regarding cloud security and technical issues and how such problems may influence their continuous use in daily life.
Design/methodology/approach
This qualitative study used a semi-structured interview approach comprising six main open-ended questions to explore the information security and technical issues for the continuous use of cloud storage services by 20 undergraduate students in Hong Kong.
Findings
The analysis revealed cloud storage service users' major security and technical concerns, particularly synchronization and backup issues, were the most significant technical barrier to the continuing personal use of cloud storage services.
Originality/value
Existing literature has focused on how cloud computing services could bring benefits and security and privacy-related risks to organizations rather than security and technical issues of personal use, especially in the Asian academic context.
Details
Keywords
Dona Budi Kharisma and Alvalerie Diakanza
This paper aims to identify the reasons why cases of leakage of patient personal data often occur in the health sector. This paper also analyzes personal data protection…
Abstract
Purpose
This paper aims to identify the reasons why cases of leakage of patient personal data often occur in the health sector. This paper also analyzes personal data protection regulations in the health sector from a comparative legal perspective between Indonesia, Singapore and the European Union (EU).
Design/methodology/approach
This type of research is legal research. The research approach used is the statute approach and conceptual approach. The focus of this study in this research is Indonesia with a comparative study in Singapore and the EU.
Findings
Cases of leakage of patient personal data in Indonesia often occur. In 2021, the data for 230,000 COVID-19 patients was leaked and sold on the Rapid Forums dark web forum. A patient’s personal data is a human right that must be protected. Compared to Singapore and the EU, Indonesia is a country that does not yet have a law on the protection of personal data. This condition causes cases of leakage of patients’ personal data to occur frequently.
Research limitations/implications
This study analyzes the regulation and protection of patients’ personal data in Indonesia, Singapore and the EU to construct a regulatory design for the protection of patients’ personal data.
Practical implications
The results of this study are useful for constructing regulations governing the protection of patients’ personal data. The regulation is to protect the patient’s personal data like a patient’s human right.
Social implications
The ideal regulatory design can prevent data breaches. Based on the results of comparative studies, in Singapore and the EU, cases of personal data leakage are rare because they have a regulatory framework regarding the protection of patients’ personal data.
Originality/value
Legal strategies that can be taken to prevent and overcome patient data breaches include the establishment of an Act on Personal Data Protection; the Personal Data Protection Commission; and management of patients’ personal data.
Details
Keywords
Personal data is a powerful tool. The more someone know about us, the more power they got over us. But who will control the most of our personal data? Does the government and the…
Abstract
Purpose
Personal data is a powerful tool. The more someone know about us, the more power they got over us. But who will control the most of our personal data? Does the government and the big tech really care about our personal data? This paper aims to look at data practices, data-related policy making as well as its economic consequences in the context of emerging economies.
Design/methodology/approach
Using qualitative methods such as literature review and analysis of numerous government documents, this paper inquires into the dynamics in the use of data by the business sectors, explains how data governance can add value to the business sectors while ensuring customers’ data privacy protection based on the data governance mechanism framework and details what it takes.
Findings
Using the case of Indonesian recent development on data privacy regulation, this paper describes the problems and threats to personal data protection. The advent of latest computing and mobile technology is shifting power relations between the governments, the big tech, as well as the end users. To conclude, the strategy and policy recommendations for implementing data privacy protection are also presented.
Originality/value
This paper provides a timely synthesis of data practices in the context of developing countries, particularly in relation to policy making and economic consequences. This paper also identifies and shares several promising future research ideas.
Details
Keywords
This article analyses the existing retail and distribution legal framework in which Internet companies operate, focusing on data breaches and other issues of relevance to these…
Abstract
Purpose
This article analyses the existing retail and distribution legal framework in which Internet companies operate, focusing on data breaches and other issues of relevance to these companies. In order to identify who should be responsible for the largest share of improving people's quality of life, this study takes into account the perspectives of both consumers and businesses (or service provider). The author states that where there is a high probability of a security or privacy breach and the customer suffers moderate to severe damage, the burden of proof may shift to the corporation. However, the customer's obligation is conditioned by factors such as the customer's risk tolerance, the customer's losses and the efficiency of the security investment.
Design/methodology/approach
The author suggests that the decentralized nature of blockchain, information sharing, immutability and smart contracting capabilities have the potential to disrupt established business models and social norms. Challenges related to trust, customs oversight and payments are discussed, as well as the process of creating the framework for electronic commerce. As part of this research, the author has taken into consideration the increasing popularity of Internet shopping.
Findings
The author demonstrates that due to the worldwide reach of the internet and the fast advancement of computer technology, the economies of the globe have grown increasingly linked. Even though e-commerce has been growing rapidly in recent years due to innovations in both technology and international retail and distribution forms, it still confronts a number of challenges.
Research limitations/implications
In e-commerce that makes use of blockchain technology, there are significant costs associated with transferring data formats, a lack of consensus and limited emissivity in the flow of law and information. Reduced costs and associated negative externalities would be tremendously beneficial for both private enterprise and forward-thinking public policy.
Practical implications
This paper examines the potential liability concerns that may arise in the context of electronic transactions should a breach of security or privacy occur, as the author shows from a practical standpoint. Computers, mobile devices, tablets, sensors, smart meters and even autos are just some of the many channels via which data may be sent. It is conceivable for data flows in e-commerce, cloud and the Internet of Things to follow a regular pattern. This may endanger the confidentiality or security of the data. These have evolved into a significant barrier that web stores must overcome.
Originality/value
The author argues that resolving disputes related to the processing of electronic transactions is crucial to the growth of e-commerce businesses since customer happiness is directly correlated with business success.
Details
Keywords
Donia Waseem, Shijiao (Joseph) Chen, Zhenhua (Raymond) Xia, Nripendra P. Rana, Balkrushna Potdar and Khai Trieu Tran
In the online environment, consumers increasingly feel vulnerable due to firms’ expanding capabilities of collecting and using their data in an unsanctioned manner. Drawing from…
Abstract
Purpose
In the online environment, consumers increasingly feel vulnerable due to firms’ expanding capabilities of collecting and using their data in an unsanctioned manner. Drawing from gossip theory, this research focuses on two key suppressors of consumer vulnerability: transparency and control. Previous studies conceptualize transparency and control from rationalistic approaches that overlook individual experiences and present a unidimensional conceptualization. This research aims to understand how individuals interpret transparency and control concerning privacy vulnerability in the online environment. Additionally, it explores strategic approaches to communicating the value of transparency and control.
Design/methodology/approach
An interpretivism paradigm and phenomenology were adopted in the research design. Data were collected through semi-structured interviews with 41 participants, including consumers and experts, and analyzed through thematic analysis.
Findings
The findings identify key conceptual dimensions of transparency and control by adapting justice theory. They also reveal that firms can communicate assurance, functional, technical and social values of transparency and control to address consumer vulnerability.
Originality/value
This research makes the following contributions to the data privacy literature. The findings exhibit multidimensional and comprehensive conceptualizations of transparency and control, including user, firm and information perspectives. Additionally, the conceptual framework combines empirical insights from both experiencers and observers to offer an understanding of how transparency and control serve as justice mechanisms to effectively tackle the issue of unsanctioned transmission of personal information and subsequently address vulnerability. Lastly, the findings provide strategic approaches to communicating the value of transparency and control.
Details
Keywords
Rahul Sindhwani, Abhishek Behl, Vijay Pereira, Yama Temouri and Sushmit Bagchi
The COVID-19 pandemic has showcased the lack of resilience found in the global value chains (GVCs) of multinational enterprises (MNEs). Existing evidence shows that MNEs have only…
Abstract
Purpose
The COVID-19 pandemic has showcased the lack of resilience found in the global value chains (GVCs) of multinational enterprises (MNEs). Existing evidence shows that MNEs have only recently and slowly started recovering and attempting to rebuild the resilience of their GVCs. This paper analyzes the challenges/inhibitors faced by MNEs in building their resilience through their GVCs.
Design/methodology/approach
A four-stage hybrid model was used to identify the interrelationship among the identified inhibitors and to distinguish the most critical ones by ranking them. In the first stage, we employed a modified total interpretive structural modeling (m-TISM) approach to determine the inter-relationship among the inhibitors. Additionally, we identified the inhibitors' driving power and dependency by performing a matrix multiplication applied to classification (MICMAC) analysis. In the second stage, we employed the Pythagorean fuzzy analytic hierarchy process (PF-AHP) method to determine the weight of the criteria. The next stage followed, in which we used the Pythagorean fuzzy combined compromise solution (PF-CoCoSo) method to rank the inhibitors. Finally, we performed a sensitivity analysis to determine the robustness of the framework we had built based on the criteria and inhibitors.
Findings
We find business sustainability to have the highest importance and managerial governance as the most critical inhibitor hindering the path to resilience. Based on these insights, we derive four research propositions aimed at strengthening the resilience of such GVCs, followed by their implications for theory and practice.
Originality/value
Our findings contribute to the extant literature by uncovering key inhibitors that act as barriers to MNEs. We link out our findings with a number of propositions that we derive, which may be considered for implementation by MNEs and could help them endow their GVCs with resilience.
Details
Keywords
Haroon Iqbal Maseeh, Charles Jebarajakirthy, Achchuthan Sivapalan, Mitchell Ross and Mehak Rehman
Smartphone apps collect users' personal information, which triggers privacy concerns for app users. Consequently, app users restrict apps from accessing their personal…
Abstract
Purpose
Smartphone apps collect users' personal information, which triggers privacy concerns for app users. Consequently, app users restrict apps from accessing their personal information. This may impact the effectiveness of in-app advertising. However, research has not yet demonstrated what factors impact app users' decisions to use apps with restricted permissions. This study is aimed to bridge this gap.
Design/methodology/approach
Using a quantitative research method, the authors collected the data from 384 app users via a structured questionnaire. The data were analysed using AMOS and fuzzy-set qualitative comparative analysis (fsQCA).
Findings
The findings suggest privacy concerns and risks have a significant positive effect on app usage with restricted permissions, whilst reputation, trust and perceived benefits have significant negative impact on it. Some app-related factors, such as the number of apps installed and type of apps, also impact app usage with restricted permissions.
Practical implications
Based on the findings, the authors provided several implications for app stores, app developers and app marketers.
Originality/value
This study examines the factors that influence smartphone users' decisions to use apps with restricted permission requests. By doing this, the authors' study contributes to the consumer behaviour literature in the context of smartphone app usage. Also, by explaining the underlying mechanisms through which the principles of communication privacy management theory operate in smartphone app context, the authors' research contributes to the communication privacy management theory.
Details
Keywords
Mohan Thite and Ramanathan Iyer
Despite ongoing reports of insider-driven leakage of confidential data, both academic scholars and practitioners tend to focus on external threats and favour information…
Abstract
Purpose
Despite ongoing reports of insider-driven leakage of confidential data, both academic scholars and practitioners tend to focus on external threats and favour information technology (IT)-centric solutions to secure and strengthen their information security ecosystem. Unfortunately, they pay little attention to human resource management (HRM) solutions. This paper aims to address this gap and proposes an actionable human resource (HR)-centric and artificial intelligence (AI)-driven framework.
Design/methodology/approach
The paper highlights the dangers posed by insider threats and presents key findings from a Leximancer-based analysis of a rapid literature review on the role, nature and contribution of HRM for information security, especially in addressing insider threats. The study also discusses the limitations of these solutions and proposes an HR-in-the-loop model, driven by AI and machine learning to mitigate these limitations.
Findings
The paper argues that AI promises to offer many HRM-centric opportunities to fortify the information security architecture if used strategically and intelligently. The HR-in-the-loop model can ensure that the human factors are considered when designing information security solutions. By combining AI and machine learning with human expertise, this model can provide an effective and comprehensive approach to addressing insider threats.
Originality/value
The paper fills the research gap on the critical role of HR in securing and strengthening information security. It makes further contribution in identifying the limitations of HRM solutions in info security and how AI and machine learning can be leveraged to address these limitations to some extent.
Details
Keywords
Derrick Boakye, David Sarpong, Dirk Meissner and George Ofosu
Cyber-attacks that generate technical disruptions in organisational operations and damage the reputation of organisations have become all too common in the contemporary…
Abstract
Purpose
Cyber-attacks that generate technical disruptions in organisational operations and damage the reputation of organisations have become all too common in the contemporary organisation. This paper explores the reputation repair strategies undertaken by organisations in the event of becoming victims of cyber-attacks.
Design/methodology/approach
For developing the authors’ contribution in the context of the Internet service providers' industry, the authors draw on a qualitative case study of TalkTalk, a British telecommunications company providing business to business (B2B) and business to customer (B2C) Internet services, which was a victim of a “significant and sustained” cyber-attack in October 2015. Data for the enquiry is sourced from publicly available archival documents such as newspaper articles, press releases, podcasts and parliamentary hearings on the TalkTalk cyber-attack.
Findings
The findings suggest a dynamic interplay of technical and rhetorical responses in dealing with cyber-attacks. This plays out in the form of marshalling communication and mortification techniques, bolstering image and riding on leader reputation, which serially combine to strategically orchestrate reputational repair and stigma erasure in the event of a cyber-attack.
Originality/value
Analysing a prototypical case of an organisation in dire straits following a cyber-attack, the paper provides a systematic characterisation of the setting-in-motion of strategic responses to manage, revamp and ameliorate damaged reputation during cyber-attacks, which tend to negatively shape the evaluative perceptions of the organisation's salient audience.
Details