Information Technology Reference
In-Depth Information
information they obtain about visitors and custom-
ers solely to increase the system's convenience,
they may misuse it as well to harass users with
personalized advertising material or to pass on
user information to third parties (Sama & Shoaf,
2002).
The same information practices that provide
value to companies may raise privacy concerns
among Internet users (Culnan & Armstrong,
1999). It is the asymmetric information between
companies as data collectors and users as data
providers coupled with the lack of user control
over data collection that causes mistrust and con-
cerns about electronic privacy (Reagle & Cranor,
1999), including, for example, identity theft or
the receipt of unsolicited e-mails (Baumer et al.,
2004). The most pervasive concern among users
is that their information is used for purposes other
than those for which it was collected (Turner &
Dasgupta, 2003). Over the past decade, media
coverage of consumer privacy issues has increased
dramatically (Roznowski, 2003). Several highly
publicized privacy breaches in recent years have
sensitized and alerted the general public to poten-
tial data misuse. Cases in point of such incidents
include Internet advertiser DoubleClick, which
matched anonymous user profiles with personally
identifying information and sold these data (Char-
ters, 2002), and RealJukeBox, which collected
personally identifying information, including
musical preferences, matched it with the musical
files that users had on their PCs, and sold these
data (Turner & Dasgupta, 2003).
In view of these threats to information privacy,
the winning companies in electronic commerce
will be those who understand and respond to
people's privacy concerns (Luo & Seyedian,
2004). Corporate privacy policies are capable of
dispelling users' fears about privacy infringe-
ments by detailing when and how a company
collects data. Given that users have been found
to have more trust in privacy policies that they
perceive as comprehensible (Milne & Culnan,
2004), companies might be able to build trusting
relationships with Internet users, if they manage
to communicate their data handling practices in
a clear and concise manner on their Web sites.
Grounded in Uncertainty Reduction Theory
(Berger & Calabrese, 1975), the purpose of this
article is to identify shortcomings of online pri-
vacy policies and to suggest ways of improving
them with a view to easing people's concerns
about data handling practices. More precisely,
the article looks at the content of online privacy
policies, examining systematically what data
handling practices companies engage in, which
ones they do not engage in, and whether they fail
to address important areas of concern. The find-
ings of this analysis together with the findings
from a computer-assisted textual analysis provide
starting points for enhancing the effectiveness
of privacy policies as vehicles for uncertainty
reduction in WWW interactions.
This article is divided into six sections. The first
section reviews the relevant literature, the second
describes the theoretical grounding, and the third
focuses on the methodology. The following two
sections present the findings of a content analysis
and a computer-assisted textual analysis, respec-
tively. Ultimately, the sixth section discusses
the implications of the findings for practice and
explores avenues for future research.
privaCy in the internet age
Privacy is commonly defined as the right to be left
alone (Turner & Dasgupta, 2003). Data privacy is
understood as people's right to control informa-
tion about themselves (Mason et al., 1995) and to
control how others use it (Shaw, 2003). The concept
of data privacy has become a major obstacle to the
success of electronic business models, as the In-
ternet has made it technically easier for companies
to gather and disseminate personal, demographic,
and behavioral consumer data (Dhillon & Moores,
2001). Although consumers may benefit from the
collection of their data with improved customer
Search WWH ::
Custom Search