You are here: Home Contents V15 N3 V15N3_Dhillon.html
Personal tools

Information Privacy Literature: Issues and Challenges



Full text

Journal of Information System Security
Volume 15, Number 3 (2019)
Pages 185198
ISSN 1551-0123
Simran Dhillon — ISEG, Universidade de Lisboa, Portugal
David L. Coss — University of North Carolina, Greensboro, USA
Information Institute Publishing, Washington DC, USA




Privacy, as a concept, is very complex and has been questioned in many disciplines. In this paper, we present a historical review of information privacy research. We review how the concept of privacy has been considered by legal, psychology, and social science scholars. We also evaluate information privacy from an ethical perspective. Within the information privacy story, organizational practices, individual perceptions of these practices, and societal responsibilities concerning privacy have been linked in many ways. In the literature, it has been somewhat challenging to understand and establish suitable connections between concepts and what they mean in real life. Our review of the literature explains such debates. In a final synthesis, we note the importance of individual values in understanding information privacy concerns.




Privacy, Information Privacy, Ethics, Values, Organizational Practices




Allen, A. L. (1988). Uneasy access: Privacy for women in a free society. Rowman and Littlefield Pub Incorporated.

Altman, I., (1977). Privacy Regulation: Culturally Universal or Cultural Specific? Journal of Social Issues. Vol. 33(3) pp. 66-84.

Awad, N.F. and Krishnan, M.S., (2006). The personalization privacy paradox: an empirical evaluation transparency and the willingness to be profiled online for personalization, MIS Quarterly, Vol. 30(1).

Bélanger, F. and Crossler, R. E. (2011). Privacy in the digital age: a review of information privacy research in information systems. MIS Quarterly, 35(4), 1017-1042.

Chellappa R. and Sin, R., (2005) Personalization versus Privacy: An Empirical Examination of the Online Consumer’s Dilemma. Information Technology and Management, Volume 6, Numbers 2-3, Pages 181-202.

Clarke, R. (1999). Internet privacy concerns confirm the case for intervention. Communications of the ACM, 42(2), 60-67.

Culnan, M. (1993). How did they get my name? An exploratory investigation of consumer attitudes toward secondary information use. MIS Quarterly, 17(3), 341-363.

Culnan, M. and Williams, C., (2009). How Ethics can enhance organizational Privacy: Lessons from the ChoicePoint and TJX Data Breaches. MIS Quarterly. Vol. 33(4) pp. 673-687.

Derlega, V. J. and Chaikin, A. L. (1977). Privacy and self‐disclosure in social relationships. Journal of Social Issues, 33(3), 102-115.

Dhillon, G., Oliveira, T. and Syed, R. (2018). Value-based information privacy objectives for Internet Commerce. Computers in Human Behavior, 87, 292-307.

Dinev, T., Bellotto, M., Hart, P., Russo, V., Serra, I. and Colautti C., (2006). Privacy calculus model in e-commerce – a study of Italy and the United States. European Journal of Information Systems. Vol. 15 pp. 389-402.

Dinev, T., Xu, H. and Smith, H.J., (2009). Information Privacy Values, Beliefs and Attitudes: An Empirical Analysis of Web 2.0 Privacy, Proceedings of the 42nd Hawaii International Conference on System Sciences.

Gandy O., (2003). Public opinion surveys and the formation of privacy policy, Journal of Social Issues, Vol. 59(2) pp. 283-299.

Goodhue, D.L. and Straub, D.W. (1991). Security concerns of system users: a study of perceptions of the adequacy of security, Information and Management, Vol. 20(1), pp. 13-27.

Greenaway, K.E. and Chan, Y.E., (2005). Theoretical Explanations for Firms' Information Privacy Behaviors, Journal of the Association for Information Systems (6:6) pp. 171-198.

Hann, I., Hui, K., Lee S. and Png, I., (2007). Overcoming Online Information Privacy Concerns: An Information-Processing Theory Approach, Journal of Management Information Systems, Vol. 24, No. 2, pp. 13-42.

Hoffman, D., Novak T. and Peralta, M., (1998). Building consumer trust online, Communications of the ACM, Vol. 42(4).

Hoffman, D.L. and Novak, T.P. (1997). A New Marketing Paradigm for Electronic Commerce, The Information Society: An International Journal, Vol. 13(1), pp. 43-54.

Hui, K., Teo, H. and Lee, S., (2007). The Value of Privacy Assurance: An Exploratory Field Experiment, MIS Quarterly, Vol. 31, No. 1, pp. 19-33.

Kapoor, G., Zhou W. and Piramuthu S. (2009). Challenges associated with RFID tag implementations in supply chains, European Journal of Information Systems, Vol. 18, pp. 526-533.

Katzan Jr, H. (2011). On the privacy of cloud computing. International Journal of Management & Information Systems, 14(2).

Mai, B., Menon, N. and Sarkar, S., (2010). No Free Lunch: Price Premium for Privacy Seal-Bearing Vendors, Journal of Management Information Systems, Vol. 27, No. 2, pp. 189-212.

Malhotra, N.K., Kim, S. and Agarwal, J., (2004). Internet Users’ Information Privacy Concerns (IUIPC): The Construct, the Scale, and a Causal Model, Information Systems Research, Vol. 15, No. 4, pp. 336-355.

Margulis, S. T. (2003). Privacy as a Social Issue and Behavioral Concept. Journal of Social Issues. Vol. 59(2) pp. 243-261.

Margulis, S. T., (1977). Conceptions of Privacy, Current Status and Next Steps. Journal of Social Issues. Vol. 33(3) pp. 5-21.

Mason, R.O., (1986). Four ethical Issues of the Information Age. MIS Quarterly. Vol. 10(1) pp. 4-12.

Milberg, S. J., Burke, S. J., Smith, H. J. and Kallman, E. A. (1995). Values, personal information privacy, and regulatory approaches. Communications of the ACM, 38(12), 65-74.

Moores, T. and Dhillon, G., (2003). Do privacy seals in e-commerce really work?, Communications of the ACM, Vol. 46(12).

Pavlou, P., Liang, H. and Xue, Y., (2007). Understanding and Mitigating Uncertainty in Online Exchange Relationships: A Principal-Agent Perspective, MIS Quarterly, Vol. 31, No. 1, pp. 105-136.

Post, R. C. (1989). The social foundations of privacy: community and self in the common law tort. California Law Review, 957-1010.

Pramatari, K. and Theotokis, A., (2009). Consumer acceptance of RFID-enabled services: a model of multiple attitudes, perceived system characteristics and individual traits, European Journal of Information Systems, Vol. 18, pp. 541-552.

Prosser, W., (1960). Privacy. California Law Review. Vol. 48(3) pp. 383-423.

Reichheld, F. and Schefter, P., (2000). E-Loyalty: Your Secret Weapon on the Web, Harvard Business Review, 78 4 105.

Richards, N.M. and D. J. Solove, (2010). Prosser's Privacy Law: A Mixed Legacy. California Law Review, Vol. 98, pp. 1887.

Smith H. J., (1993). Privacy policies and practices: inside the organizational maze, Communication of the ACM, Vol. 36(12).

Smith, H.J., Milberg, S.J. and Burke, S.J. (1996). Information Privacy: Measuring Individuals’ Concerns about Organizational Practices, MIS Quarterly, pp. 167-195.

Solove, D.J., (2006). A Taxonomy of Privacy. University of Pennsylvania Law Review. Vol. 154(3) pp. 47-560.

Son, J. and Kim, S., (2008). Internet Users’ Information Privacy-Protective Responses: A Taxonomy and a Nomological Model, MIS Quarterly, Vol. 32, No. 3, pp. 503-529.

Stone, E.F., Gardner, D.G., Gueutal, H.G. and McClure, S. (1983). A field experiment comparing information-privacy values, beliefs, and attitudes across several types of organizations. Journal of Applied Psychology 68, 3, 459–468.

Straub, D. and Collins, R.W., (1990). Key Information Liability Issues Facing Managers: Software Piracy, Proprietary Databases, and Individual Rights to Privacy, MIS Quarterly, pp. 143-156.

Tang, Z., Hu, Y. and Smith, M. (2008). Gaining Trust Through Online Privacy Protection: Self-Regulation, Mandatory Standards, or Caveat Emptor, Journal of Management Information Systems, Vol. 24, No. 4, pp. 153-173.

Wang, H, Lee, M. and Wang, C. (1998). Consumer Privacy Concerns About Internet Marketing, Communications of the ACM, March 1998, Volume 41, Number 3, 63-70.

Warren, C. and Laslett, B. (1977). Privacy and secrecy: A conceptual comparison. Journal of Social Issues, 33(3), 43-51.

Warren, S. D. and Brandeis, L. D. (1890). The right to privacy. Harvard Law Review, 4(5), 193-220.

Westin, A., (1967). Privacy and Freedom. New York: Antheneum.

Xu, H., Teo, H., Tan B. and Agarwal, R., (2009). The role of push-pull technology in privacy calculus: The case of location-based services, Journal of Management Information Systems, Vol. 26, No. 3, pp. 135-173.