Academic journal article The Journal of Consumer Affairs

Consumers' Protection of Online Privacy and Identity

Academic journal article The Journal of Consumer Affairs

Consumers' Protection of Online Privacy and Identity

Article excerpt

This article examines online behaviors that increase or reduce risk of online identity theft. The authors report results from three consumer surveys that indicate the propensity to protect oneself from online identity theft varies by population. The authors then examine attitudinal, behavioral, and demographic antecedents that predict the tendency to protect one's privacy and identity online. Implications and suggestions for managers, public policy makers, and consumers related to protecting online privacy and identity theft are provided.

********** Identity theft, defined as the appropriation of someone else's personal or financial identity to commit fraud or theft, is one of the fastest growing crimes in the United States (Federal Trade Commission 2001) and is increasingly affecting consumers' online transactions. In the discussion of identity theft, the Internet represents an important research context. Because of its ability to accumulate and disseminate vast amounts of information electronically, the Internet may make theft of personal or financial identity easier.

Indeed, online transactions pose several new threats that consumers need to be vigilant of, such as the placement of cookies, hacking into hard drives, intercepting transactions, and observing online behavior via spyware (Cohen 2001). Online identity theft through the use of computers does not necessarily have real space analogs as exemplifed by techniques of IP spoofing and page jacking (Katyal 2001). Recent instances of online identity theft appearing in the popular press include a teenager who used e-mail and a bogus Web page to gain access to individuals' credit card data and steal thousands of dollars from consumers (New York Times 2003), and cyber-thieves who were able to access tens of thousands of personal credit reports online (Salkever 2002).

The purpose of this article, as depicted in Figure 1, is to explore the extent to which consumers are controlling their information online and whether privacy attitudes, offline data behaviors, online experience and consumer background predict the level of online protection practiced. There is an explicit link being made by privacy advocates that suggests controlling one's information is a step toward protecting oneself from identity theft (Cohen 2001; Federal Trade Commission 2001). To evaluate the level of customer protection, we analyze survey results of consumer online behaviors, many of which are depicted in Figure 1, and investigate their relationship to antecedent conditions suggested in the literature.


In particular, we address the following research questions: What is the relationship between offline data protection practices and online protection behavior? What is the relationship between online shopping behaviors and online protection behavior? What is the relationship between privacy attitudes and online protection behavior? What is the relationship between demographics and online protection behavior?

The remainder of this article is organized in four sections. We begin in the first section by reviewing the risks consumers face online and the steps they can take to minimize their risk of privacy invasion and identity theft. In the second section, we describe three surveys of consumers' online behaviors related to online privacy and identity theft. We discuss the results in the third section and implications for managers, public policy makers, and consumers in the fourth and final section.


While identity theft has caught the government's, businesses', and the public's attention (Hemphill 2001; Milne 2003), the empirical scholarly literature in this area is limited to the closely related issue of online privacy. Research has measured consumers' concern for online privacy (Sheehan and Hoy 2000), their ability to opt out of online relationships (Milne and Rohm 2000), and the extent to which businesses have implemented fair information practices through the posting of their online privacy notices (Culnan 2000; Miyazaki and Fernandez 2001; Milne and Culnan 2002). …

Search by... Author
Show... All Results Primary Sources Peer-reviewed


An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.