From Software Business Community

Background

Privacy is the ability to control the acquisition and use of one's personal information (Westin 1967 cited in ^[1]) and it has been studied in diverse disciplines including law, information systems, marketing, organizational and social sciences, and psychology. In the following, we attempt to gain a broad overview of privacy issues by analyzing the overall incentive structures related to information exchanges. In this context, disclosure of personal information can viewed as a (wiling or unwilling, implicit or explicit) information transaction between a company or companies and a customer. Transactions are governed by supply and demand. A significant portion of demand of consumer data comes from marketing needs, where the effective use of customer information can lead to a competitive advantage ^[2]. Also a part of this is obtaining product requirements that meet the user's needs.

Organizations have demand for information of their employees to protect themselves from confidential information leaks and to monitor e.g. employee performance. In many cases, distinguishing between personal and professional data is impossible. In addition, information from the business environment including competitors and partners is always paramount. Information demand is limited by the costs of collecting data, which may include infrastructure and survey costs as well as offering incentives to the information source. Costs are also involved in analyzing and archiving the data. Government regulations may reduce demand by direct prohibition or indirectly via added costs. On the other hand, some regulations directly mandate companies to collect some form of customer data, such as passenger information or communications records. Some privacy regulation proposals in the US have been estimated to cost the economy sums in the ten billion dollar range (Hahn 2001 cited in ^[3]).

Though sharing sensitive occupational information is usually prohibited by contract, there are few formal limiting factors of individuals' personal information sharing. Therefore, on the end user information supply side, the most predominant and rising concern is privacy, i.e. individual's capability to limit the information "pull". Consumers are willing to disclose personal information for perceived benefits, however, the grounds for this cost-benefit analysis are far from rational ^[4]. Trust and communicating fair information practices also increase information supply as well as understanding what kind of information is in question. The cultural backgrounds of individuals also influence their willingness to disclose information ^[5]. In addition to individuals' willingness to disclose information, there are several other factors that affect supply. Information technology is making it increasingly cheap to collect information ^[6] thus increasing the supply of information. Developments in IT also lead to individuals disclosing information without being aware of it. Marketers may also share consumers' personal information. According to a survey cited by ^[7], only 3,5% of Web sites never disclose consumers' personal information to third parties.

Supply and demand effectively dictate the amount or transactions, and since both seem to be increasing irrespective of consumer preferences, consumer's control of their personal information is decreasing. From an economic perspective, it has been argued that privacy as well as its customer utility will continue to erode if left purely to market forces ^[8]. A similar view is echoed on the consumer side with calls for more regulation (e.g. ^[9]). Due to the economic impacts, increasing regulation is not without controversy.

Relevance to software business

With the involvement of software, the dynamics of information transactions have distinct characteristics, which can partly be seen as specializations of ^[10]'s views on the information economy. On the demand side, software lowers the costs of collecting data and even opens up the same scale economies associated with software products. Due to software's intelligence and self-awareness characteristic, the product itself can act as the collector of user data with implications to marketing. Some savings in data analysis can be achieved, since the data can be automatically collected into a suitable location and in a processable format. Among many factors, meeting the complex quality characteristics of software also require a good level of knowledge on customer needs. Especially, being effective in continuous repair and improvement amplifies the need for feedback mechanisms. On the other hand, software can also automatically adapt based on usage patterns, so user information can also be utilized "on site" where the software is being used. The customers may be rewarded with software for their collaboration, which is an effective rewarding scheme if the Internet is used for distribution (e.g. beta testing). As a distinction from eCommerce, software business arguably is more concerned in the nature of use, customer requirements, and defects in the software, whereas in eCommerce, there is arguably more focus on clicking and purchasing patterns as well as other data related user segmentation (with the natural exception of software designed to run eCommerce solutions).

Unlike many physical products, software is usually improved in short cycles. This should increase the supply of information by providing customers the incentive of better software and services (possibly leading to greater satisfaction). With software, knowledge asymmetry plays a strong role in consumers' "privacy calculus". Firstly, consumers may be reluctant to disclose any information since they do not understand the information collection processes. Secondly, they may disclose information unwittingly since they do not understand the characteristics of the technology they are using ^[11]. Even with sophisticated users, issues such as bounded rationality and psychological bias are present ^[12] , which are effectively amplified by software's inherent complexity. Software can also collect user information without the user's consent due to breaches in security and undocumented features. Under these overall settings, companies can sustainably increase the supply of data by communicating their fair information handling practices and promoting trust ^[13].

In summary, software businesses should acknowledge their inherently high demand for customer data, which we argue here based on its high information intensity ^[14]. Customer information demand arguably varies based on the business domain. Software companies should find ways to satisfy this need without mounting concerns on the supply side. To reduce information collection costs, the software itself can be used as an information collection tool. A timely failure scenario in these factors is spyware, which can be viewed as pure example of supply and demand. While answering to the high demand of market data, spyware ventures into unethical territory as it creates "supply" by bypassing the user consent, benefit, and awareness aspects. This has lead to a tightening regulatory environment, which will eventually decrease spyware's market from the demand side. On the other hand, Internet giant Google has leveraged enormous quantities of customer data in its business. A part of this success can be seen as coming from open disclosure of privacy policies and communication of fair information handling practices. On the other hand, due to the low privacy awareness of consumers (e.g. ^[15] ), a part of this information is arguably transferred without the awareness of consumers. Finally, protecting consumer privacy via the very same technologies that threaten it can also generate business opportunities ^[16].

Research issues

Demand of personal information

• How valuable are different types of (personal) user information to software companies (behavior, needs, requirements)?
  • How does this relate to the business domain and business model?
• Are software companies collecting enough information from their customers (within the limits of consent and ethics)
  • And are they utilizing the special characteristics of software to accomplish this?
• Are software companies using this information consistently and effectively?
  • How does this information intersect processes and functions?
• What kinds of software companies can distinctively gain a CA from utilizing personal user information?
  • What competences are needed to utilize this lever?
• How is user information shared in business networks and what benefits are gained?
• How do public perceptions of a company's handling of personal data affect company performance?
  • (Spyware may be the first market failure in this?)
    • What legal and ethically sustainable business opportunities for software companies are there that to some extent limit privacy?
  • How are these kinds of offerings marketed effectively?

Supply side

• Do users more willingly disclose private information if they are in a virtual community?
• How does the company brand and image affect consumers' willingness to disclose data?
• How have privacy concerns affected companies with SaaS offerings?
  • Service level agreements
  • Terms of use
• How do privacy concerns differ for private and behavioral data?

References

1. ↑ 74 Hann, Il Horn 2002;
2. ↑ 69 Glazer, Rashi 1991;
3. ↑ 74 Hann, Il Horn 2002;
4. ↑ 74 Hann, Il Horn 2002;
5. ↑ 68 Mary,C. 1999;
6. ↑ 75 Rust, Roland T. 2002;
7. ↑ 75 Rust, Roland T. 2002;
8. ↑ 75 Rust, Roland T. 2002;
9. ↑ 73 Freeman,Lee A. 2005;
10. ↑ 69 Glazer, Rashi 1991;
11. ↑ 68 Mary,C. 1999;
12. ↑ 70 Acquisti,Alessandro 2005;
13. ↑ 68 Mary,C. 1999;
14. ↑ 69 Glazer, Rashi 1991;
15. ↑ 72 Zhang,Xiaoni 2005;
16. ↑ 75 Rust, Roland T. 2002;

See also

External Links