Information Systems Research informs ®

Vol. 15, No. 4, December 2004, pp. 336–355

doi 10.1287/isre.1040.0032
issn 1047-7047
eissn 1526-5536
04
1504
0336
© 2004 INFORMS

Internet Users’ Information Privacy Concerns (IUIPC):

The Construct, the Scale, and a Causal Model
Naresh K. Malhotra
College of Management, Georgia Tech, 800 West Peachtree Street, Atlanta, Georgia 30332,
[email protected]

Sung S. Kim
School of Business, University of Wisconsin–Madison, 975 University Avenue, Madison, Wisconsin 53706,
[email protected]
James Agarwal
Haskayne School of Business, University of Calgary, 2500 University Drive NW, Calgary, Alberta, T2N 1N4, Canada,
[email protected]

T he lack of consumer confidence in information privacy has been identified as a major problem hampering the
growth of e-commerce. Despite the importance of understanding the nature of online consumers’ concerns
for information privacy, this topic has received little attention in the information systems community. To fill the
gap in the literature, this article focuses on three distinct, yet closely related, issues. First, drawing on social
contract theory, we offer a theoretical framework on the dimensionality of Internet users’ information privacy
concerns (IUIPC). Second, we attempt to operationalize the multidimensional notion of IUIPC using a second-
order construct, and we develop a scale for it. Third, we propose and test a causal model on the relationship
between IUIPC and behavioral intention toward releasing personal information at the request of a marketer.
We conducted two separate field surveys and collected data from 742 household respondents in one-on-one,
face-to-face interviews. The results of this study indicate that the second-order IUIPC factor, which consists
of three first-order dimensions—namely, collection, control, and awareness—exhibited desirable psychometric
properties in the context of online privacy. In addition, we found that the causal model centering on IUIPC
fits the data satisfactorily and explains a large amount of variance in behavioral intention, suggesting that the
proposed model will serve as a useful tool for analyzing online consumers’ reactions to various privacy threats
on the Internet.
Key words: information privacy; concerns for information privacy; Internet users’ information privacy
concerns; structural equation modeling; nomological network; causal model
History: Detmar Straub, Associate Editor. This paper was received on June 25, 2003, and was with the authors
5 months for 3 revisions.

1. Introduction of their personal information when or if they buy

Despite the enormous potential of e-commerce, its online” (University of California–Los Angeles Center
share of the total economy remains small: less than for Communication Policy 2001, p. 44).
1% worldwide (U.S. Department of Commerce 2002). Personal information in a digital format can be eas-
The lack of consumer confidence in online privacy ily copied, transmitted, and integrated, which enables
has been identified as a major problem hampering online marketers to construct thorough descriptions
the growth of e-commerce. Norman Mineta (2000), of individuals. Therefore, this information could pose
former U.S. Secretary of Commerce, remarked that a serious threat to privacy if not properly han-
the U.S. government regarded privacy as one of the dled; however, it also can be used to provide cus-
most critical issues in the continued growth of the tomers with personalized services and other benefits.
economy. In addition, a report showed that practically In this sense, consumers, managers, and researchers
all Americans (94.5%), including Internet users and should consider personal information a double-edged
non-Internet users, are concerned about “the privacy sword. Used carefully under proper safeguards, it can
336
Malhotra, Kim, and Agarwal: Internet Users’ Information Privacy Concerns (IUIPC)
Information Systems Research 15(4), pp. 336–355, © 2004 INFORMS 337

increase public utility; but when used carelessly, its 1989, Donaldson and Dunfee 1994, Dunfee et al. 1999,
abuse can lead to invasion of information privacy Phelps et al. 2000). This article also argues that the
(e.g., Laufer and Wolfe 1977, Culnan 2000). proposed model, strongly rooted in the trust-risk
During the past decade, the issue of informa- framework (McKnight et al. 1998) and the reasoned-
tion privacy has drawn considerable attention among action paradigm (Fishbein and Ajzen 1975), will serve
researchers in disciplines such as law, public pol- as a useful tool for analyzing reactions of online con-
icy, marketing, organizational behavior, and infor- sumers to various privacy threats on the Internet.
mation systems (Caudill and Murphy 2000, Culnan
2000, Goodwin 1991, Newman and Rao 2000, Regan 2. IUIPC
1995, Smith et al. 1996). However, much of the lit- This section begins with the description of the notion
erature on this topic has addressed information pri- of information privacy concerns and the review of
vacy within the context of threats from traditional existing scales designed to represent such concerns.
direct marketers (Phelps et al. 2000, Sheehan and Hoy Second, to accurately represent the privacy concerns
2000). Unlike traditional direct marketing channels, of online consumers, we propose a second-order
the Internet allows for interactive two-way commu- IUIPC factor incorporating three first-order dimen-
nication and accordingly poses unique information sions. Finally, we develop a causal model on how
privacy threats that differ from the issues previously IUIPC affects a consumer’s reactions to a request by
addressed (Hoffman and Novak 1996, Smith et al. an online marketer for personal information.
1996, Sheehan and Hoy 2000). For this reason, Phelps
et al. (2000, p. 40) stated that “research involving pri- 2.1. Information Privacy, Information Privacy
vacy and information issues related to e-commerce, Concerns, and Existing Scales
however, remains primarily in a nascent stage” and Information privacy refers to “the claim of individu-
called for more studies. als, groups, or institutions to determine for them-
To maximize the potential of e-commerce, it seems selves when, how, and to what extent information
critical to accurately understand online consumers’ about them is communicated to others” (Westin 1967,
concerns for information privacy. However, although p. 7). Although the notion of information privacy
several pioneering studies exist that examine online itself may sound straightforward, the practical bound-
privacy in general (e.g., Mehta and Sivadas 1995; ary of information privacy in real life varies with
Miyazaki and Fernandez 2000, 2001; Sheehan and numerous factors including industry sectors, cultures,
Hoy 2000), few systematic attempts have been made and regulatory laws (Milberg et al. 1995, Culnan and
to provide a theoretical framework on the specific Bies 2003, Andrews 2002). Information privacy concerns
nature of information privacy concerns among Inter- refer to an individual’s subjective views of fairness
net users. To fill the gap in the literature, this article is within the context of information privacy (Campbell
intended to examine Internet users’ information pri- 1997). Obviously, an individual’s privacy concerns
vacy concerns (IUIPC) by extending to the Internet will be influenced by these external conditions men-
domain the current body of knowledge centering on tioned earlier (e.g., industry sectors, cultures, regula-
traditional marketing channels. tory laws). However, an individual’s perceptions of
Specifically, we focus on three distinct, yet closely such external conditions will also vary with personal
interrelated, issues. (1) We theoretically examine the characteristics and past experiences (Donaldson and
nature and dimensionality of IUIPC; (2) we attempt to Dunfee 1994). Therefore, people often have different
operationalize the multidimensional notion of IUIPC opinions about what is fair and what is not fair con-
using a second-order construct and develop a scale cerning a firm’s collection and use of their personal
for it; (3) we propose and test a causal model center- information.
ing on IUIPC. Drawing on social contract (SC) theory, To measure individuals’ concerns about infor-
we propose that concerns of online consumers center mation privacy, practitioners have often used a
on three major dimensions—namely, collection, con- one-dimensional global information privacy concern
trol, and awareness of privacy practices (Donaldson (GIPC) scale (Smith et al. 1996). While GIPC indicates
 Malhotra, Kim, and Agarwal: Internet Users’ Information Privacy Concerns (IUIPC)
338 Information Systems Research 15(4), pp. 336–355, © 2004 INFORMS

privacy concerns in general, it is not intended to (Dunfee et al. 1999). This theory has also been used as
reveal the specific dimensions of such concerns. To a conceptual tool for explaining consumer behavior in
understand the complexity of individuals’ privacy the context of information privacy (Milne and Gordon
concerns, Smith et al. (1996) conducted a series of 1993, Culnan and Bies 2003). One of the main princi-
studies using rigorous methodologies. Their efforts ples of SC theory is that “norm-generating microsocial
resulted in a new multidimensional scale, called con- contracts must be grounded in informed consent, but-
cern for information privacy (CFIP), designed to tressed by rights of exit and voice” (Dunfee et al. 1999,
capture individuals’ concerns about organizational p. 19). In other words, an equitable exchange involv-
information privacy practices. The CFIP scale consists ing a long-term relationship should be accompanied
of 15 items and reflects 4 dimensions of information by shared understanding about contractual terms and
privacy concerns. Those four dimensions are collec- self-control over the course of the relationship.
tion, unauthorized secondary use, improper access, and When applied to information privacy, SC theory
errors. On the basis of a sample of 355 respondents, suggests that a firm’s collection of personally identifi-
Stewart and Segars (2002) empirically confirmed the able data is perceived to be fair only when the con-
psychometric properties of this 15-item scale. sumer is granted control over the information and the
As a reliable and valid measure, the four-dimen- consumer is informed about the firm’s intended use of
sional model of CFIP has been successfully applied the information. As a result, it is possible to charac-
within the context of offline direct marketing (Stewart terize the notion of IUIPC in terms of three factors—
and Segars 2002, Smith et al. 1996, Campbell 1997). namely, collection, control, and awareness of privacy prac-
However, as Smith et al. (1996) put it, “the dimen- tices. The collection factor captures the central theme of
sionality is neither absolute nor static, since percep- equitable information exchange based on the agreed
tions of advocates, consumers, and scholars could social contract. Meanwhile, the control factor repre-
shift over time” (p. 190). This is especially the case sents the freedom to voice an opinion or exit. Finally,
given the fundamental change in the marketing envi- the awareness factor indicates understanding about
ronment caused by the widespread adoption of the established conditions and actual practices. Thus, we
Internet. For instance, unlike traditional media, the conceptualize IUIPC as the degree to which an Inter-
Internet provides a variety of means for consumers net user is concerned about online marketers’ collec-
to control personal information that is stored in an tion of personal information, the user’s control over
organization’s database. Consequently, it is important the collected information, and the user’s awareness
to examine the shifting dimensions of privacy con- of how the collected information is used. The three
cerns because Internet users are likely to differ from IUIPC factors are described in detail as follows.
offline consumers in their concerns about their per- 2.2.1. Collection. The very act of data collection,
sonal information. whether it is legal or illegal, is the starting point
of various information privacy concerns. We define
2.2. Nature of IUIPC collection, the first dimension of IUIPC, as the degree
Consumers regard the release of personal information to which a person is concerned about the amount
as a risky transaction because they become vulnera- of individual-specific data possessed by others rela-
ble to a company’s potential opportunistic behaviors tive to the value of benefits received. This collection
(Milne and Gordon 1993, Laufer and Wolf 1977). For factor is grounded on SC’s principle of distributive
this reason, a consumer’s concerns about information justice, which relates to “the perceived fairness of
privacy cannot be fully understood without investi- outcomes that one receives” (Culnan and Bies 2003,
gating how individuals define justice in this long- p. 328). In an equitable exchange, consumers give up
term exchange of personal information. SC theory is some information in return for something of value
especially useful for studying perceptions of fairness after evaluating the costs and benefits associated with
and justice (Donaldson and Dunfee 1994). This notion the particular transaction. Thus, individuals will be
of SC has been applied widely to explain various reluctant to release their personal information if they
phenomena including the consumer-firm relationship expect negative outcomes (Cohen 1987).
Malhotra, Kim, and Agarwal: Internet Users’ Information Privacy Concerns (IUIPC)
Information Systems Research 15(4), pp. 336–355, © 2004 INFORMS 339

In the domain of direct marketing, Phelps et al. information. For example, Phelps et al. (2000) found
(2000) found that a majority of respondents (85.6%) that most people (84%) wanted to have more control
wanted to limit the amount of personal information over the use of personal data to restrict unwanted
collected by marketers. Cespedes and Smith (1993) commercial advertisements. Nowak and Phelps (1995)
argued that an idiosyncratic “privacy threshold” level also demonstrated that people were less worried
existed for the amount of data people were willing about data collection when they explicitly give per-
to provide. Indeed, the collection factor constitutes mission to firms or are given the choice to opt-out.
one of the four CFIP dimensions1 (Smith et al. 1996). The Internet technologies offer flexible ways for con-
Accordingly, it seems reasonable to expect that mar- sumers to control their personal information in an
keters’ collection of personal information will con- organization’s database. Consequently, lack of such
tinue to be an important source of privacy concerns control will increase online consumers’ privacy con-
among Internet users (Rendleman 2001). Thus, we cerns. Although less evident in CFIP, the control
posit collection, which is also a dimension of CFIP, as factor is thus likely to be one of the most important
an important factor characterizing IUIPC. components reflecting IUIPC.
2.2.2. Control. SC theory is strongly rooted in the 2.2.3. Awareness of Privacy Practices. On the
principle of procedural justice (Gilliland 1993, Thibaut basis of a review of the literature, Foxman and
and Walker 1975, Tyler 1994). According to the prin- Kilcoyne (1993) argued that information privacy
ciple of procedural justice, individuals view proce- exists only when a person is (1) given control over
dures as fair when they are vested with control of the personal information and (2) informed about data col-
procedures (Thibaut and Walker 1975, Tyler 1994). In lection and other issues. Control is an active compo-
other words, consumers want to exercise process con- nent of information privacy and it is often exercised
trol and influence changes in organizational policies through approval, modification, and opportunity to
they find to be objectionable (Gilliland 1993, Thibaut opt-in or opt-out. In contrast, awareness is a pas-
and Walker 1975). The issue of control becomes more sive dimension of information privacy, and it refers to
pronounced when a large potential exists for oppor- the degree to which a consumer is concerned about
tunistic behavior and breach of the social contract in his/her awareness of organizational information pri-
a relational exchange. vacy practices (Culnan 1995, Foxman and Kilcoyne
Control is especially important in the information 1993). Accordingly, the awareness factor is highly
privacy context because consumers take high risks interrelated with, but distinct from, its active counter-
in the submission of personal information. Based on part (i.e., control) (Sheehan and Hoy 2000).
the principles of procedural justice, moral contractors This awareness factor incorporates two types of
achieve control by exercising freedom to either accept justices—interactional and informational justice. In-
or reject the process or decision outcome (Alge 2001). teractional justice includes issues of transparency and
Thus, we propose that an individual’s concerns for propriety of information made during the enactment
information privacy center on whether the individual of procedures. Violating interactional justice leads to
has control over personal information as manifested decreased perceptions of fairness (Bies and Moag
by the existence of voice (i.e., approval, modification) 1986, Greenberg 1990). Meanwhile, informational jus-
or exit (i.e., opt-out) (Caudill and Murphy 2000). tice relates to the disclosure of specific information.
Several studies have suggested that in reality peo- Perceptions of fairness increased with the specificity
ple want to have the ability to control personal of information used to provide justification (Shapiro
et al. 1994).
1
Operationally, the collection scale measures the degree to which According to Hoffman et al. (1999), a majority of
customers are concerned about data collection, but the other three Web users (69%) refused to reveal personal infor-
factors pertain to the items that ask what organizations should do
mation to online firms because they were not sure
for fair privacy practices (for the CFIP scale, see the appendix). We
believe that control and awareness effectively represent the other how the data would be used. Similarly, Phelps et al.
three CFIP dimensions. We test this proposition (i.e., comparison (2000) showed that about 50% of the respondents in
between CFIP and IUIPC). their survey study were looking for more information
 Malhotra, Kim, and Agarwal: Internet Users’ Information Privacy Concerns (IUIPC)
340 Information Systems Research 15(4), pp. 336–355, © 2004 INFORMS

Table 1 Comparison Between GIPC, CFIP, and IUIPC

GIPC CFIP IUIPC

Purpose To reflect the level of information To reflect individuals’ concerns about To reflect Internet users’ concerns about
privacy concerns in general organizational information privacy practices information privacy
Focus No particular focus Organizations’ responsibilities for the proper Individuals’ perceptions of fairness/justice in the
handling of customer information context of information privacy
Context Context-independent Mostly offline or traditional direct marketing Mostly online environment
Communication Both one-way and two-way Mostly one-way communication Mostly two-way communication
communication
Dimensions One-dimensional construct Collection, improper access, unauthorized Collection, control, awareness of privacy practices
secondary use, and error
Representation A single latent factor Correlated first-order factors; Stewart and Second-order factor
Segars (2002) argued that CFIP is better
represented as a second-order factor.

and transparency about how organizations used and a research variable of interest. In addition, a high
individual-specific data. Indeed, these interactional/ level of correlation between the first-order factors
informational issues are captured through such CFIP could cause a multicollinearity problem (Bagozzi and
factors as unauthorized secondary use, improper Heatherton 1994). However, the second-order model
access, and errors. However, we believe that the does not suffer from these problems; that is, it is theo-
awareness factor based on SC theory will succinctly retically sound, substantively meaningful, empirically
convey these concerns about organizational practices. justified, and operationally convenient. In summary,
Thus, we posit awareness as the third and last factor Table 1 describes the major differences between GIPC,
characterizing IUIPC. CFIP, and IUIPC.
2.2.4. Second-Order IUIPC. Smith et al. (1996) op-
erationalize CFIP as correlated first-order factors. 2.3. Causal Model
From a theoretical perspective, however, their model A long-term exchange relationship in the context of
excludes the possibility of a second-order factor that information privacy is initiated when a consumer
may govern the first-order factors. In this regard, releases personal information to a marketer. Thus,
Stewart and Segars (2002) argue that the four factors it is important for researchers to understand how
are not CFIP per se because “CFIP leads to various one determines to engage in this long-term rela-
subconcerns” (p. 38, italics added). Within the frame- tionship. Moreover, marketers will have great inter-
work of exchange theory, shared norms are similarly est in predicting consumer reactions to requests for
understood as a higher-order syndrome that regu- personal information. Accordingly, we developed a
lates expectations of specific behaviors in an exchange causal model to describe how IUIPC influences a con-
relationship (Heide and John 1992). Using struc- sumer’s decision to release or not release personally
tural equation modeling, Stewart and Segars (2002) identifiable data in a certain situation. Depicted in
demonstrated that CFIP was indeed a second-order Figure 1, the causal model is developed based on the
phenomenon that regulated the behavior of the four trust-risk framework (Mayer et al. 1995, McKnight
first-order factors. et al. 1998, Jarvenpaa and Tractinsky 1999) and the
Given the strong theoretical and empirical evi- theory of reasoned action (TRA) (Fishbein and Ajzen
dence, we conceptualize IUIPC as a second-order 1975). The research variables and their relationships
factor. This conceptualization also avoids several in the model are explained in detail as follows.
problems in the interpretation of the role of IUIPC in
a structural model. For example, a first-order model 2.3.1. Relationships Between IUIPC, Trusting Be-
with multiple factors makes it difficult for researchers liefs, Risk Beliefs, and Intention. In essence, the
to clearly interpret the relationship between IUIPC trust-risk model holds that in the situation in which
Malhotra, Kim, and Agarwal: Internet Users’ Information Privacy Concerns (IUIPC)
Information Systems Research 15(4), pp. 336–355, © 2004 INFORMS 341

Figure 1 Proposed Model

Personal Dispositions Context-Specific Factors

Collection

Control IUIPC H1 Trusting

Beliefs
H2
Awareness
H3
H6
Contextual Variable
H7
Risk
H4
Beliefs
• Type of information*
H8
H5
Covariates

• Sex
• Age Behavioral
• Education Intention
• Internet experience
• ID misrepresentation
• Invasion of privacy in past
• Media exposure

Notes. ∗ Less sensitive information (0), more sensitive information (1), positive effect −→, negative effect −−→.

potential risks are present, trust plays an important A general consensus in the trust-risk literature
role in determining one’s (trusting/risk taking) behav- shows that personal traits influence, to some extent,
ior (Luo 2002, Sirdeshmukh et al. 2002). This trust-risk trusting beliefs and risk beliefs (Mayer et al. 1995,
model has been used to explain a variety of behav- McKnight et al. 1998). This implies that one’s ten-
iors in an uncertain environment, including consumer- dency to worry over information privacy (i.e., IUIPC)
firm relationships (Wulf et al. 2001, Jarvenpaa and will influence how the person perceives a specific
Tractinsky 1999) and employee-organization relation- situation in which an online marketer requests per-
ships (Mayer et al. 1995, McKnight et al. 1998). A great sonal information (i.e., trusting and risk beliefs). More
deal of the literature shows that trust and risk are the specifically, Internet users with a high degree of
information privacy concerns are likely to be low
two most salient beliefs in information privacy-related
on trusting beliefs and high on risk beliefs. This
contexts (Cespedes and Smith 1993, Milne and Rohm
proposition is also consistent with TRA, which sug-
2000, Miyazaki and Fernandez 2000, Sheehan and Hoy
gests that individual characteristics influence salient
2000). As shown in Figure 1, we include trusting
beliefs (Fishbein and Ajzen 1975, Ajzen 1991). Thus,
beliefs and risk beliefs in the model to explain an indi- as depicted in Figure 1, we propose that IUIPC will
vidual’s release of personal information at the request influence trusting beliefs negatively and risk beliefs
of an online marketer. Trusting beliefs are defined as positively.
the degree to which people believe a firm is depend-
Hypothesis 1. Internet users’ information privacy con-
able in protecting consumers’ personal information
cerns will have a negative effect on trusting beliefs.
(Grazioli and Jarvenpaa 2000, Gefen et al. 2003). On
the other hand, risk beliefs refer to the expectation Hypothesis 2. Internet users’ information privacy con-
that a high potential for loss is associated with the cerns will have a positive effect on risk beliefs.
release of personal information to the firm (Dowling Evidence suggests that trusting beliefs also directly
and Staelin 1994). influence risk beliefs. For example, Moorman et al.
 Malhotra, Kim, and Agarwal: Internet Users’ Information Privacy Concerns (IUIPC)
342 Information Systems Research 15(4), pp. 336–355, © 2004 INFORMS

(1992) argued that trust would reduce “the per- 2.3.2. Contextual Variable. It is known that con-
ceived uncertainty and hence the perceived vulner- sumers’ reactions to privacy threats depend on the
ability” (p. 315). In other words, trusting beliefs are type of information requested by marketers (Phelps
expected to mitigate risk perceptions. In the context et al. 2000, Sheehan and Hoy 2000, Wang and
of relationship marketing, Morgan and Hunt (1994) Petrison 1993). All things being equal, releasing more
actually provided empirical support for the proposi- sensitive information is perceived as more risky
tion mentioned above. Similarly, in a study of cross- than releasing less sensitive information (Milne and
cultural online retailing, Jarvenpaa and Tractinsky Gordon 1993). Although the perceived sensitivity of
(1999) found that trust had a negative influence on information varies widely with individual differences,
risk perceptions. Taken as a whole, the more trust a in general financial data and medical information are
consumer has in an online firm, the less likely he or known to be viewed by consumers as more sensitive
she is to foresee the risk in providing personal infor- information; in contrast, at an aggregate level, lifestyle
mation to the firm. characteristics and shopping/purchasing habits are
considered less sensitive by consumers than finan-
Hypothesis 3. Trusting beliefs will have a negative cial data and medical information (Nowak and Phelps
effect on risk beliefs. 1992, Sheehan and Hoy 2000, Phelps et al. 2000). The
validity of a certain model cannot be established until
Within the framework of reasoned action, behav-
it is shown to hold across a variety of personal data
ioral intention is a reliable predictor of actual behavior
requested by marketers.
(Fishbein and Ajzen 1975, Ajzen 1991). It seems fair
Despite the importance of this contextual differ-
to argue then that intention to release personal infor- ence resulting from various information requests,
mation serves as a good proxy for whether one actu- few studies have taken into account such difference
ally reveals personal information at the request of an explicitly within a causal model (Stewart and Segars
online marketer. According to the trust-risk literature, 2002, Smith et al. 1996). To fill this gap in the liter-
trusting/risk beliefs are expected to exert a significant ature, our model is specifically developed to control
effect on behavioral intention. For example, McKnight for the contingent effect of information on consumers’
et al. (1998) and McKnight and Chervany (2000) pro- perceptions (Figure 1). In general, the causal model
posed that trusting beliefs would directly influence proposes that more sensitive information, compared
“trusting intention.” Similarly, Jarvenpaa and Tractin- with less sensitive information, will exert a more neg-
sky (1999) showed that “risk perception” affected ative effect on consumers’ attitudes and intentions
one’s willingness to buy books from websites. There- toward revealing personal information. Specifically,
fore, trusting/risk beliefs are likely to have a direct we expect that a marketer’s request for more sensitive
influence on intention. These hypotheses are depicted information will make a consumer suspicious; con-
in Figure 1 and formally stated below. sequently, this request will reduce the level of trust.
Moreover, when sensitive information is requested,
Hypothesis 4. Trusting beliefs will have a positive
risk beliefs are hypothesized to increase. Finally, the
effect on intention to reveal personal information.
model predicts that consumers will be more reluctant
Hypothesis 5. Risk beliefs will have a negative effect to reveal information that is more sensitive compared
on intention to reveal personal information. to information that is less sensitive. Thus, our final
hypotheses are stated below.
Note that the causal model implies that the impact
Hypothesis 6. A marketer’s request for more sensitive
of IUIPC on behavioral intention is fully mediated
information will have a negative effect on trusting beliefs.
by trusting/risk beliefs. This is consistent with the
premise of TRA that salient beliefs fully mediate the Hypothesis 7. A marketer’s request for more sensitive
impact of individual differences on behavioral inten- information will have a positive effect on risk beliefs.
tion. Later, we will empirically examine whether this Hypothesis 8. A marketer’s request for more sensitive
mediation proposition really holds in this particular information will have a negative effect on intention to
context. reveal personal information.
Malhotra, Kim, and Agarwal: Internet Users’ Information Privacy Concerns (IUIPC)
Information Systems Research 15(4), pp. 336–355, © 2004 INFORMS 343

2.3.3. Covariates. Factors other than those men- and Segars 2002). This literature review was followed
tioned previously may influence Internet users’ re- by qualitative research in an effort to further elicit
actions to information privacy threats. To control privacy concerns that might have been missed in the
for those unknown effects, we have included sev- previous step (Straub et al. 2004). This qualitative
eral covariates in the model. Specifically, we included research was conducted through personal interviews
three demographic characteristics: sex (Milne and with three subject matter experts and a group inter-
Rohm 2000), age (Culnan 1995, Milne and Rohm 2000, view with eight Internet users in a nonstructured and
Wang and Petrison 1993), and education (Culnan natural manner (Malhotra 2004). As a result, a pool of
1995, Milne and Rohm 2000, Phelps et al. 2000, Wang new items was created to reflect Internet users’ infor-
and Petrison 1993). In addition, the causal model mation privacy concerns. This first pool included 7
is tested with four additional variables related to awareness items, 15 control items, and 21 other items
personal experiences: Internet experience (Milne and that could potentially constitute online consumers’
Rohm 2000, Phelps et al. 2000), how often subjects privacy concerns (e.g., security, honesty, the seal of
provide falsified identification information to a mar- assurance, social responsibility, etc). To reduce the
keter (Hoffman et al. 1999, Pew Internet Project 2000), length of the questionnaire, the existing scales were
whether the subject’s privacy has been invaded in the excluded from this item pool.
past (Culnan 2000), and the amount of exposure to A structured questionnaire was developed based
media reports of incidents of privacy invasion (Smith on the pool of new items. The survey was admin-
et al. 1996). Consequently, as Figure 1 shows, a total istered to household (nonstudent) respondents who
of seven control variables are taken into account in had used the Internet for at least one hour in the
the causal model. previous month. Students in a marketing research
class at a large southeastern university in the United
3. Methodology States were given the task of collecting the survey
We conducted two empirical studies to develop and data. Partial course credit was granted to each stu-
test a new scale of IUIPC. The purpose of Study 1 was dent for administering the survey, and strict instruc-
to develop measures for new dimensions of privacy tions were laid out with regards to the quality of data
concerns (e.g., control and awareness) that were not collection. In this field survey, we collected a total of
available from existing scales (e.g., collection, unau- 293 completed questionnaires. Men (49%) and women
thorized secondary use, improper access, and errors). (51%) were almost equally represented, and an aver-
Study 2 was designed to establish the second-order age respondent was 35 years of age and had 4.5 years
IUIPC factor with the combination of new (i.e., control of Internet experience. The median household income
and awareness) and existing (i.e., collection) scales. In per year was $60,000, and 71% of the respondents had
this latter study, we also formally tested the research bachelor’s degrees or higher.
model and hypotheses. To discover discernible patterns of privacy dimen-
sions, we performed exploratory factor analysis
3.1. Empirical Study 1 (EFA). From the results we found that control and
The objective of Study 1 is to develop new scales for awareness clearly emerged as independent factors.
privacy concerns that were not part of the existing We chose three items for control and three items for
CFIP dimensions (i.e., collection, unauthorized sec- awareness that exhibited the most desirable psycho-
ondary use, improper access, and errors). To iden- metric properties (Hair et al. 1995). Each of these
tify various forms of salient privacy concerns, we selected items loaded higher than 0.70 on the desig-
first reviewed the relevant literature in different dis- nated factor and at the same time loaded less than
ciplines including law, public policy, marketing, com- 0.40 on other factors (Chin et al. 1997). Consequently,
munications, and information systems (Caudill and these six items, along with the existing four items for
Murphy 2000, Culnan 2000, Goodwin 1991, Newman the collection factor adapted from CFIP, represented
and Rao 2000, Regan 1995, Smith et al. 1996, Stewart the 10-item IUIPC scale in the following study.
 Malhotra, Kim, and Agarwal: Internet Users’ Information Privacy Concerns (IUIPC)
344 Information Systems Research 15(4), pp. 336–355, © 2004 INFORMS

3.2. Empirical Study 2 To collect data, we conducted personal interviews

To control for the effect that the type of informa- similar to those of the first study. For this second
tion had on consumers’ reactions, we employed an study, interviewers were recruited from a different
experimental design with a scenario-creation method marketing research class to collect a fresh set of data.
(Webster and Trevino 1995, Straub and Karahanna Using the personal contact information, we ensured
1998). Specifically, two types of scenarios were cre- that the respondents in the previous study were not
ated according to the sensitivity of the personal infor- included in the second study. As a result, we collected
mation requested (for the categorization of personal a total of 449 usable questionnaires from household
information requested, see Phelps et al. 2000). The respondents in one-on-one, face-to-face interviews.
Type A questionnaire presented a scenario in which The sample consisted of 217 Type A and 232 Type B
respondents were asked to provide personal shop- respondents. The demographic profile of the respon-
ping preferences in return for free membership, worth dents was comparable to that of the first study (54%
$50, at a discount store (less sensitive information). male, 53% 35 years of age or older, a median of
Type B presented the same scenario but the informa- 4.5 years of Internet experience, a median income of
tion requested concerned personal financial informa- $60,000, and 76% bachelor’s degrees or higher). No
tion (more sensitive information). In general, financial significant differences were found between the two
information is perceived to be more sensitive than types of data (A and B) in terms of gender, age, Inter-
personal preferences (Sheehan and Hoy 2000). There- net experience, income, and education.
fore, Type B should be viewed as a more sensi-
tive situation than Type A. A pretest was conducted 3.3. Measurement Model
that confirmed the nature of the two scenarios.2 We The psychometrics literature suggests that to avoid
employed a between-subjects design in which respon- misinterpretation of structural relationships, re-
dents were given only one of the two scenarios searchers should first estimate a measurement model
(Keppel 1991). before testing hypotheses (Anderson and Gerbing
Both scenarios had a common set of items that was 1988). We adopted this two-step approach in which
independent of the type of information requested. first a valid and reliable measurement was established,
Among the items were demographic information, and subsequently the structural model of Figure 1 was
general consumer behavior, and the three information tested. To examine the original measurement model,
privacy scales (GIPC, CFIP, and IUIPC). Scales spe- we conducted a confirmatory factor analysis (CFA) on
cific to the scenarios were trusting beliefs, risk beliefs, the data collected from Study 2. In particular, model
and intention. Note that the operationalization of fit is assessed in terms of four indices: comparative
these context-contingent factors was directed toward fit index (CFI), goodness-of-fit index (GFI), root mean
online marketers in general as opposed to a specific square error of approximation (RMSEA), and the con-
firm. This was done because respondents could not sistent Akaike information criterion (CAIC). A model
be expected to have a meaningful experience with is considered to be satisfactory if CFI > 095, GFI >
the hypothetical firm in the scenario. McKnight et al. 090, and RMSEA < 006 (Bearden et al. 1993, Hu and
(1998) proposed that initial trust would depend on
Bentler 1999). CAIC, which is useful for comparing
“institutional cues that enable one person to trust
nonnested alternative models, has no cut-off values;
another without firsthand knowledge” (p. 474). That
instead, a smaller value implies better fit (Bozdogan
is, at the initial stage, a consumer’s opinions about an
1987, Steenkamp and Baumgartner 1998).
unknown firm will be similar to his or her opinions
The result of CFA indicated that the initial mea-
about typical firms. The appendix shows the specific
surement model did not fit the data well [ 2 734 =
items used in this study.
175361, CFI = 091, GFI = 084, RMSEA = 0056,
2
CAIC = 265620]. A careful inspection of the LIS-
Note that in this discount store example requesting financial infor-
mation, as opposed to personal preferences, will be thought to be
REL output revealed that some items did not load
largely inappropriate. This also made Type B more sensitive than on the designated latent factors (completely stan-
Type A. dardized loading < 060), or were associated with
Malhotra, Kim, and Agarwal: Internet Users’ Information Privacy Concerns (IUIPC)
Information Systems Research 15(4), pp. 336–355, © 2004 INFORMS 345

Table 2 Estimated Factor Correlation Matrix from the Revised Measurement Model

Correlation matrix

Mean SD CR AVE 1 2 3 4 5 6 7 8 9 10

1. COLL 5.63 1.09 0.83 0.55 0
74

2. ERRO 5.16 1.18 0.88 0.64 0
52 0
80
3. SECO 6.20 1.00 0.82 0.54 0
61 0
50 0
73
4. IMPR 6.06 0.95 0.77 0.53 0
68 0
68 0
81 0
73
5. AWAR 6.21 0.87 0.74 0.50 0
66 0
49 0
77 0
79 0
71
6. CONT 5.67 1.06 0.78 0.54 0
53 0
47 0
56 0
68 0
75 0
73
7. GIPC 5.01 1.29 0.75 0.50 0
70 0
48 0
53 0
62 0
70 0
55 0
71
8. TRUST 3.24 1.33 0.78 0.54 −0
41 −0
08 −0
22 −0
24 −0
31 −0
25 −0
29 0
73
9. RISK 4.56 1.59 0.92 0.74 0
38 0
32 0
32 0
36 0
26 0
25 0
40 −0
32 0
86
10. INT 3.15 1.74 0.95 0.86 −0
34 −0
17 −0
23 −0
21 −0
22 −0
17 −0
31 −0
46 −0
78 0.93

Notes. COLL = collection; ERRO = errors; SECO = unauthorized secondary use; IMPR = improper access; AWAR = awareness; CONT = control; GIPC =
global information privacy concern; TRUST = trusting beliefs; RISK = risk beliefs; INT = intention to give personal information; SD = standard deviations;
CR = composite reliability; AVE = average variance extracted. Value on the diagonal is the square root of AVE.

high modification indices. To refine the measurement Larcker 1981, Chin 1998). We found that all of the
model, seven items were dropped from GIPC, trusting correlation estimates met the criterion except in four
beliefs, risk beliefs, and intention (see the appendix). cases. Two of the four exceptions were found across
In spite of the measurement purification, we made no IUIPC and CFIP. This fact seems to pose less con-
changes on CFIP and IUIPC factors to compare them cern because IUIPC is assumed to include and extend
impartially. With the remaining items, we again per- CFIP. In other words, by definition, the two constructs
formed a CFA. Compared with the previous model, are destined to be strongly correlated in many occa-
this new measurement model exhibited improved sions. Meanwhile, the other two violations were iden-
model fit [ 2 482 = 104940, CFI = 094, GFI = 087, tified within CFIP and IUIPC, respectively. However,
RMSEA = 0051, CAIC = 1852495]. Table 2 describes because of the size of the correlation matrix, which
the means, standard deviations, composite reliabili- includes 45 estimates, some violations can occur sim-
ties (CR), and average variance extracted (AVE), and ply through chance (Campbell and Fiske 1959). There-
correlations of the factors based on the refined mea- fore, it can be argued that in this study at least a
surement model. reasonable extent of discriminant validity was estab-
In addition to the model fit, we examined the reli- lished.3 Overall, the evidence of good model fit, reli-
ability, the convergent validity, and the discriminant ability, convergent validity, and discriminant validity
validity of the scale. Reliability was examined based
indicates that the measurement model was appropri-
on CR and AVE. A scale is said to be reliable if
ate for testing the structural model at a subsequent
CR > 070 and AVE > 050 (Bagozzi and Yi 1988).
stage.
As shown in Table 2, the CRs range from 0.74 to
0.95, and the AVEs range from 0.50 to 0.86, which
3
are above recommended cut-off values. On the other Alternatively, discriminant validity can be checked by examining
whether a correlation between two constructs is significantly dif-
hand, convergent validity is established if all item
ferent from unity (Venkatraman 1989). More specifically, the cor-
loadings are equal to or above the recommended cut- relation of the two constructs in question was freely estimated in
off level of 0.60 (Chin et al. 1997). We found the low- the first model (i.e., a two-factor model) but set to 1 in the second
est loading of 0.61 in an item for awareness and the model (i.e., a one-factor model). A chi-square difference was exam-
highest loading of 0.98 in an item for intention, sug- ined between the two models to determine whether the two con-
gesting the convergent validity of the scale. Discrimi- structs were significantly different. An examination of each pair of
the constructs of Table 2 (45 pairs) revealed that the extra constraint
nant validity is the extent to which an item does not
consistently worsened model fit, supporting the discriminant valid-
relate to the measures of other constructs. Discrim- ity of the constructs. That is, the results of chi-square difference
inant validity is achieved if the square root of the tests provided further support that the constructs were reasonably
AVE is larger than correlation coefficients (Fornell and different from one another.
 Malhotra, Kim, and Agarwal: Internet Users’ Information Privacy Concerns (IUIPC)
346 Information Systems Research 15(4), pp. 336–355, © 2004 INFORMS

3.4. The Second-Order IUIPC Scale different. The test value (Z-value = 215) indicated
We tested a second-order IUIPC with three first-order that a significant difference existed between the cor-
dimensions (i.e., collection, control, and awareness) relation coefficients p < 005, suggesting that IUIPC
as specified in Figure 1. To provide a comparative more strongly correlated with GIPC than did CFIP.
perspective on the assessment of IUIPC, we also We further assessed the utility of IUIPC using dif-
examined an alternative form of information privacy ferent criteria. Understanding an individual’s privacy
concerns, namely, a second-order CFIP (Stewart and concerns has significance to practitioners to the extent
Segars 2002). As shown in the appendix, the orig- that it helps to predict various privacy-related behav-
inal CFIP scale was adapted to a new online con- iors. Thus, in this additional test, the utility of a scale
text. Given the modification to the CFIP scale that we is assessed by the correlation between a scale and
made (e.g., from “companies” to “online companies”), a behavioral intention item toward a privacy-related
the results of CFIP in this present study should be behavior. We modified five behavioral intention items
interpreted with caution. included in the study by Smith et al. (1996); specifi-
IUIPC met the fit criteria in terms of CFI, GFI, cally, the word “company” in the original items was
and RMSEA [ 2 32 = 7319, CFI = 098, GFI = 097, replaced with “online company.” The five items are:
RMSEA = 0054, CAIC = 23665], but the fit of CFIP (1) How likely are you to refuse to give information
was marginal in terms of RMSEA [ 2 86 = 26456, to an online company because you think it is too per-
CFI = 095, GFI = 093, RMSEA = 0068, CAIC = sonal?, (2) How likely are you to take actions to have
50620]. The CAIC index also indicates that IUIPC your name removed from e-mail lists for catalogs,
(CAIC = 23665) represents the reality better than products, or services?, (3) How likely are you to write
CFIP (CAIC = 50620), at least in this particular con- or call an online company to complain about the way
text. In general, the results indicated that IUIPC it uses personal information?, (4) How likely are you
efficiently and effectively reflected Internet users’ to write or call an elected official or consumer orga-
concerns for information privacy. nization to complain about the way online companies
In addition to model fit, we examined concurrent use personal information?, and (5) How likely are you
validity, which refers to the degree to which a new to refuse to purchase a product because you disagree
scale of interest relates to an established measure rep- with the way an online company uses personal infor-
resenting the same or similar phenomenon (Cronbach mation?
The correlations between CFIP and the five items
1990, Rogers 1995). For this particular test, a modified
were found to be 0.36, 0.16, 0.26, 0.20, and 0.33,
GIPC scale, which included the word “online” in two
respectively. On the other hand, IUIPC’s correlations
of its three items, was treated as the standard measure
with the items were 0.43, 0.25, 0.24, 0.20, and 0.42. The
reflecting privacy concerns (Smith et al. 1996); thus,
result indicated that IUIPC correlated more strongly
we examined the correlation between GIPC and the
on three of the five items than did CFIP. Moreover, the
scale in question (i.e., IUIPC or CFIP) as an indicator
results of Z-tests showed that these differences in the
for the degree of the concurrent validity of the scale.4
correlations were statistically significant (Z-values >
The results showed that IUIPC had a stronger cor-
222, ps < 005, two-tailed), suggesting that IUIPC is
relation to GIPC r = 059 than did CFIP r = 053.
likely to exceed CFIP as a predictor of consumer reac-
Using the Meng et al. (1992) Z-test method, we tested
tions to online privacy threats. Overall, the second-
whether the correlation coefficients were significantly
order IUIPC seems a reasonable representation of
Internet users’ information privacy concerns.
4
The correlation between CFIP and IUIPC should be known to
compare their relationships with the criterion variable, i.e., GIPC 3.5. Nomological Validity
(Meng et al. 1992). To calculate the correlation between CFIP and Nomological validity is defined as “the degree to which
IUIPC, we used the “means of latent variable scores” (MLVS) tech-
predictions from a formal theoretical network con-
nique available in PRELIS 2.3 and LISREL 8.3 (Jöreskog et al. 1999).
This technique allowed us to create factor scores for CFIP, IUIPC, taining the concept under scrutiny are confirmed”
and GIPC, respectively. The factor scores were used to estimate the (Bearden et al. 1993, p. 5). The establishment of nomo-
relationships between the three factors. logical validity is said to be an important step in
Malhotra, Kim, and Agarwal: Internet Users’ Information Privacy Concerns (IUIPC)
Information Systems Research 15(4), pp. 336–355, © 2004 INFORMS 347

Figure 2 Results of SEM Analysis

Trusting
Collection beliefs
(R 2 = 0.25)
0.75(N/A)
0.23***
–0.34***
Behavioral
Control 0.78*** IUIPC –0.15** intention
(R 2 = 0.66)
0.26*** –0.63***
0.91***
Risk beliefs
Awareness (R 2 = 0.50)

–0.13** 0.55*** –0.12**

Type of information requested

• Less sensitive information (0)
• More sensitive information (1)

Notes. Completely standardized estimates, controlled for seven variables in the proposed model (Figure 1), model fit [x 2 290 = 574
75; CFI = 0
95;
CFI = 0
92; RMSEA = 0
047; CAIC = 1399
16], ∗ p < 0
05, ∗∗ p < 0
01, ∗∗∗ p < 0
001 (two-tailed).

the scale development process (Straub et al. 2004, that is highly consistent with theory and past find-
Campbell 1960). As discussed earlier, the trust-risk ings, thus providing empirical evidence of the nomo-
literature shows that personal disposition has sig- logical validity of the proposed scale (Straub et al.
nificant relationships with both trusting beliefs and 2004).
risk beliefs (Mayer et al. 1995, McKnight et al. 1998).
Because the second-order IUIPC is conceptualized as 3.6. Structural Model and Research Hypotheses
personal disposition in this paper, its relationship We tested the causal model using the structural equa-
with the beliefs constructs will indicate the nomolog- tion modeling (SEM) technique.5 Figure 2 reports
ical validity of IUIPC. the results of SEM analysis. Fit indices indicate that
To assess the nomological validity of IUIPC, we the model is a realistic representation of the data
specifically examined the relationship between the  2 290 = 57475, CFI = 095, GFI = 092, RMSEA =
second-order IUIPC, trusting beliefs, and risk beliefs. 0047, CAIC = 139916]. Furthermore, the model
The results of CFA showed that the fit of the model explained a fair amount of the variance in the out-
was acceptable:  2 114 = 29036, CFI = 095, GFI = come variables; for example, it explained 66% of the
093, RMSEA = 0059, CAIC = 56753. We also found variance in intention to give personal information.
that IUIPC strongly correlated with trusting beliefs We found that all of the hypotheses proposed in the
(r = −043, p < 0001) and risk beliefs (r = 038, p < causal model were supported. Specifically, as hypothe-
0001). Recently, Pavlou and Gefen (2004) examined sized, IUIPC had a negative effect on trusting beliefs
the relationships between trust propensity, trust, and ( = −034, p < 0001, two-tailed, Hypothesis 1 sup-
perceived risk to study potential buyers’ bidding ported) and a positive effect on risk beliefs ( = 026,
behaviors in online auction. Their study reported that p < 0001, Hypothesis 2 supported). In addition, trust-
the correlation between trust propensity and trust in ing beliefs had a negative impact on risk beliefs
sellers was 0.56 and that between trust propensity
5
and perceived risk from sellers was −025. Consider- We also estimated the fit of the structural equation model with
the second-order CFIP. The model fit was slightly worse than that
ing that IUIPC resembles distrust propensity, the signs
of the second-order IUIPC:  2 434 = 89018, CFI = 094, GFI =
and magnitudes of the correlations between the two 089, RMSEA = 0048, CAIC = 1792771. The model with CFIP also
studies are quite comparable. Overall, our findings explained 21% of the variance in trusting beliefs, 50% in risk beliefs,
indicate that IUIPC related to other variables in a way and 66% in behavioral intention.
 Malhotra, Kim, and Agarwal: Internet Users’ Information Privacy Concerns (IUIPC)
348 Information Systems Research 15(4), pp. 336–355, © 2004 INFORMS

( = −015, p < 001, Hypothesis 3 supported). We control, and awareness. Second, we found from the
also found that intention was influenced positively results of this study that the second-order IUIPC fac-
by trusting beliefs ( = 023 p < 0001, Hypothe- tor exhibited desirable psychometric properties in the
sis 4 supported) and negatively by risk beliefs  = context of online privacy. Finally, the results demon-
−063 p < 0001 Hypothesis 5 supported). On the strated that the structural model including IUIPC fit
other hand, the results showed that the type of infor- the data satisfactorily and explained a large amount
mation requested significantly influenced consumers’ of variance in behavioral intention. Overall, our find-
perceptions and intentions. In particular, more sen- ings suggest that the theory-driven construct of IUIPC
sitive information significantly decreased trusting will serve as a useful tool for analyzing online con-
beliefs ( = −013, p < 001, Hypothesis 6 supported), sumers’ privacy concerns and reactions to various pri-
increased risk beliefs ( = 055, p < 0001, Hypothe- vacy threats on the Internet. This section begins with
sis 7 supported), and decreased intention ( = −012, a discussion on the theoretical and managerial impli-
p < 001, Hypothesis 8 supported). cations of the findings of this study. We conclude this
Although the causal model seems to succinctly rep- article by describing the limitations of this study and
resent consumer evaluation and behavior, we found suggesting directions for further research.
that the effects of control variables on the context-
contingent factors, i.e., trusting belief, risk beliefs, and 4.1. Theoretical Contributions
intention, were not negligible—suggesting an area for 4.1.1. IUIPC. SC theory is attracting considerable
potential improvement in the model. Specifically, 5 of attention in many academic areas including rela-
21 relationships (7 covariates ∗ 3 context-contingent tionship marketing, marketing ethics, and informa-
variables) were significant: Age was negatively tion privacy (e.g., Morgan and Hunt 1994, Dunfee
related with intention (p < 005, two-tailed), education et al. 1999, Milne and Gordon 1993). Drawing on
was negatively related with trusting beliefs (p < 001), SC theory, this article offers a theoretical framework
Internet experience reduced risk beliefs (p < 0001, to explain the dimensions of Internet users’ con-
the experience of identification falsification was neg- cerns for information privacy. Specifically, we dis-
atively correlated with intention, and media expo- cussed notions of (1) distributive, (2) procedural, and
sure reduced trusting beliefs (p < 001). In contrast, (3) interactional/informational justice and tied them
no effects of gender and experience as victims were with the dimensions of online privacy concerns—
found on the context-contingent factors. “whether the exchange of personal information is
Finally, we checked if the effect of IUIPC on inten- equitable” (collection), “whether I have control over
tion was fully mediated by trusting and risk beliefs. the data” (control), and “whether I am adequately
As a way of testing the mediation effect, the direct informed about the use of the data” (awareness). As
path from IUIPC to intention was added and allowed shown previously, IUIPC, compared to CFIP, had a
to be free. The result indicated that in spite of the better model fit and a significantly stronger correla-
added path, the decrease in chi-square value was tion with criterion variables. These findings suggest
insignificant [ 2 1 = 288, ns]. Indeed, the IUIPC- that at least in the online privacy context, the cov-
intention path was found to be insignificant, thus sup- erage of IUIPC includes and extends that of CFIP.
porting the full mediation hypothesis. Thus, our theory-driven approach to privacy concerns
seems to nicely complement the traditional practice-
4. Discussion and Conclusions oriented approach. It is true that consumers’ opin-
The objective of this study was three-fold: (1) to ions about such organizational practices as secondary
describe the nature of IUIPC based on SC theory, use, improper access, and errors (i.e., CFIP) can rea-
(2) to develop a reliable and valid scale for IUIPC, sonably reflect their online privacy concerns. Yet, our
and (3) to develop and test a causal model center- findings indicate that consumers’ concerns caused by
ing on IUIPC. First, this paper presents how use- those unfair organizational practices can be succinctly
ful the notion of justice/fairness is in clarifying the summarized into the SC-based IUIPC concept. There-
dimensionality of IUIPC, which consists of collection, fore, while inevitably correlated with CFIP, IUIPC is
Malhotra, Kim, and Agarwal: Internet Users’ Information Privacy Concerns (IUIPC)
Information Systems Research 15(4), pp. 336–355, © 2004 INFORMS 349

considered as an efficient and effective representation controlled for, no direct effect of IUIPC was found on
of online consumers’ concerns for information privacy. behavioral intention. This finding implies that trust-
IUIPC is originally developed to reflect recent ing beliefs and risk beliefs mediated the impact of
changes in an individual’s views on fairness/justice IUIPC on behavioral intention.
because of the widespread use of the Internet. Nev- While focusing on consumers’ privacy concerns
ertheless, it is important to note that this scale is in general, privacy research in the IS domain has
strongly rooted in a general conceptual framework paid little attention to consumers’ perceptions spe-
drawing on SC theory. Therefore, under an assump- cific to a particular context (Smith et al. 1996, Stewart
tion that the essence of privacy concerns lies in fair- and Segars 2002). However, our findings clearly
ness perceptions, our justice-oriented scale is likely to reveal that to have a complete understanding of con-
be generalizable across a variety of other privacy con- sumer reactions to information privacy-related issues,
texts. For instance, as with the Internet environment, researchers should examine not only consumers’ pri-
the direct marketing environment can be conceived vacy concerns at a general level, but also consider
as a case of social contract. Therefore, with appro- salient beliefs and contextual differences at a spe-
priate rewording (e.g., deleting the word “online” in cific level. Overall, this study indicates that consumer
the items), the IUIPC scale is expected to reasonably behavior in the context of information privacy is a
apply to traditional direct marketing and other pri- complex phenomenon; thus, researchers should be
vacy contexts. Meanwhile, new privacy-threatening ready to employ sophisticated techniques to examine
technologies such as cookies, Web bugs, and spyware consumers’ reactions to information privacy threats.
are continuously being developed. Thus, a scale spe- Finally, recall that IUIPC draws on SC theory, which
cific to particular technologies does not seem to be sheds light on the nature of long-term relationships
suitable for measuring consumers’ privacy concerns between stakeholders. Meanwhile, this study demon-
in this fast-changing online environment. In contrast, strated that the trust-risk framework, which also deals
as mentioned earlier, IUIPC centers on the percep- with the issues related to long-term relationships,
tions of fairness; therefore, the scale is flexible enough could be seamlessly integrated with the SC-based
to be adapted to minor technical changes that may IUIPC concept. Furthermore, we demonstrated that
occur in the future. We also can expect that the justice- intention models such as TRA were also helpful in
oriented scale will be relatively robust against techno- understanding relational exchange especially within
logical innovations. In sum, as compared with other the context of information privacy. Consequently, one
specific, practice-oriented scales, our general, theory- of the major contributions of this study is to develop
based scale has the potential to be applicable to a the causal model integrating SC theory, the trust-
variety of privacy-related contexts. risk framework, and TRA. We believe that the causal
4.1.2. Causal Model. The present study regards model will serve as a useful conceptual tool for fur-
IUIPC as personal disposition and the literature con- ther research on the relational exchange of personal
curs with the view that this type of individual ten- information between consumers and marketers.
dency has little impact on actual behavior (Mayer
4.2. Managerial Implications
et al. 1995, Fishbein and Ajzen 1975, Ajzen 1991). As
expected, this was the case in this particular study. 4.2.1. IUIPC. Our findings imply that the 10-item
Specifically, from the results of the causal model, we IUIPC scale, along with the 15-item CFIP scale, will
found that the correlation between the second-order be a worthy candidate for consideration as an indi-
IUIPC and behavioral intention was −032.6 Given the cator of online consumers’ privacy concerns. From a
moderate level of correlation, IUIPC alone will not managerial perspective, the lower number of items
be able to explain more than 10% of the variance in included in the IUIPC scale is desirable as a means
behavioral intention (Fornell and Larcker 1981). Fur- of reducing the data-collection demands imposed on
thermore, when trusting beliefs and risk beliefs were respondents, the length and duration of the question-
naire, and the cost of data collection. Nonetheless, it
6
We do not report the statistical details because of space limitations. should also be noted that the validity of IUIPC has
 Malhotra, Kim, and Agarwal: Internet Users’ Information Privacy Concerns (IUIPC)
350 Information Systems Research 15(4), pp. 336–355, © 2004 INFORMS

yet to be established in contexts other than the Inter- ways within industry (e.g., financial, medical, etc.)
net. Thus, practitioners will continue to have the need sectors.
to rely on CFIP for many applications.
One of the major findings of this study is that online 4.3. Limitations and Further Research
consumers consider it most important to (1) be aware Some limitations of this study should be mentioned.
of and (2) have direct control over personal informa- First, we modified the wordings of the original CFIP
tion stored in marketers’ databases. Therefore, at the scale to suit the purpose of this present study—the
very least, managers should make sure that their con- examination of online privacy concerns. We found that
sumers can easily check what type of information is the revised CFIP scale was reliable and valid, but it
collected, whether the information is correct, and how did not perform as well as IUIPC in this particular
this information is used in and outside the organi- context. Nevertheless, the efficacy of IUICP over CFIP
zation. In addition, as mentioned earlier, consumers in the context of online privacy should be considered
should be allowed to control, i.e., add, delete, and as tentative until the effect of the scale modification
modify at will, the information in the organization’s is fully understood. Our main objective in comparing
database. This research suggests that these organiza- IUIPC and CFIP was to provide additional evidence
tional efforts can jointly soothe an individual’s infor- on the efficacy of IUIPC, as it is a new scale. Second,
mation privacy concerns (Stewart and Segars 2002). we continue to contend that consumers’ reactions to
4.2.2. Causal Model. Consumers’ privacy con- a specific privacy threat are highly dependent on con-
cerns are certainly a driving force of their reactions textual factors. Thus, it remains to be seen whether or
to a certain organizational practice. Yet, our find- not the results of this study retain their validity with
ings suggest that trust in a marketer can significantly different contextual variables, e.g., type of informa-
mitigate perceived risk and ultimately a customer’s tion requested, reward offered by marketers (Phelps
reluctance in releasing personal information. Thus, et al. 2000, Sheehan and Hoy 2000). Third, our study
it is important for managers to understand how to did not examine the impact of IUIPC on actual behav-
boost customers’ trust in their firms’ handling of per- ior. Although behavioral intention is known as a reli-
sonal information. Drawing on Zucker’s (1986) trust able predictor of actual behavior (Ajzen 1991), the
production mechanisms, Luo (2002) proposed several theoretical framework presented in this paper should
techniques such as third-party seal programs that are be reexamined with an additional measure of actual
believed to facilitate the relational exchange of per- behavior using a longitudinal design. Last, the selec-
sonal information between consumers and marketers. tion of the respondents was left to the interview-
These techniques will be instrumental for practition- ers and data collected for this study was specific
ers to collect more valuable information without nec- to a given geographic location (i.e., the southeastern
essarily invading consumer privacy. United States). Although this type of convenience
Unlike European countries with general and strict sampling is more the norm than the exception in the
privacy laws, the United States has industry-specific IS domain (e.g., Smith et al. 1996, Stewart and Segars
regulatory rules (Culnan 2000). Thus, consumers’ 2002), care must be taken in any effort to generalize
reactions to information privacy threats will vary with our findings beyond the boundary of our sample.
respect to the type of industry sector. Consequently, Opportunities for further research are abundant.
it is important for practitioners to understand not First, the borderless nature of the new economy is
only privacy concerns in general (i.e., IUIPC), but also making the issue of online privacy more compli-
an individual’s perceptions specific to the sector (i.e., cated than ever before (Milberg et al. 1995). To design
trust and risk beliefs). The causal model proposed in information practices that fit a particular local mar-
this study incorporates both types of concepts to facil- ket, global companies should first understand how
itate the in-depth investigation of consumers’ reac- consumers in the local area of interest define fair-
tions to an industry-specific practice. We hope the ness in the context of information privacy. We believe
proposed model will be helpful in providing further that the theoretical framework presented in this study
insight into the problems as they manifest in various will provide a solid basis for examining cross-cultural
Malhotra, Kim, and Agarwal: Internet Users’ Information Privacy Concerns (IUIPC)
Information Systems Research 15(4), pp. 336–355, © 2004 INFORMS 351

variations in consumer behavior. Second, this study (1) Consumer online privacy is really a matter of con-
considers two types of beliefs as most salient in sumers’ right to exercise control and autonomy over deci-
the context of information privacy—namely, trusting sions about how their information is collected, used, and
shared.
beliefs and risk beliefs. Yet, it is possible that other (2) Consumer control of personal information lies at the
forms of beliefs also play an important role in con- heart of consumer privacy.
sumer behavior. For example, individuals are likely (3) I believe that online privacy is invaded when control
to perceive a lack of justice when they are not sat- is lost or unwillingly reduced as a result of a marketing
transaction.
isfied with a marketer’s actual information practice.
Because IUIPC is conceptualized/operationalized at Awareness (of Privacy Practices): Seven-point scales an-
a general level, perceived lack of justice, which is chored with “strongly disagree” and “strongly agree”
(newly developed).
highly specific to a particular practice by the marketer, (1) Companies seeking information online should dis-
was not captured precisely in this study (Culnan and close the way the data are collected, processed, and used.
Bies 2003). Thus, further research should examine not (2) A good consumer online privacy policy should have
only privacy concerns at a general level, but also per- a clear and conspicuous disclosure.
(3) It is very important to me that I am aware and knowl-
ceived problems within a particular context at a spe-
edgeable about how my personal information will be used.
cific level.
In summary, information privacy has been fre- Collection: Seven-point scales anchored with “strongly dis-
agree” and “strongly agree” (Smith et al. 1996). Adapted to
quently identified as a major problem holding back an Internet environment (e.g., companies ⇒ online compa-
consumer confidence in online business transactions. nies).
To address this problem, we should first understand (1) It usually bothers me when online companies ask me
the very nature of online consumers’ privacy con- for personal information.
cerns. This article introduced a 10-item scale of IUIPC, (2) When online companies ask me for personal informa-
tion, I sometimes think twice before providing it.
which was shown to reasonably represent the dimen- (3) It bothers me to give personal information to so many
sionality of privacy concerns, categorized as collec- online companies.
tion, control, and awareness. Using this scale, we were (4) I’m concerned that online companies are collecting
also able to demonstrate how consumers’ privacy con- too much personal information about me.
cerns negatively influenced their willingness to carry Errors: Seven-point scales anchored with “strongly dis-
on relationships with online companies. We hope that agree” and “strongly agree” (Smith et al. 1996). Adapted
many researchers will employ the theoretical frame- to an Internet environment (e.g., companies ⇒ online com-
panies).
work and the new scale for further investigation of (1) All the personal information in computer databases
this important area. should be double-checked for accuracy—no matter how
much this costs.
(2) Online companies should take more steps to make
Acknowledgments sure that the personal information in their files is accurate.
The authors are indebted to Senior Editor Robert Zmud (3) Online companies should have better procedures to
and Associate Editor Detmar Straub for their valuable help correct errors in personal information.
and guidance throughout the review process. Helpful and (4) Online companies should devote more time and
constructive comments provided by the three anonymous effort to verifying the accuracy of the personal information
Information Systems Research reviewers are deeply appreci- in their databases.
ated. The authors are grateful to Jan Heide at the Univer-
sity of Wisconsin and Robert Peterson at the University of Unauthorized Secondary Use: Seven-point scales anchored
Texas for their valuable comments on earlier versions of this with “strongly disagree” and “strongly agree” (Smith et al.
paper. The authors would also like to thank Seoyoung Kim 1996). Adapted to an Internet environment (e.g., companies
⇒ online companies).
for her help with literature review and J. Stanford Fisher for
(1) Online companies should not use personal informa-
his editorial help.
tion for any purpose unless it has been authorized by the
individuals who provided information.
Appendix. Research Constructs and Measures
(2) When people give personal information to an online
Control: Seven-point scales anchored with “strongly dis- company for some reason, the online company should never
agree” and “strongly agree” (newly developed). use the information for any other reason.
 Malhotra, Kim, and Agarwal: Internet Users’ Information Privacy Concerns (IUIPC)
352 Information Systems Research 15(4), pp. 336–355, © 2004 INFORMS

(3) Online companies should never sell the personal (2) Online companies would tell the truth and fulfill
information in their computer databases to other companies. promises related to (the information) provided by me.∗
(4) Online companies should never share personal infor- (3) I trust that online companies would keep my best
mation with other companies unless it has been authorized interests in mind when dealing with (the information).
by the individuals who provided the information. (4) Online companies are in general predictable and con-
Improper Access: Seven-point scales anchored with sistent regarding the usage of (the information).
“strongly disagree” and “strongly agree” (Smith et al. 1996). (5) Online companies are always honest with customers
Adapted to an Internet environment (e.g., companies ⇒ when it comes to using (the information) that I would
online companies). provide.
(1) Online companies should devote more time and Risk Beliefs: Seven-point scales anchored with “strongly
effort to preventing unauthorized access to personal disagree” and “strongly agree” (Jarvenpaa and Tractinsky
information. 1999, some items newly developed).
(2) Computer databases that contain personal informa- (1) In general, it would be risky to give (the information)
tion should be protected from unauthorized access—no to online companies.
matter how much it costs. (2) There would be high potential for loss associated
(3) Online companies should take more steps to make with giving (the information) to online firms.
sure that unauthorized people cannot access personal infor- (3) There would be too much uncertainty associated with
mation in their computers. giving (the information) to online firms.
Global Information Privacy Concern: Seven-point scales (4) Providing online firms with (the information) would
anchored with “strongly disagree” and “strongly agree” involve many unexpected problems.
(Smith et al. 1996, some items newly developed). (5) I would feel safe giving (the information) to online
(1) All things considered, the Internet would cause seri- companies. r∗
ous privacy problems.∗ Intention to Give Information: Seven-point semantic scales
(2) Compared to others, I am more sensitive about the (MacKenzie and Spreng 1992).
way online companies handle my personal information. Given this hypothetical scenario, specify the extent to
(3) To me, it is the most important thing to keep my pri- which you would reveal (the information) through the
vacy intact from online companies. Internet.
(4) I believe other people are too much concerned with (1) Unlikely/likely
online privacy issues.∗ (2) Not probable/probable
(5) Compared with other subjects on my mind, personal (3) Possible/impossible r∗
privacy is very important.∗ (4) Willing/unwilling r
(6) I am concerned about threats to my personal privacy
today. Covariates: Smith et al. (1996) and some items newly
developed.
Scenario Type A (Less Sensitive Information) (1) Sex: (1 = male; 2 = female).
You are visiting a website of a discount club. The club (2) Age: (1 = 25–34; 2 = 35–44; 3 = 45–54; 4 = 55–64; 5 =
offers discounts on consumer products (e.g., electronics, over 65 years).
CDs, books) to its members. Generally, an annual member- (3) Education: (1 = some school, no degree; 2 = high
ship fee is $50. To obtain free membership, you are required school graduate; 3 = some college, no degree; 4 = bachelor’s
to fill out your personal purchase preference information (e.g., degree; 5 = master’s degree; 6 = professional degree; 7 =
favorite product category, brand, design). doctorate degree).
(4) Internet experience: (1 = less than a year; 2 = 1–less
Scenario Type B (More Sensitive Information) than 2 years; 3 = 2–less than 3 years; 4 = 3–less than 4 years;
You are visiting a website of a discount club. The club 5 = 4–less than 5 years; 6 = 5–less than 6 years; 7 = 6–less
offers discounts on consumer products (e.g., electronics, than 7 years; 8 = more than 7 years).
CDs, books) to its members. Generally, an annual member- (5) Misrepresentation of identification: Some websites
ship fee is $50. To obtain free membership, you are required ask for you to register with the site by providing personal
to fill out your personal financial information (e.g., annual information. When asked for such information, what per-
income, current debt, annual mortgage payment, checking cent of the time do you falsify the information? (1 = I have
and saving balances, any other investments). never falsified information; 2 = under 25% of the time; 3 =
Trusting Beliefs: Seven-point scales anchored with 26%–50% of the time; 4 = 51%–75% of the time; 5 = over
“strongly disagree” and “strongly agree” (Jarvenpaa and 75% of the time)
Tractinsky 1999, some items newly developed). (6) Privacy victim: How frequently have you personally
(1) Online companies would be trustworthy in handling been the victim of what you felt was an improper invasion
(the information).∗ of privacy? (1 = very infrequently; 7 = very frequently)
Malhotra, Kim, and Agarwal: Internet Users’ Information Privacy Concerns (IUIPC)
Information Systems Research 15(4), pp. 336–355, © 2004 INFORMS 353

(7) Media exposure: How much have you heard or read Cohen, R. L. 1987. Distributive justice: Theory and research. Soc.
during the last year about the use and potential misuse of Justice Res. 1 19–40.
the information collected from the Internet? (1 = not at all; Cronbach, L. J. 1990. Essentials of Psychological Testing. Harper-Row,
7 = very much) New York.
Culnan, M. J. 1995. Consumer awareness of name removal proce-
Notes. Items under collection, control, and awareness constitute the dures: Implications for direct marketing. J. Direct Marketing 9(2)
10-item IUIPC scale. Items under collection, errors, unauthorized 10–19.
secondary use, and improper access constitute the 15-item CFIP Culnan, M. J. 2000. Protecting privacy online: Is self-regulation
scale. working? J. Public Policy Marketing 19(1) 20–26.
∗
Item deleted; r reverse item. Culnan, M. J., R. J. Bies. 2003. Consumer privacy: Balancing eco-
nomic and justice considerations. J. Soc. Issues 59(2) 323–342.
Donaldson, T. 1989. The Ethics of International Business. Oxford Uni-
versity Press, New York.
References Donaldson, T., T. W. Dunfee. 1994. Towards a unified conception of
Ajzen, I. 1991. The theory of planned behavior, Organ. Behavior business ethics: Integrative social contracts theory. Acad. Man-
Human Decision Processes 50 179–211. agement Rev. 19(2) 252–284.
Alge, B. J. 2001. Effects of computer surveillance on perceptions of Dowling, G. R., R. Staelin. 1994. A model of perceived risk
privacy and procedural justice. J. App. Psych. 86(4) 797–804. and intended risk-handling activity. J. Consumer Res. 21(June)
119–134.
Anderson, J. C., D. W. Gerbing. 1988. Structural equation modeling
in practice: A review and recommended two-step approach. Dunfee, T. W., N. C. Smith, W. T. Ross Jr. 1999. Social contracts and
Psych. Bull. 103(3) 411–423. marketing ethics. J. Marketing 63(July) 14–32.
Andrews, S. 2002. Privacy and human rights 2002: An interna- Fishbein, M., I. Ajzen. 1975. Belief, Attitude, Intention and Behavior:
tional survey of privacy laws and developments. http://www. An Introduction to Theory and Research. Addison-Wesley, Read-
privacyinternational.org/survey/phr2002/. ing, MA.
Bagozzi, R. P., T. F. Heatherton. 1994. A general approach to rep- Fornell, C., D. F. Larcker. 1981. Evaluating structural equation
resenting multifaceted personality constructs: Application to models with unobservable variables and measurement error.
state self-esteem. Structural Equation Model 1(1) 35–67. J. Marketing Res. 18(February) 39–50.
Bagozzi, R. P., Y. Yi. 1988. On the evaluation of structural equation Foxman, E. R., P. Kilcoyne. 1993. Information technology, marketing
models. J. Acad. Marketing Sci. 16(1) 74–94. practice, and consumer privacy: Ethical issues. J. Public Policy
Bearden, W. O., R. G. Netemeyer, M. F. Mobley. 1993. Handbook Marketing 12(1) 106–119.
of Marketing Scales: Multi-item Measures for Marketing and Con- Gefen, D., E. Karahanna, D. W. Straub. 2003. Trust and TAM in
sumer Behavior Research. Sage Publications, Newbury Park, CA. online shopping: An integrated model. MIS Quart. 27(1) 51–90.
Bies, R. J., J. S. Moag. 1986. Interactional justice: Communication Gilliland, S. W. 1993. The perceived fairness of selection systems:
criteria of fairness. M. Bazerman, R. Lewicki, B. Sheppard, An organizational justice perspective. Acad. Management Rev.
eds. Research on Negotiations in Organizations, Vol. 1. JAI Press, 18(4) 694–734.
Greenwich, CT, 43–55. Goodwin, C. 1991. Privacy: Recognition of a consumer right. J. Pub-
Bozdogan, H. 1987. Model selection and Akaike’s information cri- lic Policy Marketing 10(1) 149–166.
terion (AIC): The general theory and its analytical extensions.
Grazioli, S., S. L. Jarvenpaa. 2000. Perils of Internet fraud: An
Psychometrika 52(3) 345–370.
empirical investigation of deception and trust with experi-
Campbell, A. J. 1997. Relationship marketing in consumer markets: enced Internet consumers. IEEE Tran. Systems, Man, Cybernet-
A comparison of managerial and consumer attitudes about ics, Part A: Systems Humans 30(4) 395–410.
information privacy. J. Direct Marketing 11(3) 44–57.
Greenberg, J. 1990. Organizational justice: Yesterday, today, and
Campbell, D. T. 1960. Recommendations for APA test standards tomorrow. J. Management 16 399–432.
regarding construct, trait, or discriminant validity. Amer. Psych.
15(August) 546–553. Hair J. F., R. E. Anderson, R. L. Tatham, W. C. Black. 1995.
Multivariate Data Analysis with Readings, 4th ed. Prentice Hall,
Campbell, D. T., D. W. Fiske. 1959. Convergent and discriminant
Upper Saddle River, NJ.
validation by the multi-trait–multi-method matrix. Psych. Bull.
56 2(March) 81–105. Heide, J. B., G. John. 1992. Do norms matter in marketing relation-
ships? J. Marketing 56(April) 32–44.
Caudill, E. M., P. E. Murphy. 2000. Consumer online privacy: Legal
and ethical issues. J. Public Policy Marketing 19(1) 7–19. Hoffman, D. L., T. P. Novak. 1996. Marketing in hypermedia
Cespedes, F. V., H. J. Smith. 1993. Database marketing: New rules computer-mediated environments: Conceptual foundations.
for policy and practice. Sloan Management Rev. 34(4) 7–22. J. Marketing 60(July) 50–68.
Chin, W. W. 1998. The partial least squares approach to structural Hoffman, D. L., T. P. Novak., M. Peralta. 1999. Building consumer
equation modeling. G. A. Marcoulides ed. Modern Methods for trust online. Comm. ACM 42(4) 80–85.
Business Research. Lawrence Erlbaum Associates, Mahwah, NJ, Hu, L., P. M. Bentler. 1999. Cutoff criteria for fit indexes in covari-
295–336. ance structure analysis: Conventional criteria versus new alter-
Chin, W. W., A. Gopal, W. D. Salisbury. 1997. Advancing the the- natives. Structural Equation Model 6(1) 1–55.
ory of adaptive structuration: The development of a scale to Jarvenpaa, S. L., N. Tractinsky. 1999. Consumer trust in an internet
measure faithfulness of appropriation. Inform. Systems Res. 8(4) store: A cross-cultural validation. J. Comput.-Mediated Comm.
342–367. 5(2), http://www.ascusc.org/jcmc/vol5/issue2/jarvenpaa.html.
 Malhotra, Kim, and Agarwal: Internet Users’ Information Privacy Concerns (IUIPC)
354 Information Systems Research 15(4), pp. 336–355, © 2004 INFORMS

Jöreskog, K., D. Sorbom, S. Toit, M. Toit. 1999. LISREL8: New Sta- Nowak, G. J., J. Phelps. 1992. Understanding privacy concerns: An
tistical Features. Scientific Software International, Chicago, IL. assessment of consumers’ information-related knowledge and
Keppel, G. 1991. Design and Analysis: A Researcher’s Handbook. beliefs. J. Direct Marketing 6(4) 28–39.
Prentice-Hall, Englewood Cliffs, NJ. Nowak, G. J., J. Phelps. 1995. Direct marketing and the use of
Laufer, R. S., M. Wolfe. 1977. Privacy as a concept and a social individual-level consumer information: Determining how and
issue: A multidimensional development theory. J. Soc. Issues when “privacy” matters. J. Direct Marketing 9(3) 46–60.
33(3) 22–42. Pavlou, P. A., D. Gefen. 2004. Building effective online marketplaces
Luo, X. 2002. Trust production and privacy concerns on the with institution-based trust. Inform. Systems Res. 15(1) 37–59.
internet: A framework based on relationship marketing and Pew Internet Project. 2000. Trust and privacy online: Why Amer-
social exchange theory. Indust. Marketing Management 31(2) icans want to rewrite the rules. Pew Internet & Amer-
111–118. ican Life Project, http://www.pewinternet.org/reports/toc.
MacKenzie, S. B., R. A. Spreng. 1992. How does motivation mod- asp?Report=19.
erate the impact of central and peripheral processing on Phelps, J., G. Nowak, E. Ferrell. 2000. Privacy concerns and con-
brand attitudes and intentions? J. Consumer Res. 18(March) sumer willingness to provide personal information. J. Public
519–529. Policy Marketing 19(1) 27–41.
Malhotra, N. K. 2004. Marketing Research: An Applied Orientation, Regan, P. M. 1995. Legislating Privacy: Technology, Social Values, and
4th ed. Prentice Hall, Upper Saddle River, NJ. Public Policy. University of North Carolina Press, Chapel Hill,
Mayer, R. C., J. H. Davis, F. D. Schoorman. 1995. An integra- NC.
tive model of organizational trust. Acad. Management Rev. 20(3) Rendleman, J. 2001. Customer data means money. InformationWeek
709–734. 851(August) 49–50.
McKnight, D. H., N. L. Chervany. 2000. What is trust? A conceptual Rogers, T. B. 1995. The Psychological Testing Enterprise. Brooks/Cole
analysis and an interdisciplinary model. Proc. 2000 Americas Publishing Company, Pacific Grove, CA.
Conf. Inform. Systems, Long Beach, CA, 827–833. Shapiro, D. L., E. H. Buttner, B. Barry. 1994. Explanations: What fac-
McKnight, D., L. L. Cummings, N. L. Chervany. 1998. Initial trust tors enhance their perceived adequacy? Organ. Behavior Human
formation in new organizational relationships. Acad. Manage- Decision Processes 58 346–368.
ment Rev. 23(3) 473–490. Sheehan, K. B., M. G. Hoy. 2000. Dimensions of privacy concern
Mehta, R., E. Sivadas. 1995. Direct marketing on the Internet: An among online consumers. J. Public Policy Marketing 19(1) 62–73.
empirical assessment of consumer attitudes. J. Direct Marketing Sirdeshmukh, D., J. Singh, B. Sabol. 2002. Consumer trust, value,
9(3) 21–32. and loyalty in relational exchanges. J. Marketing 66(January)
Meng, X., R. Rosenthal, D. B. Rubin. 1992. Comparing correlated 15–37.
coefficients. Psych. Bull. 111 172–75. Smith, H. J., S. J. Milberg, S. J. Burke. 1996. Information privacy:
Milberg, S. J., S. J. Burke, H. J. Smith, E. A. Kallman. 1995. Val- Measuring individuals’ concerns about organizational prac-
ues, personal information privacy concerns, and regulatory tices. MIS Quart. 20(2) 167–196.
approaches. Comm. ACM 38(12) 65–74. Steenkamp, J. E. M., H. Baumgartner. 1998. Assessing measure-
Milne, G. R., M. E. Gordon. 1993. Direct mail privacy-efficiency ment invariance in cross-national consumer research. J. Con-
trade-offs within an implied social contract framework. J. Pub- sumer Res. 25(June) 78–90.
lic Policy Marketing 12(2) 206–215. Stewart, K. A., A. H. Segars. 2002. An empirical examination of
Milne, G. R., A. J. Rohm. 2000. Consumer privacy and name the concern for information privacy instrument. Inform. Sys-
removal across direct marketing channels: Exploring opt- tems Res. 13(1) 36–49.
in and opt-out alternatives. J. Public Policy Marketing 19(2) Straub, D., E. Karahanna. 1998. Knowledge worker communica-
238–249. tions and recipient availability: Toward a task closure explana-
Mineta, N. 2000. Opening Statement at Online Privacy Technolo- tion of media choice. Organ. Sci. 9(2) 160–175.
gies Workshop and Technology Fair. U.S. Department of Com- Straub, D., B. Marie-Claude, D. Gefen. 2004. Validation guidelines
merce, Washington, D.C. (September 19) http://www.ntia.doc. for IS positivist research. Comm. AIS 13(Article 24) 380–427.
gov/ntiahome/privacy/900workshop/mineta91900.htm. Thibaut, J., L. Walker. 1975. Procedural Justice: A Psychological Anal-
Miyazaki, A. D., A. Fernandez. 2000. Internet privacy and security: ysis. Erlbaum, Hillsdale, NJ.
An examination of online retailer disclosures. J. Public Policy Tyler, T. R. 1994. Psychological models of the justice motive:
Marketing 19(1) 54–61. Antecedents of distributive and procedural justice. J. Personal-
Miyazaki, A. D., A. Fernandez. 2001. Consumer perceptions of pri- ity Soc. Psych. 67 850–863.
vacy and security risks for online shopping. J. Consumer Affairs U.S. Department of Commerce. 2002. Digital economy 2002. http://
35(1) 27–44. www.esa.doc.gov/pdf/DE2002r1.pdf.
Moorman, C., G. Zaltman, R. Deshpande. 1992. Relationships be- University of California–Los Angeles Center for Communica-
tween providers and users of marketing research: The dynam- tion Policy. 2001. The UCLA Internet report 2001: Survey-
ics of trust within and between organizations. J. Marketing Res. ing the digital future. http://ccp.ucla.edu/pdf/UCLA-Internet-
29(August) 314–329. Report-2001.pdf.
Morgan, R. M., S. D. Hunt. 1994. The commitment-trust theory of Venkatraman, N. 1989. Strategic orientation of business enter-
relationship marketing. J. Marketing 58(3) 20–38. prises—The construct, dimensionality, and measurement. Man-
Newman, D., S. Rao. 2000. Regulatory aspects of privacy and secu- agement Sci. 35(8) 942–962.
rity: A view from the advanced communications technologies Wang, P., L. A. Petrison. 1993. Direct marketing activities and per-
and services programme. Inform. Comm. Tech. Law 9(2) 161–166. sonal privacy: A consumer survey. J. Direct Marketing 7(1) 7–19.
Malhotra, Kim, and Agarwal: Internet Users’ Information Privacy Concerns (IUIPC)
Information Systems Research 15(4), pp. 336–355, © 2004 INFORMS 355

Webster, J., L. K. Trevino. 1995. Rational and social theories as Wulf, K. D., G. Odekerken-Schröder, D. Iacobucci. 2001. Invest-
complementary explanations of communication media choices: ments in consumer relationships: A cross-country and cross-
Two policy capturing studies. Acad. Management J. 28(6) industry exploration. J. Marketing 65(October) 33–50.
1544–1572. Zucker, Lynne G. 1986. Production of trust: Institutional sources of
Westin, A. F. 1967. Privacy and Freedom. Athenaum, New York. economic structure, 1840–1920. Res. Organ. Behavior 8 53–111.