Help
Cart
Skip main navigation

Available Issues

April 10, 2013 - April 2, 2026

Available Issues

April 10, 2013 - April 2, 2026

A Design Theory for Transparency of Information Privacy Practices

Published Online:8 Aug 2023https://doi.org/10.1287/isre.2019.0239

References

  • Acquisti A, Brandimarte L, Loewenstein G (2015) Privacy and human behavior in the age of information. Science 347(6221):509–514.CrossrefGoogle Scholar
  • Agozie DQ, Kaya T (2021) Discerning the effect of privacy information transparency on privacy fatigue in e-government. Goverment Inform. Quart. 38(4):101601.CrossrefGoogle Scholar
  • Alashoor T, Keil M, Smith HJ, McConnell AR (2022) Too tired and in too good of a mood to worry about privacy: Explaining the privacy paradox through the lens of effort level in information processing. Inform. Systems Res., ePub ahead of print December 21, https://doi.org/10.1287/isre.2022.1182.LinkGoogle Scholar
  • Alemany J, del Val E, Alberola J, García-Fornes A (2018) Estimation of privacy risk through centrality metrics. Future Generation Comput. Systems 82:63–76.CrossrefGoogle Scholar
  • Altman I (1975) The Environment and Social Behavior: Privacy, Personal Space, Territory, and Crowding (Brooks/Cole Publishing Company, Monterey, CA).Google Scholar
  • Anderson AH (2006) A comparison of two privacy policy languages: EPAL and XACML. Damiani E, Gabillon A, eds. Proc. 3rd ACM Workshop on Secure Web Services (ACM, New York), 53–60.Google Scholar
  • Awad NF, Krishnan MS (2006) The personalization privacy paradox: An empirical evaluation of information transparency and the willingness to be profiled online for personalization. Management Inform. Systems Quart. 30(1):13–28.CrossrefGoogle Scholar
  • Axelsson S (2000) Intrusion detection systems: A survey and taxonomy, technical report. Retrieved January 13, 2023, http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.83.3043&rep=rep1&type=pdf.Google Scholar
  • Bamberger KA, Mulligan DK (2011) Privacy on the books and on the ground. Stanford Law Rev. 63(2):247–315.Google Scholar
  • Bartsch J, Dehling T, Lauf F, Meister S, Sunyaev A (2022) Let the computer say NO! The neglected potential of policy definition languages for data sovereignty. Friedewald M, Kreutzer M, Hansen M, eds. Selbstbestimmung, Privatheit und Datenschutz: Gestaltungsoptionen für einen europäischen Weg (Springer Fachmedien Wiesbaden, Wiesbaden, Germany), 449–468.CrossrefGoogle Scholar
  • Baskerville RL, Myers MD, Yoo Y (2020) Digital first: The ontological reversal and new challenges for information systems research. Management Inform. Systems Quart. 44(2):509–523.CrossrefGoogle Scholar
  • Bélanger F, Crossler RE (2011) Privacy in the digital age: A review of information privacy research in information systems. Management Inform. Systems Quart. 35(4):1017–1041.CrossrefGoogle Scholar
  • Bélanger F, James TL (2020) A theory of multilevel information privacy management for the digital era. Inform. Systems Res. 31(2):510–536.LinkGoogle Scholar
  • Belkin NJ, Oddy RN, Brooks HM (1982) ASK for information retrieval: Part I. Background and theory. J. Document 38(2):61–71.CrossrefGoogle Scholar
  • Ben-Shahar O (2019) Data pollution. J. Legal Anal. 11:104–159.CrossrefGoogle Scholar
  • Betzing JH, Tietz M, vom Brocke J, Becker J (2020) The impact of transparency on mobile privacy decision making. Electronic Marketing 30(3):607–625.CrossrefGoogle Scholar
  • Bhuiyan J, Warzel C (2014) “God view”: Uber investigates its top New York executive for privacy violations. Retrieved January 13, 2023, https://web.archive.org/web/20220416012646/https://www.buzzfeednews.com/article/johanabhuiyan/uber-is-investigating-its-top-new-york-executive-for-privacy.Google Scholar
  • Bishop M (2007) About penetration testing. IEEE Security Privacy 5(6):84–87.CrossrefGoogle Scholar
  • Bitektine A (2011) Toward a theory of social judgments of organizations: The case of legitimacy, reputation, and status. Acad. Management Rev. 36(1):151–179.CrossrefGoogle Scholar
  • Bostrom RP, Heinen JS (1977) MIS problems and failures: A socio-technical perspective. Part I: The causes. Management Inform. Systems Quart. 1(3):17–32.CrossrefGoogle Scholar
  • Brüggemann T, Dehling T, Sunyaev A (2019) No risk, more fun! Automating breach of confidentiality risk assessment for Android mobile health applications. Bui TX, ed. Proc. 52nd Hawaii Internat. Conf. on System Sci. (University of Hawaii at Manoa, Honolulu), 4266–4275.Google Scholar
  • California State Legislature (2018) California Consumer Privacy Act of 2018. Retrieved (January 13, 2023), http://leginfo.legislature.ca.gov/faces/codes_displayText.xhtml?lawCode=CIV&division=3.&title=1.81.5.&part=4.Google Scholar
  • Cavusoglu H, Phan TQ, Cavusoglu H, Airoldi EM (2016) Assessing the impact of granular privacy controls on content sharing and disclosure on Facebook. Inform. Systems Res. 27(4):848–879.LinkGoogle Scholar
  • Chatterjee S, Sarker S, Lee MJ, Xiao X, Elbanna A (2020) A possible conceptualization of the information systems (IS) artifact: A general systems theory perspective. Inform. Systems J. 31(4):550–578.CrossrefGoogle Scholar
  • Cho S, Lee KK, Cheong A, No WG, Vasarhelyi MA (2021) Chain of values: Examining the economic impacts of blockchain on the value-added tax system. J. Management Inform. Systems 38(2):288–313.CrossrefGoogle Scholar
  • Cipriani J (2021) iOS 15.2’s app privacy report: How to turn it on, and what it all means. Retrieved January 13, 2023, https://web.archive.org/web/20220228131432/https://www.zdnet.com/article/ios-15-2s-app-privacy-report-how-to-turn-it-on-and-what-it-all-means.Google Scholar
  • Clarke R (2009) Privacy impact assessment: Its origins and development. Comput. Law Security Rev. 25(2):123–135.CrossrefGoogle Scholar
  • Coleman JS (1986) Social theory, social research, and a theory of action. Amer. J. Sociol. 91(6):1309–1335.CrossrefGoogle Scholar
  • Council of the European Union (2016) General data protection regulation. Code L119. Retrieved (January 13, 2023), https://gdpr-info.eu/.Google Scholar
  • Cranor L, Dobbs B, Egelman S, Hogben G, Humphrey J, Langheinrich M, Marchiori M, et al. (2018) The Platform for Privacy Preferences 1.1 (P3P1.1) specification. Retrieved January 13, 2023, https://www.w3.org/TR/2018/NOTE-P3P11-20180830/.Google Scholar
  • Cranor LF (2012) Necessary but not sufficient: Standardized mechanisms for privacy notice and choice. J. Telecommun. High Technol. Law. 10(2):273–308.Google Scholar
  • Crossler RE, Bélanger F (2019) Why would I use location-protective settings on my smartphone? Motivating protective behaviors and the existence of the privacy knowledge–belief gap. Inform. Systems Res. 30(3):995–1006.LinkGoogle Scholar
  • Culnan MJ (2019) Policy to avoid a privacy disaster. J. Assoc. Inform. Systems 20(6):848–856.Google Scholar
  • Davis MS (1971) That’s interesting! Toward a phenomenology of sociology and a sociology of phenomenology. Philosophical Soc. Sci. 1(2):309–344.CrossrefGoogle Scholar
  • Day G, Stemler A (2019) Infracompetitive privacy. Iowa Law Rev. 105(1):61–106.Google Scholar
  • De Leoz G, Petter S (2018) Considering the social impacts of artefacts in information systems design science research. Eur. J. Inform. Systems 27(2):154–170.CrossrefGoogle Scholar
  • DeCew JW (1997) In Pursuit of Privacy: Law, Ethics, and the Rise of Technology (Cornell University Press, Ithaca, NY).CrossrefGoogle Scholar
  • Degeling M, Utz C, Lentzsch C, Hosseini H, Schaub F, Holz T (2019) We value your privacy … now take some cookies: Measuring the GDPR’s impact on web privacy. Oprea A, Xu D, eds. Proc. Network and Distributed Systems Security Sympos (Internet Society, Reston, VA), 1–15.Google Scholar
  • Demetis D, Lee AS (2018) When humans using the IT artifact becomes IT using the human artifact. J. Assoc. Inform. Systems 19(10):929–952.Google Scholar
  • Digital Advertising Alliance (2022) DAA participating companies & organizations. Retrieved January 13, 2023, https://web.archive.org/web/20220307055434/https://youradchoices.com/participating.Google Scholar
  • Dinev T, Hart P (2006) An extended privacy calculus model for e-commerce transactions. Inform. Systems Res. 17(1):61–80.LinkGoogle Scholar
  • Dinev T, McConnell AR, Smith HJ (2015) Informing privacy research through information systems, psychology, and behavioral economics: Thinking outside the “APCO” box. Inform. Systems Res. 26(4):639–655.LinkGoogle Scholar
  • Donaldson T, Dunfee TW (1994) Toward a unified conception of business ethics: Integrative social contracts theory. Acad. Management Rev. 19(2):252–284.CrossrefGoogle Scholar
  • Donaldson T, Dunfee TW (1995) Integrative social contracts theory: A communitarian conception of economic ethics. Econom. Philosophy 11(1):85–112.CrossrefGoogle Scholar
  • Donaldson T, Dunfee TW (1999) Ties That Bind: A Social Contracts Approach to Business Ethics (Harvard Business School Press, Boston).Google Scholar
  • Earp JB, Antón AI, Aiman-Smith L, Stufflebeam WH (2005) Examining Internet privacy policies within the context of user privacy values. IEEE Trans. Engrg. Management 52(2):227–237.CrossrefGoogle Scholar
  • Elliston FA (1982) Anonymity and whistleblowing. J. Bus. Ethics 1(3):167–177.CrossrefGoogle Scholar
  • Feigenbaum J, Ford B (2015) Seeking anonymity in an Internet panopticon. Comm. ACM 58(10):58–69.CrossrefGoogle Scholar
  • Feigenbaum J, Freedman MJ, Sander T, Shostack A (2002) Privacy engineering for digital rights management systems. Sander T, ed. Security and Privacy in Digital Rights Management (Springer, Berlin), 76–105.CrossrefGoogle Scholar
  • Fuller LL (1969) The Morality of Law, 2nd ed. (Yale University Press, New Haven, CT).Google Scholar
  • Gal-Or E, Gal-Or R, Penmetsa N (2018) The role of user privacy concerns in shaping competition among platforms. Inform. Systems Res. 29(3):698–722.LinkGoogle Scholar
  • Gerlach JP, Eling N, Wessels N, Buxmann P (2019) Flamingos on a slackline: Companies’ challenges of balancing the competing demands of handling customer information and privacy. Inform. Systems J. 29(2):548–575.CrossrefGoogle Scholar
  • Granados N, Gupta A, Kauffman RJ (2010) Information transparency in business-to-consumer markets: Concepts, framework, and research agenda. Inform. Systems Res. 21(2):207–226.LinkGoogle Scholar
  • Greenaway KE, Chan YE (2005) Theoretical explanations for firms’ information privacy behaviors. J. Assoc. Inform. Systems 6(6):171–198.Google Scholar
  • Greenaway KE, Chan YE, Crossler RE (2015) Company information privacy orientation: A conceptual framework. Inform. Systems J. 25(6):579–606.CrossrefGoogle Scholar
  • Greenleaf G (2014) Sheherezade and the 101 data privacy laws: Origins, significance and global trajectories. J. Law Inform. Sci. 23(1):4–49.Google Scholar
  • Harkous H, Fawaz K, Lebret R, Schaub F, Shin KG, Aberer K (2018) Polisis: Automated analysis and presentation of privacy policies using deep learning. Enck W, Felt AP, eds. Proc. 27th USENIX Security Sympos. (USENIX Association, Berkeley, CA), 531–548.Google Scholar
  • Hart S, Ferrara AL, Paci F (2020) Fuzzy-based approach to assess and prioritize privacy risks. Soft Comput. 24(3):1553–1563.CrossrefGoogle Scholar
  • Hedström P, Swedberg R (1996) Social mechanisms. Acta Sociol. 39(3):281–308.CrossrefGoogle Scholar
  • Henriksen-Bulmer J, Faily S, Jeary S (2019) Privacy risk assessment in context: A meta-model based on contextual integrity. Comput. Security 82:270–283.CrossrefGoogle Scholar
  • Hoofnagle CJ, Urban JM (2014) Alan Westin’s privacy homo economicus. Wake Forest Law Rev. 49:261–317.Google Scholar
  • Hornby AS, Wehmeier S, eds. (2000) Oxford Advanced Learner’s Dictionary of Current English, 6th ed. (Oxford University Press, Oxford, UK).Google Scholar
  • Hornyak R, Rai A, Dong JQ (2020) Incumbent system context and job outcomes of effective enterprise system use. J. Assoc. Inform. Systems 21(2):364–387.Google Scholar
  • Hosseini M, Shahri A, Phalp K, Ali R (2018) Engineering transparency requirements: A modelling and analysis framework. Inform. Systems 74(1):3–22.CrossrefGoogle Scholar
  • Hu M (2020) Cambridge Analytica’s black box. Big Data Soc. 7(2):1–6.CrossrefGoogle Scholar
  • Iivari J (2020) A critical look at theories in design science research. J. Assoc. Inform. Systems 21(3):502–519.Google Scholar
  • Jin H, Shen H, Jain M, Kumar S, Hong JI (2021) Lean privacy review: Collecting users’ privacy concerns of data practices at a low cost. ACM Trans. Computer-Human Interaction 28(5):34:1–34:55.CrossrefGoogle Scholar
  • Kalyuga S (2011) Cognitive load theory: How many types of load does it really need? Ed. Psych. Rev. 23(1):1–19.CrossrefGoogle Scholar
  • Kannengießer N, Lins S, Dehling T, Sunyaev A (2020) Trade-offs between distributed ledger technology characteristics. ACM Comput. Surveys 53(2):42:1–42:37.Google Scholar
  • Karegar F, Pettersson JS, Fischer-Hübner S (2020) The dilemma of user engagement in privacy notices: Effects of interaction modes and habituation on user attention. ACM Trans. Privacy Security 23(1):5:1–5:38.CrossrefGoogle Scholar
  • Karwatzki S, Dytynko O, Trenz M, Veit D (2017) Beyond the personalization–privacy paradox: Privacy valuation, transparency features, and service personalization. J. Management Inform. Systems 34(2):369–400.CrossrefGoogle Scholar
  • Kasper GM (1996) A theory of decision support system design for user calibration. Inform. Systems Res. 7(2):215–232.LinkGoogle Scholar
  • Kuechler W, Vaishnavi V (2012) A framework for theory development in design science research: Multiple perspectives. J. Assoc. Inform. Systems 13(6):395–423.Google Scholar
  • Kulyk O, Gerber N, Hilt A, Volkamer M (2020) Has the GDPR hype affected users’ reaction to cookie disclaimers? J. Cybersecurity 6(1):tyaa022.CrossrefGoogle Scholar
  • Lämmel R, Pek E (2013) Understanding privacy policies. Empirical Software Engrg. 18(2):310–374.CrossrefGoogle Scholar
  • Lee AS, Thomas M, Baskerville RL (2015) Going back to basics in design science: From the information technology artifact to the information systems artifact. Inform. Systems J. 25(1):5–21.CrossrefGoogle Scholar
  • Li Y (2011) Empirical studies on online information privacy concerns: Literature review and an integrative framework. Comm. Assoc. Inform. Systems 28(1):453–496.Google Scholar
  • Liang H, Xue Y, Zhang Z (2017) Understanding online health information use: The case of people with physical disabilities. J. Assoc. Inform. Systems 18(6):2.Google Scholar
  • Lin J, Amini S, Hong JI, Sadeh N, Lindqvist J, Zhang J (2012) Expectation and purpose: Understanding users’ mental models of mobile app privacy through crowdsourcing. Dey AK, Chu H-H, Hayes G, eds. Proc. ACM Conf. on Ubiquitous Comput. (ACM, New York), 501–510.Google Scholar
  • Lou C, Yuan S (2019) Influencer marketing: How message value and credibility affect consumer trust of branded content on social media. J. Interactive Advertising 19(1):58–73.CrossrefGoogle Scholar
  • Maitlis S, Christianson M (2014) Sensemaking in organizations: Taking stock and moving forward. Acad. Management Ann. 8(1):57–125.CrossrefGoogle Scholar
  • Mantelero A (2018) AI and Big Data: A blueprint for a human rights, social and ethical impact assessment. Comput. Law Security Rev. 34(4):754–772.CrossrefGoogle Scholar
  • Markus ML, Robey D (1988) Information technology and organizational change: Causal structure in theory and research. Management Sci. 34(5):583–598.LinkGoogle Scholar
  • Marmor A (2015) What is the right to privacy? Philosophical. Public Affairs 43(1):3–26.CrossrefGoogle Scholar
  • Marquis C, Toffel MW, Zhou Y (2016) Scrutiny, norms, and selective disclosure: A global study of greenwashing. Organ. Sci. 27(2):483–504.LinkGoogle Scholar
  • Martin K (2016) Understanding privacy online: Development of a social contract approach to privacy. J. Bus. Ethics 137(3):551–569.CrossrefGoogle Scholar
  • Martin K (2020) Breaking the privacy paradox: The value of privacy and associated duty of firms. Bus. Ethics Quart. 30(1):65–96.CrossrefGoogle Scholar
  • Martin KD, Murphy PE (2017) The role of data privacy in marketing. J. Acad. Marketing Sci. 45(2):135–155.CrossrefGoogle Scholar
  • Martin KD, Borah A, Palmatier RW (2017) Data privacy: Effects on customer and firm performance. J. Marketing 81(1):36–58.CrossrefGoogle Scholar
  • Marwick AE, boyd d (2010) I tweet honestly, I tweet passionately: Twitter users, context collapse, and the imagined audience. New Media Soc. 13(1):114–133.CrossrefGoogle Scholar
  • Marwick AE, boyd d (2014) Networked privacy: How teenagers negotiate context in social media. New Media Soc. 16(7):1051–1067.CrossrefGoogle Scholar
  • Masur PK (2020) How online privacy literacy supports self-data protection and self-determination in the age of information. Media Comm. 8(2):258–269.CrossrefGoogle Scholar
  • McDonald AM, Cranor LF (2008) The cost of reading privacy policies. J. Law Policy Inform. Soc. 4(3):543–568.Google Scholar
  • Metzger MJ (2007) Making sense of credibility on the Web: Models for evaluating online information and recommendations for future research. J. Amer. Soc. Inform. Sci. Tech. 58(13):2078–2091.CrossrefGoogle Scholar
  • Milkaite I, Lievens E (2020) Child-friendly transparency of data processing in the EU: From legal requirements to platform policies. J. Child Media 14(1):5–21.CrossrefGoogle Scholar
  • Miller GA (1956) The magical number seven, plus or minus two: Some limits on our capacity for processing information. Psych. Rev. 63(2):81–97.CrossrefGoogle Scholar
  • Milne GR, Culnan MJ (2002) Using the content of online privacy notices to inform public policy: A longitudinal analysis of the 1998–2001 US web surveys. Inform. Soc. 18(5):345–359.CrossrefGoogle Scholar
  • Milne GR, Culnan MJ (2004) Strategies for reducing online privacy risks: Why consumers read (or don’t read) online privacy notices. J. Interactive Marketing 18(3):15–29.CrossrefGoogle Scholar
  • Milne GR, Culnan MJ, Greene H (2006) A longitudinal assessment of online privacy notice readability. J. Public Policy Marketing 25(2):238–249.CrossrefGoogle Scholar
  • Milne GR, Pettinico G, Hajjat FM, Markos E (2017) Information sensitivity typology: Mapping the degree and type of risk consumers perceive in personal data sharing. J. Consumer Affairs 51(1):133–161.CrossrefGoogle Scholar
  • Moll R, Pieschl S, Bromme R (2017) Whoever will read it: The overload heuristic in collective privacy expectations. Comput. Human Behav. 75:484–493.CrossrefGoogle Scholar
  • Mulligan DK, Koopman C, Doty N (2016) Privacy is an essentially contested concept: A multi-dimensional analytic for mapping privacy. Philosophical Trans. Royal Soc. A 374(2083):20160118.CrossrefGoogle Scholar
  • Nakamoto S (2008) Bitcoin: A peer-to-peer electronic cash system. Retrieved January 13, 2023, https://bitcointalk.org/bitcoin.pdf.Google Scholar
  • Newman AL (2015) What the “right to be forgotten” means for privacy in a digital age. Science 347(6221):507–508.CrossrefGoogle Scholar
  • Nicolaou AI, McKnight DH (2006) Perceived information quality in data exchanges: Effects on risk, trust, and intention to use. Inform. Systems Res. 17(4):332–351.LinkGoogle Scholar
  • Niederman F, March ST (2012) Design science and the accumulation of knowledge in the information systems discipline. ACM Trans. Management Inform. Systems 3(1):1:1–1:15.CrossrefGoogle Scholar
  • Nissenbaum H (2010) Privacy in Context: Technology, Policy, and the Integrity of Social Life (Stanford University Press, Stanford, CA).Google Scholar
  • Nissim K, Wood A (2018) Is privacy privacy? Philosophical Trans. Royal Soc. A 376(2128):20170358.CrossrefGoogle Scholar
  • Nussbaumer P, Matter I, Schwabe G (2012) “Enforced” vs. “casual” transparency: Findings from IT-supported financial advisory encounters. ACM Trans. Management Inform. Systems 3(2):11:1–11:19.CrossrefGoogle Scholar
  • Nyilasy G, Gangadharbatla H, Paladino A (2014) Perceived greenwashing: The interactive effects of green advertising and corporate environmental performance on consumer reactions. J. Bus. Ethics 125(4):693–707.CrossrefGoogle Scholar
  • Obar JA (2015) Big data and the phantom public: Walter Lippmann and the fallacy of data privacy self-management. Big Data Soc. 2(2):2053951715608876.CrossrefGoogle Scholar
  • Obar JA, Oeldorf-Hirsch A (2020) The biggest lie on the Internet: Ignoring the privacy policies and terms of service policies of social networking services. Inform. Comm. Soc. 23(1):128–147.CrossrefGoogle Scholar
  • Oetzel MC, Spiekermann S (2014) A systematic methodology for privacy impact assessments: A design science approach. Eur. J. Inform. Systems 23(2):126–150.CrossrefGoogle Scholar
  • Oulasvirta A, Suomalainen T, Hamari J, Lampinen A, Karvonen K (2014) Transparency of intentions decreases privacy concerns in ubiquitous surveillance. Cyberpsych. Behav. Soc. Network 17(10):633–638.CrossrefGoogle Scholar
  • Paas F, Ayres P (2014) Cognitive load theory: A broader view on the role of memory in learning and education. Ed. Psych. Rev. 26(2):191–195.CrossrefGoogle Scholar
  • Paré G, Tate M, Johnstone D, Kitsiou S (2016) Contextualizing the twin concepts of systematicity and transparency in information systems literature reviews. Eur. J. Inform. Systems 25(6):493–508.CrossrefGoogle Scholar
  • Peppet SR (2011) Unraveling privacy: The personal prospectus and the threat of a full-disclosure future. Northwestern University Law Rev. 105(3):1153–1204.Google Scholar
  • Pollach I (2006) Privacy statements as a means of uncertainty reduction in WWW interactions. J. Organ. End User Comput. 18(1):23–49.CrossrefGoogle Scholar
  • Raber F, Krüger A (2022) Transferring recommendations through privacy user models across domains. User Modeling User-Adapting Interactions 32(1):25–90.CrossrefGoogle Scholar
  • Rains SA, Bosch LA (2009) Privacy and health in the information age: A content analysis of health website privacy policy statements. Health Comm. 24(5):435–446.CrossrefGoogle Scholar
  • Rajaobelina L, Prom Tep S, Arcand M, Ricard L (2021) Creepiness: Its antecedents and impact on loyalty when interacting with a chatbot. Psych. Marketing 38(12):2339–2356.CrossrefGoogle Scholar
  • Ramaprasad A (1983) On the definition of feedback. Behav. Sci. 28(1):4–13.CrossrefGoogle Scholar
  • Reagle J, Cranor LF (1999) The platform for privacy preferences. Comm. ACM 42(2):48–55.CrossrefGoogle Scholar
  • Reidenberg JR, Bhatia J, Breaux TD, Norton TB (2016) Ambiguity in privacy policies and the impact of regulation. J. Legal Stud. 45(S2):S163–S190.CrossrefGoogle Scholar
  • Rittel HW, Webber MM (1973) Dilemmas in a general theory of planning. Policy Sci. 4(2):155–169.CrossrefGoogle Scholar
  • Romanosky S (2016) Examining the costs and causes of cyber incidents. J. Cybersecurity 2(2):121–135.Google Scholar
  • Rouse WB, Rouse SH (1984) Human information seeking and design of information systems. Inform. Processing Management 20(1–2):129–138.CrossrefGoogle Scholar
  • Rubinstein IS, Good N (2013) Privacy by design: A counterfactual analysis of Google and Facebook privacy incidents. Berkeley Tech. Law J. 28(2):1333–1413.Google Scholar
  • Rudin C (2019) Stop explaining black box machine learning models for high stakes decisions and use interpretable models instead. Natural Machine Intelligence 1(5):206–215.CrossrefGoogle Scholar
  • Samavi R, Consens MP (2018) Publishing privacy logs to facilitate transparency and accountability. J. Web Semantics 50:1–20.CrossrefGoogle Scholar
  • Sánchez D, Viejo A, Batet M (2021) Automatic assessment of privacy policies under the GDPR. Appl. Sci. 11(4):1762:1–1762:11.CrossrefGoogle Scholar
  • Sarker S, Chatterjee S, Xiao X, Elbanna A (2019) The sociotechnical axis of cohesion for the IS discipline: Its historical legacy and its continued relevance. Management Inform. Systems Quart. 43(3):695–720.CrossrefGoogle Scholar
  • Schaub F, Balebako R, Cranor LF (2017) Designing effective privacy notices and controls. IEEE Internet Comput. 21(3):70–77.CrossrefGoogle Scholar
  • Schaub F, Balebako R, Durity AL, Cranor LF (2015) A design space for effective privacy notices. Cranor LF, Biddle R, Consolvo S, eds. Proc. Sympos. on Usable Privacy and Security (USENIX Association, Berkeley, CA), 1–17.Google Scholar
  • Schmidt J, Keil T (2013) What makes a resource valuable? Identifying the drivers of firm-idiosyncratic resource value. Acad. Management Rev. 38(2):206–228.CrossrefGoogle Scholar
  • Schnackenberg AK, Tomlinson EC (2016) Organizational transparency: A new perspective on managing trust in organization-stakeholder relationships. J. Management 42(7):1784–1810.CrossrefGoogle Scholar
  • Schneider S, Sunyaev A (2016) Determinant factors of cloud-sourcing decisions: Reflecting on the IT outsourcing literature in the era of cloud computing. J. Inform. Tech. 31(1):1–31.CrossrefGoogle Scholar
  • Schwaig KS, Kane GC, Storey VC (2006) Compliance to the Fair Information Practices: How are the Fortune 500 handling online privacy disclosures? Inform. Management 43(7):805–820.CrossrefGoogle Scholar
  • Schwartz PM (1999) Privacy and democracy in cyberspace. Vanderbilt Law Rev. 52(6):1607–1702.Google Scholar
  • Senarath A, Arachchilage NAG (2019) A data minimization model for embedding privacy into software systems. Comput. Security 87:101605.CrossrefGoogle Scholar
  • Severance C (2012) Discovering JavaScript object notation. IEEE Computer 45(4):6–8.CrossrefGoogle Scholar
  • Shanmugarasa Y, Paik HY, Kanhere SS, Zhu L (2022) Automated privacy preferences for smart home data sharing using personal data stores. IEEE Security Privacy 20(1):12–22.CrossrefGoogle Scholar
  • Sheng X, Simpson PM (2014) Effects of perceived privacy protection: Does reading privacy notices matter? Internat. J. Services Standards 9(1):19–36.CrossrefGoogle Scholar
  • Simon HA (1996) The Sciences of the Artificial, 3rd ed. (MIT Press, Cambridge, MA).Google Scholar
  • Sinnreich A, Gilbert J (2019) The carrier wave principle. Internat. J. Comm. 13:5816–5840.Google Scholar
  • Slepchuk AN, Milne GR (2020) Informing the design of better privacy policies. Current Opinion Psych. 31:89–93.CrossrefGoogle Scholar
  • Smith HJ (1993) Privacy policies and practices: Inside the organizational maze. Comm. ACM 36(12):104–122.CrossrefGoogle Scholar
  • Smith HJ, Dinev T, Xu H (2011) Information privacy research: An interdisciplinary review. Management Inform. Systems Quart. 35(4):989–1015.CrossrefGoogle Scholar
  • Smith HJ, Milberg SJ, Burke SJ (1996) Information privacy: Measuring individuals’ concerns about organizational practices. Management Inform. Systems Quart. 20(2):167–196.CrossrefGoogle Scholar
  • Soh C, Markus ML, Goh KH (2006) Electronic marketplaces and price transparency: Strategy, information technology, and success. Management Inform. Systems Quart. 30(3):705–723.CrossrefGoogle Scholar
  • Solove DJ (2006) A taxonomy of privacy. University Pennsylvania Law Rev. 154(3):477–560.CrossrefGoogle Scholar
  • Solove DJ (2021) The myth of the privacy paradox. George Washington Law Rev. 89(1):1–51.Google Scholar
  • Son JY, Kim SS (2008) Internet users’ information privacy-protective responses: A taxonomy and a nomological model. Management Inform. Systems Quart. 32(3):503–529.CrossrefGoogle Scholar
  • Soumelidou A, Tsohou A (2021) Toward the creation of a profile of the information privacy aware user through a systematic literature review of information privacy awareness. Telematics Inform. 61:101592.CrossrefGoogle Scholar
  • Spiekermann S, Korunovska J, Langheinrich M (2019) Inside the organization: Why privacy and security engineering is a challenge for engineers. Proc. IEEE 107(3):600–615.CrossrefGoogle Scholar
  • Such JM, Criado N (2018) Multiparty privacy in social media. Comm. ACM 61(8):74–81.CrossrefGoogle Scholar
  • Sun Y, Kantor PB (2006) Cross-evaluation: A new model for information system evaluation. J. Amer. Soc. Inform. Sci. Tech. 57(5):614–628.CrossrefGoogle Scholar
  • Sunyaev A (2020) Critical information infrastructures. Internet Computing: Principles of Distributed Systems and Emerging Internet-Based Technologies (Springer International Publishing, Cham, Switzerland), 339–372.CrossrefGoogle Scholar
  • Sunyaev A, Dehling T, Taylor PL, Mandl KD (2015) Availability and quality of mobile health app privacy policies. J. Amer. Medical Inform. Assoc. 22(e1):e28–e33.CrossrefGoogle Scholar
  • Sunyaev A, Kannengießer N, Beck R, Treiblmaier H, Lacity M, Kranz J, Fridgen G, et al. (2021) Token economy. Bus. Inform. Systems Engrg. 63(1):457–478.CrossrefGoogle Scholar
  • Sweller J (1988) Cognitive load during problem solving: Effects on learning. Cognitive Sci. 12(2):257–285.CrossrefGoogle Scholar
  • Sweller J, van Merriënboer JJG, Paas FGWC (1998) Cognitive architecture and instructional design. Ed. Psych. Rev. 10(3):251–296.CrossrefGoogle Scholar
  • Sweller J, van Merriënboer JJG, Paas F (2019) Cognitive architecture and instructional design: 20 years later. Ed. Psych. Rev. 31(2):261–292.CrossrefGoogle Scholar
  • Tavani HT (2007) Philosophical theories of privacy: Implications for an adequate online privacy policy. Metaphilosophy 38(1):1–22.CrossrefGoogle Scholar
  • Trist E (1981) The evolution of socio-technical systems. Perspectives in Organization Design and Behavior (John Wiley, London), 32–47.Google Scholar
  • Tsai JY, Egelman S, Cranor L, Acquisti A (2011) The effect of online privacy information on purchasing behavior: An experimental study. Inform. Systems Res. 22(2):254–268.LinkGoogle Scholar
  • Turner EC, Dasgupta S (2003) Privacy on the Web: An examination of user concerns, technology, and implications for business organizations and individuals. Inform. Systems Management 20(1):8–18.CrossrefGoogle Scholar
  • U.S. Federal Department of Health Education and Welfare (1973) Records, computers and the rights of citizens: Report of the secretary’s advisory committee on automated personal data systems. Chapter III. Safeguards for privacy. Retrieved January 13, 2023, https://epic.org/privacy/hew1973report/c3.htm.Google Scholar
  • van Merriënboer JJG, Sweller J (2005) Cognitive load theory and complex learning: Recent developments and future directions. Ed. Psych. Rev. 17(2):147–177.CrossrefGoogle Scholar
  • van Merriënboer JJG, Sweller J (2010) Cognitive load theory in health professional education: Design principles and strategies. Medical Ed. 44(1):85–93.CrossrefGoogle Scholar
  • Venkatesh V, Thong JYL, Chan FKY, Hu PJH (2016) Managing citizens’ uncertainty in e-government services: The mediating and moderating roles of transparency and trust. Inform. Systems Res. 27(1):87–111.LinkGoogle Scholar
  • Wall JD, Lowry PB, Barlow JB (2016) Organizational violations of externally governed privacy and security rules: Explaining and predicting selective violations under conditions of strain and excess. J. Assoc. Inform. Systems 17(1):39–76.Google Scholar
  • Walls JG, Widmeyer GR, El Sawy OA (1992) Building an information system design theory for vigilant EIS. Inform. Systems Res. 3(1):36–59.LinkGoogle Scholar
  • Walls JG, Widermeyer GR, El Sawy OA (2004) Assessing information system design theory in perspective: How useful was our 1992 initial rendition? J. Inform. Tech. Theory Appl. 6(2):43–58.Google Scholar
  • Weick KE (1989) Theory construction as disciplined imagination. Acad. Management Rev. 14(4):516–531.CrossrefGoogle Scholar
  • Whitten A, Tygar JD (1999) Why Johnny can’t encrypt: A usability evaluation of PGP 5.0. Treese W, ed. Proc. 8th USENIX Security Sympos (USENIX Association, Berkeley, CA), 1–15.Google Scholar
  • Wikimedia Foundation (2021) Privacy policy. Retrieved January 13, 2023, https://foundation.wikimedia.org/w/index.php?title=Privacy_policy&oldid=131827.Google Scholar
  • Wright SA, Xie GX (2019) Perceived privacy violation: Exploring the malleability of privacy expectations. J. Bus. Ethics 156(1):123–140.CrossrefGoogle Scholar
  • Wu PF (2019) The privacy paradox in the context of online social networking: A self-identity perspective. J. Assoc. Inform. Sci. Tech. 70(3):207–217.CrossrefGoogle Scholar
  • Xie HI (2000) Shifts of interactive intentions and information-seeking strategies in interactive information retrieval. J. Amer. Soc. Inform. Sci. 51(9):841–857.CrossrefGoogle Scholar
  • Xu JD, Benbasat I, Cenfetelli RT (2014) The nature and consequences of trade-off transparency in the context of recommendation agents. Management Inform. Systems Quart. 38(2):379–406.CrossrefGoogle Scholar
  • Yin X, Zhu Y, Hu J (2021) A comprehensive survey of privacy-preserving federated learning: A taxonomy, review, and future directions. ACM Comput. Surveys 54(6):131:1–131:36.Google Scholar
  • Yoo Y (2010) Computing in everyday life: A call for research on experiential computing. Management Inform. Systems Quart. 34(2):213–231.CrossrefGoogle Scholar
  • Young AL, Quan-Haase A (2013) Privacy protection strategies on Facebook. The Internet privacy paradox revisited. Inform. Comm. Soc. 16(4):479–500.CrossrefGoogle Scholar
  • Yu L, Luo X, Qian C, Wang S, Leung HKN (2018) Enhancing the description-to-behavior fidelity in Android apps with privacy policy. IEEE Trans. Software Engrg. 44(9):834–854.CrossrefGoogle Scholar
  • Yun H, Lee G, Kim DJ (2019) A chronological review of empirical research on personal information privacy concerns: An analysis of contexts and research constructs. Inform. Management 56(4):570–601.CrossrefGoogle Scholar
  • Zaeem RN, German RL, Barber KS (2018) PrivacyCheck: Automatic summarization of privacy policies using data mining. ACM Trans. Internet Tech. 18(4):53:1–53:18.CrossrefGoogle Scholar
  • Zuboff S (2015) Big other: Surveillance capitalism and the prospects of an information civilization. J. Inform. Tech. 30(1):75–89.CrossrefGoogle Scholar
  • Zuboff S (2019) The Age of Surveillance Capitalism. The Fight for a Human Future at the New Frontier of Power (Profile Books Ltd, London).Google Scholar
Previous
Back to Top
Next
INFORMS site uses cookies to store information on your computer. Some are essential to make our site work; Others help us improve the user experience. By using this site, you consent to the placement of these cookies. Please read our Privacy Statement to learn more.
Agree