TOWARDS CORPORATE PRIVACY RESPONSIBILITY
With the advent of social networks and possibilities to store and reuse private user information, privacy became a term used in many different areas. And indeed, it touches a very sensitive part of users live: who knows what about me, where is it stored, who is able to see and use it? This includes information privacy, location privacy, property privacy and many more. But who should be responsible to store and hold the data of users? In B2C-E-Commerce, where user data is necessary to fulfill a transaction, to be able to charge the user or customer, to offer service tasks, and to deliver the product, a huge amount of customer data is necessary. Nowadays, companies use terms and conditions statements or privacy statements to ensure customers what happens to their data. But this is not enough. Similar to the concept of Corporate Social Responsibility, Corporate Privacy Responsibility could be a powerful tool to demonstrate the companies' position concerning privacy, which could be an impressive marketing tool, too. This includes not only user data, but also staff, B2B-partners and company data. In this work-in-progress paper we will present different privacy concepts and elaborate, which are the significant ones for a Corporate Privacy Responsibility. In the second part, we will show how the concept of Corporate Social Responsibility can be used to build a Corporate Privacy Responsibility framework. Third, a first attempt of this framework is given and drawbacks and problems are described. At the end, next steps are described.
Krumay, Barbara and Oetzel, Marie Caroline, "TOWARDS CORPORATE PRIVACY RESPONSIBILITY" (2011). MCIS 2011 Proceedings. 90.