Idée / dominante :

Dans le cadre de la théorie du CPM, les inquiétudes des internautes quant à la protection des leurs données personnelles sont fonction des risques et du contrôle individuel perçus. Les politiques d’autorégulation adoptées par les entreprises ont également une influence (indirecte) sur ces inquiétudes. Les labels, attribués par une partie tierce, ont, quant à eux, une influence non-significative (Hui et al. 2007).

Résumé :

Définie comme le droit, du point de vue juridique (Warren & Brandeis, 1890), à un état d’accès limité ou d’isolation, en philosophie/psychologie (Schoeman, 1984), et au contrôle, en sciences sociales et SI (Culnan, 1993 ; Westin, 1967), la « privacy » et les inquiétudes sous-jacentes sont ici étudiées à la lumière de la théorie du «Communication Privacy Management» (Petronio, 2002). Cette théorie vise à comprendre comment les individus prennent des décisions en ce qui concerne la diffusion d’information au sein de relations interpersonnelles. Elle repose sur la métaphore des frontières (ouvertes ou fermées, cf. IBT) régissant la diffusion des informations, et comprend trois niveaux : (1) la création d’un espace personnel d’information, avec des frontières définies. Ces frontières dépendent d’une évaluation des risques, de dispositions personnelles, et du contexte d’une relation avec une entité extérieure avec laquelle un échange d’informations a lieu. (2) Lorsqu’ils diffusent des informations, les individus considèrent que celles-ci sont conservées dans un domaine sûr, à la disposition des entreprises à la condition que celles-ci appliquent leurs politiques de protection de confidentialité. (3) Lorsqu’il y a violation de ces politiques, les individus ont recours à un tiers, en portant plainte auprès de l’institution compétente.

Grâce à cette théorie, les auteurs mettent en place un modèle de recherche qu’ils cherchent à valider au moyen d’un questionnaire soumis en ligne à des étudiants du sud des Etats-Unis. Ils ont récolté 823 réponses exploitables. Principaux enseignements de l’enquête :

• Les risques perçus pour la privacy ont une influence positive sur les inquiétudes (i.e. plus l’individu perçois des risques pour la confidentialité des ses informations, plus il sera inquiet) ;
• Le contrôle perçu sur la privacy a une influence négative sur les inquiétudes ;
• La propension d’un individu à attacher de l’importance à la privacy impacte la perception des risques, et, dans le cadre des réseaux sociaux, le contrôle ;
• Cette propension impacte positivement les inquiétudes ;
• L’efficacité perçue des politiques de protection des données impacte positivement la perception du contrôle, et négativement la perception du risque ;
• L’efficacité perçue de l’autorégulation des entreprises impacte positivement la perception du contrôle, à l’exception des sites de finance.Globalement : plus un individu attache de l’importance à la protection de ses données personnelles, plus celui-ci sera enclin à sentir une violation de sa « privacy».
  Fait marquant : les sites de réseaux sociaux se détachent des autres sites observés lors de l’analyse de coefficients et de leur variance. Ceux-ci ont notamment développé certains attributs permettant à leurs utilisateurs de gérer eux-mêmes leurs paramètres de confidentialité, ce qui impacte leur perception du contrôle de leurs informations. E.g. pour Friendster.com, la définition de ces paramètres fait partie intégrante du processus d’inscription.

Notes d’intérêt pour la recherche en cours :

Définition de la « privacy », présentation et utilisation de la théorie du « Communication Privacy Management » comme cadre théorique, singularité des réseaux sociaux en termes de gestion de la confidentialité, qui affecte la perception du contrôle.

Ce qui n’a pas été abordé :

L’échantillon considéré se limite aux étudiants, il conviendrait d’élargir cela. L’étude reste théorique et ne permet pas de dresser les conséquences de tels enseignements sur le comportement des internautes (et plus particulièrement des utilisateurs de réseaux sociaux) => Comment ces inquiétudes se traduisent dans l’utilisation du web ?

Références :

Agarwal, R., & Karahanna, E. (2000). Time flies when you’re having fun: Cognitive absorption and beliefs about information technology usage. MIS Quarterly, 24(4), 665-694.

Ajzen, I. (1991). The theory of planned behavior. Organizational Behavior and Human Decision Processes, 50(2), 179-211.

Altman, I. (1974). Privacy: A conceptual analysis. In D.H. Carson (Ed.), Man-Environment Interactions: Evaluations and Applications: Part 2 (3-28). Washington, DC.: Environmental Design Research Association.

Altman, I. (1977). Privacy regulation: Culturally universal or culturally specific? Journal of Social Issues, 33(3), 66-84.

Belanger, F., Hiller, J.S., & Smith, W.J. (2002). Trustworthiness in electronic commerce: The role of privacy, security, and site attributes. Journal of Strategic Information Systems, 11(3-4), 245-270.

Bellman, S., Johnson, E.J., Kobrin, S.J., & Lohse, G.L. (2004). International differences in informationprivacy concerns: A global survey of consumers. Information Society, 20(5), 313-324.

Benassi, P. (1999). TRUSTe: An online privacy seal program. Communications of the ACM, 42(2),56-59.

Bennett, C.J. (1992). Regulating privacy: Data protection and public policy in Europe and the UnitedStates. Ithaca, NY: Cornell University Press.

Buchanan, T., Paine, C., Joinson, A. N., & Reips, U.-D. (2007). Development of measures of onlineprivacy concern and protection for use on the Internet. Journal of the American Society forInformation Science and Technology, 58(2), 157-165.

Campbell, D.T., & Fiske, D.W. (1959). Convergent and discriminant validation by the multitrait-multimethod matrix. Psychological Bulletin, 56(2), 81-105.

Chellappa, R.K., & Sin, R. (2005). Personalization versus privacy: An empirical examination of theonline consumer’s dilemma.Information Technology and Management, 6(2), 181-202.

Child, J.T., Pearson, J.C., & Petronio, S. (2009). Blogging, communication, and privacy management: Development of the blogging privacy management measure.Journal of the American Societyfor Information Science and Technology, 60(10), 2079-2094.

Chin, W. W. (1998). The partial least squares approach to structural equation modeling. In G. A.Marcoulides (Ed.), Modern methods for business research (pp. 295-336). Mahwah, NJ:Lawrence Erlbaum Associates.

Cook, M., & Campbell, D. T. (1979). Quasi-experimentation: Design and analysis issues for fieldsettings. Boston, MA: Houghton Mifflin.

Culnan, M.J. (1993). ‘How did they get my name’? An exploratory investigation of consumer attitudestoward secondary information use. MIS Quarterly, 17(3), 341-363.

Culnan, M.J. (1995). Consumer awareness of name removal procedures: Implication for directmarketing. Journal of Interactive Marketing, 9(2), 10-19.

Culnan, M.J. (2000). Protecting privacy online: Is self-regulation working? Journal of Public Policy andMarketing, 19(1), 20-26.

Culnan, M.J., & Armstrong, P.K. (1999). Information privacy concerns, procedural fairness andimpersonal trust: An empirical investigation. Organization Science, 10(1), 104-115.

Culnan, M.J., & Bies, J.R. (2003). Consumer privacy: Balancing economic and justiceconsiderations. Journal of Social Issues, 59(2), 323-342.

Culnan, M.J., & Williams, C.C. (2009). How ethics can enhance organizational privacy: Lessons fromthe ChoicePoint and TJX data breaches. MIS Quarterly, 33(4), 673-687.

Derlega, V.J., & Chaikin, A.L. (1977). Privacy and self-disclosure in social relationships. Journal ofSocial Issues, 33(3), 102-115.

Dinev, T., & Hart, P. (2004). Internet privacy concerns and their antecedents – Measurement validityand a regression model. Behavior and Information Technology, 23(6), 413-423.

Dinev, T., & Hart, P. (2006a). An extended privacy calculus model for E-commerce transactions.Information Systems Research, 17(1), 61-80.

Dinev, T., & Hart, P. (2006b). Internet privacy concerns and social awareness as determinants ofintention to transact. International Journal of Electronic Commerce, 10(2), 7-29.

Dinev, T., Hart, P., & Mullen, M.R. (2008). Internet privacy concerns and beliefs about governmentsurveillance – An empirical investigation. Journal of Strategic Information Systems, 17(3), 214-233.

DMA. (2003). Privacy promise member compliance guide. Retrieved from http://www.the-dma.org/ privacy/privacypromise.shtml

Earp, J.B., Anton, A.I., Aiman-Smith, L., & Stufflebeam, W. H. (2005). Examining Internet privacy policies within the context of user privacy values. IEEE Transactions on Engineering Management, 52(2), 227-237.

Earp, J.B., & Payton, F.C. (2006). Information privacy in the service sector: An exploratory study of health care and banking professionals. Journal of Organizational Computing and Electronic Commerce, 16(2), 105-122.

Fornell, C., & Bookstein, F.L. (1982). Two structural equation models: LISREL and PLS applied to consumer exit-voice theory. Journal of Marketing Research, 19(4), 440-452.

Ganesan, S. (1994). Determinants of long-term orientation in buyer-seller relationships. Journal of Marketing, 58(2), 1-19.

Gefen, D. (2000). Lessons learnt from the successful adoption of an ERP: The central role of trust. In S. D. Zanakis, G. Zopounidis and C. Zopounidis (eds.), Recent Developments and Applications in Decision Making. Boston, MA: Kluwer Academic.

Gefen, D., Straub, D., & Boudreau, M. (2000). Structural equation modeling and regression: Guidelines for research practice. Communications of AIS, 4(1), 1-78.

Greenfield, Y.M.N.a. (2000). The Internet is ‘Big Man on Campus’—New study from Greenfield online reveals the Web is huge on campus. Retrieved from http://www8.techmall.com/techdocs/TS000807-2.html.

Gross, R., & Acquisti, A. (2005). Information revelation and privacy in online social networks. Proceedings of the 2005 ACM workshop on Privacy in the electronic society, Alexandria, VA.

Hansell, S. (2008a, May 27). Google fights for the right to hide its privacy policy. The New York Times. Retrieved from http://bits.blogs.nytimes.com/2008/05/27/google-fights-for-the-right-to- hide-its-privacy-policy/.

Hansell, S. (2008b, May 30). Is Google violating a California privacy law? The New York Times. Retrieved from http://bits.blogs.nytimes.com/2008/05/30/is-google-violating-a-california-privacy-law/.

Havlena, W.J., & DeSarbo, W.S. (1991). On the measurement of perceived consumer risk. DecisionSciences, 22(4), 927-939.

Hoadley, C.M., Xu, H., Lee, J.J., & Rosson, M.B. (2010). Privacy as information access and illusorycontrol: The case of the Facebook news feed privacy outcry. Electronic Commerce Researchand Applications, 9(1), 50-60.

Hoofnagle, C.J., King, J., Li, S., & Turow, J. (2010). How different are young adults from older adultswhen it comes to information privacy attitudes and policies?SSRN. Retrieved fromhttp://ssrn.com/abstract=1589864.

Hui, K.-L., Teo, H.H., & Lee, S.-Y.T. (2007). The value of privacy assurance: An exploratory fieldexperiment. MIS Quarterly, 31(1), 19-33.

Jarvenpaa, S.L., & Leidner, D.E. (1999). Communication and trust in global virtual teams.Organization Science, 10(6), 791-815.

Jensen, C., Potts, C., & Jensen, C. (2005). Privacy practices of Internet users: Self-reports versusobserved behavior. International Journal of Human-Computer Studies, 63(1-2), 203–227.

Kelvin, P. (1973). A social-psychological examination of privacy. British Journal of Social and Clinical Psychology, 12(3), 248-261.

Kim, D., & Benbasat, I. (2006). The effects of trust-assuring arguments on consumer trust in Internetstores: application of Toulmin’s model of argumentation. Information Systems Research,17(3), 286-300.

Laufer, R.S., & Wolfe, M. (1977). Privacy as a concept and a social issue – Multidimensionaldevelopmental theory. Journal of Social Issues, 33(3), 22-42.

Li, H., Sarathy, R., & Xu, H. (2010). Understanding situational online information disclosure as aprivacy calculus. Journal of Computer Information Systems, 51(1), 62-71.

Lindell, M.K., and Whitney, D.J. (2001). Accounting for common method variance in cross-sectional

research designs, Journal of Applied Psychology, 86(1), 114-121.

Ma, M., & Agarwal, R. (2007). Through a glass darkly: Information technology design, identityverification, and knowledge contribution in online communities. Information SystemsResearch, 18(1), 42-67.

Malhotra, N.K., Kim, S.S., & Agarwal, J. (2004). Internet users’ information privacy concerns (IUIPC):The construct, the scale, and a causal model. Information Systems Research, 15(4), 336-355.

Margulis, S.T. (1977). Conceptions of privacy: current status and next steps. Journal of Social Issues, 33(3), 5-21.

Margulis, S.T. (2003a). On the status and contribution of Westin’s and Altman’s theories of privacy. Journal of Social Issues, 59(2), 411-429.

Margulis, S.T. (2003b). Privacy as a social issue and behavioral concept. Journal of Social Issues, 59(2), 243-261.

Mayer, R.C., Davis, J.H., & Schoorman, F.D. (1995). An integrative model of organizational trust. Academy of Management Review, 20(3), 709-734.

McKnight, D.H., Choudhury, V., & Kacmar, C. (2002). Developing and validating trust measures for E- commerce: An integrative typology. Information Systems Research, 13(3), 334-359.

Metzger, M.J. (2004). Privacy, trust, and disclosure: exploring barriers to electronic commerce. Journal of Computer-Mediated Communication, 9(4).

Metzger, M.J. (2007). Communication privacy management in electronic commerce. Journal of Computer-Mediated Communication, 12(2), 335–361.

Milberg, S.J., Burke, S.J., Smith, H.J., & Kallman, E.A. (1995). Values, personal information privacy, and regulatory approaches. Communications of the ACM,38(12), 65-74.

Milne, G.R., & Boza, M.-E. (1999). Trust and concern in consumers’ perceptions of marketing information management practices. Journal of Interactive Marketing, 13(1), 5-24.

Milne, G.R., & Culnan, M.J. (2004). Strategies for reducing online privacy risks: Why consumers read (or don’t read) online privacy notices. Journal of Interactive Marketing, 18(3), 15-29.

Moon, Y. (2000). Intimate exchanges: Using computers to elicit self-disclosure from consumers. Journal of Consumer Research, 26(4), 323-339.

Moores, T. (2005). Do consumers understand the role of privacy seals in e-commerce? Communications of the ACM, 48(3), 86-91.

Moores, T.T., & Dhillon, G. (2003). Do privacy seals in e-commerce really work? Communications of the ACM, 46(12), 265-271.

Norberg, P.A., & Horne, D.R. (2007). Privacy attitudes and privacy-related behavior. Psychology and Marketing, 24(10), 829-847.

Nunnally, J.C. (1978). Psychometric Theory, 2nd ed.. New York: McGraw-Hill.

Palen, L., & Dourish, P. (2003). Unpacking “privacy” for a networked world. Proceedings of theSIGCHI conference on human factors in computing systems, Ft. Lauderdale, Fl., 129-136.

Pavlou, P.A., & Gefen, D. (2004). Building effective online marketplaces with institution-based trust.Information Systems Research, 15(1), 37-59.

Petronio, S.S. (2002). Boundaries of privacy: Dialectics of disclosure (xix,pp. 268). Albany, NY: StateUniversity of New York Press.

PEW-Internet. (2008). Pew Internet & American life project: Demographics of Internet users. PEW,Retrieved from http://www.pewinternet.org/trends/User_Demo_10%2020%2008.htm.

Phelps, J., D’Souza, G., & Nowak, G.J. (2001). Antecedents and consequences of consumer privacyconcerns: An empirical investigation. Journal of Interactive Marketing, 15(4), 2-17.

Phelps, J., Nowak, G., & Ferrell, E. (2000). Privacy concerns and consumer willingness to providepersonal information. Journal of Public Policy and Marketing, 19(1), 27-41.

Podsakoff, M.P., MacKenzie, B.S., Lee, J.Y., & Podsakoff, N.P. (2003). Common method biases inbehavioral research: A critical review of the literature and recommended remedies. Journal ofApplied Psychology, 88(5), 879-903.

Schoeman, F.D. (Ed.). (1984). Philosophical Dimensions of Privacy: An Anthology. Cambridge, UK:Cambridge University Press.

Schwartz, P. M. (1999). Privacy and democracy in cyberspace. Vanderbilt Law Review, 52, 1610-1701.

Sheehan, K.B. (1999). An investigation of gender differences in on-line privacy concerns andresultant behaviors. Journal of Interactive Marketing, 13(4), 24-38.

Sheehan, K.B. (2002). Toward a typology of Internet users and online privacy concerns. InformationSociety, 18(1), 21-32.

Sheehan, K.B., & Hoy, M.G. (2000). Dimensions of privacy concern among online consumers.Journal of Public Policy & Marketing, 19(1), 62-73.

Slyke, C.V., Shim, J.T., Johnson, R., & Jiang, J.J. (2006). Concern for information privacy and onlineconsumer purchasing. Journal of the Association for Information Systems, 7(6), 415-444.

Smith, H.J., Milberg, J.S., & Burke, J.S. (1996). Information privacy: Measuring individuals’ concernsabout organizational practices. MIS Quarterly, 20(2), 167-196.

Smith, H. J., Dinev, T., & Xu, H. (2011). Information privacy research: An interdisciplinary review. MIS Quarterly, 35(4), 989-1015.

Solove, D.J. (2006). A taxonomy of privacy. University of Pennsylvania Law Review, 154(3), 477-560.

Solove, D.J. (2007). ‘I’ve got nothing to hide’ and other misunderstandings of privacy. San Diego LawReview(44), 745-772.

Solove, D.J. (2008). Understanding Privacy. Cambridge, MA: Harvard University Press.

Son, J.-Y., & Kim, S.S. (2008). Internet users’ information privacy-protective responses: A taxonomyand a nomological model. MIS Quarterly, 32(3), 503-529.

Squicciarini, C.A., Xu, H., & Zhang, X. (2011). CoPE: Enabling collaborative privacy management inonline social networks. Journal of the American Society for Information Science andTechnology, 62(3), 521-534.

Stanton, J.M., & Stam, K. (2003). Information technology, privacy, and power within organizations: A viewfrom boundary theory and social exchange perspectives. Surveillance and Society, 1(2), 152-190.

Stewart, K.A., & Segars, A.H. (2002). An empirical examination of the concern for information privacyinstrument. Information Systems Research, 13(1), 36-49.

Stone, B., & Stelter, B. (2009, February 19). Facebook backtracks on use terms. The New YorkTimes, B1, B6.

Stone, E.F., & Stone, D.L. (1990). Privacy in organizations: Theoretical issues, research findings, andprotection mechanisms. Research in Personnel and Human Resources Management, 8(3),349-411.

Straub, D., Boudreau, M.-C., & Gefen, D. (2004). Validation guidelines for IS positivist research.Communications of the Association for Information Systems, 13(1), 380-427.

Swire, P.P. (1997). Markets, self-regulation, and government enforcement in the protection ofpersonal information. In Privacy and Self-Regulation in the Information Age (pp. 3-19).Washington, D.C.: Department of Commerce, U.S.A..

Tang, Z., Hu, Y.J., & Smith, M.D. (2008). Gaining trust through online privacy protection: Self-regulation, mandatory standards, or caveat emptor. Journal of Management InformationSystems, 24(4), 153-173.

Thurm, S., & Kane, Y.I. (2010). Your apps are watching you: A WSJ investigation finds that iPhoneand android apps are breaching the privacy of smartphone users.The Wall Street Journal.

Vascellaro, E.J. (2010). Websites rein in tracking tools. The Wall Street Journal.

Waldo, J., Lin, H., & Millett, L.I. (2007). Engaging privacy and information technology in a digital age.Washington, D.C.: National Academies Press.

Walsh, M. (2010). MMA taking on mobile privacy. MediaPost. Retrieved from http://www.mediapost.com/publications/?fa=Articles.showArticle&art_aid=141646&nid=121943.

Warren, S.D., & Brandeis, L.D. (1890). The right to privacy. Harvard Law Review, 4(5), 193-220.

Weiss, S. (2007). The need for a paradigm shift in addressing privacy risks in social networkingapplications. In The Future of Identity in the Information Society(Vol. 262/2008, pp.161–171).IFIP WG 9.2, Karlstad, Sweden.

Westin, A.F. (1967). Privacy and freedom. New York, NY: Atheneum.

Xu, H. (2007). The effects of self-construal and perceived control on privacy concerns. Proceedings of the28th Annual International Conference on Information Systems, Montréal, Canada, Paper 125.

Xu, H., and Teo, H.H. (2004). Alleviating consumer’s privacy concern in location-based services: A psychological control perspective, Proceedings of the 25th Annual International Conferenceon Information Systems, Washington, D. C., United States, 793-806.

Xu, H., Teo, H.-H., Tan, B.C.Y., & Agarwal, R. (2010). The role of push-pull technology in privacycalculus: The case of location-based services. Journal of Management Information Systems,26(3), 135-174.

Yao, M.Z., Rice, R.E., & Wallis, K. (2007). Predicting user concerns about online privacy. Journal ofthe American Society for Information Science and Technology, 58(5), 710-722.

Zwick, D., & Dholakia, N. (1999). Models of privacy in the digital age: Implications for marketing andE-commerce. Research Institute for Telecommunications and Information Marketing (RITIM), University of Rhode Island.