Would Regulation of Web Site Privacy Policy Statements Increase Consumer Trust?

Article excerpt


The past decade has witnessed rapid growth in e-commerce, particularly with respect to business-to-consumer (B2C) transactions. Both established and new vendors have sought to leverage the diffusion of the Internet to expand their markets. The Internet has allowed established firms to expand their marketplace, but at the same time it has eliminated many of the traditional barriers of entry for new entrants to compete for these same consumers. Consumers once accustomed to limited and known vendors are now afforded more choices, but are often concerned about privacy and trust as many of the vendors are "unknowns" (Pennington, Wilcox & Grover, 2003). Given that consumers are now presented with vendors with whom they have little or no familiarity it comes as no surprise that recent research on e-commerce has found that privacy and trust issues are a key determinant in whether consumers' engage in on-line transactions (Hoffman, Novak, & Peralta 1999).

Recognizing that privacy and trust of the vendor is a critical antecedent to increased participation in B2C e-commerce, researchers have examined several "trust mechanisms" employed by vendors to enhance consumer trust and concomitantly their predisposition to purchase on-line. One mechanism that has garnered considerable interest are privacy policy statements, voluntary, self-reported statements displayed on web sites that convey established policies for the use and distribution of personal information.

Use of privacy policy statements to increase perceived trustworthiness is a relatively new phenomenon, and examination of their use and implications is just beginning to be explored (Criswell & Meinert, 2003; Culnan, 1999; Grewal, Munger, Iyer, & Levy, 2003; Liu & Arnett, 2002; Luo & Najdawi, 2004; Meinert, Peterson, Criswell & Crossland, 2006; Miyazaki & Fernandez, 2000; Pennington et al., 2003; Ranganathan & Ganapathy, 2002). While much of the research to date on this topic has focused on chronicling rates of utilization and variability in content, a few studies have examined the efficacy of privacy statements. Pennington, Wilcox and Grover (2003) found evidence via an experimental design that self-reported guarantees can influence system trust and indirectly influence consumer purchase intentions. In an exploratory study, Criswell and Meinert (2003) found that self-reported privacy policy statements increased consumer willingness to provide personal information on-line. That study and a more comprehensive study by Meinert, Peterson, Criswell and Crossland (2006) also affirmed that not only the presence, but the strength, or level of protection guaranteed by the privacy policy statement influences consumer trust as measured by willingness to provide personal information on-line. These results, while preliminary, seem to suggest that voluntary privacy policy statements have a positive, but relatively limited impact on consumer trust. Only a strong privacy policy statement was found to induce a willingness to provide contact, biographical and financial information and in each case respondents were only "slightly likely". It should be further noted that respondents in these studies were required to read the description of the privacy policy statements. In many instances, potential customers may not read any policies regarding the web site's stated privacy standards.

Given the widespread use of privacy policy statements it's somewhat surprising to find that they have minimal impact on consumer trust. Determining whether the effectiveness of privacy policy statements can be improved would contribute to the knowledge and understanding of what, if any, role they can play in influencing consumer trust of on-line vendors. While the literature offers no insight into why such statements are ineffective, one plausible explanation is that consumers place little faith in privacy policies that lack regulatory oversight. …