Do Companies' Online Privacy Policy Disclosures Match Customer Needs?

48 Pages Posted: 12 Jan 2008 Last revised: 24 Apr 2008

See all articles by Won Gyun No

Won Gyun No

Rutgers, The State University of New Jersey - Accounting & Information Systems

J. Efrim Boritz

University of Waterloo - School of Accounting and Finance

R. P. Sundarraj

Independent

Date Written: April 2008

Abstract

Along with companies' increased interest in the use of personal information and the growing concerns of customers, privacy emerges as a critical issue in an e-commerce environment. Although several researchers have examined companies' privacy practices using posted privacy policy disclosures, few studies have investigated companies' privacy policies against Fair Information Practices (FIP). This study investigates companies' privacy policy statements and important privacy policies that individuals want to know against FIP. We examine the privacy policy statements of 136 companies from U.S. and Canada and relate them to the results of a Web-based user survey of 210 respondents. Our findings reveal a difference in companies' privacy policies between U.S. and Canada. The Security Safeguards and Use Limitation principles were the two most important companies' privacy policies that individuals want to know. The Security Safeguards and Purpose Specification principles were the two most frequently addressed OECD principles in more information-sensitive industries while the Purpose Specification and Openness principles were the two most frequently addressed principles in less information-sensitive industries. Thus, there is a gap between what privacy policies individuals value and what companies in less information-sensitive industries disclose in their privacy policy statements. However, companies in more information-sensitive industries frequently disclose an important privacy policy (i.e., Security Safeguards) that individuals want to know.

Keywords: internet privacy, privacy policy disclosure, consumer protection, electronic commerce

Suggested Citation

No, Won Gyun and Boritz, Efrim and Sundarraj, R. P., Do Companies' Online Privacy Policy Disclosures Match Customer Needs? (April 2008). (CAAA) 2008 Annual Conference Paper, Available at SSRN: https://ssrn.com/abstract=1082961 or http://dx.doi.org/10.2139/ssrn.1082961

Won Gyun No (Contact Author)

Rutgers, The State University of New Jersey - Accounting & Information Systems

1 Washington Park, Room 993
Newark, NJ 07102-3122
United States

Efrim Boritz

University of Waterloo - School of Accounting and Finance ( email )

200 University Avenue West
Waterloo, Ontario N2L 3G1 N2L 3G1
Canada
519-888-4567 (Phone)
519-888-7562 (Fax)

R. P. Sundarraj

Independent ( email )