Privacy in E-Commerce: Development of Reporting Standards, Disclosure and Assurance Services in an Unregulated Market
Journal of Accounting Research, Vol. 41, Issue 2, pp. 285-309, 2003
41 Pages Posted: 13 May 2002 Last revised: 1 Jun 2014
Date Written: October 1, 2002
Government regulation of financial reporting by publicly listed firms, coupled with a punitive regime for violation of Generally Accepted Accounting Principles (GAAP) has been in place in the United States for seven decades. Whether this regime is effective or useful is an open question, especially in the absence of data on the behavior of unregulated economies. Privacy disclosure in e-commerce is essentially an unregulated environment with some parallels to financial disclosure. A study of privacy standards, disclosures practices and demand for audits can help accountants and security regulators project the consequences of a competitive regime sans regulation for accounting standards, disclosure and audit practices.
In this paper we set up a framework for such a study, gather data from the field, and analyze privacy standards, privacy disclosure practices, and the effectiveness of opt-out practices of one hundred high traffic e-commerce websites. We observe four diverse sets of privacy standards (Truste, BBB Online, WebTrust and PWC Privacy) competing in this market, attracting clienteles of their own as reflected in privacy policies and the disclosure of such policies. With a few exceptions, actual disclosure and opt-out practices correspond reasonably well to stated policies in e-commerce. There is little evidence that the prevailing competitive regime induces a race to the bottom with respect to privacy standards and disclosures. We explore the implications of these results for the consequences of a competitive regime for regulation of financial reporting.
Keywords: E-commerce, Privacy, Regulatory Competition, Reporting Standards
JEL Classification: G38, K22, L51, L86, M41
Suggested Citation: Suggested Citation