•  
  •  
 

Journal of the Association for Information Systems

Abstract

This paper argues that in the current data-rich environment, organizations need formal policies for privacy as a way to avoid “privacy disasters”. Privacy disasters can occur when a company uses consumer data in a way that is legal, but violates public norms for acceptable use. The paper uses a case study to illustrate the elements that often characterize privacy disasters, and describes the principles and processes that can serve as the basis of a privacy policy capable of helping organizations avoid these negative events. The paper also highlights the implications of big data for privacy policy.

DOI

10.17705/1.jais.00554

Share

COinS