Start Date
16-8-2018 12:00 AM
Description
The growing pervasiveness of technology enables the collection of copious volumes of personal data which creates risks for consumer privacy and makes data protection increasingly complex for organizations. The difficulties facing organizations are further exasperated by the EU General Data Protection Regulation (GDPR), which introduces stringent requirements for gaining consent, communicating privacy practices, and transparency. Furthermore, consumers' current lack of privacy knowledge can heighten privacy concerns. This study aims to (1) build consumer privacy knowledge and (2) assist organizations in gaining explicit consent and communicating their privacy practices to current and potential customers, through the development of a GDPR privacy label. The paper contributes to practice by providing actionable guidelines for developing GDPR compliant privacy notices and advances privacy literature by extending the privacy knowledge gap model and testing the effectiveness of the GDPR label in improving consumers' privacy knowledge thereby building self-efficacy and enabling informed decision making.
Recommended Citation
Fox, Grace; Tonge, Colin; Lynn, Theo; and Mooney, John, "Communicating Compliance: Developing a GDPR Privacy Label" (2018). AMCIS 2018 Proceedings. 30.
https://aisel.aisnet.org/amcis2018/Security/Presentations/30
Communicating Compliance: Developing a GDPR Privacy Label
The growing pervasiveness of technology enables the collection of copious volumes of personal data which creates risks for consumer privacy and makes data protection increasingly complex for organizations. The difficulties facing organizations are further exasperated by the EU General Data Protection Regulation (GDPR), which introduces stringent requirements for gaining consent, communicating privacy practices, and transparency. Furthermore, consumers' current lack of privacy knowledge can heighten privacy concerns. This study aims to (1) build consumer privacy knowledge and (2) assist organizations in gaining explicit consent and communicating their privacy practices to current and potential customers, through the development of a GDPR privacy label. The paper contributes to practice by providing actionable guidelines for developing GDPR compliant privacy notices and advances privacy literature by extending the privacy knowledge gap model and testing the effectiveness of the GDPR label in improving consumers' privacy knowledge thereby building self-efficacy and enabling informed decision making.