MIS Quarterly Executive


Public opinion data suggest that consumers care about information privacy. Executives might reasonably ask, "So what does this mean to me? What should I do differently?" This article explores the different assumptions about privacy in different countries and considers how these assumptions are reflected in different approaches to regulating privacy. Against that backdrop, six managerial action areas associated with information privacy are explored: 1.Collection and storage 2.Secondary use 3.Data accuracy 4.Authorized access 5.Automated judgment 6.Profiling In some countries, these areas are tightly regulated; in others, their management is left to executives¡¯ discretion. For each area, this article considers possible negative outcomes from mismanaging that area, and it calls out the types of mismanagement observed frequently. Finally, it provides recommendations for management of each area.