ABSTRACT
This study examines the privacy practices of organizations. We argue that successful deployment of privacy practices based on ethical actions will strengthen privacy protection measures to better protect clients’ PII. We propose a set of ethical actions based on six normative theories following multiple case study approach to study three prominent data breaches. Our analysis indicates that ethical actions based on normative theories can be effective in developing better privacy practices for organizations. The theory that has the strongest effect on privacy practices is the deontological approach, while the liberal-intuitive has the weakest effect on privacy practices.
Notes
1 From this point onwards, the term “privacy” will be referring “information privacy” and not the umbrella term of privacy.
Additional information
Notes on contributors
Zareef A. Mohammed
Zareef A. Mohammed, Ph.D., is a lecturer at the State University of New York (SUNY) at Plattsburgh, in the Management, Information Systems and Analytics department of the School of Business and Economics. Zareef received his Ph.D. in Information Systems from Nova Southeastern University. He also received his M.S. in Information Technology with a specialization in Information Security Management from Nova Southeastern University. Zareef’s research interests include information privacy, information security, neuroscience in information systems (NeuroIS), ethics, and data analytics. He has previously published in Computers & Security and has had papers presented at Americas Conference on Information Systems and International Federation for Information Processing Dewald Roode Workshop on Information Security.
Gurvirender P. Tejay
Gurvirender P. Tejay, Ph.D., is a Gary Goldbloom Endowed Distinguished Chair in Cyber Security Management at St. Thomas University, Florida. His research interests include information security, privacy and technological change. Gurvirender received Ph.D. from Virginia Commonwealth University. He also holds M.S. in Computer Science from the University of Chicago, and M.A. in Economics from the University of Wisconsin – Milwaukee. He has served as co-editor for Special Issue on Cybercrime, for Computers & Security journal. Gurvirender also served as co-chair for Emergent Research Forum for Americas Conference on Information Systems 2015.
Joseph Squillace
Joseph Squillace is a doctoral candidate of Information Systems in the College of Engineering and Computing at Nova Southeastern University. He also earned his M.S. in Computer Information Systems, with a concentration in Information Security from Nova Southern University. His areas of research interest include information privacy, ethics, information security, health-care security, defense department information systems, integration of Information security and information technology (IT) in disaster preparedness and recovery, and economics of information security and privacy breaches.