Privacy Over the Internet Malaysia

5/21/2018 Privacy Over the Internet Malaysia

1/49

Privacy over the Internet in Malaysia: A Survey of

General Concerns and Preferences among Private Individuals

byDr Muniruddeen Lallmahamood

ABSTRACT

This study sought to examine online privacy concerns and their relationship with several

factors, namely online purchase, privacy policy, Web cookies, privacy laws, Internet seal

of approval, gender and Internet usage towards privacy concerns. Seven hypotheses weresuggested for the above examination. Questions that made up the main survey instrument

were based on numerous surveys which have been conducted to assess levels of privacy

concerns in the United States in recent years. The 206 respondents were mainly from the

urban areas of Malaysia. Overall, it was found that the respondents were highly

concerned (92.4%) about privacy matters. Only one of the seven hypothetical situations

was substantiated, while the difference between Internet buyers and non-Internet buyers,

gender and the influence of Web cookies, privacy laws, Internet seal of approval and

Internet usage showed no relationship to an individuals privacy concern. Therefore, the

posting of privacy policy over websites and providing clear and valid information on the

purpose of data collection may be a pre-requisite condition for website operators. This

study is one of the first online privacy studies in Malaysia and thus may contribute to the

literature in the field of online privacy in Malaysia.

Keywords: Privacy, E-commerce, Cyberlaws


2/49

I. INTRODUCTION

Malaysia is positioning itself as a premier investment hub for ICT and multimedia in

Asia, and new developments are taking place in this field on a daily basis. The Malaysian

governments most important initiative in the global information communication and

telecommunication (ICT) industry has been the creation of the Multimedia Super

Corridor or MSC (MDC, 2005).

Today, Malaysia is attracting global ICT companies to locate their industries in the MSC.

These companies along with local companies are undertaking research, developing new

products and technologies. For instance, the national multipurpose card and tele-health

applications are amongst the first initiatives to jumpstart the MSC vision and create a

multimedia utopia for innovative producers and users of multimedia technology (MDC,

2005).

Both the above projects involve handling of sensitive personal information. Yet, while

new laws enacted provide guidelines for the ICT industry, they do not address the right to

personal information privacy while the proposed Personal Data Protection Act is still

under review.

In spite of the wide interest in privacy as a topic, little is still known of the ways in which

people, in their ordinary lives, perceive privacy and what their reactions to the collection

and use of personal information are (Hine & Eve, 1998 p. 253). Spiekermann, Grosskiags

and Berendi (2001) claim there is some willingness of online users to provide data,

depending on the situation. Further, Tam (2000) claims that personal data privacy control

in the Asia Pacific region is complex due to diversity in cultures, types of governments,

differences in legislation and business practices.


3/49

Therefore conducting research in this area is answering a real need. Tam (2000 p. 260)

also suggests four specific critical issues that need to be addressed:

ensuring the confidentiality of personal information;

securing privacy on the Internet,

being aware of the various websites which practise privacy; and

making appropriate choices in disclosing information on the Web.

While it is interesting to explore the numerous online privacy surveys which have been

conducted in the United States (Westin, 1998; Cranor, Reagle & Ackerman, 1999; Harris,

2002; Harris, 2003), Australia (Roy Morgan Research, 2004) and India (Kumaraguru &

Cranor, 2004), no similar study has yet been published on online privacy concerns in

Malaysia. This exploratory study was therefore conducted to investigate privacy concerns

amongst Malaysian Internet users. It aims at filling the gap in the literature by describing

Malaysians attitudes and preferences relating to personal information privacy over the

Internet.

2. THEORETICAL BACKGROUND OF THE STUDY

A. Malaysia, ICT and Cyberlaws

Malaysia is a middle-income country, with a population of 27 million people, comprising

different ethnic groups with a majority of Malays. The country has transformed itself

since 1971 from a producer of raw materials into an emerging multi-sector economy

(CIA, 2005). The GDP growth rate in 2004 was 7.1 percent and the per capita gross

national income was US$4,372 (DOS, 2005). With the current global expansion of the

ICT industry and through the Malaysian Governments initiatives, some of the major

global ICT companies of the world have commenced operations in the MSC.

An Internet World Statistics report in March 2005 reveals that Internet penetration in

Malaysia had reached 37.9 percent with approximately 10 million Internet users. This


4/49

places Malaysia seventh amongst the 35 Asians countries, behind Hong Kong, South

Korea, Japan, Taiwan, Singapore and Macao, respectively. The Malaysian

Communication and Multimedia Commission (2005) reports that for every 100

Malaysian inhabitants in the year 2004, there were 12.7 Internet dial-up users, 17.3

landline telephone lines and 56.3 cellular telephone line users. Furthermore, 16.6 percent

of the population owned personal computers in the year 2003 (ITU, 2005). As at March

2004, 0.006 percent of the population had subscribed to broadband Internet services

(NBP, 2004) and the number of websites increased significantly over a five-year period

from 10,000 in the year 2000 to 50,000 by the end of 2004 (MYNIC, 2005). The results

of a global e-commerce study conducted by Taylor Nelson Sofres (TNS, 2002) show that

only 1 percent of the total population and 3 percent of Internet users buy online in urban

Peninsular Malaysia.

In order to regulate this growing convergence in the information, communication and

technology (ICT) industry, the Malaysian parliament has passed a number of legislative

laws, known as cyberlaws. The cyberlaws which have been tabled and passed by the

Parliament include the Digital Signature Act (1997), the Computer Crime Act (1997), the

Telemedicine Act (1997), the Copyright (Amendment) Act (1997), the Communications

and Multimedia Act (1998), the Malaysian Communications and Multimedia

Commission Act (1998) and the Optical Discs Act 2000 (MSC, 2005).

In addition to the above cyberlaws, the Malaysian Government has proposed to introduce

a Personal Data Protection Act to regulate the collection, holding, processing and use of

personal data by any person (Business Times, 2001). Delays in enacting the proposed

personal data protection bill may be the cause of some forms of online privacy intrusion

for instance, practices such as requests for compulsory information in return of online

services are common on Malaysian websites.


5/49

Currently, only the Banking and Financial Institutions Act 1989 (BAFIA) and the

Payment Systems Act 2003 restrict bank officials and financial institutions from

revealing details of their customers accounts to third parties. The latter act is directed

towards the divulging of credit card information (NST, 2003). Since website operators

are not regulated under the above acts, the risk of invasion of online information is high.

Attaran (2000) suggests that a significant aspect of privacy concerns is invasion. For

instance, online job search firms are increasingly sharing and selling job seekers

personal information to marketers and employers hoping to target certain audiences

(Upfront, 2004).

Another privacy issue is that the collection of personal data from children and teenagers

has not yet been addressed in the Malaysian context. It is no secret that children and

teenagers are early adopters and avid users of the Internet (Aidman, 2000). Lenhart,

Madden and Hitlin (2005) report that in USA, nearly 87 percent of those aged 12 to 17

use the Internet. In the USA, the Childrens Online Privacy Protection Act 1998 requires

operators of websites and other online services to abide by specific guidelines with

respect to the collection, use and distribution of personally identifiable information from

children under the age of 13 (COPPA, 2000). In two separate studies in the USA, a

majority (85 and 93 percent, respectively) of respondents indicated their dislike relative

to the collection of information from children without parental consent (Westin, 1998;

Cranor, Reagle & Ackerman, 1999).

In following the discourse on the regulation between privacy and protection, it should not

be forgotten that the Constitution of Malaysia does not explicitly recognise the right to

privacy (Madieha, 2002). Miyazaki and Fernandez (2000 p. 55) state that policy

makers are tending toward regulations that make online retailers responsible for

disclosing consumer information acquisition, usage and protection practices.


6/49

Hence, this exploratory study may provide some new insights into privacy issues to the

countrys policy makers and industry leaders.

B. Privacy and the Internet

Existing literature on the right to privacy dates back to the nineteenth century, and its

importance has evolved over the past decades. Warren and Brandeis (1890) claim that the

recognition of new rights such as privacy has been brought about by political, social and

economic changes. Privacy has become one of the most important human rights of

modern age (Rotenberg, 2004). It is actually a value that is protected by the right to

control ones personal information (Privacilla, 2002).

From a business viewpoint, personal information privacy is viewed as an economic

interest and competitive advantage by businesses. With Internet technologies becoming

increasingly advanced, the issue of personal data protection has attracted significant

attention from consumers, policy makers, industries leaders and non-government

organisations.

The impact of personal information privacy on Internet usage is an important element of

this research. Personal information privacy is defined as the ability of the individual to

personally control information about ones self (Stone et al., 1983). The understanding of

personal information privacy has triggered website operators to look for new ways to

understand Internet users behaviour in order to attract and retain them to their websites.

In view of Internet users concern that personal and proprietary information may be

wrongly accessed and manipulated, personal information privacy is also referred to as

Internet privacy concerns in this study.

Several studies have effectively reported a growing privacy concern amongst online

users. Harris (2003) reports that several American surveys carried out between 1993 and


7/49

2003 show a trend of increasing levels of general privacy concerns. A recent privacy

survey in India reports that 80 percent of respondents are concerned with online privacy

(Kumaraguru & Cranor, 2004), while 62 percent of Internet users have more concerns

about the security of their personal details in Australia (Roy Morgan Research, 2004).

The Internet includes various modes of information exchange, such as e-mail, real time

communication and the use of the Word Wide Web (WWW). The WWW is the main

storefront that allows for interactive user-initiated information exchange (Hoffman &

Novak, 1996 cited in Miyazaki & Fernandez, 2000 p. 54), therefore in this paper, it is

sought to investigate the following main issue:

the level of privacy concern amongst Internet users/online consumers

and its relationship with the following factors:

I. Online Purchase

The relationship between online shoppers and privacy concerns has also been discussed

in several studies. The IBM Multinational Consumer Privacy study (2000) finds that 40

percent of consumers have made decisions not to purchase something online due to

privacy concerns. Godwin (2001) observes that privacy and security concerns among IT

users are the number one reason why Web users are not purchasing over the Web. Phelps,

DSouza and Nowak (2001) make the same observation and add that privacy may

influence purchase behaviour, purchase behaviour may also influence privacy concerns.

A more recent study shows that online invasion of privacy has a significant inverse

relationship with online purchase behavior (Brown & Muchira, 2004). It is therefore

apparent that privacy concerns have an influence on Internet shoppers. Accordingly, the

following hypothesis is formulated:


8/49

H1O There is no difference between an Internet buyer and non-Internet buyer

towards his/her privacy concerns.

H1A There is a difference between an Internet buyer and non-Internet buyer

towards his/her privacy concerns.

II. Privacy Policy

The abovementioned studies indicate that Internet privacy and security concerns have

kept online consumers from buying things online. This has led many academics and

business professionals to conduct further research on privacy issues. Among these

include an examination of the five online policies of a number of major e-commerce

companies during the period 1999-2001 by Desai, Richards and Desai (2003). The study

finds that these companies appear to have fair information policies and stress that the

sharing of contact information with other businesses is not practised (Desai et al. 2003).

Other reported issues on fair information policy include the collection of e-mail addresses

without peoples knowledge or consent which was also considered an important factor by

80 percent (Cranor, Reagle & Ackerman, 1999) and 70 percent of respondents (Westin

1998) in the USA, while 94 percent of Australian respondents considered the above an

invasion of privacy (Roy Morgan Research, 2004). Cranor, Reagle and Ackerman (1999)

observe that 79 percent of Internet users had rated the sharing of their information with

other organisations as the most important factor when making the decision to disclose

their personal information. Roy Morgan Research (2004) reports that a significant

percentage of Australian Internet users who had read a privacy policy felt more confident

and secure about using the site.

It appears evident that the display of a data privacy policy on a companys website is a

form of privacy assurance for Internet users regarding their personal data. Accordingly

the following hypothesis is proposed:


9/49

H2OA website privacy policy does not influence an individuals privacy concern.

H2A A website privacy policy influences an individuals privacy concern.

III. Web Cookies

Similarly, the compilation of e-mail marketing lists and tracking of websites visited and

using the information improperly were reported as an invasion of privacy. 87 percent

(Cranor, Reagle & Ackerman, 1999), 72 percent (Westin, 1998), and 93 percent (Roy

Morgan Research, 2004) of respondents viewed the monitoring of activities on the

Internet as an invasion of privacy. The tracking of websites visited is usually carried out

through use of web cookies. A web cookie usually gathers information about an Internet

user. It is defined as a file that a web server stores on a users computer when a website is

visited (Lawrence et al., 2002).

Although Internet users may adjust their web browsers to reject all or certain types of

cookies or to warn them before a cookie is placed on their hard drive, Miyazaki and

Fernandez (2000) claim that many Internet browsers lack knowledge of this function.

Thus, the following hypothesis is proposed:

H3O Cookies over websites do not influence an individuals privacy concern.

H3A Cookies over websites influence an individuals privacy concern.

IV. Legislation and Internet Seal of Approval

Additionally, the appearance of an Internet seal of approval has been purported to raise

consumer confidence in a website. An Internet seal of approval consists of logos

displayed on a website that assure users that the site has been audited for its privacy

practices and that personal information storage is secured (Miyazaki & Krishnamurthy,

2002). Examples of major Internet seals of approval are TRUSTe and BBBOnline.


10/49

Cranor, Reagle and Ackerman (1999) have found that while 28 percent of Internet users

would be more likely to provide information if the site had a privacy policy, 48 percent

said they would be more inclined to do so if there was a relevant law while 58 percent

would be more likely to do so if the site had both a privacy policy and a seal of approval.

In a study which adopted the BBBOnline as the framework for the analysis of 10 website

operators in Malaysia, Husnayati, Maram and Adam (2003) found that these operators

adhere well to some code of online business practices, but certain practices related to

customer privacy, security and child protection need more attention. While third party

assurance endorsements may appear useful in alleviating consumer concerns and reduce

the risks associated with websites, the existence of a law such as the Personal Data

Protection Act may have an influence on an individuals privacy concern. Therefore the

following hypothesis is proposed:

H4O A law such as the Personal Data Protection Act does not influence an

individuals privacy concern.

H4A A law such as the Personal Data Protection Act influences an individuals

privacy concern.

Miyazaki and Krishnamurthy (2002) claim that in the absence of a data privacy law, an

Internet seal of approval can act as an alternative to potential legislation. They also find

that the presence of an Internet seal of approval had a significant impact on potentially

high online shoppers and less impact on potentially low online shoppers with regard to

privacy concern. Accordingly, an Internet seal of approval can be a form of privacy

assurance for the Internet, therefore the following hypothesis is proposed:

H5O A privacy policy and Internet seal of approval do not influence an


H5A A privacy policy and Internet seal of approval influence an individuals

privacy concern.


11/49

V. Internet Users Characteristics

While personal information privacy is strongly indicated as a major concern over the

Internet, this concern may differ with respect to culture, language and laws. On this issue,

Westin (1967) has claimed that every society values privacy in some different form. Tam

(2000) also claims that in exploring the state of affairs in personal data privacy in the

Asia Pacific, there arises a need to examine privacy from a number of perspectives such

as computing, legislative, political, cultural and social perspectives. Tavani (2000)

suggests that attitudes, beliefs and cultures, with regard to the value of privacy, vary in

different parts of the world. He adds that in the South East Asian Pacific, privacy is

perceived as relatively less important than in Western countries. Bellman et al. (2004)

identify the need for localised privacy policies on the basis that cultural values are

associated with differences in privacy concerns and these cultural differences are

mediated by regulatory differences. There may also be a reciprocal relationship, in which

a countrys regulatory approach affects its inhabitants level of concern (Milberg et al.,

1995). For example, in Singapore because of cultural reasons, the government openly

uses information technology to track the activities of its citizens (Tavani, 2000).

Nonetheless, while the vast majority of Internet users appear concerned about privacy,

their reactions to scenarios involving personal online information collection are

extremely varied. Some report that they would rarely be willing to provide personal

information online, others show some willingness to provide information depending on

the situation, and others are quite willing to provide data, regardless of whether or not

they express a high level of concern about privacy (Westin, 1998; Cranor, Reagle &

Ackerman, 1999; Spiekermann, Grosskiags & Berendi, 2001; Harris 2003).

Singh and Hill (2003) claim that some online shoppers may be willing to exchange and

share information about themselves for valued rewards. They add that these rewards may


12/49

range from monetary, material incentives to simple convenience of transaction. Phelps,

Nowak and Ferrell (2000, p. 30) also claim that consumers overall concern about the

ways companies use personal information are determined by the type of personal

information requested, the amount of information control offered, the potential

consequences and benefits offered in exchange, and consumer characteristics. They also

find that consumers are most willing to provide marketers with demographic and lifestyle

information and least willing to provide financial information and personal identifiers

(Phelps, Nowak & Ferrell, 2000 p. 33). This may then suggest that the type of personal

information and consumer characteristics revolve around an individuals specific data. It

may also propose, in relation to the above studies, that an examination of how Internet

users in the local context would respond when an individuals specific personal

information such as name, identification number, credit cards are asked.

Accordingly, it is proposed that there is a relationship between privacy concern and

demographic data such as gender. Women are reluctant to seek product information or

place orders online mainly because of security concerns relating to stolen credit card

transactions, personal privacy and the lack of net regulation (Cyber Atlas News cited in

Nakra, 2001 p. 273). Males and females appear to use computers differently, and women

appear to be more concerned about personal privacy (Sheehan cited in Kolsaker & Payne,

2002 p. 210). Furthermore, there is a marginal difference of gender-based variations

observed by Kolsaker and Payne (2002) towards the use of computers and online

shopping. Thus, this seeks to examine the following hypothesis:

H6A There is no difference between males and females towards their privacy

concerns.

H6O There is a difference between males and females towards their privacy

concerns.


13/49

It was also found that privacy concerns would decline with Internet experience (Bellman

et al., 2004), thus the following hypothesis is proposed:

H7OThere is no relationship between Internet usage and an individuals privacy

concern.

H7AThere is a relationship between Internet usage and an individuals privacy

concern.

It also appears that the variation in willingness amongst Internet users to provide personal

data such as e-mail addresses may have contributed to e-mail spam, which targets

individual users, with direct mail messages concerning commercial advertising. It was

reported that Internet users concerns about unsolicited commercial e-mail or spam have

been reported at 52 percent (Cranor, Reagle & Ackerman, 1999) and 94 percent in the

USA (Harris, 2003), but only at 38 percent in India (Kumaraguru & Cranor, 2004). This

study may therefore contribute towards more understanding and providing some new

findings in the literature regarding personal information privacy and its practices amongst

Malaysian Internet users.

III. RESEARCH METHODOLOGY

The research method applied for this study is a quantitative approach, and a survey

instrument in the form of questionnaire was used.

A. Survey Instrument

The questions used have previously appeared in major privacy studies in the USA such as

those by Westin (1998), Cranor, Reagle and Ackerman (1999), Bauman (2001), Harris(2002, 2003) and in a privacy study in India (Kumaraguru & Cranor, 2004). In this study,

the Cranor, Reagle and Ackerman (1999) questionnaire was mainly used to ensure that

the measures include an adequate and representative set of items that tap the concept

(Sekaran, 2000, p. 207).


14/49

Other than the questions on respondents demographic profile, the survey consisted of 27

questions, wherein 14 questions explored different scenarios. In these scenarios,

participants were asked to indicate their opinions on a Likert scale (1-5) as primary

anchors ranging from definitely not to definitely would and were subsequently given

a scenario on a Likert scale (1-3) with anchors ranging from less likely to more likely

(see appendices). Standard demographic data was also collected from the respondents and

questions were included to gauge respondents level of technological usage.

The survey also included questions where respondents were asked how comfortable they

would generally feel in providing each of 12 specific types of personal information to

websites. They were also asked what they would indicate in terms of very important,

somehow important or not important in 10 specific items relating to web browsers

privacy practices. Subsequently, participants were asked to select only three items that

they would consider to be most important to them from the aforementioned 10 specific

items. The selection of only three items may be considered a measure to verify

consistency with selected items in the survey. In the last 4 questions of the survey,

respondents were asked to rate the seriousness of various privacy issues on a scale of 1 to

10, where 1 meant not serious at all while 10 meant extremely serious.

B. Data Collection Procedure

The study included an online and an offline survey. Invitations to complete the web-

based survey were e-mailed to 200 people. Another 400 surveys were distributed.

Participants were made up of Malaysian Internet users ranging from executives and

professionals in all sectors, to university and college students in urban areas. This sample

was considered to comprise regular Internet users and was expected to represent a wide

range of Malaysian Internet users, an important point for the understanding of future

online privacy issues in Malaysia.


15/49

It was somehow difficult to convince participants to respond to the survey, which

ironically dealt with privacy issues. Altogether 223 questionnaires were completed and

received. There were 52 (or 23.4%) online respondents and 171 (or 76.6%) offline

respondents, the total rate of response being 37 percent. Seventeen surveys (13 online and

4 offline) were eliminated because the respondents did not complete at least one to two

pages; therefore the total number of questionnaires used for the analysis was 206.


16/49

IV. RESULT ANALYSIS

A. Demographic Profile and Technology Usage

Table 1 presents a brief profile of the respondents in which 59.7 percent of respondents

were male. The Malay ethnic group formed 46.6 percent of the total respondents, and the

majority of them were from within the age bracket of 20-29 years old. Most respondents

had a bachelors degree (37.4%) or a postgraduate qualification (35.0%). The majority of

respondents had incomes from less than the range of RM1,000 to RM5,000 (63.5%).

Since, the Malaysia Salary Guide (MSG) 2005 indicates that the average salary for

Malaysians is from less than RM1,000 to RM5,000, this would seem to indicate that the

sample was representative of the population in terms of income.

Since the Childrens Online Privacy Protection Act of 1998 in the USA has specific

guidelines pertaining to collection of data from children under the age of 13, the

participants were asked to indicate how many children between the ages of 8 and 12 live

in their household, out of which 70.9 percent indicated that they did not have children

aged between 8 to 12 years old.

Table 1: Demographic Profile

Demographic Profile No. of Respondents (N) Valid Percentage (%)

(1) Gender

Male Female

123 83

59.7 40.3

(2) Race

Malay Chinese Indian Others

96 64 28 9

46.6 31.1 13.6 4.4

(3) Age

< 20 years 20-29 years 30-39 years 40-49 years 50 years

15 98 66 20 7

7.3 47.6 32.0 9.7 3.4

(4) Highest Education Attained Certificate Vocational / Training school

24 2

11.7 1.0


17/49

Diploma / Matriculation Bachelors degree Post graduate Professional qualification

21 77 72 10

10.2 37.4 35.0 4.9

(5) Monthly Income Group

< RM1,000 RM1,000-3,000 RM3,001-5,000 RM5,001-10,000 RM10,001-20,000 >RM20,000 Not applicable

37 49 43 23 14 5 32

18.2 24.1 21.2 11.3 6.9 2.5 15.8

(6) Number of children between 8-12

None 1 - 2 3 4 5

146 44 14 2

70.9 21.4 6.8 1.0

As shown in Table 2, most respondents indicated that they either used a personal

computer or PC at home (87.9%) or at the office (83.5%). Those who used a PC at other

locations constituted a further 57.8 percent. Most respondents accessed the Internet

several times a day (63.4%). Out of the 206 respondents, 56.7 percent had been accessing

the Internet for more than 5 years while nearly three-quarters claimed using the Internet

at least once a day (74.1%) and 43.2 percent had never used the Internet for e-commerce

transactions.

Table 2: Computer/Internet Related Experience

Computer/Internet Related Experience No. of Respondents

(N)

Valid Percentage (%)

(1) Use computer Home

Yes No

181 25

87.9 12.1

(2) Use computer Office

Yes

No

172

34

83.5

16.5(3) Use computer Other location

Yes No

119 87

57.8 42.2

(4) E-Commerce (Buying online) Yes No

89 117

43.2 56.8

(5) Year(s) of using Internet


18/49

Year 1 1 < Year 2 2 < Year 5 5 < Year 10 Year > 10

5 7 53 115 23

2.5 3.4 26.1 56.7 11.3

(6) Frequency of Internet usage Several times a day Several times a week Several times a month Once a day Once a week Once a month

130 42 5 22 3 3

63.4 20.5 2.4 10.7 1.5 1.5

B. Statistical Analysis Hypothesis Testing

In the following section, each of the proposed hypotheses is tested to identify anysignificant differences and influences on the level of privacy concern. The results are

illustrated as follows:

I. No difference between Internet buyers and non-Internet buyers towards their

privacy concerns

H1O There is no difference between Internet buyers and non-Internet buyers

towards their privacy concerns.

H1A There is a difference between Internet buyers and non-Internet buyers

towards their privacy concerns.

At-test will indicate if privacy concerns are significantly different for Internet buyers and

non-Internet buyers. The results of the t-test done are shown in Table 4.0. As can be seen,

the difference in the means of 3.596 and 3.547 with standard deviations of 0.578 and

0.701 for Internet buyers and non-Internet buyers on their privacy concerns (see table 3)

is not significant (see table 4, showing t-test for Equality of Means). This implies that

there is no difference between Internet buyers and non-Internet buyers on the level of

privacy concerns.

Table 3: Group Statistic - Internet buyer/Non-Internet buyer & Privacy Concern


19/49

Purchase Online N MeanStd.Deviation

Yes 89 3.596 0.578PrivacyConcern No 117 3.547 0.701

Table 4: Independent Sample Test - Internet Buyer/Non-Buyer & Privacy Concern

Levene's Test for Equality ofVariances t-test for Equality of Means

F Sig. T Df Sig. (2-tailed)Equal variancesassumed 1.753 0.187 0.530 204.000 0.59

PrivacyConcern

Equal variances notassumed 0.544 202.615 0.58

II. Influence of a website privacy policy on an individuals privacy concern

H2OA website privacy policy does not influence an individuals privacy concern.

H2A A website privacy policy influences an individuals privacy concern.

In this case, the F Value of 5.164 (2.095/0.406) is significant at the 0.05 level (see table

5). Therefore, the hypothesis is substantiated. That is, there are significant influences in

the mean of all the individuals privacy concern and the null hypothesis can be rejected.

This implies that there is an influence of a privacy policy over websites on an


Table 5: ANOVA Test Privacy Policy & Privacy Concern

Sum ofSquares df Mean Square F Sig.

Between Groups 4.190 2 2.095 5.164 .006

Within Groups 82.358 203 .406

Total 86.549 205

To determine among which groups the true influence lies, the Duncan test was performed

for this purpose. The results showed that the mean privacy concern for the three groups

was 3.82 for less likely, 3.42 for reaction would not change and 3.6 for more likely.


20/49

The reaction would not change is the one that is significantly different from less likely

and more likely at p


21/49

Here, the F-Value of 0.372 (0.158/0.425) is not significant at the 0.05 level (see table 7).

This implies that the hypothesis is not substantiated and that there is no influence of a law

such as the Personal Data Protection Act on an individuals privacy concern.

Table 7: ANOVA Test Law & Privacy Concern


Between Groups .316 2 .158 .372 .690

Within Groups 86.232 203 .425

Total 86.549 205

V. No influence of a privacy policy and Internet seal of approval on an individualsprivacy concern

H5O A privacy policy and Internet seal of approval do not influence an


H5A A privacy policy and Internet seal of approval influence an individuals

privacy concern.

The F-Value of 0.154 (0.066/0.426) is not significant at the 0.05 level (see table 8). This

implies that the hypothesis is not substantiated and that there is no influence of a privacy

policy and Internet seal of approval on an individuals privacy concern.

Table 8: ANOVA Test Privacy Policy, Internet Seal of Approval & Privacy Concern


Between Groups .131 2 .066 .154 .857

Within Groups 86.417 203 .426Total 86.549 205

VI. No difference between males and females towards their privacy concerns


22/49

H6A There is no difference between males and females towards their privacy

concerns.

H6O There is a difference between males and females towards their privacy

concerns.

Here, the F value 7.767 rejects the equality of variance (see table 9). The T-test value of -

1.594 is less than t 0.05, 204 = 1.645; therefore the null hypothesis is not rejected. This

implies that there is no difference between the two gender groups towards privacy

concerns.

Table 9: Independent Samples Test Gender & Privacy Concern

Levene's Test for Equality ofVariances t-test for Equality of Means

F Sig. t df Sig. (2-tailed)

Equal variancesassumed 7.767 0.006 -1.504 204.000 0Privacy

Concern Equal variances not assumed -1.594 202.397 0.1

* Not significant at 0.05

VII. No relationship between Internet usage and concern level on privacy

H7OThere is no relationship between Internet usage and an individuals privacy

concern.

H7AThere is a relationship between Internet usage and an individuals privacy

concerns.

The result of the Pearson Chi-Square value of 5.597 is less than [X2

0.05, 205 = 124.34]

(see table 10). Therefore we do not reject the null hypothesis. This implies that there

is no relationship between an individuals Internet usage and his/her privacy concern.

The cross-tabulation count of the percentage of Internet usage per level of concern on

privacy is illustrated in Appendix A.


23/49

Table 10: Chi-Square Tests Internet Usage & Privacy Concern

Value dfAsymp. Sig.

(2-sided)

Pearson Chi-Square 5.597(a) 15 .986

Likelihood Ratio 7.635 15 .938

Linear-by-LinearAssociation

.721 1 .396

N of Valid Cases205

(a) 17 cells (70.8%) have expected count less than 5. The minimum expected count is .04.

V. RESULT DISCUSSION

The study incorporated some basic questions in order to describe the current privacy

concern practices. In the following sections, these descriptions are compared with several

prior studies and discussed together with the hypothetical situations.


24/49

A. Privacy Concerns

The respondents indicated that they were somehow concerned and very concerned

(75.3%) with their personal privacy when not using the Internet. 94.2 percent of

respondents indicated that they felt their personal privacy might be threatened when using

the Internet. This may imply that the respondents are more concerned about online rather

than offline privacy and the ability of an individual to personally control information

about himself (Stone et al., 1983) is important.

Table 11: General Privacy Concerns

As seen in Table 12, of the 206 respondents, 67.5 percent reported never having been

victims of privacy invasion.

Table 12: Victim of Internet privacy invasion

1. Have you ever personally been the victim of what you felt was an invasion ofyour privacy when using the Internet? Frequency

ValidPercent

Yes 67 32.5

No 139 67.5

Total 206 100

The above results support findings from several studies where the trend across several

American surveys carried out between 1993 and 2003 showed increasing levels of

general privacy concerns (Harris, 2003). Westin (1998) found that 81 percent wereconcerned about online privacy while Cranor, Reagle and Ackerman (1999) found that 87

percent were concerned about online privacy. In another study, 86 percent of respondents

were highly and moderately concerned about online privacy (Harris, 2002). A recent

Level of Concerns

Not

concernedat all

Not

veryconcerned

Somehowconcerned

Veryconcerned

1. Threats to the personal privacywhen NOT using the Internet

5.8 18.9 37.9 37.4

2. Threats to the personal privacywhen using the Internet

1.5 4.4 30.1 64.1


25/49

privacy survey in India reported that 80.0 percent of respondents were concerned about

online privacy (Kumaraguru & Cranor, 2004).

When the respondents were asked to rate the seriousness of various privacy issues, they

rated the seriousness of privacy issues as significantly high. The rating was between 7.5

and 8.7 of the issues raised (see Table 13) where 1 was perceived as not serious at all,

while 10 was defined as a very serious issue.

Table 13: Rating of the Seriousness of Privacy Issues

Privacy Rating Mean score

1. Unsolicited commercial e-mail (spam). 7.5

2. Collecting personal information from children without getting parental consent. 8.83. Collecting the e-mail addresses of site visitors without their knowledge or consent,

to compile e-mail marketing lists. 8.3

4. Tracking of websites people visited and using that information improperly. 8.7

The above results tally with those of various other surveys carried out on the same topic

elsewhere. Harris (2002) reports that 94 percent of American Internet users surveyed

said spam was a concern. There are also similarities with the Westin (1998) study as well

as Cranor, Reagle and Ackermans (1999) study where issues such as collecting personal

information from children without getting parental consent (93%-85%), collecting the e-

mail addresses of site visitors without their knowledge or consent (80%-70%), compiling

e-mail marketing lists, and tracking of websites visited and using the information

improperly (87%-72%) were identified as being issues. On the other hand, hypothesis 1

shows that there is no difference between Internet buyers and non-Internet buyers on

privacy concern. This therefore does not support Brown and Muchiras (2004) findings

that online invasion of privacy has a significant inverse relationship with online purchase

behaviour.

B. Trade- Off


26/49

Several questions, through different scenarios, were posed to gauge the willingness of

respondents to provide personal information, for example in the case where information

to be obtained was perceived as being useful, when a useful item was promised in return

or where a privacy policy was in place etc.

As illustrated in Figure 1, when information was perceived as useful, half of the

respondents would definitely or probably provide information about income and

investment, which is not identifiable.

Figure 1: Willingness to provide income and investment-related data without identifiable

information, or with identifiable information but been promised with useful materials in

return

14

28

9

41

911

25

14

44

7

0

10

20

30

40

50

Definitely

not

Probably

not

Not sure Probably

w ould

Definitely

w ould

%o

frespondents

No identification info With identification info

It is interesting to note from Figure 1 that the number of respondents who said that they

would definitely not or probably not provide requested information, reduced slightly

when they were asked to provide identifiable information in exchange for some useful

item to be sent to them. It may suggest that a form of trade-off between the identifiable

information and useful material can be foreseen. These are interesting findings which

could be used by website operators wishing to attract more visitors, or to optimise the

data collection on current prospective customers.


27/49

Figure 2 shows that people were generally willing to provide information relating to their

areas of interest (9% definitely would and 55% probably would). With ceteris paribus,

what would be the response when they were requested to fill in their name? The positive

response dropped when such identifiable information was requested and when nothing

was to be obtained in exchange for this additional information.

Moreover, a mere 11.7 percent of respondents would likely change their minds if the

policy of the website visited stated that all information collected would be deleted should

it not be visited for 3 months.


28/49

Figure 2: Willingness to provide information with and without identifiable information in

particular interest

8

18

10

55

9

17

29

14

36

5

0

10

20

30

40

50

60

Definitely

not

Probably

not

Not sure Probably

w ould

Definitely

w ould

%o

frespondents

No identification info With identification info

It is interesting to note that the scenario involved in Figure 1 is related to banking

websites, whereas the scenario in Figure 2 involved news, weather and sports websites.

This may be interpreted to mean that respondents have established a trusted relationship

with online banking service providers. Nearly 63 percent of web users in another study

who declined to provide personal information to websites reported that it was because

they did not trust those who were collecting the data (Hoffman, Novak & Peralta, 1999).

C. Web Privacy Policies

Respondents were asked if they would provide their name and postal address in order to

get free pamphlets and coupons of a companys products. 10.2 percent of the respondents

indicated that they would definitely provide the above information and 45.6 percent

indicated they probably would.

As indicated in Figure 3, with a legal framework as a barrier to preventing websites to

use the details except than processing the request, 28 percent of the respondents would

disclose their names and postal addresses. 42 percent said they would if the website had a


29/49

privacy policy indicating that names and addresses are used for sending requested

materials, while 55 percent said they would should the website provide both a privacy

policy and a seal of approval from a well-known organisation, e.g. the Better Business

Bureau or TRUSTe. However, if sharing names and addresses with the other company

were involved, only 20% of respondents would be inclined to change their minds to

disclose the above.

Figure 3: Re-evaluation of the decision to fill in Name and Postal Address under various

scenarios

3142

28

18

3942

14

31

5550

30

20

0

10

20

30

40

50

60

Less likely Your reaction

w ouldnt change

More likely

%o

frespond

ents

Law Privacy policy only

Privacy policy and seal of approval Share w ith other company

It could be inferred that respondents are more comfortable in providing personal

information if there are laws or privacy policies or even an Internet seal of approval to

protect their interests. However, the inferential statistical test showed that the presence of

legislation and an Internet seal of approval did not influence an individuals privacy

concern. On the contrary, the posting of a privacy policy over websites have a significant

relationship on an individuals privacy concerns.

A random browsing of the 50 Malaysian websites has shown that only 17 (34%) had

privacy policy posted. The recent poll in India reported that merely 29% of Indian

websites had a privacy policy (Kumaraguru & Cranor, 2004).

D. Comfort Level of Sharing Different Types of Data


30/49

Participants were asked on how comfortable they were in providing twelve types of

information on themselves and the children under their care aged between 8 and 12 years.

Their comfort levels varied across the twelve types of information even though they were

generally low. Nevertheless, respondents were most willing to share their favourite

television programme, favourite snack food, and e-mail address with websites. They were

least comfortable in sharing credit card number, identification number, annual household

income, postal mail address and phone number.

The comfort levels of sharing their childrens information fairly mirrored the comfort

levels of sharing information about themselves. Figure 4 shows that parents were

generally more careful about sharing their childrens information, except for three types

of information in which the comfort levels were slightly higher as compared to sharing

their own information.

Figure 4: Comfort level in sharing different types of data of their own and their children

ages between 8 and 12 years


31/49

6.3

4.9

17.5

4.9

8.7

14.6

8.3

2.4

29.6

31.1

4.9

0.5

6.4

4.4

9.3

2.9

8.8

11.3

9.3

3.4

25.5

27.5

0 5 10 15 20 25 30 35

Full name

Postal mail address

E-mail address

Phone number

Computer hardw are or sof tw are

Age

Health / medical history

Identif ication number

Favorite snack food

Favorite television program

Annual household income

Credit card number

% of people 'alw ays feel comfortable'

Own Child (age betw een 8 to 12 year old)

Table 14 demonstrates that differences in willingness exist in the sharing of three types of

contact information: postal mail address, phone number and e-mail address. Respondents

were most comfortable sharing their e-mail address, and least comfortable sharing their

phone number. This shows a similar trend with the Indian privacy survey (Kumaraguru &

Cranor, 2004).


32/49

Table 14: Comfort Level Sharing Contact Information with Websites

Contact Information Postal mail address E-mail address Phone number

Always feel comfortable 5% 18% 5%

Usually feel comfortable 17% 33% 8%

Sometime feel comfortable 25% 25% 11%Rarely feel comfortable 30% 16% 33%

Never feel comfortable 24% 9% 44%

E. Web Cookies

Since the result of the hypothesis testing has implied that there is no influence of web

cookies on an individuals privacy concern, additional detailed analysis might be useful

to understand this relationship. It was found that 54.9 percent of respondents had

indicated they were concerned about web cookies, while almost a quarter of them

(24.8%) did not know what a web cookie was. Among those who were concerned about

web cookies, only 12 percent of respondents had never changed the cookie settings from

the default setting. This figure is low compared to the Indian survey 47%, (Kumaraguru

& Cranor, 2004) and 23% for Cranor, Reagle and Ackermans (1999) study as shown in

Figure 5. Although there is no relationship, this sample was seen to be most concerned

about web cookies with a higher percentage selecting warn about all cookies and reject

all cookies as compared to the above-mentioned surveys (see Appendix B for complete

count in %). It might be due to the fact that a number of websites require the use of

cookies in order to get access to information or to complete the purchase process.


33/49

Figure 5: Web cookies configuration reported by Malaysians compared with 2004 Indian Study and Cranor, Reagle &

Ackermans 1999 Survey (AT&T).

25

46

13

4

12

8

14

10

15

47

3

33

13

21

23

0 10 20 30 40 50

Reject all cookies

Warn about all cookies

Accept cookies from originating server

w ithout w arning

Accept cookies w ithout w arning

I have never changed cookie settings

% of respondents

Malaysia India AT&T

As per Figure 6, when respondents were presented with two scenarios in relation to two

choices, namely customised service and customised advertising, in which identification

numbers would be used to customise their pages such as providing name and postal

address for return visits, they appeared to be more accepting of the use of identification

numbers when they were provided customised service rather than when they were

provided customised advertising. It was found that 54 percent of respondents would

definitely or probably agree to the use of identification numbers provided by websites to

receive customised service. Only 40 percent indicated the same when asked about the use

of customised advertising.

Identification numbers are basically web cookies. It is interesting to note that while the

above scenario could have been posed using cookies, 54 percent of respondents would

definitely or probably accept identification numbers, while 54.9 percent were concerned


34/49

about web cookies. This may suggest that the respondents did not seem to understand

web cookies, and there is a need to do more to educate Internet users about them.

Figure 6: Use of user identification numbers stored in cookies that websites could be

used for specific purposes

When respondents were asked about the importance of certain features in a web browser,

they indicated that a trusted company, a privacy seal of approval, type of information

collected and an opt-out option were their most important concerns. When respondents

were asked to select only three items from the same list, trusted company, existence of a

privacy policy and existence of privacy seal of approval were ranked top in terms of the

level of importance (see Figure 7). Those categorised as the least important criteria were

duration of such information to be kept, and user identifiable from the information

collected.

To provide cus tomized service

Definitely

not

11%

Probably

not

17%

Not sure

18%

Probably

would

43%

Definitely

would

11%

To provide customized advertising

Definitely

not

15%

Probably

not

26%

Not sure

19%

Probably

would

33%

Definitely

would

7%


35/49

56

48

47

35

26

24

23

22

12

5

44

52

53

66

74

76

77

78

88

95

0 20 40 60 80 100

Trusted co mpany or o rganization

Privacy seal of approval

Privacy policy

Option to withdraw from the m ailing list

Type of informatio n kept in database

Type of info rmation want to co llect

Purpose of collect such information

Sharing of s uch informatio n with othercom panies/ o rganizations

Identifiable of the informatio n collected

Duration fo r the information will be kept

% of respondents

Important feature Least Important feature

Figure 7: Three Most Important Criteria of Privacy Practices

Surprisingly not many respondents were concerned with the practice of sharing

information collected by websites with other companies or organisations. This may be

attributed to the general belief that such personal information is unlikely to be misused by

a trusted company or organisation. The finding also showed that only 70 percent of

respondents would be more likely to get off a mailing list even though the website had a

privacy policy and would send additional pamphlets and coupons to them. It is also

evident that a means to opt out of the mailing lists of websites in the future is a feature

sought by the respondents.

VI. MANAGERIAL IMPLICATIONS

Trusted company or organisation

Purpose of collecting suchinformation

Duration of such information to bekept

User identifiable from theinformation collected

Type of information requested

Sharing of such information withother companies/organisations


36/49

The collection and use of online consumers transaction information is a common

practice among most businesses. The findings of this study show that Malaysian

respondents are highly concerned about their online privacy.

Moreover, the findings show that respondents are comfortable with a privacy policy.

Respondents are more likely to provide their names and addresses when they are

informed that website operators are not sharing their personal details with other

companies that sell products which they might be interested in. Therefore, the posting of

a privacy policy over websites and providing clear and valid information on the purpose

of data collection should be a pre-requisite condition observed by website operators.

Since the proposed Personal Data Protection Act is not yet enacted, the respondents seek

the assurance of online trust from website operators. Wang, Le and Wang (1998) argue

that a more consumer-oriented information privacy model will elicit commercial valuable

relationship, which should lead to a trusted relationship between online consumers and

companies doing business on the Internet. Similarly, if an Internet seal of approval is

proposed as a non-legislative method of ensuring online privacy standards, these third

party assurances would need to do more to educate Internet users.

It may be suggested that the awareness of the Internet users on their rights to control their

personal information may enhance their relationship with website operators. This may be

achieved if website operators adopt an opt-out policy regarding information exchange.


37/49

VII. LIMITATIONS & FUTURE RESEARCH RECOMMENDATIONS

This study is apparently one of the first online privacy studies in Malaysia. Obviously itcontains several limitations. Firstly, the sample of this study does not cover the entire

spectrum of Malaysian Internet users as the sample respondents are mainly from the

urban population. The study does not therefore provide a national benchmark on the

demographic profile data.

Another limitation of the study is the use of a single-item measure to assess the

dependent variable privacy concern. This single-item measure may not provide a

comprehensive measurement of the level of concern on privacy nor may it help determine

if consumers' concerns are in fact justified.

A 15-item scale for measuring information privacy concerns (Smith, Milberg & Burke

1996) was discovered after the collection of data for this study. The survey in this study

involved some scenarios. The length of these scenarios was long and participants were

subsequently asked to respond to situations involving the previous scenario. This might

therefore introduce some biases in some questions.

This study adapted a questionnaire by Cranor, Reagle and Ackerman (1999). Most of the

questions have also appeared in other privacy surveys (Westin, 1998; Harris, 2003;

Kumaraguru & Cranor, 2004). The results were mostly described and compared with the

above studies. The comparison may be limited due to the different types of environment.

The study has also not discussed the cultural aspects of privacy concerns.

Another limitation of the study lies in its measurement of the attitudes of respondents

towards online privacy concern in general. For example, consumers decision to purchase

items online may vary according some factors, such as product category and prices. The

findings also showed that trust was ranked among the top three in terms of the level of


38/49

importance, whereas trust-related factors were not examined in this study. Nevertheless,

all of the above limitations could pave the way for future studies.

A prime future research recommendation is the replication of this study. This is due to the

fact that the Internet population is continually changing. The survey reports that 56.7

percent have been accessing the Internet for more than 5 years while nearly three-quarters

claimed to use the Internet at least once a day (74.1%). Bellman et al. (2004) suggest that

as individuals gain more Internet experience, their concerns about online privacy tend to

decrease. This may suggest a bias in the current research results. In addition, the ICT

players are providing technological assurances to protect an individuals privacy concern,

for example, newer versions of e-mail applications have spam filters and software

application are available to protect anonymity online (Roy Morgan Research, 2004).

Another future research recommendation is the significance of cultural attitudes on

privacy issues. This study does not cover the topic in depth. Cultural attitudes may appear

to be an important dimension of privacy concerns as a topic in the existing literature

review. Therefore, it is worth pursuing further research in this field.


39/49

VIII. CONCLUSION

The way in which personal data is handled appears to be critical to Internet users in theB2C e-commerce environment. This exploratory study found that 94.2 percent of the

respondents are concerned about personal information privacy. Only one of the seven

hypotheses was substantiated. Some contentious facts were derived from this study. For

instance, while there was no relationship between web cookies and privacy concern, this

sample was concerned with web cookies, where a higher percentage had selected warn

about all cookies and reject all cookies. This sample seemed to be more comfortable in

providing personal information if there were a privacy law or privacy policy or even an

Internet seal of approval to protect respondents personal data. However, statistical

testing showed that the presence of legislation and an Internet seal of approval would not

influence an individuals privacy concern. On the contrary, the posting of a privacy

policy over websites should have a significant relationship to ones privacy concerns.

The findings also show some similarities to studies which have been conducted in recent

years in the USA. It appears that that some types of data were more sensitive to Internet

users than others, for instance, data relating to identification cards, credit cards and

names. In addition, the sharing of information with third parties was a major privacy

concern to the respondents. The replication of the examination of privacy concerns may

find new implications for various parties such as websites operators, third party assurance

and policy makers.

Finally, the study suggests that recognising consumers right to data control on the

Internet is an important step for website operators. A trust model approach will more

likely enhance a fair relationship between Internet users and website operators with

regard to personal information privacy.


40/49

REFERENCES

Aidman, A., 2000. Childrens Online Privacy. Educational Leadership. October issue

[Online] Available at: http://course1.winona.edu/lgray/el675/StuPrivacy.pdf

[Accessed 14 July 2002].

Attaran, M., 2000. Managing legal liability of the net: a ten step guide for IT Managers.

Information Management and Computer Security. Vol. 8, Issue 2. pp. 98-100.

Bauman, S., 2001. Privacy concerns related to distance shopping. Direct Marketing

Research Association, Wirthlin Worldwide [Online] Available at:

http://energycommerce.house.gov/107/hearings/05082001Hearing209/bauman.pdf

[Accessed 16 June 2002].

Bellman, S., Johnson, E. J., Kobrin, S. J. and Lohse, G. L. 2004. International differences

in information privacy concerns: a global survey of consumers. In Proceedings of

the International Telecommunications Society Asia-Australasian Regional

Conference. Perth, WA: Communication Economics and Electronic Markets

Research Centre. pp. 313-24.

Brown, M. and Muchira, R., 2004. Investigating the relationship between Internet privacy

concerns and online purchase behavior. Journal of Electronic commerce research.

Vol. 5, No. 1, pp. 62-70 [Online] Available at:


41/49

http://www.csulb.edu/Web/journals/jecr/issues/20041/Paper6.pdf [Accessed 2

January 2005].

Business Times (Malaysia), 11 April 2001. Personal Data Protection Act to safeguard

privacy, viewed on the 30 August 2004. Available from EBSCO Host.

CIA, 2005, The World Fact Book. [Online] Available at:

http://www.cia.gov/cia/publications/factbook/geos/my.html [Accessed 29 August

2005].

Campbell, A., 1997. Relationship marketing in consumer markets: a comparison of

Managerial and Consumer Attitudes About Information Privacy. Journal of Direct

Marketing. Vol. 11, No. 8; pp. 44-57.

Clarke, R., 2000. Beyond the OECD guidelines: privacy protection for the 21st century.

Available at: http://www.anu.edu.au/people/Roger.Clarke/DV/ PP21C.html or

http://privacy.gov.au/act/review/Att5-PP21C.pdf [Accessed 03 August 2003].

Childrens Online Privacy Protection Act of 1998 (COPPA), 2000. Journal of Internet

Law. January. pp. 22-3.

Cranor, F. L., Reagle, J. and Ackerman, S. M., 1999. Beyond Concern: Understanding

Net Users' Attitudes about Online Privacy,AT &T Labs-Research Technical Report

TR, Available at:

http://www.research.att.com/resources/trs/TRs/99/99.4/99.4.3/report [Accessed 30

September 2003].

Desai, M. S., Richards, T. C. and Desai, K. J., 2003. E-commerce policies and customer

privacy. Information Management and Computer Security. Vol. 11, No. 1. pp. 19-

27.


42/49

Department of Statistics (DOS) Malaysia, 2005. Key Statistics. [Online] Available at:

http://www.statistics.gov.my/english/frameset_keystats.php [Accessed 28 July

2005].

Godwin, J. U., 2001. Privacy and security concerns as a major barrier for e-commerce: a

survey study. Information Management and Computer Security.Vol. 9, No. 4, pp.

165-74.

Kolsaker, A. and Payne, C., 2002. Engendering trust in e-commerce: a study of gender-

based concerns.Marketing Intelligence and Planning, Vol. 20, No. 4, pp. 206-14.

Kumaraguru, P. and Cranor, F. L., 2005. Privacy in India: attitudes and awareness. InProceedings of the 2005 Workshop on Privacy Enhancing Technologies,

Dubrovnik, Croatia [Online] Available at:

http://lorrie.cranor.org/pubs/PET_2005.pdf [Accessed 30 July 2005].

Harris Louis and Associates and Westin, A. F., 1998. E-commerce and Privacy: What

Net Users Want. Hackensack, NJ: Privacy and American Business.

Harris Interactive, 2002. Privacy On and Off the Internet: What Consumers Want.

Available at: http://www.aicpa.org/download/Webtrust/priv_rpt_21mar02.pdf[Accessed 15 July 2005].

Harris Interactive, 2003. Harris Interactive Poll on Surveillance Issues. Available at:

http://www.harrisinteractive.com/harris_poll/index.asp?PID=365 [Accessed 15

January 2005].

Hine, C. and Eve, J., 1998. Privacy in the marketplace. The Information Society. Vol. 14,

No. 4, pp. 253-62.

Hoffman, D. L., Novak, T. P. and Peralta, M., 1999. Building consumer trust online.

Communications of the ACM. Vol. 42, No. 4, pp. 80-5.


43/49

Husnayati, H, Adam M. S. and Maram M. M., 2003. Towards an ethical e-commerce

practice: A review on Malaysian Websites. In Proceedings of the National

Conference on Information and Communication Technology. Kuala Lumpur: KICT,

IIUM October 21-22, pp. 185-202.

International Telecommunication Union (ITU), 2005. World Telecommunication

Indicators Database. 8th edn, CD-ROM version.

Madieha, I., 2002. E-Commerce and Privacy Issues: An Analysis of the Personal Data

Protection Bill, International review of law computers and technology. Vol. 16, No.

3, pp. 31730.

Internet World Statistic, 2005. Internet usage in Asia. Available at:

http://www.Internetworldstats.com/stats3.htm [Accessed 30 August 2005].

Lawrence, E., Newton, S., Corbitt, B., Braithwaite, R., and Parker, C., 2002. Technology

of Internet Business. Australia: John Wiley and Sons.

Lenhart, A., Madden, M. and Hitlin, P., 2005. Teens and Technology: Youth are Leading

the Transition to a Fully Wired and Mobile Nation. Pew Internet and American Life

Project. Available at: http://www.pewInternet.org/PPF/r/162/report_display.asp

[Accessed 10 September 2005].

Malaysia Communication and Multimedia Commission (MCMC), 2005. Facts and

Figures Statistic and Records. Available at:

http://www.mcmc.gov.my/facts_figures/stats/index.asp [Accessed 30 August 2005].


44/49

Malaysia Salary Guide (MSG), 2005. Available at:

http://www.kellyservices.com.my/res/content/my/services/en/docs/salary_guide_05.

pdf [Accessed 5 May 2005].

Malaysian Network Information Centre (MYNIC), 2005. Statistic. Available at:

http://www.mynic.net.my/ [Accessed 30 August 2005].

Milberg, S. J., Burke, S. J., Smith, H. J. and Kallman, E. A., 1995. Values personal

information privacy and regulatory approaches. Communications of the ACM.

December, Vol. 38, issue 12, pp. 65-74.

Milne, G. R., 2000. Privacy and ethical issues in database / interactive marketing and

public policy: a research framework and overview of the special issue. Journal of

Public Policy and Marketing.Vol. 19 (1), p. 1-6.

Miyazaki, A. D. and Fernandez, A., 2000. Internet Privacy and Security: An Examination

of Online Retailer Disclosures. Journal of Public Policy and Marketing. Vol. 19(1), pp. 54-61.

Miyazaki, A. D. and Krishnamurthy, S., 2002. Internet seals of approval: effects on

online privacy policies and consumer perceptions.Journal of Consumer Affairs.Vol. 36,

No. 1, pp. 28-49.

Multimedia Development Corporation (MDC), 2005. Websites. Available at:http://www.msc.com.my/msc/msc.asp [Accessed 30 August 2005].

Multimedia Super Corridor (MSC), 2005. Malaysian Cyberlaws. Available at:

http://www.msc.com.my/cyberlaws/ [Accessed 15 July 2005].


45/49

Nakra, P., 2001. Consumer privacy rights: CPR and the age of the Internet. Management

Decision. Vol. 39, No. 4, pp. 272-78.

National Broadband Plan (NBP), 2004. Connecting communities- Widening private

access. Slides presented at the Economic And Social Commission For Asia And The

Pacific.UNCC, Bangkok.

New Straits Times (Malaysia) 2003.Banks have to practice privacy. 3 July.

Phelps, E. J., DSouza, G. and Nowak, G. J., 2001. Antecedents and consequences of

consumer privacy concerns: An empirical investigation. Journal of Interactive

Marketing. Vol. 15, No. 4, pp. 2- 17.

Phelps, E. J., Nowak, G. J. and Ferrell, E., 2000. Privacy concerns and consumer

willingness to provide personal information. Journal of Public Policy and

Marketing. Vol. 19(1), pp. 27-41.

Rotenberg, M., 2004. Overview of Privacy; An International Survey of Privacy Law and

Developments. Privacy and Human Rights. Available at:

http://www.privacyinternational.org/article.shtml?cmd[347]=x-347-

82589andals[theme]=Privacy%20and%20Human%20Rightsandheadline=PHR2004

[Accessed 15 June 2005].

Roy Morgan Research, 2004. Community attitudes towards privacy. Report prepared for

the Office of the Federal Privacy Commissioner, Australia. Available at:

http://www.privacy.gov.au/publications/rcommunity04.pdf [Accessed 15

September 2005].


46/49

Sekaran, U., 2000. Research Methods for Business: A Skill-building Approach. USA:

John Wiley and Sons.

Singh, T. and Hill, M. E., 2003. Consumer privacy and the Internet in Europe: a view

from Germany.Journal of Consumer Marketing. Vol. 20, No. 7, pp. 643-651.

Spiekermann, S., Grosskiags, J. and Berendi, B., 2001. E-privacy in 2nd generation e-

commerce: privacy preferences versus actual behavior. In Proceedings of 1st E-

commerce Conference. Tampa, Florida, USA.

Stone, E., Gardner, D., Gueutal, H. G. and McClure, S., 1983. A field experiment

comparing information - privacy value, beliefs and attitudes across several types of

organisations.Journal of Applied Psychology. Vol. 68, No. 3, pp. 459-68.

Tam, C. J., 2000. Personal data privacy in the Asia Pacific: a real possibility,

computers. In Proceedings of the Tenth Conference on Computers, Freedom and

Privacy: Challenging the Assumptions. Toronto, Ontario, Canada, pp. 259-62.

Taylor Nelson Sofres (TNS), 2002. The Third Annual Global E-commerce Report.

Available at: http://www.tnsofres.com/ger2002 [Accessed 2 August 2002].

Upfront, 2004. Wanted: online privacy police. The Information Management Journal. 1st

January issue.

Wang, H., Lee, M. and Wang, C., 1998. Consumer privacy concerns about Internet

marketing. Communications of the ACM. Vol. 41, No. 3, pp. 63-70.

Warren, S. and Brandeis, L., 1890. The right to privacy. Harvard Law Review. Vol.4,

No. 5, pp. 193-220.


47/49

Westin, A. F., 1998. E-commerce and privacy: what net users want. Hackensack, NJ:

Privacy and American Business.

Westin, A. F., 1967. Privacy and freedom. New York: Atheneum Publishers.

BIBLIOGRAPHY

Ackerman, M. S., Cranor L. F. and Reagle, J., 1999. Privacy in E-commerce: examining

user scenarios and privacy preferences. InProceedings of the 1stACM Conference

on Electronic Commerce. November, Denver, pp. 1-8.

Carroll, K., 1999. E-commerce success may depend on online privacy. Telephony. Vol.

237, No. 17, pp. 46-8.

Corbitt, J. B., Thanasankit, T. and Han, Yi, 2003. Consumer perception and trust on the

World Wide Web. Journal of Electronic Commerce Research and Application.

Volume 2, Issue 3, Autumn, pp. 203-15.

Culnan, M., 1995. Consumer awareness of name removal procedures: implications for

direct marketing.Journal of Direct Marketing. Vol. 9, No. 2, pp.12-18.

Federal Trade Commission. Privacy policies on-line: Improving for Consumers.

Consumers Research Magazine. Vol. 82, No. 10, pp. 26-30.

Harris Interactive, 1999. Industry leadership group to tackle privacy concerns privacy

leadership initiative focuses on consumers: concerns about privacy and offers rapid

work plan. [Online] Available at:

http://www.harrisinteractive.com/news/allnewsbydate.asp?NewsID=113 [Accessed

12 June 2003].


48/49

Hinduja, S., 2004. Theory and policy in online privacy. Knowledge, Technology, and

Policy. Spring, Vol. 17, No. 1, pp. 3858.

Kandra, A., 2002. National security vs online privacy. Consumer Watch, PC World.

January issue.

Margulis, T. S., 2003. Privacy as a social issue and behavioral concept.Journal of Social

Issue. Vol. 59, No. 2, pp. 243-61.

Mack, B. 2002. Online privacy critical to research success. Marketing News.Nov. 25.

Miyazaki, A. D. and Fernandez, A., 2001. Consumer perceptions of privacy and security

risks for online Shopping.Journal of Consumer Affairs. Vol. 35, pp 27-44.

Moor J., 1997. Towards a theory of privacy in the information age. In Van Den.

Hoven, M. L., Ed., 1997. Proceedings of The Conference on Computer Ethics:Philosophical Enquiry: CEPE 97. Rotterdam: Erasmus University Press. pp. 40-9.

Nowak, G. and Phelps, J., 1992. Understanding privacy concerns: An assessment of

consumer information related knowledge and beliefs. Journal of Direct

Marketing. Vol. 6, No. 4, pp. 28-39.

Nyshadham, E. A., 2000. Privacy policies of air travel websites: a survey and analysis.

Journal of Air Transport Management. Vol. 6, pp. 143-52.

Ramus, K. and Nielsen A. N., 2005. Online grocery retailing: what do consumers think?

Internet Research.Vol. 15, No. 3, pp. 335-52.


49/49

Stead, B. A. and Jackie, G., 2001. Ethical issues in electronic commerce. Journal of

Business Ethics. Vol. 34, No. 2, pp. 75-85.

Stone, E. F. and Stone D. L., [year unknown] Privacy in organisation: theoretical issues,

research findings and protection mechanisms, in Research in Personnel and

Human Resources Management, Vol. 8, pp. 349-411.

Tweney, D., 1998. The consumer battle over online information privacy has just begun.

InfoWorld. Vol. 20, No. 25, p. 65.

Waak, E., 2002. The global reach of privacy invasion. The Humanist. November and

December issue [Online] Available at:

http://www.thehumanist.org/humanist/articles/waakND02.htm [Accessed 11 July

2005].

Wang, P. and Petrison, L.,1993. Direct marketing activities and personal privacy: a

consumer survey.Journal of Direct Marketing. Vol. 7, No. 1, pp. 7-19.

Westin, A. F., 2003. Social and political dimension of privacy. Journal of Social Issues.

Vol. 59, No. 2, pp. 431-53.

Privacy Over the Internet Malaysia

Documents

Transcript of Privacy Over the Internet Malaysia