How Organizations Protect Customer Privacy


Personal Privacy Information has been regarded as a crucial issue when eCommerce transactions are discussed. With increased reports of data and identity theft, virus attacks and hacking, customers are worried when they have to give personal information on the Internet. Consequently, organizations are faced with the responsibility of ensuring that customer’s personal information is protected and this assurance helps to gain customer confidence. The paper has researched how organizations protect customer privacy, how much they depend on technology for protection and the effect that increased protection has on the customer. A semi-structured 21 questions survey instrument was used to survey 20 respondents from banks, financial institutions, insurance companies, and the results were analyzed to find the best practices in the industry. The paper finds that organizations used advanced techniques such as firewalls, 128-bit encryption, and security seals to protect customer’s information. The paper also suggests that organizations also use security policies for employee monitoring and proper corporate culture along with HRM policies to ensure that their employees also participate in the effort.


Personal Privacy information is an individual’s ability to access and control their personal information concerning the collection, use and transfer” (Milberg, 2005). Personal privacy or the right of an individual to protect his privacy is often a contradiction with the confidential, copyright and security policies that organizations implement in the workplaces and in dealing with customers. There are two aspects of privacy and one deals with staff who are employed in an organization and another that deals with customers’ personal information that an organization controls (Jamal, 2003). This is often a touchy issue and the moot question is not if an employee is allowed privacy, but rather how much personal privacy can be enjoyed. While it is understood that employees are allowed privacy in their personal affairs, an organization is at risk when the unrestricted exchange of information is allowed to pass between staff within an organization and by staff and people outside an organization. For customers, various privacy information acts have been passed that guarantee individuals certain recourses and measures to protect personal information from being sold or accessed by other parties or individuals (Liu, 2006).

The Privacy Act of 1974 was passed for the protection of individuals and the act had some rules and regulations that specified how information about individuals could be shared or revealed by organizations and federal agencies. Personal information refers to data such as social security numbers, bank account details, medical records, credit evaluation, criminal records, contact details and so on. This information is personal and can be used by others through identity theft methods or misused in other ways to obtain fraudulent loans and other such criminal acts. In addition to identity theft and various criminal acts that can be perpetrated by criminals, the role of the state in misusing information personal information to settle personal scores and inhibit the role of people opposed to certain political goals has also come to the fore (5 U.S.C. 552a, 1974).

Hence, the subject of personal privacy has assumed a lot of significance in recent years. This paper would attempt to evaluate the Management Making Decisions to Protect Privacy and Personal Information within Financial Institutions, Banks, Home, and Fortune 500 companies.

Rationale Behind the Research

Peltier (2007) reports that personal privacy has assumed great importance in Internet-enabled businesses that deal with products and services offered through online services. Setting up an eCommerce website has become relatively easy since a website can be designed and hosted with very little cost. While organizations such as eBay and Amazon are regarded as trusted sites, there are thousands of small companies with a web presence who hope to sell their products through the Internet, that lack the reputation and trust that big companies have gained. The author points out that smaller companies face crises of authenticity and customers are wary of giving out their personal information such as credit card numbers and bank account numbers.

Culnan (2007) reports that there is a great concern among individuals about venturing and transacting online business due to the fear of Phishing. With media reports about identity thefts and theft of credit card information, users have become increasingly vary about online e-commerce transactions. The whole model of e-commerce is built on trust and if websites cannot be trusted, then the whole concept of e-commerce is in jeopardy. The author reports that consumers feel more confident about a site that has some sort of a privacy seal or one that offers secure 128-bit encryption. The absence of such symbols raises doubts among customers and such sites may receive very little business.

Technology is obviously the key to provide enhanced security. But will technology offers protection against external threats, what about the internal security threats from an organizations employees. Liu (2006) has conducted some preliminary research among a number of organizations into using security policies for employees. Merely frisking or conducting body searches or looking into the handbags of employees when they depart from the workplace is on no use as far as information theft is concerned. To obtain the bank account numbers, credit card numbers and the passwords, one does not require a brief case. Very valuable data can be downloaded into USB drives that have memories of more than 8 GB. Data can be stolen and sent through corporate email accounts that are given to employees and mobile phones with cameras can take pictures of the records. There are many more ways in which employees can steal data so, there is a need for security policies that covers employees. This does not mean that employees are thieves and dishonest, but a security policy that is uniformly applied will take care of many issues related to internal security besides reassuring customers that their data is safe.

Again, the use of technology for preventing data and identity theft are not enough. When natural or man made disasters strike a data processing center, what is at risk is not physical computers, cables and buildings but records and details of thousands of customers. In any given day, credit card transactions and financial transactions for a large bank or financial institution runs into million of records. When a disaster strikes, the assets in the particular location would be destroyed and along with the assets, the bank account information and other statements would be lost. Such a loss is irreplaceable in today’s e-commerce driven world and within seconds, a person who has saved for his retirement would find that he does not have any money left. This is where disaster recovery planning systems – DRP, come into the picture. With a proper DRP system in place, organizations take periodic back up of the transactions and store the data in different locations. The probability of similar disasters striking all the regions at the same time and destroying all the assets is very remote. Therefore, DRP systems become part of the overall strategy for protecting personal privacy of customers (Rothstein, 2007).

The section has shown the rationale and importance of research for the areas of: technology, security policies, DRP systems privacy seals and secure encryption methods and how customers views about secure sites influence their decision to enter e-commerce transactions. It is proposed that the research questions will cover these areas.

Problem Statement

Given the extensive nature of the subject, as discussed in the rationale for research section, the problem statement would be inclusive of a broad range of topics that cover personal privacy information. The statement would later be expanded to focus on each facets in the research questions.

Organizations today face a huge problem of lack of credibility about the security of the e-commerce application. With media reports about identity theft in circulation, it would seem that their fears are partly justified. Many of the organizations would be competing with brick and mortar companies for sales and these old generation companies have a physical presence in the form of buildings, staff and so on and customers would trust them more than faceless organizations that only have a website. In spite of this barrier, e-commerce has made a strong inroads and the whole business runs on the trust. With incidents of identity, theft and hacking increasing customers lose trust and then the whole concept of e-commerce will fail. Now comes the issue of personal privacy information and this is a type of trust for the customers and what can organizations do about protecting the personal information (Luo, 2007). Therefore, the issue of personal privacy information would form the core area of the research. The core problem statement would be about retaining personal privacy information.

After defining the core problem, the solutions required to address the problem assumes importance and various issues then crop up. Some of them are related to technology, employees of an organization and whether buying patterns increase if there is evidence that the web site is secure. These are further expanded in the section on research questions.

Purpose Statement

The purpose of the research is to create a body of knowledge that would address important issues related to ensuring personal privacy information of the customers. The research would examine the type of technology that organizations use; types of security policies used to monitor employees; whether it is only technology that can ensure personal privacy information protection and customers reactions and patterns of transaction and personal information sharing once they know that the site is secure.

With adequate research in the form of literature review and best practices followed by organizations, the paper would frame certain conclusions that would shed more light on personal privacy information protection of customers. It is hoped that organizations would refer to the thesis and take appropriate measures to enhance security and assure customers.

Research Questions

Developing the research questions was developed after a through literature review to understand the current state of research. The core area of the research and the problem had been identified as personal privacy information and its various impacts. Keeping the objective in mind, the following main research questions were constructed. The questions were posed in such a manner that a questionnaire could be designed to provide the required answers and to find support through literature review.

  • How are privacy protection technology perceived by individuals?
  • Do current technologies protect consumer’s financial information?
  • What are the circumstances of loss of privacy or personal information to consumers?

The above questions were the primary research questions. However, they are very broad based and it would have been difficult to obtain suitable answers to them that would meet the research objectives. To answer the above questions, a few more secondary research questions were constructed and these would be answered through literature review and survey instrument.

  • What are the systems and best practices used by organizations?
  • Control and monitoring of employees of an organization is a recurring question. What kind of security policies is used on employees?
  • How do organizations ensure that in case of natural disasters and man made disasters, personal information of the customer is protected?
  • What are the details of DRP systems used?
  • What are the different types of threats for personal privacy information protection?
  • What are the different features of security policies used by organizations and how do organizations place restriction on information handling, information sharing, viruses, password security in organizations, restrictions on email use policy. This is a tricky question as organizations have to protect customer’s information as well as ensure that security policies do not unduly restrict employees from carrying out their tasks.
  • Nature of privacy information collected by organizations from customers.
  • Privacy information statements opt out options for customers and how customers perceive them.
  • Use of software technology applications such as third party seals, embedding cookies, use of 128-bit encryption, implementation details of firewalls, use of mirror servers
  • Confidence level among organizations about the technology used for protection

The above questions and their versions would occur in the survey instrument and some of the questions required explicit quantitative responses while other required a qualitative analysis. The main questions and the secondary questions represent the boundary of the research. Attempts would be made to obtain answers to them from literature review as well as from the survey instrument.

Methodology Used

The paper has used a combination of qualitative and quantitative research methods to conduct the research. The student first began by studying a number of publications such as trade magazines, news reports, books and peer-reviewed journals to understand the extent of the subject personal privacy information, which is a very vast domain with hundreds of niche practices and terms. After a through review of the domain, a number of key words related to privacy and personal information were noted. These key words were again searched to understand their overall impact on personal privacy practices and a long list was prepared to create a list of key words that would be used in the research. The list was again refined to form a shortlist of final words and headings that were representative of common personal privacy information practices across all industries. Using these key words, databases such as ProQuest, Questia, books, corporate resources, Internet and other sources were searched to find documents that would be considered for the study. The search also yielded a number of organizations that had successfully implemented personal privacy practices. The documents were perused to obtain a final set of headings and then a method was used to extract the required ideas from the documents and rewrite the ideas and content to form different chapters. In the course of writing, important notes and points of an article were noted and these would be later used in the conclusions chapter.

A quantitative research methodology was used by interviewing a number of key personnel, to find their views about personal privacy information and the methods and systems used by their organizations. A semi structured questionnaire was used to elicit their responses and an understanding of how they maintain privacy in their organization. These results have been documented in the chapter on best practices for privacy protection and in the chapter on research findings.

How the thesis is organized

The thesis has a number of chapters and these are arranged as per the following structure:

Chapter 2. Personal privacy information and threats – literature review: The chapter has discussed various issues related to personal privacy information and threats for personal privacy information protection.

Chapter 3. Methodology: Provides an extensive discussion on various methodologies used in conducting research. Methods such as qualitative, quantitative and various data gathering processes have been discussed.

Chapter 4: Best Practices for personal privacy information Protection: Best practices used in the industry for disaster recovery planning and security policies for employee behavior and monitoring are discussed in this chapter

Chapter 5: Research Findings: The paper presents an analysis of the survey findings and discusses responses for each of the 21 questions that were applied to the respondents. Certain inferences were drawn for each of the question responses.

Conclusions: The chapter privies a conclusion of the overall paper including the literature review and the research findings.

Personal Privacy Information and Threats – LITERATURE Review

The advent and increase use of the Internet has changed the manner in which business is conducted and organizations can quickly reach a vastly larger market and customer base, that was not possible a couple of decades back. To carry out marketing activities as well as provide service, organizations collect, store, retrieve and exchange personal information of customers. Some examples of personal privacy information include age, gender, address, income, spending patterns, number of children, personal lifestyle and tastes, type of car driven, what goods the customer buys and so on. The customers provide this information when they buy products or services from companies, when they sign up on different websites to receive newsletters and information and when they register on websites to avail offers and discounts. Over a period, an organization feels more and more tempted to make use of this information to take up focused marketing activities. With easy access to information databases, other companies or individuals also are tempted to access this information and they can obtain it by either paying an organization or buying the data or by using illegal means to break into the database or hack into the customer’s computer and obtain the information. Therefore, personal privacy of individuals and even organization becomes very relevant in the current context (No, 2007).

With increased concerns of privacy, eCommerce activities, that offer a competitive advantage to companies, often has come under a sharp scrutiny and a balance has to be created between the competitive advantages that an organization has with the customer data and the need to protect personal privacy. To grow in an increasingly competitive business environment, organizations have to improve their customer retention and also create strong relationships with customer by providing personalized services by using the personal information of customer and accordingly, they must ensure that customers privacy concerns are met. Researchers have examined the impact of privacy concerns on customer and organizations since the last ten years and have identified a number of issues that are concerned with Internet privacy. Desai (2003) has examined organizations practices with respect to the privacy policy disclosures on their websites; Earp (2007) has researched the relation between privacy concerns and customer behavior and has examined the relation between factors that affect privacy concerns and customer behavior. While a major part of the research can be regarded as anecdotal and there is a need to understand how organizations would address the concerns of customers for privacy and how behavior of customers response to the organizations actions and influences on online customer behavior.

About Personal Privacy Information

The concept of personal privacy and information is discussed in this chapter and topics such as how companies gather personal information, what the laws say about privacy and other topics are discussed in this section.

Understanding Personal Privacy

Burgoon (1982) suggests that privacy covers various dimensions such as physical, psychological, social and information. The thesis related to information privacy and this is an individual’s ability to determine what, when and how his personal information would be used or release to another person or an organization. Others have defined privacy as ‘the claim of individuals, groups or institutions to determine for themselves when, how and to what extent information about them is communicated to others’. Bellotti (1997) defined privacy as the ‘capability to determine what one wants to reveal and how accessible one wants to be’. When privacy is associated with e-commerce, the concept of privacy is related to personal information and the invasion of privacy is regarded as unauthorized gathering, use and transfer of personal information as a direct result of e-commerce transactions (Milberg, 2005). The flow of information and data in computers is required for business transactions and it plays a key role in such transactions. People do tend to give their personal information and exchange data for some social and economic benefits and they may disclose their personal information after assessing the risks of disclosures. They estimate if their personal information would be used fairly and if they would have to undergo harmful consequences.

Privacy related issues in eCommerce would depend on the context in which information is revealed by customers and how it is used by organizations. There are different dimensions of privacy information and mere contact details such as email ID, address and even telephone numbers cannot be regarded as very sensitive. However, information such as credit card details, health records such as medication, treatment, ailments and other such information can be regarded as very confidential. Patients who make online purchases with credit cards and patients in hospitals do not have the opportunity to make false statements. Similarly, customers who trade on the stock market or those who deals with banks and financial instruments would not give false information. Hence, such records are regarded as more critical and accurate (No, 2007). Following figure illustrates the framework for privacy information.

 Privacy Information Framework (No, 2007)
Figure 2.1. Privacy Information Framework (No, 2007)

As seen in the above figure, Internet privacy has three perspectives, government perspectives, company perspective and customer perspective. Government perspective uses a regulation approach and there are many factors the affect government regulation. There is an interaction between the company and government as well as between customer and government. Customer perspective has many factors that affect companies privacy practices while customer behavior is affected by privacy dimensions that in turn are regulated by a number of factors that affect customer privacy.

Westin (2003) argues that individuals can be divided into three groups: privacy fundamentalists, privacy unconcerned and privacy pragmatists. Privacy fundamentalists are the ones who are very concerned about the use of their personal information and are not willing to provide their information. Privacy unconcerned groups do not have much reservation about giving out their personal details. Privacy pragmatists are concerned but not as much as privacy fundamentalists and may give information as and when needed. Milne (1999) pointed out that users concerns about their privacy depended on the industry that they interacted with and banks, credit card, telephone, insurance, financial markets, generated high privacy concerns. Main factors that influence privacy concerns are the type of information required such as demographics and financial data and the use for the information such as secondary use and sharing information with third parties. Factors that influences users privacy concerns include the trustworthiness of the company such as reputation and previous experience, customer motivation and if any rewards or gifts would be obtained by giving personal information. Liu (2006) reports that many websites provide a privacy policy and there are no industry differences in the use of privacy policies to address customers privacy concerns. The US Federal Trade Commission – FTC provide for four privacy principles and they are: fair information practices; notice and awareness; access and participation; choice and consent and security and integrity (FTC, 2008).

Understanding Companies Privacy Perspective

Growing awareness and concerns among consumers about privacy have made organizations to develop customer focused privacy policies and practices. Liu (2006) analyzed web sites of 497 Fortune 500 organizations and found that the majority of them provide a privacy policy while some do not. Jamal (2003) studied privacy disclosures of eCommerce companies and the effectiveness of opt out practices that are related to Notice and Awareness and Choice and Consent privacy principles. The authors point out that the actual privacy practice of the sites are related to the state privacy policies and that there are differences among countries with respect to the form of data request and information provided in privacy disclosures. They found that in US, web sites give more information about the security of information that UK and French sites. While European sites collect data during transactions and are transaction based data request, US sites are more focused on intrusive approaches such as data request through pop up windows. Sarathy (2006) introduced a model of factors that influence privacy strategies that incorporate the environmental context, ethical perspective and firm specific considerations. The model suggests that an organizations privacy strategy is affected by its environmental context such as culture, history and the existing and pending legislation. The strategy is also influenced by the ethical frame of the firm and top management and the firm specific factors such as the information intensity of the business, experience of the firm and the corporate culture. Cost benefit analysis also plays a role in the privacy strategy adopted by the organization. A company may adopt different strategies depending on the analysis of economic benefits and the cost of compliance. The author also points that disaster recovery planning – DRP practices form an important aspect of the personal privacy protection. The idea behind including DRP in the personal privacy information is that when a disaster strikes, personal records of the customers should not be lost and they should be made online within the shortest period.

Third Party Security Seals

The issue of Third Party Seals for enhanced security of websites has often been mentioned during discussion on privacy of online customers. Organizations use different Third Party Seal prograns to ensure consumer trust in a website. Some types of programs are BBBOnLine, TRUSTe seal, Trust-Guard, McAfee Hacker Safe, COMODO, Merchant-SAFE TRUST eSEAL and others. Organizations such as HackerSafe offer PCI scanning of the server gateway and find vulnerabilities in the organizations servers and would block all hacking attempts. They act as smaller versions of firewalls, but at the gateway level and when a hacker attempts to launch an attack, the software verifies and authenticates the server from where the hacker has attempted to gain access. Routine requests are allowed but access requests to ports is not allowed. Other companies such as BBB Online attempt to verify the street address of eCommerce companies to find if they are genuine or just a front. However, verifying the address is all BBB does and it does not verify if the site where the customer enters information is secure and private or not. Other companies such as Trust-Guard verify individual site verification by ascertaining the SSL Security Certificate to find if it is expired or vulnerable. Customers feel more confidence in providing their private information when they see security seal logo on a website (Cook, 2006).

 How companies gather personal information

Organizations gather information about customers in a number of ways and the easiest methods is when customers register or order products and services. When such transactions are conducted, customers have to give their contact details and the credit card information if billing process has to be completed. Along with the basic questions, there would also be sections such as ‘tell us about yourself’ where the customers would be asked more information about their income, expenses, tour and holidays preference and so on. This method gives organizations a database where they collect and store information and it would be expected that the information would be only used by the company to sell its own products and most of the companies are genuine and have no intention of committing a fraud or attempting to Spam the customers mailbox. In other cases, organizations attempt to capture the IP address and with the IP address, it is possible for an organization to view and track the behavioral patterns of the customer. In such cases, organizations attempt to find the URLs of web pages visitor and the sequence of pages that the customer has visited but contact details of the user cannot be found. Another approach is to embed Cookies when users visit a website. The Cookie is a small text file of less than 1 Kb in file size and can be found in the path C:Documents and SettingsusernameCookies. It would contain information that the web server stores in the uses computer and helps the server to identify the user. The Cookie allows web pages to be loaded faster when the user visits the same website again and also helps to automatically login when a check box such as ‘Remember me on this computer’ is selected when a user logs in. So, the Cookie is designed to be a helpful aid in faster browsing and so that users do not have to enter their login details every time. However, the users behavior and preference are tracked and stored in the cookie so that when a user sets certain features such as my favorites or history of last visits, these are available. Organizations can access the cookies and obtain information about the customer’s preferences, likes, needs and it allows them to provide customized services. However, Cookies can also be misused and potential virus and Trojans can be stored in the guise of a Cookie. Other methods are asking customers to fill in a printed form and submit it at retail stores and this is later given to a data entry operator so that they can enter the details in the organizations database (Zogby. 2007).

Many of the practices noted above would be regarded as legal and designed to improve customer service, as long as the company retains the information. However, privacy concerns arise when the information is sold to other organizations or hackers steal this information from an organizations database.

Internet Privacy Concerns

ECommerce companies have to surpass very low entry barriers and with far lower startup costs, when compared to traditional brick and mortar companies, eCommerce companies are easier to start. However, for the organization to be successful, it must obtain large number of personal records and services so that they can provide better and personalized services. The current trend among customers is to provide one to one communication and personalized services. Moreover, development in IT have made it possible to capture personal information at the point of sale and also to track customers behavior. By using sophisticated sand very cheap software, it is possible to track the keystrokes and mouse clicks of customers as they browse a website. This type pf tracking provides companies the knowledge of customer behavior and know about the web pages that customers have viewed and the actions they performed when they visited a web page. Such tracking does give organizations a certain competitive advantage and the potential to increase sales, but it also raises issues related to privacy. If the process of gathering customer private information is not regulated, then there are dangers and concerns about privacy and customers private information can be used for illegal purposes and could harm their personal life. Organizations can procure personal information from customers by offering free email, customized shopping or news, free advice and tips of health, trading, stock market and so on. These companies can then trade sell or even share information with other third party companies without obtaining the customers express consent and in such cases, customer privacy can be broken (Stewart, 2005).

Methods to deal with Privacy Concerns

While self-regulation and honesty by organizations is the best method to address privacy concerns, this is not always the case with unscrupulous and often underground websites that operate in the underground regions of the Internet. Government regulations, rules and laws along with industry regulation and privacy enhancing techniques are the best method to deal with such issues. Countries such as UK, Canada and Germany have brought in privacy legislations that govern the information gathering use and transfer of users privacy information and also transfer of such information to other countries that have yet to adopt privacy protection legislation. Other countries such as US are more liberal about the self-regulation and expect the industry to be self-regulated. Under the self-regulatory method, each organization is responsible tp decide the degree of information that is obtained and used to develop its own privacy policy statement that is aligned to the industry guidelines. Government agencies come into the picture only when there are great breaches of policy. The third methods relies on technology such as the platform for privacy preferences – P3P and Anonymizer to safeguard customers privacy. P3P is a protocol that is used to implement privacy practices and is used to implement privacy practices by blocking websites and automatically notify users who would click on a user, if the website’s privacy policy is not as per the specified privacy preferences and then the user can decide if he still wants to open the site. Anonymiser is a software that allows users to visit websites with total anonymity so that their personal information is hidden from the websites that users browse. However, some amount of expertise and familiarity is needed to make use of these software applications (Luo, 2007).

Threats for personal privacy information protection

With globalization and increased use of the Internet for personal and business communication, means and methods by which personal privacy information is compromised is increased many times over. The section discusses various methods and means by which personal information is compromised. Very often, the victims are not aware of the problems until they find that somebody has stolen their identity and misused their credit card information.

Security is a subject that needs to be thoroughly understood by the Internet users and any organization that uses the Internet for communication and eCommerce. Internet Users and organizations are faced with a barrage of security threats every day they log on to the Internet. Potential security risks include: Virus attacks; Trojan Horses; Key loggers; Adware; Spyware; Browser Helper Objects; Spoofing; Session hijacking; Spam; Phishing; Credit card fraud and Identity theft and identity fraud (Lammle, 2005).

Virus attacks

The definition of a ‘virus’ has slightly changed over the life cycle of computers and the Internet, more by user perception than anything else. A computer ‘virus’ is commonly regarded as a malicious software program with the characteristic feature of being able to propagate, and through this propagation the ‘virus’ has the propensity to spread between like or disparate systems. Typically, a majority of computer ‘viruses’ initiate a function or task, this function or task can either be benign or destructive in nature, depending on the intention of the computer ‘viruses’ author (Lammle, 2005).

Trojan horse’s

As the name implies, a ‘Trojan horse’ is a malicious piece of code hidden away in a benign software package. In a ‘site penetration attack’ performed for a particular company, for example, a key logging program was hidden in a ‘birthday flash card’ and sent to a targeted user via a spoofed email address. In less than 45 minutes after sending the ‘birthday flash card’, the ‘attacker’ had received the first parcel of data. This parcel included the administration user name and password of the targeted user’s computer environment. There is a subtle difference between a ‘virus’ and a ‘Trojan horse’ – where a ‘virus’ is designed to propagate, a ‘Trojan Horse’ is not. (Tipton, 2006).

Key loggers

There are two types of key loggers:

Hardware key loggers: A hardware key logger is an electronic device that is usually inserted between the keyboard port of the computer and the keyboard. It is designed to capture the keystrokes of the unsuspecting user in an effort to discover secured information such as username and password. In today’s environment, these devices tend to be more difficult to detect. There are quite a few hardware key loggers available on the open market, such as: Keyghost Professional SE, which discreetly disguised as a EMC balun; and Keyghost Security Keyboard (Pro SE), which is an all in one device (Tipton, 2006).

Software key loggers: Like their hardware key logger counterparts, software key loggers have the capability to capture the key strokes of an unsuspecting user. Today’s software key loggers have several similar traits: Can easily be installed covertly; Require very little memory to run; Require very little CPU utilization; Have the ability to hide from the Microsoft operating system’s ‘Task List’ and ‘Uninstall List’. They may have added functionality, such as: Screen capture; Remote control ‘system take over’ solutions and Audio and video capturing software. To make matters worse, key-logging software is readily available for free download from the Internet. Such software includes: LKL Linux Key Logger; Tcleo Linux Kernel Key Logger; Home Key Logger; Regload Key Logger and Tiny Key Logger. A search of ‘download free key logger’ through reveals 1,758 unique pages allowing the user to download software to ‘Check on your Spouse and Kids’ (Tipton, 2006).


‘Adware’ is software that has the capability of hijacking an unsuspecting user’s Internet session. Once the Adware package has hijacked the user Internet session it will typically present targeted advertisements to your computer screen. Most ‘Adware’ solutions will install themselves on to an unsuspecting users system covertly, or as part of a free or commercial software installation. The ‘Adware’ solution, typically, will track the unsuspecting user’s Internet browsing habits and forward this captured data to the ‘Adware’ author’s central data server (Lammle, 2005).


Spyware is any software package that uses the unsuspecting user’s resources, such as their Internet connectivity, without their knowledge. Similar to ‘Adware’ the ‘Spyware’ package will collate and transmit data collated from the users Internet habits, such as: Internet sites frequented; Users IP address; Users MAC address; Username and passwords; Computer system environment and A list of users on that particular system. Like ‘Adware’, ‘Spyware solutions will install themselves on to an unsuspecting user’s system covertly, or as part of a free or commercial software installation (Tipton, 2006).

Browser Helper Object

A ‘Browser Helper Object’ is a component that Internet Explorer will automatically load upon starting. The ‘Browser Helper Object’ has the capability to detect system events and messages, object environment events, display additional information and monitor messages and actions. The ‘Browser Helper Object’ is also able to change the configuration of Internet Explorer. This capability, if exploited by an intruder, can redirect the user to a potentially fraudulent website whilst the user believes they are logging into a genuine eCommerce or eBanking site (Tipton, 2006).


Email spoofing is the term used to describe an email, which appears to have originated from a trusted known source, being sent to the user from a different source. Email spoofing is typically instigated when the originator of the spoofed email is endeavoring to deceive the recipient into providing some form of intelligence, such as: Company technical information i.e. IP range and hardware configuration; Bank account numbers, username and passwords: Administration username and password; Social security number; and Personal details (Lammle, 2006).

Session hijacking

Session hijacking is the term used to describe when an intruder takes control of a user’s Internet or network connection after the user has been successfully authenticated in an eCommerce or eBanking web session. Normally, the intruder would have taken control of a session ID either by capturing the session or by ‘brute force’, which is a security term that implies an attack that requires trying known combinations until the correct combination is discovered. This type of attack can only happen while the user is still occupying the session in question. When the session has been successfully hijacked, the attacker automatically inherits all the privileges and access that would normally be attributed to the original session owner (Lammle, 2006).


The proliferation of Spam or unsolicited bulk email messages has become a costly hindrance for eCommerce, eBanking and Internet users. A recent Spam questionnaire, conducted by Fallows (2005) from Pew/Internet, found that 28 percent of users with a personal email account say they are ‘getting more Spam than a year ago’; while 52 percent consider Spam to be a ‘big problem’. Typically, there are three types of Spam (Tipton, 2006):

Intentional – Intentional Spam is the act caused by mass marketing emailing companies sending bulk emails advertising some type of product or service. Although after the CAN-SPAM Act became law in the US this should have abated, in truth the spammers have been sending Spam via alternative countries who do not subscribe to Spamming Laws, or are using automated spamming bots (Tipton, 2006)

Automated spamming bots – communally known, as ‘bots’ – are unintentional Spam. This occurs when an unsuspecting user inadvertently downloads a ‘Trojan Horse’ that takes over the users personal computer and sends bulk emails out to various emailing lists; and Manually driven – this type of Spam is probably the most senseless and easiest to prevent. Manually driven Spam is in essence your joke email, stating that if you do not forward to 10 friends, you will have bad luck, or the email that states that there is a terrible virus on the loose and that the information should be emailed to everyone in the recipient’s address book (Tipton, 2006).

Following figure illustrates that, in some ways, Spam is having an effect on the way users perceive the Internet. According to Fallows (2005), 52 percent of Internet users feel that Spam is becoming a major concern and 67 percent of email users feel that their overall Internet experience is becoming tainted by Spam. Parents are becoming distrustful of email, finding that although the receipt of pornographic material has decreased since 2003, 63 percent still frequently receive unsolicited pornographic emails. However, the figure also indicates that approximately 20 percent of people surveyed were receiving less Spam. This could be because MNC’s and ISPs have now implemented ‘Spam filters’ within their email infrastructure that deletes the majority of Spam prior to reaching the users inbox.

Spam and its effects (Fallows, 2005)
Figure 2.1. Spam and its effects (Fallows, 2005)


One of the most recent security threats effecting eBanking is ‘phishing’. Phishing can be described as a fraudulent act in which the potential hacker sends an email to an end-user with the representation that the email originated from a legitimate establishment, such as a bank. The objective, however, is to gather personal information from the end-user with the intention of using it for fraudulent purposes. A phishing attack can only succeed if the user clicks on the supplied URL and updates their personal and banking details as instructed. One of the reasons why phishing has been so successful is that the user will see that the site they have been redirected to ‘looks and feels’ like their normal eBanking site, but in reality this site is a facsimile. This is achieved by the hacker interchanging letters from a different character set for the legitimate character in the site name; for example, could be shown as www.Ønlineß The website to which the user is directed is normally an exact facsimile of the real website. The user is normally oblivious to this deception as the URL is embedded within the source of the email and all they see is the real text version of the URL. Although phishing is a recent phenomenon in eBanking, it has already reached disquieting proportions. In June 2004 phishing and identity theft had already exceeded an estimated US$ 2 billion, with the finance industry becoming anxious that this could be just the tip of the iceberg. As recently as June 2008 there were 799 known active phishing websites (Litan, 2006).

According to Favier (2007), it seems that the longer the user has been an eConsumer, eBanker or Internet user, the more aware of phishing they become, as shown in the following figure and table. Phishing awareness can be achieved much earlier within the user life cycle if eCommerce and eBanking organizations are proactive and sponsor ‘Internet security awareness programs’. Already some proactive eBanking organizations, such as the ANZ Bank in Australia, have security bulletins presented to the user prior to arriving at the eBanking front page, and after logging into the eBanking site, which inform them of current security threats.

Users concern with phishing (Litan, 2006)
Figure 2.1. Users concern with phishing (Litan, 2006)

Following table shows the top reasons for people not adopting Internet for transactions.

Online tenure (years)
2 3 4 5 6 7 8+
Not apply online for a financial product 36 % 35 % 25 % 29 % 22 % 14 % 15 %
No longer open emails that say they are from my financial provider 28 % 22 % 18 % 18 % 18 % 17 % 15 %
Not enrolled in eBanking or pay bills 24 % 23 % 22 % 17 % 17 % 14 % 13 %
Stop using eBanking or paying bills 18 % 15 % 15 % 11 % 12 % 11 % 9 %

Table 1.1. Users Concerns with Phishing (Litan, 2006)

Credit card fraud

Another security threat is credit-card fraud, which is a growing problem for Internet businesses. Litan (2006) stated that during the 2002 holiday shopping season Internet merchants in the US lost nearly $500 million due to fraudulent orders. The author also argued that online merchants face a risk of fraud that is 19 times higher than that faced by their bricks-and-mortar counterparts. Despite these inherent risks and the increased visibility given to identity theft and fraud stories by the news media and financial services advisors, consumers are increasingly turning to the Internet for their shopping.

While concerns about fraud are increasing, most consumers feel that they are doing their part by using ‘secure’ passwords. Litan (2006) reported that while 84 percent of users felt that their passwords were at least somewhat secure, only 44 percent of respondents never changed their passwords. The longer a consumer has been shopping online or using eBanking, the more likely they are to change their passwords. The author reports that European banks spend, on average, two to three times more per eBanking customer on fraud prevention technologies than their American counterparts. The annual amount lost to eBanking fraud in Europe pales in comparison to the combined budgets banks devoted to prevention. European banks will continue to spend heavily on prevention technology, primarily because of their cultural attitudes towards the perceived risk, and the potential damage to their brand image from any fraudulent incident.

Identity theft and identity fraud

‘But he that filches from me my good name robs me of that which not enriches him and makes me poor indeed.’ (Shakespeare, 1605: Othello, Act iii Scene 3). Identity theft and identity fraud refer to all types of criminal activity in which an unauthorized third party unlawfully obtains and uses another person’s personal data in some form of fraud or deception. A potential attacker can use any of the aforementioned security threats to commission an act of identity theft and identity fraud, such as: Open bank accounts in the victim’s name; Take out personal loans; Apply for credit cards; Access superannuating details; Apply for passports, identity cards and driving licenses; Purchase firearms and Money laundering, terrorism financing and other illegal activities. Once a person has had their identity stolen, it could take many years, often at considerable cost to the victim, to clear their name (McCall, 2007).

According to McCall (2007), identity theft accounts for nearly 60 percent of all fraudulent incidents that are reported by the banking industry. Of these fraudulent incidents, between 8 and 20 percent originate from some type of Internet fraud or hacking incident. The author remarks that in just over 10 years Internet fraud has become the third highest instance of fraud worldwide and is, on average, growing by 33 percent annually. This is also illustrated the following figure, which breaks down the fraudulent patterns by type and banking institution size.

Banking fraudulent behavior breakdown 2007 (McCall, 2007)
Figure 2.1. Banking fraudulent behavior breakdown 2007 (McCall, 2007)

Above figure also makes evident that differing fraudulent activities are more prevalent within the differing types of banking institutions. Internet fraud is more prevalent within the smaller community banks and identity theft accounts for approximately 60 percent of all international banks’ fraudulent activities.

Combating the security threats

Mulpura (2008) states that ‘unlike the American market which predominantly uses a username/password combination to authenticate its consumers, European banks have deployed a great variety of strong authentication solutions to serve both corporate and retail users’. Methods of authorization and authentication include a TAN list, software PKI, symmetric keys with hardware token and hardware PKI. A multitude of banks today still wrongly believe that the confidentiality of their customer’s personal and banking information is protected with just the use of a User ID, Password and Secure Socket Layer (SSL) 128 bit encryption. All it takes is for a simple key logger to be installed on your computer system and a would-be hacker has total control of your eBanking. Today you do not have to be an expert hacker or coder to write a key logger program. There are tools on the Internet that allow any ‘script kiddie’ to click a few boxes and create powerful key logging Spyware.

Today, the banking industry is taking great pains to ensure the security of their customers by implementing more secure eBanking models. These include token devices with eBanking login procedures that will bring a higher level of security to customers than traditional methodologies. To logon to his or her eBanking site the customer requires a token (small calculator type device) that normally has a six-digit number, which changes every 60 seconds and a four-digit PIN to unlock the token. The token authentication method has provided a higher level of security between the user and the bank. However, a user’s session could still be easily hijacked by a potential hacker. To combat ‘Session Hijacking’ it is standard practice to create a ‘two-factor authentication’ system i.e. the token security authentication is coupled with a ‘challenge – response’ authentication model for all eBanking sessions. This means that for every financial transaction the user will have to confirm his identity and transaction by generating a new password for each transaction from his or her token. This way, ‘Session Hijacking’ would be avoided as each password can only be used once. Although this ‘two-factor authentication’ model has provided much more secure eBanking, some banks have thought it prudent to push security levels to a higher plain. For example, the Mitsubishi Tokyo Financial Group recently announced that they would be releasing a new Visa credit card that will encompass a biometric verification system. The aforementioned techniques and solutions provide a higher level of awareness but are not 100 percent foolproof (Mulpura, 2008).

There are other solutions that can be used by the eConsumer and eTrader alike to protect their environment from potential security threats, these are (Tipton, 2006):

Firewalls – can be either software or hardware that are placed between the user’s computer system and the Internet. Typically for an eConsumer this could be a software firewall, such as Zone Alarm that is installed on their computer system. The eTrader would normally opt for a more sophisticated hardware-based firewall configured in a ‘Demilitarized Zone’ (DMZ) style configuration. A DMZ is a part of the network where non-mission critical services are housed, such as the organizations web server. The DMZ normally has two or more firewalls separating it from the Internet or public side and mission critical systems on the private side of the network (Tipton, 2006).

AntiVirus – this can either be an appliance or a software solution, whose purpose is to detect malicious programs designed to exploit or damage the potential host’s environment. These solutions detect these malicious programs by a detecting the virus signature, a pattern within the virus program’s code, and quarantines or deletes the virus (Tipton, 2006).

AntiSpyware – this can either be an appliance or a software solution, whose purpose is to detect malicious programs designed to capture information and report to a central host. These solutions detect these malicious programs by a detecting the Spyware signature, a pattern within the Spyware program’s code, and eradicates it (Tipton, 2006).

Training – an important security deterrent is education. Both the eConsumer and eTrader need to understand what potential threats could affect their environment and what proactive preventative methods they should take to minimize them (Tipton, 2006).

Awareness – the eConsumer needs to realize that there are possible threats that can impinge on their eServices experience. Common sense is the most valuable weapon to fight potential security threats. For example, if as an eConsumer you receive an email or phone call asking for personal details i.e. bank account number, user name or password, ALWAYS check with your security department or your financial institution before handing over any details. The appropriate response should always be no (Tipton, 2006).


The thesis will undertake both primary and secondary research to answer the objectives that were framed in the fist chapter of the thesis. The term Methodology refers to the approach taken for the research process, from the theoretical framework, hypothesis to gathering and analyzing of data. The term method refers to the various means by which data can be collected and analyzed. The methodological assumption is concerned with the process of the research, from the theoretical underpinning to the collection and analysis of the data (Silverman, 2001).

Qualitative and Quantitative Methods

Studies that use data cover areas of economic study, unemployment, health of the economy, scientific study, patterns of demography and others. Different type of data is collected using methods such as databases, reliable government studies, secondary research published in peer reviewed journals, experiments, observations, interviews and others. Data that is collected can be designated into two basic categories, quantitative and qualitative. This also formulates what type of research a study will be conducting: quantitative or qualitative. Denzin (2000) described quantitative research as “the research which gathers data that is measurable in some way and which is usually analyzed statistically”. This type of data is mainly concerned with how much there is of something, how fast things are done, and so on. The data collected in this instance is always in the form of numbers. In order to obtain quantitative data, one should have a specific framework about what has to be researched, what should be known, types of inputs that are admissible and so on. Such as approach can help in designing the questionnaire, make observation and so on. Denzin also defined Qualitative research as “the research that gathers data that provides a detailed description of whatever is being researched”. Both types of research have their supporters and detractors and while some claim that quantitative research is much more scientific others argue that qualitative research is required to examine a specific issue in depth.

Researchers who support that quantitative research argue that numerical data can be statistically analyzed and in this way it can be established whether it is valid, reliable and whether it can be generalized. By using numerical data, these numbers can be used to compare between other studies, which also use the same numbers, the same scales, etc. With qualitative research it is not so easily possible to achieve this result, as no specific method or scale of measurement is kept. This is the main disadvantage of qualitative research, as their findings cannot be generalized to larger populations with a large degree of certainty and validity. The reason that this happens is because their findings are not tested and evaluated statistically in order to establish whether they are due to chance or whether they are statistically significant and to what extent. Another advantage of quantitative to qualitative research is that qualitative research is descriptive and many times subjective too, as it depends on the researchers perspective or how the research registers certain behaviors. Another researcher conducting the same study may observe the qualitative data, which is given in a completely different way. Quantitative research does not show this disadvantage as all the data is in the form of numbers and, therefore, it may be translated in only one possible way, that which is given from the objective value of each specific number. However, Qualitative research has many advantages to offer too, which are not offered through quantitative research. It is usually through such type of research that a rich, in-depth insight can be given into an individual or a group, by being far more detailed and by recognizing the uniqueness of each individual. This type of research realizes the importance of the subjective feelings of those who are studied. For example, qualitative research on success factors of OPEC or research on barriers to oil price formations may often give rise to breakthroughs and insights which could not be acknowledged through the rigidity of quantitative experimental designs. Qualitative research analysis does not have to fall into the pitfall of being ‘forced’ to have all its values into certain numerical categories. It is clear that not all phenomena can always be adequately assigned a numerical value, and when this does happen, they lose much of their naturalistic reality. Qualitative research can simply describe a data for what it actually is without having to assign it to a number. Qualitative research can give attention to occurrences, which are not so common. For example, it is very difficult to find enough participants to conduct statistical correlations between nations on women being more accident prone and indulging in rash driving because women will not be willing to be used for such studies. In such cases, quantitative research is impossible and it is only through qualitative research that such cases can be examined in depth and conclude to specific findings and results (Byrne, 2002).

Qualitative Methods

The paper has used a number of primary data gathering techniques for considering research. This chapter provides information on the primary methods used.

 Data Gathering

Gathering data is a very important phase and due consideration must be given for the time frame of the research.

  • Single and Multiple Methods

It is not possible to recommend a single data collection method for each project since each project would have different requirements. In such cases the use of multiple methods is essential. Multiple methods by using survey instruments, review of documents to understand the project is recommended as it gives a better overview of the data. Such methods also highlight the errors between different methods and the occurrence of bias by a specific method is reduced. In some cases, the use of multiple methods is possible when the project requires large analysis spread across multiple sites. Also multiple resources require more manpower, resources, and these are usually available for larger projects (Denzin, 2000).

  • Selecting Data Sources

Selection of the source of data or the reliability of the information repository is as important as the selection of the method. Data can be obtained from government bodies, NGOs, institutions such as UN, Databanks, etc. It has been suggested that some type of data sources are friendlier when the proper data collection method is used. An example is the use of surveys to asses the satisfaction of parents since the instruments can be sent by mail to busy parents. It is also essential to use different data sources and while projects may have some previous information and data analysis done, a proper audit of the programs used in the project and data available through prior research, needs to be done. Such measures will ensure that the load on data collection would be lessened (Byrne, 2002).

  • Sample Selection

The sample to be researched largely determines the data collection method that is used. Surveys are better suited when used to obtain information from participants; while focus groups would require a different method since the groups are diverse. The sample size would also depend on the project requirements and the group that has to be studied. While considering large number of subjects is best since the results are more reliable, the costs of studying such large samples increases. If the project has sufficient budget allocations, then it is possible to include larger samples and members in the study (Byrne, 2002).

  • Cost Considerations

Cost is an important aspect for research projects and choosing the method for data collection depends on the budget. For tasks such as running observations, program and project document review can be achieved with lesser costs but tasks such as the design of the survey instruments, administering the instrument to subjects and analyzing the results would need the help of an external evaluator. In some cases, staff would have to be sent for training. When standard tests and analysis is to be used, some external staff and experts may have to be involved. For storing and archival of data, software would have to be used so that the data can be analyzed as required. Since project budgets tend to be smaller in the initial stages, effort should be spent in creating a number of data collection instruments and tools with a view to fulfill future requirements as the program evolves and moves across different phases (Byrne, 2002).

It is important to have adequate controls for research projects and the selection of the control would depend on the research objective. Control of critical independent variables is important to ensure that the variable that has been selected would create the required effects in the dependant variable. Researchers face problems where it is difficult to control all independent variables because of the very nature of such variables. In addition, by attempting to study and control all such independent variables would make the study very large, complicated and unmanageable. Researchers take up such variables that may be deemed relevant to the study and their distribution across different comparison groups are studied by using randomization methods. In many cases, when such independent variables are not controlled, there is cause for arguments between different sets of researchers. In many cases, studies from other researchers are replicated since a researcher feels that the research did not consider certain uncontrolled variables and lead to inconsistent results. Such failures and failings are usually regarded as errors and only called as frauds when it can be proved that the original researcher deliberately and knowingly ignored some aspects of data during the analysis. Failure to instill correct methods of observation or control of different independent variables would lead to loss of reputation for the researcher and the research community regards any future activities undertaken by the scientist with suspicion. When faced with a deluge of random variables that cannot be controlled, it is best to shift the research to another perspective, reframe the research question or focus on any important and key aspect that would remain unaffected by such variables. At the beginning of the publication and research findings, it is best to declare such occurrences or misgivings and gaps under the heading such as ‘Limitations of the study’. This section should clearly explain what has been studied and what has been omitted (Freiman, 1978).

Research does not end with completing research work but should also be supported by informing other researchers and members of the research community about the findings, observations and conclusions that were formed. Other researchers may respond by giving critics and reviews and comments about the quality of research, inclusion or omission of certain datasets, methods used and so on and such critiques should be taken in the right spirit. Where required, the researcher should pick up important criticisms and use them to support other experiments and research. In such cases, the bias of the experimenter would tend him to make observations that would favor certain parameters or areas. If observers and the research guide notice such a bias, they should point out the anomaly areas. The researcher should then take cognizance of the observers and attempt to correct the direction of the research and any failure to take the required steps would result in the researcher being guilty of misrepresentation and misconduct. This is a serious offence and the researcher should quickly consult appropriate authorities and issue clarifications and take up corrective actions. When a researcher is faced with such accusations, these comments tend to ruin the reputation and any future research that he takes up, are ignored by reputed publications and authorities. Moreover, such blacklisted researchers would find it difficult to obtain funding and even teaching assignments and it may spell the end of their careers (Lock, 1984).

The sample size used in research has always created disagreements and controversies. Various issues such as ethical issues and statistical problems arise and these need to be addressed properly. When very large sample data sizes are used, the ethical issue of wasting resources will arise while selecting a smaller size will create another ethical issue. When the research objective is large, then a difference that is statistically significant may be observed even with a smaller sample. But the difference that is statistically significant may happen when a smaller sample size has been used and such differences to do emerge and also when there is actually no difference. Freiman (1978) reported that a study on clinical trials that showed negative results for certain parameters for the effectiveness of a treatment. However, after the results were further examined it was found that because of the small sample size, 50% of the results and method used were not adequate to cover 70% of the improvements. Many researchers when faced with shortage of resources or when they find that bigger sample size is not available or would take too much time tend to use smaller samples in the hope that the size is representative of a wider section of the data. Nevertheless, in many cases, this is misleading and researchers would be held responsible of major errors that were caused due to ignorance rather than due to misconduct. In research, ignorance does not lead to a researcher being free of mis-representation charges and such practices cannot be excused (Freiman, 1978).

A very important area for research is to select the parameter and variable that has to be observed. Researches use a structured method in which hypothesis are first framed, experiments are then designed and then results from the experiments are collated and analyzed and these form the basis for results and conclusions. The results form the basis and the report and thesis is based on the results and this is the recommended process. However, often, some researchers use the services of students and other post graduate students who are given instructions on the experiment. The main researcher would create a bias when he tells his associates about what he expects to find and the conclusions and results he expects from hiring the students. The students on their part feel duty bound to make observations that are as per the instructions informally give and the researcher would further refine the results and take up results that best fit his goals, ignoring anomalies that in some cases are serious. Such research is unethical because the method has attempted to create bias and the researcher has taken up only those results that he wants. The researcher is expected to make an observation of all results and present them in the findings (Jackson, 1984).

The researcher should be able to anticipate future events and needs to have plans set up for various scenarios that may hinder the project. Experimenter bias tends to have an effect on observations and researchers are to some extent susceptible to such errors and not all of them can be called as frauds but at the same time, the research has an objective and a purpose that constrain the project in the proper direction. However, problems arise when researchers are bent on proving or disproving a certain set of results and take all measures to ensure that the results favor their need. This often happens in economic studies when the researcher wants his results to point out certain patterns in demographic studies, fiscal studies and study of natural resources. Researcher would in some cases want to prove that a certain natural resource such as oil, coal, natural gas have not proved beneficial to the economy. In some cases, researchers may unwittingly fail to observe a particular result that was required. A researcher should keep an open mind and sit back every now and then to understand the pattern of results and see where the observations are heading (Neher, 1967)

The researcher Mishkin (1998) has argued that when researchers are not able to or not willing to produce primary date, then one should suspect that the data did not exist at all. The author suggests that such unwillingness may point to a fraud in the experiment but also suggests that some legitimate reason may also be the cause. The author suggests that researchers should take backups of their results in computers and in different logbooks. In some cases, when researchers are working on projects that have high importance or when there would be high commercial impact, they would not be willing to give out data that may be publicized and impact their chances for recognition. But the author suggests that this behavior is not acceptable and data should be given to agencies that provide the funding, university and schools that support the research and other stakeholders in the project. In such cases, the authorities need to make the research aware of the consequences of refusing to reveal data and assure the researcher that the data would be handled with the appropriate amount of security. The author also recommends that data should be preserved for as long as needed since it may be required for any future research that may be undertaken (Mishkin, 1998).

Data Interpretation

While gathering data is one part of the research, interpreting data is very important. Different classifications are used to identify data. Variable: A variable is an item of data and some examples include quantities such as: gender, test scores, and weight. The values of these quantities vary from one observation to another. Types and classifications are: Qualitative-Non-numerical quality; Quantitative-Numerical; Discrete-counts and Continuous- measures (Silverman, 2001).

Qualitative Data: This data describes the quality of something in a non-numerical format. Counts can be applied to qualitative data, but one cannot order or measure this type of variable. Examples are gender, marital status, geographical region of an organization, job title, etc (Silverman, 2001).

Qualitative data is usually treated as Categorical Data. With categorical data, the observations can be sorted according into non-overlapping categories or by characteristics. As an example, apparel can be categorized as per their color. The parameter of ‘color’ would have certain non-overlapping properties such as red, green, orange, etc. People can be categorized as per their gender with features such as male and female. While selecting categories, care should be taken to frame them properly and a value from one set of data should belong to only one type of category and not be able to get into multiple categories. Analyzing qualitative data is done by using: Frequency tables, Modes – most frequently occurring and Graphs- Bar Charts and Pie Charts (Silverman, 2001).

Quantitative Data: Quantitative or numerical data arise when the observations are frequencies or measurements. The data are said to be discrete if the measurements are integers e.g. number of employees of a company, number of incorrect answers on a test, number of participants in a program. The data are said to be continuous if the measurements can take on any value, usually within some range (e.g. weight). Age and income are continuous quantitative variables. For continuous variables, arithmetic operations such as differences and averages make sense. Analysis can take almost any form such as Create groups or categories and generate frequency tables and all descriptive statistics can be applied. Effective graphs include Histograms, stem-and-Leaf plots, Dot Plots, Box plots, and XY Scatter Plots with 2 or more variables. Some quantitative variables can be treated only as ranks; they have a natural order, but these values are not strictly measured. Examples are: age group (taking the values child, teen, adult, senior), and Likert Scale data (responses such as strongly agree, agree, neutral, disagree, strongly disagree). For these variables, the differences between contiguous points on the scale need not be the same, and the ratio of values is not meaningful. Analyze using: Frequency tables, Mode, Median, Quartiles and Graphs Bar Charts, Dot Plots, Pie Charts, and Line Charts with 2 or more variables (Silverman, 2001).

Data Analysis

Graphs Used for Categorical/qualitative Data are (Tufte, 2001):

  • Pie Charts

A circle is divided proportionately and shows what percentage of the whole falls into each category

These charts are simple to understand.

They convey information regarding the relative size of groups more readily than does a table.

  • Bar Charts

Bar charts also show percentages in various categories and allow comparison between categories.

The vertical scale is frequencies, relative frequencies, or percentages.

The horizontal scale shows categories.

Consider the following in constructing bar charts.

all boxes should have the same width

gaps between the boxes (because there is no connection between them)

boxes can be in any order.

Bar charts can be used to represent two categorical variables simultaneously

Graphs for Measured/Continuous Data

  1. Histograms
  2. Stem and Leaf
  3. Box plots
  4. Line Graphs
  5. XY Scatter Charts (2 variables)
  • Histograms

Histograms show the frequency distributions of continuous variables. They are similar to Bar Charts, but in ‘pure form,’ they are drawn without gaps between the bars because the x-axis is used to represent the class intervals. However, many of the current software packages such as Excel do easily not make this distinction (Tufte, 2001).

The data is divided into non-overlapping intervals (usually use from 5 to 15).

Intervals generally have the same length

The number of values in each interval is counted (the class frequency).

Sometimes relative frequencies or percentages are used. (Divide the cell total by the grand total.)

Rectangles are drawn over each interval. (The area of rectangle = relative frequency of the interval. If intervals are not all of the same length then heights have to be scaled so that each area is proportional to the frequency for that interval.

  • XY Scatter Chart

This type of chart should be used with two variables when both of the variables are quantitative and continuous. Plot pairs of values using the rectangular coordinate system to examine the relationship between two values.

  • Basic Principles for Constructing All Plots

Data should stand out clearly from background

The information should be clearly labeled and include:

title axes, bars, pie segments, etc. – include units that are needed to interpret data scale including starting points.

Source of data should be identified, as appropriate.

Do not clutter the graphs with unnecessary information and graphical components that are really not necessary.

Do not put too much information or data on one graph.

Sometimes, you have to try several approaches before selecting an appropriate graph.

To describe data, consider the following.

Shape of the Distribution


Modality: most frequently occurring value

Unimodal or bimodal or uniform




Extreme values

In interpreting graphs, consider:

Horizontal and vertical scales; what is the relationship – are the distances between, for example, 10 and 20, the same on each axis? A no answer may distort the interpretation.

The center point – of particular importance in comparing two histograms. Look at the starting point of the vertical scale – does it start at 0? How could this affect the interpretation of the data?

Time Series Analysis

The movement of oil markets and macro economic indicators are best performed by using a time series analysis. In this technique, the following points should be noted (Tufte, 2001):

Time series data form a sequence of analysis and measurements that use certain non-random orders. Analysis of time series data is done by assuming that successive readings in the data show consecutive measurements that have been taken at equally spaced time intervals (Tufte, 2001).

Time series analysis has two main goals and they are predicting future possible values of the time series variable) and in identifying the properties of the process that is defined by the sequence of observations. Both these objectives need to have that the pattern of time series data is identified and formally described. After the pattern is proven, then the data is interpreted and integrated with other sets of data and employed in the theory of the phenomenon that is being studied. Some examples include seasonal commodity prices, inflation, consumer price index and so on. By using proper techniques and methods, an accurate forecast of future trends can be projected (Tufte, 2001).

In time series analysis just as with other types of analysis, it is presumed that data is made of a systematic pattern that can be described in terms of trend and seasonality. Trend stands for a general systematic linear or non-linear component that would undergo change over a period of time and would not repeat in the time range captured by data so that there is no plateau followed by a time range of increased growth (Tufte, 2001).

There are no standard methods and techniques to identify trend components in the time series data. It can be stated that as long as the trend is monotonous and made of consistently increasing or decreasing components, a part of data analysis is relatively easier to follow. If considerable errors exist in the time series data, then smoothing should be adopted as the first step in the method of trend identification (Tufte, 2001).

Time series is best used in analysis of economic indicators, prices of oil, performance of the share market and other such phenomenon that sees regular movements. If data of a few years is available, then it can be subjected to analysis to find out how a particular indicator has behaved over the years. If multiple indicators are available for a certain number of years, then a comparative analysis of different indicators can be done. This would mean that the value of one indicator such as crude rate or the rate of inflation could be used a base reference and analysis done to see how it has effected other indicators (Tufte, 2001).

Design of Questionnaire

Oppenheim (1992) points out that Questionnaire design is one of the most important phases of the research project and it provides the researcher a means to ask focused questions that are relevant to the project. The responder may have extensive experience and learning’s but the researcher wants replies in a very narrow area of the responder’s expertise or views. Hence, the questions should be structured with the single goal of the research in mind. The questionnaire is not supposed to work in isolation but it has to be synchronized with the research goals and objectives. The replies that would be expected should be such that they could be appropriately categorized and grouped so that further analysis is possible. When the research project deals with a small group of people with common interests and job, as in the current research project, then the task becomes easier but focused. The aim of the questionnaire is to focus on micro groups within the responders and ascertain their impression about the issues at hand. The effort here is to split the group into the smallest possible sub groups so that the views and interpretations of all responders are considered. If the questionnaire was for marketing research such as the buying preferences of shopper in a shopping mall, then the effort is to find larger groups among the customers.

Oppenheim (1992) points that there are different types of questionnaire such as structured, semi-structured and unstructured. In structured questionnaires, there is an exact order and wording for the questions. The order in which the questions are presented would also be defined. In addition, there would be predefined and exact answer choices for the responders. Some examples of such questions would have yes or no fields, certain designations to select, predefined choices for the satisfaction levels such as entirely disagree to total agree and so on. The structured questionnaire brings uniformity for the research and ensures that replies do not stray or too many vague elements that are subject to interpretations do not occur. Structured questionnaire would have values associated for each score and for each question and this allows the replies to be evaluated using statistical methods and software. However, since the subjects cannot express their true feelings, the satisfaction and dissatisfaction becomes restricted to numbers and scores and some researchers have objections to such structured questionnaire. Semi-structured questionnaires has different types of questions that would have predefined answers and also questions where the participant can give the required responses in their own informal manner. The order of the questions and the type of questions would be the same and it is felt that the semi-structured questionnaire more flexible than structured questionnaires. The responses also reveal more information and hidden feelings from the responders. However, the issue of commonality is deprived from the responses and many of the answers would be subjected to interpretations from the researcher who could interpret the responses in different ways. Oppenheim argues that when the issues being researched are subjective and cannot be defined qualitatively, then such questions have to be used, rather as a last resort rather than as the first choice.

Research Paradigms

The researcher used the longitudinal study approach for the collection of the primary research. Longitudinal measurement are certainly important for the successful evaluation of the primary date and this approach is not always feasible the learning cycle may span great lengths of time, although in this case the researcher believed that longitudinal measurements were relevant to gauge the quality of the primary data especially when the research is conducted in department that is experiencing growth. By taking a cross sectional measurement, assessment, of the courses is enabled by assessing the experience to date. The rational between choosing a longitudinal study over a cross sectional study is because we are not able to estimate the quick changes and trends found within the field. Typically, the research design, methodology and approach are driven by the research question being scrutinized. Corbin (2007) infers that depending on the field or research that there may be several research approaches and methods that are considered appropriate; this is a view, which is also shared by Creswell (2003). The research paradigm will influence the selection of an appropriate research method and approach by the researcher of which they could choose either qualitative or quantitative research, in some cases, as stated by Creswell, (2003) mixed method procedures which incorporate both elements of qualitative and quantitative research are obtaining a level of validity within academia where it has aspired to a level of legitimacy within the social and human sciences. In this section, the researcher discusses several alternatives from which may be chosen to conduct primary research Tashakkori (2003).

The paradigm adopted in any research has important implications for methodology decisions. Corbin (2007) identify that there are three paradigms evident, which are, the: Positivist paradigm; Interpretivist paradigm and Critical theory paradigm.

Positivist paradigm: The ‘Positivist Paradigm – Positivism’, as stated in Pachauri (2006), sees social sciences as an:

Organised method for combining deductive logic with precise empirical observations of individual behavior in order to discover and confirm a set of probabilistic causal laws that can be used to predict general patterns of human activity“.

The objective mentioned above can be achieved by verifying for causal relationships and regularities between the fundamental elements. The author suggests that there are two major approaches in research, these being scientific and Interpretivist. The scientific approach is based on empirical study, which corresponds with the intransient nature of positivism. Positivism has been the dominant paradigm of research. 97 percent of the academic research, which was conducted within the United States of American, corresponded to the positivism paradigm. While paradigms have imprecise boundaries and include numerous variations, common themes for each paradigm can be identified (Pachauri, 2006).

Firstly, positivist research is based mainly on deductive style of reasoning, as used in natural science. In other words, it is hinged on the understanding that the world phenomena description is reducible to observable facts and mathematical relationships. The positivist paradigm focuses on numerically measurable events and scientific study. Such research is often concerned with hypothesis testing and is used to find natural laws that can be used to forecast and control certain events.. Fact and evidence are two words primarily associated with the positivist paradigm. The positivist paradigm utilizes quantitative data where data is collected through experiments, questionnaires, content analysis or existing statistics. While the accuracy and high reliability of a positivist approach is clear, criticism concerning the depth of understanding gained. Arguments against positivism and in support of the Interpretivist paradigm are based on quantitative methods producing artificial and sterile results. These results are argued to be incapable of representing the complexity of social realities. People are reduced to numbers and abstract laws and formulas are arguably not relevant to the actual lives of real people and have low validity (Fichman, 2004).

The Interpretivist Paradigm:: Interpretivism, as defined by Corbin (2007) is the:

systematic analysis-of socially meaningful action through the direct detailed observation of people in natural settings in order to arrive at understandings and interpretations of how people create and maintain their social worlds.”

Interpretivism is related with the theory of hermeneutic), which emphasizes detailed examination and assessment of text, which could refer to written words. This paradigm is more established in research in Europe compared to the United States of America. In contrast to positivism, the Interpretivist paradigm is particularly concerned with qualitative data. This data is rich and can be examined for social meaning. The qualitative approaches take the stance that information about the world’s phenomena when reduced to numerical form, loses most of the important information and meaning. In other words, Interpretivism does not try to generalize from a carefully selected sample to a specified population but rather to develop deep understanding, which may then inform understanding in other contexts. Methodologically, research within the Interpretivist paradigm uses small samples, open ended questions, unstructured interviews, individual case studies, diary methods, participant observation and the like. Research using these techniques has high construct validity and realism, however is more suited to theory generation. As with the positivist paradigm, the Interpretivist approach, however, possesses weaknesses. It is difficult to replicate interpretivistic work because the data and findings are socially constructed between the respondents and researcher/s. Positivist criteria of validity and reliability cannot be easily applied. Rather truth and trustworthiness are used as criteria and are observed through different means (Corbin, 2007).

The Critical Theory Paradigm: Critical theory is derived from the works of Marx, Freud, Marcuse and Habermas. Critical theorists disagree with what is viewed as the anti-humanist and conservative values of positivism and the passive subjectivism of Interpretivism. Critical theorists go beyond seeking understanding of an existing reality and critically evaluate the social reality being studied in order to implement improvements to it. Their aim is to achieve change (Neumann, 1991). Research may result in strategies to reveal contradictions, empower subjects and initiate action. Critical theory is receiving increased attention from Information Systems researchers (Doolin, 2002).

Selected Research Paradigm: This study is based in the positivist paradigm. The research asks target respondents questions in a written questionnaire to collect objective statistical data. In terms of data collection, there is no manipulation of the situation, with respondents answering numerous questions in a short period. The data when obtained is expected to be precise with high reliability, so that when measures are repeated, the findings have comparable results (Carroll, 2000).

Despite its shortcomings, the positivist approach is well matched to the objectives of this study. Techniques that will be utilized to gather evidence and impact the manner in which analysis of the evidence would be done. Some of the following approaches are predominantly positivist while some may be used with either phenomenological approach.

Research Methods of the Positivist Paradigm: Carroll (2000) provides a list of methods or tactics suitable for all types of business and management researchers. Researchers have to know these approaches and their characteristics, as they will influence the Forecasting Research techniques that will be utilized for evidence collection and influence the way in which analysis of the evidence would be done. Some of the following approaches are predominantly positivist while some may be used with either phenomenological approach.

Forecasting Research: Forecasting research tends to be associated with mathematical and statistical techniques of regression and time series analysis (Armstrong, 2001). This type of research may also be regarded as falling under the heading of mathematical simulation. These techniques use historic evidence to make projections and this approach is high quantitative in which mathematical models are fitted to empirical data or evidence points. This research method was not chosen as it attempts to establish relationships between different sets of historical evidence and to understand why these relationships exist.

Futures Research: Futures research provides a way of considering and developing predictions although not as mathematical or technical as, but at the same time similar in intent to, forecasting research. Unlike forecasting, futures research has a forward orientation and thus looks ahead, rather than backwards, using Delphi studies, scenario projections and other techniques. Futures research is rather used in technology forecasting, business trend analysis and other specialized areas. Similar to forecasting research, this method is not suitable for the purpose of this study (Evangelos , et all, 2007).

Simulation and Stochastic Modeling: Simulation and stochastic modeling may be defined as a domain of study in which the input variables and the manner in which they interact is generally known to an uncertain level of accuracy. In other words, stochastic modeling is employed in areas that cannot be analyzed by deterministic or analytical treatment. Simulation is used in areas where formal mathematical relations have to be evaluated with a number of assumptions. This is used in business management research only when mathematical modeling has to be done (Nelson, 2003).

Case Study: Yin (2002) regards a case study in much the same way that the natural scientist regards a laboratory experiment. The author suggests that “the case study approach is an umbrella term for a family of research methods having in common the decision to focus on an enquiry around a specific instance or event”. More formally, a case study can be defined as “an empirical enquiry that investigates a contemporary phenomenon within its real life context, when the boundaries between phenomenon and context are not clearly evident, and in which multiple sources of evidences are used” (Yin, 2002). In a case study, the researcher examines features on many people or units, at one time or across periods. It uses analytical logic instead of numerical statistical testing. The researcher will select one or a few key cases to illustrate an issue and study them in detail. Case study gives a multi dimension view of different events and factors such as corporate political issues, relationships, influencing patterns in specific contexts can be obtained. The researcher can do so by using combined sources of collection of information and data such as interviews, archives, and observation and survey instruments. However, based on this research strategy a researcher is an observer and a large number of variables are involved with little or no control. Outcomes deriving from a case study can be either qualitative, quantitative or both. Given the time and resources available, a longitudinal study is not feasible. Therefore, the case study method was not chosen for this study.

Experimental based Research – Laboratory and Field: Experimental research uses the logic and principles found in natural science research. Experiments can be conducted in a laboratory under controlled conditions typically in a specifically designed setting or a purposely-equipped laboratory, conversely depending on the research it could be conducted as a field experiment, which could be conducted within its natural setting. They usually involve a relatively small number of people and address a well-focused question. Experiments are most effective for explanatory research. They are often limited to topics for which a researcher can manipulate the situation in which people find themselves. Compared to other social research techniques, experimental research is the strongest for testing causal relationships because the three conditions for causality (temporal order, association, no alternative explanations) are clearly met in experimental design. In general, experiments are widely used because of their logical rigor and simplicity, consistency with positivist assumptions, and relatively low cost. Despite its advantages, the experiment method is inappropriate for the purpose of this study (Eiben, 2002).

Survey: Questionnaires produce quantitative information about the social world and describe features of people or the social world. They are also used to explain or explore about people’s beliefs, opinions, characteristics, and past or present behavior. The survey is the most widely used data gathering technique in sociology, and it’s used in many other fields as well (such as communication, education, economics, political science, and social psychology). The survey approach is often called correlation. Survey researchers sample many respondents would be given the same questions. Different variables are measured and different hypotheses are tested. An understanding of the temporal order from the survey is obtained about previous behavior, characteristics and user experiences. The relation between these variables is later measured with statistical techniques. Survey techniques are often used in descriptive or explanatory research (Song, 2002).

The advantages of survey methods, such as the economy of the design, the rapid turnaround in data collection, and the ability to identify attributes of a population from a small group of individuals are clearly presented in Song (2002). The survey instrument gives description of the numeric and quantitative percentage of the population or the sample by using data collection methods and asking people some questions. This data collection, in turn, enables the researcher to generalize the findings from some examples of replies to a population. Conclusions can also be made about the attitude, characteristics and behavior of the sample. (Song, 2002).

Survey Method Issues and Limitations: Survey research can be complex and expensive and it can involve coordinating a considerable amount of people and copious steps. One of the issues involved with questionnaires is non-cooperation (Pinsonneault, 2007). Due to an increasing number of academic courses requiring students to conduct formal research, many individuals and organizations are tiring of being continually surveyed. This leads to low response rates, or worse still inappropriately answered questionnaires that eventually impact negatively on the generalisability of the results. The generalisability or the external validity of questionnaires may also be affected by the sampling technique employed. As proposed by the author, the more focused the target group, the higher the response rates; and conversely, the more generalized the target group, the lower the response rate.

Types of Survey Methods

Survey data can be gathered in a number of ways and from different sources and settings. Interviewing, administering questionnaires, and observing people and phenomena are the main methods of data collection in survey research. The choice of data collection methods depends on the facilities available from the organization, the extent of accuracy required, the expertise of the researcher, the time span of the study, and other costs and resources associated with and available for data gathering (Pinsonneault, 2007). The following sections discuss each method with their advantages and disadvantages.

Telephone Interviews: The main advantage of telephone interviewing, from the researcher’s point of view, is that a larger number of people can be contacted – across the country or internationally – in a short. From the respondents’ standpoint, it would eliminate any discomfort that some respondents might feel in facing the interviewer, especially with disclosing personal information. The disadvantage is however; the fact that respondent could unilaterally terminate the interview without warning or explanation by hanging up the phone. Other disadvantages include relatively high cost, limited interview length, and the researcher not being able to see the respondent to read the nonverbal communication. In a multi-cultural society such as Dubai it can also be difficult to perform telephone interviews with individuals where English is their second, third and possibly forth language. One must also consider the effect such an interview could have on the household if an individual unknown to the head of the family makes a, supposed, personal call to a female family member. Dubai regardless of what it may look like to an outsider is a society where the modesty of women is very important for example it is not untypical for car windows have 100% tinting, regardless how dangerous (Corkrey, 2002).

Face-to-face Interviews: Face-to-face interviews have the highest response rates and permit the longest questionnaire. The researcher can adapt and modify the questions as required, clear any doubts and questions and make sure that that the questions are clearly understood by either rephrasing or repeating them. Non-verbal signs and cues can also be collected and this would not be possible in a telephone interview or mail questionnaire. The main disadvantage is however, the geographical constraints on the questionnaires and the larger number of interviewers required if such questionnaires have to be done over a large geographical area. The costs of training interviewers to minimize interviewer biases are also high and, finally respondents may feel uncomfortable since the replies are not anonymous and they would be face to face with the researcher (Newman, 2002).

Mail and Self-administered and anonymous Questionnaires: The most common form of self-administered and anonymous questionnaire in academic research is the mail survey. The main advantage of a mail questionnaire is that a wide geographical area can be covered in the survey and the respondents can complete the questionnaires at their own convenience. This offers anonymity and avoids interviewer bias. It is also by far the cheapest type of survey method that a single researcher can conduct. However, mail survey possesses some major weaknesses such as low response rate and longer turnaround. Due to its low rate of return, it is difficult to represent the population that the survey was intended to represent. In addition to the disadvantage mentioned above, any doubts, which the respondent may have, cannot be clarified (Newman, 2002).

Electronic Survey: Questionnaires can be conducted by different methods such as eMail, the Web and electronic newsgroups. The data transmitted in electronic form are much more flexible and greatly facilitate the process of data collection, data capturing and data analysis, compared with print-based form. It allows researchers to collect questionnaires from a larger and more geographically diverse population. Electronic survey responses can be collected more quickly, with lower copying and postage costs, and lower amount of time is spent in data entry (Laura, 2007). In a study that compared the cost of web based survey method to other survey method confirmed showed that as the sample size increased, costs of eMail and web-based questionnaires reduced. The process of developing web based survey usually involves developing the questionnaire, designing an online survey form, creating a database for the electronic capturing of data, and informing the population of interest of the existence of the survey (Laura, 2007).

e-Mail Survey: Little academic research has been conducted on web based questionnaires. However, it has been argued that many respondents feel they can be much more candid on eMail. Researchers at Socratic Technologies and American Research comments that people are more likely to participate in electronic research than in identical investigations using written materials. Apart from being cheaper than other modes of survey distribution, faster transmission, and quicker data gathering, it has also been suggested that eMail questionnaires arouse curiosity because they are novel and they reach respondents who are more likely to answer because people opening their eMail are prepared to interact. Many of these interactive questionnaires can utilize color sound and animation, which help to increase participant’s cooperation and willingness to spend more time answering the questionnaires. Despite its advantages, the response rate for eMail questionnaire are lesser than physically administered questionnaires. (Sheehan, 2006) comments about different reasons for the lower response rate of eMail surveys and some of then are that eMails can be deleted by the recipients and since they are not physically available and noticeable, they would have a lower priority and also that eMail responses are not anonymous (Laura, 2007).

Web-based survey: Before the introduction of the World Wide Web (WWW), web based questionnaires were collected mainly through eMail. However, as WWW access has become a standard part of network connectivity, web-based questionnaires are becoming increasingly common. web-based questionnaires offer a level of flexibility that eMail questionnaires do not. Features such as adding images, having help options, and enforcing data validation rules on responses by requiring certain types of answers, such as a numerical response, a response under 30 characters, etc. Respondents can also use the function of automatic question filtering. By making the survey experience easier for the respondent, there are less missing data when the survey is configured to be sent to a database or spreadsheet, and no data entry is needed). Regardless of the advantages, for the same sample size, the cost of mail survey is lesser than that of the web based survey. While making web based surveys, developers and programmers have to spend time in building the web page and the database. There is difficulty in calculating labor cost for administration, maintenance of hardware and the network. Although eMail and web-based questionnaires are relatively easy to design, incur low cost and achieve faster response time than traditional paper survey, it can be very difficult to procure eMail list of a particular population, other than one’s own company records. In addition, considerable effort needs to be devoted to promote and establish links containing invitations to visit the survey web site (Song, 2002).

In summary, a review of various types of survey method has been presented in this section. Certainly, telephone interviews are the fastest way to obtain data. However, due to the aforementioned cultural differences telephone or personal interviews were not considered feasible for this study.

The only viable option was to instigate email survey where a questionnaire was emailed to the respondents who were requested to complete the survey and mail it back to a specified ID.

Best Practices for Personal Privacy Information Protection

During the course of the literature review and interviews with members of organizations, certain best practices were revealed. The best practices relate to methods and systems such as Disaster Recovery Planning and Security Policies, that various organizations have adopted to safe guard personal and organization policies. This chapter discusses these best practices and methods and examines the manner in which personal privacy information is protected. There are two main sections in this chapter, Disaster Recovery and Planning and Security Policies. Disaster recovery planning deals with the systems adopted by organizations to protect customer information and business data from different types of disasters while security policies related to the systems adopted by organizations to protect data theft from the company.

Disaster Recovery Planning Systems

According to Rothstein (2007), disaster recovery planning – DRP and business continuity plan – BCP have become very crucial in the current scenario with increased threats from natural and man-made disasters. These disasters effectively wipe out the intellectual and soft assets of a company; taking it a few years back, if the entire source code and transaction records are lost. As a part of personal privacy information protection, organizations implement DRP and BCP systems. It should be remembered that organizations such as insurance providers, banks, credit card companies and other such service providers store critical information about customer’s bank accounts and financial information. If this data is lost, then total chaos will happen and financially sound people will not be able to prove that they have money, business will not be transacted, credit cards cannot be used and business will come to a standstill. DRP implementation helps an organization to quickly restore its networks and retrieve the software applications, account details and transaction records of the customer so that losses are minimized and the company can resume normal operations in the quickest possible time. Recent events such as the 9/11 attacks, Katrina hurricane, the Tsunami in south east Asia and others show that disaster, both natural and man made can strike with very little warning and totally take out the infrastructure that has been built such as buildings, whole towns and cities, cabling and any IT systems that are located in a particular location. Benton (2007) defined disaster recovery as “the process, policies and procedures of restoring operations critical to the resumption of business, including regaining access to data (records, hardware, software, etc.), communications (incoming, outgoing, toll-free, fax, etc.), workspace, and other business processes after a natural or human-induced disaster”. While a disaster recovery would also involve reconstruction of buildings, relocating people, building roads, restoring power and communications and many other activities, this paper would be limited to discussing the disaster recovery plan for the IT systems of a company.

In the current environment, the threat from terrorists and from nature places IT systems at a high risk. Since many companies have very strict rules regarding retrieval and storage of sensitive information, data tends to get centralized. If a disaster strikes the central server room where the data is stored, then all the company’s soft assets would be lost forever. Information about customers, business strategies and records, marketing and trading information and other details would become irrecoverable. In such a scenario, strategic plan that protects all computer-based operations necessary for the company’s day-to-day survival is imperative. If a company loses sensitive data, then it not only loses its soft asset but also the confidence of the customers and would probably go bankrupt. With increasing use of IT systems and dependence on business-critical information, the importance of protecting irreplaceable data has become a top business need. Since many companies rely on IT systems and regard it as critical infrastructure the need for regular backup is very crucial that even after a disaster strikes, the company can begin operating within a short period of time. Many large companies provide up to 4 percent in their IT budget on disaster recovery systems. It is estimated that 43 percent of companies that had lost data and could not replace the data went bankrupt while 51 percent had to shut down in two years while only six percent could service in the long run (Rothstein, 2007). Therefore, DRP and BCP are required to ensure that a company is able to recover quickly in case of a disaster, customer confidence is retained and that the business is able to continue.

Framework for DRP implementation

Information is the key to survival for organizations. Information could be stored either electronically or as hard copies. Disaster Recovery Plan (DRP) is a set of procedures designed to restore information systems. A DRP mostly deals with technological issues and recommends infrastructure that should be implemented to prevent damages when a disaster occurs. A disaster can make the business processes totally or partially unavailable. Business Continuity Plan (BCP) focuses on sustaining the business processes of a company during and after a disaster and this plan is a continuation of the DRP and cannot be implemented in isolation. A BCP lists the actions to be taken, the resources to be used, and the procedures to be followed before, during, and after a disaster. An IT disaster recovery plan is implemented for an organization in this section (Facer, 2006).

The DRP within a company is responsible for performing the business impact analysis, a process of classifying information systems resources baseline on criticality, and development and maintenance of a DRP. Tasks that need to be covered are included in the BCP document. The DRP should also maintain the BCP document up-to-date. This responsibility includes periodic reviews of the document – both scheduled (time driven) and unscheduled (Event driven). DRP defines a Recovery Time Objective (RTO) that specifies a time frame for recovering critical business processes. The DRP meets the needs of critical business processes in the event of disruption extending beyond the time frame. Recovery capability for each Strategic Business Unit (SBU) – including all Projects being executed under the SBU – shared service, location and Offshore Development Center are defined. In the event of any moderate / minor disaster, the recovery capability should ensure that the business processes work seamlessly without affecting any other dependent critical business processes. E.g. If the main power grid is disrupted, there must be standby facilities like generators to ensure that power is available (Facer, 2006).

Examining a DRP implementation

In this section, a DRP plan would be implemented for an IT company called ABC Ltd. The plan is based on literature review and actual implementations done at different companies and while each company may have its own modalities and priorities, the common elements of DRP are discussed. The following illustration shows how the company is organized.

Assets and Nodes of ABC Ltd. for DRP (adapted from Preston, 1999)
Figure 4.1. Assets and Nodes of ABC Ltd. for DRP (adapted from Preston, 1999)

The above figure shows different assets and nodes of ABC company are organized. The company has its head quarters at New York and a number of units in branches in areas such as Washington, Rochester, Syracuse and others. The company also has a number of off shore development centers and these are identified as ABC Europe, ABC Japan, ABC Australia, etc. In addition, the company has a number of clients and these are identified as Client 1, Client 2.

The DRP would need to cover all these units and assets. To allow quick back up and DRP procedures for the company, the following network diagram is proposed.

Network Diagram for DRP (adapted from Preston, 1999)
Figure 4.2. Network Diagram for DRP (adapted from Preston, 1999)

In the diagram, the connectivity is allowed through a primary ISDN Back Up Line and a Dial Up Line. A separate ISDN line for backup is required since the backup process consumes extra bandwidth and may slow down regular business processes. Based on corporate security policy, all the locations with a direct Internet access/connection should be secured by deploying firewalls. You can have a dedicated team of professionals, certified in various technologies who centrally manage the firewalls. You also need to have a change management procedure that enables you to incorporate any desired change in the existing set-up within a short notice. When a disaster occurs if a backup hardware exists, it can be used in the disaster recovery plan to restore services. You can protect gateways by installing Checkpoint Firewall Modules in the organization Network. This enterprise wide implementation is managed using a central management console. At each location a De-Militarized Zone (DMZ) must be created to protect important servers. It is also necessary to ensure that the policies installed on the Checkpoint Firewall Modules are based on the corporate network security policies. Precautions must be taken against Internet hacking and vulnerabilities. Vulnerabilities are holes or weak points in the network. Following figure shows a sample firewall installation for a location (Preston, 1999).

 Firewall Network Diagram for DRP (adapted from Preston, 1999)
Figure 4.3. Firewall Network Diagram for DRP (adapted from Preston, 1999)

The Firewall would ensure that unauthorized users would not be able to enter the network when back up processes are running or when a DRP plan is being implemented during a disaster

Each Project should prepare a DRP before the start of the Project in pre defined templates. Each Project Disaster Recovery Plan identifies an alternate site from where the project will be executed, in case the primary location is inaccessible based on the requirements of the project and availability of infrastructure at alternate site. This information is available from various templates that are used in the risk assessment (Toigo, 2005).

  • The Plan should identify critical project team members who will be shifted to the designated alternate location in case of such an incident. Where an employee may need to travel to onsite locations during a disaster, travel and other necessary documents are kept ready.
  • Data backup for all Projects should be stored at a predetermined location.
  • In case of a disaster where the primary site becomes inaccessible, each SBU from that location communicates requirements to the CMT to shift project team members.
  • CMT facilitates transportation of key employees to alternate locations through the Administration department.

Scenario for DRP during a natural disaster

Natural disasters can occur at any point of time and while hurricanes give some amount of warning time, earthquakes can occur instantly and catch IT teams unawares. When such disasters strike, the whole infrastructure such as buildings, servers, computers, network wiring and others may be completely devastated. A disaster is defined as an event that causes interruption of business operations for an uncertain period. In this case, an IT company called ABC Ltd. has been considered. Please refer to ‘’Figure 4.1. Assets and Nodes of ABC Ltd. for DRP’ for an illustration of the network and nodes.

In the scenario, we will project that a major Hurricane has broken out along with an earthquake in the regions in which ABC Ltd. is situated. The natural disasters have taken out all the fiber optic cables and other infrastructure. The intellectual property of the company, its database containing records of transactions, software applications, customer financial records, etc, is stored in the IT systems. If the IT systems are not recovered in time, then all business would cease, people would not be able to use credit cards, personal identification authentication systems would be lost and there would be utter chaos (Gilchrist, 2001). The Business Continuity Management Program (BCP) within a company is responsible for performing the business impact analysis, a process of classifying information systems resources baseline on criticality, and development and maintenance of a BCP. Tasks that need to be covered are included in the BXP document. The BCP should also maintain the BCP document up-to-date. This responsibility includes periodic reviews of the document – both scheduled (time driven) and unscheduled (Event driven). BCP defines a Recovery Time Objective (RTO) that specifies a time frame for recovering critical business processes. The BCP meets the needs of critical business processes in the event of disruption extending beyond the time frame. Recovery capability for each Strategic Business Unit (SBU) – including all Projects being executed under the SBU – shared service, location and Offshore Development Center are defined. In the event of any moderate / minor disaster, the recovery capability should ensure that the business processes work seamlessly without affecting any other dependent critical business processes. E.g. If the main power grid is disrupted, there must be standby facilities like generators to ensure that power is available. (Gilchrist, 2001). The following network is proposed for the BCP solution.

 ABC Ltd Overview of Redundant Connectivity for BCP
Figure 4.4. ABC Ltd Overview of Redundant Connectivity for BCP

A redundant connectivity network has been proposed between different nodes in the network. According to the plan, a number of mirror cache sites have been proposed and these would take updates from different servers and while transferring the information in the network, they would also store data in storage area networks. A 2 mbps primary line with dedicated fiber optic cabling is proposed for the connection between the central server and the mirror caches. In addition there would be a ISDN back up line that would connect the systems and this would be operated at 512 kbps. Further connections would have a T1 Dialup connection at 28-156 kbps. The update between the serves would be done at 12.00 hours GMT and at 24.00 hrs GMT. In this manner, even if disasters would take out one whole continent or even the central server, there is sufficient redundancy to start the network at reduced speeds. The data would already be stored in storage data networks and it can be physically retrieved and restored (Gilchrist, 2001).

Scenario of Hacking

A network security administrator has seen in the system log, a few attempts by unauthorized users who have tried to login to the system. The system administrator has terminated the login attempt manually a few times, but there are fears that the hackers will ultimately hack into the servers and compromise the system. The plan is to build a honey pot to trap the intruder and harden the system by using firewalls and proxy servers. This will help in not only trapping the hackers but also allow the network to be recovered in case they hackers damage the network before the intrusion is detected. The BCP will also stop data from flowing out to the hackers (Botha, 2004).

Intrusion Detection System (IDS) will be installed to detect unauthorized access attempts by hackers. The system will serve as an alarm system and the main intention of IDS is to provide a warning that illegal activity is happening or has happened some time back (Crothers, 2003).

Proposed BCP Solution for Intrusion Detection at ABC Ltd. (Crothers, 2003).
Figure 4.5. Proposed BCP Solution for Intrusion Detection at ABC Ltd. (Crothers, 2003).

A firewall is used to protect the internal network and create a demilitarized zone and this will isolate the corporate servers from being accessible to the public. There will be three intrusion detection sensors that will monitor the network traffic for signs of attack or malicious activity. The solid lines in the figure are the actual network connections. The dotted lines represent the secure communications that are used to pass detection information from the network and host based intrusion detection sensors to the master detection console (Crothers, 2003).

Security Policies

Security policies refer to the safety regulations that are to be observed by employees or visitors when they are inside the organization. These policies are designed to protect personal information theft that can occur by unscrupulous employees who may steal data by using USB drives or even mailing the information as attachments. Internet connectivity and e-mail facility are major productivity tools. They can also be misused or subverted to damage an organization network. Companies must formulate policies to regulate information access, e-mail usage (Frye, 2006). This section brings out some best practices that are used by organizations and what has been found in different publications.

Information Security Policy

The information security policy for employees and users is given in this section and various rules and regulations that employees are expected to observe are given here. Many of the rules given below are taken from security policies and manuals (Peltier, 2007).

  • Employees and authorized non-company employees should be allowed to appropriately use computer resources in ways that will accomplish company goals and initiatives. Users should act ethically and professionally wherever and whenever the resources are used. The use of computer resource must comply with all applicable policies and procedures including code of business conduct, human resource policies employee handbooks, non-disclosure agreements and applicable laws (Peltier, 2007).
  • Each user must be aware of the provisions of this policy before being given access to computer resources (Peltier, 2007).
  • Ensuring compliance with the procedure, (user-id, password, or any other device issued for accessing company resources remains confidential and under your control) whenever an information system or network is being developed, used, maintained or changed (Peltier, 2007).
  • Accessing only relevant information you need to do your job. Employees should note all data including email and data files stored or transmitted is the property of the organization. To properly manage this management reserves the right to examine all data stored in or transmitted by these computers. Computers must be used for business purposes only and employees should have no expectation of privacy associated with these (Peltier, 2007).
  • Use only authorized connections to company networks and computers viz. refrain from using devices such as modems, with out prior approval from network security administrator (Peltier, 2007).
  • Avoid installing or downloading software from external / internal sources for safeguard against virus infection, if need be scan the same using authorized ant virus software before downloading (Peltier, 2007).
  • Report any security breach to concerned manager or network security personal (Peltier, 2007).
  • Minimize the use of Extranet; email and other resources for business use only, unless prior approval thru concerned authorities have been taken (Peltier, 2007).
  • Passwords are vulnerable to many forms of technology attacks such as cracking programs, network sniffing etc. because of this reusable passwords should not be used for authentication as they provide minimal security (Peltier, 2007).
  • Internet/HTTP use is restricted for business use only. During working hrs. (9:00 AM – 6:00 PM) only authorized users have access to this, users should close browsers when finished (Peltier, 2007) with their work in order to avoid misuse. Internet Access is opened for all after office hrs (Peltier, 2007).
  • FTP use is allowed for authorized users only and this is restricted (Peltier, 2007).

Information Handling

Information handling refers to the manner in which data and information about clients and customers is handled (Peltier, 2007).

  • All data physically sent from the organization whether written or in storage form (e.g. magnetic media) should be securely enclosed and marked Proprietary and confidential.
  • No personal data should be brought in or taken out in any storage form from company premises.
  • All the written information in form of a FAX transmission or a print out should never be left unattended.
  • Unauthorized use of Modems is strictly prohibited in the network.
  • No dial-in / dial-out is allowed in the network without prior approval.
  • Security administrator should be informed of any activity that could compromise security of the network.
  • All office waste that could contain data should be destroyed by means that ensures that the data is irrecoverable (e.g. Shredding).
  • Where information is identified as confidential, Proprietary or Commercial in nature, it should not be left in open view.
  • When the employees are not at their work desks, confidential information should not be left in the open.
  • Visitors should not be allowed to access any information lying on the desk or computer.
  • Boot password should be enabled on desktops.
  • It is recommended that all Personal Computers should be protected from misuse by using password protected screen saver.

Information Sharing

Information sharing refers to routine task related sharing of information and data among members of an organization. While some elements of the information is private and confidential, other information can be shared by team members (Frye, 2006).

  • Information should not be shared with directory sharing on the machine. If needed restrictions in form of password protected shared, folders should be used. Blank fields should not be used as the password.
  • Data on productivity metrics, commercial terms and price structure should not be shared.
  • Information transmittable or accessible through the organizations resources might be sensitive, restricted.
  • Where information which is the property of the organization. is required to be sent outside, it should be marked Proprietary on the front cover and where possible, all pages containing data.
  • Password protection should be enabled for shared folder.
  • Global rights should be removed in WIN/NT and user specific rights should be given.
  • Accounts should not be shared with other Users.


Virus-infected software should not be released to other users or customers knowingly. All Virus infected software should be brought to the notice of the hardware department. Good Antivirus software should be installed on all desktops with an auto-update feature. Antivirus software installed on the machine should not be uninstalled without authorization and the best practice is not to allow employees to either install or uninstall any kind of software. When required, software requisition should be made to the administrators, after getting approval from the team leader and only the system administrator would have admin rights over any machine. Reboot should not be done with a floppy disk in the drive. Every disk that has been used elsewhere must be scanned. When disks are infected, hardware department should be informed. Write-protect all utility disks and program disks (Cavelty, 2007).


Divulging passwords should be an offence and they should not be allowed to break into other accounts. Employees should not be allowed to attempt cracking of others password and Passwords should be changed periodically after every 3 months or so and a system generated warning should be displayed that forces users to change passwords periodically. Employees should not disclose passwords to others and warnings should be displayed in important areas (Frye, 2006).

Email Use Policy

Email facility provided by the organization is a privilege and not a right. An email use policy statement provides specific instructions on the ways to secure electronic mail (e-mail) resident on personal computers and servers (Frye, 2006).

General Principles:

  • Correspondence via e-mail is not guaranteed to be private.
  • Use of e-mail may be subject to monitoring for security and/or network management reasons. Users may be subject to limitations on their use of such resources.
  • Fallback and Backup policies are well designed, documented and tested to provide maximum up time
  • Users in HR and Marketing department (need to communicate with free mailing domains) are provided mail ID’s on a separate mail server.
  • Managers are provided with ID’s on a different mail server.
  • Maintenance schedules will be carried out after prior notifications only.

Rules For Restriction On Size Of Message

Certain restriction on email size with attachment can be considered (Frye, 2006)

  • Up to 100 KB while sending/receiving messages to/from the Internet
  • 1 MB or 3 MB while sending/receiving messages to/from a client site.
  • This is subject to prior permission from the hardware department. The project manager should send an email to hardware department ([email protected]) for the same.
  • 3 MB for sending messages to anywhere in domain

Following Activities Are Strictly Prohibited

Certain activities that are considered wasteful and dangerous has to be curtailed (Frye, 2006)

  • Spend an unreasonable amount of time on personal e-mail.
  • Use e-mail for any illegal purpose.
  • Send company-wide virus alerts. Please forward any such information to IT staff ([email protected]), so that appropriate action could be taken.
  • Make or post indecent remarks, proposals or materials.
  • Transmit commercial software or any copyrighted materials belonging to ABC Ltd. Or parties outside of the company.
  • Reveal or publicize confidential or proprietary information that includes, but is not limited to Financial information; New business and product ideas, Marketing strategies and plans, Database and the information contained therein, Customer lists, Technical product information, Computer/network access codes, Business relationships.
  • Under no circumstances user will send mails to dummy accounts (e.g. [email protected]) for project testing purposes, because these type of non-existence ID’s create a lot of load on the server.
  • Mailing system is for Official usage only. Mails should not be sent for mass mailing of personal information like invitation to parties etc. and relaying to free mailing domains is strictly prohibited.
  • Under no circumstances, users are allowed to save a copy of their mails on the server. This consumes a lot of disk space on the servers making maintenance schedules tedious once.
  • Use mail servers for storing their personal data backups. Telnet and ftp services to mail servers are prohibited.
  • All violations of these policies can be traced to an individual account name and will be treated as the sole responsibility of the owner.
  • The above policies are subject to change without prior information to the employee.

Research Findings

As a part of the research, a questionnaire was administered to 20 professionals working for some financial institutions. The survey was administered as an email survey after contacting the respondents. Please refer to ‘Appendix. A1. Survey Instrument Design’, to view the instrument. The instrument has 15 questions and asked specific questions about the personal privacy policies and methods taken by the organizations to protect the personal information and privacy of the customers.

Design of the instrument

The survey instrument was designed to elicit information covering the issues mentioned in the Introduction, Literature Review and Best Practices. The questions were meant obtain information about the practices that organizations follow with reference to the personal privacy information. Sample questions were obtained from some peer reviewed journals and PHd thesis and then modified by the student for the research (Bhargav, 2007), (Bellotti, 1997). A detailed analysis of each question is provided in the next sections.

Analysis of the Responses

A qualitative and quantitative analysis of all the 21 questions has been provided. Each question has been presented along with the responses received and what the new information that the question was designed to bring. Number of respondents was 20.

Do you use web forms to collect information from customers.

All 20 respondents said Yes to the question. The question was designed to assess the use of web forms as a tool to gather personal information from customers and potential customers. Web forms were used in various stages of customer interactions and transactions. The most common system in use was to restrict entry to the detailed features of the site only for registered users. All the websites had certain pages and links that were available for casual visitors and anyone who visited the website could view some areas of the website and content. Generic information was available without restriction, this included information about the company, their products, and services, contact details and so on. If a customer wanted detailed information, wanted to read documents kept in the download section, wanted to read the account statements and even if they wanted to buy services and products, then registration and login was required. Registration form included brief details such as name, contact details, password, email Ids and so on. After the customers entered all the details and clicked Submit, login details were sent to the email account and the email had a link to authenticate the registration. Some organizations kept the link active for periods ranging from 24 hours to 48 hours, meaning that users had to authenticate the link in the email within the stipulated period, else the customer would have to register again. The practice ensures that Spammers do not illegally register and attempt to Spam the network.

The inference is ‘Web forms at the time of visitor registration is the most common method to gather customer information. Login details are sent to the registered email ID and users have to authenticate the link in the email within a stipulated time’.

What kind of information do you collect from customers

The question had multiple choices and was designed to assess the type of information that was collected by the organizations. The question had to be answered only if Yes had been selected in the previous question. The choices for the questions were: Contact Details; Income and expense details; Family Details and Banking and Credit Card Information, products and services interested. Responses for the questions and choices are:

Contact Details: All 20 respondents replied that the web forms required customers to enter the contact details. Certain fields for contact details were mandatory and they included username and password, email ID, First Line of the Address, Country and Zip code for US residents. These details had to be entered or else the form would not be accepted when Submit button was clicked.

Income Details: All 20 respondents indicated that Income declaration was mandatory and the web forms provided multiple choices with radio buttons to allow customers to select their income range such as Up to 25,000 USD, Between 25000 USD to 50,000 USD and so on. This information is required by insurance and financial service providers to understand the financial standing and investment capability of customers. However, customers are not expected to show proof of their income and they can make any kind of declaration.

Family Details: 15 respondents indicated that the web form had certain fields that asked the respondents to indicate the size of their family while the remaining five indicated that they did not gather this type of information. Family details are gathered by insurance companies so that an assessment can be made for the risk cover and the type of policy that is required.

Products and Services: All 20 respondents indicated that the web form had a section where the products and services offered by the company were given along with check boxes. While it was mandatory to select at least one option, users could select multiple products and services they were interested in. Organizations attempt to create filters and segregate the customers as per the products, services required so that focused information can be provided to customers, and the levels of customer service can be enhanced.

Banking and Credit Card Information: This is a very critical area and all the 20 respondents indicated that this information is asked for only when a customer is ready to make a purchase after fulfilling the qualifications and other norms. Moreover, the process of online buying requires a series of forms to be filled along with the credit card information and this is done under very secure 128-bit encryption.

The inference is ‘Contact details such as name, email ID, first line of address, country and zip code are mandatory information gathered. All organizations gather income details and users need to select one of the choices for income such as Up to 25,000 USD, Between 25000 USD to 50,000 USD and so on. A majority of the organizations required family details of the users and information such as number of dependants is gathered. All respondents indicated that the web forms have a listing of products and services offered and users have to select one or more of the options. These details allow organizations to create a demographic profile of the customer so that focused marketing can be taken up. Banking and credit card information is gathered only when users want to buy products’.

 Do you ask customers to authenticate a privacy statement or obtain consent, in the form

There were varying degrees and intensity of the privacy statement and all respondents replied that visitors had to accept a privacy statement and indicate their consent to give the information. Five organizations provided a check box at the bottom of the form and users were supposed to select the check box to indicate that they accepted the terms and conditions. The form would not be submitted unless the ‘Accept’ check box was selected by the customers. However, 10 organizations took the declaration seriously and before the registration form was opened, visitors were first presented with a long form that listed various terms and conditions about the information given by the customer and information requested by him in return. The registration form was displayed only after the user clicked the accept button. Five organizations provided a hyperlink that users had to click and the privacy and consent statement was displayed in a popup box with an ”Agree’ and a ‘Disagree’ statement. The privacy and consent statements are mandatory as per the privacy acts framed by US. However, it must be noted, that customers always had the option to click disagree in which case, the registration form was not displayed and the registration process was terminated. Organizations use this strategy to ensure that their intellectual property is protected and that they know some basic details of users.

The inference is ‘Organizations use different types of tools to obtain consent of customers regarding privacy information. Customers have the option of not agreeing to give the information requested for and the registration process is then terminated’.

Do you offer Opt Out options for customers

Opt out options are required when users have registered to obtain news alerts or newsletters and mailers. At the time of registration, users can select options for the products and services that they are interested in and indicate if they want to receive newsletters and mailers. These are advertising tools that organizations use to give information and to increase their business. All organizations indicated that when a regular newsletter or mailer is sent, a hyperlink is provided at the end of the mail that allows users to unsubscribe to the mailers. Customers who do not want to receive any information would have to click the hyperlink that opens a screen in the organizations website and then they have to enter their registration details and then the process of unsubscribe is completed. However, this does not mean that the users registration has been cancelled and users information that was stored on the website is expunged. This does not actually happen and users can login and use the services even at a later date. All respondents indicated that they have an opt out feature for users though they do not provide any link that allows users to cancel their registration and login details. Some organizations indicated that if an account is inactive for a specified duration, then users account may be suspended and the old password is no more valid and users have to use the ‘Forgotten Password’ feature to gain entry again.

So the inference is “organizations offer opt out features for customers, but customers can only opt out from receiving newsletters and email alerts from organizations to which they have registered. Customer contact and other details, along with the login information would however be still residing in the organizations servers’.

 Do you use third party seals and signatures when using ActiveX controls on the website?

Third party seals such as HackerSafe, BBB and others are provided by organizations that authenticate and verify that a website is safe and information that is entered here or transacted would remain safe. Different methods of third part seals are available and they use various methods to ensure safety of the website and visitors. One common manner in which these application operate is through the method of PCI scanning where data requests are checked by the software, residing at the gateway level of the server. Many anti virus applications such as McAfeee and Norton provide this application as a part of the server safety. However, other service providers attempt to verify the physical address of a website. The organizations that were surveyed can be regarded as large organizations with their own system of authentication and data protection services. Third party seals are used by smaller organizations that cannot afford to have robust IT systems. Hence, all the respondents stated that they do not use third party privacy seals but rather rely on their firewalls and IT systems security to protect customers. Moreover, third party seals are best used by small and unknown organizations about which people have not heard of. Larger organizations that are quite well known do not require third party seals to establish and prove their reputation.

The inference is that ‘large companies do not use third part seals to prove their authenticity as they are well known. These companies prefer to use their own IT systems security along with bought out anti virus applications and firewalls. Hence, such privacy seals are not often used by large organizations’.

Privacy Signals and Consumer Behavior

The full question that was asked was ‘do privacy signals such as presentment and availability of privacy statements affect consumer perceptions of perceived security control and consequently consumer behavior to purchase online?’ The question was designed to understand the relation between display of privacy signals and consumer’s perceptions of perceived security control and the consumer behavior for online purchase. This question obtained different sets of replies and the overall assessment is that consumers may give their personal information related to contact details in the web form. However, there is an increased reluctance to give credit card information and bank account details. Much depends on the customer’s gender, age and education. The respondents suggested that females in the older age group tend to be freer in giving information that is required. Younger working women with some level of college education tend to be vary while giving out their banking details. Younger workingmen with some levels of college education and who work in bigger cities are downright suspicious about giving their personal details. Many of such customers seek clarifications from the customer care before giving more details. The respondents agreed that since the past couple of years, people tend to be more reassured when they see privacy symbols or when they see the symbol of secure encryption when making a purchase using their credit cards.

The inference is ‘customers feel more assured when they see privacy symbols, especially when they are making online payments and the use of such symbols and technologies seems to assure the customers that their privacy and confidential information is protected’.

Do you embed cookies while asking customers to enter their details in the website.

All the customers agreed that they do embed cookies in the users browser, when users register or login for the first time. Cookies allow the web pages to be served faster and allows the server to remember the session details and authenticate the transactions. To prevent fraud, identity theft and other types of crimes, users are expected to remain active on the website by performing actions such as opening hyperlinks, opening other pages and so on. If users do not show any activity for a continuous period of say 5 minutes, the web page is expired and users have to log in again. Respondents point that time sensitive cookies form a part of the overall IT security strategy for customer safety. When a cookie is embedded in the software, the next time when the web page is opened, the cookie is sent again to the customers computer to verify the previous information that is encrypted. However, it is possible to keep the life of the cookie short so that when the user closes the browser window, the cookie is deleted. Some email clients such as Yahoo or Gmail embed the cookie for a longer time so that the customer does not have to enter the login details each time he wants to open the site.

The inference is ‘Organizations embed cookies during each visit of user to the website. The cookies help in verification, load the pages faster and they allow some level of tracking. While some organizations use time bound cookies that expire after a certain amount of time and users have to login again, other organizations allow longer expiry periods for the cookies.

Do you use secure 128 bit encryption when customers login to your website

All the 20 respondents stated that they use 128 bit encryption during the sessions for purchase by customers. While security and privacy can be managed during the registration process when sensitive information is not exchanged, the issue becomes critical when online transactions are conducted and customer wants to make payment using assured and safe methods. In such cases, organizations such as Verisign provide a 128 or 256 and higher encryption key. When a customer wants to make a credit card payment, a handshake is initiated between the users computer and the server. By encrypting the information, it is possible to create an encryption key that is required to unlock details of the payment made, items bought, credit card numbers and so on. By using 128 or higher bit encryption, the possibility of hackers intruding into a session and decrypting the coded information becomes very remote and the probability is further reduced since the encryption would be valid only for a few seconds or a couple of minutes till the transaction is completed. Even if a hacker does intrude into the session, he has to decrypt the encoded information in a few minutes and then attempt to hijack the session, which is practically not possible. 128-bit encryption has 128 bits of data that can be rearranged randomly in different combinations. So, a 128 but encryption would have 309, 485, 009, 821, 345, 068, 724, 781, 056 combinations, before the session can be cracked and this is practically not possible. Any incidents of pass words and credit card numbers being stolen happen when users are duped into revealing their information on phishing sites.

The inference is ‘organizations use 128 bit or higher encryption methods to protect the online buying and trading sessions’.

Do you use Firewalls to protect your servers

There were certain levels of Firewalls and certain areas for firewalls for the websites. The organizations used different levels of security for data storage. Public facing servers where users who are not registered would have only certain amount of information and the security with firewalls is not very strict. When a user logins to the website, the user is directed to personalized pages that would have user details and history of transactions. However, databases containing transaction details and in which information related to banking and credit card information of users is stored along with details of policies, stocks, unique serial number of policies and so on are stored, the firewalls used are very strict. By adopting such techniques, organizations attempt to cut down the cost of implementation and maintenance. 8 Organizations used commercially packages to create the firewalls while the remaining 12 used customized services to build their own security systems. The firewalls act as the first and last levels of barriers and are designed to prevent hackers from gaining easy access to the servers. When combined with other tools used for privacy seals, the software applications immediately deny bad and suspicious requests to connect to certain ports of the server. In spite of such measures, hacking incidents are known to happen but when the systems are rigidly protected by an alert team, it is possible to prevent hacking attempts or at least know any suspicious activity.

The inference is ‘Organizations use firewalls to protect customer privacy and take active measures to prevent loss of data

Do you use mirror servers

The full question was ‘Do you use mirror servers and do all the servers have the same level of security as the central servers?’. The question was designed to understand the amount of security that mirror serves have when organizations attempt to distribute their traffic load as per the regions and for data backup. All 20 respondents stated that they used mirror servers an the reasons given were: to reduce traffic load on the main server; to provide a data back up in case the central server crashed and to prevent loss of data in case one location was struck by a disaster. In fact, mirroring was used a DRP strategy. However, there were differences in the manner in which data was transferred between the servers. Mirror servers are supposed to be exact replicas of different servers and store web pages, mails, transaction details, customer information and company records. There are different methods in which data is exchanged between the servers. In hot swapping, data is exchanged continuously so that at any instant, a server would have information that was changed in another. While this method is very useful, it requires extra bandwidth for continuous data transfer and is only feasible for organizations such as credit card ATMs and banks since bandwidth is expensive. Other organizations prefer to exchange data once every 12 hours, in the night when traffic is low. Typically caching is used to provide access to updated pages. The responders reported that the extent of security is essentially the same since a mirror is created and this allows security policies to be uniformly applied.

The inference is ‘Organizations use mirror servers to ensure client data privacy is maintained and as a back up for the company information. Hot swap method in real time is not used but rather a caching method is used to store data across different servers. Mirroring forms one of the practices used in DRP for client privacy protection’.

How is customer information protected in your workplace from your employees

The question was designed to understand how customer personal information is protected in the organization. The question had multiple choices and respondents could select more than one option. The options provided were: Give selected access to certain grades of employees; Give access on need to know basis for employees and Ask employees to record voice transactions with customers. The 20 respondents chose all the three options, indicating that certain common elements of privacy protection from employees are implemented.

Give selected access to certain grades of employees: Employees need information about customers to carry out their tasks and organizations decide how much information about customers should be revealed to their employees. While front office and support staff would have access to information such as contact details, certain data such as customer account passwords and ATM pin or TPIN are highly secured and not revealed to even senior level employees. Customers are expected to generate the password themselves by using a secure call in using the self-service option. Account balance and transaction information may be made available to the front staff so that they can answer queries from customers.

Give access on need to know basis for employees: The option somewhat resembles the previous option but in some cases, customers would want to know about certain details of the account and the front office staff would not have access to such information as it is protected. In such cases, employees with the required amount of security clearance would be asked to take over the session and provide the required information.

Ask employees to record voice transactions with customers: This practice has assumed greater importance since some customers may start fighting with the front office staff and then claim lack of service. Organizations themselves ask conversations to be recorded so that they can improve their customer service and provide training to staff that does not address queries properly.

The inference is ‘Organizations take up a number of measures to protect customer privacy from its own employees. Some methods employed are, Give selected access to certain grades of employees; Give access on need to know basis for employees and Ask employees to record voice transactions with customers’.

Do you have an information security policy in your organization

The question was designed to assess the protection of customer privacy from employees. While organizations trust their employees, they ensure that strict compliance is maintained as far as customer privacy is concerned. All the respondents revealed that some levels of security policies are implemented in their organization. He question had multiple options and users could select more than one option. The options were: Email account restriction, Attachment beyond a certain size is not allowed, All personal mails are scanned using key word heuristics, Employees not allowed to carry inside: Camera Phones, USB drives, MP3 players, etc. and Printouts not allowed to be carried outside the office premises, unless authorized. These options are further analyzed as below:

Email account restriction: 12 organizations reported that they had a common user ID for certain departments, such as [email protected] or enquiry @ and so on. Individual employees did not have their own email accounts and hence there was no issue of using company email to send personal mails. 8 organizations replied that some levels such as team leaders and group leaders were given email Ids. Senior staff in the organizations however had their own email accounts and they had to use it as per the company policy. This kind of policy ensures that employees do not mail sensitive information or even give in appropriate answers to customer queries. Some organizations even did not give email access to employees who worked in critical areas such as customer care, accounts and claim processing and settlement divisions.

Attachment beyond a certain size is not allowed: Employees from marketing, sales, and even customer service who had their own email accounts could not send out emails beyond a certain size to outside domains. The size limit was larger for email Ids from the same domain. By restricting the attachment size, there is a limit to the information that can be mailed to outside domains. While information on bank account and credit card information can be mailed outside even with email size restriction, larger documents cannot be sent out.

All personal mails are scanned using key word heuristics: Keyword heuristics is a method that uses complex algorithms to trace the number of occurrence of alphanumeric characters and even special characters in a mail or even web pages. This system is used for controlling Spam and block out porn sites. It is possible to specify a number of keywords and the number of times that it can occur in a mail body, subject or header. So if a mail had the term ‘account number’ written more than 6 times, then the mail would be quarantined and a copy sent to the manager for scrutiny. If the mail was normal then it would be allowed and if there was any mal intention, then it would be possible to know the IP number of the machine from where the mail originated, the time of sending and thus find out who sent the mail.

Banning camera phones, USB drives from the work area and stopping printouts from being carried out: Five organizations had implemented the ban on carrying camera phones while others did not prevent employees from using such phones. Organizations had disabled access to USD ports and CD ROM drives were read only and data could not be written on CDS. Printouts were also restricted and there were only central printers under the control of admin. Printing of policy and letters to customers was conducted in a regulated atmosphere. To prevent misuse and data theft, documents were not stored in the computers but had to be generated from the application using manual or automatic batch processing systems. Therefore, it can be seen that organizations took all the required steps to control data theft or misuse by staff.

The inference is ‘organizations have strict security policies regarding data storage, transfer and retrieval of customers personal information and even company records. Some measures adopted are: Email account restriction, Attachment beyond a certain size is not allowed, All personal mails are scanned using key word heuristics, Employees not allowed to carry inside: Camera Phones, USB drives, MP3 players, etc. and Printouts not allowed to be carried outside the office premises, unless authorized’.

Do you have a DRP system in place

All the responders stated that they have a DRP system in place and this system is a part of the strategy to protect personal privacy information of customers as well as protect organizations records. DRP systems have been regarded as an essential practice in the current scenario where terrorist threats and natural disasters can destroy computers, servers and all the information that the systems carry. Therefore, protecting customers information from disasters and making the system to come online immediately becomes the top priority for organizations. When a disaster strikes, or due to virus and hacker attacks, customer information can be lost and records related to bank deposits, financial transactions, credit card statements and other important details can be lost, unless a DRP system in place.

The inference is ‘Organizations adopt DRP systems as a practice for protecting customer privacy’.

How fast can you recover data if the system crashes

Answers to the question varied from six hours to 12 hours in the best-case scenario and up to 48 hours in the worst-case scenario. However, all organizations are able to recover the customer and company records and this declaration gives customer a great sense of confidence that the organization is capable and competent enough to protect their information. Information are of two types, one is the personal information of the customer and the other is the transaction records that the organization ha created. Both are important and the organization must be able to integrate and merge the data so that information of person A matches with the transaction record of the same person and not another person.

The inference is that ‘With a DRP system in place, organizations are able to come online within 24 hours to 48 hours and all customer information can be recovered’.

How confident are you that current technologies can protect customer privacy

The question had multiple choices and respondents had to select only one answer to indicate how happy they felt that current technologies were sufficient to protect customer privacy. Options available were Disagree, Some what Agree, Agree, Strongly Agree. Among the respondents, 8 selected somewhat agree while five selected agree and seven selected the option Strongly Agree. The reasoning given behind responders who selected Somewhat agree and Agree was that they believed that it was not only technology that helped to protect customer privacy but the organization culture, HRM practices and security policies that are properly implemented. Taking an employee to task if he has committed a minor mistake or broken some rule out of forgetfulness should not be construed as an act of sabotage. Employees are expected to swipe their attendance cards when they move between restricted areas. Tailgating is not allowed and it may happen that two employees who are moving out for a break, one of them swipes the card and his friend also follows him. This is actually a breach since logs and records along with video surveillance is used to track employee movement in the premises. However, the employee can be given a brief talk about the dangers of such practices and there is no point in subjecting the employee to disciplinary actions.

The inference is ‘Organizations cannot rely on technology to protect customer privacy and protection can best be done by enhancing the corporate culture and using proper HRM methods. An over reliance only on technology and ignoring the employee factor does not enhance customer privacy security

Have there been any incidents of data theft or attempts at hacking in your organization

Respondents were not willing to disclose any incidents of data theft, as it would lead to negative publicity and create doubts among customers. However, respondents suggested that attempts to hack into the system are routinely observed and tackled by the firewall. The respondents also reported that their servers are also subjected to virus attacks, same as the rest of the world, but with proper updating of the anti virus database, such incidents are quickly controlled before virus and Trojans can cause any damage.

The inference is that ‘hacking attacks and virus attacks occur every now and then but by using the appropriate firewalls and anti virus applications, such threats are eliminated before they can compromise customer privacy information’.

Do you expect customers to take measures to protect themselves

All the respondents agreed that while this was not an issue of their organization, they felt that as an act of safety, customers should take care of their computers and systems. They felt that customers should install the proper anti virus applications and use common sense by not opening suspicious mails or giving away their confidential details, unless the person requesting the information is from a trusted source. The respondents suggest that whatever the case, username, password, login details, bank account numbers and credit card information should not be given away.

The inference is ‘customers should be careful while accessing the Internet and while entering transactions in the eCommerce sites. Customers should also use the latest updated anti virus applications’.

When was the last time that you conducted an audit of your personal privacy information systems

The respondents stated that they had a regular audit schedule in their organization and the audits covered areas such as processes, work methods, information handling and so on. Steps to maintain and protect customer personal privacy information formed a part of the process. Audit teams were identified and these teams would verify the manner in which the operations were conducted and how much they differed from the recommended steps. A gap analysis was also conducted to understand the weakness and improvement areas.

The inference is ‘organizations take up scheduled audits of work and process systems to understand deficient areas and take up remedial measures to strengthen the weakness’.

Do you regularly check your logs to find and remove spurious registrations

Respondents suggested that since they get thousands of hits each day on their website, it is not possibly to check the logs and find out if any registrations are spurious. Hence, checking of registration logs is not possible, given the huge amount of work involved. The respondents however stated that in case of a hacking attack or a virus attack, the logs for the day and time stamp are scrutinized to find the possible suspect, however, the process is not very successful.

The inference is that ‘Given the huge amount of traffic that the organizations get, it is not feasible to monitor and examine the server logs everyday’.

Do you log the IP of the computer when a connection request is made

Respondents were evasive when it came to answering this question and no one was willing to reveal that they logged the IP of users or attempted to create a blacklist of IPs from suspicious countries where piracy and hacking is rampant. The respondents suggested that merely logging the IP does not help them in their marketing efforts and they would rather use the information given by the customer during registration to find out details of users and customer. However, in case of hacking attempts, the IP of the hacker is revealed by the firewall and the IP is immediately added to the black list and all future requests from the same IP are automatically blocked by the server.

The inference is that ‘IP logging is not used for marketing and organizations prefer to use the information given in the registration file to profile the customer. However, in case of hacking attempts, the IP is logged and added to the server black list’.

How would you rate your organizations personal privacy information policies

The final question required the respondents to rate their organizations personal privacy information policies. There are multiple options and only one had to be selected. The options available were: Needs improvement; Good, Constantly Improving. Three respondents selected Needs Improvement, 10 selected Good while 7 selected constantly improving. The comments given suggested that while the organization had implemented policies for privacy protection, this was not the end of the practice. On the other hand, with new threats being discovered, new requirements and concerns raised by customers and new regulations brought in by governments, there was a need to constantly keep upgrading the policies. Organizations have discovered that customers tend to increase their visits and even buy more products when they are assured that their personal information is protected.


The chapter presents the conclusions of the study and presents the summary of the findings. The paper had set out to examine three main research questions and these were answered with the help of an extensive literature of personal privacy information, threats that customers and organizations face and certain best practices that organizations have implemented. These observations were obtained after conducting using a semi structured questionnaire that was administered to 20 professionals from insurance and financial corporations.

Summary of the Findings

Organizations have felt the increased need for maintaining customer personal privacy information secure since this increases customer confidence. Loss of personal information, data theft and identity theft causes financial loss and destitution for the victims. Organizations have implemented a number of features such as firewalls, disaster recovery and planning, security seals, 128-bit encryption and other software applications, to protect customer privacy and their own business. However, organizations still rely on security policies and better relations with employees to prevent loss of data. When customers see that a website has high level of security, they are encourage to transact more.

Detailed conclusions

Following table gives the main research questions and the observations for the questions.

Main research Question Observations from survey and literature review
1. How are privacy protection technology perceived by individuals? Organizations depend in technology for privacy protection and consumers feel more confident when they see that a website has a security seal or has 128 bit encryption for secure transactions. Such consumers would be more willing to buy products and enter into online transactions.
2. Do current technologies protect consumer’s financial information? Organizations use high level of technology but they still believe that employee participation is important to ensure customer privacy. Organizations instill proper corporate culture, good HRM practices and focused security policies to ensure that data theft from employees and hackers does not occur.
3. What are the circumstances of loss of privacy or personal information to consumers? Loss of privacy depends on the type of data theft. If information such as contact details are stolen, the loss is not very great. However, if credit card information, banking information, health records and other close personal details are stolen and identity theft occurs, then the effects can be very severe.

The following conclusions were drawn from the survey instrument:

  • Web forms at the time of visitor registration is the most common method to gather customer information. Login details are sent to the registered email ID and users have to authenticate the link in the email within a stipulated time.
  • Contact details such as name, email ID, first line of address, country and zip code are mandatory information gathered. All organizations gather income details and users need to select one of the choices for income such as Up to 25,000 USD, Between 25000 USD to 50,000 USD and so on. A majority of the organizations required family details of the users and information such as number of dependants is gathered. All respondents indicated that the web forms have a listing of products and services offered and users have to select one or more of the options. These details allow organizations to create a demographic profile of the customer so that focused marketing can be taken up. Banking and credit card information is gathered only when users want to buy products.
  • Organizations use different types of tools to obtain consent of customers regarding privacy information. Customers have the option of not agreeing to give the information requested for and the registration process is then terminated.
  • Organizations offer opt out features for customers, but customers can only opt out from receiving newsletters and email alerts from organizations to which they have registered. Customer contact and other details, along with the login information would however be still residing in the organizations servers.
  • Large companies do not use third part seals to prove their authenticity as they are well known. These companies prefer to use their own IT systems security along with bought out anti virus applications and firewalls. Hence, such privacy seals are not often used by large organizations.
  • Customers feel more assured when they see privacy symbols, especially when they are making online payments and the use of such symbols and technologies seems to assure the customers that their privacy and confidential information is protected.
  • Organizations embed cookies during each visit of user to the website. The cookies help in verification, load the pages faster and they allow some level of tracking. While some organizations use time bound cookies that expire after a certain amount of time and users have to login again, other organizations allow longer expiry periods for the cookies.
  • Organizations use 128 bit or higher encryption methods to protect the online buying and trading sessions.
  • Organizations use firewalls to protect customer privacy and take active measures to prevent loss of data.
  • Organizations use mirror servers to ensure client data privacy is maintained and as a back up for the company information. Hot swap method in real time is not used but rather a caching method is used to store data across different servers. Mirroring forms one of the practices used in DRP for client privacy protection.
  • Organizations take up a number of measures to protect customer privacy from its own employees. Some methods employed are, Give selected access to certain grades of employees; Give access on need to know basis for employees and Ask employees to record voice transactions with customers.
  • Organizations have strict security policies regarding data storage, transfer and retrieval of customer’s personal information and even company records. Some measures adopted are: Email account restriction, Attachment beyond a certain size is not allowed, All personal mails are scanned using key word heuristics, Employees not allowed to carry inside: Camera Phones, USB drives, MP3 players, etc. and Printouts not allowed to be carried outside the office premises, unless authorized.
  • Organizations adopt DRP systems as a practice for protecting customer privacy.
  • With a DRP system in place, organizations are able to come online within 24 hours to 48 hours and all customer information can be recovered.
  • Organizations cannot rely on technology to protect customer privacy and protection can best be done by enhancing the corporate culture and using proper HRM methods. An over reliance only on technology and ignoring the employee factor does not enhance customer privacy security.
  • Hacking attacks and virus attacks occur every now and then but by using the appropriate firewalls and anti virus applications, such threats are eliminated before they can compromise customer privacy information.
  • Customers should be careful while accessing the Internet and while entering transactions in the eCommerce sites. Customers should also use the latest updated anti virus applications.
  • Organizations take up scheduled audits of work and process systems to understand deficient areas and take up remedial measures to strengthen the weakness.
  • Given the huge amount of traffic that the organizations get, it is not feasible to monitor and examine the server logs everyday.
  • IP logging is not used for marketing and organizations prefer to use the information given in the registration file to profile the customer. However, in case of hacking attempts, the IP is logged and added to the server black list.

 Limitations of the Research

The research was broad based and the results and conclusions are generic. An examination of two or three companies, from different sectors has to be performed with field visits to obtain more detailed information on the actual working and practices observed in the organizations.

Recommendations for Future Research

It is recommended that two or three organizations from sectors such as banking and insurance should be studied in more detail to understand the actual practices used to protect personal privacy information of customers.


  1. 5 U.S.C. 552a, 1974. Privacy Act of 1974 (5 USC Sec. 552a).
  2. Armstrong JS. 2001. Principles of Forecasting: A Handbook for Researchers and Practitioners. Kluwer Academic Publishers
  3. Bellotti V. 1997. Design for Privacy in multimedia computing and communication environment. In Technology and privacy: the new landscapes. pp: 63-98. Cambridge, MA: MIT Press.
  4. Benton, Dick. 2007. Disaster Recovery: A Pragmatist’s Viewpoint. Disaster Recovery Journal. Volume 12. Issue 6. pp: 23-29.
  5. Bhargav-Spantzel, A. 2007. Protocols and systems for privacy preserving protection of digital identity. Ph.D. Dissertation, Purdue University, Indiana, United States.
  6. Botha Jacques. Rossouw Von Solms. 2004. A cyclic approach to business continuity planning. Journal of Information Management & Computer Security. Volume 12. Issue 4. pp 38-51
  7. Byrne David. 2002. Interpreting Quantitative Data, 1 edition. Sage Publications Ltd.
  8. Burgoon JK, 1982. Privacy and communication. In M. Burgoon (Ed), Communication Yearbook. Volume 6. pp: 206-249. Beverly Hills, CA: Sage.
  9. Carroll JM, Swatman PA. 2000. Structured-case: a methodological framework for building theory in information systems research. European Journal of Information Systems. Volume 9. Number 4. pp: 235-242
  10. Cavelty Myriam Dunn. 2007. Cyber-Security and Threat Politics: US Efforts to Secure the Information Age. Routledge Publications.
  11. Corbin Juliet. 2007. Basics of Qualitative Research: Techniques and Procedures for Developing Grounded Theory, 3rd edition. Sage Publications, Inc.
  12. Creswell, J. W. 2003. Research Design – Qualitative, Qualitative and Mixed Methods Approaches. Thousand Oaks, CA: Sage Publications
  13. Crothers Tim, 2003. Implementing Intrusion Detection Systems. Wiley Publishing Inc.
  14. Cook David P.  2006. The Role of Third-Party Seals in Building Trust Online. e-Service Journal. Volume 2. Issue 3. pp: 71-84.
  15. Corkrey R, Parkinson L. 2002. Comparison of four computer-based telephone interviewing methods: Getting answers to sensitive questions. Behavior Research Methods, Instruments, & Computers. Volume 34. Number 3. pp: 354-363
  16. Culnan MJ. 2008. Protecting privacy online: Is self-regulation working? Journal of Public Policy and Marketing. Volume 19. Issue 1. pp: 20-26
  17. Desai MS, Richards TC. 2003. E-commerce policies and customer privacy. Information Management and Computer Security. Volume 11. Issue 1. pp: 19-27.
  18. Denzin, Norman K. & Lincoln, Yvonna S. (Eds.) 2000. Handbook of Qualitative Research. Thousand Oaks, CA: Sage Publications
  19. Doolin B, Lowe A.  2006. To reveal is to critique: actor–network theory and critical information systems research. Journal of Information Technology. Volume 17. Number 2. p. 69-78
  20. Earp JB, Baumer D. 2007. Innovative web use to learn about consumer behavior and online Privacy communications of the ACM. Volume 46. Issue 4. pp: 81-83.
  21. Eiben AE. Jelasity Mark. 2002. A Critical Note on Experimental Research Methodology in EC. Proceedings of the 2002 Congress on Evolutionary Computation, Department of Artificial Intelligence, Free University of Amsterdam
  22. Evangelos Drimbetas, Nikolaos Sariannidis, Nicos Porfiris, 2007. The effect of derivatives trading on volatility of the underlying asset: evidence from the Greek stock market. Applied Financial Economics, Taylor and Francis Journals. Volume 17. Issue 2. pp: 139-148
  23. Facer Dave.  2006. Rethinking: Business continuity. Journal of Risk Management. Volume 46. Issue 10. pp: 17-21
  24. Favier, J. 2007. Europe’s eCommerce Forecast: 2006 to 2011. Cambridge, MA: Forrester Research Inc.
  25. Federal Trade Commission. 2008. Privacy. Web.
  26. Frye Douglas W. 2006. Network Security Policies and Procedures. Springer Publications.
  27. Freiman, J.A., T.C. Chalmers, H. Smith et al. 1978. The importance of beta, the type II error and sample size in the design and interpretation of the randomized control trial. New England Journal of Medicine 299:690-694
  28. Fichman RG.  2004. Going Beyond the Dominant Paradigm for Information Technology Innovation Research: Emerging Concepts and methods. Journal of the Association for Information Systems. Vol. 5, Issue 8, Article 11.
  29. Gilchrist Bruce. 2001. Coping with Catastrophe: Implications to Information Systems Design. Journal of the American Society for Information Science. pp: 271-278
  30. Jackson, C.I. 1984. Honor in Science. New Haven: Sigma Xi, The Scientific Research Society
  31. Jamal K, Maier M, 2003. Privacy in E-Commerce: Development of Reporting Standards, Disclosures and Assurance Services in an unregulated market. Journal of Accounting Research. Volume 41. Issue 2. pp: 285.
  32. Lammle Todd. 2005. CCSP: Complete Study Guide. Sybex Publications, NY, US.
  33. Laura Widyantoa, Mark Griffithsa. 2007. Psychology and the Internet (Second Edition: Chapter 6 – Internet Addiction: Does It Really Exist?. Intra-personal, Interpersonal, and Transpersonal Implications. pp: 141-163
  34. Litan, A. 2006. Increased Phishing and online Attacks Cause Dip in Consumer Confidence, New York, NY: Gartner Inc.
  35. Liu C and Arnett KP. 2006. An examination of privacy policies in Fortune 500 web sites. Mid American Journal of Business. Volume 17. Issue 1. pp: 13-21.
  36. Lock, S. 1984. Repetitive publication: a waste that must stop. Brit. Medical. Journal. Volume 288. pp: 661-662
  37. Luo XM. 2007. Trust production and privacy concerns on the Internet: A framework based on relationship marketing and social exchange theory. Industrial marketing management. Volume 31. Issue 2. pp: 111-118
  38. Mishkin, B. 1998. Responding to scientific misconduct: due process and prevention, Published 1988. JAMA 260:1932-1936
  39. Milberg SJ, Smith HJ. 2005. Information privacy: Corporate management and national regulation. Organization Science. Volume 11. Issue 1. pp: 35-57
  40. Milne GR, Boza ME. 1999. Trust and concern in consumers perceptions of marketing information management practices. Journal of Interactive Marketing. Volume 13. Issue 1. pp: 5-24.
  41. Mulpura, S., C. Johnson, B. McGowan, and S. Wright. 2008. US eCommerce Forecast: 2008 to 2012. Cambridge, MA: Forrester Research Inc.
  42. McCall, T. 2007. Phishing Attacks Escalated in 2007. Stamford, CT: Gartner Inc.
  43. Neher, A. 1967. Probability pyramiding, research error and the need for independent replication. Psychological. Record. Volume 17. pp: 257-262
  44. Nelson Barry L. 2003. Stochastic Modeling: Analysis & Simulation. Dover Publications
  45. Newman Jessica Clark.  2002. The Differential Effects of Face-to-Face and Computer Interview Modes. American Journal of Public Health. Volume 92. Issue 2. pp: 294-297
  46. No Won Gyun. 2007. An empirical investigation of Internet Privacy: Customer behavior, companies privacy policy disclosures and a gap. PhD Thesis, University of Waterloo, Ontario, Canada.
  47. Oppenheim, A.N. 1992. Questionnaire Design, Interviewing and Attitude Measurement. Pinter Pub Ltd.
  48. Pachauri M. 2006. Consumer Behavior: a Literature Review. The Marketing Review. Volume 2. Number 3. pp. 319-355.
  49. Peltier Thomas R.  2007. Information Security Policies and Procedures: A Practitioner’s Reference, Second Edition. Auerbach Publications
  50. Preston W. Curtis. 1999. UNIX Backup and Recovery. NY: O’Reilly Media, Inc.
  51. Pinsonneault Alain, Kraemer Kenneth L. 2007. Survey research methodology in management information systems: an assessment. Journal of Management Information Systems. Volume 25, Issue 8. pp: 83-97
  52. Rothstein Philip Jan. 2007. Disaster Recovery Testing: Exercising Your Contingency Plan. Rothstein Associates Inc.
  53. Sarathy R, Robertson CJ. 2006. Strategic and ethical considerations in managing digital privacy. Journal of Business Ethics. Volume 46. Issue 2. pp: 111-126.
  54. Stewart KA and Segars AH. 2005. An empirical examination of the concern for information privacy instrument. Information Systems Research. Volume 13. Issue 1. pp: 36-49
  55. Song Chunyan. 2002. Innovations in Survey Research: An Application of Web-Based Surveys. Social Science Computer Review. Volume 20. Issue 1. pp: 22-30.
  56. Silverman David. 2001. Interpreting Qualitative Data: Methods for Analyzing Talk, Text and Interaction, Second edition. Sage Publications.
  57. Tashakkori, A., and C. Teddlie. 2003. Handbook of Mixed Methods in a Social and Behavioral Sciences. Eds ed. Thousand Oaks, CA: Sage Publishing
  58. Toigo Jon William. 2005. Disaster Recovery Planning: For Computers and Communication Resources. Wiley; Publications.
  59. Tipton Harold F. 2006. Information Security Management Handbook, Fifth Edition. AUERBACH Publications.
  60. Tufte Edward R. 2001. The Visual Display of Quantitative Information, 2nd edition. Graphics Press, London, UK.
  61. Westin AF. 2003. Social and Political Dimensions of Privacy. Journal of Social Issues. Volume 59. Issue 2. pp: 431-453.
  62. Yin Robert K. 2002. Case Study Research: Design and Methods, Third Edition, Applied Social Research Methods Series, Vol 5. Sage Publications, Inc.


A1. Questionnaire Used for the Research

Name of Responder:
Email ID:
1. Do you use web forms to collect information from customers?
2. If the answer to the above question is Yes, do you ask customers to authenticate a privacy statement or obtain consent, in the form?
3. Do you offer Opt Out options for customers?
4. Do you use third party seals and signatures when using ActiveX controls on the website?
5. Do privacy signals such as presentment and availability of privacy statements affect consumer perceptions of perceived security control and consequently consumer behavior to purchase online?
6. Do you embed cookies while asking customers to enter their details in the website?
7. What kind of information do you collect from customers:
Contact Details
Income and expense details
Family Size
Banking and Credit Card Information
Products and services interested
8. Do you use secure 128 bit encryption when customers login to your website?
9. Do you use Firewalls to protect your servers?
10. Do you use mirror servers and do all the servers have the same level of security as the central servers?
11. How is customer information protected in your workplace from your employees?
Give selected access to certain grades of employees
Give access on need to know basis for employees
Ask employees to record voice transactions with customers
12. Do you have an information security policy in your organization? If yes, then restrictions on employees are for:
Email account restriction
Attachment beyond a certain size is not allowed
All personal mails are scanned using key word heuristics
Employees not allowed to carry inside: Camera Phones, USB drives, MP3 players, etc.
Printouts not allowed to be carried outside the office premises, unless authorized.
13. Do you have a DRP system in place?
14. How fast can you recover data if the system crashes?
15. How confident are you that current technologies can protect customer privacy?
Disagree, Some what Agree, Agree, Strongly Agree
16. Have there been any incidents of data theft or attempts at hacking in your organization?
17. Do you expect customers to take measures to protect themselves such as: Anti Virus solutions, personal firewalls, Spam Filters, common sense while replying to mails?
18. When was the last time that you conducted an audit of your personal privacy information systems?
19. Do you regularly check your logs to find and remove spurious registrations?
20. Do you log the IP of the computer when a connection request is made?
21. How would you rate your organizations personal privacy information policies: Needs improvement; Good, Constantly Improving.
Additional Comments: