Protecting the privacy of personal information continues to pose significant challenges for organizations. Because consumers are vulnerable in their dealings with businesses due to a lack of information about and an inability to control the subsequent use of their personal information, we argue that organizations have a moral responsibility to these individuals to avoid causing harm and to take reasonable precautions toward that end. We further argue that firms can enhance their privacy programs by moving beyond merely complying with laws and other regulations and creating a culture of integrity that combines a concern for the law with an emphasis on managerial responsibility for the firm's organizational privacy behaviors. We use two high-profile data breaches experienced by two U.S. companies, ChoicePoint and TJX, to illustrate our arguments for enhancing organizational level privacy programs based on ethical reasoning. In doing so, this paper contributes to the dearth of prior organizational-level privacy research, which has largely overlooked ethical issues or the personal harms often caused by privacy violations. We conclude with recommendations for ways organizations can improve their privacy programs by incorporating moral responsibility.
Strategic uses of information technology based on personal information may raise privacy concerns among consumers if these applications do not reflect a common set of values. This study addresses what differentiates consumers who object to certain uses of personal information from those who do not object Data collected by questionnaire from young consumers are used to identify a research approach for investigating attitudes toward the secondary use of personal information for direct marketing. Secondary information use occurs when personal information collected for one purpose is subsequently used for a different purpose. While secondary information use is both widespread and legal, it may be viewed as an invasion of privacy when it occurs without the knowledge or consent of the consumer. The setting for the study is the use of point-of-sale data from a supermarket frequent shopper program to generate direct mail solicitations. Control emerges as a clear theme in differentiating individuals with positive overall attitudes toward secondary information use from those with negative attitudes. Study participants with positive attitudes are less concerned about privacy (measured as control over personal information), perceive shopping by mail as beneficial, and have coping strategies for dealing with unwanted mail. The results also suggest that theory related to categorization of strategic issues as positive-negative with outcomes that are controllable/uncontrollable provides a basis for understanding differences in the ways individuals perceive practices involving personal information. Future research should focus on the specific characteristics of secondary use practices, including the sensitivity of the information, its source, its perceived relevance to the original transaction, and whether disclosure reflects informed consent or results in a potentially harmful outcome to the individual.
This study is the second of two studies which assess the intellectual development of MIS. The present study documents the current intellectual structure of MIS research based on an author co-citation analysis. Five invisible colleges, or informal clusters of research activity, were identified (foundations; psychological approaches to MIS design and use; MIS management; organizational approaches to MIS design and use; and curriculum). When contrasted with the earlier study, these results suggest that MIS has made significant progress toward a cumulative research tradition.
This article examines the progress of MIS as a scholarly field of study since 1980. In this examination, MIS is identified as emerging from a supporting base of three foundational fields: computer science, management science, and organization science. Hypotheses related to this emergence are tested by an analysis of data on 271 MIS articles published during the period 1980-84 in six academic journals and one conference proceedings. Each article is described by its work point (the field of study represented by the publication in which the article appears) and its reference point (as represented by the distribution of the article's publication citations). Results of the analysis support the proposition that MIS is emerging as a distinct field of study, with its own cumulative tradition.
This field study investigated the task and individual characteristics of 184 professionals who accessed commercial database services to acquire external information directly (as "end users") or through an intermediary ("chauffeur"). Chauffeured access appears to be most appropriate when the individual has a one-time need for new information while direct access appears to be most appropriate when a database is used on a regular basis by the same individual. The results of this study are consistent with prior research which suggests that multiple access arrangements are necessary in order for organizations to make effective use of these and other types of online database systems.