As companies attempt to enhance the value of their services to customers, a commonly used strategy involves the use of more user data to provide better targeting, personalization, and product recommendation. Despite this positive intent, the collection and storage of more user data comes with heavy corporate responsibilities towards data security, user privacy, and ethical data usage. The improper handling of user data has serious business implications with possible legal, social, and even political consequences. For example, the Cambridge Analytica data scandal showcased the extent of damages that improper data usage can cause, and the negative backlash imposed on a business’s operations and revenues. Under this backdrop, companies in the digital era are faced with the non-trivial task of striking a fine balance between executing data analytics initiatives and ensuring sufficient security/privacy protection. This problem is faced by wide set of stakeholders across industries, as the use of IT systems and user data is ubiquitous and has permeated across almost all aspects of our lives (spanning from government to banking, health to retail management, just to name a few). Moreover, the proliferation of social media and mobile technologies intensifies the concerns of data breaches, user privacy, and information security, yet companies are forced to rely on these platforms and data to stay updated to user needs and remain competitive.

At the same time, with increased online access and usage, a new set of illegal activities and morally questionable practices are now enabled by the Internet. Criminals are finding new ways online to conduct illegal activities like online fraud, identity theft, cyber terrorism, piracy, and transactions of illegal products/services (drugs, sexual solicitation, human trafficking, child pornography). With the democratization of content sharing and access in the online medium, harmful and inappropriate content have begun to fill the online space (e.g., online suicide content such as ‘Blue Whale’ game, live streaming of crimes on social media, hate motivated ideologies, revenge porn, cyberbullying, cyberthreats). More recently, we see the emergence of undesirable outcomes such as discrimination and the spread of fake news on the digital medium. Despite these trends, policies and regulations are not up to date in curbing these new issues. These worrying trends bring important questions to the MIS community: Should online content remain unregulated? Who should be responsible for the screening of inappropriate content online (site owners, user community, or third party government agencies)? What are core guidelines and policies with regards to content/information sharing on online avenues?

As a response to these challenges, this track seeks contributions that attempt to 1) provide a better understanding of the potential security/privacy/ethical issues that may arise from data usage, 2) consequences of these issues on business, social, legal, or political outcomes, 3) possible solutions to address the concerns of cyber-security, user privacy and ethical data usage, and balance these issues with corporate initiatives for enhancing value to users. Given the said challenges are underexplored in emerging online contexts (e.g., AI applications, blockchain technologies, Internet-Of-Things, crowdsourcing/crowdfunding platforms, sharing economy, smartphone apps, social media/networking), we highly encourage the submission of works that are based on these domains. At the same time, we are open towards works that deepen our knowledge of these issues in traditional contexts (e.g., health, finance, banking, ecommerce, online marketing). Submitted manuscripts can draw on any theoretical backgrounds (including but not limited to psychology, economics, sociology, criminology, or computational sciences) and methodological approaches (analytical work, experiments, qualitative studies, design science, and so forth).

Track Chairs:
Jason Chan
Seung Hyun Kim
Hanna Krasnova

Subscribe to RSS Feed (Opens in New Window)


A Social Network Analysis Perspective on Users’ Vulnerability to Socially Engineered Phishing Attacks

Jia Wei, University of Arkansas
Sebastian Schuetz, University of Arkansas

Benefit Ambiguity and Asymmetric Herding in Privacy Decisions: A Field Experiment in a Mobile Application System

Jaehyeon Ju, McGill University
Youngsok Bang, Chinese University of Hong Kong
Dong-joo Lee, Hansung University
Jae-Hyeon Ahn, KAIST

Can Conversational User Interfaces Be Harmful? The Undesirable Effects on Privacy Concern

Stefanie Sohn, Technische Universität Braunschweig

Does Cybersecurity Slow Down Digitization? A Quasi-experiment of Security Breach Notification Laws

Tianjian Zhang, Oklahoma State University
Taha Havakhor, Oklahoma State University
David Biros, Oklahoma State University

Does Sharing Make My Data More Insecure? An Empirical Study on Health Information Exchange and Data Breaches

Leting Zhang, Temple University
Min-Seok Pang, Temple University

Empowering Users to Detect Data Analytics Discriminatory Recommendations

Sepideh Ebrahimi, York University
Khaled Hassanein, McMaster University

Fake News Flags, Cognitive Dissonance, and the Believability of Social Media Posts

Kathrin Figl, University of Innsbruck
Samuel Kießling, University of Innsbruck
Christiane Rank, Wirtschaftsuniversität Wien
Svitlana Vakulenko, Vienna University of Economics and Business

Geo-Targeting, Privacy, and the Rise of Consumer Location Trajectories

Meghanath M Y, Carnegie Mellon University
Beibei Li, Carnegie Mellon University
Ying Natasha Zhang Foutz, University of Virginia

How Much is Too Much: Employee Monitoring, Surveillance, and Strain

Tripti Singh, The University of Alabama
Allen Johnston, University of Alabama

Information Disclosure in Location-based Services: An Extended Privacy Calculus Model

Dana Naous, Faculty of Business and Economics (HEC), University of Lausanne
Vaibhav Kulkarni, University of Lausanne
Christine Legner, University of Lausanne
Benoit Garbinato, University of Lausanne

Investigating Privacy Concerns Related to Mobile Augmented Reality Applications

David Harborth, Goethe University Frankfurt am Main
Sebastian Pape, Goethe University Frankfurt am Main

Learning to See the Hook: Comparing Phishing Training Approaches

Andrew Harrison, University of Cincinnati
Binny Samuel, University of Cincinnati
Zhe Shan, Miami University
Michael Cook, University of Cincinnati
Tianhai Zu, University of Cincinnati
Diksha Dawani, University of Cincinnati

On the Benefits of Senior Executives’ Information Security Awareness

Christian Olt, Technische Universität Darmstadt
Jin Gerlach, Technische Universität Darmstadt
Rabea Sonnenschein, Technische Universität Darmstadt
Peter Buxmann, Technische Universität Darmstadt

Security-Related Cynicism: A Double-Edged Sword?

Lennart Jaeger, German Graduate School of Management & Law
Gabriela Mallmann, Federal University of Rio Grande do Sul

Structural Complexity and Data Breach Risk

Hüseyin Tanriverdi, The University of Texas at Austin
Yaman Roumani, Oakland University
Joseph Nwankpa, Miami University

The Application of Operant Conditioning Theory in Employees’ IS Security Behavioral Management

Ning Yang, University of Alabama
Allen Johnston, University of Alabama

The Changing Tides of Investments and Strategies and Their Impacts on Security Breaches

He Li, Clemson University
Sungjin Yoo, Iona College
William Kettinger, Clemson University

The Impact of Anonymity on Piracy – Evidence from China

Kayla Guangrui Li, HKUST
Kai-Lung Hui, HKUST

To Sell or not to Sell – Antecedents of Individuals’ Willingness-to-Sell Personal Information on Data-Selling Platforms

Nora Wessels, Technische Universität Darmstadt
Jin Gerlach, Technische Universität Darmstadt
Amina Wagner, Technische Universität Darmstadt

Understanding Phishing Susceptibility: An Integrated Model of Cue-utilization and Habits

Emmanuel Ayaburi, University of Texas, Rio Grande Valley
Francis Kofi Andoh-Baidoo, University of Texas Rio Grande Valley

Using Agent-Based Modelling to Address Malicious Behavior on Social Media

Agnieszka Onuchowska, University of South Florida
Donald J. Berndt, University of South Florida

Validating a Control-Based Model of Information Security Policy Compliance – A Meta-Analysis

Jing Liu, University of Science and Technology of China
Jun Zhang, University of Science and Technology of China
Jingzhi Zhang, City University of Hong Kong