The year 2005 was not only the year of the Rooster; it was also the year of privacy invasion and ID theft. On thinking about the last year, news flashes such as “ChoicePoint data theft widens to 145,000 people“, “Stolen laptop puts 98,000 at risk of ID theft” (UC Berkley), “Personal info on 310,000 people possibly stolen, 10 times more than what was disclosed last month” (Siesent), comes to mind.

This past year, more than 152 security breaches exposed at least 57.7 million Americans to ID theft ( 1 ) and privacy invasions, which suitably makes “privacy” the biggest concern of generic internet population, businesses and governing bodies. The result: legislatures being passed by the government and billions of dollars being invested by businesses to confirm to these legislatures. More than fifty bills were introduced in the first session of the 107th Congress to regulate online privacy, resulting in a national cost of complying to be approximately US$9-36 billion (Hahn 2001). With so much at stake it becomes important to measure not only the economic cost of privacy per person, but also the trade offs (for example convenience and rewards) that lure people to succumb and provide PII to organizations.

A peek into sociological research regarding user behavior clearly indicates that individuals perform a privacy calculus, assessing the cost and benefit of providing information ( 2 ). The calculus depends on factors such as self-ego, environmental stimuli, and interpersonal relationships (Laufer and Wolfe 1977; Stone and Stone 1990).

Studies indicate a huge deficit between the compliance expenditure and the net worth of privacy. This deficit may be owing to limited user awareness and the fact that privacy concerns are usually traded for environmental stimuli such as rewards and convenience.

Read the rest of this entry »