Understanding Consumer Privacy: A Review and Future Directions

Understanding Consumer Privacy: A Review and Future Directions

The evolution of marketing from a production orientation to a market orientation (Kieth 1960; Kotler and Zaltman 1971), as exemplified by the marketing concept (Barksdale and Darden 1971; Houston 1986; McKitterick 1957), has led to a dramatic increase in the need to understand the consumer. While application of this market orientation approach, especially in the forms of direct and relationship marketing, arguably brings multiple benefits to both consumers and firms (Kohli and Jaworski 1990; Narver and Slater 1990), it also requires a large amount of consumer information in order to deliver value (Nowak and Phelps 1997). The widespread adoption of information technology (IT) has allowed firms to meet this need for consumer information by vastly increasing the amount and types of information they collect (McCrohan 1989; Thomas and Maurer 1997). For firms, advances in IT have considerably enhanced the institutionalization and utilization of the market orientation approach by providing the technological infrastructure to capture, analyze, and maintain large quantities of consumer information (Winer 2001). For consumers, though, the collection and analysis of their personal information has led to an increase in privacy concerns (Foxman and Kilcoyne 1993; Phelps, Nowak, and Ferrell 2000).

While most consumers welcome the increased convenience and personalization that these various marketing orientation approaches provide, many are concerned about the collection, use, and protection of their personal information (Phelps et al. 2000; Rust, Kannan, and Peng 2002). Given the sharp increases in unsolicited promotions, incidences of identity theft, and the negligent loss of consumer information by firms, these fears are not altogether unwarranted (Levy and Stone 2005). For many consumers, major privacy concerns fall into three main categories: (1) notification, (2) control, and (3) security. First, many consumers want to be informed about the collection and use of their personal information by firms (Dommeyer and Gross 2003; Milne and Culnan 2004; Nowak and Phelps 1995), Second, consumers want to feel that they have some control over the collection of their personal information and the sharing of this information among firms (Goodwin 1991; Milne and Boza 1999; Phelps et al. 2000). Third, most consumers want some assurance that the personal information they provide to firms, especially online, and the storage of this information is secure (Hoy and Phelps 2003; Jones 1991; Miyazaki and Fernandez 2000). Although multiple legal, commercial, and technological solutions have been proposed to address these concerns (Foxman and Kilcoyne 1993; Goodwin 1991; Phelps et al. 2000), the protection of consumer privacy remains a constant concern for consumers and a formidable challenge for businesses.

In an attempt to understand these issues, consumer privacy research has sought to define the concept of consumer privacy, outline the privacy expectations and strategies of both consumers and businesses, and examine the degree to which firm's are providing adequate consumer privacy protection. While this body of research has provided us with valuable information concerning these issues, there currently does not exist a review that synthesizes and analyzes the current state of consumer privacy research. Given the complexity of the topic and the diversity of issues that have been explored, we feel that a comprehensive review is necessary to refine our understanding of this important topic and to take consumer privacy to a more advanced theoretical level. As a result, the purpose of this article is to examine the general concept of privacy in order to situate and define the domain of consumer privacy, review the literature on consumer privacy in order to determine what we know, and provide directions for future research in order to address gaps in the literature. We begin by examining the general nature of privacy, privacy rights, and privacy regulation. Next, we review the various conceptualizations of consumer privacy. Third, we examine privacy issues from the perspectives of both consumers and firms. Fourth, we propose directions for future research. Because the conceptualization of privacy in general and consumer privacy in particular differs among cultures and nations, this review will focus primarily on issues of privacy in the United States.

PRIVACY

The debate on the nature and scope of privacy is vast and includes research in such diverse disciplines as biology, anthropology, and legal philosophy. While it is not our goal to present research on privacy from all the various disciplines in a single article, we feel that a certain amount of background information on privacy is necessary in order to examine and situate of the notion of consumer privacy. This section provides an overview of the general concept of privacy and its relevance to U.S. law and business.

The Nature of Privacy

The relationship between advances in information technology, including the digitizing and dissemination of all forms of information, and the increase in privacy concerns among individuals, organizations, and governments is well documented (e.g., Ashworth and Free 2006; McCrohan 1989; Milne 2000; Peslak 2005; Thomas and Maurer 1997). But while it is tempting to think of privacy as strictly a modern concern brought forth by such things as industrialization, urbanization, and mechanization (Glazer 1998), the desire for privacy can be traced back to primitive (or pre-modern) societies and even to the animal world (Honigmann 1959; Moore 1984; Westin 1967).

Privacy Needs - It has been found that all animals seek different levels of interaction, ranging from seclusion and small group relations to broader social interaction (Allee 1938; Ardrey 1966; Wynne-Edwards 1962). Seclusion is important because it allows animals to regulate resources, propagate the species, and process information about the world around them (Hall 1966). At the same time, social interaction is necessary because it allows animals to learn, grow, and protect themselves (Ardrey 1966; Wynne-Edwards 1962). Because animals need both seclusion and interaction to survive, they constantly seek to establish a balance between seclusion and interaction, or in other words, between privacy and participation (Westin 1967).

This need for both privacy and participation is also evident among humans. Although some anthropologists suggest that privacy did not exist in primitive societies given the structure of these societies (Jones 1914; Lee 1959; Mead 1949), others argue that privacy was maintained in ways that were more psychological rather than physical (Geertz 1973; Murphy 1964). That is, while many individuals in these societies were not able to control access to many physical aspects of their environment, they could restrict and regulate the information about themselves that they shared with others (Jourard 1966; Westin 1967). Through the selective disclosure of information, individuals in primitive societies were able to achieve the seclusion that was needed by all animals, a tactic that holds over even in more developed societies (Simmel 1950).

In addition to the desire for privacy, members of primitive societies also sought to participate with others in the larger group. As Spinoza (1989) argues, humans are social animals that are scarcely able to lead a completely solitary life. While some of the reasons for social interaction are practical, such as satiation of the physical needs for food, shelter, and security (Spinoza 1989), others are less practical, such as curiosity (Berlyne 1960; Siep 1978) and the desire to have fun (Huizinga 1950; Sutton-Smith 1997). In either case, humans often engage in physical contact with others and disclose information about themselves, as well as to seek out information from others, in order to interact socially (Westin 1967).

Because of this need for both seclusion and interaction, privacy is not considered an absolute human condition (Clark 1978; Westin 1967). That is, human nature is such that most individuals do not seek either constant solitude (i.e., total isolation from others) or continuous social interaction (i.e., total immersion with others). Researchers have discovered that psychological abnormalities often develop in those individuals who either completely reject social interaction or who actively seek to avoid solitude (Fromm-Reichmann 1959; Horney 1945). Proper human development requires individuals to constantly seek a balance between privacy and participation (Westin 1967).

At a broader social level, societies also have to address the balance between the need for privacy and participation. All societies require rules and the adherence to them by their members in order to function properly (Moore 1984; Shils 1966). In addition, societies also need to establish mechanisms to detect transgressions of their norms and rules and to punish these behaviors in order to maintain their proper functioning (Westin 1967). These detection mechanisms often take some form of surveillance in which societies monitor their citizens in order to make sure their behavior stays within the bounds of the society's rules (Flaherty 1989; Goffman 1961; Miller 1999). The degree to which societies balance privacy, participation, and surveillance depends on the broader historical culture and traditions from which each society derives (Flaherty 19677; Shils 1966; Westin 1967).

While privacy clearly is not a recent phenomenon, the rise of modern industrial society has had a definite impact on issues of privacy, participation, and surveillance. Both industrialization and urbanization altered peoples' personal and societal relations (Simmel 1950). While these historical factors and the complex societies in which they were embedded provided more opportunities for physical and psychological privacy (e.g., the anonymity of city life), they also required greater individual disclosure and government surveillance in order for these societies to function properly (Honigmann 1959; Merton 1957; Westin 1967). Technological advances, as well as the constant need for information from individuals to participate in modern societies (especially capitalistic and democratic societies), have led to practices in which societal surveillance (by both public and private entities) can overwhelm the delicate balance of privacy and participation necessary for proper individual development (Miller 1999).

Privacy States and Functions - Westin (1967) argues that privacy consists of four basic states: solitude, intimacy, anonymity, and reserve. Solitude is the condition of being physically separated from others and free from observation. Intimacy is the condition of existing as a small unit (e.g., the family) while maintaining seclusion from others outside the unit. Anonymity is the condition of being in public while still being free from identification and surveillance. Reserve is the condition in which a person has created psychological barriers to protect him/herself from unwanted intrusions. In addition, Westin (1967) describes four functions of privacy: personal autonomy, emotional release, self-evaluation, and limited/protected communication. First, privacy helps to secure personal autonomy by allowing individuals to take control of and responsibility for their lives (Shils 1959). Second, privacy provides the individual with a space for emotional release from the pressures of performing daily roles and conforming to social norms (Goffman 1959). Third, privacy gives individuals time to integrate their life experiences and craft their identities through self-evaluation (Jourard 1966). Fourth, privacy allows limited communications in which people can set boundaries in interpersonal situations and protected communication in which the person can share confidences and establish trust (Simmel 1950).

Privacy Rights - Although most Americans believe that they have a right to privacy, the U.S. Constitution does not explicitly grant this right or its protection. In spite of this, the U.S. Supreme Court has argued that the right to privacy is implicit in the First, Fourth, Fifth, Ninth, and Fourteenth Amendments (DeCew 1997; Hosch 1983; McWhirter and Bible 1992). The First Amendment's acknowledgement of the rights of religious practice, free speech, and assembly has been interpreted as providing protection of individual privacy by limiting government intrusion (Glenn 2003). The Fourth Amendment's protection against search and seizures was expanded to include an individual's reasonable expectation of privacy and protection from surveillance without a warrant (Smith 1989). The U.S. Supreme Court has argued that one of the purposes of the Fifth Amendment's protection against self-incrimination is to protect individual disclosure of private information, with the caveat that this protection only applies when there is compulsion, communication, and incrimination (Rich 1987). The Ninth Amendment's claim that there are other rights that citizens retain that are not explicitly stated in the Constitution has been used to argue for the existence of the right to privacy (Glenn 2003; Tuerkheimer 1993). Lastly, the Fourteenth Amendment's requirements that no law or state will abridge an individual's privileges or immunities, deny any person his/her rights without due process, or deny any citizen equal protection under the law have been interpreted as implying the protection of individual privacy (McWhirter and Bible 1992).

It is important to note that although these various Amendments can be interpreted as providing privacy protection (irrespective of whether privacy is considered as a right or a privilege) (Phelps et al. 2000), the U.S. Supreme Court has argued that not every privacy infringement violates a person's constitutional rights (McCrohan 1989). In fact, it is accepted that explicitly granted constitutional rights supersede any implicit rights, such as the right to privacy (Clark 1978; Found 1961). In addition, the Constitution only protects individuals from the violation of their rights by federal and state governments; violations of rights by private parties must be addressed by federal and state laws (Foxman and Kilcoyne 1993; Nowak and Phelps 1997). This is especially important for assessing any obligations that firms may feel towards protecting consumer privacy.

One of the primary reasons for recognizing the implicit right (or privilege) to privacy is that individual free expression is necessary for the proper functioning of democratic societies (Gavison 1980; Jones 1991; Rachels 1975; Westin 1967). This is evident in the distinction between dictatorships (or totalitarian regimes) and democracies. Dictatorships are based on rule by an individual or select few, extensive surveillance and intrusion, and compelled disclosure (Westin 1967). Individual privacy is sacrificed in the name of protecting and sustaining the particular ideology of the State. Democracies, such as the U.S., are based on popular consent, limited government surveillance and intrusion, and private property (Peslak 2005). In order for a democratic society to reflect the will of the people and not the ideology of the State, citizens must be allowed freedom to participate in organizations (including privacy of membership), freedom of political choice (including secret ballots), and freedom from coercion by the State (including limited surveillance and intrusion) (Westin 1967). All of these requirements, as well as the principles of democracy, are undermined by denying individuals the right to privacy and the ability to control information about themselves and their affiliations.

Definitions of Privacy

Although the U.S. Supreme Court has acknowledged an implicit right to privacy, it has not provided a formal definition of privacy. One of the earliest and most recognized definitions of privacy was crafted by Samuel Warren and Justice Brandeis for an article in the Harvard Law Review. As if written today, the legal scholars argue,

Recent inventions and business methods call attention to the next step which must be taken for the protection of the person, and for securing to the individual what Judge Cooley calls the right 'to be let alone' . . . [T]he question whether our law will recognize and protect the right to privacy in this and in other respects must soon come before our courts for consideration. Of the desirability - indeed the necessity - of some such protection there can, it is believed, be no doubt (Warren and Brandeis 1890, p.195-96).

Warren and Brandeis (1890) argued that changes in society and business necessitated modifications in the basic tort protection of person and property to include the recognition of new rights - namely the right to privacy. A key aspect of their argument was that existing tort law was unable to protect individuals' intangible rights or property, what they called the protection of private facts, from the increasing use of new technologies. This is apparent in the case of Olmstead v. U.S. (1928), one of the first wiretapping cases heard by the U.S. Supreme Court, which held that wiretapping was legal because it did not involve physical entry or tangible property. This ruling was eventually overturned by the case of Katz v. U.S. (1967), which finally recognized the negative impact of technology on individuals' privacy beyond its physical intrusion. In spite of this recognition of the right to privacy and the acknowledgement by the courts of nonphysical injuries, many critics argued that this early definition of privacy was too vague to adequately protect individual privacy rights (Bloustein 1968; Dickler 1936; Nizer 1941).

In an attempt to better address infringements on individual privacy, Prosser (1960) argued that privacy was not a unitary concept, but encompassed four distinct legal torts: 1) intrusion (i.e., invading a person's solitude or seclusion), 2) appropriation (i.e., using a person's identity or image without permission), 3) disclosure (i.e., making public embarrassing private facts about a person), and 4) false light (i.e., portraying an individual in a way that inaccurately and negatively represents the person). This framework, while extending the earlier conception of privacy, restricts privacy tort violations to individual-level information (versus group-level or aggregated data such as census data, though census data based on residential areas with few homes are not reported in depth because one might infer individual information), to information that is deemed private, and to the public dissemination of this private information (Nowak and Phelps 1997; Zimmerman 1983). This multidimensional definition was meant to clarify the right to privacy and provide for specific causes of action that could be tried in a court of law.

While Prosser's framework has been accepted by most U.S. courts and is the basis of most common law conceptions of privacy (McWhirter and Bible 1992), many critics argue that it does not go far enough in addressing all violations of a personal privacy. In fact, some argue that it favors organizations and businesses and unduly influences their conceptions of privacy (Foxman and Kilcoyne 1993; Nowak and Phelps 1997). For example, the "false light" tort does not apply to the transmission of factual consumer information from one firm to another because the data is not false and has not been made public (Graham 1987) (also see Shibley v. Time, Inc. 1974). Likewise, the "intrusion" tort does not apply to situations where the consumer voluntarily provides a firm with personal information and the firm then transfers this information to a third party for purposes unrelated to the intent of the original disclosure (McWhirter and Bible 1992) (also see Dwyer v. American Express Company 1995). As a result, the collection and dissemination of consumer information by firms rarely violates these more specific formulations of the right to privacy (Foxman and Kilcoyne 1993; Nowak and Phelps 1997; Phelps et al. 2000).

Due to both the limitations and ubiquity of Prosser's conception of privacy, some legal scholars have argued that privacy should not be considered as a multidimensional concept, but as a unitary concept in order to increase its applicability across a broader range of privacy issues (Benn 1971; Bloustein 1964; Gavison 1980; Graham 1987). These scholars argue that privacy should not be categorized by different interests, but should be based on the more general idea of protecting human dignity (Bloustein 1964; Gavison 1980). This broader conceptualization of privacy is based on peoples' control over their autonomy and accessibility. These scholars argue that this unitary concept of privacy based on control provides a wider base of protection for a broader range of privacy violations.

In line with the unitary conception of the right to privacy, various definitions of privacy have emerged. For instance, privacy has been defined as the "claim of individuals, groups, or institutions to determine for themselves, when, how, and to what extent information about them is communicated to others" (Westin 1967, pp. 6-7). This definition specifically focuses on the ability of individuals to control access to and dissemination of their personal information. This focus on information control is also present in popular definitions of privacy provided by Jourard (1966), Fried (1968), and Parker (1974). Other definitions of privacy focus on the social aspects of control and access (Altman 1975). For instance, Van Deg Haag (1971, p.149) argues that "privacy is the exclusive access of a person to a realm of his own. The right to privacy entitles one to exclude others from (a) watching, (b), utilizing, and (c) invading his private realm" (Introna and Pouloudi 1999). The social component is also echoed in definitions by Gross (1967), who focuses on the right to keep personal relationships private; Posner (1981), who focuses on privacy as freedom from unwanted intrusion by others (similar to Warren and Brandeis); and Johnson (1989), who focuses on privacy as the ability to immune oneself from the judgments of others.

In sum, privacy has been defined in many different ways. For some it is a multidimensional concept; for others, it is a unitary concept. In fact, what constitutes privacy is still a contentious issue that is debated among government officials, policy makers, private organizations, and individual citizens. This is evident in comments made at a 2007 intelligence conference by Donald Kerr, the principal deputy director of national intelligence in the U.S., who argued that the focus of the definition of privacy needs to change from issues of anonymity to issues of security. In another statement that shows the relationship between issues of privacy and surveillance, Kerr argues that it should be the government and businesses that monitor and safeguard people's private information (AP 2007). In spite of the persistent ambiguity of the concept of privacy, the U.S. government has taken some steps to address and regulate privacy protection.

Government Regulation of Privacy

Although Prosser's multidimensional framework still holds sway over most U.S. courts, the more unitary definitions of privacy and the limited ability of the common law to protect individuals' privacy have not gone unnoticed by U.S. law makers. One of the first laws to address individual privacy, the Fair Credit Reporting Act (FCRA), was enacted to protect consumers' right to privacy in the collection of personal information by credit, personnel, and insurance agencies. Personal information refers to a consumer's financial information, reputation, personal characteristics, and mode of living. According to the FCRA (1970), "consumer reporting agencies [are required to] adopt reasonable procedures for meeting the needs of commerce for consumer credit, personnel, insurance, and other information in a manner which is fair and equitable to the consumer, with regard to the confidentiality, accuracy, relevancy, and proper utilization of such information in accordance with the requirements of this title." Congress realized that in order to function effectively in a capitalist society, consumers are required to provide large amounts of personal information to firms (FCRA 1970). Congress also felt that this almost mandatory disclosure of information required laws that would protect consumers' most vital information, but which would also give firms the flexibility to conduct business in an effective and efficient manner. This was one of the first attempts by the U.S. government to grapple with the issue of privacy rights through the legislative process.

In 1973, an advisory committee to the Secretary of Health, Education, and Welfare presented its findings of a study on the increased use of automated personal data systems for the collection, storage, and use of personal information in both the public and private sectors. The committee was asked to examine the harmful consequences of these new technologies and the safeguards that might be needed to protect individuals and their personal information. Two of the major findings of the committee were that these data systems were having a negative impact on consumers relative to firms and that consumers' control over their personal information was steadily diminishing. The committee linked this lack of control directly to consumers' right to privacy and the need for privacy protection. They found that "under current law, a person's privacy is poorly protected against arbitrary or abusive record-keeping practices." In order to provide a set of minimum standards for data management practices, the committee argued that Congress should enact a Federal Code of Fair Information Practices. These practices include the prohibition against secret data files, notice to the individual, consent for secondary use of personal information, access to personal information, and security of information (Jones 1991). Any violations of the practices were to be subject to both criminal penalties and civil remedies.

While the Fair Information Practices (FIPs) were not enacted into law, they have become the benchmark for privacy protection and have influenced subsequent laws and regulation. In 1974, Congress passed the Privacy Act, which regulates the collection, storage, and use of an individual's personally identifiable information by government agencies. This information includes, but is not limited to, education, financial, medical, criminal, and employment information that can be directly linked to an individual. The Privacy Act loosely follows the FIPs by addressing the issues of relevance, reliability, misuse, and security of personal information. The FIPs have also influenced other federal laws including the Right to Financial Privacy Act (1978), the Cable Communications Policy Act (1984), the Computer Security Act (1987), the Video Privacy Protection Act (1988), the Telephone Consumer Protection Act (1991), the Driver's Privacy Protection Act (1994), Health Insurance Portability and Accountability Act (1996), the Children's Online Privacy Protection Act (1998), and the Financial Modernization Services Act (1999), as well as many state and local laws (Smith 2002).

Although the 1973 advisory committee argued that it was not necessary at that time to appoint a government agency to oversee the privacy protection of individuals' personally identifiable information, the Federal Trade Commission (FTC) has since taken on this role. The FTC was established in 1914 primarily to promote consumer protection and competitive markets. Of its three main bureaus, the Bureau of Consumer Protection has as its mission the protection of consumers against unfair, deceptive, or fraudulent business practices. Of primary concern to this bureau is the protection of consumer privacy. It has direct charge over monitoring and enforcing many of the privacy laws and regulations mentioned above, as well as promoting the self-regulation of privacy in those industries in which privacy laws have not been enacted. In the next section of the article, we examine specifically how consumer privacy has been conceptualized in the extant literature and summarize the various consumer privacy issues that have been explored.

A REVIEW OF the CONSUMER PRIVACY LITERATURE

The following section reviews the current state of consumer privacy research and the dominant themes in the consumer privacy literature. The review is based on articles published from 1989 to 2007 in a variety of academic business journals in marketing, management, business ethics, and information sciences. A summary of the articles' foci, key concepts/issues, and primary findings is provided in Table 1. The review is divided into three main areas: 1) conceptualization of consumer privacy, 2) consumer-related privacy issues, and 3) firm-related privacy issues. The first section examines the definition of consumer privacy, consumer privacy rights, and consumer privacy and ethics. The second section explores issues related to the antecedents of consumer privacy concerns, consumer management of privacy concerns, and the consequences of consumer privacy concerns. The third section explores issues related to firm compliance with the FIPs, legal and business challenges concerning consumer privacy, and managing and communicating privacy protection.

TABLE 1

Summary of Consumer Privacy Literature

Conceptualizations of Consumer Privacy

As with the general notion of privacy, consumer privacy is an abstract concept that encompasses many different aspects and concerns. However, despite the persistent ambiguity and evolution of the notion of consumer privacy in the literature, it still remains an important issue and one that must be understood in order to manage the relationship between consumers and firms effectively.

Definition of Consumer Privacy - Initial attempts to define consumer privacy build upon the early definition of privacy as the right to be left alone and the later conceptualizations of privacy as control over social encounters and personal information. For instance, Goodwin (1991) defines consumer privacy as "the consumer's ability to control (a) presence of other people in the environment during a market transaction or consumption behavior and (b) dissemination of information related to or provided during such transactions or behaviors to those who were not present" (p.152). The first part of the definition focuses on the social aspects of consumer privacy and deals with control over the presence of others in the consumer's environment. Specifically, this part of the definition pertains primarily to intrusions by marketers (via telephone, mail, person, etc.) into the consumer's environment, though it could include the presence of other consumers in the market environment (Milne and Gordon 1993). The second part of the definition focuses on the information aspects of consumer privacy and deals with consumer control over the information they provide to firms (Jones 1991). Specifically, this part of the definition pertains to marketers' use of consumer information, especially uses that go beyond the intent of the original disclosure.

Privacy based on these two types of control (i.e., social control and information control) give rise to four privacy states: 1) total control, 2) environmental control, 3) disclosure control, and 4) no control (Goodwin 1991). Total control represents situations in which consumers maintain control over both the presence of others in the environment and use of their personal information. This situation represents the highest degree of privacy and requires the least amount of privacy protection (Goodwin 1991). Environmental control represents situations in which consumers control the presence of others in the environment, but do not maintain control over the use of their personal information. Disclosure control represents situations in which consumers maintain control over the use of their personal information, but not the presence of others in the environment. Both of these conditions represent moderate amounts of privacy and require some privacy protection (Goodwin 1991). No control represents situations in which consumers control neither the presence of others in their environment nor the use of their personal information. This represents the lowest degree of privacy and requires the most amount of privacy protection (Goodwin 1991).

This early definition of consumer privacy based primarily on control has been expanded to include consumer knowledge as a second primary dimension (Culnan 1995: Foxman and Kilcoyne 1993; Nowak and Phelps 1997). Consumer knowledge refers to the degree to which consumers are informed about, as well as understand, the information practices of firms in which they interact and their privacy rights in regards to these interactions (Foxman and Kilcoyne 1993). Consumer knowledge, thus, incorporates a number of issues in the realm of consumer privacy. First, do consumers understand what information is collected, how it is collected, and why it is collected? Second, do consumers understand how the information will be used, especially beyond its original use (i.e., the secondary use of information)? Third, do consumers understand their rights (i.e., the actions they can and cannot take) in regards to the collection and use of their information? Consumer privacy is considered high when the answers are affirmative to all of these questions and low when they are negative (Foxman and Kilcoyne 1993; Nowak and Phelps 1997).

Consumer Privacy Rights - As with both the general nature of privacy and perceived privacy rights, consumer privacy is typically not considered an absolute right (Clark 1978; Friedrich 1971; Gavison 1980; Simitis 1987). There are three main arguments as to why consumer privacy is not an absolute right. First, consumers' right to privacy often conflicts with other rights and concerns (Borna and Avila 1999; Milne and Gordon 1993). Second, what constitutes consumer privacy is affected by cultural, situational, and individual factors (Milberg, Smith, and Burke 2000; Smith 2001). Third, consumers and firms maintain competing views over information ownership (Foxman and Kilcoyne 1993; Nowak and Phelps 1992).

In terms of the first argument of competing rights, Goodwin (1991) identifies four sources of conflict with consumer privacy rights: 1) conflicts between consumer privacy and desired service levels, 2) conflicts between consumer privacy and other consumer and marketer rights, 3) conflicts between the consumer privacy and the cost of privacy protection, and 4) conflicts between consumer privacy and other societal values. First, it has been found that consumers are often willing to sacrifice their privacy in order to receive higher levels of service, though they do try to minimize the amount information they provide (Katz and Tassone 1990; Posch 1988; Stone and Stone 1990). Second, it has been found that the desire for consumer privacy often conflicts with consumers' rights to be informed and freedom of choice, as well as with marketers' rights to be left alone and free speech (Clark 1978; Lally 1996; Rasor 1986). Third, it has been found that while consumers demand higher levels of privacy protection, they are unwilling to pay for this protection (Jones 1991; Milne and Gordon 1993). Fourth, societies require a certain amount of surveillance in order to maintain their proper functioning (Flaherty 1989; Westin 1967). As such, consumer privacy will likely be sacrificed if it is perceived to interfere with the greater social good, such as threats to safety, health, and the economy (Etzioni 1999; McWhirter and Bible 1992; Moore 1984). This is evident in the reporting of consumers who make unusually large purchases of fertilizer chemicals that could be used to make explosive devices such as the one use in the Oklahoma City bombing.

The second reason why consumer privacy is not considered an absolute right is that it is often affected by cultural, social, and individual factors (Johnson 1989; Milberg et al. 2000). The culture of a particular country or society broadly influences what individuals consider private (Altman 1977; Schein 1977; Smith 2001). Privacy interests often vary in terms of the degree of autonomy, confidentiality, intimacy, accessibility, and anonymity sought by individuals, organizations, and even governments (Flaherty 1989). What a particular country or society emphasizes as distinctly private will depend on its history, economy, and social structures (Milberg et al. 2000; Smith 1994; Vogel 1992). This is evident in the large differences in the type and degree of consumer privacy protection required by the U.S. Government and the Europian Union (Pincus and Rogers 1997; Sarathy and Robertson 2003; Scheibal and Gladstode 2000).

The third reason why consumer privacy is not considered an absolute right is that there are often competing claims by consumers and marketers concerning information ownership (Foxman and Kilcoyne 1993; Milne and Gordon 1993; Nowak and Phelps 1992). As we saw in the previous section, issues of consumer privacy often focus on control over personal information. At the heart of this issue of control is the notion of information rights. Unfortunately, consumers and marketers often disagree over who maintains the rights to the information provided in an exchange (Foxman and Kilcoyne 1993). Most consumers perceive that the information they provide in a commercial transaction belongs to them, whereas marketers and firms perceive that the information, once given, belongs to the organization (Cespedes and Smith 1993; Nowak and Phelps 1992). These competing claims make it difficult to manage the conflicting rights to privacy claimed by both consumers and firms. For instance, one researcher analyzed whether bankrupt Internet companies can sell private consumer information to pay off their debt and found an absence of specific laws prohibiting such a sale (Carroll 2002). In this case, the commercial interests of creditors clashed with the privacy concerns of consumers, bringing to light the question of information ownership and the difficulty of managing privacy rights.

The Ethics of Consumer Privacy - Because privacy has a strong normative component to it, it is not surprising that researchers have also examined the ethical dimensions of consumer privacy (Ashworth and Free 2006; Caudill and Murphy 2000; Foxman and Kilcoyne 1993). Consumer privacy has been examined in the literature from a number of ethical perspectives including utilitarianism, egoism, relativism, justice, duty, virtue, and social contract theory. In this section, we briefly summarize the findings of the ethical studies of consumer privacy.

Teleological and deontological ethical theories (including utilitarianism, ethical egoism, and ethical formalism) have been used to explain the conflicts that arise between consumers and firms in the collection and use of transactional data (Foxman and Kilcoyne 1993). Firms often justify their use of consumer information on utilitarian grounds by arguing that the collection and analysis of this information will provide greater benefits to consumers as a whole, such as better targeting, higher quality service, and lower prices (Milne and Gordon 1993). From an ethical perspective, there are two problems with this argument. First, firms often benefit more than consumers from the use of this information, as the 1973 supervisory committee found (see above), which may cause firms to ignore or incorrectly estimate the utility of their actions in order to fulfill their egoistic needs. Second, the fact that consumers are often unknowledgeable of a firm's information practices denies them their deontological rights of respect and autonomy (Dommeyer and Gross 2003; Foxman and Kilcoyne 1993; Milne and Rohm 2000).

It has been argued that these problems that arise in the collection and use of consumer information cannot be reconciled simply by a utilitarian justification, but require the application of a deontological ethical theory such as Kant's categorical imperative, which considers an act to be moral if it can be universalized to all people and situations (Kant 1959). Under this approach, both consumers and firms would have to accept the rights and protections that they demand of the other party, with the implication that this can only take place under the condition where there is control and knowledge by both parties (Foxman and Kilcoyne 1993; Nowak and Phelps 1997). Another study, though, has argued that firms' can justify electronic monitoring of consumers' online behavior on both utilitarian and deontological grounds (Charters 2002). As long as the firm focuses on the utilitarian goal of minimizing potential consumer harm and the deontological goal of respecting individual autonomy by providing consumers with enough information to make their own decisions, the firm is behaving ethically in terms of consumers' right to privacy (Charters 2002). For example, while some scholars argue that firms need to offer consumers both a detailed privacy statement and full control over their personal information for the firms' privacy practices to be ethical, others argue that a detailed privacy statement is all that is ethically required by firms for consumers to make an informed choice. Either way, for consumer privacy practices to be considered ethical, there needs to be both knowledge and control on the part of consumers regarding the collection and use of their personal information, though there is clearly still some debate concerning the proper amount of knowledge and control that firms need to provide.

Social contract theory, or the idea that individuals enter into reciprocal relationships based on a form of equitable exchange (Dunfee, Smith, and Ross 1999), has also been applied to consumer privacy in order to explain the perceived trade-offs that are made between consumers and firms in the exchange of consumer information (Culnan 1995; Milne and Gordon 1993). It has been argued that when consumers provide firms with personal information in order to receive some form of benefit, they enter into an implied social contract with the firm (Milne and Gordon 1993). The result of this social contract is that consumers are often willing to sacrifice some of their privacy in exchange for something of value, subject to a "privacy calculus" in which they perform a personal cost/benefit analysis (Cespedes and Smith 1993; Culnan and Armstrong 1999; Laufer and Wolfe 1977). These social contracts, however, are only ethical when consumers understand the terms and conditions underlying these social contracts, as well as the actual costs and benefits that can accrue from the exchange relationship (Culnan 1995; Milne and Gordon 1993). This can only be achieved when there is consumer knowledge and control over the exchange of their personal information.

Justice theory has been applied to consumer privacy in order to explain consumers' perceptions of ethical fairness in the exchange relationship (Ashworth and Free 2006; Culnan and Armstrong 1999; Culnan and Bies 2003; Sarathy and Robertson 2003). Three types of justice that have been examined in the consumer privacy literature include distributive justice (i.e., the evaluation of outcomes or results), procedural justice (i.e., the evaluation of the processes and activities that lead to the outcomes), and interactional justice (i.e., the evaluation of the communication process) (Culnan and Bies 2003; Sarathy and Robertson 2003). In terms of distributive justice, it has been argued that consumers must feel that the value they receive from a firm is commensurate with the personal information they provide in order for the exchange to be considered ethical (Ashworth and Free 2006). This is similar to equity theory in which fairness is based on a comparison of inputs and outputs in the exchange relationship (Adams 1965). It has been suggested that factors such as information sensitivity, data usage, and compensation impact perceptions of distributive justice because they influence consumers' evaluation of both the inputs and outputs of the exchange relationship (Ashworth and Free 2006). For example, if consumers consider the information that they provide to firms as very sensitive, then they must feel that the inputs the firm provides (e.g., data security) and the outputs they receive (e.g., financing) are worth the risk for this to be an ethical exchange.

In terms of procedural justice, it has been argued that consumers are usually willing to disclose personal information and allow this information to be used by a firm when they perceive fair information practices in place to protect their privacy (Culnan and Armstrong 1999). It has also been suggested that awareness is the primary factor that affects perceptions of procedural justice because it directly impacts consumers' evaluations of the information practices of a firm and their ability to exercise control over the exchange relationship (Ashworth and Free 2006). That is, consumers must not only be aware of the information practices of a firm, but they must be provided with enough information to make a reasonable assessment of these practices and an informed choice concerning their personal information for there to be procedural justice. In addition, firms cannot merely enumerate any type of information practices in their privacy policies for there to be procedural justice, but must make sure that the information practices fairly balance the concerns of the firm with the concerns of the consumer (Culnan and Armstrong 1999).

Lastly, in terms of interactional justice, research has found that firms can build trust, and thus mitigate privacy fears, by communicating the fairness of their privacy practices to their customers (Culnan and Armstrong 1999). One way for firms to do this is try to understand the normative expectations of their customers and communicate their duties in regards to these expectations to their customers (Ashworth and Free 2006; Caudill and Murphy 2000). For example, firms should not simply provide a laundry list of information practices in their privacy policies, but should try to address consumers' privacy concerns by explaining the consumers' rights and the firms' obligations. By doing this, firms can move beyond simply establishing a contractual relationship and develop an ethical bond with their consumers that permeates the whole exchange relationship (Caudhill and Murphy 2000). While adherence to any or all of these three forms of justice can mitigate consumers' privacy concerns, it is suggested that violations of any of them will negatively impact consumers' ethical perceptions of the firm (Culnan and Bies 2003).

Consumer-Related Privacy Issues

The increased focus on the consumer and the demand for personal information in almost every business transaction has had a significant impact on consumers' sense of anxiety regarding their personal privacy. To grasp the breadth of consumers' privacy concerns, one needs to examine both the causes and the effects of these concerns, as well as the steps that consumers are taking to manage their privacy. In this section, we review the consumer privacy literature in terms of the antecedents, management, and consequences of consumer privacy concerns.

Consumer Privacy Concerns and their Antecedents - Scholars have identified five major influences on consumers' privacy concerns, viz. consumer awareness, information usage, information sensitivity, familiarity with the firm, and compensation (Phelps et al. 2000; Sheehan and Hoy 2000). In terms of consumer awareness, research suggests that consumers' privacy concerns are triggered when consumers become aware that firms have collected and/or used their personal information without their permission (Cespedes and Smith 1993). One of the most common ways that consumers become aware of these practices is when they receive unsolicited promotions related to recent transactions. Many firms are now offering opt-in or opt-out mechanisms that inform consumers of the firm's information practices and provide them with a choice of whether or not to participate (Milne and Rohm 2000). This is important because it has been found that consumers tend to be less concerned about their privacy when firms seek permission to collect and use their information (Nowak and Phelps 1995).

In terms of information usage, it has been found that consumers become concerned about their privacy when they do not know how their information is being used (Sheehan and Hoy 2000). Of primary concern to consumers is the secondary use of their information (Nowak and Phelps 1995). This is when consumer information obtained in the original transaction is used for purposes unrelated to the transaction or sold to other firms. Consumers often view this secondary use of their information, especially when they are not made aware of these practices, as a violation of their privacy (Cespedes and Smith 1993; Phelps et al. 2000; Wang and Petrison 1993). In addition, the amount of information control desired by consumers also has a bearing on the degree of privacy concern with regards to information usage (Campbell 1997; Culnan and Armstrong 1999). In the direct marketing context, it has been found that the greater the desire on the part of consumers for control over their personal information, the stronger is their concern to maintain their privacy rights (Phelps et al. 2001).

In terms of information sensitivity, it has been found that how sensitive the person considers the information has a impact on their privacy concerns (Sheehan and Hoy 2000). Information sensitivity refers to the degree to which individuals feel that their personal information, if released or shared with others, can harm them (Gandy 1993). The more sensitive the information, the more concerned the person will be about their privacy (Phelps et al. 2000). In general, not all information is regarded as the same. Consumers seem less concerned about the collection and usage of information related to demographic characteristics, purchase behavior, and lifestyle habits and more concerned about the collection and usage of financial data, medical records, and personal identifiers (e.g., social security numbers) (Phelps et al 2000; Sheehan and Hoy 2000; Vidmar and Flaherty 1985). In addition, information sensitivity often differs by individual and situation (Milne 1997; Nowak and Phelps 1992).

In terms of familiarity with the firm, research suggests that consumers' overall attitude towards a firm has a direct impact on their privacy concerns. In one study, it was found that as consumers' positive attitudes towards a firm's direct marketing practices increased, the degree of privacy concerns decreased (Phelps, D'Souza, and Nowak 2001). In another study of online privacy concerns, it was found that the nature of the relationship (i.e., short-term vs. long-term) between the customer and firm directly influences what types of personal information were provided and the degree of control over the information sought by the consumer (Sheehan and Hoy 2000). A key aspect of familiarity with the firm is trust (Vidmar and Flaherty 1985). It has been found that consumers who trust the firm are less concerned about their privacy and more willing to provide personal information (Schoenbachler and Gordon 2002). Some of the ways for firms to signal trustworthiness include security disclosures, privacy disclosures, seals of approval, and awards from neutral sources (Wang, Beatty, and Foxx 2004).

In terms of compensation, it has been suggested that compensating consumers for sharing their personal information can have an impact on their privacy concerns (Goodwin 1991; Milne and Gordon 1993; Sheehan and Hoy 2000). At the heart of most privacy concerns is the trade-off between the benefits received and the costs incurred from disclosure of one's personal information (Laufer and Wolfe 1977; Westin 1967). Consumers place a value on their personal information and will only disclose this information if they feel that the benefit they receive outweighs costs of disclosure (Ashworth and Free 2006; Dunfee et al. 1999). For instance, research in the direct mail and online contexts suggest that consumers perform a cost/benefit analysis of all the factors related to any particular direct mail situation in order to assess privacy concerns (Caudhill and Murphy 2000; Goodwin 1991; Russell 1989). One way for firms to affect this equation is to provide benefits, in this case some form of compensation, specifically for the disclosure of information. In a conjoint study of the trade-offs among all the attributes associated with direct mail (i.e., volume, targeting, compensation, and permission), it was found that the compensation factor (i.e., consumers getting paid through coupons, rebates, discounts etc.) was the most important determinant of satisfaction (Milne and Gordon 1993).

In addition to the five general factors presented above, research has also examined how various demographic factors affect consumers' privacy concerns (Culnan 1995; Dommeyer and Gross 2003; Sheehan 1999). An examination of gender differences in attitudes and behaviors toward online privacy found that women generally are more concerned than men about the impact of information collection on their privacy (Sheehan 1999). Ironically, in terms of more specific online privacy behaviors, the same study found that women tend to read more unsolicited email than men, that women notify their Internet Service Provider (ISP) about unsolicited email less often than men, and that women register on websites more often than men, though it was found that women provide incomplete information more often than men (Sheehan 1999). Another study found that men, though, are more likely to provide false information online than women (Chen and Rea 2004). In addition, it was found that men tend to react more aggressively to perceived privacy violations than women and adopt a wider range of behaviors (such as complaining) when addressing privacy concerns (Sheehan 1999).

In another study that examined both gender and age on consumers' privacy concern, it was found that men are more likely to be aware of strategies to protect personal information than women, and that younger individuals are more aware of these strategies than older individuals (Dommeyer and Gross 2003). Thus, although women seem to be more concerned about the collection and use of their information than men, men appear to be more aware of strategies to protect their privacy, which may account for the lower concern. In addition to gender, it was found that younger individuals were more likely to employ strategies to protect their privacy than older individuals (Dommeyer and Gross). In a another study of consumer awareness of privacy protection procedures, it was found that those consumers who were most likely to be unaware of these procedures were more likely to be young, poor, less educated, and African-American (Culnan 1995). Lastly, it was found that people who had attended a vocational school or had some college were the most concerned about how companies used their personal information (51%), followed by high school graduates (46%) and then college graduates (36%) (Phelps et al. 2000).

Consumer Management of Privacy Concerns - The lack of comprehensive privacy regulation in the U.S. means that in most situations, consumers who have privacy concerns must take steps to manage their own privacy protection. Some consumer privacy protection strategies include reading privacy notices, providing incomplete or no information to firms (e.g., not filling out product registrations and/or establishing permanent online accounts), engaging in name removal (e.g., choosing opt-out arrangements), and exercising one's legal rights (Milne and Culnan 2004; Milne and Rohm 2000). Unfortunately, even when consumers take precautions to protect their privacy, once their information has been collected and disseminated, there is often little they can do to protect their personal information.

For consumers, self-management of privacy concerns begins with awareness and knowledge of marketing practices and privacy protection strategies (Culnan 1995; Nowak and Phelps 1992). Studies have noted that overall consumer knowledge of direct marketing practices and regulations, though, is very limited (Dommeyer and Gross 2003). In a national survey of over 1500 consumers who use direct mail to make purchases, Milne and Rohm (2000) found that only 34% of respondents could be classified as existing in a "privacy state" (defined as the condition in which the consumer is aware of a firm's information practices and privacy protection mechanisms). In a study of consumer awareness of name removal procedures, it was found that 52% of the public were not aware of a firm's name removal procedures (Culnan 1995). These results suggest that the limited knowledge of firms' information practices, coupled with the lack of comprehensive government regulation of consumer privacy, leaves consumers in a very vulnerable position with regards to the protection of their privacy by firms. As a result, it is up to the consumer to manage their own privacy protection.

Reading the contents of privacy notices is one way that consumers can increase their knowledge and manage their privacy concerns. Privacy notices can enhance the sense of control consumers feel they have and can help them decide whether or not to share personal information (Wang et al. 2004). One study on online privacy notices found that three factors that positively impact the tendency to read online privacy notices include consumer's concern for privacy, positive perceptions about notice comprehension, and higher levels of trust in the notice (Milne and Culnan 2004). In spite of this, a large majority of individuals do not look for or read privacy policies (Milne, Rohm, and Bahl 2004). Instead, many consumers rely on other heuristics to decipher privacy protection, such as third party privacy seals, brand reputation, or prior experience with the firm (Bowie and Jamal 2006). Interestingly, use of such alternative heuristics is found to be negatively associated with reading of privacy notices (Milne and Culnan 2004).

With the rise of identity theft, numerous strategies have been proposed to help consumers protect their privacy. Offline strategies include understanding information practices, monitoring your credit, protecting your mail, minimizing the amount of information you disclose, and protecting your social security number (FTC 2001). In a study of theft prevention practices by both a college student and non-student sample, it was found that both groups practice many of these offline strategies, but that few individuals in either group order yearly credit reports, ask merchants how they are going to use their personal information before they reveal it, or pick up new checks from the bank (Milne 2003). Other strategies that consumers can employ to protect their privacy online include utilizing secure websites, opting-out of third party information sharing, creating separate email accounts, encrypting email, and using anonymous browsing software (Center for Democracy and Technology 2003). In a study of online identity theft protection behavior, it was found that a majority of respondents utilized secure online forms, opt-out mechanisms, and separate personal email accounts, while less than a third cleared their computer's memory, encrypted their emails, or used anonymous Internet browsing software (Milne et al. 2004). In another study, it was found that there was a strong positive relationship between privacy concerns and online privacy protection behavior (Sheehan and Hoy 1999). As privacy concerns increased, consumers were more likely to provide incomplete information to websites, to complain to their ISP about unsolicited e-mail, request removal from mailing lists, and "flame" (i.e., sending a highly negative message) those entities sending unsolicited e-mail (Sheehan and Hoy 1999).

In addition, studies utilizing poststructuralist theory offer another perspective on how consumers manage their privacy (Zwick and Dholakia 2004). In order to protect their identities and personal information, consumers may or may not choose to represent themselves accurately to firms. Research has identified four approaches that consumers take to manage their online identities: 1) identifiability (i.e., disclosure of all personal information with high accuracy), 2) confidentiality (i.e., disclosure of highly accurate but restricted information), 3) secrecy (i.e., nondisclosure of information), and 4) anonymity/pseudonymity (i.e., disclosure of information that is inaccurate) (Zwick and Dholakia 2004). It is argued that the digital representation of the consumer (i.e., the identity that exists as bits of information about the consumer in firm's databases) constitutes the totality of a consumer's identity for a firm. In effect, firms market their products and services to these digital representations and not to the physical reality of consumers. Therefore, for consumers the highest state of self-determination and control comes when firms, especially online firms like Amazon.com, provide full access to the content of their databases to consumers so they can craft their digital identity (Zwick and Dholakia 2004).

Consumer Privacy Concerns and their Consequences - If consumers' privacy concerns are not mitigated through self-management strategies or firm initiatives, they can have potentially negative consequences on consumers' attitudes and behaviors (Milne and Boza 1999; Phelps et al. 2001; Sheehan and Hoy 1999). In fact, the relationship between these negative consequences is often complex. For instance, in a study of direct marketing practices, it was found that consumers' negative attitudes towards a firm's information practices directly affected their trust in the firm and their purchase behaviors (Milne and Boza 1999). In another study of 477 U.S. households, researchers found that privacy concerns had a significant impact on online purchase intent, with the greatest negative impact being through its relationship with trust (Eastlick, Lotz, and Warrington 2006). Additionally, a national survey of 556 consumers found a significant negative relationship between privacy concerns and purchase behaviors (Phelps et al. 2001). Consumers who were highly concerned about their privacy demonstrated lower recency, frequency, and monetary value of catalog purchases (Phelps et al. 2001). Firms can mitigate these negative effects by signaling and building trust with the consumer, especially by exhibiting procedural justice through the use of fair information practices and privacy protection (Culnan and Armstrong 1999).

Not only do consumers' privacy concerns have a negative effect on purchase intentions and behaviors, but they can also have a devastating effect on consumers' willingness to provide information (Schoenbachler and Gordon 2002; Sheehan and Hoy 1999; Wang et al. 2004). This is extremely important because it cuts at the very heart of the market orientation approach that underlies most business practices today (Dolnicar and Jordaan 2007). In a national study of online users, it was found that as consumers' privacy concerns increased, the frequency with which they registered on websites decreased, the frequency with which they provided incomplete information increased, and the frequency in which they requested removal of their names from mailing lists increased (Sheehan and Hoy 1999). All of these consequences clearly have a negative impact on the ability of firms to collect information. Another study found that relieving consumers' privacy concerns leads to a higher willingness to disclose personal information (Wang et al. 2004). As mentioned previously, one major way to do this is to facilitate a sense of trust between the consumer and the firm. In a national study of 5,000 direct mail consumers, it was found that consumers' feeling of trust in a firm positively influences their willingness to share information (Schoenbachler and Gordon 2002). In fact, it has been found that establishing trust is more effective than addressing privacy concerns when managing consumer information (Milne and Boza 1999).

Firm-Related Privacy Issues

In addition to the literature on consumer-related privacy issues, researchers have also examined privacy from the perspective of the firm. In general, this firm-level research has addressed three main privacy issues: 1) the extent to which firms are following the fair information practices (FIPs) in their privacy policies/notices, 2) the legal and business challenges that firms face when dealing with consumer privacy protection, and 3) the various alternatives available to firms in order to manage and communicate consumer privacy protection while pursuing strategic and financial success in the marketplace.

Compliance with FIPs - In 1998, the FTC issued a report to the U.S. Congress that investigated the self-regulation of online privacy by commercial businesses (FTC 1998). In the report, the FTC argued that the protection of consumer privacy was necessary for consumers to participate in the online marketplace and for electronic commerce to reach its full potential. The FTC commissioned a study that analyzed the collection of personal information and compliance with the FIPs of over 1,400 online commercial websites. The FIPs were defined as notice/awareness, choice/consent, access/participation, integrity/security, and enforcement/redress (see the Appendix for full details on the FIPs). The results from the study indicated that although more than 85% of commercial websites collected some form of personal information, only 14% provided notice of their information practices, with only 2% doing so through a comprehensive privacy policy (FTC 1998). While a follow-up study in 2000 provided evidence that more firms were providing privacy statements/policies, the FTC concluded that more had to be done to encourage firms to self-regulate their privacy practices and ensure the adoption of the FIPs.

Independent studies have also been conducted that examine the adoption of the FIPs by firms both across and within industries. In a study that examined consumer privacy across industry sectors, Culnan (2000) found that 92.8% of commercial websites collect some form of personal information. Of those websites that posted a privacy disclosure, only 13.6% contained all five FIPs, and only 24.9% contained any four of the five elements. Unlike the 1998 FTC study, Culn