Atanu LTU DT 0765 SE

2007:65
DOCTORA L T H E S I S
A Trust-Privacy Model of Customers’ Willingness to

be Profiled and to Transact Online
- Theoretical Model and Empirical Estimation
Atanu K. Nath
Luleå University of Technology

Department of Business Administration and Social Sciences
Industrial Marketing and E-Commerce Research Group
2007:65|: -1544|: - -- 07⁄65 -- 

Doctoral Thesis
A TRUST-PRIVACY MODEL OF CUSTOMERS’ WILLINGNESS TO

BE PROFILED AND TO TRANSACT ONLINE: THEORETICAL
MODEL AND EMPIRICAL ESTIMATION
Atanu K Nath
Luleå University of Technology

Department of Business Administration and Social Sciences
Industrial Marketing and E-Commerce Research Group
ii
Abstract
Privacy concerns are cited to be on the rise due to intense personalization efforts by online
firms. Alongside, trust placed in stores has been identified as a key component behind
consumer willingness to transact online. In this paper we examine the concepts of trust, risk
perceptions, privacy concerns and consumer willingness to disclose information online with
the consumer willingness to transact online as the desired outcome. Based upon the literature
review, the thesis is divided into two parts and follows a multistage research methodology.
Study A adopts a qualitative research approach using in-depth interviews and analyses
respondent data using a cognitive mapping tool to chart the decision flow of participants. The
results confirm the presence of several antecedents in individual customers’ willingness to
disclose information online. It also identifies the presence of an additional variable as a
possible antecedent to trust formation.
Based upon the theoretical foundation laid down and the results obtained from Study A, the
latter part of the thesis (Study B) proposes and empirically tests a theoretical model aimed at
holistically examining the factors behind consumers’ willingness to be profiled online and
their willingness to partake in transactions. A survey was conducted among users of a
popular voice over internet protocol service, and a proposed model based on hypothesized
relationships was tested for fit using structural equation modeling. Results further confirm
the presence of the locational variable suggested by study A, as well as indicate that privacy
concerns is not a uni-dimensional factor as suggested by earlier research, but rather a bi-
dimensional factor – involving willing and unwilling disclosure scenarios. Perceived risk and
three categories of trust are found to be the more important criteria when faced with a
transaction scenario. Also, notably, reputation is found to be a surrogate of familiarity in
case of an online firm. Furthermore, no significant relationship was found between
willingness to disclose information and willingness to transact, indicating that while assuring
customers about privacy concern related factors can lead to potential customers becoming
willing to disclose their data online, the same may not be enough to influence their
willingness to transact.
iii
iv
Acknowledgements
There have been people too numerous along this journey to thank in so brief a manner. My
gratitude foremost goes to Professor Esmail Salehi-Sangari, Chair Professor at the Division of
Industrial Marketing & E-Commerce, Luleå University of Technology, for being the teacher,
mentor, and the exemplary human being that he has been to me. The thesis would certainly
not have borne fruition without him; however, that pales compared to the ways he keeps
enriching our lives every day. I would like to express my thanks and gratitude to my
supervisor, Professor Moez Limayem, Chair of the Information Systems Department at the
Sam Walton College of Business, University of Arkansas. He has been as much a part of this
journey as I have been, providing guidance, knowledge, and inspiration in countless ways. It
has been my honor and privilege to know you both, thank you.
My thanks go to my friends and colleagues at the Division of Industrial Marketing and E-

Commerce. The suggestions and lively discussions we held have immensely helped the
research work. My special thanks go to Tatiana Lilljeström and Carola Strandberg, two
extraordinary people who have tirelessly eased my efforts and helped me in so many ways all
these years. I would also like to thank the respondents who selflessly took their time off and
participated in my research. I would like to particularly thank and express my gratitude to
Prof. Uday Kumar, Dr. Rupesh Kumar, and Mrs. Renu Sinha, who have constantly provided
their guidance and support everyday, and have become our family away from home.
On a personal note, my gratitude goes to my parents, Anil and Swapna Nath, for their
unwavering love and support in any and all of my undertakings. Their love, the knowledge
they have imparted and the values they instilled in me are the most precious gifts one can
possibly have or wish for. While I can never hope to repay them, this dissertation is a very
small acknowledgement of their contributions. I would also like to thank my siblings, Ankan
and Sayantani, my sis-in-law Shudipa, and everyone else in my family for their constant
encouragement, support, and love in keeping me going. I would also like to respectfully
remember my father-in-law late Chintaharan Saha and my grandfather late Dinesh Debnath,
who would have been proud to see this day.
Last but not the least by any means, my love, appreciation, and gratitude goes to my wife,
Parmita Saha. Despite her own workload, she has been the constant in life’s equation, as a
companion, research partner, and as a friend. Thank you.
Atanu K Nath
Luleå, Sweden.
November 14, 2007.
v
vi
To,
My parents,
Anil C. Nath and Swapna Debnath
vii
viii
Table of Contents
1.0 Introduction .......................................................................................................................... 1

1.1 Evolution and nature of privacy concerns in the age of information ............................... 2
1.1.1 Skewed Equity in a surveillance society ................................................................... 2
1.1.2 Differing views on Usefulness of online personalization strategies: ........................ 3
1.2 Privacy concerns and consumer participation in e-commerce ......................................... 4
1.2.1 The cost benefit trade-off .......................................................................................... 5
1.3 Trust, risk, and the willingness to transact ....................................................................... 8
1.4 Research problem identification: ................................................................................... 11
1.5 Motivation and Expected contributions of the thesis:.................................................... 12
1.6 Outline of the study:....................................................................................................... 15
1.6.1 What to expect within chapters: .............................................................................. 18
1.7 Delimitations of the study: ............................................................................................. 21
Chapter 2 .................................................................................................................................. 23
2.0 Literature Review............................................................................................................... 23
2.1 Consumer Control and Privacy Concerns ...................................................................... 23
2.2 Typology of Trust and its antecedents ........................................................................... 31
2.2.1 Disposition to trust .................................................................................................. 32
2.2.2 Institution based trust .............................................................................................. 33
2.2.3 Cognition based trust............................................................................................... 35
2.2.4 Knowledge based trust: familiarity with web vendor ............................................. 36
2.3 Trusting belief vs. trusting intentions in trust related behavior...................................... 38
2.4 Trust and Perceived Risk................................................................................................ 39
2.5 Perceptions of vulnerability ........................................................................................... 43
2.6 Perceived size of a web vendor:..................................................................................... 45
2.7 Reputation: ..................................................................................................................... 46
2.8 The interplay of trust antecedents and factors behind privacy concern ......................... 47
2.9 Previous privacy invasion: ............................................................................................. 48
2.10 A Social contract theory perspective............................................................................ 49
2.11 Information transparency and Privacy policies as privacy protection measures ......... 51
2.12 Procedural fairness : Consistency in usage of data and disclosure .............................. 53
2.13 Customer knowledge of privacy protection measures ................................................. 54
Chapter 3 .................................................................................................................................. 57
Presentation of Study A............................................................................................................ 57
3.1 Introduction ................................................................................................................... 58
3.2 Theoretical Development ............................................................................................... 60
3.3 Summary of factors affecting willingness to disclose information online:.................... 65
3.4 Privacy Leverage Strategic focus areas for enterprises.................................................. 67
3.5 Methodology .................................................................................................................. 68
3.6 Analysis.......................................................................................................................... 72
3.7 Charting the cognitive maps of the respondents: .......................................................... 74
3.8 Findings.......................................................................................................................... 78
3.9 Conclusion...................................................................................................................... 79
3.9.1 Theoretical Contributions........................................................................................ 79
3.9.2 Implications for companies and managers .............................................................. 80
3.9.3 Limitations of the study........................................................................................... 81
ix
3.9.4 Directions for further research ................................................................................ 81
Chapter 4 .................................................................................................................................. 87
4.1 Frame of reference ............................................................................................................. 87
4.2 Hypotheses formulation: ................................................................................................ 92
4.2.1 Consumer control over information ........................................................................ 92
4.2.2 Trust ........................................................................................................................ 94
4.2.4 Perceived risk .......................................................................................................... 95
4.2.6 Perceived size:......................................................................................................... 98
4.2.7 Reputation: .............................................................................................................. 99
4.2.8 Familiarity with vendor:.......................................................................................... 99
4.2.9 Originating location of vendor: ............................................................................. 100
4.2.10 Privacy concerns: ................................................................................................ 101
4.2.11 Previous Online privacy invasion: ...................................................................... 104
4.2.12 Information Transparency:.................................................................................. 105
4.2.13 Privacy policies: .................................................................................................. 106
4.2.14 Demographics: .................................................................................................... 107
4.3 Research model proposition:........................................................................................ 109
Chapter 5 ................................................................................................................................ 113

Methodology .......................................................................................................................... 113
5.1 Identifying the knowledge claim positions: ................................................................. 114
5.2 Notes on evaluating the structural equation model and results:................................... 115
5.3 On Usage of formative versus reflective indicators: .................................................... 116
5.4 Application of modification indices:............................................................................ 117
5.5 On issues specific to justifying and interpreting second order factor models:............. 118
5.5 Reporting of results: ..................................................................................................... 119
5.6 On Capitalization on chance: ....................................................................................... 120
5.7 On over-reliance on fit measures (absolute and descriptive): ...................................... 120
5.8 Identifying units of analysis: ........................................................................................ 121
5.9 Data Collection............................................................................................................. 121
5.10 Technical design issues .............................................................................................. 122
5.11 Survey design issues................................................................................................... 123
5.12 Incentives and anonymity........................................................................................... 124
5.13 Sample selection & limitations .................................................................................. 124
Chapter 6 ................................................................................................................................ 127

Discussion on Results and Analysis....................................................................................... 127
6.1 Missing values:............................................................................................................. 127
6.1.1 Note on recoding of some variables:..................................................................... 128
6.2 Scale Reliability analysis: ............................................................................................ 128
6.4 Descriptives.................................................................................................................. 137
6.4.1 Data transformation:.............................................................................................. 137
6.4.2 Skewness and Kurtosis of the distribution: ........................................................... 138
6.5 Correlations analysis .................................................................................................... 139
6.6 Confirmatory factor analysis (CFA) for variables within the model: .......................... 150
6.6.1 CFA – Control over information (CI) ................................................................... 150
6.6.2 CFA – Familiarity (F) ........................................................................................... 153
6.6.3 CFA – Information Transparency (IT).................................................................. 155
6.6.4 CFA – Location (LC) ............................................................................................ 158
x
6.6.5 CFA – Privacy Concerns (PC) .............................................................................. 160
6.6.6 CFA – Perceived Risk (PR) .................................................................................. 164
6.6.7 CFA – Perceived Vulnerability (PV) .................................................................... 165
6.6.8 CFA – Trust (T)..................................................................................................... 169
6.6.9 CFA – Reputation of vendor (RV)........................................................................ 177
6.6.10 CFA – size of the vendor (SV)............................................................................ 178
6.6.11 CFA – Willingness to be profiled (WP).............................................................. 180
6.6.12 CFA – Willingness to transact online (WT)........................................................ 181
6.7 SEM modelling of relationships:.................................................................................. 182
6.7.1 Nested model estimation: ...................................................................................... 200
6.8 Evaluation of the model(s) and Discussion on the state of hypotheses: ...................... 208
6.8.1 Problems of multicollinearity................................................................................ 208
6.8.2 Hypothesis discussion: .......................................................................................... 213
6.8.4 Summary of the status of null hypotheses:............................................................ 228
Chapter 7 ................................................................................................................................ 233

Findings, conclusions, and contributions ............................................................................... 233
7.1 Introduction .................................................................................................................. 233
7.2 Findings and conclusions drawn: ................................................................................. 236
7.2.1 On identification of factors behind customer willingness to disclose information
with an online merchant and associated relationships (RQ1): ....................................... 236
7.2.2 On identification of factors behind customer willingness to transact with an online
merchant and associated relationships (RQ2): ............................................................... 237
7.2.3 On effect of willingness to disclose information online on willingness to transact
(RQ3):............................................................................................................................. 241
7.3 Theoretical contributions: ............................................................................................ 242
7.4 Managerial implications:.............................................................................................. 243
7.5 Avenues for further research:....................................................................................... 245
References .............................................................................................................................. 247
Appendix I.............................................................................................................................. 255

Missing value replacement table within variables ............................................................. 255
Appendix II ............................................................................................................................ 256
Inter-item descriptives and Correlation Matrices............................................................... 256
Appendix III ........................................................................................................................... 265
Histograms of distributions with normal curve.................................................................. 265
Appendix IV........................................................................................................................... 269
Demographic representations................................................................................................. 269
Appendix V ............................................................................................................................ 272
The survey and scale items..................................................................................................... 272
xi
xii
List of Tables
Table 1: States of privacy with regard to control ..................................................................... 25

Table 2 : Control and knowledge of online surfing and purchasing activities......................... 27
Table 3 : Taxonomy of privacy states in an offline context..................................................... 28
Table 4: Proposed taxonomy of privacy states linked to control in an online context ............ 30
Table 5: Summary of factors affecting willingness to disclose information............................ 65
Table 6: Degrees of emphasis placed upon variables within cases.......................................... 72
Table 7: Goals, key factors, and outliers in determinants of willingness................................. 76
Table 8: Operationalization of variables .................................................................................. 89
Table 9: Hypothesis summary................................................................................................ 109
Table 10: Alternative knowledge claim positions.................................................................. 113
Table 11: Nature of enquiry and research approach .............................................................. 115
Table 12: Interpreting correlation coefficient ranges ............................................................. 139
Table 13: Unstandardized and standardized estimates and CR of accepted model fit........... 196
Table 14: Unstandardized and standardized estimates and CR of nested model fit .............. 204
Table 15: Summary of the status of null hypotheses ............................................................. 228
xiii
xiv
List of Figures
Figure 1: Linking the two studies............................................................................................. 17

Figure 2: Thesis outline............................................................................................................ 18
Figure 3: Activity schema ........................................................................................................ 19
Figure 4: High level model of initial formation of trust........................................................... 34
Figure 5: Research model of Trust and TAM in online shopping ........................................... 37
Figure 6: Web Trust Model...................................................................................................... 39
Figure 7: Mayer Davis Schoorman Model of trust .................................................................. 40
Figure 8: Research model of consumer trust in an Internet based store .................................. 42
Figure 9: Model of antecedents to Internet privacy concerns .................................................. 44
Figure 10: Privacy - Trust - Behavioral Intention Model......................................................... 47
Figure 11: Model of Online Information Disclosure ............................................................... 49
Figure 12: A social contract framework for direct marketing.................................................. 51
Figure 13: Research model of willingness to be profiled online.............................................. 53
Figure 14: The privacy leverage point ..................................................................................... 54
Figure 15: Conceptual model of linkage between comprehension and trust ........................... 55
Figure 16: Privacy Leverage areas for enterprise strategic focus ............................................ 68
Figure 17: Cognitive map of Online Information Disclosure in case 1 .................................. 74
Figure 18: Cognitive map of Online Information Disclosure in case 2 ................................... 75
Figure 23: A unified cognitive map of online information disclosure..................................... 77
Figure 24: A theoretical conceptualization of trust in e-commerce ......................................... 88
Figure 25: Proposed framework of Trust factors in willingness to transact online ............... 104
Figure 26: Proposed Privacy – Trust model of willingness to be profiled and to transact online
................................................................................................................................................ 112
Figure 27: Schema of quantitative analysis............................................................................ 127
Figure 28: CI CFA model....................................................................................................... 152
Figure 29: Control over information CFA measurement model ............................................ 152
Figure 30: CFA model familiarity (initial)............................................................................. 154
xv
Figure 31: CFA model familiarity (respecified) .................................................................... 155
Figure 32: CFA model IT (initial).......................................................................................... 156
Figure 33: CFA model IT (respecified).................................................................................. 157
Figure 34: CFA model location.............................................................................................. 159
Figure 35: CFA model PC (initial)......................................................................................... 161
Figure 36: CFA model PC (respecified) ................................................................................ 162
Figure 37: CFA PC respecified (split constructs) .................................................................. 163
Figure 38: CFA model PR...................................................................................................... 165
Figure 39: CFA model PV (initial) ........................................................................................ 166
Figure 40: CFA model PV (respecified) ................................................................................ 167
Figure 41: CFA alternate model PV....................................................................................... 168
Figure 42: CFA model Trust (initial) ..................................................................................... 170
Figure 43: CFA model Trust 2 split ....................................................................................... 172
Figure 44: CFA model Trust 2 split respecified..................................................................... 173
Figure 45: CFA model Trust (3 split)..................................................................................... 175
Figure 46: CFA model Trust (3 split respecified) .................................................................. 176
Figure 47: CFA model SV -a ................................................................................................. 179
Figure 48: CFA model SV -b ................................................................................................. 179
Figure 49: CFA model WP..................................................................................................... 180
Figure 50: CFA model WT .................................................................................................... 181
Figure 51: Path model partial construction ............................................................................ 184
Figure 52: run of partial model 1 ........................................................................................... 185
Figure 53: Respecified partial model ..................................................................................... 188
Figure 54: Full measurement model....................................................................................... 192
Figure 55: model run I............................................................................................................ 193
Figure 56: Respecification of measurement model................................................................ 195
Figure 57: Nested measurement model.................................................................................. 202
Figure 58: Respecified nested model ..................................................................................... 203
Figure 59: Illustration of research model following accepted relationships .......................... 231
xvi
Chapter 1
1.0 Introduction
A TRUST-PRIVACY MODEL OF CUSTOMERS’ WILLINGNESS TO BE

PROFILED AND TO TRANSACT ONLINE: THEORETICAL MODEL AND
EMPIRICAL ESTIMATION
In recent years, the growth of information technology has acted as an enabler in adoption of
the internet by the masses, allowing usage of the internet in obtaining information, goods, and
services (Dinev, Hart, 2002). Enterprises today are placing an ever increasing importance on
their ability to collect, analyze, and respond to user information (Awad, Krishnan, 2006).
Dinev and Hart (2003) mention added efficiency and qualitative benefits that further drive
companies to gather, process, and store consumer data. Sifting of this data allows for more
refined development, marketing, and distribution of products or services in a more efficient
manner, leading to gaining a competitive advantage (Dinev, Hart, 2003; Farag, Krishnan,
2003). The networked environment prevalent today has enabled collection and coding of
customer information and combines them to develop full, integrated profiles of customers and
their behaviour (Rombel, 2001), ostensibly to provide better services, learn customer
preferences, and engage in effective customer relationship management practices. The
smallest possible compilation of elements that has meaning and value to the customer
(Franzak, Pitta, and Fritsche, 2001) is where newer technologies are being put into use now,
to achieve fulfilling individual user needs and tastes. However, in the pursuit of competitive
advantage, it is imperative to recognize there are two sides to a marketing exchange, and there
are sets of rights and duties on both sides; as well as a need to consider the ethical issues of
human dignity and value, autonomy, territoriality, anonymity, security, and protection
(Mascarenhas, Kesavan, and Bernachhi, 2003). A risk of customer alienation may arise when
enterprises end up pushing the edges of how far a consumer might be willing to go.
1.1 Evolution and nature of privacy concerns in the age of information
1.1.1 Skewed Equity in a surveillance society
Consumers today profess to be increasingly concerned with divulging personal information

online as they become aware that more and more data on their internet usage pattern is being
collected and organized without their explicit knowledge or agreement (Andrade, Kaltcheva,
2001). Several empirical studies have reported growing privacy concerns across populations
(Acquisti, Grossklags, 2005; Ackerman, Cranor, and Reagle, 1999). With the pervasiveness of
an ‘information culture’ in our society today, it is conceivable that research interest continues
to grow in information privacy issues, particularly with the increase in information technology
applications and its varied uses (Dinev, Hart, 2003). Some researchers have gone so far as to
suggest that modern western societies are surveillance societies (Lyon, 2001). The creation,
collection, processing, and utilization of data about consumer preference and citizen
behaviour have become a ubiquitous phenomenon which is no longer limited to corporate
marketing activities, but government agencies are engaging in similar practices through usage
of information systems. The intentions are often noble, such as preventing frauds or terrorist
activities. But Gilliom (2001) states that regardless of the intentions the monitoring and
profiling practices confirm the presence of a surveillance society in which institutions are
gaining power over individuals. This partly may explain why there have been increasing
concerns about privacy (Farag, Krishnan, 2003; Equifax 1996; Westin 1997; Harris and
Westin, 1998).
This inequity, or institutional dominance over individual is not limited to the arena of state
sanctioned profiling of citizens only. Prabhaker (2000) has identified a significant relationship
asymmetry in what the internet means to individuals versus companies. He states that the
capability to leverage this technology is far higher for companies than for individual
customers; caused due to unequal resources, and leading to asymmetric information
availability.
Two drivers of asymmetry are identified:
2
a. Economies of scale: individual consumers do not have the transactional volumes to
harness the full capabilities of web technologies unlike the companies. Alongside,
organizations are far ahead of individuals in terms of knowledge of online
technologies and in understanding and leveraging their capabilities (Prabhaker, 2000).
As a result, the typical online user is unaware of how their privacy and security can be
compromised (Seldon, 1997).
b. Economies of sharing: consumer information earlier maintained by companies with

their own computers today resides in giant databanks accessed by globally networked
computers (Kakalik and Wright, 1996). This sharing in the cost of technology tilts the
balance in favour of the industry. Shared technology results in enormous volumes of
information being made available to firms at very low costs, without each firm having
to collect its own (Prabhaker, 2000).
Based on the above two drivers of asymmetry, Prabhaker (2000) states that the market system
will work in heavily pressuring customers to disclose more private information, while creating
no pressure on companies disclose privacy information, thus not creating market benefit to all
parties in an equitable manner.
However, this asymmetric positioning goes against what Day and Montgomery (1999)
describes as a fundamental change in the way markets are perceived now, a shift from looking
at individual transactions to focusing on relationships. But if enterprise information systems
are also geared up to exploit and foster the inequality; then this stance is fundamentally at
odds with the thoughts behind customer relationship building. Whether in government
surveillance or in corporate profiling, there is a pressing need to draw a balance between the
need for enhanced security for citizen protection against addressing privacy concerns to uphold citizen
rights (Dinev, Bellotto, Hart, Colautti et al., 2005).
1.1.2 Differing views on Usefulness of online personalization strategies:
There is also a differing view on the relative importance and usefulness of personalization.
Chellappa and Sin (2005) identify that personalization depends on two crucial factors: one is
the vendor’s ability to acquire and process consumer information; and the other is the
consumers’ willingness to share information and use personalization services. Prior
3
researchers, such as Mascarenhas, Kesavan, and Bernachhi (2003) proposed that online
consumers would willingly transfer their privacy privileges by disclosing information to
marketers under mutually beneficial conditions. Others have claimed that most consumers are
willing to give up some privacy simply to participate in a consumer society (Milne, 2000;
Phelps, Nowak, & Ferrell, 2000). But Chellappa and Sin pose two questions, that to date there
has been no significant research on whether consumers need online personalization at all, or
whether they will use personalization services in the presence of privacy concerns. There is
little or no worth in enterprises refining their customer profiles to the minutest degree, and
perhaps alienating some customers along the process, if customers do not find online
personalization to be useful.
However, there are other usage of online personalization strategies, not directly aimed to
predicting and providing the customer what he/she needs. Alba, Lynch, Weitz et al (1997)
mention personalization as a tool for increasing customer loyalty, and a deterrent to customer
switching. Alba et al (1997) correctly identify that retailers and retail formats are in
competition with each other in the type of information they convey to their customers. But
Chelappa and Sin (2005) perhaps is closer to the truth when they highlight that online
personalization is viewed as a competitive necessity since every other online vendor offers
personalization. However, as Pine, Peppers, Rogers (1995) point out, customers may face
inertia in switching vendor if they have entered personal information with a web based retailer
already, even in the face of price differences. Thus online customization mechanisms may be
more successful as a tool for ensuring customer retention, rather than a tool for tailoring of
products. Geffen, Karhanna, and Straub (2003) confirm that retention of customers is a
financial imperative for firms operating online, particularly in view that attracting new
customers is often ten times more expensive when compared to similar brick and mortar
stores (Reichheld, Shefter, 2000; Karimi, Somers, Gupta, 2001).
1.2 Privacy concerns and consumer participation in e-commerce
Farag and Krishnan (2003) hypothesize that consumer concern over types of information
collected and how they are used subsequently affect whether they are willing to be profiled
online. Graeff and Harmon (2003) stated that consumers are likely to harbour a belief that
marketers make a profit at their expense if they sell the information about their purchase
patterns to third parties; and may consequently turn away. Farag and Krishnan (2003) further
4
contend that customers may be willing to let their activities be monitored and agree for
profiles to be created as long as they are aware of the profile being created by farms. The
hypothesis partially supports Mascarenhas, Kesavan, and Bernachhi’s (2003) claim of online
consumers willingly transferring their privacy privileges under mutually beneficial conditions
but falls short of Mascarenhas et al’s blanket endorsement of enterprise information practices.
Sheehan (2002) suggests that concerns over privacy are highly contextual. Faja (2005)
elaborates the above by stating that customers have thresholds of privacy concerns, when
engaging in online activities. Tweney (1998) states that despite customers regularly profess
concerns over privacy and affinity for privacy protection, yet they provide significant amount
of personal information when offered an incentive. This view corresponds with the findings of
Mascarenhas, Kesavan, and Bernachhi (2003).
This affinity for privacy juxtaposed with disclosure of information online for services
identifies a conflict between privacy on one hand, and other consumer interest on the other.
The conflict arises out of a necessity to receive a desired level of service (Faja, 2005). Milne
and Gordon (1993) addressed this issue in their seminal paper on privacy-efficiency trade off,
and identified the presence of an implied social contract that acts as a catalyst in resolving
such conflict for consumers. A social contract is centred upon the role of norms of behaviour
(Milne, Gordon, 1993) acceptable to and relied upon by both parties in a transaction.
Kaufman, Edlund, Ford, and Powers (2002) have defined a social contract as a set of rules
constraining the behaviour of individuals and groups, designed to protect the individual, and
also simultaneously benefiting the society as a whole. Faja (2005) interprets social contract in
the context of technology to be accepted conventions between people that evolve as they
adapt to new technologies. This would imply consumers will enter into social contracts with
online entities as long as they perceive the benefits to exceed risks (Dhillon, Moore, 2001).
This puts the onus onto companies regarding assurance of customers and making benefits as
well as risks explicit.
1.2.1 The cost benefit trade-off
The above view is supported by Andrade and Kaltcheva (2001), who rely on the theory of
self-disclosure and identify that companies interacting with customers on the internet employ
several strategies to alter the ‘cost-benefit trade-off’, with a view to inducing customers
5
towards disclosure of information online. Explicit or tangible assurance and benefits on a web
site can be part of such strategies. The benefits offered could take the form of rewards for
disclosing personal information. They further identify that companies use extensive privacy
policies in order to cut down on such costs in obtaining customer information in an attempt to
compensate the cost-benefit trade-off. Other measures may include developing a reputation
for trustworthiness that can also offset a perception of risk (Andrade et al, 2001), or cost and
thus shape the trade-off more favourably towards the customer.
Jourard (1971) identified two elements of self-disclosure – the quantity (breadth), and the
quality (depth) of personal information that is disclosed. Self-disclosure in an online setting is
further explored by Collins and Miller (1994), Moon (2000). The research contends that self-
disclosure behaviour is conducted by individuals in terms of cost-benefits achieved, in the
same manner as identified in the social exchange theories propounded by Ajzen (1977). Moon
(2000) further found evidence of people interacting in electronic communications in a similar
fashion as in interpersonal communication. This prompts the conclusion that interpersonal
theories stemming in self-disclosure is applicable in the context of electronic communications
also (Andrade Kaltcheva, 2001).
As has been said before, there is a possible cost-benefit trade-off that is considered by a
consumer in disclosure or participating in transactions online. One of the costs in case of self-
disclosure consists of personal information being traded without consent or in an unfair
manner with a third party vendor.
Andrade et al (2001) finally identify the nature of the information itself being provided to the
company to have an effect upon the resultant degree of concern over information disclosure.
They contend that information containing personally identifiable bits of data or sensitive
information such as one’s medical history would carry a greater cost in the trade-off.
Bracun (2003) identifies electronic payment to be a crucial part of electronic commerce, and
states that with the increase in the number of virtual stores, the ability to perform payment
transactions over the internet has become more and more important. Kalakota and Whinston
(1997) identify electronic payment as a financial exchange taking place between buyers and
sellers in an online setting, and state that the exchange comprises of digital financial
instrument, either in the form of encrypted credit card numbers, electronic checks, or digital
6
cash. The exchange of such digital financial instrument is usually back up by a bank, legal
tenders, or some other intermediary.
Crocker and Stevenson (1997) identify that building confidence in internet payment systems
is among the key obstacles to the widespread use of electronic payments. Giddens (1990)
observes that confidence is built up from a development of faith in accepted tokens such as
money, and expert systems. Bracun (2003) draws a fine line between trust and confidence in
this regard, observing that trust is “vested in the retailer or consumer behaviour, confidence is
vested in the probable outcome of one’s own performance of e-payments.” Thus trust is
defined as a function of the retailer’s or consumer’s actual performance, where as confidence
is a function of the consumer’s own belief in his or her ability to perform in a given system.
In any interaction there lies uncertainty because one becomes vulnerable, perhaps due to a
possible betrayal of trust, if we take the assumption that trust is a function of retailer behavior.
In a physical marketplace the uncertainty can be lessened due to a number of face to face
mechanisms that alleviate such uncertainty (Bracun, 2003). However, the internet is populated
with mostly anonymous users, thus increasing the risk of using electronic payment systems
online. Jarvenpaa et al (1999) identified risk perception to be a key factor in B2C e-commerce
environments. This is seconded by Pavlou (2003) who stress that perceived risk and trust are
central to e-commerce expansion since a heightened perception of risk would result in a
higher degree of uncertainty when embarking upon an e-transaction. Driscoll (1997)
identified fear of compromised data in a financial transaction conducted over the internet as a
key factor in consumer non-participation in electronic transactions. However, Pavlou (2001)
finds that such hesitance to be a function of perception rather than a reflection on actual lack
of security mechanisms.
Bracun (2003) further identifies convenience and confidence, security and privacy being two
components of confidence, that affect a customer’s willingness to pay, and conversely a
merchant’s willingness to accept such payment through the internet. Neuman (1996) identifies
ease of registration, avoidance of additional download of software to perform tasks,
acceptability, interface friendliness, ease of integration, and ease of use to be components of
customer convenience in an electronic payment system.
7
While it has been less researched, despite the internet being a borderless phenomenon, it is
possible that the location of the originating company and the ensuing legal system(s) within
which the transactions are taking place can also have an impact on willingness to transact on
customers’ part. Adequate protection and redress mechanisms are essential for any secure
online payment systems. Bracun (2003) observes that such redress mechanism also assures
the customer that there is a degree of third party control over the transaction situation.
Simmel (1996) observes that efficient economic systems and a stable monetary system are
preconditions for customer confidence in general, thus it may be ventured that a stable
internet payment system (Bracun, 2003) is also warranted for a functional electronic
commerce setup. This again draws attention towards originating location of a company online
as a possible antecedent of consumer willingness to transact; as it may be hypothesized that an
online entity originating and operating from a region or a country offering a more stable
monetary and legal system may offer sufficient assurance as to a redress or legal recourse to
compensate for the risks perceived within the e-commerce payment systems, as discussed
before.
1.3 Trust, risk, and the willingness to transact
Jarvenpaa and Tractinsky (1999) identified that trust that can be placed on an internet store
has a positive impact on a consumer’s willingness to buy. However, they observed that this
relationship was moderated by the perception of risk. This view is supported by Pavlou (2003)
who stated that there are mediating effects of risk perception on the positive linkage between
trust and buying intentions. Gefen Karhanna and Straub (2002) however identified a direct
positive relationship between trust and willingness to purchase, without the need to be
moderated by risk perception. Bracun (2003) observes that the above studies have a singular
focus on the web retailer, and as such the burden of trust is inevitably placed upon the vendor.
Bracun (ibid.) cites Luhrmann (1988) and proposes studying online payment systems in a
broader socio-economic and technical context; thereby equating confidence with trust not
only in a vendor, but in the system. Thus confidence is transformed into trust when exogenous
environmental variables are introduced, exclusive from the trust vested in the vendor. In this
paper, a macro view of trust is adopted; we do not explore trust in vendor in a manner isolated
from other possible moderating environmental variables.
8
There is further argument behind the need to study willingness to transact and its relationships
with its antecedents taking into account the exogenous variables, and not just a single vendor
focused view. The role of risk perception has been mentioned earlier as a possible component
in the relationship web. Bracun (2003) and Ratnasingham and Kumar (2000) mention risk to
be comprised of two different category of factors, one being environmental risk which is
contextual; and the other being behavioural risk that is built within a relationship.
Environmental risk entails possibilities of fraud, network intrusions, exploitations of web
applications and security breaches etc, they can originate outside of the closed relationship
and the consumer has little or no control over it. This view is seconded by Grabner-Krauter
and Kaluscha (2003), who identify exogenous or environmetal variables, and state that they
comprise of events over which the actors in a transaction have no direct control. Again, in
such a scenario the burden of trust has to be placed upon the vendor by the consumer to
mitigate such risk, also identified as technology risk by Ratnasingham and Kumar (2000) or
as system dependant uncertainty by Grabner-Karuter and Kaluscha (2003). Pavlou (2002,
2003), Jarvenpaa Tractinsky (1999) all showed perceived risk to have a negative effect on
consumer intention to transact with a web site. Gefen Karhanna et al (2002) however found
that perceived risk does not have a significant effect on customer loyalty and their willingness
to transact with a specific vendor.
Grabner-Krauter and Kaluscha (2003) state that the technology risk, or system dependant
uncertainty as they call it, are brought about by internet based transactions, and such risks are
inherent in the implicit uncertainty of open technological infrastructures. They also identify
behavioural risk to be one of the components of risk of transacting on the internet. However
they define it a transaction specific uncertainty, this is a risk arising from the conduct of the
actors involved in an online transaction. It is an endogenous or market uncertainty (Grabner-
Krauter et al. 2003) resulting from conscious decisions partaken by the economic actors
within the transaction itself; the transaction specific uncertainty lies in the potential behaviour
of the internet merchant if viewed from the perspective of the consumer.
Das and Teng (1998) further propose that rational consumers will proceed with an online
transaction if they believe that there are remedies to be had through third party intervention in
case of payment frauds or breach of trust. As such, they link trust with the control available to
customers, with control influencing trust. In this regard, Kini and Choobineh (2000) stress the
importance of ‘situational cues’ as indicators of either possible harmful results or presence of
9
protection measures from such results; they state that such cues can lessen the effects of the
risks related to transactions. We have mentioned location earlier on. It is hypothesized later on
that originating location also can serve as such a situational cue, and thus influencing trust.
There is a need to treat trust as one of the central components in any equation leading to
willingness to transact online on the consumer’s part because online customers show a lower
level of trust for online stores (Culnan, Armstrong, 1999). Hoffman el al (1999) also identify
trust being key to why many customers refrain from transacting online. Koufaris Hampton-
Sosa (2002) identify that even though trust may be the key, establishing the trust is hard to
accomplish because of the virtual nature of a store oftentimes accompanied with a lack of a
physical store, and the lack of face to face interactions. They further state that a general lack
of awareness about the encryption strengths that are used in online stores also lessen trust.
Tan and Thoen (2001) propose a trust model comprised of two components, trust in the other
party and trust in the control mechanisms put in place to ensure secure transactions. This view
then can be tied to the risk components we have talked about earlier on in this chapter, that is,
risk from exogenous variables or technology risk, and risk that builds from within a
relationship or behavioural risk. Prima facie, it would appear then that behavioural risk is
more likely to culminate in trust in the other party; and exogenous variable risk can influence
trust in the control mechanisms. There have been other accepted trust typologies, McKnight
Chaudhury and Kacmar (2001) proposed four trust constructs, disposition to trust, institution
based trust, trusting beliefs, and trusting intentions.
Links between factors influencing trust and its impact on perceived risk in the context of
internet transactions have been explored by other researchers. Jarvenpaa, Tractinsky, and
Vitale (2000) identified company size and reputation to determine levels of trust for
transaction on online websites. They however stated that the effects of such variables are
dependant upon the type of the company’s business. They further identified that risk
perception had a negative relationship with trust, the greater the risk perception the lesser trust
the consumer forms. They identified trust to have a positive effect on the willingness to
transact in a web site.
Finally, it is important to consider the comfort level of the consumer with the internet itself.
Shankar et al. (2002) state that for internet transactions the technology and the internet itself
10
needs to be considered as an object of trust. This is seconded by Grabner-Krauter and
Kaluscha (2003) who state that analysis of trust in the context of e-commerce must consider
impersonal as well as personal forms of trust; the impersonal trust thus puts the focus on how
far the consumer trusts the internet as an object and environment worthy of such.
1.4 Research problem identification:
In light of the discussions above, this paper synthesizes prior literature focusing on trust and
its antecedents as well as privacy concerns behind consumer willingness to disclose
information online and willingness to transact online. The goal is to attempt to identify
strategic privacy leverage areas that enterprises may utilize when transacting and building
relationships with online customers. As has been briefly discussed, previous studies have
identified trust as a key factor in inducing customer participation in e-commerce, while others
have highlighted the role of privacy concerns as antecedent to willingness to be profiled
online. Based upon existing literature, prima facie there are several linkages within the
antecedents of willingness to transact and willingness to be profiled or disclose information
online. This paper examines trust and other antecedents arising out of customer experience
and beliefs regarding informational and financial transactions with an enterprise web
presence; with a view to finding strategic privacy leverage points of customers, leading to
better understanding of a customer in the online environment. The research proposes a model
to examine individuals’ personal construct systems and empirically tests how willingness to
transact is shaped once the privacy factors are assimilated. The model is also tested for any
relationship between the willingness to disclose information online and the willingness to
transact. Thus, the research problem is motivated as:
“The role of trust and privacy concerns in customer willingness to transact with an
online vendor.”
The following research questions are motivated based upon the central themed problem:
“What are the factors responsible for customer willingness to disclose information to an
online vendor?”
11
“What are the factors responsible for customer willingness to transact with an online
merchant?”
“Does willingness to disclose information online have an effect on customers’ willingness

to transact online?”
Here there is a need to deconstruct trust and its resultant actions further for the sake of
clarification. McKnight and Chervany (2002) highlight that there is a difference between
trusting beliefs and trusting intentions. They state that trusting beliefs are related to what the
online consumer believes to be true and expects of an internet merchant. The beliefs are based
upon trust related characteristics of a web merchant. Trusting intention is defined as the
degree to which an online consumer is willing to depend upon any particular vendor in a
given situation in absence of control over such vendor (Mcknight Chervany, 2002). Thus
trusting belief is a construct more general in its nature, and reflects consumer’s expectations;
whereas trusting intentions are more situation specific. We may hazard that trusting intentions
are thus prone to be more volatile because it reacts to a given or particular situation, whereas
trusting beliefs may show more stable patterns, developing over time and maturing with
experience. In real time, this may translate into the fact that a customer may be willing to
disclose personal information to a web merchant – an action more a result of trusting beliefs,
but be willing or unwilling to transact with the merchant based upon his trusting intention in
that particular situation. In this paper, we explore both consumer willingness to disclose
information online, and willingness to transact online. Thus, we acknowledge the distinction,
and following earlier research, both intention and belief constructs are addressed in the
empirical study through the questionnaire. Mcknight and Chaudhury (2002) have also
identified trusting belief to lead to trusting intentions in their web trust model, which
culminates in trust related behaviour, which in our case is the willingness to transact online.
1.5 Motivation and Expected contributions of the thesis:
This section underlines any possible gaps in existing research based upon the discussion so
far, which answers a basic question, why is this research necessary to be undertaken at all?
This also leads us to identify the potential contributions, both theoretically and managerially,
of this study.
12
The problem area identified for this thesis is examining the role of trust and privacy concern
related factors in a customer’s interaction with an online vendor and his/her decision process
which anticipatedly culminates in a financial transaction between the two. There have been a
number of studies conducted upon trust and its purportedly central role in inducing one to
conduct a transaction. Gefen Karahanna and Straub (2003) in their seminal paper posited
consumer assessment of IT and trust both on an equal footing at the heart of online shopping.
However, the work does not take into account the possible effects of factors that may
compromise a potential shopper’s intentions to purchase. This concern is substantiated in a
major work by Culnan and Armstrong (1999), who identify that information practices that
provide value to organizations by enabling them to cater more personally to individuals can
also raise privacy concerns for the very same customers. While they stressed upon introducing
procedural fairness to partly address the problem, and provide a research framework to this
effect, their work is characterized by a unique attempt to include both trust and privacy
artefacts within the same framework. The strength of the work lies in its acknowledgement of
the need to unify the two realms, privacy and trust; the weakness lies in their treatment of
trust as a unidimensional construct.
Still, there is ample support in literature, particularly the seminal ones upon which this thesis
is based upon, that do indeed consider trust as a unidimensional whole. Notably, Jarvenpaa,
Tractinsky, and Vitale’s (2000) study that establishes reputation and size to be potent
antecedents to trust even for transacting in an online context also treats trust
unidimensionally. In addition to Culnan and Armstrong (1999), Chelappa and Sin (2005) have
also attempted to integrate privacy and trust building factors in leading to likelihood of
utilizing personalization services. Trust was once again treated unidimensionally. A common
thread running through the research is virtually all have agreed that trust is in fact a multi-
dimensional construct, however it has been used unidimensionally for simplicity’s sake. This
holding back is all the more puzzling since impressive trust typologies have already been
propounded, notably by Gefen Karahanna Straub (2003), McKnight Chaudhury Kacmar
(2002), McKnight Chervany (2001), McKnight Cummings Chervany (2006).
Thus, on one hand, we have existing research that acknowledges that it is worthwhile and
even necessary to conduct privacy research and trust research in a holistic manner to attempt
to explain why customers may or may not buy from an online vendor. On the other hand, we
find that few attempts have actually been made to follow through such a strain of research;
13
such attempts being limited by treatment of trust as a unidimensional construct where a
multidimensional view is warranted to provide more clarity into the interaction dynamics.
Trust is perhaps too complex a concept to be treated unidimensionally if we were to
subsequently take it out of mere theorization and employ it on a practical level.
Additionally, we are now in a position to codify privacy concerns, its antecedents, and its role
in influencing willingness to disclose information online following the seminal work of Awad
Krishnan (2006). A linkage between willingness to disclose and resultant willingness to
transact have been theorized (Grabner Krauter, Kaluscha 2003).
Thus, this research attempts to fill a gap in existing research, wherein:
a. The need to compile trust and privacy research into a single executable model leading
to willingness to transact have been hinted at, but not adequately researched upon.
b. The few studies that have been conducted do not take into account important privacy
dimensions
c. The multidimensionality of trust crucial to understanding individual customer
behaviour online is not taken into account.
The thesis is expected to arrive at conclusions that will have several theoretical and
managerial contributions. Theoretically, the objective of the study is to propose and
empirically estimate and validate a holistic model that positions trust as a multidimensional
key factor in willingness to transact. The implication is perhaps far reaching. It allows us
isolate and minutely detail the validity of the antecedents of trust and their interrelationships
with the different trust components. In the process, we also examine any additional new
variable that may emerge and its potential relationships. Managerially, it would be possible in
such a case to focus on areas that can help convert a potential customer to an actual one, and
also to retain an existing one, on a much more modular fashion. Being able to identify trust
inducing factors and which type of trust they generate in the context of online shopping would
also result in significant conservation of resources on the enterprises’ part that is otherwise
spent in what can best be described as ‘hit and miss’ activities or ‘fishing’ expetiditions to
lure in customers.
Additionally, the objective of the thesis is to further replicate and extend the findings of Awad
Krishnan’s model (2006) of privacy concerns. Several additional variables including risk
14
perception is introduced within the old model to assess and empirically estimate potential
linkages that are hypothesized in latter chapter based upon theory. Finally, the thesis will also
utilise, and examine the viability of cognitive mapping as a tool in qualitative marketing
research.
1.6 Outline of the study:
As has been discussed in research problem and questions formulation, the thesis has two
focuses. One element is to identify the antecedents of customer online information disclosure
in the context of privacy concern factors; the other is to identify the antecedents of willingness
to transact for individual customers and examine the relation between the former and the latter
dependant variable, the latter incorporating both privacy concern and trust related factors.
Accordingly, the thesis is divided into two sections. The first section consists of the summary
of the findings from the Licentiate thesis conducted during the year 2004-2006 that addresses
the exploration of the antecedents of online information disclosure. This summary is
presented in the form of an article (accepted and currently under revision) and herein referred
to as Study A.
While Awad and Krishnan’s paper (2006) acts as a lynchpin behind proposition of part of the
the holistic model in Study B, Study A significantly differs from their research in its approach
in exploration of the same dependant variable of online information disclosure. In keeping
with the principal theme of this study and defining a departure point from that of Awad
Krishnan, Study A incorporates trust and other antecedents arising out of customer experience
and beliefs regarding informational and financial transactions with an enterprise web
presence. The inclusion of trust was recommended for further research but not executed by
Awad and Krishnan in their work. A qualitative multiple case study approach using cognitive
mapping is used to assess results and compare findings with prior empirical research. In
process, it addresses the first research question of “What are the factors responsible for
customer willingness to disclose information to an online vendor”. The results demonstrate
the viability of using cognitive mapping as a tool to find strategic privacy leverage points of
customers, leading to better understanding of a customer in the online environment: and also
revalidates the claim of trust in being a central construct not only for willingness to transact as
later hypothesized, but also for willingness to disclose information. Additionally, the possible
15
existence of a variable ‘originating location of web vendor’ is discovered, and provides an
added avenue for further research to be carried out in Study B.
The second section (referred to as Study B) constitutes the bulk of this doctoral thesis. It
incorporates the findings from Study A and follows through on the proposed avenues of
further research. The focus of Study B is answering the second and third research questions;
“What are the factors responsible for customer willingness to transact with an online
merchant?”, and “Does willingness to be profiled online have an effect on customers’
willingness to transact online?” Thus study B has two core areas of exploration that builds up
where Study A left off, one is to find and adjudge the antecedents of willingness to transact
whilst deconstructing trust into a multidimensional set of constructs and subsequently identify
the resultant splitting up of relationships that distinguish it from earlier research, answering
the second identified research question. Secondly, it explores the hypothesized causal
relationship between willingness to disclose information and willingness to transact and
attempt to establish its veracity, which answers the third identified research question. In
contrast to Study A which was a qualitative study, Study B is a quantitative study and
employs structural equation modelling to estimate the strengths of the relationships between
the variables within the proposed research model.
The relationship and the interdependence of the two studies are illustrated in the following
figure as they relate to the research questions.
16
Figure 1: Linking the two studies
The literature review chapter that follows expands upon the key concepts introduced in the
introductory chapter. The chapter also marks the delimitation of theories that lay the
foundation of Study A and Study B. The following diagram illustrates the layout and the
structure of this thesis chapterwise in brief:
17
Figure 2: Thesis outline
1.6.1 What to expect within chapters:
Introduction and background: The first chapter provides an introduction and a background
discussion into thesis topic. Specifically, it precipitates a discussion in applied issues relation
to privacy and disclosure of information online, as well as initiates a discussion on the role
trust and risk perception as precursors to willingness to transact. A disparity between
corporate and customer resources is identified which exacerbates customer concern over
privacy violations. The merits of cost-benefit trade off for information exchange for
customers are discussed. Trust as a factor in influencing customer participation in transaction
is introduced. The discussion leads us to narrow our research area and identify the research
18
problem and delimit the research to specific research questions. Also, the relevance and need
for dividing the study into two parts is discussed, and a bridge is drawn between the two parts
of the study.
Both studies A and B are integral parts of this thesis, and their conceptual build-up and
interlinkage is illustrated in the following schema. The literature review can be held common
to both studies.
Figure 3: Activity schema
Literature review: the second chapter provides a theoretical groundwork for the key
concepts discussed. As the research problem suggests, there are two core areas of this
research, privacy concern and trust. Consumer control over information, previous invasion of
privacy, role of information transparency, procedural fairness are discussed as some of the
core issues of privacy concerns and their effect on customer willingness to disclose
information online. Trust with respect to online environment is discussed in detail, and
different typologies of trust are gone into in depth. Other possible factors such as reputation,
19
familiarity, size of vendor etc. are discussed as possible antecedents of trust and willingness to
transact as identified by earlier research in the area.
Study A: The third chapter presents the results of Study A in article form. The original
research comprised of the body of work of the Licentiate thesis conducted upto December
2005. The chapter presents the findings of the work for latter usage in Study B within the
current research.
Frame of reference: This chapter sifts through the broader theoretical discussion contained
within chapter 2 and draws a theoretical boundary within which the study is to be conducted.
It also draws up the research model based upon conjunction of theories and proposes a set of
hypotheses for possible acceptance or rejection upon quantitative analysis.
Methodology: Study A was qualitative in nature, and a separate methodology section was
contained within the presentation of the study that discussed the choice of cognitive mapping
as an applicable method in qualitative research. This chapter (Ch. 5) discusses some of the
theoretical justification behind choice of a quantitative approach for the thesis, scales used,
sampling issues, issues regarding reliability, validation of scales, choice of structural equation
modelling as the analytical tool, and possible issues that can be encountered due to such
choice.
Analysis and discussion of results: The chapter details the analyses conducted, and briefly
discusses each result and their import individually. Hypotheses are either accepted or rejected
based upon the findings.
Findings, conclusions, and contributions: the final chapter provides a summary of the
findings, and answers the initial research questions posed. The veracity and strength of the
research model is discussed. The theoretical and managerial impact of the findings of the
research are also presented. Finally, any avenues for further research that may have emerged
out of the current study are also discussed.
20
1.7 Delimitations of the study:
The thesis has several demarcated areas of focus, both within the theoretical structure laid
down, and also with regard to application context of anticipated results. Trust related theories
provide a basis for discussions and analysis in the study. The study, due to design relevance
with regard to earlier research, considers knowledge based, institution based, and cognition
based trust, and does not take into account personality based trust as identified by Gefen
Karahanna and Straub (2003). The exclusion was by design, since assessing personality based
trust would render the empirical study too lengthy and complex, while perhaps not yielding
enough dividends to justify its inclusion. Judging the antecedents of personality based trust,
however, is important, and it is suggested that a separate study be conducted to explore its
impact upon willingness to transact when privacy concerns and other trust artefacts are
present. To this end, the proposed research model in this study can be viewed as a useful
complement.
Additionally, the survey was conducted principally among a student population. Since the
service area chosen was voice over IP telephony, the sample population choice is viewed as
justified and appropriate, since students are among the main consumers of such services.
Enterprises can be taken as another large user base of VOIP services, however, the scope of
this study is limited to individual customers, and hence enterprises are excluded. As such,
there is further scope for testing the theoretical relationships within a larger and more varied
sample.
21
22
Chapter 2
2.0 Literature Review
Theoretical perspectives:
2.1 Consumer Control and Privacy Concerns
Control or Loss of control has been mentioned as a factor in privacy research by a number of
researchers (Goodwin, 1991; Culnan, 1993; Smith, Milberg, Burke, 1996; Limayem, Khalifa,
Frini, 2000). Others (Liu, Marchewka, 2004) have used choice as a replacement word for
control in privacy concerns, meaning a choice to allow an organization to use or share
information collected about them. Jourard (1966) had defined privacy as the freedom a person
has for choosing the time and place for disclosures of his experience, and also the company
before which he may make such disclosure. While this definition was coined in 1966, it is still
applicable in the context of the online world. It comes down to an individual choice, or what
control he retains over aspects of a transaction.
Goodwin (1991) highlights that consumer privacy is narrower in scope than the broad
applications of general privacy concepts. In this narrower scope, she identifies two
dimensions of control in privacy. The first dimension is control over unwanted intrusion.
Since the study was conducted in an offline setting, Goodwin (ibid) identified means of
intrusion to be unwanted telephones, mails, or personal intrusions, and stated that consumer
privacy could be viewed within any context of customer marketer interaction, such as cash or
credit sales, profit or not profit. But the concept may be applied just as well in an online
setting, for example with spam emails, browser hijacking attacks, unwanted advertisements
which are all intrusions in the consumer’s environment. The second dimension mentioned by
Goodwin is control over information about the customer.
Earlier researches have identified tort invasions of privacy, or offences linked to privacy,
which may be linked to control, i.e. situations leading to a loss of control. Prosser (1960) is
one of the earliest researchers to start the debate on privacy invasions. He identified four such
tort invasions, appropriation (use of identity without permission in advertising), false light
(misrepresenting information in a negative way about someone), intrusion into solitude, and
23
public disclosure of private information. Westin (1967) had identified four components of
privacy, namely solitude, anonymity, intimacy, and reserve that he stated individuals could
use to control information about themselves. Goodwin (1991) stated that out of the four
components of tort privacy invasions, intrusion into solitude and involuntary information
disclosure are more relevant in terms of the threats they present, than false light or
appropriation.
However, Goodwin’s view as stated above may warrant a second look in the current context
of internet privacy concerns. While intrusion into solitude through junk mails and other
solicitations as well as involuntary information disclosure are indeed real threats, false light
may well be fast regaining its status as a factor that raises privacy concerns. The blogging
phenomenon coupled with the expansion of digital media allowing people to post and publish
online at will, the popularity of open infrastructure information source such as the wikipedia
that does not have a strong editorial control, and general pervasiveness of search engines
ensure that misrepresenting information about individuals has become easier than ever,
information that can be spread globally.
Foxman and Kilcoyne (1993) employ two theories, ethical egoism and utilitarianism to
explain and judge marketing action in the privacy backdrop. Under ethical egoism, the
consequences of an act are evaluated solely in terms of their harm or benefit to the individual
considering the action; whereas utilitarianism evaluates and act’s morality by considering its
consequences for everyone affected by it. The harm and the good expected to result from an
act are balanced against each other, and individuals or firms guided by this theory is expected
to choose the act that results in the greatest net good.
On the other hand, deontological ethical theories do not evaluate consequences, but instead
seek to evaluate the moral worth of an act by the extent to which it embodies certain universal
rights and duties. Unlike utilitarianism, deontological ethics is not compensatory, meaning
some act that may yield good for many individuals cannot outweigh the harm it may cause to
a few.
Foxman & Kilcoyne (1993) identifies four states of privacy a consumer may be in, with
regards to the control they may exercise.
24
Table 1: States of privacy with regard to control
Consumer Controls Other controls
Consumer informed State 1 State 2
Consumers are aware of Consumers are aware of
privacy threats/issues, and privacy threats/issues, but
can determine whether and may or may not have a say in
how personal data will be whether and how personal
used. data will be used.
Consumer not informed State 3 State 4
Consumers have privacy Consumers are not aware that
rights but are not aware of they have privacy rights – and
them. Because they assume even if they are aware, they
they must provide personal may or may not have a say
data, they do not exercise about the collection and use
control over its release. of personal data.
Foxman and Kilcoyne (1993) contend that State 1 is the only marketing-related privacy state
that meets deontological requirements because only under these conditions can consumers
make free, informed choices about the use of their personal data.
Mascarenhas, Kesavan, and Bernacchi (2003) have put forth four major models of consumer
privacy that they categorize as having been evolved as a response to consumer privacy
violations offline and the consequent need for control, each dealing with customers’ rights
and marketers’ duties. They posit that all four models readily apply to online extensions and
applications (Mascarenhas et al., 2003, p. 688).
The first model put forward by them is the seclusion model of privacy. This draws upon the
historical article of 1890 by Justice Brandeis and Warren, the gist being the right to be alone
as the most comprehensive use of rights and the most valued right of civilized people.
Goodwin (1991) points out that the privacy context has not changed today, and that it remains
about information, and the means of its delivery.
Out of the seclusion model of privacy, an idea emerges that as the technology age matures
even further, it is but a natural progression that the need to be left alone should also progress.
25
If so, then at some point it poses the problem of the inevitability of a conflict. However,
expounding on such thought is beyond the scope of this paper.
The second model put forth by Mascarenhas et al is Consumer privacy as access control. This
builds upon the concept of consumers protecting their own privacy. This brings our focus
back on the consumers’ ability to control personal information, as discussed earlier.
A third model presented by Mascarenhas et al. is the viewing of Personal data as private
property. This stems out of the concept of consumer privacy as control of personal
information and expands on the supposition that personal information belongs to the customer
and is his/ her private “intellectual property” (Langenderfer and Kopp, 2003). This view of
personal information being private property is supported by the fact that the current opt-in and
opt-out mechanisms presume that customers own their personal data, can control it, and can
transfer this control willingly to marketers (Milne and Rohm, 2000). Brown (1987) stated that
the actions of claiming, occupying, and defending property and possessions comprise the
concept of territoriality; and earlier on, Bakker and Rabdau (1973) identified territoriality with
control. Thus it may be inferred that since our presence on the internet is through the data we
footprints we leave on it, it is but natural to have a territorial attitude about the data. Edney
and Buda (1976) make a distinction between privacy and territoriality by stating that privacy
is linked to feelings of freedom and autonomy, whereas territoriality is linked to an
individual’s sense of identity. However, in absence of other identity cues (such as physical
holdings of property, family, relations, other possession or status symbols) on the internet, we
may question whether such distinction exists, and whether on the internet the concepts of
privacy and territoriality could be merging together.
A fourth model of privacy identified is Consumer privacy as autonomy. This model defines
“private data” as those that are necessary for a person to make life decisions (Mascarenhas,
Kesavan, and Bernacchi, 2003, p. 689). This concept brings with itself the issues of freedom
from the coercive use of personal information as well as the ability to be alone as necessary
(Langenderfer and Kopp, 2003). It also brings up the issue of what type of personal data
disclosure or sale of data would violate one’s personal autonomy (Mascarenhas et al., 2003).
Caudill and Murphy (2000) have attempted to connect knowledge of the internet and the
existence of privacy control mechanisms with purchasing activities. They identified a matrix
of consumer knowledge and consumer control to determine purchasing habits.
26
Table 2 : Control and knowledge of online surfing and purchasing activities
Consumer Consumer control
knowledge
No Yes
Surfing Surfing
x Movements tracked by software x Technology solutions,
x Consumer no longer owns consumer can dismantle
information tracking software
x General control maintained
No Purchasing Purchasing
x Use credit card, no privacy x Use cash (not feasible
statement online), technology.
x Consumer no longer owns x General control maintained.
information
Surfing Surfing
x Able to access privacy x Able to access privacy
statement, no opt-in and opt-out statement, opt-in and opt-
statements, no technology out statements, technology
solutions solutions
x Consumer no longer owns x Consumer owns
Yes information information
Purchasing Purchasing
x Have to use credit card x Able to access privacy
x Privacy statement, no opt-out statement with opt-out
x Consumer no longer owns option if using credit card,
information ability to pay cash with opt-
in option.
x Consumer owns
information.
Source: Caudill, M.E., and Murphy, P.E., Customer Online Privacy: Legal and Ethical Issues,
2000, p. 10.
27
Based on the states of control, Goodwin (1991) has defined consumer privacy solely in terms
of consumer control. She identifies consumer privacy as the consumer’s ability to control
presence of others during a transaction or consumption behaviour, and the information that is
disseminated during the transaction or interaction to parties that are not present during the
transaction. While this definition based on control was coined in an offline setting, yet this
may be well applied in an internet transaction context. Goodwin (1991) cites Parker (1974)
stating that the privacy loss may come from a feeling of being watched or sensed. This is tied
to the first part of the definition, which is the ability to control unwanted intrusion. As we
have argued before that privacy and territoriality (which stems from possession) may be one
and the same in an internet setting, any unwanted observation would be tantamount to
interfering with possession, or a violation of an individual himself. Thus the ability to control
such intrusion by means of being observed is a key factor. The second part of the definition
on the other hand can be applied without any modification to the context of internet
transactions, which is dissemination of information to third parties.
Thus we redefine Goodwin’s definition of privacy in terms of control to fit an online

exchange as follows:
“Consumer privacy online is the consumer’s ability to

A. Control any undue observance, information collection, insistence on information
collection, or monitoring during a transaction at an web site, and
B. Control the dissemination of information related to or provided during the
transactions or behaviours to third parties (not directly party to the transaction at
hand).
Based on the concepts propounded, Goodwin (1991) proposed a 2x2 matrix of privacy states
vis a vis the control exterted:
Table 3 : Taxonomy of privacy states in an offline context

Control over disclosure of information to others not present
during the original transaction
Low High
High 1. 2.
28
Environmental control Total Control
Control over who is present Control over unwanted

during a transaction or presence of others
activity during transaction or
activity
No control over Control over

information disclosure to information disclosed to
those not present those not present
Control over unwanted
physical presence of others Low 3. 4.
in consumer’s immediate No Control Disclosure control
environment
No control over who is No control over who is
present during transaction present during
or activity transaction or activity
No control over distribution No disclosure of

of information obtained information associated
during transaction with transaction or
activity
Source: Taxonomy of Privacy States, Goodwin (1991), pg. 156.
Based on our definition of privacy in terms of control to fit an online exchange and the table
above, we modify the taxonomy to present the control related privacy states in the context of
internet transactions below:
29
Table 4: Proposed taxonomy of privacy states linked to control in an online context
Control over dissemination of information related to or
provided during the transactions or behaviours to third
parties not party to the original transaction
Low High
High 1. 2.
Environmental control Total Control
Control over information Control over

collection and monitoring information collection
during a transaction or and monitoring during a
activity transaction or activity
No control over information Control over

disclosure to third parties information disclosed to
third parties
Control over undue Low 3. 4.
observance, insistence on No Control Disclosure control
data collection, or
monitoring during a No control over information No control over
transaction at an web site collection and monitoring information collection
during a transaction or and monitoring during a
activity transaction or activity.
No control over distribution No disclosure of

of information obtained information associated
during transaction with transaction or
activity
30
2.2 Typology of Trust and its antecedents
Mcknight, Choudhury, and Kacmar (2002) propound that trust is a key factor in consumers
overcoming perceptions of risk and insecurity. They identify behaviours that are necessary for
widespread adoption of e-commerce, which are sharing of disclosing of personal information,
purchasing, and acting based on vendor advice. They state that trust instils a sense of comfort
in engaging in these behaviours. This is supported by Wang (1998), Gefen, Straub, and
Karahanna (2002) who also mention that consumers need to feel comfortable if they are to
transact with unknown vendors in what is essentially a new medium, i.e. the internet. Davis
(1989) highlights the need for perceived usefulness and ease of use in adoption of new
technology. Friedman (2000) states that along with usefulness and ease of use, there is also a
need for consumer belief in the vendor in case of e-commerce.
Gefen, Karahanna, and Straub (2002) state that trust is often difficult to establish in an e-
commerce setting because the social cues are minimal. Thus McKnight, Chaudhury et al
(2002) stress that e-vendors need to act pro-actively in order to get past consumer perceptions
of risk and uncertainty. One way to do this is by building trust. Jarvenpaa, Tractinsky (1999)
also stress the need for a clear understanding of the nature and the antecedents of trust for
researchers and market practitioners.
Mcknight et al (2002) mention that the perceptions of risk and uncertainty may be potent
when dealing with an unfamiliar vendor on the internet. Several typology of trust have been
proposed. Mcknight, Cumming, and Chervany (1998) identify initial trust which denotes an
unfamiliar trustee in which the parties do not have credible or meaningful information about
or no existing bonds between each other. They identify what they call is a paradox; while
earlier research contends that trust is a gradual process that builds over time (Remple,
Holmes, and Zanna, 1985) McKnight et al (1998) state that such a stance is based on an
assumption that trust levels are initially small and increase over time. However, in other
research it has been found that participants’ initial trust levels were high, both in experimental
settings and surveys (Song, 2004; Glaeser, Laibson, Scheinkman, Soutter, 2000; Berg,
Dickhaut, McCabe, 1995). Berg, Dickhaut et al (1995) designed an experimental study in the
setting of investments to explore trust and reciprocity. They found reciprocity to exist as a
basic element of human nature, and the reciprocity turned into trust in interactions with an
31
unknown counterpart. They further found social history as a factor to bolster the relationship
between trust and reciprocity.
This is a possible research area that might be explored further in future research. We may
hypothesize whether reciprocity as a basic element of nature accounts for trust in internet
transactions, particularly with untested or unknown vendors, assuming a consumer exhibits
high levels of initial trust when he engages in a transaction with such a vendor.
Mcknight, Cummings, and Chervany (1998) propose that there may be hidden factors and
processes at work leading to high trust levels in initial relationships. This in their opinion is
particularly true in modern work environments where there is often a need to interact with
new managers or colleagues. They contend that in such environments initial trust situations
are normal occurrences. We may draw a conjecture that with the widespread phenomena of
the internet adoption in daily lives, similar dynamics may be at work supplanting internet in
place of work places, thus facilitating viewing of initial trust formation in relationship with
unknown vendor or website on the internet as common place or a natural occurrence too. In
their model of initial trust formation in organizations, they contend that initial trust between
parties is formed without experience or first hand knowledge of the other participant; instead
it is based upon an individual’s disposition to trust or other institutional cues. McKnight et al
(1998) in their model of initial trust formation identify disposition to trust, institution based
trust (of the individual) and two cognitive processes – illusion of control and categorization
process – behind formation of initial trust. They state that trust formation excluded what they
call are experiential processes which involves observation of the trustee behaviour, but
includes cognitive processes. They state that it is these cognitive processes and factors that
lead to formation of an initial trust.
2.2.1 Disposition to trust
Disposition to trust stems partially from personality based trust – a research stream that
proposes that trust traits start developing from childhood itself as infants seek for and obtain
help from benevolent caregivers (McKnight et al., 1998; Bowlby, 1982). Thus a disposition to
trust is defined as a consistent tendency to be willing to depend on others across a broad
spectrum of situations (Rotter, 1980). This construct is composed of two factors; the first is
faith in humanity, which states that people are generally well meaning and reliable
32
(Wrightsman, 1991). The other component to disposition to trust construct as identified by
McKnight et al is the trusting stance, which is a function of calculative trust.
Culnan and Armstrong (1999) also highlight a person’s natural propensity or concern towards
privacy as one of the predictors of trust. Jarvenpaa and Tractinsky (1999) also propound that
an individual’s general trusting stance or disposition could extend to trust of online
companies. Thus Metzger (2004) suggests that the trust placed upon internet sites by the
customer would be inversely related to the individual customer’s general concern for privacy.
Nowak and Phelps (1992) found privacy concern correlated with requests for removal from a
mailing list. Milne and Gordon (1994), using conjoint analysis, identified market segments
(“potential lobbyists,” “demanding middle,” and “new right”) holding different attitudes
toward direct mail database marketing. Culnan (1995) found dimensions of perceived control
to differentiate between consumers holding positive versus negative attitudes. Those with
more positive attitudes were those who also perceived a greater degree of control over their
personal information. Further, those with more positive attitudes were more likely to perceive
shopping by mail as beneficial, and were more likely to have found coping strategies for
dealing with unwanted mail. Milne (1997), in a field experiment, found that consumers who
had been provided information about the type of secondary party with whom personal
information would be shared were more likely to grant permission for its transfer.
2.2.2 Institution based trust
Institution based trust is taken as the probability of one’s success in any given situation where
impersonal structures provide a supportive role. In institution based trust, guarantees, safety
nets, or similar structures provide a feeling of security leading to trust (Shapiro, 1987; Zucker,
1986). Cognitive trust on the other hand is built upon cognitive cues or first impressions
where personal interaction is absent (Lewis Weigert, 1985). It is the contention of McKnight
Cummings et al (1998) that institution based, personality based and cognitive based trust
explains high trust levels at initial phases of relationships.
33
Figure 4: High level model of initial formation of trust
Source: McKnight, Cummings, and Chervany, 1998, pg. 475
McKnight et al. (1998) contend that each of the three lines of thoughts on trust; personality
based, institutional based, and cognitive, explain parts of high initial trust. However, if only
one of them is researched at a time, then the findings may well be skewed since in a given
context there is a possibility that all three components might be present.
Shapiro (1987) defines institutional trust as an individual’s belief that presence of impersonal
structures facilitates actions that are carried out for a successful future endeavour. Shapiro
(1987), Zucker (1986) identify two types of institution based trust; situational normality
which is a belief that if situations are normal success is likely to follow, and structural
assurances which is a belief that the presence of promises, contracts, regulations, possible
legal recourse, or guarantees increase the likelihood of success.
Bigley and Pierce (1998) dub a trustee as unfamiliar when there is not enough credible and
meaningful information available about the parties to each other or no pre-existing bond
between the two. This is often the case in e-commerce, where consumers routinely come
across new sites in search of products or services. McKnight, Chaudhury, Kacmar (2002)
highlight that such cases would fall under the purview of initial trust since credible
information can only be gained after the consumer or site user has been involved in trusting
behaviour such as disclosure of information and subsequently formed an opinion of the
34
trustworthiness of the internet vendor based upon the consequences of the earlier actions.
Thus they posit that web vendors need to instil enough trust in the consumers at the initial
trust phase for them to proceed with the transaction activities. Such trust may be instilled
through situational or cognitive cues. Cognitive trust at this phase is formed in a quick fashion
and is based upon such cues as social categorization, reputation, illusions, disposition,
institutional roles, or even the immediacy of the task (McKnight, Cummings, Chervany,
1998).
2.2.3 Cognition based trust
Social categorization and origination location
Social categorization is often used to generate trusting beliefs which is composed of three
components; unit grouping, reputation, and stereotyping. (McKnight Cummings Chervany,
1998). Gefen, Karahanna, and Straub (2003) also suggest that cognition based trust is based
on impressions rather than first hand personal experience and is formed via social
categorization and illusions of control.
Unit grouping refers to individuals or entities sharing a common goal and hence viewing each
other positively; and that people within a group are perceived to be more trustworthy by the
people within the group than non-group members (Brewer and Silver, 1978). This view is
supported by Morgan and Hunt (1994) and Zucker (1986). They posit that people are likely to
place more trust in people that are similar to themselves. Morgan and Hunt (ibid) further state
that trust worthiness is often assessed through stereotyping. Gefen et al. (2003) describe
illusion of control as the over inflation of trusting belief where there is not enough first hand
information. In such a scenario, consumers are inclined to put an even greater emphasis on
situational cues, and form cognition based trust. Davis and Kotterman (1994) observe that
simple observation of the cues can lead to over inflation of trusting beliefs.
This group scenario leads to high levels of initial trust formation; however, in the context of e-
commerce it is perhaps not so applicable since consumers are less likely to identify
themselves with the vendor as sharing common goals. Organizations are typically profit
oriented, and as such any unit grouping by consumers is unlikely. However, for future
research it may be explored whether organizations that hold a common goal with its
35
consumers can enjoy high levels of initial trust. An example of such an organization could be
open source software vendors and their client base, which is a select niche. Another area of
thought that is explored is whether the unit grouping may be extended by consumers by using
regionality as a grouping factor. If so, that would indicate a preference by consumers to do
business with web vendors that are located within the same region, or even based upon a
common ethnicity, such as in the case of Northern Europe, even if similar features are offered
by websites from other regions. A situational cue in such cases would be the top level domain
of a web site, for example ending with .se instead of .com in case of Sweden. This is dubbed
as originating location factor later in the chapter.
2.2.4 Knowledge based trust: familiarity with web vendor
Gefen, Karahanna, and Straub (2003) identify familiarity with e-vendors as the principal
component of knowledge based trust. Their argument comes from the proposition that
familiarity increases understanding of present happenings, and thus reduces any social
uncertainty (ibid.). As we have discussed earlier, uncertainty and risk are inherent in internet
transaction and information disclosure situations. Gefen et al. (2003) posit that familiarity
with web vendors can lessen consumer concern that the vendor may be opportunistic, if in
their past transactions such occurrences did not happen. Gefen (2000) further state that
familiarity also reduces any confusion regarding usage procedures within a web site. Gefen
states that this is important because clarity about how to use a web site and its procedures
allows consumers to lessen their anxiety that they might be exploited in some way by the
vendor.
Based upon the antecedents and the typology of trust, Gefen, Karahanna et al. propose the
following model of trust and its relationship with intended use. The model takes into account
perceived usefulness and the perceived ease of use from the technology acceptance model.
36
Figure 5: Research model of Trust and TAM in online shopping
Figure: Research model of Trust and TAM in online shopping

Source: Gefen, Karahanna, and Straub (2003), pg. 53.
Doney and Cannon (1998) also support the presence of familiarity as an antecedent of trust.
Their view is that familiarity with e-vendors is a prediction process; and that as knowledge is
accumulated about a vendor thus a c consumer is able to predict the behaviour of the vendor,
building trust in the process. Gefen (2000) stated that trust relates with consumer beliefs
regarding web vendors’ intentions and future behaviour. However, in the operationalizations
of familiarity we do not come across the requirement that a consumer has to have conducted
actual transactions to accumulate knowledge about the vendor (Doney and Cannon, 1998) or
to build belief about the vendor which is precursor to trust in the entity. McKnight,
Chaudhury, and Kacmar (1998) do state that time and an interaction history are requisite for
the development of trust. However, it is possible that a consumer might be familiar with a
company even if he has not had a direct interaction with it. For example, one may be familiar
with Amazon.com even if he or she has never purchased a book or any other item from them.
The familiarity may stem from knowledge gained from the external environment, and may be
triggered by reputation (which is another trust antecedent as discussed in the
chapter).Accordingly, theoretically there should be no obstruction to a building of knowledge
based trust between a consumer and a web vendor even in the absence of prior transactions.
Gefen, Karahanna, and Straub (2003) have posited that familiarity with an ‘a priori
trustworthy e-vendor’ (where knowledge based trust exists through prior association) will
have a positive relationship with trust, and increased knowledge should lead to higher levels
37
of trust. We shall explore whether similar relationship exists where prior interaction is absent
as well as where is an a priori trust through previous interaction.
2.3 Trusting belief vs. trusting intentions in trust related behavior
Sharing of personal information (disclosure of information online), making a purchase, and

acting on website provided information have all been classified as trust related behaviour
(McKnight, Chaudhury, Kacmar, 2002). This paper investigates the intention to engage in
trust related behaviour on the part of consumers, instead of measuring actual trust related
behaviour, i.e. transacting or disclosing information. This is supported by earlier research,
Sheppard, Hartwick, and Warshaw (1988) Venkatesh and Davis (2000) all state that there is a
strong correlation between behavioural intentions and actual behaviour. Furthermore,
Agarwal and Prasad (1998), Gefen Karahanna (1999) also suggest that measuring intention to
engage in trust behaviour instead of actual behaviour is the norm in similar studies.
Trusting intentions denotes a truster’s (the one who places the trust) willingness to depend on
the trustee (the entity upon which the trust is bestowed) (McKnight et al, 2002). This
willingness to depend is a “preparedness to make oneself vulnerable to the trustee” (ibid.).
They state that in the context of e-commerce, the willingness to depend translates to
consumers agreeing to general statements about their preparedness to rely on the vendor.
Trusting belief on the other hand denotes the confidence the truster has on specific attributes
of a web vendor which are also deemed beneficial to the truster (McKnight et al, 2002). Gefen
(1997), Mayer Davis Schoorman (1995) identify three types of trusting beliefs, competence,
benevolence, and integrity of the trustee.
The following model illustrates the conceptual linking of trust constructs in the view of
McKnight et al. (2002).
38
Figure 6: Web Trust Model
Source: McKnight, Chaudhury, Kacmar, 2002, pg. 337
In addition to the above framework for understanding web trust, McKnight et al (2002)
mention three constructs that need to be considered, personal innovativeness, web experience,
and perceived site quality. They posit that general web experience is positively related to
institutional trust. We have discussed such a possible link earlier in the chapter and mentioned
that trust bestowed on the internet infrastructure takes on the form of institutional trust, and
generates levels of trust based upon perceptions of the internet accordingly. Thus experience
gained within an institutional context (i.e. the internet) would impact institution based trust
even in absence of a direct experience with particular vendors (trustees).
2.4 Trust and Perceived Risk
Sitkin and Pablo (1992) define risk as “a characteristic of decisions… defined as the extent to
which there is uncertainty about whether potentially significant and /or disappointing
outcomes of decisions will be realized.” McAllister (1995) defines risk perception as “the
trustor’s belief about likelihoods of gains and losses outside of considerations that involve the
relationships with the particular trustee”. Mayer, Davis, and Schoorman (1995) stated that
there is a lack of clarity in the relationship between risk and trust and this renders the study of
trust in organizations difficult to pursue. They state that risk requires having an investment of
some kind, and this is essential for trust formation. They mention that only in case of a risky
39
situation there arises a need for trust. Unless a situation carries a risk within it, there would
not be a need for vesting trust in any way. Lewis and Weigert (1985) also highlight the
importance of risk in order to understand trust. Mayer, Davis, Schoorman (ibid) further state
that it is yet unclear whether risk is an outcome of trust, or its antecedent. In their research
model they propose risk taking in relationships as an outcome of trust, a relationship which is
modified by perceived risk along the relationship.
Figure 7: Mayer Davis Schoorman Model of trust

Source: Mayer, Davis, Schoorman, 1995, pg. 715.
This view is partially supported by Jarvenpaa, Tractinsky, and Vitale (2000), in whose
research model risk perception is an outcome of trust in a store, and is an antecedent of
willingness to buy (transact). In this research, we therefore take a similar stance in
formulating our research model, that perceived risk follows a builtup of trust in a store that
acts as an antecedent of willingness to transact.
Bracun (2003) proposes studying online payment systems in a broader socio-economic and
technical context; thereby equating confidence with trust not only in a vendor, but in the
system. Thus confidence is transformed into trust when exogenous environmental variables
are introduced, exclusive from the trust vested in the vendor. Luhmann (1988) has drawn
some finer distinctions by stating that trust and confidence differ when there has been a
previous engagement based upon a recognition that risk existed in the relationship. He stated
40
that in situations where there are no alternatives that need to be considered, one is in a
position of confidence. However, if in a situation there are options available that one may act
upon, and where there is a possibility of disappointment resulting from such options due to
action of others, one is in a situation of trust (Luhmann, 1988; Mayer et al., 1995). Thus,
faced with an option of internet purchasing, a consumer is always placed in a position of
trustor and not one holding confidence. It also stresses the need that a trustor must explicitly
recognize that risk exists in a transaction. Unless risk is recognized, one is in a position of
confidence which is perhaps outside the purview of e-commerce studies.
Jarvenpaa, Tractinsky, and Vitale (2000) define trust as the governing mechanism in an
exchange relationship that is characterized by uncertainty, vulnerability, and dependence.
Trust affects the behavior of consumers even when switching costs are low (Schurr and
Ozanne, 1985). In case of internet stores which are typified by the absence of the seller, it is
the organization that directly has to bear the burden of trust placed on it by the consumer
(Jarvenpaa, Tractinsky, and Vitale, 2000).
Hoffman, Novak, and Peralta (1999) highlighted that the likelihood of consumers purchasing
online is adversely affected if the online environment is perceived as excessively risky. The
risk is all the more potent in the online environment since it involves two exchanges: one, the
single utilitarian exchange involving goods or services in return for money or goods or
services; and also a second non-monetary secondary exchange of information for value
(Milne and Gordon, 1993, Culnan and Milberg, 1998). The first exchange entails the risk of
fraud, while the second exchange entails the risk to personal privacy (Milne and Culnan,
2004).
The relationship between trust and risk perception is illustrated in the following model
proposed by Jarvenpaa et al. (2000).
41
Figure 8: Research model of consumer trust in an Internet based store
(Source: Jarvenpaa, Tractinsky, and Vitale, 2000, p. 47).
In their study on the antecedents of consumer trust in an internet store, Jarvenpaa et al (2000)
considered a set of control variables, stating that perceived risk of a store could stem from a
consumer’s general risk attitudes towards the internet in general. The control variables are:
x frequency of internet usage,

x the frequency of internet shopping,
x shopping enjoyment in general,
x attitudes towards computers,
x past direct shopping experience, and
x web shopping risk attitudes.
Mayer et al. (1995) further propose that predictability in trustee does not automatically
translate into trust, and that for a transactional relationship to be meaningful, trust has to go
beyond predictability. An example of such a relationship is that a vendor can be expected to
be consistently unmindful of the needs of its customers and thus is trusted to be predictable.
However, this form of trust is meaningless in a transaction relationship. Mayer Davis et al.
(1995) propose that the additional construct needed to make such a trust relationship
meaningful is the addition of vulnerability. Predictability by itself is not enough for a trustor
to be willing to take a risk (ibid.) unless it is accompanied by a perception of vulnerability.
It should be noted that risk assumes importance only when an action is considered. This
further denotes the integral role perceived vulnerability plays in a trust privacy matrix. Mayer
42
et al. (1995) state that there is no risk involved if one is merely willing to be vulnerable.
However, there is inherent risk when we consider any behavioural manifestations (such as
willingness to transact) of the willingness to be vulnerable. Thus an assumption of risk is
essential if one intends to engage in trusting behaviour (ibid). Thus Mayer et al. (1995) further
clarify that trust can be called the willingness to assume risk while the behavioural
manifestation or behavioural trust is the act of assumption of risk. Sitkin and Pablo (1992)
have drawn a similar distinction by differentiating tendency to take risk and risk behaviour.
In their research model Mayer et al (1995) took risk taking in relationship as the outcome of
trust, and they define that this outcome of trust different from a general risk taking behaviour
as it focuses on specific relationship with the trustee party (in our case, the web vendor). They
have highlighted the importance of context in any interpretation of context and the need to
consider the likelihood of both positive or desirable and negative or non-desirable outcomes
in assessing risk. Sitkin and Pablo (1992) further identify familiarity of the domain of the
problem (which is taken as contextual parameter by Mayer), organizational control, and social
influences to have an impact on risk perception.
2.5 Perceptions of vulnerability
In earlier discussion, we have shown that for any transactional situation where a bestowment
of trust is needed, there has to be an inherent component of risk. The behavioural
manifestation of the willingness to be vulnerable is the final act in transactions, but a
consumer must have a risk perception and a perception of vulnerability for trust and trusting
behaviour to take form. Perception of vulnerability is a construct that can be linked as an
antecedent to both trust, as has been shown, and privacy concerns.
Fusilier and Hoyer (1980) have defined vulnerability in the context of invasion of privacy.
They state vulnerability to be the perceived possible negative consequences of a disclosure.
They hypothesize that people who experience positive outcomes from their disclosures have
less privacy concerns and feel lesser invasion of privacy than those who may have
encountered negative outcomes from information disclosure. The possible outcome
expectation is thus intrinsically linked to perception of vulnerability. Dinev and Hart (2004) to
contend that perception of the outcome of any information disclosure on the internet
determines privacy concerns. Dinev Hart (ibid) describe two types of vulnerability
43
perceptions on the internet. One is a risk of abusing or misusage of the information that is
disclosed, the other vulnerability is the ‘surreptitious collection’ of consumer data for
profiling.
While Dinev and Hart (2004) mention perceived vulnerability and perceived ability to control
as the two factors that account for consumer decisions on whether to disclose information on
the internet; Culnan and Armstrong (1999) identify a similar construct as part of the privacy
calculus in their privacy leverage point framework. Their opinion is that a consumer would be
willing to disclose information online if the benefits of the disclosure exceeds the risks
involved. The perception of vulnerability in their opinion also entails the perception that the
personal information submitted would subsequently be used in a fair manner, linking it to
procedural fairness. Dinev and Hart (2004) propound that if consumers view the information
they disclose may not be used fairly and that there might be negative consequences arising out
of such disclosures, then they might retract from activities on the internet that necessitates
information disclosure; and that consumers with higher privacy concerns would try to lessen
perceived vulnerability by limiting internet activity. This would imply higher perceived
vulnerability to lead to a higher privacy concern.
Figure 9: Model of antecedents to Internet privacy concerns

Source: Dinev, Hart, 2004, pg. 414.
We can explore further constructs to lie behind consumer perception of vulnerability on the
internet. We have earlier mentioned the role of situational cues in absence of prior
information. Situational cue in the form of the construct perceived web site quality may be a
factor that effects consumer perception of vulnerability. McKnight et al (2002) link perceived
web site quality positively with both trusting beliefs and trusting intentions as the outlook and
design of the webs site provides the first ‘experiential’ taste of a vendor’s presence.
44
2.6 Perceived size of a web vendor:
Donney and Cannon (1997) denotes supplier size to include a firm’s overall size and its
market share position. They state that the size of a company provides a cue to the consumer
about the firm’s trustworthiness. Also, the size of a company can be taken as an indicator of
success. A large organizational size implies to the buyer that other buyers have conducted
business successfully with them, and that they trust them, because otherwise the implication
would have been that unless other buyers trusted the firm, it would not have been able to
achieve its position in the market (Hill, 1990). It also builds the expectation that the company
will deliver on its promises (Doney and Cannon, 1997). It is also useful in indicating that the
firm will possess the expertise and resources for support systems such as customer and
technical services (Jarvenpaa et al., 2000), further strengthening the linkage to trust.
Jarvenpaa, Tractinsky, and Vitale (2000) contend that a store’s perceived size forms the first
impressions of a consumer regarding the store’s trustworthiness. They highlight that such
impressions are often based upon the perception of the vendor’s size, rather than the actual
size itself which may be based upon sales volume or number of products offered for sale.
Their contention is that this perception of size positively affects consumer trust in a vendor.
Jarvenpaa et al. (2000) identify several reasons why such a relationship may exist. The
perception of size is used as a situational cue that a large sized vendor is able to absorb the
risk of product failures and either be able to return the product or compensate the consumer in
some other way. A large sized vendor also has more potential to be able to exert control over
its suppliers. This in turn increases the reliability and predictability of the vendor. Also, large
sized vendors are perceived to have more resources invested in the business operations, and
thus consumers are more liable to infer that larger firms stand to lose more if they show
untrusting behavioural manifestations. Jarvenpaa et al. (ibid.) further hypothesize that the
effect of perceived size on trust bestowed on vendor might be moderated by the type of the
retailer’s business and the products it carries. If a product or service entails greater uncertainty
or ambiguity in its performance or if the consumer has to rely extensively on the vendor for
any after sales service, then the greater is the need for reliance on a firm’s resources – and
accordingly the linkage between perceived size and trust in a vendor is likely to be stronger.
45
2.7 Reputation:
Doney and Cannon (1997) define reputation as the extent to which buyers believe a selling
organization is honest and concerned about its customers. Consumers, especially internet
consumers are likely to favour sites that represent a merchant with which they are familiar
from traditional channels (Jarvenpaa et al, 2000; Quelch and Klein, 1996). This is due to the
fact that prior association increases any positive affect as well as any positive cognition on the
part of the buyer (Heider, 1958, Jarvenpaa et. al, 2000).
Reputation also works as a trust inducer in the initial relationship phase as it reflects
professional competence (Powell, 1996, Dasgupta, 1988) as well as honesty and predictability
(McKnight Chervany et al, 1998). They state that reputation may generate trusting beliefs in
the absence of prior knowledge. A third factor within categorization is stereotyping; which
may be based on gender (Dommeyer, Gross, 2003), prejudice against occupational groups
(McKnight et al. 1998) ethnicity, or other traits. Extending such a line of thought,
stereotyping against regions would also support originating location as a factor for initial trust
formation.
While achieving trust is made more difficult due to factors such as inability to physically
inspect goods before purchase, the number of companies online without an established
reputation, and the relative novelty of the shopping experience online (Culnan and Armstrong,
1999; Jarvenpaa and Tractinsky, 1999), Metzger (2004) points out that trust has a particularly
important role in facilitating disclosure of information in online exchanges, since any physical
contact is replaced by ‘computer-mediated communication’. She identifies internet as an
environment having reduced social cues, and surmises that this makes trust even more
difficult, yet at the same time all the more necessary to establish than in an interpersonal
(offline) context.
Metzger (2004) also identified ‘regard for the company’ as one of the key components in
forming perceptions of trust about a company. She reiterates Jarvenpaa et al’s (2000) view
that firm reputation and personal experience are both linked to trust. However, she points out
that in case of a newly established company, where reputation or earlier exposure is absent for
the customer, evaluations are made based on a set of observable signals (Kirmani and Rao,
2000). These signals are comprised of components such as the company’s self-presentation in
46
their public communications which might include advertisements, customer service
interactions, or their policy statements. This view is echoed by O’Keefe (2002) who states
that liking for a communicator positively influences judgements of trustworthiness.
2.8 The interplay of trust antecedents and factors behind privacy concern
Trust is a prerequisite of information disclosure, as it leads to perception of risk (Jarvenpaa,

Tractinsky, and Vitale, 2000). Liu, Marchewka, Lu, and Yu (2004) bring the dimensions of
privacy together with the dimensions of trust leading to behavioural intentions.
Figure 10: Privacy - Trust - Behavioral Intention Model

(Source: Liu, Marchewka, Lu, and Yu, 2004)
The basic assumptions from the model as identified by Liu et al are:
x There is a positive relationship between privacy and the degree of trust placed by
consumer for any online transaction.
x Notifying the customer about the possible usage of the information will positively
affect the degree of trust on the part of the customer.
x Access by the customer to his own personal data at a latter date positively influences
the degree of his trust.
x The degree of trust is also positively influenced by having a choice to opt-in and opt-
out of data acquisition processes.
x Attempts to keep data secure positively influence the customer’s level of trust.
However, the authors here do not take into account customer awareness or the steps
that may be taken by the companies to raise such awareness of data securing measures,
which may be a strengthening factor for level of trust enjoyed.
x There is a positive relationship between the level or degree of trust an individual has
with an online business and the individual’s behavioral intentions.
47
x Repeat purchase decisions online are positively linked to the level of trust.
x Repeat visits to a web site are positively linked to the level of trust.
x Possible recommendation for visit to a corporate site is positively linked to the degree
or level of trust.
x Positive feedback about a corporate website is related to the degree of trust.
2.9 Previous privacy invasion:
Metzger (2004) states that a history of disclosure of personal information in the past is likely
to affect later disclosure of information. This view is supported by Culnan and Armstrong
(1999) who stated that the consumers’ willingness to sacrifice personal information to
marketers is a function of their past experience with similar practices engaged in with
marketers. This would put the focus on procedural fairness; since customers would become
unwilling to disclose any additional information if they develop the perception that their
earlier released information was used unfairly. Culnan and Armstrong (1999) further state that
customers may even be willing to let themselves be profiled for marketing usage in addition
to disclosing personal data if they feel their privacy concerns have been addressed by fair
procedures. With regard to experience or the timespan of one’s cumulative exposure to the
internet, Metzger (2004) raises the question of what may be the leading factor for a person to
disclose information initially. A survey by Kehoe, Pitkow, Sutton, Agarwal, and Rogers
(1999) more experienced users more willing to part with demographic information. A study
by Cheskin Research (2000) confirms the finding. However, both Jarvenpaa and Tractinsky
(1999) and Hoffman (1999) found results to the contrary.
Metzger (2004) proposed the following model of online information disclosure:
48
Figure 11: Model of Online Information Disclosure
(Source: Metzger, 2004, pp. 3)
The model emphasizes the role of trust and past online behavior in the disclosure of personal
information online.
Awad and Krishnan (2006) suggest that personal experiences can cause privacy concerns to
change over time (The Harris Equifax surveys, 1992). Culnan (1993) did not find a clear
relationship between prior privacy invasions with attitudes towards secondary information use
(Culnan, 1993; Culnan and Armstrong, 1999). Here, secondary information use denotes usage
of consumer personal information by direct mailing companies since that was the context of
the study. However, Culnan (ibid.) found evidence that prior privacy invasion experience
affected an individual’s privacy concerns. Awad and Krishnan posit that there is a negative
relationship between prior invasion of privacy and consumer willingness to be profiled online.
Thus, if a consumer has what he/she deems to be previous violation of privacy, then the
consumer would be less likely to be willing to disclose information online for profiling
purposes.
2.10 A Social contract theory perspective
Milne and Gordon (1993) identified the collection and usage of personal information as a
‘social contract’ in which customer makes the non-monetary exchange of personal
information for intangible benefits such as quality of service. The authors conceptualized
direct mails as an implied social contract, and identified four attributes of such social contract:
volume, targeting, compensation, and permission. While the study was conducted in an
offline setting, since a parallel dynamics is at work at least in the case of online marketing and
49
offline direct mailing, the factors are worth considering. This view is supported by Culnan
and Armstrong (1999) who state that while research has mostly focused on trust and self-
disclosure in interpersonal contexts, similar balancing dynamics are used in electronic
environments.
x Volume: while some customers like more mail and others like less, it is found that
most customers have a strong opinion about the volume of mail they receive.
x Targeting: Milne and Gordon found universal agreement regarding the fact that the
targeting of direct mails need to be improved, enabling consumers to receive
information of interest to them, but not something that is too personal or offensive.
However, this of course brings us back to our original dilemma, in order to generate
the service more extensive data needs to be mined while at the same time without
fostering the feeling of paranoia among customers.
Milne and Rohm (2000) found consumer experience with direct purchasing to be
negatively related to desire to be removed from mail, telephone, and e-mail marketing
lists. Dommeyer and Gross (2003) state that many reasons exist why consumers may
not want to receive direct marketing solicitations. Some simply lack interest. Others
may feel intruded upon. Still others may fear manipulation by sophisticated marketers
holding database information.
x Permission: it relates to how the information provided to complete a transaction is

used subsequently, meaning once information is obtained, whether the company treats
it as company asset, or whether it remains the property of the customer to be used only
with the permission of the customer.
Knowing that information will be transferred to entities offering products and services
that match one’s interests provides a stronger sense of control than does granting
permission without assurances of targeting specificity (Dommeyer and Gross, 2003).
Horne and Horne (1997) reasoned that consumers with less actual experience might
fear what they do not understand.
50
x Compensation: this proposes providing customers with some form of compensation,
coupons, rebates etc. for providing personal information.
Based on the above variables, Milne and Gordon proposed the following framework for social
contract between the customer and organization.
Figure 12: A social contract framework for direct marketing

(Source: Milne and Gordon, 1993, pp. 208).
Culnan and Armstrong (1999) point out that customers will abide by or participate in this
social contract as long as they perceive the benefits to be higher than the risks involved. Thus
they posit that through developing and practising information practices that addresses this
perceived risk would result in accumulated positive experience about the firm in the mind of
the consumer over time, which would lead to trust; which in turn creates a switching cost
generating the likelihood that the customer will remain with the firm (Culnan and Armstrong,
1999; Gundlach and Murphy, 1993). Addressing this perceived risk through procedural
fairness is thus essential to building trust.
2.11 Information transparency and Privacy policies as privacy protection measures
Information transparency allows consumers to access their data collected with a web vendor,
and also pertinent information about the usage of such data by the web vendor. Westin (1991)
identified a part of consumers to be privacy fundamentalists; those that show extreme concern
about any usage of their personal data. Awad and Krishnan (2006) state that the privacy
fundamentalists are generally unwilling to share or provide data to the internet sites regardless
51
of whether the sites have privacy protection measures in place. Cranor, Reagle, and
Ackermann (1999) also confirm the presence of such privacy fundamentalists and identify
that this particular consumer group is twice as likely as any other consumers when reporting if
they have experienced invasion of privacy. Awad Krishnan (2006) found that the privacy
fundamentalists regard information transparency features highly, and also consequently are
less willing to disclose information online for customization purposes.
Showing goodwill and respect to the customer is an important and essential component of
improving customer relations, as well as a firm’s reputation (Fombrun, 1996). Metzger (2004)
identifies privacy statements as a tool an online entity can utilize as the means of
demonstrating such goodwill and respect, since this enhances the customer perception of web
site privacy protection. Inclusion in the web site content of third party certifier statements
such as those provided by TrustE also influence customer perception of a web site’s privacy
protection measures (Palmer, Bailey, and Faraj, 2000).
Awad Krishnan (2006) identify privacy policies as written statements on a firm’s web site.
Consumers often encounter them during registration process at sites, and they explain the
information practices engaged by the companies in collection and usage of user information.
Awad and Krishnan (2006) contend that information transparency and privacy policies are not
substitutes of each other, and consumers valuing privacy policies are likely to also value
information transparency as a required attribute of a web vendor. Thus we may conclude that
the presence of one cannot compensate for the lack of the other. Awad and Krishnan (2006)
identify privacy policies to be more general in nature regarding a firm’s information practice,
whereas information transparency features of a firm provide specific information about
activities. They hypothesize that increased importance given by consumers to privacy policies
is going to increase the importance placed by them upon information transparency features
also.
Thus, Awad Krishnan (2006) deem information transparency features to be quite central to
privacy related internet behaviour, which they translate into an willingness to be profiled
online, whether for obtaining personalized services or for personalized advertising. We use
the concept as a “willingness to be profiled online” aggregating the sub-constructs.
Information transparency has been discussed above and has been shown to be features distinct
from mere privacy policies. In their research model of factors behind willingness to be
52
profiled online, Awad Krishnan (2006) show information transparency to be a function of
several independent constructs, while at the same time the sub constructs have a direct impact
upon the dependant variable willingness to be profiled itself.
Figure 13: Research model of willingness to be profiled online

Source: Awad Krishnan, MIS Quarterly, March 2006, pg. 18
The model embraces information transparency, privacy concerns, and willingness to be

profiled online as its core, and we begin formulating our research framework based upon this
theoretical perspective.
2.12 Procedural fairness : Consistency in usage of data and disclosure
Lind and Tyler (1988, cited by Culnan and Armstrong, 1999) identifies procedural fairness to
be whether an individual’s perception of a particular activity in which they are participating in
is conducted fairly or not, often referred to as procedural justice. Culnan and Armstrong
(1999) focus strongly on procedural fairness in particular activities by the companies to be
affecting customer’s perception of a web entity and their trust upon it. They state that
procedural fairness can be used advantageously by companies by utilizing it as a ‘privacy
leverage point’, through disclosure of its information policies and furthermore proving to the
customer that its actions are in accord with its policies. Customers form an expectation of how
the information that they provide would be used, and this expectation is confirmed or
53
disconfirmed later on through subsequent purchase experiences. Unless consistency is
maintained in the usage of such information, a customer is more likely than not to defect
(Morgan and Hunt, 1994). Culnan and Armstrong (1999) identify the privacy leverage point
as to be an intervention opportunity for the firm, not only to reassure the customers about their
privacy concerns, but also to even make them willing to disclose information. An added
benefit of observing procedural fairness is that if such assumptions are true, then companies
even stand to gain advantage through behaving ethically in their interactions with the
customer (Culnan and Armstrong, 1999), which would solve the privacy dilemma.
The following figure depicts the privacy leverage opportunity as identified by the authors,
with procedural fairness (taken as fair information practices) leading to trust; the cost benefits
of disclosure of information is subsequently weighed by the customer to reach the decision of
whether to divulge information or not (shown as the privacy calculus). This initiates the
transaction procedures and triggers off the data collection activities by the firm.
Figure 14: The privacy leverage point

(Source: Culnan and Armstrong, 1999).
2.13 Customer knowledge of privacy protection measures

It is quite widely believed that consumer knowledge of privacy protections is lacking.
Consumers likely harbor misconceptions about business practices affecting consumer privacy
(Dommeyer and Gross, 2003). It has been suggested that consumers who are knowledgeable
of privacy practices and options for safeguarding their own information may experience more
54
perceived control and, thus, less privacy-related anxiety (Foxman & Kilcoyne, 1993; Nowak
& Phelps, 1995; Phelps, Nowak, & Ferrell, 2000). Nowak and Phelps (1992) study found
uncertainty and misinformation about the sources of personal information available to
marketers. They concluded that much anxiety about privacy is based largely on ignorance.
Those respondents who were most concerned about threats to personal privacy were also
those most likely to erroneously believe marketers have access to any and all sources of
personal information. Further, they were less aware of actions they could take to protect their
own privacy.
Milne and Rohm (2000) reported even less consumer knowledge of name removal procedures
from a national database of direct mail purchasers. 58 percent reported no knowledge. A
recent American Demographics survey found only 30% and 24% of respondents,
respectively; have asked to have their name removed from a mailing list or telephone list
(Paul, 2001). Many in Milne and Rohm’s (2000) study also demonstrated limited awareness
of the types of information stored in marketing databases, including awareness of the fact that
marketers store credit card and purchase history information. Nowak and Phelps (1995)
suggest consumers’ knowledge of data collection can be identified as either full knowledge of
collection and use, knowledge of collection but not of use, or ignorance of both collection and
use. The threat to consumer privacy is minimal under the first condition (full knowledge) and
greatest under the last condition where consumers do not know of the collection or the use
(Graeff Harmon, 2002).
Milne and Culnan (2004) proposed the following model as a conceptual framework bringing
into the picture perceived notice comprehension, as well as previously mentioned and
discussed factors such as concern for privacy and demographics and depicted their impact on
the customers’ tendency to read privacy notices, and their trust on them.
Figure 15: Conceptual model of linkage between comprehension and trust

(Source: Milne and Culnan, 2004).
55
Milne and Culnan (2004) stress that reading the privacy notices in a web site is only one
strategy customers can use to manage online exposure risks. They hypothesize that the
concern for privacy is positively linked to a tendency to read online privacy notices, and so is
trust. However, reading the privacy notices and understanding the full impact of them may be
two different matters altogether. The authors point out that the function of privacy notices are
similar to that of warnings, and the risk remains that customers may not often understand the
words used in the warning messages (Milne and Culnan, 2004; Pyrczak and Roth, 1976).
Accepting Milne and Culnan’s (2004) view that privacy notices are akin to the product
warnings given out in the physical world, the content and format of such notices should be
critical for the customer’s subsequent comprehension and action upon processing the data.
56
Chapter 3
Presentation of Study A
(This chapter briefly presents the findings in the form of an article, summarizing the
qualitative research conducted using in-depth interviews during the period of 2004-2006 that
resulted in a Licentiate thesis. The underlying research framework and the results obtained
paved the way for the current work, through inclusion of new variables in the study and also
providing the opportunity for constructing the research model, examining and validating the
results using a quantitative approach. The article was submitted and accepted by the Journal
of Enterprise Information Systems in 2007 and is currently undergoing revision).
Abstract
An enterprise’s inability to grasp what information is sensitive to its customers can have a
strategic impact on the company, damaging its reputation, and limiting the trust it can foster in
relationships with customer. Customers in an online environment have concerns about
collusive information exchanges and fears of violation of privacy rights. The purpose of this
paper is to synthesize prior literature focusing on online privacy concerns and attempt to
identify strategic privacy leverage areas that enterprises may utilize when transacting and
building relationships with online customers. We attempt to do so by applying a qualitative
approach and cognitive mapping techniques that explores the decision making process of
customers. Previous studies have identified trust as a key factor in inducing customer
participation in e-commerce. This paper examines trust and other antecedents arising out of
customer experience and beliefs regarding informational and financial transactions with an
enterprise web presence. A multiple case study approach using cognitive mapping is used to
assess results and compare findings with prior empirical research. The results demonstrate the
viability of using cognitive mapping as a tool to find strategic privacy leverage points of
customers, leading to better understanding of a customer in the online environment.
Keywords: Online privacy, cognitive mapping, information disclosure, decision making.
57
3.1 Introduction
In 1999, the Georgetown Internet privacy policy survey (Culnan, 1999) found only 2% of
users to have great confidence that their personal information would be handled by internet
merchants responsibly. In January of 2005, the data aggregator company ChoicePoint had lost
the names, addresses, Social Security numbers and credit reports of 145,000 people to
scammers; and a month later Bank of America lost 1.2 million customer records with annual
transactions totalling more than $21 billion (Fortune, May 2005). Several empirical studies
have reported growing privacy concerns across populations (Acquisti, Grossklags, 2005;
Ackerman, Cranor, and Reagle, 1999). While customer privacy has always been a significant
issue in marketing, it assumed a greater significance in recent years with the advent of internet
based commercial transactions (Rust, Kannan, and Peng 2002). The dwindling cost of
technology has lead to efficient and cost-effective data mining techniques and data
warehousing technology, allowing enterprises, particularly large ones, to analyze and target
their customers better (Markoff, 1999; Richards 1997). The network environment within
which customer information is collected and coded has made it easy to combine pieces of
seemingly disparate customer information to develop full, integrated profiles of customers
and their behaviour (Rombel, 2001), ostensibly in order to provide better services, learn
customer preferences, and engage in effective customer relationship management practices.
The smallest possible compilation of elements that has meaning and value to the customer
(Franzak, Pitta, and Fritsche, 2001) is where newer technologies are being put into use now,
to achieve individual user needs and tastes.
However, Day and Montgomery (1999) described a fundamental change in the way markets
are perceived now, a shift from looking at individual transactions to focusing on relationships.
To attain this objective, customer profile information is deemed crucial for relationship
building (Franzak, Pitta, and Fritsche, 2001). Mascarenhas, Kesavan, and Bernachhi (2003)
proposed that online consumers can willingly transfer their privacy privileges by disclosing
information to marketers under mutually beneficial conditions. It appears that most consumers
are willing to give up some privacy simply to participate in a consumer society (Milne, 2000;
Phelps, Nowak, & Ferrell, 2000). The risk arises when enterprises end up pushing the edges
of how far a customer might be willing to go. Consumers are likely to believe that retailers
have profited at their expense if information about personal purchase patterns is sold to other
marketers (Graeff and Harmon, 2002).As Prabhaker (2002) points out, technology has created
58
better, faster, and cheaper ways for businesses to meet the needs of their customers as well as
for customers to satisfy their needs, but the capability to leverage this technology is far higher
for companies than for individual customers. This is caused due to the unequal resources at
the disposal of the enterprises or companies versus the customers, one of its results being
asymmetric information availability. Thus the market system works in heavily pressuring
customers to disclose more private information, while creating little or no pressure on
companies to disclose privacy information, thus not creating market benefit to all parties in an
equitable manner. Accordingly, enterprise information systems are also geared up to exploit
and foster the inequality. This stance is fundamentally at odds with the thoughts behind
customer relationship building.
Furthermore, Acquisti and Grossklags (2005) point out that economic studies of privacy
worked on the assumption that individuals are rational agents, which fails to answer the above
dichotomy. They counter instead that the individual decision process with respect to privacy
and disclosure of information is affected by incomplete information, bounded rationality, and
psychological deviations from rationality. Thus a generalized model or process of information
gathering, storage, and subsequent application by the enterprises, even with an aim to assist
the customer may alienate groups of customers that fall outside the boundaries of the model.
Thus there is a need for focusing on the nuances of individual’s privacy sensitive behaviour,
particularly in an online setting where the environment is marked by a physical absence of the
seller.
The purpose of this paper is to synthesize existing literature on online privacy, and investigate
the factors affecting willingness to disclose information online from a qualitative standpoint.
We intend to see whether there are departures in an individual’s behavior from established
research models using cognitive mapping tools.
The discussion and the stated research purpose lead us to our research question: How does a
customer become willing to disclose information online?
Based upon Acquisti and Grossklag’s (2005) assertion that individuals may not consistently
act as rational agents in responding to online privacy issues, the paper assumes the responses
are modified vectors of processing privacy threats and dimensions through a cognitive realm.
The cognitive realm is closely tied to the social history of the individual and results in the
differentiated responses to the same situation between people, or perhaps by the same
individual at different times.
59
Thus additionally the purpose of this research is to use Cognitive mapping techniques to
examine an individual’s personal construct systems from within the cases to test how the
willingness to disclose information online is shaped once the privacy factors are assimilated.
Through usage of multiple case studies, in-depth interviews have been conducted to ascertain
presence of the determinants in their privacy sensitive behaviour, and a semantic analysis of
how they link to each other have been used to generate cognitive maps for each case.
3.2 Theoretical Development
Imperatives for applying procedural fairness in systems representing enterprise online

presence
Researchers from varying disciplines such as communication, marketing, and psychology

have all suggested influencing variables in privacy concerns with disclosures of information
online (Metzger, 2004). For example, trust and ‘procedural fairness’ were cited by Culnan and
Armstrong (1999) to be crucial in addressing privacy concerns in online transactions. Their
view is that consumers could be willing to disclose personal information, and even agree for
this information to be used in creating profiles as long as their concerns for privacy are
addressed by fair procedures. This puts the burden of assurance on enterprises. According to
Culnan and Armstrong (1999), customer relationships are characterized by social distance,
and as such they must rely on strangers to act on their behalf, the strangers here being the
companies. Thus, in their view, procedural fairness acts as the intermediary factor leading
towards a build-up of trust, letting the organization use its delegated power to act on behalf of
the customer.
Experience has an effect on the customer’s perception on fairness of information usage. Lind
and Tyler (1988) identifies procedural fairness to be whether an individual’s perception of a
particular activity in which they are participating in is conducted fairly or not, often referred
to as procedural justice. Culnan and Armstrong (1999) focus strongly on procedural fairness
in particular activities by the companies to be affecting customer’s perception of a web entity
and their trust upon it. They state that procedural fairness can be used advantageously by
companies by utilizing it as a ‘privacy leverage point’, through disclosure of its information
policies and furthermore proving to the customer that its actions are in accord with its
policies. Customers form an expectation of how the information that they provide would be
60
used, and this expectation is confirmed or disconfirmed later on through subsequent purchase
experiences. Unless consistency is maintained in the usage of such information, a customer is
more likely than not to defect (Morgan and Hunt, 1994).
It is quite widely believed that consumer awareness of privacy protections is lacking.

Consumers likely harbor misconceptions about business practices affecting consumer privacy
(Dommeyer and Gross, 2003). It has been suggested that consumers who are knowledgeable
of privacy practices and options for safeguarding their own information may experience more
perceived control and, thus, less privacy-related anxiety (Foxman & Kilcoyne, 2001; Nowak
& Phelps, 1997; Phelps, Nowak, & Ferrell, 2000). Nowak and Phelps found uncertainty and
misinformation about the sources of personal information available to marketers. They
concluded that much anxiety about privacy is based largely on ignorance. Those respondents
who were most concerned about threats to personal privacy were also those most likely to
erroneously believe marketers have access to any and all sources of personal information.
Further, they were less aware of actions they could take to protect their own privacy.
Milne and Rohm (2000) reported even less consumer knowledge of name removal procedures
from a national database of direct mail purchasers. 58 percent reported no knowledge. Many
in Milne and Rohm’s (2000) study also demonstrated limited awareness of the types of
information stored in marketing databases, including awareness of the fact that marketers
store credit card and purchase history information.
Nowak and Phelps (1997) suggest consumers’ knowledge of data collection can be identified
as either full knowledge of collection and use, knowledge of collection but not of use, or
ignorance of both collection and use. The threat to consumer privacy is minimal under the
first condition (full knowledge) and greatest under the last condition where consumers do not
know of the collection or the use (Graeff & Harmon, 2002).
Milne and Gordon (1993) identified the collection and usage of personal information as a
‘social contract’ in which customer makes the non-monetary exchange of personal
information for intangible benefits such as quality of service. The authors conceptualized
direct mails as an implied social contract, and identified four attributes of such social contract:
volume, targeting, compensation, and permission. While the study was conducted in an
offline setting, since a parallel dynamics is at work at least in the case of online marketing and
offline direct mailing, the factors are worth considering. This view is supported by Culnan
and Armstrong (1999) who state that while research has mostly focused on trust and self-
61
disclosure in interpersonal contexts, similar balancing dynamics are used in electronic
environments.
Culnan and Armstrong (1999) point out that customers will abide by or participate in this
social contract as long as they perceive the benefits to be higher than the risks involved. Thus
they posit that through developing and practising information practices that addresses this
perceived risk would result in accumulated positive experience about the firm in the mind of
the consumer over time, which would lead to trust; which in turn creates a switching cost
generating the likelihood that the customer will remain with the firm (Culnan and Armstrong,
1999; Gundlach and Murphy, 1993). Thus the onus is on enterprises again not only to
minimize the risk associated with information disclosures in the mind of the customer, but
also to present the minimalization of such risk in an explicit fashion. Addressing this
perceived risk through procedural fairness is thus essential to building trust. To tackle
information malpractice it is imperative to chart the cognitive processes through which a
customer builds his / her decision paths towards ultimate participation in a transaction
process.
In case of internet stores which are typified by the absence of the seller, it is the organization
that directly has to bear the burden of trust placed on it by the consumer (Jarvenpaa,
Tractinsky, and Vitale, 2000). Jarvenpaa, Tractinsky, and Vitale (2000) define trust as the
governing mechanism in an exchange relationship that is characterized by uncertainty,
vulnerability, and dependence. Trust affects the behavior of consumers even when switching
costs are low (Schurr and Ozanne, 1985). Though increasing, a huge number of people
decline to shop online, or provide information to web providers because of a fundamental lack
of faith between businesses and consumers (Hoffman, Novak, and Peralta, 1999). They state
that almost 95% of web users have declined to provide personal information to web sites at
one time or another when asked. At the time when the study was conducted, 63% of the
consumers who declined to provide personal data to web sites gave reason that they decline to
do so because they did not trust those who were collecting the data. Today, as consumer
awareness ostensibly has increased, so has the perception of risk online contributing to the
lack of trust. The danger lies in the fact that the likelihood of consumers purchasing online is
adversely affected if the online environment is perceived as excessively risky (Hoffman,
Nowak, and Peralta, 1999). The risk is all the more potent in the online environment since it
involves two exchanges: one, the single utilitarian exchange involving goods or services in
return for money or goods or services; and also a second non-monetary secondary exchange
of information for value (Milne and Gordon, 1993, Culnan and Milberg, 1998). The first
62
exchange entails the risk of fraud, while the second exchange entails the risk to personal
privacy (Milne and Culnan, 2004).
In their study on the antecedents of consumer trust in an internet store, Jarvenpaa et al (2000)
considered a set of control variables, stating that perceived risk of a store could stem from a
consumer’s general risk attitudes towards the internet in general. The control variables are
cited to be frequency of internet usage, the frequency of internet shopping, shopping
enjoyment in general, attitudes towards computers, past direct shopping experience, and web
shopping risk attitudes.
While achieving trust is made more difficult due to factors such as inability to physically
inspect goods before purchase, the number of companies online without an established
reputation, and the relative novelty of the shopping experience online (Culnan and Armstrong,
1999; Jarvenpaa and Tractinsky, 1999), Metzger (2004) points out that trust has a particularly
important role in facilitating disclosure of information in online exchanges, since any physical
contact is replaced by ‘computer-mediated communication’. She identifies internet as an
environment having reduced social cues, and surmises that this makes trust even more
difficult, yet at the same time all the more necessary to establish than in an interpersonal
(offline) context.
Furthermore, Culnan and Armstrong (1999) highlight a person’s natural propensity or concern
towards privacy as one of the predictors of trust. Jarvenpaa and Tractinsky (1999) also
propound that an individual’s general trusting stance or disposition could extend to trust of
online companies. Thus Metzger (2004) suggests that the trust placed upon internet sites by
the customer would be inversely related to the individual customer’s general concern for
privacy.
The sizes of a company and reputation have also been cited as indicators of success. Doney
and Cannon (1997) state that a large organizational size implies to the buyer that other buyers
have conducted business successfully with them, and that they trust them. It is also useful in
indicating that the firm will possess the expertise and resources for support systems such as
customer and technical services (Jarvenpaa et al., 2000), further strengthening trust.
Doney and Cannon (1997) define reputation as the extent to which buyers believe a selling
organization is honest and concerned about its customers. Consumers, especially internet
consumers are likely to favour sites that represent a merchant with which they are familiar
from traditional channels (Jarvenpaa et al, 2000; Quelch and Klein, 1996). This is due to the
fact that prior association increases any positive affect as well as any positive cognition on the
part of the buyer (Jarvenpaa et. al, 2000).
63
Metzger (2004) also identified ‘regard for the company’ as one of the key components in
forming perceptions of trust about a company. She reiterates Jarvenpaa et al’s (2000) view
that firm reputation and personal experience are both linked to trust. However, she points out
that in case of a newly established company, where reputation or earlier exposure is absent for
the customer, evaluations are made based on a set of observable signals (Kirmani and Rao,
2000). These signals are comprised of components such as the company’s self-presentation in
their public communications which might include advertisements, customer service
interactions, or their policy statements. This view is echoed by O’Keefe (2002) who states
that liking for a communicator positively influences judgements of trustworthiness. Thus a
large enterprise may inherently be at an advantage when establishing and strengthening its
online presence compared to its smaller or lesser known rivals. However, this also underlines
the special need to scrutinize its information policy even more closely, since the advantage
over smaller online entities are liable to be eroded as far as simple web presence is concerned.
Metzger (2004) identifies privacy statements and seals as the tools an online entity can utilize
as the means of demonstrating such goodwill and respect, since this enhances the customer
perception of web site privacy protection. Inclusion in the web site content of third party
certifier statements such as those provided by TrustE also influence customer perception of a
web site’s privacy protection measures (Palmer, Bailey, and Faraj, 2000). Palmer et al (2000)
mention that while privacy perceptions of a site may vary depending on a user’s personal
traits and cultural factors, the design and content elements of a web site also communicate
data regarding privacy protection to a visitor and a customer.
History of disclosure of personal information in the past is also likely to affect later disclosure
of information (Metztger, 2004). This view is supported by Culnan and Armstrong (1999)
who stated that the consumers’ willingness to sacrifice personal information to marketers is a
function of their past experience with similar practices engaged in with marketers. This would
put the focus back on procedural fairness; since customers would become unwilling to
disclose any additional information if they develop the perception that their earlier released
information was used unfairly. Culnan and Armstrong (1999) further state that customers may
even be willing to let themselves be profiled for marketing usage in addition to disclosing
personal data if they feel their privacy concerns have been addressed by fair procedures.
With regard to experience or the timespan of one’s cumulative exposure to the internet,
Metzger (2004) raises the question of what may be the leading factor for a person to disclose
information initially. A survey by Kehoe, Pitkow, Sutton, Agarwal, and Rogers (1999)
revealed that more experienced users more willing to part with demographic information.
64
However, both Jarvenpaa and Tractinsky (1999) and Hoffman et al. (1999) did not find
confirmation of this claim.
The literature surveyed is by no means exhaustive since online privacy is an intricate issue,
and spans over several disciplines. However, we have attempted to cover the literature that
presents a multi-faceted view of the problems associated with online privacy and information
disclosure.
3.3 Summary of factors affecting willingness to disclose information online:
The brief literature survey above is summarily presented in the following table. This helps to
identify the relevant concepts and the boundary within which the investigation in this paper is
framed. An operationalization of the variables as gleaned from the literature review is
presented alongside.
Table 5: Summary of factors affecting willingness to disclose information

Determinants Operationalization of term Reference
Volume Customers feel strongly about amount of Culnan and Armstrong (1999),
mail received Milne and Gordon (1993).
Targeting Information of interest is desired, but too

personal turns the customer off
Permission How information is used post-transaction
Compensation The presence of compensation in some

form for divulging information
Perceived size May work towards lessening the effect Jarvenpää, Tractinsky, and Vitale
of uncertainty, vulnerability, and (2000); Doney and Cannon (1997);
dependence thus fostering trust. Quelch and Klein (1996)
Perceived reputation
Exchange risk Two types of exchange risks are Hoffman, Novak, and Peralta
perceived: (1999); Milne and Gordon (1993);
Involving goods or services in return of Culnan and Milberg (1998); Milne
other goods or services (fraud risk) and Culnan (2004).
Involving exchange of information of

value (personal privacy risk)
Trust Control variables to measure trust in Jarvenpää, Tractinsky, and Vitale

online store: (2000); Hoffman, Novak, and
65
Frequency of internet usage Peralta (1999), Metzger (2004),
Frequency of internet shopping Culnan and Armstrong (1999),
Shopping enjoyment in general Schurr and Ozane (1985).
Attitudes towards computers

Past direct shopping experience
Web shopping risk attitudes.
Uncertainty, vulnerability, and
dependence are three influencing
elements in customer relationship that
may affect online behavior even if
switching costs are low.
Information disclosure Willingness to sacrifice personal Metzger (2004); Culnan and

in the past information is a function of similar past Armstrong (1999).
experiences
History of disclosure likely to affect later
disclosure
Internet experience Experienced users may be more willing Kehoe, Pitkow, Sutton, Agarwal,
to part with demographic information. and Rogers (1999).
Lesser degree of actual experience Jarvenpää and Tractinsky (1999)
heightens the fear of the unknown. and Hoffman et al. (1999) disagree.
Increased experience with direct Dommeyer and Gross (2003);
marketing negatively related to desire to Milne and Rohm (2000).
be removed from marketing lists.
Design elements The design and content elements Palmer, Bailey, and Faraj (2000).
channelling impression and privacy and
security to customers
Presence of privacy Identifiable privacy statements and seals Metzger (2004); Palmer, Bailey,
protection measures as signs of goodwill and respect towards and Faraj (2000)
customers.
Consistency in usage of Moulds an individual’s perception of a Culnan and Armstrong (1999);

customer information particular activity as to whether it is Lind and Tyler (1988); Morgan
and communication to being conducted fairly or not. It can and Hunt (1994).
the customer thereof reassure customers regarding privacy
Disclosure of usage concerns, as well as make them willing
policy and matching of to disclose information. Privacy leverage
actions with statements point used to stop defection of
66
Combination of the customers.
above used as a privacy
leverage point
Customer’s Knowledge Knowledge of privacy practice positively Dommeyer and Gross (2003);
of privacy practice related to perceived control: and Foxman and Kilcoyne (2001);
Knowledge of name consequently less anxiety about privacy. Phelps, Nowak, and Ferrel (2000);
removal procedures Thus companies need to make sure the Nowak and Phelps (1997); Milne
Knowledge about types presence of privacy policies, and Rohm (2000); Graeff and
of information stored in implementation of them, and above all Harmon (2002); Milne and Culnan
company databases the communication of such policies (2004).

effectively to the customer.
Knowledge of data
collection
Communication of the Those with more positive attitudes were Culnan (1993); Milne and Gordon
sense of control those who also perceive a greater degree (1993); Nowak and Phelps (1997).
(Perceived control) of control over their personal
information.
Those with more positive attitudes are
more likely to perceive shopping from a
distance beneficial.
Type of retailer’s Privacy concerns vary due to the type of Graeff and Harmon (2002); Gervey
business and retailer as well as the indications of and Lin (2000).
corresponding site benefits for providing information, and
design to standards the types of data recorded
3.4 Privacy Leverage Strategic focus areas for enterprises
Trust appears to emerge as the key variable that not only is linked to the factors within these
theoretical perspectives as evident from the literature review, but also a lynchpin towards
resultant willingness to disclose information online. The behaviour as a result of the action of
these determinants pass through a cognitive process, shaped by demographics, gender, age,
social learning etc. of the individual. Thus the Internet with its amenities is assimilated as a
‘Social Institution’, a collection of means to fill individual needs. Based on the discussions so
far, we attempt to categorize the various identified factors into three sets of strategic privacy
leverage areas that enterprises can strategically focus upon; namely, social contract, risk
perception, and website content and communication. These strategic areas are named
grouping together the variables that show characteristics or attribute commonalities with each
67
other, as identified from the literature review and operationalized in the table. The three
strategic privacy leverage areas are illustrated in a conceptual framework below:
Figure 16: Privacy Leverage areas for enterprise strategic focus
As in Jarvenpaa (2000) et al’s study, Trust is taken as the key component in triggering
willingness to disclose information online, pursuant to the determinants within the three main
categorizations or privacy factors. Additionally, it is propounded that the path from assessing
the impact of the privacy determinants in individual cases through to formation of trust is
further filtered through a cognitive process based on the psycho-social history of the
individual. This ‘filtering’ ultimately decides the willingness to disclose at any given point for
an individual, which is consistent with Acquisti and Grossklag’s proposition that individuals
are not rational economic beings at all times, and hence their actions vary.
3.5 Methodology
Through the literature review it was possible to ascertain a discreet set of variables that need
testing in online information disclosure situation. This brings the philosophical standpoint in a
postpositivist realm. However, the literature review also brings into light a knowledge gap
that exists among studies undertaken regarding the presence of psychological variables in
68
determining privacy fears online. It is hitherto fore an uncharted territory, and it is the
intention of this research to explore this territory. This further exploration will not be possible
coming in from a post-positivist stance.
A choice of multiple case studies offers the best fit for the purposes of this research, since the
aim is to better understand a complex social phenomena and the research is an empirical
inquiry that investigates a contemporary phenomenon within its real-life context (Svensson,
2004). A multiple case-study approach is also particularly useful since the boundaries
between the phenomenon and context are not clearly evident (Yin, 1994) and since according
to the purpose of the research, the focus here is process oriented rather than result oriented, on
the context as well as specific variables, and on discoveries instead of proving causal
connections (Merriam, 1988). The advent of the Internet and its adoption by the masses is not
just a contemporary phenomenon, but also has evolved into a social one. A choice of multiple
case studies helps the researchers to explore the internalized variables as well as confirm the
presence of the external ones within the research context.
Based on the method of analysing empirical data, the paper can be further classified as an
interpretive study. The aim of the research is to explain actions based on observation and
description of entire objects or systems rather than isolated parts (Cunningham, 1992). Hence
it is an interpretive one. The method chosen is also phenomenological to some extent since it
explores the structures of consciousness in human experiences (Polkinghorne, 1989) and
describes the meaning of the lived experiences for several individuals about a concept or the
phenomenon (Creswell, 1998, 2003), as the research tries to examine what the cognitive
process may be in case of individuals as well as explore the determinants of online
information disclosure. Traces of a phenomenological study exists also in the fact that no rigid
questionnaires was used in conducting interviews other than a set of guiding questions based
upon the findings from the literature. However, other than the above reasons, the study is
interpretive in nature as the subsequent analysis is centered upon sifting through the responses
and interpreting them in the context of the social educational and economic history of the
respondents, as well as their demographics. In following such a method, the analysis is
unavoidably subjective. Such subjectiveness however is not considered a weakness in this
study since the respondents were indeed chosen based on their uniqueness to provide as
varied an outlook as possible, allowing for an unbiased scrutiny (Creswell, 2003).
Furthermore, the intent is not to generalize the findings, but rather to attempt to come up with
an insight into differing behaviours when it comes to disclosing information online.
69
The purpose of the exercise is to map user decisions that may concern their privacy needs in
internet transactions. This is essentially charting qualitative data. There are several different
methods for “mapping” qualitative data, such as mind mapping (Buzan, Buzan, 1993),
concept mapping (Novak and Gowan, 1984), cognitive mapping (Eden, Jones, & Sims 1979,
Ackermann, Eden, and Cropper, 1992, Eden & Ackermann 1998), and dialog mapping
(Conklin, 1992). Each of the techniques has its own characteristics, as well as retains some
similarity within them. A cognitive map represents an individual’s personal construct system
i.e. their beliefs, values etc. (Convertino, Chen, Yost, Ryu, and North, 2003). It is a technique
used to structure, analyse and make sense of accounts of problems (Ackermann, Eden, and
Cropper, 1992). It is aimed at understanding a client’s, in this case the research subjects’,
perception of a problem. Ackerman et al state that “it may provide valuable clues as to the
client's perceptions of the problem giving indication as to where the "nub(s)" of the issue may
lie”.
A cognitive map is made up of “concepts” - short phrases that express an idea (fact or
assertion) about an issue - and links - connections between the concepts which are read as
“may lead to” (Brightman, 2003). The concepts are the basic units of data in a cognitive map,
and are identified with the variables within this research. Concepts may be either bi-polar or
mono-polar. A mono-polar concept approach was taken in this study. A bi-polar concept is
usually expressed with the term “rather than” within the concept to link two contrasting
phrases. The objective of the mapping was to explore how one variable may lead to another,
and how they vary from one individual to another. As such, a bi-polar approach was not
deemed appropriate, and a mono-polar structure was used for building the cognitive maps in
this research. Once the initial cognitive map is drawn, a laddering technique is used to
generate a hierarchical model. The hierarchical model reorganizes the cognitive map by
putting the goals or most desired outcomes at the top, the strategies or the key issues in the
middle, and the supporting facts or options at the bottom rung of a pyramid.
In-depth interviews with user/respondents of online systems and simultaneous observations,
to be modulated with the backgrounds and cultural contexts of the respondent, and his / her
historical behavior; all of which interpreted and filtered through the eyes and minds and the
experience of the researcher. In other words, the research stems from a socially constructed
knowledge claim. Accordingly, a series of six prolonged interviews were conducted during
the summer and fall of 2005. The sessions were video taped and transcribed verbatim for
accuracy and later analysis.
70
The interviews consisted of 6 respondents, three from Europe and three from Asia, each of
whom was interviewed for 2 hours. As a qualitative study, the subject backgrounds and
experience were to be an important element in subsequent analysis and interpretation of
actions. While the subjects were chosen from among a circle of acquaintance, yet this perhaps
should not be dubbed as a convenience sample, since they were chosen based upon their
knowledge in the IT and financial fields, extensive usage of the internet in professional and
personal lives, professional seniority, and propensity to provide well thought out and
meaningful answers. The first subject is a Professor at a reputed European university. The
subject was initiated to computers in 1978 as an undergraduate at his engineering college. The
second subject holds an MBA in Marketing. Currently in his mid thirties, the subject started
his career as a Marketing Executive at one of the first internet service provider companies in
South Asia in 1996. The third subject is a Doctoral student in, Sweden, who is also a volume
user of VOIP (Voice over IP) services that are available on the net, and actively searches out
software on the internet that may enable him to avail of such services. He is also involved in
online sport betting. The fourth subject is the Managing Director of an Internet service
provider company in South Asia. He has an MBA in Marketing, but has worked in
information technology for most of his career. He may be classified as an early adopter of
technology. The fifth subject is a Cost and Management Accountant by professional training;
however he has been an entrepreneur throughout his career and is currently running three
companies in Asia, in information technology, publishing, and real estate. The sixth subject is
34 years old. Though he graduated in accountancy, he has built his career in information
technology. He currently works as a freelance consultant, working in South East Asia, and
specializing in designing large networks based on satellite ground stations and networks
through radio frequencies. He is also an expert in network security setup and management.
Semi-structured interviews were conducted in each of the six cases. The interview, coding,
and identification of the variables in each case go through a three stage process. In stage A,
the respondent is encouraged to speak about his online experience, and a few guiding
questions are used to start off the interview. The respondent is encouraged to continue
speaking in his own words, mostly without intervention from the interviewer. Only at times
the interviewer asked questions regarding the interviewee’s response, either to clarify or to
steer the responses along the key concepts. In stage B, the key concepts are preliminarily
identified from the interview transcript, and going back to the respondent, he is asked to
describe which concepts according to him are related and what might be the nature of such
relationships. A raw cognitive map is composed thereof, and in a third stage, the respondent is
71
asked to verify the raw map and whether it agrees or disagrees with his mental process. The
respondent is allowed to add or modify the map.
The Decision Explorer software from Banxia Softwares was used to construct the cognitive
maps once the key concepts and the nature of relationships were drawn from the respondents.
The ‘nodes’ and the relationships were identified from analysing respondent data and the
relative centrality of the factors were determined using the software. The resultant unified
cognitive map is then compared to the framework to find similarities or dissimilarities
between the theoretical path and the empirically obtained one.
Since triangulation is not an aim, and the study is descriptive in nature, the concept of internal
validity is not applicable in this case. It is envisaged that the results may be generalizable to
some extent, however that is not the goal of this research, and as such less import is placed on
external validity. Effort was taken to identify the epistemological stance of the researcher, the
adoption of the research strategy, the reasoning behind the choice, and the subsequent data
collection paradigm and the needed choice of data collection instruments. Finally, analysed
data and the emergent cognitive maps were sent back to the respondents to take in their
feedback regarding the accuracy of the generated maps.
3.6 Analysis
The analysis was based upon identification of keywords gleaned from the interviews and also
judging the context in which the keywords were used. A coding system was developed to
categorize the findings in each case. The factors most emphasized to have a positive
relationship towards forming willingness to disclose information were coded (++), factors
emphasized but not strongly agreed to have a relationship were coded (+). Factors about
which respondents did not express any connection to willingness to disclose information were
coded (0); factors that were emphasized to somewhat negatively influence willingness to
disclose information were coded (-). Factors that are strongly emphasized to have a negative
impact towards willingness to disclose information are coded (--).
The following table summarizes the different emphasis placed upon the determinants in the
six different cases:
Table 6: Degrees of emphasis placed upon variables within cases
Variables Case 1 Case 2 Case 3 Case 4 Case 5 Case 6
Volume -- + -- -- -- --
72
Targeting + 0 0 0 0 0
Permission ++ + 0 ++ 0 0
Compensation + 0 0 0 0 0
Trust ++ + ++ ++ ++ +
Size + + 0 + + +
Reputation ++ ++ 0 + + +
Exchange risk - - - - - -
Information - 0 -- - 0 0
disclosure in the
past
Internet - - - -- - -
experience
Design elements ++ 0 0 + 0 +
Presence of + 0 0 + + +
privacy
protection
measures
Consistency in ++ 0 0 ++ 0 0
usage of
information
Disclosure of 0 0 0 0 0 0
privacy policy
Knowledge of - - - - - -
data collection
practices
Control over ++ + ++ ++ + +
information
Type of 0 0 0 0 + +
retailers’
business
Newly emerged factors:
Offline ++ + 0 ++ 0 +
relationship with
vendor
Location of ++ + 0 0 ++ 0
73
company
Professionalism ++ 0 0 0 + +
perceived in
website
Legends:
Relationship to willingness to disclose
information online
++ Positive, strongly emphasized
+ Somewhat positive
0 Neutral, no emphasis
- Somewhat negative
-- Strongly negative
3.7 Charting the cognitive maps of the respondents:
Within the cognitive maps, the factors found to be closest to the goal of intention to disclose
information are the ones with the most emphasised positive relation with willingness to
disclose information; and are termed as ‘primary factors’. Other factors that emerged as
having a lesser emphasis are placed lower in the cognitive maps are termed as ‘secondary
factors’. Factors with either no relevance or a negative relationship to willingness to disclose
information are placed in the lowest rung within the cognitive maps, and are termed as
‘outliers’.
Figure 17: Cognitive map of Online Information Disclosure in case 1
In case one, the primary factor to emerge is trust. The secondary factors (identified within the
pyramid) are offline relationship, Offline reputation, Location, Perceived Professionalism,
74
Lower exchange risk, Size of the company, permission, and location. The outliers are
identified to be Volume, and consistency in usage of information.
In case two, the primary factors to emerge are Trust, and Lower exchange risk. The secondary
factors are Offline relationship, reputation, professionalism, permission, size of the company,
personality incline. The outliers are volume and targeting.
In case three, significantly there is no specific primary factor that motivates the user towards
online disclosure of information; rather a host of secondary factors are responsible. They are
past disclosure, internet experience, website design, exchange risk, control over information,
personality incline. The outlier in case three is targeting.
75
In case four, the primary factors to emerge are Trust, and Lower exchange risk. The
secondary factors are Permission, offline reputation, offline relationship, consistency, internet
experience, size of the company. The outliers are past disclosure, personality incline, volume.
In case five, the primary factor to emerge is Trust. The secondary factors are Location, lower
exchange risk, offline reputation. The outliers are Permission, volume, internet experience,
past disclosure.

In case six, the primary factor to emerge is Trust. The secondary factors are Location, offline
reputation, lower exchange risk, professionalism. The outliers are Permission, past disclosure,
volume, internet experience.
The following table summarizes the different factors emerging from the above individual
cognitive maps.
Table 7: Goals, key factors, and outliers in determinants of willingness

Case 1 Case 2 Case 3 Case 4 Case 5 Case 6
Goal Willingness to disclose information online
76
Primary Trust; Offline Trust, Lower - Trust, Trust Trust
factor(s) relationship exchange risk Lower
exchange
risk
Secondary Offline Offline Past Permission, Location, Location,

factors reputation, relationship, disclosure, offline lower offline
Location, reputation, internet reputation, exchange reputation,
Perceived professionalism, experience, offline risk, offline lower exchange
Professionalism, permission, size website relationship, reputation risk,
Lower exchange of the company, design, consistency, professionalism
risk, Size of the personality exchange internet
company, incline risk, control experience,
permission, over size of the
location information, company
personality
incline
Outlier(s) Volume, Volume, Targeting Past Permission, Permission,

consistency targeting disclosure, volume, past disclosure,
personality internet volume,
incline, experience, internet
volume past experience
disclosure
Based on the above findings, we can now attempt to draw a unified cognitive map comprising
of the primary, and secondary factors and the outliers from the six cases.
Figure 23: A unified cognitive map of online information disclosure
Trust, offline relationship, and perception of lowered exchange risk appear to be the key
factors or determinants that may induce an individual to engage in online information
disclosure. The second tier key factors are the determinants that are most relevant to such key
77
drivers. The outliers have some influence, however are not crucial to resultant behaviour.
Volume of mail received, which earlier was identified to have a negative linear relationship
with information disclosure has consistently been identified as to be an outlier.
It is curious to observe that the first tier key factors vary from individual to individual, with
two cases registering trust as the sole key factor, another case registering trust and the
presence of an offline relationship as the key towards divulging any information; while two
other cases acknowledge that trust combined with a sense of lowered exchange risk influences
them to disclose information online. Thus, for some individuals trust is a function of lowered
exchange risk, while for some other individuals, exchange risk and trust are placed in the
same quadrant, and as such is not a result of the other. Instead, the second tier key factors for
them are working towards generating a feeling of trust and lowered exchange risk separately.
Contrary to theory (Culnan and Armstrong, 1999; Metzger, 2004), past disclosure and internet
experience are found to be of little real world significance, securing positions of outliers at
best. They hold no real value in shaping an individual’s online information disclosure
behaviour. This finding prima facie may appear a little suspect; however, such findings from
all six cases certainly merit a closer inspection of the veracity of the theoretical claim.
3.8 Findings
The inverse relation between volume and future intention to disclose information is
substantiated across all the cases except for one, in keeping with theory. A higher internet
experience (10 years or more) leading to less receptivity towards volume of direct mail is
found. Targeting was found to be only a partially significant factor on decision to disclose
information. Compensation was desirable only in cases where previously mentioned offline
relationship existed, and as such is not deemed a significant factor.
Significantly, a strong presence of violation of permission to share information with third
parties was found to be a factor, allowable only when there was a pre-existing offline
relationship with a company. Another significant factor that is a possible catalyst towards
overlooking permission violation emerged from the analysis is “off line relationship”. We
may view the “off line relationship” variable to put a context within which customers may
overlook the risk involved within a social contract.
In keeping with theory, the role of trust is confirmed as a key factor in modifying information
disclosure behaviour. Size is confirmed as a factor as it was found that size is associated in the
customer’s mind with professionalism and success. It is a complementary factor to reputation,
78
which has been confirmed as one of the factors behind agreeing to disclose information. Trust
is found to be a function of the reputation of the company. A partially significant factor was
found to be professionalism of the staff related to the websites that influences overall trust of
the website. The professionalism is indicated through direct interaction and access to the stuff,
as well as the design elements and contents of the website.
Significantly, a new factor has been identified which is location of the website company.
Location appears to be a function of the awareness and business experience obtained from
offline business environments of the customer. Location of the users themselves however do
not appear to be a valid factor. Also of significance is that there appears to be a negative
relationship found between information disclosure behaviour in the past and current or future
information disclosure inclination. This opposes the theoretical assertion by Metzger (2004),
Culnan and Armstrong (1999) that past information disclosure positively affects future
disclosures.
Design elements are not found to be significant determinants of future information disclosure
except where professionalism was viewed with importance and design is taken as an indicator
of professionalism. However navigability within the site is perceived as a positive factor
within design elements universally. Consistency in usage of information is found to be rated
high in cases where permission also scored the highest.
Significantly, privacy protection measures such as presence of privacy statements have been
found to have lost any real meaning in the mind of users. It was identified that their presence
does not assure customers that their privacy and agreement to share or not share information
with third parties will be honoured despite presence of privacy statements. Similar and a
complementary factor is usage policy disclosure. They are deemed not as a favour done by the
companies toward the customer, but an essential if minor feature that must be present at sites.
However they are viewed as mere stepping stones and their simple presence cannot be used to
improve customer relations or reputation.
3.9 Conclusion
3.9.1 Theoretical Contributions
The principal theoretical contribution of this paper is to propose three strategic privacy
leverage areas that enterprises need to focus upon to reduce the perceived information
asymmetry between the enterprise and its customers. This is in part to assure the customers
79
regarding privacy of their data in a tangible manner; and also to foster trust that is key to any
relationship building efforts on the enterprises’ part. The paper also demonstrates the viability
of using cognitive maps to capture the decision process undergone by a customer when
purchasing online. By charting and targeting the areas where a customer feels vulnerable
when shopping or disclosing transaction information online, companies can also assuage its
online customers and ensure returns. .
The veracity of claims that targeting that information of interest is desired, but too personal
nature of enquiries turns a customer off (Culnan, Armstrong, 1999; Milne, Gordon, 1993)
could not be substantiated since a rejection of any so called targeted advertisement emerged
as the norm. Their role in actively engaging the customer in information disclosure was non-
existent for cases with a long history of internet usage. Within risk perception category, trust
in the site and reputation emerged as the strongest determinants to influence customer
disclosures. Perceived professionalism of the staff was found to be an emergent factor within
a couple of cases, where as it was found to have no impact in others.
An inverse relationship between information disclosure in the past and future inclination to
disclose information was found, contrary to theoretical findings (Metzger, 2004). Location
and offline relationship were two new factors that emerged as possible new determinants
within the case studies. The geographical location of a site as well as the prevalent offline
(business) culture of the location appeared as an important factor in fostering trust, and
consequently willingness to disclose information. Another new factor that emerged as a
possible determinant is offline relationship; which emerges as a variable that can influence
overlooking the risk involved within a social contract, particularly in case of permission
violations.
3.9.2 Implications for companies and managers
A significant finding from the research was that users pay little heed to privacy notices on the
web sites, which have lately become the norm. Indeed, they are viewed as little more than
instruments to protect the company. Thus incorporating privacy protection notices as standard
design features of a web site is in effect counter productive. A more tangible result may be
obtained through providing helpful messages and hints along the way of registration of a user,
explaining in layman’s terms how his privacy is being protected every step of the way.
Furthermore, location was found as a significant new factor, and it was found to be closely
linked to a country profile. Thus, while registering a corporate site, a top level country domain
80
(country TLD) with a “cleaner” image may help foster trust that otherwise a simple dot com
may fail to do. The decision to incorporate a privacy notice, as mentioned above, is often a
managerial decision rather than a designer level one. It would be wise for managers to refrain
from simply rely on the privacy notice and rest on the laurels that they may have done all they
can to reassure their customers. As offline relationship emerged as a significant factor for
disclosing information online, it may be worthwhile to establish or pursue such relationships
even in the case of a purely virtual entity.
3.9.3 Limitations of the study
The data gathering, coding, interpretation and analysis of the case findings are subjective and
as such are open to differing interpretations. Since this is a qualitative study and the aim is not
to generalize, the subjective bias itself perhaps adds to the collective findings for the reader,
as the reader himself is open to reanalyze. The paper takes into account the stories of six
respondents who are highly skilled professionals in diverse areas. The subjective
interpretation is bound to differ; however, the strength of such an approach lies in its ability to
uncover areas and explore them deeper that may be overlooked in a quantitative survey based
approach. Care was taken to identify relevant keywords and compile a thorough list for
coding the responses. However, a weakness of this approach is the coding of the responses
has to be done manually, and as such is liable to errors and misinterpretations. We tried to
limit such errors /misinterpretations by going over the responses once they were coded with
the interviewees. Another issue that could be raised is the limited number of cases leading to
results being not representative as a whole. However, the onus in this study is on confirming
presence of variables from earlier research in explaining individual behaviour and examining
the underlying cognitive processes, and not that of the collective.
3.9.4 Directions for further research
Perceived professionalism of the staff, as well as location and the role of pre-existing offline
relationships were found to be emergent factors within the study. There is need for more
research done on a quantitative basis based on surveys and laboratory experiments to ascertain
the presence of the variables. Finally, an inverse relationship between information disclosure
in the past and future inclination to disclose information was found, contrary to theoretical
findings (Metzger, 2004). This finding merits closer inspection, it is postulated within this
81
research that Metzger’s findings may hold true for internet users with lesser degree of
experience and not for users who already have a substantial online experience, as was the case
for this research.
References
Ackerman, M.S., L.F. Cranor and J. Reagle, (1999), “Privacy in ECommerce: Examining User Scenarios and
Privacy Preferences”, in Proceedings of the ACM Conference on Electronic Commerce.
Ackermann, F., Cropper, S., and Eden, C., (1992), “Moving between Groups and Individuals using a DSS”,
Journal of Decision Systems, 1(1), 17-34.
Acquisti, A. and Grossklags, J. (2005) “Privacy and Rationality in Individual Decision Making”, IEEE
Security and Privacy, IEEE Computer Society, 3 (1), 26-33.
Brightman, H., (2003), “Interactive Simulations”, Teaching and Learning Workshop, Middle Tennessee State
University, Learning Resources Network (LERN),
http://www.learn.org/members_area/shared_course_content/readings/interactiveSimulations.
Buzan, T. , Buzan, B. (1993), “The Mind Map Book: Radiant Thinking: The Major Evolution in Human
Thought”, BBC Books, London.
Conklin E. J. (1992). “Capturing organizational memory”, In D. Coleman (Ed.), Groupware ‘92, 133- 137.
Convertino, Gregorio, Chen, j., Yost, b., Young-sam, Ryu, North, c, (2003), “Exploring Context Switching
and Cognition in Dual-view Coordinated Visualizations”, Proceedings of the international conference
on coordinated and multiple views in exploratory visualization, July, 57- 66.
Creswell, J.W., (1998), “Qualitative Inquiry and Research Design: Choosing Among Five Traditions”, Sage
Publications Inc. CA, USA.
Creswell, J.W., (2003), “Research Design, Qualitative, Quantitative, and Mixed Methods Approaches” (2nd
ed.), Sage Publications, Inc. CA, USA.
Culnan, M. J. (1993). "’How did they get my name?’: an exploratory investigation of consumer attitudes
toward secondary information use”. MIS Quarterly, 17, 341-364.
Culnan, M.J., 1999. Georgetown internet privacy policy survey: Report to the Federal Trade Commission.
Georgetow University, Washington, DC. Previously available at
http://www.msb.edu/faculty/culnanm/gippshome.html
82
Culnan, M. J., & Milberg, S. J. (1998). “The second exchange: Managing customer information in marketing
relationships”, Working paper, McDonough School of Business, Georgetown University, Washington,
D.C.
Culnan, M. J., and Armstrong, P. K., (1999) “Information Privacy Concerns, Procedural Fairness, and
Impersonal Trust: An Empirical Investigation”, Organization Science 10(1), 104-115.
Cunningham, W.P. and Saigo, B.W. (1995), Environmental Science. A Global Concern, Wm. C. Brown
Publishers, London.
Day, G.S, and Montgomery, D.,B., (1999), “Charting new directions for marketing”, Journal of Marketing;
63(5):3-13.
Dommeyer, C.J., & Gross, B.L.; (2003), “What Consumers Know And What They Do: An Investigation of
Consumer Knowledge, Awareness, and Use Of Privacy Protection Strategies”, Journal of Interactive
Marketing, 17(2).
Doney, P.M., and Cannon P., (1997), “An Examination of the Nature of Trust in Buyer-Seller Relationships”,
Journal of Marketing, 61, 35-51.
Eden, C. and Ackermann, F. (1992) “Strategy Development and Implementation - the role of a Group Decision
Support System”, in S. Kinney, B. Bostrom and R. Watson (Eds) Computer Augmented Teamwork: A
Guided Tour. Van Nostrand: New York.
Eden, C., Ackermann, F., Cropper, S., 1992. ”The analysis of cause maps”, Journal of Management Studies, 29,
309– 324.
Eden, C., Jones, S., and Sims, D. (1979). “Thinking in Organizations”, London, Macmillan.
Eden,C. and Ackermann,F. (1998). “Making Strategy: the Journey of Strategic Management”, London: Sage.
Eden,C. and Ackermann,F. (2000), “Mapping distinctive competencies: a systemic approach”, Journal of the
Operational Society, 51, 12–20.
Fortune (2005), “Identity Theft: The Great Data Heist”, May, 2005.
Foxman, R.F., And Kilcoyne, P., (2001), “Information Technology, Marketing Practice, And Consumer Privacy:
Ethical Issues”; Journal Of Public Policy And Marketing, 12 (1), 106-119
Franzak, F., Pitta, D. and Fritsche, S. (2001), “Online relationships and the consumer’s right to privacy”, Journal
of Consumer Marketing, Vol. 18, pp. 631-41.
Gervey, B., & Lin, J. (2000), “Obstacles on the Internet”, Advertising Age [Special Internet edition], 71(16), 12-
22.
Graeff, T.R., And Harmon, S., (2002), “Collecting And Using Personal Data: Consumers’ Awareness And
Concerns”, Journal Of Consumer Marketing, 19 (4), 302-318.
Gundlach, G. T., and Murphy, P.E., (1993), “Ethical and Legal Foundations of Relational Marketing
Exchanges”, Journal of Marketing, 57 (October), 35–46.
83
Hoffman, D.L., Novak, T.P., and Peralta, M., (1999), “Building consumer trust online”, Communications of the
ACM, 42(4).
Jarvenpaa, S.L., and Tractinsky, N, (1999), “Consumer trust in an internet store: a cross cultural validation”,
Journal of Computer Mediated Communication, 5(2).
Jarvenpaa, S.L., Tractinsky, N, and Vitale, M., (2000), “Consumer trust in an Internet store”, Information
Technology and Management, 1.
Kehoe, C., Pitkow, J., Sutton, K., Agarwal, G., and Rogers, J.D., (1999), “Tenth www user survey”,
www.cc.gatech.edu/gvu/usersurveys/survey-04-1997
Kirmani, A., and Rao, A., (2000), “No pain, No gain: a critical review of the literature on signalling
unobservable product quality”, Journal of Marketing, 64(2).
Lind, E. A. and T. R. Tyler (1988). “The Social Psychology of Procedural Justice”. New York: Plenum Press.
Markoff, J.; (1999), “The Privacy Debate: Little Brother And The Buying And Selling Of Consumer Data”,
Upside 11(4), Pp. 94-106.
Mascarenhas, O.A.J., Kesavan, R., and Bernacchi; (2003), “Co-Managing Online Privacy: A Call for Joint
Ownership”, Journal of Consumer Marketing, 20(7), 686-702.
Metzger, M.J., (2004), “Privacy, trust and disclosure: exploring barriers to electronic commerce”, Journal of
Computer Mediated Communication, 9(4).
Merriam, S.B., (1988), “Case Study Research in Education. A Qualitative Approach”, Jossey-Bass Publishers,
San Francisco.
Milne, G. R., & Gordon, M. E. (1993). “Direct mail privacy-efficiency trade-offs within an implied social
contract framework”, Journal of Public Policy and Marketing, 12, 206–215.
Milne, G., (2000), “Privacy and Ethical Issues in Database/Interactive Marketing and Public Policy: A Research
Framework and Overview of the Special Issue”, Journal of Public Policy & Marketing, 19(1), 1-24.
Milne, G.R. and Rohm, A.J., (2000). “Consumer privacy and name removal across direct marketing channels:
Exploring opt-in and opt-out alternatives”, Journal of Public Policy and Marketing, 19(2), 62–73.
Milne, G.R., and Culnan, M.J., (2004), “Strategies For Reducing Online Privacy Risks: Why Consumers Read
(Or Don’t Read) Online Privacy Notices”, Journal of Interactive Marketing, 18 (3).
Morgan, R.M., and Hunt, S.D., (1994), “The Commitment-Trust Theory of Relationship Marketing”, Journal of
Marketing, 58 3.
Novak, J., & Gowan, D. (1984). “Learning how to learn”, Cambridge, UK: Cambridge University Press.
Nowak, G. J., and Phelps, J., (1997), “Direct Marketing and the Use of Individual-Level Consumer Information:
Determining how and when Privacy Matters”, Journal of Direct Marketing, 11(4), 94-109.
O'Keefe, D. J. (2002). “Persuasion: Theory and research”, (2nd ed.). Newbury Park, CA: Sage.
84
Palmer, J. W.; Bailey, J. P.; and Faraj, S., (2000), "The Role of Intermediaries in the Development of Trust on
the WWW: The Use and Prominence of Trusted Third Parties and Privacy Statements," JCMC, 5(3).
Phelps, J., Nowak, G., and Ferrel, E.; (2000), “Privacy Concerns And Consumer Willingness To Provide
Personal Information”, Journal Of Public Policy And Marketing, 19, 27-41.
Polkinghorne, D. E. (1989). “Phenomenological research methods”, In R. S. Valle &M. King (Eds.), Existential
phenomenological alternatives for psychology (pp. 41-60). New York: Oxford University Press.
Prabhaker, P.R.; (2000), “Who Owns The Online Consumer?”, Journal Of Consumer Marketing, 17(2), 158-171.
Quelch, J. A., & Klein, L. R. (1996). “The Internet and international marketing”, Sloan Management Review,
37(3), 60-75.
Richards, J.I.; (1997), “Legal Potholes on The Information Superhighway”, Journal Of Public Policy And
Marketing, 16 (2), 319-326.
Rombel, A. (2001), ``The privacy law debate navigating the privacy law divide'', Global Finance, Vol. 15 No. 1,
January, New York, NY, p. 28.
Rust, R.T., Kannan P.K., And Peng N., (2002), “The Customer Economics Of Internet Privacy”, Journal Of The
Academy Of Marketing Science, 30(4), 455-464.
Schurr, P. H. and Ozanne, J.L., (1985). “Influences on Exchange Processes: Buyers’ Preconceptions of a Seller’s
Trustworthiness and Bargaining Toughness.” Journal of Consumer Research, 11 (March): 939-953.
Seldon, A., (1997), “Privacy And Security On The Internet”, Trusts And Estates, 136(9), 16-20.
Svensson, M. (2004), “TQM-Based Self-Assessment in Educational Organizations, Help or Hindrance?”,

Doctoral Thesis, Luleå University of Technology, Sweden.
Yin, R. 1994. Case Study Research 2nd ed. Sage, Thousand Oaks, CA
85
86
Chapter 4
4.1 Frame of reference
Based upon the literature reviewed in the earlier chapter, we present a typology of trust to
summarise theoretical relationships identified by various researchers. Trust here is composed
of both initial trust and ongoing trust, and culminates in trust related desired action. This
perspective is further refined, the scope is narrowed down, and coupled with the privacy
research model adopted from Awad Krishnan (2006) leading to desired action translating to a
willingness to be profiled online and willingness to transact online.
87
Figure 24: A theoretical conceptualization of trust in e-commerce
88
The following table presents an operationalization of the variables and the sources for
operationalization and scale items used in this paper:
Table 8: Operationalization of variables

Variable name Principal tenets Source and scale items
from
Consumer control over Control over dissemination Goodwin (1991), Dinev, Hart
information of information during (2004)
transaction or interaction to
third parties
Control over undue
observance or insistence
upon data collection
Trust Trust defined as Trusting Gefen, Karahanna, Straub
intention leading to trust (2003), McKnight,
related behavior of consumer Chaudhury, Kacmar (2002),
Measuring intention to McKnight Cummings
engage in trust behaviour Chervany (1998)
instead of actual engagement
Trusting beliefs are
perceptions of specific
vendor attributes leading to
formation of trusting
intentions
Cognitive processes lead to
trusting beliefs
Perceived risk Extent of uncertainty Sitkin and Pablo (1992),
regarding potentially Jarvenpaa, Tractinsky, and
significant outcome of Vitale (2000), Mayer, Davis,
decision Schoorman (1995), Lewis
Trustor’s belief about the and Weigert (1985)
likelihood of gain or loss in
89
relation with trustee
Perception of vulnerability Perceived possible negative Fusilier and Hoyer (1980),
consequence from an action Dinev and Hart (2004),
such as disclosure Culnan and Armstrong
(1999).
Size of the vendor Perception about a firm’s Donney and Cannon (1997),
overall size and its market Jarvenpaa, Tractinsky, Vitale
share position (2000), Jarvenpaa Tractinsky
Denotes possession of (1999)
expertise and resources and
trustworthiness
Reputation of the vendor The extent to which buyers Doney and Cannon (1997),
believe a selling organization Quelch and Klein (1996),
is honest and concerned Culnan and Armstrong
about customers, also taken (1999), Jarvenpaa and
as regard for the company, Tractinsky (1999), Metzger
familiarity from traditional (2004), Kirmani and Rao
channels (2000)
Privacy concerns Consumer concern over Farag/Awad Krishnan (2003,

types of information 2006), Mascarenhas,
collected and how they are Kesavan, Bernachhi (2003),
used subsequently Sheehan (2002), Faja (2005),
Cost benefit trade-off of Milne and Gordon (1993),
whether risk associated Andrade and Kaltcheva
exceeds benefits (2001), Jourard (1971),
Quantity vs quality of self- Cranor Reagle, Ackermann
disclosure (1999)
Familiarity with vendor Knowledge acquired about e- Gefen, Karahanna, Straub
vendor (2003), Doney and Cannon
A situational cue that reduces (1997), Bhattacharjee (2002)
uncertainty and generates
trust
90
Location Originating location of Nath (2006), Gefen
(proposed new variable) vendor evidenced by domain Karahanna (2003), Brewer
or other explicit cue on the and Silver (1978), Morgan
web site and Hunt (1994)
Posited as an element of
cognition based trust
Previous privacy invasion Negative outcomes from past Culnan and Armstrong
online disclosures (1999), Culnan (1993),
Separate from earlier Metzger (2004), Awad and
assertion that past disclosure Krishnan (2006)
will lead to future disclosures
Information transparency Mechanism put in place by Awad Krishnan (2006),
websites to allow consumers Fombrun (1996), Metzger
access to their data (2004), Cranor, Reagle,
Information about the usage Ackermann (1999)
of such data
Specific information practice
attribute of a web vendor
Privacy policies Written statements Awad Krishnan (2006),
explaining information Palmer Bailey Faraj (2000),
practice of a firm regarding Culnan and Armstrong
collection and subsequent (1999), Metzger (2004)
usage of customer data
Distinct from information
transparency: general
information policy attribute
of a web vendor
Demographics Gender, age, and income Awad, Krishnan (2006),
related to privacy concerns Dommeyer and Gross
(2003), Milne and Rohm
(2000), Phelps and Nowak
(1992), Graeff and Harmon
(2002), Phelps, Nowak, and
91
Ferrel (2000)
Willingness to transact The degree to which Jarvenpaa Tractinsky Vitale
people express their (2000), Bhattacharjee (2002)
intentions to buy from a
certain site
A reasonable predictor of
actual buying behaviour
Preceded by buyer attitude
toward the vendor
Willingness to be profiled Degree to which consumers Awad Krishnan (2006),

online share information for Milne and Gordon (1993)
personalized services
Consumer evaluation of
negative consequence of
information sharing against
utility derived
4.2 Hypotheses formulation:
4.2.1 Consumer control over information
Goodwin (1991) has defined privacy in terms consumer control, stating that privacy is the
consumer’s ability to control the presence of others during a transaction or consumption
behaviour; as well as the control they can exert upon the information that is disseminated
during the transaction or interaction to parties that are not present during a transaction. The
second part of the definition in particular is well suited for defining control over information
during an exchange over the internet. Goodwin (1991) further contends that privacy loss
stems from a feeling of being watched or sensed. This translates the first part of the definition
to the internet context where one of consumer worries is that of being watched. Mascarenhas,
Kesavan, and Bernachhi (2003) have identified the need for control in upholding consumer
privacy on the internet. They identify consumer privacy concerns as an issue of access
control, and focus on the consumer’s ability to control personal information. Based on
92
Goodwin’s definition of privacy and control in an offline setting, we proposed a definition of
consumer control as it stands in its relationship to privacy concerns in an online exchange:
a. control over dissemination of information related to or provided during the

transactions or behaviour to third parties not party to the original transaction
b. control over undue observance, insistence on data collection, or monitoring during a
transaction or interaction in a web site.
Nowak and Phelps (1995) identified that information collected without consent is
unacceptable to consumers, and Milne (2000) commented that consumers do not take it well if
marketers sell information collected about the customers. Sheehan and Hoy (2000) stated that
the perceived ability to control information and subsequent selling of such information to
third parties are a privacy concern raising factor, and also a factor influencing transaction
decisions. Dinev and Hart (2004) state that control to be one of the variables that mediate
privacy. They take the ability to control personal information as a separate construct from
privacy concern that leads to the privacy concern.
Based on the observations, the following hypothesis is proposed:
H1: Perceived control over information (denoted as CI henceforward) has a significant

relationship with privacy concerns (denoted as PC henceforward).
The null hypothesis is stated as:
H10 = There is no relationship between perceived control over information (CI) and privacy
concerns (PC).
H2: Perceived control over information is positively linked to trust (T).
H20 = There is no relationship between control over information and trust.
93
4.2.2 Trust
Trust has been mentioned by numerous researchers to be a key factor in adoption of e-

commerce; both for disclosing of personal information and purchasing of vendor products or
services (McKnight Chaudhury et al, 2002; Wang, 1998; Gefen Karahanna, Straub, 2002;
Friedman, 2000; McKnight Cummings Chervany, 1998). Mcknight Cummings and Chervany
(1998) indicate that there may be high levels of initial trust in relationships. Initial trust
denotes interaction with an unfamiliar trustee where the parties do not have credible
information about each other, neither do they have an existing bond. Glaeser, Laibson,
Scheinkman, and Soutter (2000) also found initial trust levels to be high. McKnight
Cummings et al (1998) identify disposition to trust and institution based trust influenced by
cognitive processes to be antecedents of formation of trusting beliefs and trusting intentions.
Shapiro (1987) identified situational normality and structural assurances to be precursors to a
buildup of institution based trust. Gefen Karahanna and Straub (2003) have included three
types of trust, calculative based, institution based (including structural assurances and
situational normality) and knowledge based trust in their research model of trust in online
shopping. Personality trait based disposition to trust which is a function of calculative trust is
outside the focus of this paper.
McKnight Chaudhury and Kacmar (2002) identified information disclosure and purchasing on
the internet as trust related behaviours. It is a behavioural intention rather than actual executed
behaviour. We measure such trust related behaviours or intention in this research instead of
measuring actual transaction behaviour. This stance is justified by Sheppard, Hartwick,
Warshaw (1988), Venkatesh, Davis (2000), McKnight Chaudhury Kacmar (2002) who adopt
a similar stance in their research citing the difficulty of conducting research based on actual
transaction behaviour, and further stating that there remains a strong correlation between
behavioural intention and actual behaviour. Furthermore, Agarwal Prasad (1998) and Gefen
Karahanna (1999) suggest measuring intention to engage in trust behaviour instead of actual
behaviour as the norm to sidestep any difficulty in conducting research of actual behaviour.
Mcknight Chaudhury and Kacmar (2002) in their web trust model proposition that trusting
beliefs which are perceptions of specific vendor attributes lead to formation of trusting
intentions, which is an intention to engage in trust related behaviours with web vendors. A
trust related behaviour in the model is the disclosure of information or engaging in
94
transaction. Trust related behavior is identified as intended use by Gefen Karahanna Straub
(2003) in their Trust Tam in online shopping model. Thus we take trust as trusting intention of
the consumer. Comparing with the McKnight model then, any antecedents to trusting
intentions translate to the trusting belief formative constructs of the McKnight Chaudhury et
al (2002) model. In keeping with Gefen Karahanna et al.s positioning, we hereforth call
trusting intentions leading to trust related behaviours as simply trust in this research.
The overarching hypothesis may be posited as:
Trust has a positive relationship with trust related behaviours.
Two hypotheses are proposed as trust related behaviours are classified into the willingness to
disclose information online, and the willingness to transact online:
H3: Trust (T) has a positive relationship with the willingness to disclose information and be
profiled online (WP).
H4: Trust (T) has a positive relationship with the willingness to transact online (WT).
The null hypotheses are thus posited as:
H30 = There is no relationship between trust and willingness to disclose information online.
H40 = There is no relationship between trust and the willingness to transact online.
4.2.4 Perceived risk
Sitkin and Pablo (1992) have defined risk as the extent of uncertainty regarding potentially
significant or disappointing outcomes of decisions. McAllister defined the perception of risk
in an online context as a trustor’s belief about the likelihood of gain or loss involving
relationship with a trustee. Lweis and Weigert (1985) have underscored the importance of risk
in understanding trust. Mayer, Davis, Schoorman (1995) have highlighted that it still cannot
be said with certainty whether risk is an outcome of trust or it is a trust antecedent. However,
Mayer Davis et al. (1995) in their model of trust have shown perception of risk to follow trust
95
formation and to have an impact upon risk taking in relationship leading to outcome. Risk
taking behaviour is shown to be directly influenced by trust.
Jarvenpaa Tractinsky and Vitale (2000) also show perception of risk to be an outcome of trust
in an internet vendor, and show both factors to be antecedents of the willingness to purchase.
In their definition, trust is treated as a governing mechanism that is characterized by
uncertainty, vulnerability, and dependence. Hoffman Novak and Peralta (1999) identify that if
an online environment is perceived to be highly risky, then the consumer purchasing
likelihood is negative affected.
In earlier literature review, a distinction has been drawn between confidence and risk,
pointing out that in a given situation where no alternatives need to be considered, a consumer
is placed in a position of confidence (Luhmann, 1988). However, in internet purchase or
information disclosure scenarios, we can hardly envisage such situations. One is said to be in
a situation of trust where there options available for one to act upon along with a possibility of
disappointment resulting from such options (Luhmann, 1988; Mayer Davis Schoorman,
1995). Thus it has been argues earlier that in an internet purchasing scenario, a consumer is
placed in a position of trustor, and not a confidence holder. Based upon the above argument,
risk is also recognized to be an integral component in any trust based model.
It has further been argued earlier on that risk is pertinent only when an action is considered
(Mayer et al, 1995), and there is no risk involved in a consumer’s mere willingness to be
vulnerable. Risk becomes potent only when we consider a behavioural manifestation (such as
the willingness to transact) of the said willingness to be vulnerable on the consumer’s part.
Sitkin and Pablo (1992) have drawn similar conclusions calling the constructs a tendency to
take risk and risk behaviour.
This leads us to forming our next hypotheses:
H5 : Trust (T) in a store has a significant relationship with risk perception (PR).
H6: There is a significant relationship between Perception of risk (PR) and the willingness to
transact (WT).
96
Null hypotheses are:
H50 = No relationship between risk perception and trust; and
H60 = No relationship between perception of risk and the willingness to transact.
4.2.5 Perception of vulnerability:
Fusilier and Hoyer (1980) described vulnerability as the perceived possible negative
consequences of a disclosure. They hypothesized that positive outcomes from disclosures lead
to lesser privacy concerns feelings of invasion of privacy, and conversely earlier negative
outcomes experienced result in higher privacy concerns. Dinev and Hart (2004) have
concluded that perception of outcome of any information disclosure on the internet functions
as a determinant of privacy concerns. This leads us to our next hypothesis:
H7: There is a positive relationship between perceived vulnerability (PV) and the privacy
concerns (PC).
Null hypothesis formulated as:
H70 = No relationship between perceived vulnerability and privacy concerns.
Other researchers have linked perception of vulnerability to risk behaviour and trust. DInev
and Hart (2004) identify perceived vulnerability and perceived ability to control information
as two components that account for consumer willingness to disclose information on the
internet (used interchangeably with the willingness to be profiled online). Culnan and
Armstrong (1999) also identify perception of vulnerability as a construct in their privacy
calculus framework, and further state that a consumer is willing to engage in disclosing
information online if the benefits arising out of such disclosures outweigh the risks associated
with such disclosures. Dinev and Hart (2004) further identify that if consumers perceive any
negative consequence out of their information disclosure or any evidence of unfair
information practices, then they would retract from activities that require information
disclosure on the internet due to higher privacy concerns. Thus, perceived vulnerability has
97
been linked to both risk perception on the internet, as well as privacy concerns, implying
higher perceived vulnerability leading to higher privacy concerns and higher risk perception.
H8: There is a positive relationship between perceived vulnerability (PV) and the perception
of risk (PR).
H80 = No relationship between perceived vulnerability and perception of risk.
4.2.6 Perceived size:
Doney and Cannon (1997) have stated that the size of a company provides a cue to the
customer about the firm’s trustworthiness. Thus, there is a direct link between perceived size
of a company and the trust it generates in a consumer. Hill (1990) contends that size is
associated by consumers with success in a company, and provides a situational cue that other
buyers must have trusted the firm in the past; else it would not have been able to achieve its
success.
Jarvenpaa, Tractinsky, and Vitale (2000) have also highlighted that a store’s perceived size
forms the first impressions in a consumer regarding a firm’s trustworthiness. They draw
attention to the fact that such impressions are often based on a perception of the vendor’s size,
and not necessarily on actual figures of size indicators such as sales volume or number of
products offered or any other such indicator. Additionally, Jarvenpaa et al (2000) mention that
the type of business can have an effect on the linkage between perceived size and trust. This is
because a larger size is associated with greater resource investments, and consequently a
greater ability to handle product returns and after sales service. Thus, they posit that if a type
of product or service entails higher uncertainty in its performance or necessitates greater after
sales service, there is a larger need in such a case to rely upon the company’s resources
requiring increased amount of trust.
Our hypothesis is:

H9: There is a positive relationship between perceived size of vendor (SV) and trust.
98
Null hypothesis:
H90 = There is no relationship between perceived size of a vendor and trust.
4.2.7 Reputation:
Quelch and Klein (1996) stated that consumers favour web vendors with whom they are
familiar from traditional channels. Jarvenpaa Tractinsky and Vitale (2000) also state that prior
association increases the positive effct on a consumer. Metzger (2004) has identified regard
for a company as a key component of perception of trust about a company, stating that
reputation and experience are both linked to trust. Metzger (ibid.) further states that in case of
a new web vendor where earlier exposure is absent, consumers make their evaluation based
upon observable signals. These observable signals have been discussed earlier in the literature
chapter as situational cues. O’Keefe (2002) observed that liking towards an online
communicator (communicator being a vendor propagating situational cues through
advertisements, policy statements, service channels etc.) positively influences trustworthiness
of the company. Dasgupta (1988) stated reputation to work as a trust inducer particularly in
the initial relationship phases where it reflects professional competence. McKnight Chervany
(1998) state that reputation is also an indicator of honesty and predictability, and it generates
trusting beliefs in the absence of prior knowledge.
In view of the above, the following hypothesis is proposed:
H10: Reputation (RV) of a web vendor is positively linked to trust (T).
Null hypothesis:
H100 = There is no relationship between reputation (RV) and trust (T).
4.2.8 Familiarity with vendor:
The knowledge based trust construct familiarity with vendor has been identified by Gefen,
Karahanna, and Straub (2003) as one of the principal components of trust online. It also works
99
as a situational cue that reduces social uncertainty. Gefen (2000) state that familiarity also
reduces consumer confusion about usage and navigation procedures within a web site.
Donney and Cannon (1997) have viewed familiarity as an antecedent of trust, stating that
knowledge acquired about an e-vendor helps predict the vendor behaviour, and trust is
generated along the process. However, as has been discussed earlier, familiarity does not
necessarily denote actual transaction as a prerequisite (Doney, Cannon 1997). This is
particularly relevant in an internet transaction contest. One may be well familiar with a web
site even if he or she may never have conducted a transaction with the site before. This stance
however goes against McKnight et al.’s assumption that time and interaction history are
needed for the development of trust. Gefen, karahanna, Straub (2003) have mentioned an ‘a
priori trustworthy e-vendor’, where prior association has given rise to trust. But it may not be
necessary to have a history of transaction to gain familiarity with a vendor. In such a case,
familiarity would have been assumed through knowledge gained from external sources, as
well as advertisements or other forms of communication disseminated by the company itself.
Our hypothesis is as follows:
H11: Familiarity with vendor (F) has a positive effect on trust (T).
Null hypothesis:
H110 = No relationship between familiarity (F) with a vendor and trust (T).
4.2.9 Originating location of vendor:
Originating location of a vendor is a new variable behind trust that is being explored in this
research. The variable arose out of study A that was conducted in a qualitative manner among
select respondents. We find presence of such a variable implicit in earlier research. McKnight,
Cummings, and Chervany (1998) and Gefen Karahanna Straub (2003) have both identified
cognition based trust. Gefen Karahanna et al (2003) stress the importance of first impressions
in cognition based trust or trusting beliefs rather than personal experience. The trusting beliefs
are formed through social categorization components such as stereotyping and unit grouping
(McKnight Chervany et al., 1998). Brewer and Silver (1978) identify unit grouping where
group members are viewed in a more positive light than non-group member, where the group
is centered around a common goal or attribute.
100
Morgan and Hunt (1994) propose that people place more trust in people that are similar to
themselves. We extend this proposition and apply it in the context of the internet, and propose
that people place more trust in web sites that they perceive to have originated from place or
domain they are more familiar with. This would certainly imply stereotyping if such
discrimination takes place based on domains or origins, however this is not implausible if we
view web presence as extensions of selves. Morgan and Hunt (1994) have confirmed that
trustworthiness is often assessed through stereotyping. We already see examples of this in the
open source movement, which while open for participation by all, is also at the same time
very discriminant against commercial software firms, particularly large ones, a preference that
is motivated by ideology, nonetheless it is stereotyping commercial software vendors as
‘exploiters’. There are a number of ways such stereotyping can take place in choice of
vendor, we take regionality as a unit grouping factor. This would imply Swedish consumers to
prefer doing business with domains that end in ‘.se’ for example; or extend such preference to
other Scandinavian domains such as .dk or .no, if we are to assume northern Europeanness as
the grouping factor that builds trust, over other top level domains.
Our hypothesis is:

H12: Originating location (L) of an e-vendor has a significant relationship with trust (T).
Null hypothesis:
H120 = No relationship between originating location (L) of e-vendor and trust (T).
4.2.10 Privacy concerns:
Privacy concern has been shown to be an antecedent of both information transparency and the
willingness to be profiled online by Awad and Krishnan (2006). They found that consumers
with a high level of privacy concern on the internet find personalization offerings to have less
utility for them, and consequently are less willing to be profiled online. Metzger (2004) found
degree of privacy concerns to have an impact upon the trust it fosters in a web site, leading to
propensity to disclose information on the web. In both cases, privacy concerns have been
shown to be an antecedent that leads directly to willingness to be profiled online, or works
toward such through a buildup of trust.
101
Dinev and Hart (2004) in their model of antecedents of privacy concerns have identified
perceived vulnerability and perceived control over information as the two antecedents
responsible for perceived privacy concerns over the internet. We have hypothesized earlier
that perceived vulnerability leads to a higher privacy concern (H7), and more control over
information leads to less concerns about privacy (H1). Following Cranor Reagle and
Ackerman’s (1999) assertion and based upon Awad Krishnan’s findings, we formulate the
following hypothesis:
H13: Privacy concerns (PC) have a positive relationship with consumer regard for
information transparency (IT).
The more privacy concerns a consumer has while conducting transactions on the internet, the
more regard he / she will have for information transparency features in a web vendor.
H14: Privacy concerns (PC) have a relationship with willingness to be profiled online (WP).
Null hypotheses are posited as:

H130 = No relationship between privacy concerns (PC) and information transparency (IT).
H140 = No relationship between privacy concerns and willingness to be profiled online.
If we look back upon trust related behavioural assumptions, McKnight, Chaudhury, Kacmar
(2002) identified disclosure of personal information as well as making purchases online as
trust related behaviours. In this paper we are measuring trusting intentions or the intention to
engage in trust behaviour in line with suggestions of Agarwal Prasad (1998) and Gefen
Karahanna (1999), in lieu of actual purchasing behaviour or actual disclosure. The above
hypothesis H14, as tested by Awad and Krishnan (2006) address only a segment of trust
behaviour. Since privacy concerns have been linked to a portion of trust behaviour, i.e.
willingness to be profiled online, it stands to reason we should explore whether similar
dynamics is at work with the other component in trust behaviour, or the intention to engage in
transactions. Perception of vulnerability has already been hypothesized to be an antecedent or
privacy concerns; and McKnight, Chaudhury, Kacmar (2002) state that the preparedness to
make oneself vulnerable is a precursor to willingness to depend on a vendor. In the context of
this research, we therefore translate this willingness to depend on a vendor to be a readiness to
transact with such.
102
Based on the above reasoning, while Awad and Krishnan (2006) have only posited a negative
relationship between privacy concern and willingness to be profiled online, we posit an
additional hypothesis that heightened privacy concerns will lead to lesser willingness to
transact online.
H15 = Consumer willingness to transact online (WT) decreases with higher levels of privacy
concerns (PC).
The null hypothesis is posited as:
H150 = No relationship between privacy concerns (PC) and consumer willingness to transact
online (WT).
Preliminary Research model (based upon the discussion so far):
Incorporating privacy concerns in hypothesis 15 and its linkage to willingness to transact; and
the hypotheses related to the constructs exclusive to trust and willingness to transact online
propounded in H1 – H12, we are now in a position to draw a preliminary draft of the
relationships put forth above. Privacy concern is primarily a factor within the privacy matrix
leading to the construct willingness to be profiled online. However, as we have hypothesized
based upon existing research, we have proposed privacy concerns to hold a relationship with
control over information as well as the willingness to transact online. Further discussion will
focus on factors that are deemed exclusive in their relationships within the privacy and the
information disclosure willingness realm. Privacy concern is taken as the factor that acts as
the connecting variable between the two major segments - privacy and trust.
103
Location (L)
Trust in transacting in Perceived Risk (PR)
online environment (T)
Familiarity with vendor (F)
Control over information

Size of the vendor (SV) (CI) Willingness to
transact with online
stores (WT)
Reputation of the vendor (RV)
Perception of vulnerability (PV) Privacy concerns (PC)
Figure 25: Proposed framework of Trust factors in willingness to transact online
4.2.11 Previous Online privacy invasion:
Culnan and Armstrong (1999) and Metzger (2004) have both underlined past experience with
online disclosures to have an effect on later disclosures – i.e. willingness to be profiled online.
This view also falls in line with the framework depicted by Culnan and Armstrong (1999) in
their privacy leverage model. According to the model an inducement in making consumers
willing to be profiled online by disclosing information is to address their privacy concerns
through applying procedural fairness in information practices. Some research have not found
a strong and clear relationship between prior privacy invasions with attitudes toward
secondary information usage in the context of direct mailing industry (Culnan, 1993; Culnan
and Armstrong, 1999). However, Awad Krishnan (2006) found a clear negative linkage
between prior invasion of privacy and the consumer willingness to be profiled online.
It should be noted that this stance does not directly go against Metzger’s assertion that prior
online disclosure will lead to later disclosures. Rather, in effect it clarifies the research
proposition, since under Metzger’s hypothesis the two constructs had a positive relationship
which is perhaps harder to defend. Prima facie, there seems less reason to believe that if a
consumer decided to disclose information earlier, it would indicate a willingness on his part to
disclose information later as well. However, it is easier to understand that a past negative
experience will likely discourage a consumer from engaging in the same practice again. Thus,
Awad Krishnan’s stance is preferred and adopted in this regard for the present research.
104
The hypothesis is formulated as:
H16 = There is a relationship between consumer perception of previous privacy invasion (PI)
and willingness to be profiled online (WP).
Null hypothesis is formulated as:
H160 = There is no relationship between previous privacy invasions (PI) and willingness to be
4.2.12 Information Transparency:
Cranor Reagle and Ackerman (1999) found that consumers who hold a higher degree of
privacy concern (dubbed as ‘privacy fundamentalists’ by Westin (1991) are twice as likely to
claim privacy invasions and be less wiling to be profiled online. Awad Krishnan (2006) state
that such privacy fundamentalists hold a high value for information transparency. Information
transparency have been state to be an important part of projecting goodwill and respect
towards a customer (Fombrun, 1996; Metzger, 2004), which enhances a firm’s reputation.
Metzger identified posted privacy statements and policies as tools that can be used to
demonstrate goodwill and respect. Information transparency, which is the mechanism put in
place to allow consumers access to their data that resided with an web vendor and information
about the usage of such data, have been put at the core of consumer internet privacy related
behaviour by Awad and Krishnan (2006). Information transparency is taken as a construct
composed of several independent sub-constructs; demographics, previous privacy invasion,
overall privacy concerns, and presence of privacy policies by Awad et al. (2006). In keeping
with Cranor et al (1999) and Awad Krishnan’s (2006) view, we formulate the following
research hypothesis:
H17: There is a relationship between regard for information transparency (IT) and willingness
to be profiled online (WP).
Null hypothesis:
H170 = No relation between regard for information transparency and willingness to be
profiled online.
105
4.2.13 Privacy policies:
Privacy policies have been mentioned as tools for privacy protection measures by Metzger
(2004) who states this enhances customer perception of web site privacy protection. Palmer,
bailey, and faraj (2000) have stated third party certification on web sites as to have an effect
on customer perception of web site privacy. Awad Krishnan (2006) identify them written
statements that explain information practice of a company regarding collection and usage of
customer data. They further state that there is a distinction between information transparency
and privacy policy. Information transparency relates to specific attributes of a web vendor
whereas privacy policies are general policies regarding consumer data. However, they
hypothesize that those who value information transparency features also mindful of privacy
policies in a web vendor. Culnan and Armstrong (1999) identify privacy policies regarding
disclosure of information online directly to trust in an online vendor in their privacy leverage
model. Privacy policies are stated by them as leverage points which companies can utilize to
reassure customers about privacy concerns, as well as make them willing to disclose
information online. However, Awad and Krishnan’s findings would appear to dispute this
claim, since they view a negative relationship between higher importance given to privacy
policies to a lesser willingness to be profiled online. This may be explained by the earlier
theoretical assumption that ‘privacy fundamentalists’ (Westin, 1991; Cranor, Reagle,
Ackerman, 1999; hypothesis 14) who show higher regard for information transparency in turn
show lesser willingness to be profiled online. Adopting this stance, we can therefore postulate
that while being distinct from information transparency, privacy policies act as an
independent construct with a positive relationship with information transparency in a web
vendor.
We therefore formulate the following hypotheses:

H18: Importance of privacy policies (PP) increase with consumer rated importance of
H19: Consumer regard for privacy policies (PP) have an impact on willingness to be profiled
online (WP).
106
4.2.14 Demographics:
Awad Krishnan (2006) have stated demographic variables such as gender, age, and income to
be associated with privacy concerns. However, Graeff and Harmon (2002) point out that few
studies have explored the relationship between demographics and consumer privacy concerns.
In their study in an offline context, Wang and Petrison (1993) found inner city residents (as
such belonging in a lower income group), and people of color (or minorities) to be less
concerned with privacy. Sheehan and Hoy (2000) did not find any significant differences in
their study of privacy concerns based upon demographics. In another comprehensive study
however, Sheehan (1999) proposes that internet as a medium of communication minimizes
gender influenced behaviour which are apparent in offline communication. Sheehan cites We
(1993) by hypothesizing that this elimination of difference in communication could perhaps
be due to a release from the ‘prison of appearance’ on the internet. However, Sheehan finds
that differences in communication patterns between men and women do in fact exist even in
an online context similar to that of the offline context. Based upon a survey that takes into
account gender differences in computing privacy concerns, Sheehan concludes that women
profess greater concern about privacy than men online, however men are more likely to
actually change their internet behaviour if faced with a situation that entails privacy concerns.
Such behavioural modifications are manifested in more adversarial or confrontational
approaches adopted by men, who also show less concern for a positive interaction in their
online communications. Women on the other hand was found to have a more passive or non-
confrontational approach when faced with a privacy compromising situation.
Milne and Rohm (2000) partially confirm Sheehan’s findings, and state that women are found
to be more concerned about privacy threats online. Gareff and Harmon (2002) in their study
also found women to be more resistant to the idea of companies selling purchase information
to other vendors, and more in support of the idea that companies must release such
information to the consumers. Graeff and Harmon (2002) also found evidence that women
were less likely to conduct a transaction over the internet.
In an offline context, Phelps and Nowak (1992) concluded that younger consumers are more
likely to engage proactively for name removal from direct marketing lists. Milne and Rohm
(2000) contradict this finding, stating that older consumers are more concerned about removal
from email lists. Graeff and Harmon (2002) also found older consumers to have more
107
concerns regarding companies selling their information. Phelps, Nowak and Ferrel (2000)
however, found no relationship between age and privacy concerns.
We formulate our hypothesis based upon Awad and Krishnan’s stance that demographic
factors affect consumer propensity towards information transparency. Two demographic
factors are considered, age and sex. Since the primary focus is not on demographics and its
impact on willingness to transact, and demographics is taken as a possible independent
antecedent in information transparency working towards willingness to transact as a
dependant variable, we have opted to leave out income as a demographic factor; both in the
interest of parsimony and since the study sample is primarily taken from a student population,
presumably a low income group, we believe measuring income effect would skew the
demographic influence, if any.
The hypothesis formulated is therefore:

H20: Demographic differences (D) have an impact upon regard for information transparency
(IT).
Null hypothesis:
H200 = No relationship between demographic differences (D) and regard for information
transparency (IT).
We now combine the privacy research model by Awad and Krishnan (2006) with our
proposed preliminary trust – willingness to transact model. Thereby, we transplant willingness
to transact online as the dependant variable instead of the willingness to be profiled online, as
denoted in the Awad Krishnan model. The two models are conjoined by privacy concerns
which acts as a common variable between the two lines of thought, trust and privacy. Privacy
concern is already shown to be an integral component in the privacy framework proposed by
Awad and Krishnan (2006). In our discussions, we have shown theoretical linkages between
privacy concerns and the perceptions of vulnerability which is hypothesized as an antecedent
of willingness to transact online; and also between control over information as an antecedent
of trust and privacy concerns. This then allows us to compile our framework and present it as
a comprehensive Trust-Privacy model of willingness to transact. Willingness to be profiled
online hereby changes its role from a dependent variable to being an antecedent of willingness
to transact, leading to our final hypothesis:
108
H21: Willingness to be profiled online (WP) is positively linked to willingness to transact
online (WT).
H210 = There is no relationship between willingness to be profiled online (WP) and

willingness to transact online (WT).
The final hypothesis is a legacy hypothesis from Awad Krishnan’s (2006) model, and
proposes a relationship between previous privacy invasions and importance placed upon
privacy policies.
H22: Previous invasion of privacy can have an effect on importance placed upon privacy
policies at a website.
H220: No relationship between PI and PP.
4.3 Research model proposition:
The hypotheses propounded so far are summarised in the table below. They list the alternate
hypotheses, and not the null.
Table 9: Hypothesis summary

H1 Perceived control over information (denoted as CI henceforward) has a relationship
with privacy concerns (denoted as PC henceforward).
H2 Perceived control over information is positively linked to trust (T).
H3 Trust (T) has a positive relationship with the willingness to disclose information and
be profiled online (WP).
H4 Trust (T) has a positive relationship with the willingness to transact online (WT).
109
H5 Trust (T) in a store affects risk perception (PR).
H6 There is a relationship between Perception of risk (PR) and the willingness to transact
(WT).
H7 There is a positive relationship between perceived vulnerability (PV) and the privacy
concerns (PC).
H8 There is a positive relationship between perceived vulnerability (PV) and the

perception of risk (PR).
H9 There is a positive relationship between perceived size of vendor (SV) and trust.
H10 Reputation (RV) of a web vendor is positively linked to trust (T).
H11 Familiarity with vendor (F) has a positive effect on trust (T).
H12 Originating location (L) of an e-vendor can have an effect on trust (T).
H13 Privacy concerns (PC) have a positive relationship with consumer regard for
H14 Privacy concerns (PC) have a relationship with willingness to be profiled online
(WP).
H15 Consumer willingness to transact online (WT) decreases with higher levels of privacy
concerns (PC).
H16 There is a relationship between consumer perception of previous privacy invasion (PI)
and willingness to be profiled online (WP).
H17 There is a relationship between regard for information transparency (IT) and
willingness to be profiled online (WP).
110
H18 Importance of privacy policies increase with consumer rated importance of
information transparency.
H19 Consumer regard for privacy policies have an impact on willingness to be profiled
online.
H20 Demographic differences (D) have an impact upon regard for information
transparency (IT). Omitted from investigation as being outside the scope of the study.
H21 Willingness to be profiled online (WP) is positively linked to willingness to transact

online (WT).
H22 Previous invasion of privacy can have an effect on importance placed upon privacy
Based upon the relationships identified within the hypothesis, the privacy – trust model is
proposed below:
111
H1
2
H2
H1
H4
H6
H3
H1
H1
4
H13
1
H2
H18
9
H1
Figure 26: Proposed Privacy – Trust model of willingness to be profiled and to transact online
112
Chapter 5
Methodology
Taylor and Bogdan (1994) define “methodology” as the way in which problems are worked
up and answers searched for. There are many a ways of accomplishing research and reaching
such answers. Traditionally, the two primary research methods have been qualitative and
quantitative approaches. Research had been categorized as to be one or the other based on
their philosophical assumptions about the nature of reality, epistemology, values, the rhetoric
of research, and methodology (Creswell, 1994). However, Creswell (ibid.) also highlights that
Mixed method approaches have matured today, and using only one or the other falls short of
the requirements of research in social and human sciences today. Newman and Benz (1998)
identify that It is no longer a qualitative versus quantitative scenario, but rather a position at
some point on a continuum.
Furthermore, a researcher’s knowledge claim is needed to clarify any positioning of the

research. A knowledge claim is identified by Creswell (2003) as the assumptions a researcher
starts with in a research project, regarding how they will learn and what they will learn during
their inquiry. The knowledge claim has been stated in many a ways by different theoreticians;
such as research paradigms by Lincoln and Guba (2000), or philosophical assumptions,
epistemologies, and ontologies by Crotty (1998), and broadly conceived research
methodologies by Neumann (2000). Creswell charts the knowledge claim positions as below:
Table 10: Alternative knowledge claim positions

(Source: Creswell, 2003)
Postpositivism Constructivism
x Determination x Understanding
x Reductionism x Multiple participant meanings
x Empirical observation and x Social and historical construction
measurement x Theory generation
x Theory verification
Advocacy / participatory Pragmatism
x Political x Consequences of actions
113
x Empowerment issue oriented x Problem-centered
x Collaborative x Pluralistic
x Change-oriented x Real-world practice oriented
5.1 Identifying the knowledge claim positions:
This research is composed of two complete studies that are not mutually exclusive. The first
study, which formed the body of the Licentiate work of the author and identified as Study A,
explored the determinants of individual’s information disclosure factors in an online context.
The study was conducted with in-depth interviews with user/respondents of online systems
and simultaneous observations, modulated with the backgrounds and cultural contexts of the
respondent, and his / her historical behaviour; all of which were interpreted and filtered
through the eyes and minds and the experience of the researcher, questioning consequences of
user actions and subsequent behaviour and looking for possible new variables that may help
explain such behaviour. The study was categorized as both a constructivist and a pragmatist
one.
The current study (Study B), on the other hand, tests the groundwork that was laid by the
earlier research. The combination of the body of the work leading to the Licentiate and the
current research work fall on the qualitative-quantitative continuum identified by Newman et
al. (1998). The motivating purpose for the qualitative researcher is theory building, whereas
for the quantitative researcher, the intent is theory testing (Newman and Benz, 1998). The
earlier work was focused on building a research framework that could help identify strategic
leverage areas that companies could use in inducing consumers to be more forthcoming in
their interactions with them. The current research adopts the findings from the earlier work
and builds upon existing literature, and constructs a research model to empirically test and
accept or reject the earlier findings. The current work is thus a progression along the research
continuum earlier mentioned.
Creswell (2003) identifies a quantitative approach as one where the researcher uses cause and
effect thinking, reduction to specific variables, hypotheses, use of measurement and
observation, and employs strategies of inquiries such as experiments and surveys, and collects
data on predetermined instruments that yield statistical data. The definition fits the approach
114
undertaken in this research. The nature of the current enquiry and the research approach is
thus summarized below:
Table 11: Nature of enquiry and research approach

Research Approach Knowledge Claims Strategy of Inquiry Nature
Quantitative Postpositivist Experimental design Descriptive,
assumptions explanatory
The research is identified further to be both descriptive and explanatory in nature. Dane
(1990) states that descriptive research involves examining a phenomenon to define it more
fully or to differentiate it from other phenomena, and that it involves attempts to define or
measure a particular phenomenon, usually by attempting to estimate the strength or intensity
of a behaviour, or the relationship between two behaviours. Based upon earlier research, we
have constructed a research model to explain the phenomena of consumer willingness to
transact online. The research model is composed of a set of variables with interrelationships in
between. The aim is to test the several hypotheses proposed that define the existence and the
strength of those relationships through empirical measures and subsequent statistical analyses
to validate the measures. Thus it falls within the descriptive realm. It is also part explanatory
since tries to decipher and explain patterns related to the studied phenomenon of willingness
to transact in an online setting, and to show relationships between events and the meaning of
these events (Marshall, Rossman, 1999). The current research is not identified as exploratory
since it does not attempt build descriptions of complex circumstances or phenomenon that are
unexplored in the literature, rather it is grounded in existing literature.
5.2 Notes on evaluating the structural equation model and results:
Structural equation was chosen as the mode of analysis of respondent data in our work for
several reasons. SEM modelling allows one much greater flexibility in assessing the interplay
between theory and data. The theory based research model proposed had multiple predictors
and unobservable latent variables. Using SEM we have the flexibility to run simultaneous
multiple regressions based on the hypothesized relationships and test the strength of such
relationships within a more realistic boundary (where several interrelationships are at play);
rather than individual multiple regressions which amounts to running or simulating the
115
relationships in a vacuum. Thus SEM was considered a more appropriate analytical tool.
Furthermore, the primary goal of the research work is to statistically test a priori
substantive/theoretical set of assumptions against empirical data (Chin, 1998), or a
confirmatory analysis of already identified/proposed set of variables and their relationships
(as opposed to an exploratory one). Therefore also SEM was deemed the most appropriate
tool for CFA as was required.
We have presented the path model, measurement models and the simulation results. However,
in interpreting the model we need to exercise caution. It is not nearly enough to arrive at a
model that provides acceptable or even near perfect goodness of fit measures; one may still do
so based upon faulty assumptions, lack of knowledge or experience, and/or modifications of
the base measurement model without a solid theoretical basis to justify such alterations. This
would imply a good model fit does not necessarily mean an accurate portrayal of
relationships.
Chin (1998) in his seminal paper has identified several issues and conditions that a researcher
must question and give due attention to; or else run the risk of arriving at what he dubs
‘seriously flawed’ or even invalid conclusions. In the following sub-sections, we try to
address the concerns raised by Chin (ibid.) and discuss and interpret the state of the model in
connection with the issues.
5.3 On Usage of formative versus reflective indicators:
Chin (1998) stresses that the underlying assumption for SEM modelling analysis is that the
items used to measure latent variables are reflective in nature. We should note that this holds
for latent variables (LV) only. By reflective it means that the groups of items should be
affected by the same theoretical concept underlying the latent variable. Formative indicators
on the other hand, are responsible for formation or creation of a change in the latent variables.
To clarify more, accordingly reflective indicators cannot be said to be distinct causes of
formation of latent variables. Chin provides an example that performance of mental
calculations, blood alcohol level etc. can be taken as reflective measures of drunkenness,
where as the amount of alcohol consumed is a formative measure of such. Formative
measures need not necessarily be correlated, nor do they need internal consistency in the scale
(Bollen, 1984).
116
In this paper, the items used to measure the latent variables are reflective in nature. We have
projected the research model with an underlying assumption that relationships do not occur in
a vacuum. This was also the assumption behind the earlier Licentiate work, which introduces
the cognitive mapping technique to provide the background against which variables were
explored and portrayed. In this paper, we have attempted to substantiate some of the findings
from the earlier work. We have identified variables based upon theory, and prior research.
However, in no way can we construe that the list of variables identified are definitive for the
phenomenon of willingness of transact and willingness to be profiled online.
Thus the theoretical and methodological approach and the underlying thought behind the
research question in reaching towards the model is to attempt and explain how potential
variables are tied to each other, rather than establish a definitive cause and effect relationship.
Keeping in line with such thought, we have incorporated indicators that were reflective in
nature and with high internal consistency, and we believe this choice provides greater
meaningfulness to the model and greater theoretical validity to its SEM based analysis.
5.4 Application of modification indices:
The deployment of reflective indicators also help us in refining our initial model based on
modification indices as we run successive simulations. Chin (ibid) states that the statistical
algorithm employed by SEM software (AMOS) presumes items are reflective as it performs
computations, indicating any correlations among indicators for a particular latent variable are
caused by the same latent variable. In practice, this means we have a greater flexibility to
make modifications to our measurement model, particularly in drawing correlations between
reflective items of the same LV in a theoretically justified manner.
We have taken care to employ such steps in respecifying our measurement model. The
threshold for modification indices were not changed from the default value of 4, since there
was deemed no compelling reason to change the threshold value. While the simulation yields
a large number of covariances among the indicators, model respecification was made based
upon drawing new paths for covariations only when it made theoretical sense and also general
sense, so to speak, even when large M.I existed. It should be noted that drawing more and
more paths according to the modification indices can always lead to an increasingly better fit.
117
However, we should attempt to do so when such relationships seem theoretically or
practically improbable.
Accordingly, the measurement model was respecified when such respecifications seemed
warranted and could be backed up by theoretical and common sense of the researcher, as is
the prescribed option of noted earlier researchers in the field. Model respecification is the
most subjective area within the structural equation modelling, and no doubt a more seasoned
practitioner would most certainly be able to cast a critical eye to the assumptions leading to
which modifications to adopt and which to discard from among the indices; for present, the
researcher has relied upon theory, reasonability, and judgement in respecifying the model, and
in not adopting every M.I. that came up above the threshold value of 4. While this means
sacrificing a possibility of better fit overall, if such modifications and conclusions were made
without any sound theoretical justification, any conclusion we draw should be deemed
invalid. Thus we adopt a more restrained approach in selecting M.I.s and respecifying the
model.
5.5 On issues specific to justifying and interpreting second order factor models:
Chin (1998) proclaims that “To postulate the existence of a second order factor that sits in a
vacuum holds little value. Rather, it must be related to other factors in a conceptual model.”
This is the key thought behind our SEM model.
A second order factor model consists of second order latent variables that are modelled as
causally impacting a number of first order latent variables (LVs). In our model, variables such
as trust (T), willingness to be profiled online (WP), information transparency (IT) etc. are
posited as first order LVs, where as factors such as location (L), reputation of vendor (RV),
size of vendor (SV), familiarity (F) etc. are posited as second order LVs, identifying our
model as a second order factor model.
Chin (1998) postulates that one should always consider the purpose of such a model, or
whether a second order model is necessary at all. This brings us to the earlier quote. Our
proposed research model takes the variables identified by Awad Krishnan in their model
leading to willingness to be profiled online, and extends the research to link the set of factors
to willingness to transact online. To properly assess such relationships, a second order factor
118
model is deemed essential. Chin (ibid.) contends that any second order factor model needs to
be embedded in a nomological network, used either as a consequent or predictor of other LVs.
This is what we have attempted to achieve. Furthermore, the theoretical review was conducted
based upon the understanding that a general more global set of factors may exist to explain
the covariances among the first order factors, thereby justifying the assumption of a second
order factor model design.
5.5 Reporting of results:
Chin proposes a set of guidelines for reporting requirements in SEM analysis. They include
provision of sufficient information about the population from which data sample is taken,
distribution of the data, the conceptual model to determine the appropriateness of the analysis,
and finally statistical results to corroborate subsequent interpretation. Thus the results are only
a part of the exercise. Steiger (1988) adds that one also needs to mention the software
program and the version number, starting values for analyses, number of iterations, and any
anomalies encountered should also be reported.
We have accordingly reported on the items. The distributions and the relevant outputs from
some of the simulations have been placed in the appendix for easier readability, reporting the
path and the final measurement models within the text body. The conceptual model has been
identified and the justification for applying SEM method has been provided.
Chin further identifies the requirement of presenting the covariance matrix, and all the
parameter estimates such as structural paths and factor loadings, the overall model fit indices,
and the R square (squared multiple correlations) to explain how much of the data is being
explained. We have accordingly presented the values.
The intention of presenting the values is replicability. One should be able to execute a similar
simulation given the covariance matrix and the model, and /or reanalyze with alternative
models. We have provided the necessary output data to perform such.
Other than stating the hypothesis in the frame of reference section, we have avoided providing
hypothesis statements for each structural path in the model, as suggested by Chin. We have
also identified which paths are held constant within the measurement model. A discussion of
119
the parameter estimates, fit statistics, and modification indices incorporated follows this
chapter.
5.6 On Capitalization on chance:
Capitalization on chance refers to reaching an acceptable solution by chance, perhaps despite

misspecification of the model. Chin hints at possibilities of such situations arising if the
analysis process gradually shifts into an exploratory mode rather than a confirmatory one.
This underlies the importance of basing assumptions on theory, rather than ‘fishing’ and
modifying relationships in order to achieve a better fit.
Typically the initial model is usually rejected, this was no different in our case. However,
subsequent respecification of the model is always to be based upon modification indices and
any other pertinent data. This is the phase where one is liable to slip into exploratory mode.
The possibility was avoided by making modifications and respecifying the model only where
theory permitted.
Chin and Todd (1995) argue against the commonly used practice of filtering items through
exploratory factor analysis and submitting the filtered items to a confirmatory factor analysis.
In their opinion such a process should not be deemed purely confirmatory. It should be noted
that we have indeed conducted an exploratory factor analysis prior to CFA. However, the
results did not warrant omission of any indicators except for three items in the scale relating
to trust. Thus it may be presumed that we have not strayed far from a purely confirmatory
approach.
5.7 On over-reliance on fit measures (absolute and descriptive):
Chin (1998) cautions against the over-reliance on goodness of fit indexes in assessing
acceptability of a model, even while acknowledging that the fit measures have become the
focal point of most SEM studies in recent days. However, Chin reminds that the goodness of
fit measures only portray how well or accurately the model accounts for the covariances in the
data sample, assuming reflective measures. Thus he states that a model with good fit indices
can still be a poorly predictive one if the R square values and factor loadings are not
substantive enough. Chin postulates that standardized paths should be at least 0.20 and ideally
120
above 0.30 to be considered as meaningful relationships, where as factor loadings need to be
0.60 or above. Here Meehl (1990) argues that lower values could be due to what he terms as
the crud factor, or the noise, the reality that “everything correlates to some extent with
everything else.” Even accounting for such interference, we should ignore paths with small
loadings as they carry little theoretical significance. This further highlights the importance of
looking at the path loadings holistically while interpreting simulation results, and not just rest
upon good index fits.
5.8 Identifying units of analysis:
The consumer as an individual is taken as the principal analysis unit in this study. Several
factors have earlier been mentioned as key components in constructing the research model;
such as privacy concerns, control over information, trust and perceived risk. We have also
identified from Goodwin (1991) and adapted a taxonomy of privacy states in the context of e-
commerce which measures control with respect to the individual. We have further proposed a
broad typology of trust based upon several tenets, calculative, institution based, knowledge
based, cognitive trust. We have assimilated cognition based trust and knowledge based trust
stemming out individual dispositions and trusting beliefs and intentions within our model.
Furthermore, the research framework upon which the current work extends is based upon
individual case studies that focused on the B2C context. Thus taking the consumer as the unit
of analysis is an inevitable and logical progression in the study. The measurement scales were
adapted from earlier research where the unit of analysis was similar and comparable.
5.9 Data Collection
To test the conceptual framework, an online survey was developed by reviewing existing
research. The scale items were developed based upon recent literature. The scales for
measuring the variables within were adapted from Dinev Hart, 2004, Culnan Armstrong,
1999; Geffen et al. 2003; McKnight et al. 1998, Doney & Cannon, 1997; Jarvenpaa
Tractinsky, 1999, Bhattacharjee, 2002, Jarvenpaa Tractinsky 2000; Mayer Davis Schoorman,
1995, Awad Krishnan 2006, Gefen Karahanna Straub 2003. Since location is a newly
proposed variable, a three item scale was constructed and pre-tested for reliability. Multiple
items (above 3) were used for the scale in all cases except for previous privacy invasion and
121
importance of privacy policies. The two scale items were adapted from Awad Krishnan’s
study which also used single item constructs. Similarly, willingness to be profiled online also
uses a 2 item construct, also adapted from Awad Krishnan (2006). This is an inherent
weakness of the study since three items or more are usually required for a scale item for
structural equation modelling, our preferred method of analysis. We acknowledge that this
may have an impact on our findings.
5.10 Technical design issues
The survey instrument itself was constructed and deployed using open source software in its
entirety. After a thorough search of available survey solutions, both commercial and open
source, the decision was taken to use an open source solution, since the ability to deploy an
such a solution provided complete freedom to design, modify, or access the data. However, it
also carried a high amount of risk in case of server or database failures, or any bug found at
later stages in the survey software. Considering all aspects, a decision was taken to use an
open source solutions for the survey and the database storing the respondent information,
which were then hosted on an external commercial web server which offered greater
reliability and much less worries about possible downtimes. The survey was constructed using
phpsurveyor version 1.2 beta (http://www.phpsurveyor.org/), a very modular, flexible and
versatile solution written in PHP, a high level scripting language with complete
customizability residing with the author. The survey was linked to a custom mysql database
(4.13 stable release) that is highly scalable and open source (http://www.mysql.org). Once
fully designed and deployed, the survey and the database were tested and fine tuned for
several days both at a self-hosted server, and a commercial server for data integrity, usability,
and exporting ability. The output from the survey could now be exported to either Microsoft
Excel or SPSS in raw comma separated values format and imported therein as worksheets.
The overall solution proved to be the most economical and efficient system among all the
options considered. Once found functional, the survey was then deployed on the commercial
web server. A separate web site was designed which carried the link to the survey on its
landing page with a brief description of the research.
122
5.11 Survey design issues
The responses for all items were measured on a 5-point Likert type scale. A 5 point scale was
prefereed over a 7 point Likert type scale despite the fact that a 7 point scale is considered to
be more refined in terms of judging nuances in participant responses. However, since the
questionnaire was composed of 60 questions (for example 12 items were used in measuring
trust, 7 items for privacy concerns, 6 items for perception of vulnerability etc.), a 5-point scale
was considered more appropriate to increase response rates and quality by reducing the
frustration level of the respondents (Babakus, Mangold, 1992).
The survey required the respondent to familiarize him/herself, if not already familiar, rather
than actually purchasing services with Skype, a leading company in the rapidly growing voice
over internet telephony industry. Skype offers an instant messaging program that also offers
voice capabilities between PC to PC which is a free service; and also PC to phones to its
subscribers which is a paid service. A subscriber has the option to either use credit cards to
purchase skype minutes or to pay through Paypal, the major online payment facilitator
company. It is quite a prevalent practice to conduct experiment or survey based upon a well
known company, such as Amazon or Dell. Skype was chosen due to its nature of services, the
wide recognition it already enjoys among the consumers (as of February 2006 Skype had over
300 million downloads), the wide usage of the service (at any point there are usually over 8
million members online), and the facility to purchase its calling plan over the web. A brief
profile and description of services and products offered by Skype were given at the beginning
of the survey, along with a link that opened in a new window to go directly to the company
site for familiarization.
Familiarization with the given company rather than actual transaction is opted in the research,
since this paper investigates the intention to engage in trust related behaviour on the part of
consumers, instead of measuring actual trust related behaviour, i.e. transacting or disclosing
information. This is supported by earlier research, Sheppard, Hartwick, and Warshaw (1988)
Venkatesh and Davis (2000) all state that there is a strong correlation between behavioural
intentions and actual behaviour. Furthermore, Agarwal and Prasad (1998), Gefen Karahanna
(2003) also suggest that measuring intention to engage in trust behaviour instead of actual
behaviour is the norm in similar studies.
123
5.12 Incentives and anonymity
An incentive was offered for participating in the survey. At the beginning of the survey, it was
highlighted that a lottery would take place once the survey was completed, with a cash prize
of $100 as reward to one participant, and two rewards of $50 to two participants. While the
survey was completely anonymous, it was necessary to have a point of contact with
participants who wanted to take part in the raffle draw. As such, a form entry for providing
email address was included in the survey for those who wanted to take part in the raffles. It
was made specifically clear that the email addresses were not mandatory to be filled in,
neither were any other personally identifiable information required to participate in the
survey. An anonymity clause and a notice that the survey was being conducted for a research
purpose only, and had no affiliation with Skype (the reference company) was made explicit at
the beginning of the survey.
5.13 Sample selection & limitations
The survey was pre-tested among 50 respondents at Luleå University, a large Swedish state
university in December, 2006. The respondents included staff at the university, faculty
members, and graduate students. Item loadings based on factor analysis were found
satisfactory, and several design issues were resolved based on the pre-test results. The final
survey was administered among undergraduate and graduate students of the same university
mentioned above. This can be considered a convenience sample; however the sample is also
considered more representative of the population in our context.
Students were considered to be more appropriate respondents as they are viewed to be more
conversant with new IT products and they account for more online activity, consumer more
entertainment and media, and conduct more personal business online (Jupiter Research, 2004
cited by Collier, Bienstock, 2006). Accordingly, a familiarity with using the internet for at
least two years and familiarity with transaction or payment systems over the internet were
taken as qualifying criteria for participating in the survey.
Simultaneously, an offline survey in the same format was conducted over the three months
period among the students of Luleå University, and also undergraduate business students at
two top tier private universities in Bangladesh based on the prerequisites. The intent is to get a
124
more varied perspective, particularly since we have a variable originating location of
company. 150 responses in total were collected in the offline manner, with roughly half of
them from Sweden.
4543 email invitations with links to the survey were sent among the students between January
2007 and April, 2007. The email addresses were obtained after consulting with the University
administration and the online departmental registries. In total, 328 responses were gathered
from the online survey. Similar request for participation in the survey were also mailed to 500
graduate students in 5 universities in Australia and Canada. However, they elicited only 5
responses. Request for participation in the survey was also posted on two internet message
boards dealing primarily with entertainment and media discussions. Each of the internet
forums had over 40,000 members. There were over 10,000 views to the requests, however,
only 30 responses were obtained from the message boards. The rest of the responses were
generated from the students at the Swedish university. This represents a 6.7% response rate in
total for the online survey. 5 out of the 328 responses consisted of invalid data or completely
empty strings in the database. Eliminating those, a valid dataset of 323 responses was
accepted for further analyses.
The analyses contained within the present report is based only upon the online response set, to
minimize any concern that may arise due to possible variance in responses that may arise if
we were to compile both on and offline data. However, due to this, a limitation arises in the
current sample size and composition, as the lion’s share of the sample consists of students in
northern Sweden. However, the sample size does satisfy the minimum requirements for
structural equations modelling, we are assessing 60 nodes, and Bentler and Chou (1987)
suggests at least 5 observations per node.
125
126
Chapter 6
Discussion on Results and Analysis
The statistical analysis of the respondent dataset follows the steps illustrated below:
Figure 27: Schema of quantitative analysis
6.1 Missing values:
The number of respondents in the online version of the survey as of the time of the analysis
stood at 328. However, 5 entries were invalid as they comprised of empty strings throughout
the survey. Eliminating those, we get a valid response count of 323.
A missing value analysis was conducted within the valid dataset using the ‘replace missing
value’ function in SPSS. Variables were recoded into a new set of variables for the purpose,
maintaining the integrity of the original data set. The series mean function was used to replace
any missing values within the resultant variable set. The original variables were named PC1,
PC2,…WT1, WT2 etc. The recoded variables using SMEAN function were coded as PC1_1,
PC2_1….WT1_1, WT2_1corresponding to the original variable set.
Total number of missing values converted using series mean were found to be 253 entries (or
cells) out of 19380 possible entries (no. of respondents multiplied by number of questions);
signifying 1.31% of data overall. The highest percentage of missing value for any variable is
2.8%. Thus theoretically there would have been no problem in eliminating the missing
127
responses since it is less than 10% (Hair, Money et al, 2007). However, we adopt a more
stringent approach and replace the missing values with the series mean function for greater
accuracy.
The missing values table can be found in Appendix I.
6.1.1 Note on recoding of some variables:
Two variables, size of vendor and reputation of vendor, each containing three scale items are
identified in the questionnaire and stored in the database as VF1-3 and VF4-6 respectively;
and three items within the scale variable privacy concern (PC) were coded as PC51, PC52,
and PC53. While incorporating in the SPSS dataset, they have been renamed. Size of vendor
has been coded as SV1-3 and reputation has been coded as RV1-3. PC51-53 were renamed as
PC5, PC6, and PC7. The renaming was done to avoid any confusion in subsequent analysis
due to similarity of variable codings and to achieve consistency in naming.
This section presents analysis regarding internal consistency of the scale, as well as some of
the correlation and multiple regression data between the variables. The analyses in this section
are not conducted to reach any conclusions regarding acceptance or rejection of our
hypotheses. Instead, the correlations and multiple regressions are conducted to assess
individually the effect of variable(s). Since we have a second order model (where several
independent variables in our equations are dependents in other equations), it is not possible to
reach a meaningful decision regarding the acceptance or rejection of our hypotheses
measuring collinearity and multiple regressions. However, they can provide us with an early
insight into the relationships of the variables, and help us understand the data better. Final
analysis will be conducted using structural equations modelling with Amos.
6.2 Scale Reliability analysis:
Scale Reliability denotes consistency of the research findings (Hair, Money, Samouel, Page,
2007). The survey instrument or the questionnaire would be deemed reliable if it provides
consistent scores from repeated applications of the questionnaire. An indication of scale
reliability is particularly relevant for multi-item scales, as has been used in this study. For the
scale to be reliable, the individual items within the scale variables need to be correlated, a
128
stronger correlation showing a higher reliability (Money et al., 2007). High inter-item
correlations are taken as evidence that the items measure the same underlying concept. The
measure of internal consistency reliability of a scale is the coefficient alpha, also commonly
known as Cronbach’s alpha. Range varies between 0 and 1, with higher values representing
stronger reliability (Hair, Anderson, Tatham, Black, 1995). As a rule of thumb, 0.7 or above is
considered an acceptable coefficient, however it is possible to accept lower coefficients
depending on research objectives (Hair et al., 2007). Scale reliability is tested for each
variable below. The analysis is based upon the replaced variables after missing values have
been compensated for.
It is viewed to be important to conduct a reliability analysis of the scale before any basic
descriptive statistics can be attempted; because based upon how consistent the scale is the
interpretation of the basic descriptives may differ.
The following set of rules proposed by Hair, Money et al. (2007, pg. 244) is given below for
better interpretation of the alpha value coefficient sizes:
Alpha coefficient range Strength of association

< 0.6 Poor
0.6 to < 0.7 Moderate
0.7 to < 0.8 Good
0.8 to < 0.9 Very good
>= 0.9 Excellent
Reliability - Privacy concerns (PC)
Reliability analysis considering all 7 items:
Item Means Mean Minimum Maximum Range Max/Min Variance

3,1343 2,6594 3,6056 ,9461 1,3558 ,1224
Reliability Coefficients 7 items
Alpha = ,8444 Standardized item alpha = ,8456
129
As we can see the unstandardized alpha value is 0.84, denoting very good internal consistency
within the privacy concern questionnaire items and is well within the acceptable range.
Reliability considering items PC1-4:

Reliability Coefficients
N of Cases = 323,0 N of Items = 4
Alpha = ,8048
Reliability considering items PC5-7:
Alpha = ,7996
While the internal consistency of the PC scale is highest if we consider all 7 items, yet as we
have seen the item sets are measuring two slightly different contexts of privacy concern. We
could indeed keep all 7 items, but since we are aiming for a more generalizable model, we
should take items 1-4, which also shows a higher reliability coefficient at 0.80.
Reliability (CI)

3,5548 3,3870 3,6491 ,2621 1,0774 ,0212
The Cronbach’s alpha value is 0.76, showing good internal consistency for the control over
information scale items. It is accepted as a reliable scale.
130
PV
Perceived vulnerability

3,6574 3,2601 3,8978 ,6378 1,1956 ,0621
Cronbach’s alpha is 0.86, denoting very good internal consistency within the perceived
vulnerability scale items. It is therefore well accepted.
IT
Information transparency

3,9694 3,6344 4,2531 ,6188 1,1702 ,0725
Cronbach’s Alpha is 0.85; denoting very good internal consistency. The scale can be well
accepted.
PP
Privacy policy importance
The privacy policy construct has only one scale item as constructed from earlier research.
Hence no reliability analysis is conducted on the construct, since scale reliability analysis
requires at least three items per variable.
131
Trust
The trust related items were broken up into two separate parts in the questionnaire. As
explained in literature and the frame of reference, while we consider trust as a single construct
in our research model, for the sake of exploration, trust related questions were placed apart
breaking them into institutional trust and situation specific trust. We consider the reliability of
the two parts separately at first, then consider the overall trust items reliability.
Tcog (cognition based trust) (questions t2, t4, t6)

2,7646 2,5302 2,9371 ,4069 1,1608 ,0443
For cognition trust, Cronbach’s alpha is 0.77; denoting a good fit within the scale.
Toverall (questions t2,t4,t6,t7,t8,t9,t10,t11)
Alpha = ,7467
The items from cognition based trust and knowledge based trust are taken together to measure
the reliability of the trust construct. Alpha value is 0.75, denoting good internal consistency.
We notice that the alpha has decreased once we combine cognition based and knowledge
based trust items, this is expected since they are measuring slightly different dimensions of
trust. This is the value we accept for the purpose of our research model. Institutional trust
should be studied as a separate construct in future research.
132
PI
Previous invasion of privacy
The previous invasion of privacy construct has only one scale item based upon previous
research; hence no reliability analysis is conducted on the construct, since it requires at least
three scale items.
L
Originating location

3,6066 3,4465 3,8150 ,3685 1,1069 ,0357
This is a variable that has been incorporated based upon the findings of Study A in this
research. One of the aims of this study is to confirm the existence of the variable. The variable
scale is composed of three items, which items were formulated based on the dimensions found
in the earlier study by the author. We hereby test the internal consistency of the scale.
Cronbach’s alpha is 0.80, denoting good internal consistency for the scale items. The scale
developed to measure the variable is thus accepted here to be reliable.
F
Familiarity with e-vendor

3,0132 2,8233 3,2013 ,3779 1,1339 ,0242
133
Cronbach’s alpha is 0.93, denoting excellent strength of association within the variable items.
It is well accepted.
SV
Size of the vendor
Hair, Money et al. (2007) state that items included in a scale must be positively correlated,
and where negative correlations arise, we need to check for whether a question is negatively
worded than the rest, and if so it needs to be reverse coded for consistency.
Question SV3_1 needs to be reverse coded since it is a negatively worded statement, agreeing
to the scale item indicates a negative perception of the company, as opposed to the other items
in the scale.
To confirm, we attempt to find internal consistency for the scale variable Without Reverse
coding:

3,2086 2,3251 3,7658 1,4407 1,6197 ,5988
Alpha = -,0774 Standardized item alpha = -,1080
As expected, without reverse coding question SV3_1, we find a negative correlation within
the items.
With SV3_1 -> reverse coded to SV3_1rev
N of Cases = 323,0

3,6585 3,5348 3,7658 ,2310 1,0654 ,0135
134
Reverse coding the 3rd item in the variable SV, we get a Cronbach’s alpha value of 0.69.
While it is very slightly below the generally accepted 0.7, following Hair et al’s (2007)
categorization, we find a moderate correlation within the variable scale items. Thus it is
accepted.
RV
Reputation

3,6772 3,4209 4,0949 ,6741 1,1970 ,1331
Cronbach’s alpha for reputation items is 0.71, showing good internal consistency. It is
therefore accepted.
PR
Perceived Risk
N of Cases = 323,0

3,3695 3,2555 3,4416 ,1861 1,0572 ,0100
135
Perceived risk has three items, and shows Cronbach’s alpha of 0.84; thus showing very good
internal consistency and is accepted as a reliable measure of perceived risk.
WT
Willingness to transact

3,0407 2,8449 3,2548 ,4098 1,1441 ,0422
Willingness to transact items show a Cronbach’s alpha of 0.89 or 0.9. Thus it shows excellent
internal consistency, and is therefore accepted.
WP
Willingness to be profiled online

2,6435 2,2808 3,0063 ,7256 1,3181 ,2632
Willingness to be profiled online was measured with 2 items, contrary to the rule of thumb
which proscribes three items. However, this followed existing and established research
(Awad, Krishnan, 2006). The Cronbach’s alpha is found to be 0.65, which is lower than 0.7;
136
however it still shows a ‘moderate’ strength of association (Hair, Money et al, 2007). It is
therefore accepted, however a three item or more scale might have given us a higher alpha.
Observation on reliability:
Overall, the scale used is found to be reliable with ten variables registering internal
consistencies ranging from good to excellent. Only two variables registered moderate strength
of association or internal consistency. They are size of the vendor and willingness to be
profiled online. However they are still high enough to be accepted without reservations.
6.4 Descriptives
6.4.1 Data transformation:
Combining Liket-scales into summated ratings or average summated scores is a well

established procedure (Hair, Money, et al. 2007). This is executed through calculating the
summated scores (item 1 + item 2 + item 3 + ….itemn) and dividing it by the number of items.
Hair et al. (ibid). confirm that the new transformed composite variable is comparable in
scaling to the original scale. This is the approach we use in transforming our data and
reaching average summated scores for the variables within the scale.
Note:
The average summated scores are computed based on the recoded variables emerged out of
the missing value analysis. For example, the average summated variable for privacy concern
is PC_SUM, which is summated based upon PC1_1, PC2_1,….PC4_1; and NOT based on
PC1, PC2,…PC4. Thus all 323 counts of responses are accounted for in further analysis. The
other variables undergo a similar renaming once they are transformed.
The overall descriptives are given below. The demographic distribution with regard to age,
sex, educational qualifications, and residency of the sample are given in Appendix IV. The
frequency distribution can be viewed in Appendix III.
137
Descriptive Statistics
N Minimum Maximum Mean Std. Skewness Kurtosis

Statistic Statistic Statistic Statistic Statistic Statistic Std. Error Statistic Std. Error
PC_SUM 323 1,00 5,00 3,0823 1,00216 -,058 ,136 -,675 ,271
CI_SUM 323 1,00 5,00 3,5552 ,90048 -,501 ,136 ,049 ,271
PV_SUM 323 1,00 5,00 3,6574 ,92631 -,740 ,136 ,283 ,271
IT_SUM 323 1,00 5,00 3,9694 ,84828 -,745 ,136 ,362 ,271
PP_SUM 323 1,00 5,00 4,0438 1,05352 -1,034 ,136 ,551 ,271
T_SUM 323 1,25 4,50 3,0848 ,52193 -,033 ,136 ,716 ,271
PI_SUM 323 1,00 5,00 2,2925 1,28995 ,592 ,136 -,832 ,271
L_SUM 323 1,00 5,00 3,6066 ,96776 -,780 ,136 ,472 ,271
F_SUM 323 1,00 5,00 3,0132 1,34788 -,193 ,136 -1,190 ,271
SV_SUM 323 1,33 5,00 3,6585 ,75740 -,103 ,136 -,111 ,271
RV_SUM 323 1,00 5,00 3,6772 ,69099 -,150 ,136 ,315 ,271
PR_SUM 323 1,33 5,00 3,3695 ,67018 ,349 ,136 ,435 ,271
WT_SUM 323 1,00 5,00 3,0407 1,06848 -,231 ,136 -,428 ,271
WP_SUM 323 1,00 5,00 2,6435 1,01269 ,125 ,136 -,459 ,271
Valid N (listwise) 323
Skewness limits acceptable -1 to 1

Kurtosis limits acceptable -1.5 to 1.5 (Hair, Money, et al, 2007)
6.4.2 Skewness and Kurtosis of the distribution:
The individual histograms of the frequencies are given in Appendix III. While the histograms
show a normal distribution in most case, PP_SUM and PI_SUM show a skewed distribution.
Checking the skewness values, we however find the skewness values to be well within range
(-1 to +1) except for PP_SUM, which shows a slightly large negative skewness. However the
overstepping of skewness is still small enough to qualify as a symmetrical distribution.
Both F_SUM and PI_SUM show large negative kurtosis values, -1.12 and -0.83 respectively.
This is also viewed from the histograms. A large negative kurtosis value indicates the
distribution is too flat, with scores more widely distributed and the tails much further apart.
However, we cannot assume the distribution is ‘too flat’ in case of F_SUM, since it is well
within the boundary of -1.5 (Hair, Money et al., 2007, pg. 321). Thus we do not perceive any
major aberrations in the frequency distributions.
138
6.5 Correlations analysis
Correlations analysis is conducted to find out if two or more variables are linked together.
Variables are related if they show a covariation, meaning a systematic change in one variable
with relation to another variable (Hair, Money, Samouel, Page, 2007). The correlation
coefficient is used to measure degree of covariation between the variables, and a high
correlation coefficient indicates high covariation and a strong relationship. In any measure of
correlation coefficients, it is imperative to also look at the statistical significance or the degree
of surety that the correlation analysis is reliable. We use SPSS to conduct the correlation
analysis which reports statistical significance as to be the probability of the null hypothesis
being supported.
It is generally accepted practice to set the above probability level to be at least less than 0.05,
or even less than 0.01 in some cases. This indicates there is a less than 5% (in case of
significance < 0.05) chance of the null hypothesis being accepted. Conversely, it means under
the guideline if we find statistical significance in our analysis, then we can safely reject the
null hypothesis, and assume a relationship exists between the variables in question. Besides
significance, the value or the ‘size’ of the correlation coefficient indicates the strength of
association between the variables being analysed.
The following table shows a guideline by Hair et al (2007) for interpreting strength of
association of correlation coefficients (assuming significance exists):
Table 12: Interpreting correlation coefficient ranges

Coefficient ranges Strength of association
± 0.91 - ± 1.00 Very strong
± 0.71 - ± 0.90 High
± 0.41 - ± 0.70 Moderate
± 0.21 - ± 0.40 Small but definite relationship
± 0.00 - ± 0.20 Slight, almost negligible
Source: Hair, Money, Samouel, and Page, 2007, pg. 358
139
Since the scales used are metric data except for the demographics variable, we use Pearson
correlation as the correlation coefficient, with a 2 tailed test for significance. The Pearson
correlation value measures the linear association between two metric variables.
At this point, it is useful to present the proposed research model again since we measure the
correlation coefficients in light of the relationships proposed. Instead of calculating the
correlations and presenting them all at once, which becomes more confusing to comprehend,
the correlation analysis is done in parts below as per the segments in the research model, for
better legibility and understanding. The results should give us a primary indication of the
viability of the relationships hypothesized. Demographics here is non-metric data, hence it
cannot be measured using Pearson’s correlation with respect to the other variables.
Location (L)
H1
Familiarity with vendor (F) 2
H11 Trust in transacting in

online environment (T) H5
Size of the vendor (SV) H9
Perceived Risk (PR)
0
H2
H1
Reputation of the vendor (RV) H8
H4
H6
(CI)
H3
H1
Perception of vulnerability (PV)

H7
H15 Willingness to
Privacy concerns (PC) transact with online
stores (WT)
H1
4
H13
1
Importance of information H17 Willingness to be H2
transparency (IT) profiled online
(WP)
H16
H18
9
H22 H1
Previous online Importance of privacy
privacy invasion (PI) policies (PP)
Figure: The proposed research model
140
Correlations (Pearson 2 tailed) - IT PC PP PI
Correlations
PC_SUM IT_SUM PP_SUM PI_SUM

PC_SUM Pearson Correlation 1 ,320** ,179** ,259**
Sig. (2-tailed) , ,000 ,001 ,000
N 323 323 323 323
IT_SUM Pearson Correlation ,320** 1 ,557** ,126*
Sig. (2-tailed) ,000 , ,000 ,024
N 323 323 323 323
PP_SUM Pearson Correlation ,179** ,557** 1 ,149**
Sig. (2-tailed) ,001 ,000 , ,007
N 323 323 323 323
PI_SUM Pearson Correlation ,259** ,126* ,149** 1
Sig. (2-tailed) ,000 ,024 ,007 ,
N 323 323 323 323
**. Correlation is significant at the 0.01 level (2-tailed).
*. Correlation is significant at the 0.05 level (2-tailed).
From the table above, we confirm the presence of relationships between information
transparency (IT_SUM) and privacy policies (PP_SUM), and privacy concerns (PC_SUM).
Information transparency is moderately related to importance given to privacy policies, while
there is a smaller but definite relationship between information transparency features and
privacy concerns. Both relationships are significant at <0.01 level.
There was no relationship theorized between information transparency and previous invasion
of privacy (PI_SUM). This is borne out by the correlation test, which shows a negligible link
between the two at 0.126, and also which is statistically insignificant at p<0.05.
Also, there is a very slight relationship (0.179) between PP_SUM and PC_SUM which is
found to be statistically significant.
There is also a small but definite relationship between PI_SUM and PC_SUM at 0.259 which
is significant at 0.01 level. This indicates a possible relationship that merits further
examination.
141
Correlations (Pearson 2 tailed) - WP IT CI PI PP PV PC
Correlations
PC_SUM IT_SUM PP_SUM PI_SUM PV_SUM CI_SUM WP_SUM

PC_SUM Pearson Correlation 1 ,320** ,179** ,259** ,329** ,224** ,063
Sig. (2-tailed) , ,000 ,001 ,000 ,000 ,000 ,255
N 323 323 323 323 323 323 323
IT_SUM Pearson Correlation ,320** 1 ,557** ,126* ,281** ,383** -,035
Sig. (2-tailed) ,000 , ,000 ,024 ,000 ,000 ,534
N 323 323 323 323 323 323 323
PP_SUM Pearson Correlation ,179** ,557** 1 ,149** ,169** ,348** -,024
Sig. (2-tailed) ,001 ,000 , ,007 ,002 ,000 ,666
N 323 323 323 323 323 323 323
PI_SUM Pearson Correlation ,259** ,126* ,149** 1 ,149** ,177** ,055
Sig. (2-tailed) ,000 ,024 ,007 , ,007 ,001 ,324
N 323 323 323 323 323 323 323
PV_SUM Pearson Correlation ,329** ,281** ,169** ,149** 1 ,215** ,040
Sig. (2-tailed) ,000 ,000 ,002 ,007 , ,000 ,471
N 323 323 323 323 323 323 323
CI_SUM Pearson Correlation ,224** ,383** ,348** ,177** ,215** 1 ,048
Sig. (2-tailed) ,000 ,000 ,000 ,001 ,000 , ,390
N 323 323 323 323 323 323 323
WP_SUM Pearson Correlation ,063 -,035 -,024 ,055 ,040 ,048 1
Sig. (2-tailed) ,255 ,534 ,666 ,324 ,471 ,390 ,
N 323 323 323 323 323 323 323
Focusing on willingness to be profiled online (WP), we fail to find any significant correlation
between WP and the possible antecedents outlined in the model, PC, IT, PP, and PI. In each
case, there is no statistical significance.
This appears as a potential setback to our model, particularly so because the above
relationships were conceptualized based upon Awad and Krishnan’s model of willingness to
be profiled online. If the above relationships are rejected, it would oppose Awad Krishnan’s
findings in this regard.
We do however find a small but significant corelation between previous online invasion (PI)
and importance of privacy policies. We also find a definite but small relationship between
control over information (CI) and information transparency (IT) that is statistically significant
142
at 0.01 probability level. We also find control over information to have a small but definite
relation to privacy policies (PP), privacy concerns (PC), and perception of vulnerability (PV).
We further find a definite relationship (0.259) between previous invasion of privacy (PI) and
privacy concerns (PC) that is significant.
The relationship between perception of vulnerability (PV) and privacy concerns (PC) is found
to be definite (0.384) with statistical significance.
Willingness to be profiled online appears to be an isolated variable from the privacy variables
previously identified by Awad Krishnan (2006). This contradicts earlier findings.
At this stage, we need to keep this relationship in order to possibly readjust the model in later
analysis and look for other possible variable associations for willingness to be profiled online
(WP).
A possible reason behind this disconnect of willingness to be profiled online (WP) may lie in
the broadened scope of this research. Awad and Krishnan (2006) stated that trust should be
considered as a major variable in the study; yet the study had been conducted without taking
trust and effects of trust into consideration. We have introduced the trust construct in this
study; which may have had a debilitating effect on WP. We need to conduct further analyses
to reach a reasonable conclusion about this exclusion of willingness to be profiled.
Correlations - PC WP WT T PR
143
Correlations
PC_SUM WP_SUM WT_SUM T_SUM PR_SUM

PC_SUM Pearson Correlation 1 ,063 -,002 -,127* -,054
Sig. (2-tailed) , ,255 ,969 ,022 ,337
N 323 323 323 323 323
WP_SUM Pearson Correlation ,063 1 ,287** ,199** ,238**
Sig. (2-tailed) ,255 , ,000 ,000 ,000
N 323 323 323 323 323
WT_SUM Pearson Correlation -,002 ,287** 1 ,405** ,538**
Sig. (2-tailed) ,969 ,000 , ,000 ,000
N 323 323 323 323 323
T_SUM Pearson Correlation -,127* ,199** ,405** 1 ,519**
Sig. (2-tailed) ,022 ,000 ,000 , ,000
N 323 323 323 323 323
PR_SUM Pearson Correlation -,054 ,238** ,538** ,519** 1
Sig. (2-tailed) ,337 ,000 ,000 ,000 ,
N 323 323 323 323 323
There is no statistical significance and almost no correlation between privacy concerns

(PC_SUM) and willingness to transact (WT_SUM); indicating no relationship between the
two. A possible explanation could be that privacy concerns are never directly responsible for
overt actions such as willingness to purchase. We have already shown there is no direct
relationship between privacy concerns (PC) and willingness to be profiled online (WP).
We further find a small but significant relationship between privacy concerns and trust (PC
and T). It denotes a negative relationship between the two, implying a lessening of trust with
rising privacy concerns.
We however confirm the presence of a definite relationship between WT and WP at

probability level 0.01. There is a statistically significant relationship between willingness to
transact (WT) and Trust (T) as has been proposed in the research model.
We also find a small but definite relationship between WT and WP. This was also a tenet in
our research model. While the relationship is not too strong, it is statistically significant.
144
We further find statistically significant relationships between Trust (T) and Perceived risk
(PR) to the degree of 0.531. There is also a significant relationship between PR and
willingness to transact (WT), the correlation coefficient is 0.538.
We further find a small but definite relationship beween WP and PR that is statistically
significant. Coupled with our earlier findings, this begins to indicate a shift of the variable
willingness to be profiled online (WP), away from the privacy related variables and veering
towards the trust related variables.
An implication could be drawn from the dissociation of WP from privacy related constructs
and its new affiliation with trust related constructs that if trust related conditions are
introduced in a purchasing or disclosing information scenario, then the trust related factors
become more crucial in disclosures of information rather than merely privacy related factors.
Correlations (Pearson 2 tailed) - CI PC T

Correlations
PC_SUM T_SUM CI_SUM

PC_SUM Pearson Correlation 1 -,127* ,224**
Sig. (2-tailed) , ,022 ,000
N 323 323 323
T_SUM Pearson Correlation -,127* 1 ,143*
Sig. (2-tailed) ,022 , ,010
N 323 323 323
CI_SUM Pearson Correlation ,224** ,143* 1
Sig. (2-tailed) ,000 ,010 ,
N 323 323 323
Significant but small and definite relationship exists between control over information (CI)
and privacy concerns (PC). The relationship between trust (T) and CI, though small is
statistically significant at 0.01 probability level.
145
Correlations (Pearson 2 tailed) - PR PV
Correlations
PV_SUM PR_SUM
PV_SUM Pearson Correlation 1 -,064
Sig. (2-tailed) , ,254
N 323 323
PR_SUM Pearson Correlation -,064 1
Sig. (2-tailed) ,254 ,
N 323 323
The relationship between perception of risk (PR) and perception of vulnerability (PV) is not
statistically significant.
Correlations (Pearson 2 tailed) - PV T

Correlations
T_SUM PV_SUM
T_SUM Pearson Correlation 1 -,170**
N 323 323
PV_SUM Pearson Correlation -,170** 1
N 323 323
While the relationship has not been hypothesized in the model, we find a small but significant
relationship between PV and T. The negative correlation coefficient indicates an inverse
relationship between the two variables, i.e. a decrease in perception of vulnerability would
lead to greater trust, and vice versa.
Correlations (Pearson 2 tailed) - T L F SV RV
146
Correlations
T_SUM L_SUM F_SUM SV_SUM RV_SUM

T_SUM Pearson Correlation 1 ,205** ,394** ,235** ,470**
Sig. (2-tailed) , ,000 ,000 ,000 ,000
N 323 323 323 323 323
L_SUM Pearson Correlation ,205** 1 ,053 -,017 ,052
Sig. (2-tailed) ,000 , ,345 ,758 ,356
N 323 323 323 323 323
F_SUM Pearson Correlation ,394** ,053 1 ,298** ,368**
Sig. (2-tailed) ,000 ,345 , ,000 ,000
N 323 323 323 323 323
SV_SUM Pearson Correlation ,235** -,017 ,298** 1 ,505**
Sig. (2-tailed) ,000 ,758 ,000 , ,000
N 323 323 323 323 323
RV_SUM Pearson Correlation ,470** ,052 ,368** ,505** 1
Sig. (2-tailed) ,000 ,356 ,000 ,000 ,
N 323 323 323 323 323
Trust (T) is found to have a definite to moderate relationship with all four of its proposed
antecedents. Reputation (RV) appears to have the strongest correlation with the trust it fosters.
We also find evidence of interrelationship or co-linearity between the variables. The strongest
co-linearity exists between reputation and the size of a vendor (SV). This confirms earlier
findings from literature. Donney and Cannon (1997), Jarvenpaa Tractinsky and Vitale (2000)
found size and reputation to be closely linked.
Correlations - WT F
Correlations
WT_SUM F_SUM
WT_SUM Pearson Correlation 1 ,427**
N 323 323
F_SUM Pearson Correlation ,427** 1
N 323 323
Looking at the overall correlations table, we also find a significant correlation between
familiarity with vendor (F) and willingness to transact (WT). This indicates while familiarity
147
fosters trust, it also has a direct impact on the decision to willingness to transact, and not just
through trust formation. This is a direct relationship that has not been explored before.
Correlations - F PR
Correlations
F_SUM PR_SUM
F_SUM Pearson Correlation 1 ,367**
N 323 323
PR_SUM Pearson Correlation ,367** 1
N 323 323
We also find a significant relationship between F and PR. Evidence of this relationship has
not been identified in literature earlier and can be explored further.
Nonparametric Correlation – Spearman’s Rho

Correlations
D1SEX IT_SUM
Spearman's rho D1SEX Correlation Coefficient 1,000 ,099
N 323 323
IT_SUM Correlation Coefficient ,099 1,000
N 323 323
Sex or Gender (D1Sex recomputed) is a nominal variable and hence its relationship cannot be
verified with the Pearson test. Instead we use the Spearman rank order correlation coefficient
which gives us a more conservative estimate. We however fail to achieve a statistically
significant relationship from running the analysis.
The Correlations analysis show is that if the correlation coefficient is strong and statistically
significant, we can conclude there is a relationship between the variables. If a correlation is
small, there are further possibilities that there is no consistent systematic relationship between
the variables, or that there is an association, but there is no linearity between the association
148
and further examinations of relationships must be considered (Hair et al., 2007). Furthermore,
and what is perhaps more important, correlation analysis does not help us to judge the
predictive fit of a model, which is the premier attribute we need to look for in assessing a
proposed model. For such an aim, we need to conduct multiple regressions analysis to find
initial validation of the relationships, and perhaps change the nature of the model. Later
structural equations modelling is conducted to find overall predictive fit of the models.
149
Validation of scales:
6.6 Confirmatory factor analysis (CFA) for variables within the model:
The aim of factor analysis is to find a set of unobserved variables or latent variables that
accounts for the covariance among the observed set of variables. Two types of factor analysis
are commonly used, depending on whether the goal of the exercise is decipher patterns in data
or testing explicitly formulated hypotheses. The former corresponds to exploratory factor
analysis (EFA) while the latter corresponds to confirmatory factor analysis (CFA). A common
assumption behind execution of EFA is that each factors affects the observed variable, and no
substantial constraints are imposed on the data1. Exploratory factor analysis is not so much
theory driven, as it is more of a theory building exercise. Its function is to speculate about a
factor structure based upon exploratory indicators rather than confirming the presence of
factors. Thus it is not an ideal tool for testing factor structures based upon pre-formulated
hypotheses grounded in theory.
Structural equations modelling has two components – one, a measurement model that links
the sets of observed variables to a smaller set of latent variables; and two, a structural model
that links the latent variables through recursive and non-recursive relationships. To conduct
confirmatory factor analysis, we resort to measurement models and estimate the models using
the AMOS software. Initially, models will be tested for each of the variables within the
research model, taking each variable as a single latent variable and drawing the observed
variables that the latent one underlie.
6.6.1 CFA – Control over information (CI)
Control over information is used as a variable in the research model, and hence is tested for
unidimensionality. It should be mentioned that control over information (CI) was identified
through literature survey, and hence a confirmatory factor analysis is more appropriate for
validating the scale items. Nevertheless, we run an exploratory factor analysis prior to CFA to
judge whether the factors load as anticipated.
The results of the exploratory factor analysis are presented below:
150
Variables Factor loadings Communalities Cumulative
Variance
CI1 0,873 0,762
CI2 0,870 0,757
CI4 0,721 0,519 67,949
As can be seen, the loadings for factors CI1 and CI2 are higher than CI4. While CI4 has a
lower communality compared to the other two factors, it is not low enough to warrant
considering splitting up the variable into two. Cumulative variance explained is 68% which is
acceptable. Bartlett’s test of sphericity gives the measure of correlation for the three factor
solution at 0.0 which is statistically significant, while the Kaiser-Mayer-Olkin (KMO) test for
sample adequacy is 0.645 which is above 0.5 (the acceptable level). Looking at the
composition of the scale items, we see that while questions CI1 and CI2 deal with the
personal control mechanism over information that is volunteered, the third control item deals
with presence of third party assurance systems. Prima facie it appears that personal control is
preferred over third parties, particularly when we consider that in our model CI is linked to
trust. The lower loading of CI4, which is more of a trust related factor would seem to indicate
a lesser stress put upon trust when control is considered. We can test it further using
confirmatory factor analysis.
Drawing the measurement model for the variable Control over information in the research
model, the latent variable is named CI and three observed variables are drawn using AMOS.
Latent variables are assumed to be the cause of reason behind the observed or manifest
variables. Thus arrows point away from the latent variable towards the manifest variables.
We need to assign three more latent variables in the measurement model to each of the
observed variables to account for the measurement error. These are unique factors and are
specific to each of the observed variables. Thus we in effect have four latent variables in the
measurement model, and three observed variables. We need to impose an additional
constraint to properly identify the model, without which the model would be under defined.
This is done through assigning a factor loading of one to any one of the manifest variables and
the primary latent variable. Here we assign a regression weight of 1 between CI1 and CI.
151
The measurement model appears as below:
Figure 28: CI CFA model
Running the confirmatory factor analysis, the figure below expresses the results. The
standardized factor loadings are 0.83, 0.82, and 0,52 respectively; thus falling within the
acceptable range (Hair et al, 2006). The squared multiple coefficients (R2) describes the
amount of variance the common factor (CI) accounts for in the observed variables (CI1, CI2,
and CI4). The R2s are 0,69, 0,82, and 0,27 respectively. In both the factor loading and
coefficient, we do see a weak link of control over information to presence of third party
assurance services. However, since CI4 still loads satisfactorily at 0.52, we retain the
observed variable.
Figure 29: Control over information CFA measurement model
152
It should be remembered that a measurement model with only three observed variables
provide a limited usability as far as model validation is concerned since model fit indices
cannot be obtained. A possible alternative model can be constructed splitting the latent
variable into two, with CI4 being the observed variable of a second latent variable. However,
such a model will remain unidentified. Thus, the above model is the more acceptable fit, even
though it does not achieve acceptable model fit indices due to the lesser number of observed
variables than required for a proper modelling simulation.
6.6.2 CFA – Familiarity (F)
Familiarity (F) is latent variable used in the research model that leads to formation of trust and
is measured with a four item scale. The scale was adopted from literature; however, running
an exploratory factor analysis provides the following results:

Variance
F1 0,884 0,781
f2 0,901 0,812
F3 0,920 0,847
F4 0.916 0.840 81.982
Total variance explained is 82%; intercorrelation is significant at probability levels of less

than 0.0% (Bartlett’s sphericity) and the Kaiser-Mayer-Olkin (KMO) test of adequacy shows
a value of 0.805 which is over 0.5. We also see the factor loadings and the communalities are
both high. Thus there is only one component extracted. It is almost certain that familiarity is a
uni-dimensional construct in our model.
Specifying the measurement model for the latent variable and running the simulation, the
figure is presented below:
153
Figure 30: CFA model familiarity (initial)
The initial run of the model, while providing good factor loadings and explaining a substantial
portion of the variance in the observed variables, however, does not provide us with a good
model fit according to the fit indices. The indices for the default model are given below from
the first simulation.
Variable CMIN/df GFI AGFI CFI RMSEA

Familiarity 20,308 0,949 0,744 0,963 0,245
The modification indices suggest adding covariances between the error terms e2 and e4, and
between e1 and e3. We can ignore modifications if they violate either the common
assumption of common and unique factors being uncorrelated; or if they do not appear
reasonable theoretically. Here, the modification indices suggest that familiarity with searching
for call rates on a web site (e1) and familiarity with retrieving information and signing up (e3)
may covary. This appears theoretically and practically a reasonable assumption. Furthermore,
familiarity with procedures of paying online (e2) and overall familiarity with the site (e4) are
similarly reasonable assumptions. Thus, we respecify the model drawing covariances between
the error terms.
Running the simulation for the respecified model, the results are presented below:
154
Figure 31: CFA model familiarity (respecified)

Familiarity 1,883 0,997 0,971 0,999 0,052
While the Hoelter values are high at 657 at 0.05 probability level, this would have been lower
for a larger number of observed variables. The other fit indices however show an excellent fit.
While the RMSEA value is just over the commonly presumed threshold of 0.05, it is still an
arbitrary figure; and combined with the other fit indices it is an acceptable fit. We therefore
retain the factor scale without change.
6.6.3 CFA – Information Transparency (IT)
Information transparency is posited as an antecedent of willingness to be profiled online in the

research model, and in turn is hypothesized to be linked to privacy concerns and privacy
policies. The measurement scale was adopted from literature. To assess its validity prima
facie, we run an additional exploratory factor analysis nevertheless to obtain an idea of how
the factors load.
The results of the exploratory analysis are presented below:
155
Variance
IT1 0,822 0,676
IT2 0,845 0,715
IT3 0,795 0,633
IT4 0.862 0.744 69,189
Only one component was extracted. Each of the variables present high loadings, and the
cumulative variance explained is acceptable. The Bartlett’s test shows the measure of
correlation significant at 0.0 and the KMO test for sample adequacy is 0.797 and is quite
acceptable. We therefore test the validity through confirmatory factor analysis without
reservation.
Running a first simulation on the measurement model for information transparency we get
results as below:
Figure 32: CFA model IT (initial)
The standardized factor loadings for the initial run are all acceptably high. The squared
multiple coefficients (R2) however show a somewhat lesser figure for the variables IT1 and
IT3. This indicates the latent variable leaves a portion of the variance in the variables
unexplained. Since we have hypothesized relations of the latent variable with two more
variables, the effect of such linkages might explain the rest of the variance.
156
The indices for the default model are given below from the first simulation.

Information 8,362 0,974 0,869 0,973 0,151
transparency
As we can see, there is room for improvement in the model. We can attempt to respecify the
model according to the modification indices. The modification indices suggest drawing
covariances between the error terms e1 and e2, and between e3 and e4. Referring back to the
questions, variables IT1 and IT2 both relate to how long a company might retain information
about customers and whether customers may find out what such information is retained in the
databases. IT3 and IT4 both relate to the purpose for which such information is retained. Thus
it theoretically reasonable to draw such covariances and respecify the initial model based on
the modification indices.
Simply drawing the covariances leaves the model unidentified. Therefore we impose an
additional constraint between IT4 and IT to just identify the model prior to running the
simulation.
Running the simulation for the respecified model, the results are presented below:
Figure 33: CFA model IT (respecified)
The fit indices show an excellent fit overall for the respecified model.
157
Information 1,447 0,998 0,978 0,999 0,037
transparency
We therefore retain the measurement model for fitting in later in the path model.
6.6.4 CFA – Location (LC)
Location is posited as an antecedent of trust. Since this is a newly proposed variable, running
an exploratory factor analysis is more appropriate to determine whether the scale items belong
together. We obtain the following results:

Variance
LC1 0,855 0,732
LC2 0,892 0,798
LC3 0,792 0,627 71.897
The KMO test for sampling adequacy is 0.676, higher than the common threshold value of
0.5, and the Bartlett’s test significance value is 0.0. As we can see, all factors load quite high,
and only one factor can be extracted. The cumulative variance explained within location is
also quite high at 71.2.
This gives us an idea about whether the scale items load as anticipated, and prima facie the
scale appears valid. We are apt to run into some difficulty however, if we are to use a
confirmatory factor analysis on the data set for the variable, since computing probability is
difficult for models with three or less indicators. However, we still model the equation to see
how the factors load.
Running the simulation, as predicted, it is not possible to compute a probability level, and
other indices are also incomplete. However, if we were to impose another constraint in the
158
model, we do achieve an admissible solution. Specifying the model accordingly and running a
simulation, we obtain the results as below:
Figure 34: CFA model location
As it appears, the factor loadings are satisfactory, and no modification indices are suggested
as the model is already over identified. Except for LC3, the squared multiple coefficients are
also acceptable as they show a large part of the observed variables are explained by the
underlying variable location. Taking a look at question no LC3, we find that while LC1 and
LC2 relate to customer preference to deal with a site top level domain more familiar to them,
the third question LC3 deals with the trustworthiness of a country specific domain name. This
variable appears to have clearly less import than the other two variables. While this does not
warrant splitting up the latent variable into two separate constructs, it also shows that we may
face lesser linkage to trust with location specific domains than anticipated earlier. We should
however remember that the model is not a very good fit, as the indices below show:

Location 7,391 0,985 0,911 0,981 0,141
We shall need to further examine the model in context with other variables as they may
account for the other variances.
159
6.6.5 CFA – Privacy Concerns (PC)
Privacy concerns was measured with a 7 item scale adopted from literature. This is a key
variable intended to act as a conduit between vulnerability perceptions and willingness to
transact and willingness to be profiled online; as well as having relationships with control
over information and importance of information transparency in the research model. To
anticipate whether factors are loading as they should, we run an exploratory factor analysis.
The results are given below:
Variables Factor loadings

Component Component Communalities Variance Variance
1 2 Comp 1 Comp 2
PC1 0,793 0,639 36,507 31,034
PC2 0,773 0,683
PC3 0,777 0,653
PC4 0,705 0,571
PC5 0,763 0,751
PC6 0,875 0,799
PC7 0,778 0,631
As we can see from the table, two factors are extracted (varimax rotation). All of the factors
show communalities over 0.5 which is a commonly accepted threshold value, therefore there
is no reason to omit any as such. The cumulation variance explained is at 67.5%.
If we check back with the items used, we do indeed find a distinction among them. While all
items deal with privacy concerns, questions PC1- PC4 address more general concerns, such as
a general concern with increasing privacy threats (PC1), general concern with increasing
privacy threats on the internet (PC2), while PC3 and PC4 both address the feeling of being
under surveillance while online. On the other hand, items PC5-PC7 deal with more specific
threat issues, such as possible concerns with divulging personal details, family informations,
and / or financial information on the internet.
160
We can now chart a measurement model for structural equations analysis of the variable.
Despite the exploratory findings, we begin with a unidimensional factor structure to see if we
still can get an acceptable model fit.
Running the simulation with a uni-dimensional model we find the following results:
Figure 35: CFA model PC (initial)
As it can be seen, all items show significant factor loadings, and the squared multiple
coefficients are also within acceptable limits for explained variance. The model fit indices are
however quite poor, as anticipated.

Privacy 20,445 0,792 0,585 0,728 0,246
concerns
We run a second simulation based upon the factor structure extracted from the exploratory
analysis. Since PC1-PC4 fall within the broader category of concerns with being watched or
monitored in users’ actions registering on the internet, they are reclassified as “privacy
concern with involuntary disclosure”; and PC5-PC7 are reclassified as “privacy concern with
voluntary disclosure” since the items deal with personal and financial details being divulged
161
in the course of necessity or transaction. We add a double sided arrow to allow the latent
variables to covary.
Running a simulation with the revised model, we get the following results:
Figure 36: CFA model PC (respecified)
The factor loadings are significant for both variables, and the squared multiple coefficients
also show they appear to be addressing the common values dimension. If we take a look at the
model fit indices,

Privacy 12,078 0,874 0,729 0,856 0,185
concerns
The model does not show a good fit. The modification indices suggest significant
improvements can be achieved by allowing covariances between error terms e3-e4, e2-e4, e2-
e3, e1-e4, and e1-e2. None of these covariances violate any theoretical assumptions since
162
common and unique factors are not being correlated and it is safe to assume correlations
between such error terms. Finally, we add a covariance between error term e1 and e7
according to the modification indices, implying covariance between a general concern for
privacy overall and privacy concern over financial transactions on the internet. This is
supported both theoretically and by common sense. Accordingly, we respecify the model and
run a simulation on the model:
Figure 37: CFA PC respecified (split constructs)
The model fit indices show an excellent fit for the model, as shown below:
163
Privacy 1,136 0,995 0,972 0,999 0,021
concerns –
two factored
model
It appears that there are two dimensions to the construct privacy concerns, one a voluntary
disclosure of information during the course of a transaction, either information or financial;
and another is a more general concern of involuntarily disclosing traceable data during the
course of simply being active on the internet. None of the items have low factor loadings,
indicating they are reliable indicators of both the dimensions of privacy concerns. The two
items that register highest loadings are threats to personal privacy while on the internet
specifically (as opposed to a general concern with privacy), and threat of personal information
that is voluntarily supplied to a web entity as a requirement in the course of a transaction
being released. Though they fall within two separate dimensions of the construct, both exhibit
a common thread of concern with personal data (rather than concern about financial data
being compromised).
As a note, it would appear that using exploratory factor analysis in addition to a confirmatory
factor analysis is perhaps a useful methodological tool, even when there is a strong theoretical
base for structuring a path model. Using an exploratory approach prior to the confirmatory
one proved useful in rapidly identifying and categorization of the scale items into two
separate constructs. While this is certainly possible using solely a confirmatory approach,
such would require multiple simulations using a permutation of the items, since factor
loadings and squared multiple correlations were often similar in the above case. An
experienced researcher may yet arrive at the optimum solution using solely a confirmatory
approach, however, that is prone to leave a much broader room for errors.
6.6.6 CFA – Perceived Risk (PR)
Perceived risk scale is composed of three items and hence cannot be reliably assessed through
a confirmatory factor analysis. Running an exploratory one, we obtain the following results:
164
Variance
PR1 0,870 0,756
PR2 0,906 0,820
PR3 0,844 0,713 76,309
All factors load with high values, and communalities are much higher than the 0.5 level. Only
one factor is extracted with a cumulative variance explained of 76.3%. The unidimensionality
of the variable is confirmed.
Running a confirmatory factor analysis despite not being able to get model fit indices, we get
similar results. Furthermore, the squared multiple coefficients are high in all three items,
meaning they are tapping into the same underlying concept, or the latent variable of perceived
risk. The notes for the model confirm that the probability level cannot be computed for the
solution.
Figure 38: CFA model PR
6.6.7 CFA – Perceived Vulnerability (PV)
Perceived vulnerability is composed of a 7 item scale adopted from literature. As earlier seen,
it is deemed useful to run an exploratory factor analysis to help model a confirmatory one
afterwards. The result of an exploratory analysis is below:
165
Variance
PV1 0,678 0,460
PV2 0,855 0,731
PV3 0,879 0,772
PV4 0,799 0,638
PV6 0,747 0,558
PV7 0,648 0,420 59,660
While all factors load with reasonably high values (higher than 0.5), two items show rather
small communality. Altogether 59.66% of the variance is explained. The two items that show
a low communality are concerns that record of transaction could be sold to third parties, and
that unethical use of credit card information is attractive to some companies. Both these
questions are transaction specific, and differ from the rest of the items except for PV6, which
also is a transaction specific question in that it deals with concern for unauthorized charges
against credit cards. Omitting these two items result in a much higher variance explained at
70.87%. Based on the factor loadings, it is not justified to split the variable into two
constructs; whether to omit the items or not we can decide upon running a confirmatory factor
analysis.
Figure 39: CFA model PV (initial)
166
The model fit indices are as follows:

Perceived 4,028 0,964 0,915 0,969 0,097
vulnerability
Without any respecification, the model gives moderate fit at best. However, the modification
indices suggest covariance between error terms e5-e6, both of which deal with unauthorized
and unethical usage of credit cards. Thus there should be no problem in allowing them to
covary.
Respecifying the model accordingly, we get:
Figure 40: CFA model PV (respecified)
The model fit indices are now:

Perceived 1,184 0,990 0,974 0,998 0,024
vulnerability
P value= 0,304
167
This gives us an excellent model fit. We do however find that items PV1 and PV7 have low
squared multiple coefficients; perceived vulnerability is accounting for only 26% of the
variance in PV7.
An alternative model is therefore tested, omitting PV1 and PV7.
Figure 41: CFA alternate model PV
The model fit indices are:

Perceived 1,377 0,996 0,978 0,999 0,034
vulnerability
P value= 0.252
While the GFI and AGFI values have improved in the alternative model, RMSEA value has
decreased. The parsimony adjusted ratios are 0.533 for the respecified model and 0.333 for
the alternative model. PCLOSE value is 0.765 for the respecified model as opposed to 0.496
in the alternative model.
168
Considering all the fit ratios, and the fact that GFI and AGFI are not the most potent
indicators of model fit any longer, we decide to discard the alternative model; and accept the
respecified model retaining the two items.
6.6.8 CFA – Trust (T)
Trust is one of the key factors in the proposed research model. It consists of a 11 item scale.
An exploratory factor analysis gives us a preliminary idea of the underlying factor structure:
Variables Factor Factor Factor Communalities Cumulative

loadings – loadings – loadings – Variance
component component component 3
1 2
T2 0,866 0,771
T4 0,725 0,552
T6 0,861 0,746
T7 0,699 0,688
T8 0,756 0,650
T9 0,797 0,642
T10 0,791 0,656
T11 0,659 0,471
T12 0,814 0,710
T13 0,869 0,833
T14 0,866 0,808 68,43%
* The discrepancy in item identificaton numbering above is due to storage procedure calls
within the database used, and does not indicate any dropped item. Similar item numbering is
used in the questionnaire used.
Three factors are extracted, all the items load with a high value, where as only one item shows
a somewhat low communality compared to the other items. The cumulative variance
explained is at 68% which is satisfactory. The one question that loads with a lower
169
communality is t11, which asks the respondent whether he or she, based upon experience
perceives the company to know its market well. This item differs from the other items in its
group in that the other items are concerned with opinions about the company about its
honesty, caring attitude about customers, predictability, possible opportunism etc. based upon
personal experience. However, the item with less communality asks a question that requires
more knowledge of the company, i.e. whether it knows its market or not, than may be
possessed by the respondent. Therefore, theoretically it appears reasonable that the item may
not belong along with the others.
We then proceed with a confirmatory factor analysis to find a best possible model fit, keeping
in mind the above supposition. However, the first models are run without any attempt to omit
the t11 item. Running the initial measurement model, we find the following:
Figure 42: CFA model Trust (initial)

Trust 13,970 0,707 0,560 0,622 0,201
At P=0 and PCLOSE =0.
The model has very poor fit, and obviously there is plenty of room for improvement, as is also
suggested by the modification indices. However, at this stage, we are apt to reach a better
170
model fit if we follow the findings from our exploratory analysis that there may be several
latent variables instead of one, rather than respecifying the model according to the
modification indices (this was borne out by running the simulation with the modification
indices which yielded a lesser fit than as suggested above. For parsimony’s sake, the modified
base model without the latent variables split up are not shown here).
Without taking into consideration the findings from the exploratory factor analysis and
relying on the results of the confirmatory only, we are able to split the model into two latent
variables, taking t2,t4, and t6 as one subgroup and the rest as another based upon theory. In
such a division, T-b as the newly split variable is named, accounts for trust in the internet
environment in general, and T-a accounts for site specific trust. Accordingly, the results of the
simulation are:
171
Figure 43: CFA model Trust 2 split
This gives us an improved fit as seen below.
172
Trust 8,465 0,783 0,666 0,787 0,152
At P=0. the modification indices show there are quite a few changes we can make without
contradicting theory. Accordingly, respecifying the model, we arrive at the following
solution:
Figure 44: CFA model Trust 2 split respecified
The model indices are below:
173
Trust 1,584 0,972 0,942 0,471 0,043
At P=0.019 and PCLOSE at 0,692.
A nested model with an additional constraint put in T-a and T10 gives us an even better fit at
RMSEA at 0.041 and PCLOSE at 0.733. This is perhaps the best possible fit we can find if
we were to define trust as having two components, trust in the internet as a medium in
general, and trust bestowed upon specific sites.
However, based upon our conclusions from the exploratory factor analysis, we can try and
refine the model further by taking an alternative route that specifies trust may be broken into
three, and not two components. Based upon the composition of the division, we can group
items t2,4, and 6 as being trust in the internet environment (t-a), henceforth named as
institutional trust according to theory. To be noted is that this group retains the structure of the
earlier model. We then proceed to form two more sub-groups of items, namely, items t12-14
into t-c or cognition based trust; and items t7-11 as trust based on reputation and familiarity of
site,. The group names are chosen to reflect the nature of the items included in the sub-group.
Running a simulation and respecifying the initial solutions with suggestions taken from the
modification indices that do not contradict theory, we achieve:
174
Figure 45: CFA model Trust (3 split)
The fit indices are as below:

Trust 1,413 0,971 0,948 0,990 0,036
At P= 0,049 and PCLOSE 0,855.
As we can see, the indices for the three factor alternative model shows a better fit than the
best fit we could achieve for a two factor model. Each of the items have substantial R squared,
meaning trust, in some form or other (meaning the sub-groups) is indeed accounting for most
of the variance within them. The path coefficients are also high in every case.
This model, though it offers a good fit, still leaves us with the dilemma whether to retain item
t11 or not, as was suggested by the results from our exploratory factor analysis. We can run an
alternative model simulation omitting the item, and then compare the results to find the
175
answer. Two additional constraints were imposed between trust based on reputation and t7,
and trust based on perception and t12 to identify the model.
Figure 46: CFA model Trust (3 split respecified)
The model fit indices are below:

Trust 1,350 0,976 0,954 0,993 0,033
At P=0,102 and PCLOSE = 0,858
This shows the best possible fit so far, and the omission of the item t11 appears justified. The
r squared values of the second latent variable shows improvement across the board, signifying
176
more of the variance within the items is explained by the factor of trust based on reputation
and experience with the site is being explained once the item t11 is dropped. Imposing an
additional constraint results in lowered fit indices (not shown here). the HOELTER values for
the default model are at 353 and 412 for significance levels 0,5 and 0,1 respectively, which
are above the cut-off points of 200. Hence, this is taken as the best accepted model for the
factor structure.
6.6.9 CFA – Reputation of vendor (RV)
Reputation is posited as an antecedent of trust. Since we have now classified the broader
variable trust into three separate constructs, it would be reasonable to assume that in the final
path model, reputation would be linked to trust formed based upon specific vendor reputation.
Reputation is measured with a three item scale adopted from literature, and hence we cannot
get a model fit from confirmatory factor analysis. Running an exploratory one, we find the
following results:

Variance
RV1 0,840 0,705
RV2 0,847 0,718
RV3 0,703 0,495 63,4
Note: the items are coded as vf4, vf5, and vf6 in the questionnaire used.
The KMO test for sampling adequacy is 0,639 and is higher than the threshold value of 0.5.
all the factor loadings are high. If we take a look at the communalities, only RV3 shows a
somewhat lower communality at 0.5, however the it does not warrant omission of the item.
The cumulative variance explained is also high at 63.4%. Thus the scale can be retained
without modification. While running a confirmatory analysis does not provide us with a
meaningful model solution, the RMSEA value that emerges from a model with the third item
included indicates a better fit than an alternative model with the RV3 item omitted, prompting
us to retain the item for further use in the path model.
177
6.6.10 CFA – size of the vendor (SV)
Size is posited as an antecedent of trust, and theoretically can be linked to site specific trust, in
this case trust based upon reputation since size and reputation have been shown to correlate
earlier in literature.
To examine the factor structure, an exploratory analysis is run since the scale consists of three
items, thereby precluding meaningful usage of the confirmatory analysis. The SV3 item is
reverse coded. The results show:

Variance
SV1 0,804 0,646
SV2 0,875 0,765
SV3_1rev 0,675 0,455 62,21
Note: the items are coded as vf1,vf2, and vf3 in the questionnaire used.
The KMO test of sampling adequacy is 0.592, which is above the threshold value. While the
factor loadings are high, the lower communality for the third item warrants a second look. The
item question deals with comparative positioning of the company within the broader market.
This in effect, is a reverse question designed to gain triangulation from the first two questions.
However, it introduces the word ip-telephony market, thus specifying the market. A possible
explanation could be respondent confusion over the term. Since the question does not differ in
essence from the other items in the scale, a slightly lower communality is perhaps not a good
reason to omit the item altogether. For further testing, we run an exploratory analysis with the
item omitted, obtaining the following results:

Variance
SV1 0,891 0,795
SV2 0,891 0,795 79,5
178
The sampling adequacy value declines to 0.5, which is just marginally acceptable. But the
cumulative variance explained increases substantially. It is a judgement call whether to retain
or discard the variable.
We can perhaps run a confirmatory analysis nonetheless to find added justification for such a
judgement call. Running the measurement model we get the following:
Figure 47: CFA model SV -a
SV3_1reverse does indeed show a low r square, but the path coefficients are strong. While we
cannot obtain model fits, the RMSEA value for the independence model shows 0.452. we can
compare this with the alternative measurement model where SV3_1rev is omitted. To do so,
we need to impose an additional constraint between SV and SV2_1 to identify the model.
Figure 48: CFA model SV -b
179
The path coefficients and r squared values are much more evenly distributed in the alternative
model, indicating coherence between the two items. They can also however mean a limited
measurement effect. The RMSEA value for the independence model however is 0.650.
Omitting the item would result in a higher cumulative variance being explained. Hence, we
discard the third item.
6.6.11 CFA – Willingness to be profiled (WP)
WP is measured with a two item scale adopted from literature. Running an exploratory factor
analysis, we obtain the following results:

Variance
WP1 0,861 0,741
WP2 0,861 0,741 74,09
The KMO measure of sampling adequacy is 0.5, which is at the acceptable threshold at a
significance level of 0.
A confirmatory analysis shows us that factors load satisfactorily:
Figure 49: CFA model WP
It is of course, not very meaningful to adjudge any model fits with only two observed
variables. However, both the r squared and the path coefficients show us that the scale is
valid.
180
6.6.12 CFA – Willingness to transact online (WT)
Willingness to transact is the dependent variable in the research model, measured with a three
item scale adopted from literature. Running an exploratory factor analysis, we obtain the
following results:

Variance
WT1 0,925 0,855
WT2 0,924 0,854
WT3 0,887 0,787 83,2
The KMO test of sampling adequacy gives a figure of 0,741 at significance level of 0. the
cumulative variance explained is very high at 83.2%, and all factor loadings are also quite
high. Only one component is extracted, and the communalities show no reason to consider
omitting any items.
The confirmatory analysis, while not providing the model fit indices, also produce an
acceptable model in terms of variance explained and weightage of path coefficients.
Figure 50: CFA model WT
181
6.7 SEM modelling of relationships:
As conceptualized, there are two major elements within the research model. The model is
partly based upon the works of Awad Krishnan (2006) which depicts the relationships
between the antecedents of, and the willingness to be profiled online. Their base model
comprises of privacy concerns, information transparency, role of privacy policies, previous
privacy invasion, and finally willingness to be profiled online as the dependant variable. The
aim of this research has been to extend this model by incorporating trust and perceived risk,
while taking willingness to transact with online stores as the dependent variable. As such, we
have several tasks at hand: one, to identify and establish the relationship between the
antecedents of willingness to transact online; two, to retest the relationships portrayed in the
Awad Krishnan model; and three, to conjugate and test the validity of the relationships within
the holistic model.
Earlier in the chapter, the research model was postulated with the corresponding hypothesis
identified with each relationship depicted as follows:
182
H1
2
H2
H1
H4
H6
H3
H1
H1
4
H13
1
H2
H18
9
H1
The path diagram to be constructed should take into account the findings from our
confirmatory factor analysis. That is, the research model above should reflect any split-ups
within the factors themselves, as we have witnessed in cases of trust and privacy concerns.
While Awad Krishnan (2006) viewed privacy concerns as a unidimensional variable, in
earlier part in this chapter we have shown that it is rather a bi-dimensional one, which show
the traits of both voluntary and involuntary disclosure. Furthermore, trust has been identified
to be a tri-dimensional factor. To be precise, trust has earlier been defined as having even
more dimensions, the principal ones being personality based (Gefen Straub et al, 2003;
McKnight et al. 1998), Cognition based (Gefen 2003, McKnight 1998; Castelfranchi Falcone
2003), Calculative, Knowledge based, and Institution based (Gefen et al, 2003). However,
here in this research based upon our items and the context in question, it was identified that
we are working with three of the trust dimensions; trust based on reputation or knowledge
based trust, trust based on perception of the a site or cognitive trust, and trust of the internet
environment or institutional trust.
183
The path diagram is thus presented as follows. For the sake of clarity, half of the model is
presented below at first:
Figure 51: Path model partial construction
The relationships between the four trust antecedents and trust types have been specified
according to theory. A simulation run can give us an indication of the validity of the
assumptions. The model does not combine all the variables, but rather illustrates the relations
brought forth in the new model proposed around the trust paradigm, culminating in
willingness to transact. A preliminary run gives us the following indices:
184
Figure 52: run of partial model 1
Chi square value is 3406.6. The figure is shown with the standardized loadings. The
simulation is run without any covariances being taken into account, and serves as a start off
point for further refinement. The maximum likelihood estimate for the regression weights
(unstandadized) for the model are as below:
Estimate S.E. C.R. P Label

Institutional trust <--- LC ,202 ,055 3,692 ***
Knowledge based trust <--- F ,113 ,021 5,457 ***
Knowledge based trust <--- RV ,592 ,102 5,835 ***
185
Cognition based trust <--- SV 2,017 ,457 4,413 ***
Knowledge based trust <--- SV 1,626 ,358 4,544 ***
PC voluntary <--- CI 3,726 1,038 3,591 ***
PC involuntary <--- CI 2,787 ,798 3,494 ***
PC involuntary <--- PV ,342 ,080 4,289 ***
PC voluntary <--- PV ,442 ,103 4,309 ***
PR <--- PV -,037 ,084 -,438 ,661
PR <--- PC voluntary 1,000
PR <--- Cognition based trust ,470 ,073 6,415 ***
PR <--- Knowledge based trust ,379 ,067 5,644 ***
PR <--- PC involuntary -1,258 ,134 -9,387 ***
PR <--- Institutional trust ,395 ,124 3,173 ,002
WT <--- Cognition based trust 1,000
WT <--- Knowledge based trust 1,000
WT <--- Institutional trust 1,000
WT <--- PC involuntary 1,000
WT <--- PC voluntary -,558 ,086 -6,521 ***
WT <--- PR -,904 ,190 -4,758 ***
In all cases but one, the critical ratios are over the stipulated value of 1.96 (at probability level
of 0.05), meaning all paths are found to be significant. This is corroborated by the P values
also, as they show a probability level of <0.01. the standardized estimates or path coefficients
are given below:
Estimate
Institutional trust <--- LC 1,000
Knowledge based trust <--- F ,283
Knowledge based trust <--- RV ,480
Cognition based trust <--- SV 1,000
Knowledge based trust <--- SV ,830
186
Estimate
PC voluntary <--- CI ,957
PC involuntary <--- CI ,954
PC involuntary <--- PV ,299
PC voluntary <--- PV ,290
PR <--- PV -,052
PR <--- Cognition based trust ,576
PR <--- Knowledge based trust ,451
PR <--- PC involuntary -2,008
PR <--- Institutional trust ,130
WT <--- Cognition based trust ,832
WT <--- Knowledge based trust ,807
WT <--- Institutional trust ,223
WT <--- PC voluntary -,807
WT <--- PR -,613
If we take a look at the model fit indices:
CMIN/df GFI AGFI CFI RMSEA

3,815 0,653 0,615 0,656 0,093
By all accounts, this is an unacceptable fit. We should remember that we have not accounted
for any covariance, or modification indices. This model was run so that we can have a
benchmark to compare latter models.
If we were to respecify the model based upon the modification indices, we however get a
more refined picture and an acceptable fit:
187
Figure 53: Respecified partial model
Once we draw the covariances according to the modification indices that are theory
supported, the model fit indices are as follows:

1,436 0,856 0,833 0,949 0,037
188
The Hoelter indexes are 243 and 251 at probability levels 0.05 and 0.01 respectively (over the
minimum cut-off point of 200). The Tucker-Lewis index (TLI) is 0,944, over the ideal cut off
point of 0.9.
This shows a very viable model indeed based upon the trust privacy constructs leading to
willingness to transact. Other than drawing up of covariances among the error residuals
belonging to the same variable groups, one notable exception is the strong covariances
indicated between the trust antecedents size of company, reputation, and familiarity. Since
trust is taken to explain the variance underscoring these variables, it is deemed justified for
these variables to covary. However, no significant covariance was found between location and
the other three observed variables leading to trust. The relationships can be better understood
by taking a look at the path coefficients:

Institutional trust <--- LC ,216 ,067 3,227 ,001
Knowledge based Trust <--- F -,158 ,094 -1,688 ,091
Knowledge based Trust <--- RV -1,037 ,572 -1,814 ,070
Cognitive trust <--- SV 1,129 ,184 6,132 ***
Knowledge based trust <--- SV 3,000 ,780 3,849 ***
PC voluntary <--- CI 4,269 1,466 2,913 ,004
PC involuntary <--- CI 3,205 1,121 2,858 ,004
PC involuntary <--- PV ,421 ,092 4,600 ***
PC voluntary <--- PV ,526 ,113 4,655 ***
PR <--- Cognitive trust ,285 ,212 1,345 ,179
PR <--- Knowledge based trust ,422 ,146 2,902 ,004
PR <--- PC involuntary -1,322 ,163 -8,131 ***
PR <--- Institutional trust ,382 ,154 2,484 ,013
WT <--- Cognitive trust 1,000
WT <--- Institutional trust 1,000
189
WT <--- PC voluntary -,691 ,115 -6,022 ***
WT <--- PR -1,348 ,225 -5,984 ***
Several paths were found to be not significant at <0.05 probability. The relationship between
familiarity and reputation to knowledge based trust were found to be tenuous since the critical
ratios are below the stipulated 1.9. the p values confirm such findings. Also we cannot
confirm the presence of relationship between cognition based trust and perceived risk.
However, the other two forms of trust can be linked to perceived risk.
The standardized path coefficients are given below. Institutional trust shows a tenous link to
perceived risk.
Estimate
Institutional trust <--- LC 1,000
Knowledge based trust <--- F -,301
Knowledge based trust <--- RV -,652
Cognitive trust <--- SV 1,000
Knowledge based trust <--- SV 1,717
PC voluntary <--- CI ,943
PC involuntary <--- CI ,936
PC involuntary <--- PV ,353
PC voluntary <--- PV ,333
PR <--- Cognitive trust ,304
PR <--- Knowledge based trust ,695
PR <--- PC involuntary -2,156
PR <--- Institutional trust ,137
WT <--- Cognitive trust ,776
WT <--- Institutional trust ,261
190
Estimate
WT <--- PC voluntary -1,086
WT <--- PR -,983
For the latter phase, we proceed with setting down the full path model of the overall research
model, and conduct simulations upon such.
Incorporating all variables from within both the privacy and trust realm, the path model with
its relationships are now illustrated as follows:
191
Figure 54: Full measurement model
The model includes the latent variables as well as the observed ones, along with the residual
error terms; and several of the paths have been constrained to 1 for identification of the
model. The path model follows the hypothesized relationships within earlier chapters.
192
Running the simulation we obtain the following results. The unmodified model with the path
coefficients and loadings are given below:
Figure 55: model run I
193
The model fit indices are:

3,029 0,665 0,634 0,696 0,079
Chi square value is 3819. 449. The HOELTER values are 114 and 117 at P 0.05 and 0.01
respectively. It indicates a lack of fit without modifications. Even though there is a
considerable lack of fitness in the model, compared to the earlier model within the trust realm,
we do not have a substantial rise in chi-square, indicating a possible close fit once the
modification indices are applied.
Looking at the modification indices, there are quite a few adjustments we can make. The full
modification index is given in appendix. Care has been taken to make changes only where it is
reasonable to do so theoretically, and perhaps practically. While the cutoff point for
modification was set at the default value of 4 in AMOS, in practice changes were made only
where covariance M.I.s exceeded 9 (which agreeably is still an arbitrary number, however is a
high enough value to not make the model overly sensitive). Furthermore, error term
covariances were restricted to error residuals within the same variable group. Covariance
between variables, which were drawn in several cases, were drawn where it made sense
theoretically. A discussion on modifications follows. Respecifying the model accordingly, we
get:
194
Figure 56: Respecification of measurement model
Chi-square= 1807,520 and degrees of freedom = 1208.
195
1,496 0,828 0,804 0,929 0,039
At P=0,0 and PCLOSE = 1,0. Parsimony adjusted ratio (PRATIO) is 0.911. The HOELTER
index is 230 and 237 respectively for p at 0.05 and 0.01, indicating a good fit over 200. the
TLI index is 0,922 which is over the cutoff point of 0.9. In all, the model shows a very good
fit. While GFI and AGFI are lower than the prescribed 0.9 threshold, they are no longer
considered appropriate indicators particularly in scenarios with a large degree of freedom.
Instead we rely on RMSEA which at 0.039 shows a very good fit, and PCLOSE is 1
indicating a similar fit.
The unstandardized and standardized estimates along with their critical ratios between the
variables are given below:
Table 13: Unstandardized and standardized estimates and CR of accepted model fit
Unstandardized Standardized Std. Critical Sig.
estimates estimates error ratios level
(S.E.) (C.R.) (P)
PP <--- PI 3,080 1,000 1,153 2,672 ,008
Institutional trust
,274 1,000 ,088 3,104 ,002
<--- LC
Knowledge based trust <--- F ,061 ,128 ,047 1,305 ,192
Knowledge based trust <---
2,462 1,198 ,671 3,668 ***
RV
Cognition based trust <--- SV 2,047 1,000 ,369 5,545 ***
-,591 -,301 ,548 -1,077 ,281
SV
PC voluntary <--- CI 3,717 ,944 1,123 3,310 ***
PC involuntary <--- CI 2,842 ,936 ,879 3,233 ,001
PC involuntary <--- PV ,422 ,352 ,097 4,369 ***
PC voluntary <--- PV ,516 ,331 ,118 4,372 ***
IT <--- PP 1,109 1,000 ,114 9,768 ***
196
PR <--- PV ,024 ,030 ,123 ,199 ,842
PR <--- PC voluntary 1,000 1,940
PR <--- Cognition based trust -,413 -,587 ,146 -2,832 ,005
PR <--- Knowledge based
1,056 1,439 ,155 6,828 ***
trust
PR <--- PC involuntary -1,318 -1,971 ,167 -7,892 ***
PR <--- Institutional trust
,196 ,082 ,157 1,253 ,210
WP <--- Knowledge based

1,271 1,809 ,262 4,852 ***
trust
WP <--- Institutional trust
,033 ,014 ,191 ,173 ,863
WP <--- IT 1,000 1,578

WP <--- Cognition based trust -,877 -1,305 ,262 -3,352 ***
WP <--- PP 1,000 1,423
WP <--- PI -6,453 -2,981 2,385 -2,705 ,007
WT <--- Cognition based trust 1,000 ,875
WT <--- Knowledge based
1,000 ,838
trust
WT <--- Institutional trust
1,000 ,256
WT <--- PC involuntary 1,000 ,919

WT <--- PC voluntary -,778 -,928 ,202 -3,849 ***
WT <--- PR -4,431 -2,724 1,619 -2,737 ,006
WT <--- WP 4,435 2,610 1,855 2,390 ,017
As can be seen from the model, a number of additional covariances are drawn based upon the
modification indices. The error term covariances were restricted within their own group and
carries less significance other than refining the model. However, a few additional covariances
were drawn among observed variables that withstood the scrutiny of theory and common
sense. It would be wise to examine their estimates and whether the covariances drawn are
actually statistically significant or not. The values are given below, the error covariances are
omitted from the table, and only the observed variable covariances are given.
197
PV <--> PI ,032 ,014 2,228 ,026
CI <--> PI ,017 ,009 1,984 ,047
RV <--> SV ,093 ,027 3,402 ***
F <--> SV ,177 ,042 4,194 ***
F <--> RV ,199 ,049 4,097 ***
LC <--> PI ,041 ,018 2,299 ,022
Correlation coefficients:
Estimate
PV <--> PI ,260
CI <--> PI ,360
RV <--> SV ,911
F <--> SV ,403
F <--> RV ,475
LC <--> PI ,277
Squared Multiple Correlations: (Group number 1 - Default model)

Estimate
PI1_1 ,026
PP1_1 ,375
IT4_1 ,718
IT3_1 ,520
IT2_1 ,555
IT1_1 ,481
WP2_1 ,064
WP1_1 ,157
PV1_1 ,363
198
Estimate
PV2_1 ,714
PV3_1 ,789
PV4_1 ,570
PV6_1 ,416
PV7_1 ,268
PC7_1 ,327
PC6_1 ,318
PC5_1 ,568
PC4_1 ,323
PC3_1 ,381
PC2_1 ,503
PC1_1 ,347
PR3_1 ,391
PR2_1 ,355
PR1_1 ,415
CI1_1 ,082
CI2_1 ,031
CI4_1 ,044
WT7_1 ,506
WT6_1 ,402
WT5_1 ,416
SV1_1 ,102
SV2_1 ,121
RV1_1 ,307
RV2_1 ,321
RV3_1 ,121
F1_1 ,658
F2_1 ,770
F3_1 ,802
F4_1 ,865
199
Estimate
LC1_1 ,581
LC2_1 ,797
LC3_1 ,405
T10_1 ,339
T9_1 ,252
T8_1 ,380
T7_1 ,626
T14_1 ,613
T13_1 ,587
T12_1 ,505
T6_1 ,039
T4_1 ,050
T2_1 ,034
As we can see, each of the covariances pass the critical ratio mark of 1.9 and are significant at
p<0.05. Thus, even though not explicitly hypothesized, there are possible definitive
relationships within these variables that fit into the research model.
6.7.1 Nested model estimation:
A nested model is estimated with relationship specified between reputation of vendor and
both cognitive and knowledge based trust, keeping number of latent and observed variables
constant. From earlier simulations, we ascertained a strong relationship between reputation
and knowledge based trust. By definition, cognitive trust is formed based upon several cues,
such as social categorization, illusions, reputation, personality disposition, or immediacy of a
task (McKnight, Cummings, et al, 1998). This lends us to establish an additional relationship
from reputation to cognitive trust. Compared to the earlier model, a linkage between SV (size
of vendor) and knowledge based trust has been taken away. In the context of the internet size
of a company takes on a more abstract idea and has no direct effect on the consumer psyche.
Knowledge based trust is primarily concerned with familiarity with e-vendor (Gefen et al,
2003). They further state that familiarity with vendor can result in lessening anxiety about a
200
vendor being opportunistic. McKnight Chaudhary et al (1998) state that such familiarity does
not necessarily have to involve a direct interaction. This again brings us to reputation and
establishing a linkage between such and knowledge based trust, while at the same time
negates the role of knowledge based trust in explaining variance within size.
Several other modifications are made based upon the findings made earlier on. The path from
perceived vulnerability (PV) to PR (perceived risk) shows a standardized regression weight of
only 0.03. The critical ratio for the path is 0.199 at a probability level of 0.842. we therefore
decide to omit the path in the respecified alternate model. Similarly the path from institutional
trust to PR is also deleted as it shows a 1.2 critical ratio at a significance level of 0.210 and
std. regression weight of 0.082; and also institutional trust to willingness to profiled is omitted
(critical ratio 0.173, sig. level 0.863, standardized regression weight at only 0.14).
Thus the path model is illustrated as follows:
201
Figure 57: Nested measurement model
Running a simulation on this base model gives us a better parsimony adjusted ratio as
anticipated, as relationships have been lessened. The Chi square value has also improved and
202
stands at 3714.1. Applying the modification indices according to theoretical possibilities.
Running the simulation once the modification indices have been applied, we achieve the
following results:
Figure 58: Respecified nested model
To achieve minimization, iteration limit was required to be increased from 40 to 70,

minimization was achieved at 64th iteration.
203
Results of this simulation are given below:
Chi square is 1818,272 with 1210 degrees of freedom. The model fit indices are:

1,503 0,828 0,804 0,928 0,040
At P=0,0 and PCLOSE = 1,0. The HOELTER index is 229 and 236 respectively for p at 0.05
and 0.01, indicating a good fit over 200. the TLI index is 0,921 which is over the cutoff point
of 0.9. In all, the model shows a very good fit. The parsimony adjusted ratio has improved
over the earlier model with PRATIO at 0.913. The RMR value is 0,095, which shows an
increase over the earlier model value of 0,089.
The unstandardized and standardized estimates along with their critical ratios between the
variables are given below:
Regression Weights: (Group number 1 - Default model)

Table 14: Unstandardized and standardized estimates and CR of nested model fit
Unstandardized Standardized
S.E. C.R. P
Estimate regression weights
PP <--- PI 3,076 1,000 1,153 2,668 ,008

Knowledge based trust <--- F ,030 ,058 ,014 2,199 ,028
Cognition based trust <--- SV 2,822 ,180 4,918 ,574 ,566
PC voluntary <--- CI 3,674 ,941 1,104 3,329 ***
PC involuntary <--- CI 2,846 ,939 ,875 3,251 ,001
PC involuntary <--- PV ,414 ,344 ,090 4,571 ***
PC voluntary <--- PV ,527 ,340 ,110 4,777 ***
IT <--- PP 1,111 1,000 ,114 9,745 ***
Cognition based trust <--- RV 3,108 ,984 ,941 3,303 ***
Knowledge based trust <--- RV 4,275 ,971 1,241 3,446 ***
Institutional trust <--- LC ,136 1,000 ,058 2,345 ,019
204
Table 14: Unstandardized and standardized estimates and CR of nested model fit
Unstandardized Standardized
S.E. C.R. P
Estimate regression weights
PR <--- Cognition based trust -1,808 -2,032 ,976 -1,852 ,064

PR <--- Knowledge based trust 1,866 2,921 ,663 2,814 ,005
WP <--- Knowledge based trust 2,201 4,131 ,973 2,262 ,024
WP <--- IT 1,000 1,907
WP <--- Cognition based trust -2,540 -3,421 1,424 -1,784 ,074
WP <--- PP 1,000 1,717
WP <--- PI -6,475 -3,614 2,395 -2,703 ,007
WT <--- Cognition based trust 1,000 ,509
WT <--- Knowledge based trust 1,000 ,709
WT <--- Institutional trust 1,000 ,097
WT <--- PC involuntary 1,000 ,715
WT <--- PC voluntary -,800 -,738 ,323 -2,480 ,013
WT <--- PR -7,940 -3,595 5,160 -1,539 ,124
WT <--- WP 9,315 3,518 6,215 1,499 ,134
Covariances: (Group number 1 - Default model)

PV <--> PI ,031 ,014 2,215 ,027
CI <--> PI ,017 ,009 1,984 ,047
F <--> RV ,101 ,033 3,067 ,002
LC <--> PI ,038 ,017 2,263 ,024
LC <--> RV ,017 ,008 2,127 ,033
Correlations: (Group number 1 - Default model)

Estimate
PV <--> PI ,256
205
Estimate
CI <--> PI ,360
F <--> RV ,477
LC <--> PI ,259
LC <--> RV ,155
Squared Multiple Correlations: (Group number 1 - Default model)

Estimate
PI1_1 ,026
PP1_1 ,374
IT4_1 ,717
IT3_1 ,519
IT2_1 ,556
IT1_1 ,481
WP2_1 ,044
WP1_1 ,107
PV1_1 ,364
PV2_1 ,714
PV3_1 ,789
PV4_1 ,570
PV6_1 ,416
PV7_1 ,268
PC7_1 ,327
PC6_1 ,316
PC5_1 ,564
PC4_1 ,323
PC3_1 ,382
PC2_1 ,506
PC1_1 ,349
PR3_1 ,362
206
Estimate
PR2_1 ,314
PR1_1 ,369
CI1_1 ,082
CI2_1 ,031
CI4_1 ,045
WT7_1 ,777
WT6_1 ,665
WT5_1 ,674
SV1_1 ,006
SV2_1 ,001
RV1_1 ,299
RV2_1 ,258
RV3_1 ,033
F1_1 ,663
F2_1 ,758
F3_1 ,811
F4_1 ,858
LC1_1 ,560
LC2_1 ,827
LC3_1 ,391
T10_1 ,402
T9_1 ,331
T8_1 ,483
T7_1 ,747
T14_1 ,373
T13_1 ,368
T12_1 ,284
T6_1 ,018
T4_1 ,036
T2_1 ,008
207
6.8 Evaluation of the model(s) and Discussion on the state of hypotheses:
In the earlier section, the structural equation modelling processes have been run through,
providing us with several model fit indices and several indicators of relationship strengths
between variables. We can assess the predictive accuracy of the models by sifting through the
covariances, unstandardized and standardized regression weights, and squared multiple
correlations. These are all essential elements of any multiple regression analysis, and
structural equation modelling is a combination of simultaneous such regressions taking place.
In our study we have used a sample size of 323; however, the intent is of course not to
measure the responses of only the 323 respondents. Hence we have run the simulations to
develop the best predictive model by assessing how well the alternative models posed can be
generalized to a whole population. Hair, Tatham, Black, and Anderson (1984) identify four
issues that need to be evaluated in this regard:
1. determining the appropriateness of the estimated model

2. examining the statistical significance of the predictions
3. assessing the strength of the relationships between predictor and criterion variables,
and
4. identifying influential observations and determining whether they are to be included or
excluded.
6.8.1 Problems of multicollinearity
Multicollinearity denotes a high level of intercorrelation among the independent variables. An

unwanted effect of multicollinearity is that in a model the effects of the independent variables
cannot be separated in presence of multicollinearity. Estimates are not affected, but the
assessment of the strengths of the variables or any joint effect interpretations become more
unreliable (Garson, 1998). As a norm, high collinearity can be assumed when intercorrelation
exceeds 0.8 among the independent variables. in other words, a R squared value near 1 belies
the assumption non-collinearity. Other indications of high collinearity are higher standard
error of the coefficients. This makes interpreting the individual contribution of the
independent variables harder to isolate.
208
Garson (1998) suggests looking at tolerance values rather than the correlation matrix, as the
correlation matrix reveals bivariate multicollinearity. It should be noted that even when
multicollinearity is present, estimates of the importance of other variables in the equation
(variables which are not collinear with others) are not affected.
Normally, in a structural model equation, all standardized regression weights should fall
within the range of plus or minus 1. Any exception is an indicator of the presence of possible
multicollinearity. In such a case, two variables underlying the same latent variable would
feature nearly identical characteristics. This prevents the analytical software (in this case,
AMOS) from calculating the proper regression weights for the nearly identical paths to the
latent variable; and it results in standardized weights being over +1 or lesser than -1. the
associated large standard of errors also indicate multicollinearity.
If we take a look at our best fit table of standardized estimates, we see a few instances where
we have obtained standardized estimates of greater than or close to 1.
Unstandardized Standardized Std. Critical Sig.

estimates estimates error ratios level
(S.E.) (C.R.) (P)
PP <--- PI 3,080 1,000 1,153 2,672 ,008
Institutional trust <--- LC ,274 1,000 ,088 3,104 ,002
2,462 1,198 ,671 3,668 ***
RV
Cognition based trust <--- SV 2,047 1,000 ,369 5,545 ***
IT <--- PP 1,109 1,000 ,114 9,768 ***
PR <--- Knowledge based
1,056 1,439 ,155 6,828 ***
trust
WP <--- Knowledge based
1,271 1,809 ,262 4,852 ***
trust
WP <--- IT 1,000 1,578
209
WP <--- Cognition based trust -,877 -1,305 ,262 -3,352 ***
WP <--- PP 1,000 1,423
WP <--- PI -6,453 -2,981 2,385 -2,705 ,007
WT <--- PR -4,431 -2,724 1,619 -2,737 ,006
WT <--- WP 4,435 2,610 1,855 2,390 ,017
Offhand, it tells us of possible multicollinearity between RV and SV, however one may err in
this assumption since even though both factors lead to trust, one is linked to cognition based
trust and the other knowledge based trust. Still, in our model there was a covariance between
the two factors, and that may account for the closeness. We see further evidence of
multicollinearity between knowledge based trust and cognition based trust when we compare
their standardized estimates in relation to willingness to be profiles online (WP), showing
1,439 and -1,305 respectively. We almost certainly have collinearity between pc involuntary
and pc voluntary and their relationship path to perceived risk (PR). In once instance we have
standardized estimate of 1,940, and in another -1,971.
A suggested way to find multivariate multicollinearity is to examine the tolerance for the
factors. Tolerance is (1 – R squared) for the independents. As a rule of thumb, a tolerance of
less than 0.2 is indicates a problem with multicollinearity. The more tolerance nears 0, the
higher will be the multicollinearity problem.
The following table presents the tolerance values for each indicator:
R
Indicator squared Tolerance
PI1_1 0,03 0,97
PP1_1 0,38 0,63
IT4_1 0,72 0,28
IT3_1 0,52 0,48
IT2_1 0,56 0,45
IT1_1 0,48 0,52
WP2_1 0,06 0,94
WP1_1 0,16 0,84
210
PV1_1 0,36 0,64
PV2_1 0,71 0,29
PV3_1 0,79 0,21
PV4_1 0,57 0,43
PV6_1 0,42 0,58
PV7_1 0,27 0,73
PC7_1 0,33 0,67
PC6_1 0,32 0,68
PC5_1 0,57 0,43
PC4_1 0,32 0,68
PC3_1 0,38 0,62
PC2_1 0,50 0,50
PC1_1 0,35 0,65
PR3_1 0,39 0,61
PR2_1 0,36 0,65
PR1_1 0,42 0,59
CI1_1 0,08 0,92
CI2_1 0,03 0,97
CI4_1 0,04 0,96
WT7_1 0,51 0,49
WT6_1 0,40 0,60
WT5_1 0,42 0,58
SV1_1 0,10 0,90
SV2_1 0,12 0,88
RV1_1 0,31 0,69
RV2_1 0,32 0,68
RV3_1 0,12 0,88
F1_1 0,66 0,34
F2_1 0,77 0,23
F3_1 0,80 0,20
F4_1 0,87 0,14
LC1_1 0,58 0,42
LC2_1 0,80 0,20
211
LC3_1 0,41 0,60
T10_1 0,34 0,66
T9_1 0,25 0,75
T8_1 0,38 0,62
T7_1 0,63 0,37
T14_1 0,61 0,39
T13_1 0,59 0,41
T12_1 0,51 0,50
T6_1 0,04 0,96
T4_1 0,05 0,95
T2_1 0,03 0,97
While we do see several indicators exhibit tolerance value close to or lower than 0.2, not all of
them underlie the same latent variable. However, such instance occurs in case of familiarity
(F) and location (L), where both factors are measuring trust. In case of familiarity, three items
are indicating very low tolerance. We also see that we had failed to establish a relationship
between familiarity and knowledge based trust although theoretically a relationship was
postulated. At the same time, we have a standardized path loading 1,198 (greater than 1)
between reputation (RV) and knowledge based trust. Thus it is possible that the computation
prioritized the link between RV and knowledge based trust at the expense of the relationship
between familiarity and knowledge based trust. That would indicate familiarity and reputation
has shown nearly identical characteristics in the online context, which in fact is theoretically
justified (extending Jarvenpaa et al, 2000), since reputation is one of the means or perhaps
substitute of gaining physical familiarity with an online vendor. One of the effects of
multicollinearity is that we may be unable to discern a relationship where one in fact exists. In
case of similar identity between reputation and familiarity, we can then in fact assume
existence of a relationship after all between familiarity and knowledge based trust.
The question arises whether the existing multicollinearities change our findings in any
substantial way, or the best way to handle such multicollinearities. Several options are
advanced:
212
x increasing the sample size: this decreases the standard errors overall including those
created by high multicollinearity. However, due to time and study limitations this is
not a viable option.
x Combining variables in to one composite variable: the research model was developed
and variables identified based upon theory. However, there is no theoretical urgency to
combine, for example, familiarity and reputation into a composite variable at this
point. It can be considered as a possibility for future studies particularly in the online
context.
x Removing most intercorrelated variables: Since the variables have been included
based upon existing research and theory, such a step would not be acceptable simply
because of multicollinearity.
x Using principal components factor analysis and using factors as independents: the
confirmatory factor analysis was run and emerging factors were indeed used as
independents.
All considered, we do not have to modify our model to address multicollinearity since it
does not affect our estimates for the non-interrelated variables. Instead, it is better to keep
a note of where multicollinearity exists, so that when interpreting our results we can
exercise caution and perhaps detect cause of absence of relationships where one may have
been anticipated. In our case, the linkage between familiarity and knowledge based trust
can be cited as such an example.
6.8.2 Hypothesis discussion:
H1 Perceived control over information (denoted as CI) has a relationship with privacy
concerns (denoted as PC).
Control over information was earlier identified as composed of unidimensional scale items.
As discussed during hypothesis formulation, Goodwin (1991) defined privacy in terms
consumer control. Two aspects were identified: privacy as the consumer’s ability to control
the presence of others during a transaction or consumption behaviour; as well as the control
they can exert upon the information that is disseminated during the transaction or interaction
to parties that are not present during a transaction. In subsequent analysis we were able to
213
establish privacy concerns to have two dimensions, which were identified as involuntary
privacy concerns, and voluntary privacy concerns. They correspond respectively with ability
to control the presence of others and the ability to control information dissemination during
transactions. Thereby we obtain further theoretical support for Goodwin’s (1991) contention.
At the stage of hypothesis formulation, privacy concerns was still treated as a unidimensional
construct, thereby resulting in a single hypothesis. With the re-examination through the
confirmatory analysis we can break down the single hypothesis into two components; and
further following the relationship dynamics, the null hypotheses could be categorized as
follows:
H1a0= There is no relationship between perceived control over information (CI) and
involuntary privacy concerns
H1b0= There is no relationship between perceived control over information (CI) and
voluntary privacy concerns
Checking the estimates obtained from accepted best fit model the standardized path
coefficient between CI and involuntary PC is 0,936 at a significance level of P=0.001. the
critical ratio is 3,233 which is over the 1.9 normed limit. Thus we have a significant and
positive relationship between the two variables. Therefore, we reject null hypothesis H1a0.
The standardized path coefficient between CI and PC voluntary is 0,944 at significance level
of P<0.001. The critical ratio is 3,310. Thus there is a significant and positive relationship
between CI and PC voluntary. This leads us to also reject the null hypothesis H1b0.
H2 Perceived control over information (denoted as CI) has a relationship with Trust.
H20 = There is no relationship between control over information and trust.
The relationship between CI and the different components of trust were explored in earlier
models. It was not possible to reach an admissible solution by linking all three trust
components and CI. Admissible solutions could be found by omitting linkage between
institutional trust and control over information. However even then, there was little or no
214
evidence was found between control over information and trust. The simulation provided the
following results:
Unstandardized Estimate S.E. C.R. P

Knowledge based trust <--- CI -,055 ,131 -,417 ,676
Cognition based trust <--- CI -,271 ,182 -1,488 ,137
Standardized estimates are -0,027 and -0,099 respectively. As we can see, in both cases the
probability level is not significant, and the critical ratio does not go over the acceptable
threshold point of 1.9. On both counts, we do not have a significant relationship between
control over information and trust, even when the trust variable is broken down into
individual components thereby allowing a more minute examination of the relationship. Thus
the null hypothesis is accepted, rejecting any relationship between the two. Accordingly, in
the subsequent models, the tie up between the variables is omitted, and the final model does
not reflect a relationship between the two factors.
A point to note is that control over information was brought forth as a variable that was more
closely tied to the antecedents of willingness to be profiled online. We have substantiated
such a stance by our simulation which confirms that there is a definitive relationship between
control over information and privacy concerns. However, it does not necessarily imply that
control over information can likewise be linked to trust leading to willingness to transact. We
have failed to substantiate a relationship between control over information (CI) and trust. This
indicates that there is little significance of whether a person can control the presence of
possible others or retain control over information has little to do with his/her ultimate decision
to proceed with a transaction. We have clearly seen disconnect with CI and any trust that may
be formed in a transaction scenario. Conversely, we may speculate that trust also will have a
weakened relationship with willingness to be profiled online (WP).
H3: Trust (T) has a positive relationship with the willingness to disclose information and be
The null hypothesis is posited as
215
H30 = There is no relationship between trust and willingness to disclose information online.
From the table, knowledge based trust shows unstandardized path coefficient of 1.27 with a
corresponding critical ratio of 4.85 at a significance level of p<0.01. This indicates that at
least for knowledge based trust, we can reject the null hypothesis. The numbers for
relationship between institutional trust and willingness to be profiled however, are quite the
opposite. The standardized estimate is 0,014 signifying a very weak link, with a
corresponding critical ratio of 0,173 and significance level of 0,863. This leads us to reject
any association between institutional trust and willingness to be profiled. As institutional trust
denotes trust in the internet environment in general, this in effect signifies that whether a
person is trusting of the internet or not, he or she may well proceed to disclose data online;
which may indicate that lesser import is placed upon the importance of data disclosure that
may lead to profiling compared to transactions where there are chances of monetary loss. We
also see an association between cognitive trust or trust based on cues such as reputation etc.
and willingness to be profiled. With a path coefficient of -0,877 and critical ratio of -3,352 at
a significance level of p<0.001 there is evidence of a relationship between the two factors.
The direction indicates willingness to be profiled is not a result, but rather a precursor to
formation of cognition based trust. McKnight Cummings et al (1998) identify disposition to
trust and institution based trust influenced by cognitive processes to be antecedents of
formation of trusting beliefs and trusting intentions. Our findings would indicate that the
trusting intentions which are equated with resultant action do not extend as far as willingness
to be profiled but rather to willingness to transact. There should thus be a disconnect between
WP and WT which we shall investigate further on. For knowledge based trust and cognitive
trust, we reject the null hypothesis; for institutional trust, we accept the null hypothesis.
H4: Trust (T) has a positive relationship with the willingness to transact online (WT).
H40 = There is no relationship between trust and the willingness to transact online.
As has been discussed earlier, theoretically there is ample evidence of such a relationship.
McKnight Chaudhury et al, 2002; Wang, 1998; Gefen Karahanna, Straub, 2002; Friedman,
2000; McKnight Cummings Chervany, 1998 have all mentioned trust to be a key factor in
adoption of e-commerce, as well as in purchasing of products and services. McKnight
216
Chaudhury and Kacmar (2002) also identified information disclosure and purchasing on the
internet as trust related behaviours. However, in our findings we could only partially confirm
the role of trust in information disclosure behaviour. In this research we have measured trust
related behaviours or intention in this research instead of measuring actual transaction
behaviour. This stance is justified by Sheppard, Hartwick, Warshaw (1988), Venkatesh, Davis
(2000), McKnight Chaudhury Kacmar (2002) who posited that there remains a strong
correlation between behavioural intention and actual behaviour. Agarwal Prasad (1998) and
Gefen Karahanna et al. (1999) indeed recommend measuring intention to engage in trust
behaviour in lieu of actual behaviour to bypass situational difficulties.
In our model, since there was a strong theoretical background for assumption of definitive
relationships, the three trust components were constrained to a value of 1. This helped to
identify the model and reach admissible solutions. The standardized loadings for cognition
based trust to willingness to transact (WT) was found to be 0,875, which is a high factor
loading. Similarly, knowledge based trust also shows a high factor loading at 0,838. in both
cases therefore we can reject the null hypothesis. For institutional trust however, we get a
relatively lower loading at 0,256 only. This suggests institutional trust is a somewhat
unreliable indicator of willingness to transact. However, there is still evidence of a
relationship, weaker as it may be. We can reject the null hypothesis for institutional trust too.
What it in effect translates to, is that the internet is not a medium that fosters trust among the
participants by itself. For a person to be willing to engage in a transaction, much more
important are the knowledge based and cognition based trust, which are company specific and
based upon perception about a company, reputation etc. indeed, if we take a look at the
squared multiple correlations which represent how much variance the common factors
account for in the observed variables; we see that T7 which belongs to knowledge based trust
shows the highest single loading at 0,626. However, the items in cognitive trust all show very
high loadings consistently at 0,613,0,587, and 0,505. Thus a common thread of willingness to
transact accounts highly for cognitive trust, followed by knowledge based trust. Breaking
down the components, cognitive trust draws upon reputation of a vendor, size etc, whereas
knowledge based trust draws upon familiarity, reputation (also). We could have concluded
that familiarity plays a lesser part in deciding to go ahead with a transaction, however the item
T7 which individually exhibits the highest loading is a familiarity indicator. Thus we cannot
negate the importance of familiarity.
217
H5 : Trust (T) in a store has a significant relationship with risk perception (PR).
Null hypothesis being:
H50 = No relationship between risk perception and trust
Of the three components of trust, knowledge based trust is shown to have the most significant
relationship with perceived risk. Path coefficient is found to be 1,439, at a critical ratio of
6,828 at a significance level of beyond p<0.001. This shows a highly significant relationship.
Cognition based trust also shows the presence of a viable relationship. However its path
loadings are lower at 0,587 with a critical ratio of 2,832 at a significance level of 0,005. This
qualifies it to have a significant relationship just barely. The findings imply that size,
reputation, familiarity with a vendor, all play a part in assuaging customers regarding the risk
they perceive in dealing with the vendor. Taking a look at the r squared values, pr1,2, and 3
show values of 0,415, 0,355, and 0,391; meaning one or other form of trust accounts for 35 to
42% of the variances within the indicators. We can therefore reject the null hypothesis for
knowledge based and cognition based trust in their relationship with perceived risk.
Institutional trust, on the other hand, shows a standardized loading of only 0,082 which is
quite small. The critical ratio for the path is 1,253 at a probability level of 0,210. On both
counts the relationship path is not significant. This means we cannot establish a linkage
between institutional trust and perceived risk; implying trust in the internet by itself does not
translate to any lessening of the risk perceived in a transaction, and there is no direct
connection between the two. In conjunction with the validity of the relationship of the other
trust components, it is the store properties and perception and familiarity that drive a customer
to transact or not, rather than whether he feels secure on the internet in general or not. We
therefore partially reject the null hypothesis.
H6: There is a significant relationship between Perception of risk (PR) and the willingness
to transact (WT).
Null hypothesis is posited as:

H60 = No relationship between perception of risk and the willingness to transact.
While the path coefficient is high between the two factors, the critical ratio is also acceptable
at 2,737, however the significance level is just outside the cutoff point at 0,006. This implies
218
there is a relationship however it may not be statistically significant and no certain pattern can
be discerned that one may lead to the other. McAllister defined the perception of risk in an
online context as a trustor’s belief about the likelihood of gain or loss involving relationship
with a trustee. Thus risk is more likely to be associated with trust than being a direct
antecedent of willingness to transact. Our findings would appear to confirm the observation.
At the same time, Jarvenpaa Tractinsky and Vitale (2000) also show perception of risk to be
an outcome of trust in an internet vendor, and show both factors to be antecedents of the
willingness to purchase. However, it would appear that trust plays a more direct role in
leading to transaction, and risk perception is secondary and more directly linked to trust
formation as a precursor to willingness to transact. The null hypothesis can be rejected, but
with some reservations.
H7: There is a positive relationship between perceived vulnerability (PV) and the privacy
concerns (PC).

H70 = No relationship between perceived vulnerability and privacy concerns.
Vulnerability was earlier defined as the perceived possible negative consequences of a

disclosure (Fusilier and Hoyer, 1980). PV was posited as an antecedent of privacy concerns,
in turn leading to information disclosure. The stance was supported by Dinev and Hart (2004)
who concluded that perception of outcome of any information disclosure on the internet
functions as a determinant of privacy concerns. During the analysis privacy concerns was split
up into two variables, voluntary and involuntary privacy concerns. The research model
simulation posits perceived vulnerability to have a path with both constructs.
The results show a standardized path loading of 0,352 between PV and PC involuntary, with a
critical ratio of 4,369 at a significance level of p<0,001. This denotes a significant relationship
between the two variables. The path between PV and PC voluntary shows a slightly lower but
still acceptable loading of 0,331 with a critical ratio of 4,372 at significance level of p<0.001.
This also signifies a strong relationship. We can therefore definitively discard the null
hypothesis, implying perceived vulnerability leads to privacy concerns, both in involuntary
and voluntary information disclosure scenarios.
219
H8: There is a positive relationship between perceived vulnerability (PV) and the
perception of risk (PR).
H80 = No relationship between perceived vulnerability and perception of risk.
An additional hypothesis was proposed indicating a relationship between PV and perceived

risk. Such hypothesis was put forward based upon Culnan and Armstrong’s (1999) contention
that perception of vulnerability is a construct in the privacy calculus framework. They stated
that a consumer is willing to engage in disclosing information online if the benefits arising out
of such disclosures outweigh the risks associated with such disclosures, thereby linking it with
perceived risk. Furthermore, Dinev and Hart echoed the view by stating that if consumers
perceive any negative consequence out of their information disclosure or any evidence of
unfair information practices, then they would retract from activities that require information
disclosure on the internet due to higher privacy concerns.
The results indicate no such relationship can be substantiated. The standardized loading for
the path is 0,030 which is quite low, and the critical ratio is 0,199 at a significance level of
0,842. Thus we accept the null hypothesis that there is no discernible relationship between the
two variables.
H9: There is a positive relationship between perceived size of vendor (SV) and trust.

H90 = There is no relationship between perceived size of a vendor and trust.
Doney and Cannon (1997) stated that size of a company provides cue to a customer about its
trustworthiness. Since cognition based trust relies on external cues for formation, it is
perceivable that size can be linked more closely to cognition based trust. However, the
observation was made in the context of offline stores, hence it remains to be seen if such
observation can be sustained in an online context. Jarvenpaa, Tractinsky, and Vitale (2000)
also highlight the size of a company as a factor in forming first impressions regarding a firm’s
trustworthiness.
220
The results confirm the statements to some extent. In relation to cognition based trust, the
standardized path loading is 1, with a critical ratio of 5.5 at a significance level of p<0.001.
we can thereby confirm size as an antecedent of cognitive trust. In case of knowledge based
trust however, the path loading is 0,301 with a critical ratio of 1,077 and significance level of
0,281, leading us to accept the null hypothesis in its case. There was no literature support for
linkage between size and institutional trust, hence the linkage was dropped from the model.
We therefore reject the null hypothesis with respect to cognition based trust, but for
knowledge based trust, we accept the null hypothesis.
H10: Reputation (RV) of a web vendor is positively linked to trust (T).
Null hypothesis:
H100 = There is no relationship between reputation (RV) and trust (T).
Reputation is perhaps more harder to classify, as far as which trust component that it indeed
has a relationship with. At first glance, it would appear as an antecedent of cognition based
trust since this is a cue for trust formation and cognitive trust is based upon external cues.
However, reputation is a more abstract form and cannot be quantified as many other factors
such as size of a company. Quelch and Klein (1996) stated that consumers favour web
vendors with whom they are familiar from traditional channels. Metzger (2004) classified
reputation as regard for a company, stating it as a key component of perception of trust about
a company, and stressing that that reputation and experience are both linked to trust.
McKnight Chervany (1998) state that reputation is also an indicator of honesty and
predictability, and it generates trusting beliefs in the absence of prior knowledge. However,
during our study, the sample size indeed is familiar with the company in question, and as such
absence of prior knowledge is not a factor, i.e. role of cognition based decision making is not
paramount; rather, the customer is relying on prior or existing knowledge about the company.
Thus, there is less ground for linking reputation to cognition based trust as there is for linking
reputation to knowledge based trust. Accordingly, in our final path model we have linked
reputation to knowledge based trust.
The results obtained from the simulation do appear to validate our assumption. The
standardized path loading is 1,19 with a critical ratio of 3,668 at a significance level of
221
p<0.001. This indicates a strong relationship between the two variables. We can therefore
reject the null hypothesis.
An alternative model was in fact simulated with relationships between reputation (RV) and
both knowledge based and cognition based trust. An admissible solution was only reached
after considerably raising the iteration limit. Results were as follows:
Knowledge based trust <--- RV 3,639 ,948 3,838 ***
Cognition based trust <--- RV 3,346 ,898 3,727 ***
At the same time, the relation between SV and both components of trust were negated within
the model. The impact of size is overtaken by reputation when reputation is recognized as a
formator of cognition based trust.
Cognition based trust <--- SV 13,944 54,442 ,256 ,798

Knowledge based trust <--- SV -,411 4,194 -,098 ,922
This was a nested model where the indicators and the variables were kept the same. Only
relationship paths were changed. The overall model also gave satisfactory goodness of fit
indices:
CMin/df = 1.547, RMR 0,095, CFI 0.921, RMSEA 0,041,
This model was discarded on grounds of not being parsimonious. It does provide perhaps
better goodness of fit that the model we have accepted, but adding relationships are bound to
improve goodness of fits, but it comes at the risk ‘everything being correlated’ at the end of
the day, thus negating a more meaningful interpretation of the results and the data. In the
context of evaluating overall relationships between all the variables, the earlier model is taken
as a better fit overall. In this case, we partially reject the null hypothesis as reputation is found
to have a significant relationship with knowledge based trust.
222
H11: Familiarity with vendor (F) has a positive effect on trust (T).
Null hypothesis:
H110 = No relationship between familiarity (F) with a vendor and trust (T).
The relationship between familiarity and trust surprisingly could not be established. Based on
theoretical definitions earlier discussed, familiarity as a construct was linked to knowledge
based trust. However, the standardized path loading was only 0,128 at a critical ratio of 1,305,
below the cutoff point of 1.9 at a significance level of 0,192. Thus we have to accept the null
hypothesis that there is no significant relation between familiarity and trust (knowledge
based).
This findings contradicts earlier research. Gefen Karahanna Straub (2003) stated familiarity to
be one of the components of trust, stating that reduces consumer confusion about usage and
navigation procedures within a web site. DOney and Cannon (1997) also contended that
knowledge acquired about a company helps predict vendor behaviour forming trust along the
process. This apparent contradiction may be resolved through McKnight et al’s (1998)
statement that time and interaction history are needed for the development of trust. Since the
some of the respondents were familiarized with the company only prior to responding to the
study, the stated time and interaction history components are obviously either missing, or
weak at best. Thus it is conceivable that the absence of such a relationship might have been
caused due to the nature of the study and the composition of the sample. Thus, while we do
not have evidence to reject the null hypothesis, we do have reason to believe that such
relationship may exist, and the limitation and nature of the study has excluded such a finding.
H12: Originating location (L) of an e-vendor has a significant relationship with trust (T).
Null hypothesis:
H120 = No relationship between originating location (L) of e-vendor and trust (T).
This was a newly proposed hypothesis based upon the findings from an earlier study that
constituted the Licentiate study for the author. Since we have dealt with trust broken into
three components for this study, there could be two ways to classify location and its
relationship as an antecedent with trust.
223
We have classified location to have a relationship with institutional trust rather than cognitive
trust. The results show a standardized path coefficient of 1, with a critical ratio of 3,104 at a
probability level of 0,002. the significance level though is greater than 0,001, it is still below
0,005. Thus we can reject the null hypothesis and it would appear that there is a definitive
relationship between originating location and institutional trust.
H13: Privacy concerns (PC) have a positive relationship with consumer regard for
Null hypothesis posited as:
H130 = No relationship between privacy concerns (PC) and information transparency (IT).
The hypothesis was formed based upon Awad Krishnan’s (2006) study which proposed a
research model leading to willingness to be profiled online. We have incorporated the model
within our own. Fitting the relationships within our best fit model, it was not possible to
obtain an admissible solution. An admissible solution could only be achieved with a nested
model with alternative paths drawn to IT from either pc voluntary or pc involuntary, but not
both together.
The standardized path coefficient from PC involuntary to IT was 0,28, an acceptably strong
relationship with critical ratio at 5,632 and significance level of p<0.001. Alternatively, with
the link between PC involuntary omitted and path drawn between PC voluntary and IT, the
standardized path loading was found to be 0,216 at a critical ratio of 6,031 and significance
level p<0.001. Thus privacy concerns emanating from a involuntary disclosure situation
appears to have a stronger relationship with information transparency than in a voluntary
situation, which would appear to be theoretically and practically justified. Thus the null
hypothesis is rejected, and the alternative hypothesis accepted.
H14: Privacy concerns (PC) have a relationship with willingness to be profiled online
(WP).
H140 = No relationship between privacy concerns and willingness to be profiled online.
The hypothesis is a legacy proposition from Awad Krishnan’s (2006) model. Thus efforts at
accepting or rejecting the hypothesis would classify as a replication study of Awad Krishnan’s
224
work. In our research model, it was not possible to reach an admissible solution by
establishing relationship between the two variables. The best fit model was achieved through
a step by step progression of relationships with several permutations. The final model does
not accommodate such a relationship. This is not to imply that such a relationship does not
exist, but rather that it was not possible to fit such a relationship and achieve meaningful
results, since even with very high iteration levels, no admissible solution could be reached.
We therefore have to rely on Awad Krishnan’s findings for the particular hypothesis. We can
neither accept nor reject it.
H15 = Consumer willingness to transact online (WT) decreases with higher levels of
privacy concerns (PC).
H150 = No relationship between privacy concerns (PC) and consumer willingness to transact
online (WT).
A hypothesis was proposed drawing a relationship between privacy concerns and willingness
to transact. Since privacy concerns was broken down into two components based on earlier
analysis, both components were analyzed in the final model and a solution was able to be
achieved. The path from PC involuntary to WT was constrained to 1. The standardized
loading for the path came as 0,919 showing a significant relationship. The path coefficient
from PC voluntary to WT was left unconstrained, the path loading was found to be -0,928 at a
critical ratio of 3,849 at a significance level of p<0.001. Thus it also signifies a substantial
relationship. The negative sign signifies an inverse relationship between levels of voluntary
privacy concern and subsequent willingness to transact. Thus we have confirmation of the
proposed alternative hypothesis. The null hypothesis is rejected for both voluntary and
involuntary privacy concern, and the alternative hypotheses are accepted in their entirety.
H16 = There is a relationship between consumer perception of previous privacy invasion

(PI) and willingness to be profiled online (WP).
225
H160 = There is no relationship between previous privacy invasions (PI) and willingness to be
As in H14, this is a legacy proposition from Awad Krishnan’s (2006) model of willingness to
be profiled online and here it takes the form of replication. We were able to fit the path in the
final research model, obtaining a path loading of -2,981 at a critical ratio of -2,705 at a
significance level of 0,007. Since the significance level falls outside the acceptable limits of
0,005, we have to assume there is no statistically significant relationship between the two
variables. However, the loadings show that there may be an inverse relationship between the
two, and that willingness to be profiles online decreases with occurrences of previous privacy
invasions. As a legacy hypothesis, we may retain the relationship within the final research
model even though we were unable to successfully replicate the results.
H17: There is a relationship between regard for information transparency (IT) and
willingness to be profiled online (WP).
Null hypothesis:
H170 = No relation between regard for information transparency and willingness to be

profiled online.
A legacy proposition, the relationship path between IT and WP was constrained to 1. the
standardized path loading came to 1,578 signifying a significant relationship between the two
variables. The null hypothesis is thereby rejected. We retain the relationship as depicted in
Awad Krishnan’s research model for our purposes.
H18: Importance of privacy policies (PP) increase with consumer rated importance of
Null hypothesis:
H180=No relationship between PP and IT.
Also a legacy hypothesis, a very strong relationship could be established between importance
places upon privacy policies and information transparency. This relationship was adopted
from the Awad Krishnan model and replicated in our study. The simulation shows a
226
standardized path loading of 1 with a critical ratio of 9,768 at a significance level of p<0.001.
We can reject the null hypothesis and retain the original relationship within our proposed
research model.
H19: Consumer regard for privacy policies (PP) have an impact on willingness to be
Null hypothesis posited as:

H190= No relationship between PP and WP.
Part of the legacy hypotheses brought froth from Awad Krishnan model, the path between the
two variables was constrained in our model to 1. in our best fit model simulation, the result
obtained for standardized path loading was 1,423 signifying a strong relationship. We
therefore reject the null hypothesis.
The hypothesis H20 was omitted from our study at a latter stage since willingness based upon
demographic variances is outside the scope of our study.
H21: Willingness to be profiled online (WP) is positively linked to willingness to transact

online (WT).
H210 = There is no relationship between willingness to be profiled online (WP) and

willingness to transact online (WT).
The hypothesis proposes that willingness to be profiled online can lead to one being willing to
also transact with the same site. This proposition extends Awad Krishnan’s model, which
takes willingness to disclose information as the dependant variable, and takes it as one of the
antecedents of the final dependant variable in our model, the willingness to transact (WT). In
our best fit model, the standardized path loading is 2,610 with a critical ratio of 2.390 at a
significance level of 0,017. Thus even though there is trace of a relationship, the results are
227
not statistically significant enough to establish a formal path between the two variables,
implying a willingness to be profiled does not translate into also being willing to transact.
H22: Previous invasion of privacy can have an effect on importance placed upon privacy
H220: No relationship between PI and PP.
A legacy hypothesis, the simulation shows a standardized path loading of 1 at a critical ratio
of 2,672 at a significance level of 0,008. Thus it falls outside the boundaries of acceptable
norm for establishing a relationship. It needs to be kept in mind that testing this hypothesis
was a replicating exercise, and based on the results even though we cannot successfully
reproduce the results, it does not imply that the relationship is invalid. The path loading is
strong enough to suggest there may be a relationship, except for our sample it is not
significant enough. As a legacy relationship, we can retain the path; but we cannot accept or
reject the null hypothesis at this stage.
6.8.4 Summary of the status of null hypotheses:
A summary of the state of hypotheses are given below (*Rejection of the null hypothesis
denotes there is a statistically significant relationship path between the variables in question).
Table 15: Summary of the status of null hypotheses

Alternative hypotheses Status of null hypothesis
H1 Perceived control over information(CI) has a Rejected for both involuntary
relationship with privacy concerns (denoted as PC and voluntary privacy concerns.
henceforward).
H2 Perceived control over information is positively linked Accepted for all three
to trust (T). components of trust addressed
in the study.
H3 Trust (T) has a positive relationship with the Partial rejection.
willingness to disclose information and be profiled Rejected for knowledge based
online (WP). trust and cognition based trust.
Accepted for institutional trust.
228
H4 Trust (T) has a positive relationship with the Rejected for all three
willingness to transact online (WT). components of trust.
H5 Trust (T) in a store affects risk perception (PR). Partial rejection.
Rejected for knowledge based
and cognition based trust.
Accepted for institutional trust.
H6 There is a relationship between Perception of risk (PR) Rejected.
and the willingness to transact (WT).
H7 There is a positive relationship between perceived Rejected for both involuntary
vulnerability (PV) and the privacy concerns (PC). and voluntary privacy
concerns.
H8 There is a positive relationship between perceived Accepted.
vulnerability (PV) and the perception of risk (PR).
H9 There is a positive relationship between perceived size Partial rejection.
of vendor (SV) and trust. Rejected for cognition based
trust.
Accepted for knowledge based
trust.
(no linkage was proposed with
institutional trust).
H10 Reputation (RV) of a web vendor is positively linked to Rejected for knowledge based
trust (T). trust.
H11 Familiarity with vendor (F) has a positive effect on Accepted with reservations.
trust (T). Longer interaction history is
theorized to possibly alter
finding.
H12 Originating location (L) of an e-vendor can have an Rejected for institutional trust.
effect on trust (T).
H13 Privacy concerns (PC) have a positive relationship Rejected for pc involuntary.
with consumer regard for information transparency
(IT).
H14 Privacy concerns (PC) have a relationship with Inconclusive. Can be retained
willingness to be profiled online (WP). as a legacy path.
229
H15 Consumer willingness to transact online (WT) Rejected for both involuntary
decreases with higher levels of privacy concerns (PC). and voluntary privacy
concerns.
H16 There is a relationship between consumer perception of Accepted with reservations.
previous privacy invasion (PI) and willingness to be May still be retained.
H17 There is a relationship between regard for information Rejected.
transparency (IT) and willingness to be profiled online
(WP).
H18 Importance of privacy policies (PP) increase with Rejected.
consumer rated importance of information
transparency (IT).
H19 Consumer regard for privacy policies have an impact Rejected.
on willingness to be profiled online.
H21 Willingness to be profiled online (WP) is positively Accepted
linked to willingness to transact online (WT).
H22 Previous invasion of privacy can have an effect on Inconclusive. May be retained
importance placed upon privacy policies at a website. as a legacy path.
The final research model is presented as follows depicting the confirmed paths between the
variables, in accordance with the final best fit path model and the corresponding accepted
alternate hypotheses:
230
Figure 59: Illustration of research model following accepted relationships
231
Chapter 7
Findings, conclusions, and contributions
This chapter presents the principal findings and conclusions drawn from the analyses. The
chapter is divided into three sections; the first section classifies the findings with respect to
the research questions identified at the beginning of this study. The latter section summarizes
any small theoretical contribution made by the study, and any managerial implications of such
findings. Lastly, any avenues of further research that may have opened up are identified and
discussed. An attempt has been made to interpret the results and their implications cohesively
in light of existing theory.
7.1 Introduction
The aim of this research was to attempt to identify strategic privacy leverage areas that
enterprises may utilize when transacting and building relationships with online customers.
The research finally proposes a model that examines individuals’ personal construct system
behind formation of trust and privacy concerns in an online environment and empirically tests
how such willingness to transact on the customer’s part is shaped once the privacy concerns
are assimilated in the equation along with trust inducing factors.
A set of three research questions were therefore posed. To recapitulate:
1. “What are the factors responsible for customer willingness to disclose information to
an online merchant?”
2. “What are the factors responsible for customer willingness to transact with an online
merchant?”
3. “Does willingness to disclose information online have an effect on customer
willingness to transact online?”
The findings will be discussed in this section with respect to each of the research questions
posed. The latter sections will discuss the theoretical implications of our findings.
233
A cornerstone of this paper was its reliance on earlier research conducted on trust in an online
environment. Several seminal research works can be mentioned in this regard; Gefen,
Karahanna, and Straub’s work on trust in online shopping (2003), Jarvenpaa, Tractinsky, and
Vitale’s (2000) work on consumer trust in internet stores, McKnight Chaudhury Kacmar’s
categorization works on online trust (2002) that attempt to draw relationships between trust
constructs, and McKnight Chervany’s (1998) typology of trust to name a few. This research
incorporates their findings and attempts to extend the boundaries to a small extent.
Gefen Karahanna et al (2003) had posited calculative based trust, institution based trust, and
knowledge based familiarity as precursors to trust formation in intention to purchase in their
research model. McKnight et al (2002) expressed a similar opinion, except they prioritized
institution based trust and stressed upon personal innovativeness as a result of trusting stance,
a combination of which culminated in trust related behaviour, i.e. the ultimate act of
conducting a transaction. In both cases, trust formed a core component of resultant behaviour
in the online environment. Jarvenpaa Tractinsky (2000) on the other hand, treated trust as a
single composite variable, and related perceived size and reputation as antecedents of such
formation of trust. A willingness to buy was also chosen as the dependant variable in their
study.
Thus we appear to have several schools of thought regarding the role of trust, its antecedents
and its relationship with a willingness to transact. What complicates matters further is an
absence of concise trust typology (McKnight Chervany, 1998) for what is an increasingly
interdisciplinary concept, and the ambiguous role of perceived risk in the equation as to
whether it is an antecedent or dependant variable of trust. The research model estimated in
this research is a composition of two elements; a holistic model comprised of a set of
variables emanating out of existing trust related research; and a second set of variables arising
out of privacy concern related factors leading to a willingness to disclose information online.
While trust may have been treated as a core component in its lead up to willingness to
transact, the second set was based upon Awad Krishnan’s seminal paper (2006) that has
received further support in McKnight and Chervany’s (1998) earlier work who identified a
similar structure in the form of web vendor interventions. The research attempted to conjoin
the two opinion sets that address trust and privacy separately since it finds no theoretical
dichotomy, or reason for them to be mutually exclusive, in the quest to find a more
comprehensive answer to what makes a customer buy on the internet.
234
The initial theory based model posited trust at the core antecedent to willingness to transact. A
literature review dictated several more variables to be included as antecedents to trust, i.e.
familiarity, size of vendor, reputation. In addition, a new variable was proposed to be included
as antecedent, i.e. originating location of vendor. This was also the result of an earlier study
which suggested strong possibility of such a factor’s existence. Accordingly, scales were
composed out of existing research for pre-existing variables and a new scale was formed and
each tested for validity and reliability. The second set of constructs dealt with privacy
concerns and their relationship with willingness to disclose information online. A theoretical
review enabled proposition of several additional hypothesis that conjoined the two sets of
variables together. However, this also increased the complexity of the model and its
interrelationships considerably.
While the multidimensionality of constructs such as trust was discussed in detail during
literature survey, the initial model sketched treated each variable, latent or observed, as
unidimensional. This was done to preserve a semblance of simplicity as we embarked upon
analysing the model. However, during reliability analysis and subsequent confirmatory factor
analyses, multidimensionality of several variables became apparent. Chiefly among them,
trust was now decomposed into three factors, which were identified as cognition based trust,
knowledge based trust, and institution based trust based upon theoretical definitions and
characteristics exhibited by their respective scale items. Similarly, privacy concern, which
was also treated as a unidimensional construct could now be deconstructed into two distinct
factors, privacy concerns rising out of involuntary disclosures, and privacy concerns rising out
of voluntary disclosures. Other variables were found to be unidimensional, and a few items
were omitted. The newly proposed scale for location was also validated and found to be
reliable.
A set of null hypothesis and their alternative hypothesis were proposed that depicted the
relationships postulated. Structural equation modelling was the chosen statistical tool for
estimation of the model, which was conducted based upon a response set of 323 obtained
online.
235
7.2 Findings and conclusions drawn:
7.2.1 On identification of factors behind customer willingness to disclose information

with an online merchant and associated relationships (RQ1):
The conclusions are drawn based upon the findings from Study A and the subsequent study
conducted incorporating the Awad Krishnan (2006) model within Study B. The antecedents
of willingness to disclose information were treated as more of legacy hypotheses as they were
adopted from Awad Krishnan’s paper without much modification. Not all findings were
however not possible to be replicated. One of the principal findings to emerge out of our
study was the presence of two types of privacy concerns, which we have dubbed as privacy
concerns arising out of involuntary and voluntary disclosure situations. Both types exhibited a
high degree of relationship with willingness to disclose information online.
An additional variable was introduced, perceived vulnerability which was defined as the
perceived possible negative consequences of a disclosure (Fusilier and Hoyer, 1980). This
view was also supported by Dinev and Hart (2004). It was hypothesized that such a
vulnerability may be potent in both cases of voluntary and involuntary disclosure. Our
analysis showed that such relationships do indeed exist. We were however unable to
substantiate another proposition that perceived vulnerability may also be linked to perceived
risk. This belies Culnan and Armstrong’s (1999) contention who had stated that a customer
may be willing to engage in disclosing information online if he or she perceives that the
benefits arising out of such disclosures wins over the risks associated with such activities.
However, failing to establish such a relationship, we can hazard a possible explanation of the
phenomenon. It is conceivable that with the proliferation of individual’s data on the internet,
and the increasing sophistication and accuracy of search engines such as Google, we may
have all but given up any effort to preserve basic identifier data. Anyone with a browser and
an internet connection can pull up a plethora of information about someone else, and a little
dedicated research combining several sources can enable one to put together a rather
comprehensive profile of an individual. In such a reality, a resultant effect is the value of non-
core information is perhaps not what it was even five years ago. Consequently, we are liable
to put much less import on the risk associated with such information and its disclosure also. A
customer, while deciding on whether to disclose his personal data to a website or not has but
to ask himself, “What risk is in it, when someone can simply Google me and find it all out”?
236
Such an attitude does not take into account the fact that such search engine generated profile
is in all possibility the work of the contributor himself through his numerous disclosures.
However, most of us are perhaps past a point of no return in this respect already.
7.2.2 On identification of factors behind customer willingness to transact with an online

merchant and associated relationships (RQ2):
The Awad Krishnan (2006) model treated importance of information transparency as a core
factor leading to willingness to disclose information, which was preceded by previous privacy
invasions, privacy concerns, and importance of privacy policies. This structural path was
replicated and forms a part of our research model. Additionally, two other factors were
identified to have possible link ups to this privacy – information disclosure subset of
variables, they are control over information (Culnan Armstrong, 1993, 1999, Metzger, 2004)
and perception of vulnerability. In our initial model, control over information was
hypothesized to have relationships with both trust and privacy concerns, thereby acting as a
lynchpin between the two autonomous subsets of factors leading to the dependant willingness
to transact. From the set of relationships providing us with the best fit through structural
equation modelling, we were able to establish such a relationship between control over
information and privacy concerns from the estimates. A substantial linkage was found
between CI and both voluntary and involuntary privacy concerns. This would indicate that
whether customers are able to retain control over the information they divulge over the net, or
control the presence of others during such a transaction (Goodwin, 1991) does indeed have an
impact over their level of concern over possible privacy violation concerns.
This finding can indeed have far reaching implications. Corporations have long relied upon
presence of security seals and privacy notices as means to reassure customers as to the safety
of their information, both during future retention phases, and during the process of
information collection. If indeed customers place import upon whether and how much they
can control the information flow in determining their comfort level regarding privacy, such
corporate exercises may appear fruitful at least with regard to customer control of
information.
We were, however, unable to establish a relationship between control over information and
trust as we had anticipated. No significant relationship was found between CI and any of the
237
three trust components, leading us to conclude that being able to control the information flow
at a site does not translate automatically into generation of trust while dealing with a web
vendor. Previously we were unable to find a theoretical basis for assuming a relationship
between privacy concerns and its possible effect on trust. With its proximity to control over
information, albeit it was not explored in our study, it is likely that privacy concerns also do
not have a direct linkage with trust in a site. Trust being hypothesized as a strongly related
antecedent of willingness to transact, based upon this disconnect, we could conversely
speculate that willingness to be profiled may not be linked to a willingness to transact.
Subsequent analysis justified the veracity of this assumption.
As has been mentioned before, one of the aims of this research was to try and present a more
holistic view or a perspective that combined the hithertofore separately dealt constructs of
willingness to disclose information and the willingness to transact online, and their
antecedents. A principal tenet of such a holistic view would be to be able to relate two or
more of the core variables from the two subsets of WT and WP. Trust was further proposed to
have a relationship with willingness to disclose information. Since trust was deconstructed
into three separate factors, all three factors were initially hypothesized to have such a
relationship. We were able to substantiate the relationships in cases of knowledge based trust
and cognition based trust. In case of institution based trust, we were unable to establish a
relationship.
Since institutional trust is one’s general trusting stance of the internet environment, this
finding would indicate that one may be comfortable surfing the internet, yet may not
indiscriminately disclose information to sites. Cognition based trust and knowledge based
trust are formed based upon external cues that are more tangible, such as prior knowledge,
reputation, recommendation etc. One’s stance toward conducting day to day operations do not
automatically extend to sites when it comes to an operation that requires more personal
involvement, i.e. disclosing of information by the customer or internet user. Such operation is
only permitted when the other two trust components or knowledge based and cognition based
trust are introduced, providing a host of additional external cues to the user.
One of the critical assertions made in this research is the proposed link between trust and the
willingness to transact (along with link to willingness to disclose information). This assertion
echoes earlier claims by McKnight Chaudhury (2002). Wang, (1998), Gefen Karahanna
238
Straub (2002), Friedman (2000), McKnight Cumming Chervany (1998), Jarvenpaa Tractinsky
et al (2000). Both willingness to transact and willingness to disclose information was
identified by McKnight Chaudhury et al (2002) to be trust related behaviours. As we have
noted in the earlier paragraph, the role of trust was only partially confirmed with willingness
to disclose information, as no role of institutional trust could be discerned in such a
relationship. However, for willingness to transact, all three elements could be confirmed to
have a relationship. Still, knowledge based trust and cognition based trust displayed much
higher path loadings compared to institutional trust when relating to willingness to transact –
this displays a parallel behaviour to that of its relationship with willingness to disclose.
We have extended a possible reasoning behind this phenomenon during discussion of the
hypothesis testing, and stated that this would indicate vendor specific features, which are
responsible for formation of cognition based trust and knowledge based trust, are much more
crucial for a person to engage in a transaction. Even though we could establish a link between
institutional trust and willingness to transact, the weak linkage displayed that while a person’s
positive stance towards operating in an internet environment is a requirement, it is
nevertheless not a paramount criteria. Such criteria are the knowledge based and cognition
based trust formation factors.
Following the train of thought, we receive further confirmation from the finding that
knowledge based trust also has a more significant relationship with perceived risk compared
to cognition based trust. While this shows that vendor size, reputation, and familiarity all play
a role in customer assessment of risk of a vendor, reputation and familiarity take center stage
over any perception of size on the internet. Once again, institutional trust was found to have
no role in alleviating the risk perceived by the customer for a transaction. Now that internet
and accompanying security protocols have quite matured, and yet unable to impact customer
perception of risk by itself, we can only deduce that customers are not fully aware of
embedded security within browsers (the tool used) or they simply want more one to one
assurance that is provided by vendors.
While size and reputation were both found to have a significant path to cognition and
knowledge based trust, surprisingly we were unable to establish familiarity and its link to
knowledge based trust, as was propounded by theory (Doney and Cannon, 1997; Gefen
Karahanna Straub, 2003). There are however, two possible explanations for the lack of such a
239
relationship. Not all respondents were overtly familiar with the company taken for the study.
Even though they went through a familiarization process prior to submission of the
questionnaire for the study, it is conceivable that the time spent in familiarization was not
adequate for new users. McKnight et al (1998) identify that time and interaction history are
required for the development of trust. Lacking such an interaction history, it is perhaps natural
that familiarity would obtain a non-significant loading with respect to trust. While this could
be taken as a weakness of the study sample, this perhaps also denotes strength in design of the
study since we are able to capture this departure from theory based anticipation.
Secondly, the presence of multicollinearity may have clouded the presence of a relationship.
We have analyzed and discussed the multicollinearity present in the study, and concluded that
familiarity and reputation both display quite similar characteristics in case of an internet
vendor. Since both variables were leading to the latent variable knowledge based trust, and
since we were able to establish a strong relationship with reputation to knowledge based trust,
it is almost inevitable that familiarity will then display a lack of relationship where one in
effect exists.
Within antecedents of willingness to transact in the second order model, the newly proposed
variable location was confirmed as an antecedent to trust, and was linked to institutional trust.
Gefen Karahanna et al (2003) stress the importance of first impressions in cognition based
trust or trusting beliefs rather than personal experience. A site’s location if it contributes
towards forming first impressions would then classify it as an antecedent of cognition based
trust. On the other hand, McKnight Chervany et al (1998) have stressed upon trusting beliefs
that are formed through social categorization such as stereotyping and unit grouping. Brewer
and Silver (1978) highlight that within unit grouping group members are viewed in a more
positive light. By this definition, a site originating from a familiar or own country domain
would fall within the characteristics of this unit grouping. Morgan and Hunt (1994) also
identify that trustworthiness is often assessed through stereotyping. Such stereotyping can
take place in the context of the web through discriminating against originating locations. This
would then classify location with institutional trust since even within the internet, the trust
that is bestowed would depend upon ‘chunks’ of the internet that fall within specific country
domains, along with the resultant view an user already has regarding the region’s rules, and
legal frameworks; which can become crucial in case of possible restitution measures that may
be required.
240
7.2.3 On effect of willingness to disclose information online on willingness to transact
(RQ3):
As mentioned earlier, the research estimates virtually two models conjoined into a new one,
willingness to disclose information online (WP), as proposed in Awad Krishnan’s model
(2006) eventually hypothesized to be an antecedent of willingness to transact (WT). We were
however unable to obtain statistically significant result for such a path. We need to remember
that we were still able to establish relationships between WP to both knowledge based and
cognition based trust; and we were also able to establish paths between all three components
of trust and WT. Thus we have a scenario where trust and its sub-constructs are working as
antecedents to both WP and WT; where as there is no direct relationship between WP and
WT. in real terms, this would indicate that a person might be willing to disclose his
information as deemed required by him to a website, once satisfied through external cues such
as reputation, size of vendor, or even familiarity; however he or she may still refrain from
partaking in actual transactions. Thus disclosing information, perhaps for gaining membership
or information from a site does not necessarily translate into a transaction relation with the
site. One aspect of the intertwined relationships we should remember is that no relation could
be established between WP and perceived risk, where as in case of WT, we do have the
presence of such a relationship. In both cases, we have the components of knowledge based
and cognition based trust as the common denominators, with perceived risk being an added
factor in case of WT. it leads us to surmise that in today’s internet environment, a customer
does not perceive any added risk in disclosing information only, compared to his heightened
stakes in a transaction. This could well be due to his level of comfort already embedded in
daily internet usage. The question then remains how to manipulate this willingness to disclose
information and convert it into a willingness to transact. The component that is left to address
in such a matrix is perceived risk. We can proposition that measures taken to highlight this
leftover component, even at such an initial phase of gathering information for signing up
members where perhaps even the company itself does not anticipate any business, and any
perceived ‘cons’ associated with the component and measures taken proactively to address
them, might in fact induce the signatory potential customer into becoming an actual one.
241
7.3 Theoretical contributions:
The perceived theoretical contributions attributable to this study have been deliberated upon
within earlier sections, and are briefly summarised below, followed by the managerial
implications of the findings.
x Development of a holistic model looking into antecedents of willingness to transact.

The model stands out from earlier research as it brings together the privacy oriented
factors and the trust oriented factors, based upon theoretical positions. The attempt,
however small, to try and lessen this unwarranted dichotomy is perhaps the most
important contribution of this research work.
x In contrast to earlier research, trust is treated as a multi-faceted construct allowing for

greater granularity in investigations.
x Three types of trust are identified as being core to the formation of transactional
behaviour on the internet.
x Two types of trust, cognition based and knowledge based, are identified as being
related to information disclosure behaviour.
x Familiarity and reputation have been found to inherently share similar characteristics
in the context of interaction with an online vendor. Where there is a lesser degree of
time and interaction history, reputation is found to be a surrogate of familiarity.
x Two distinct privacy concerns, type A being privacy concern for involuntary
disclosures and type B being privacy concerns for voluntary disclosures, have been
proposed and validated, as opposed to privacy concern being a unidimensional
construct as treated in earlier research.
x A new variable ‘originating location’ was proposed based upon the earlier Licentiate
work. This was documented within study A presented in this research. This variable
242
was further tested empirically, and was found to be a valid antecedent of institutional
trust.
x A new and comprehensive typology of trust was formulated specific to the online trust
related behavioural context.
x The applicability of cognitive mapping as a tool in qualitative research was tested and
further validated as its results were confirmed through quantitative methods at a latter
stage.
x No significant relationship could be established between familiarity and knowledge

based trust. A possible explanation with theoretical justification has been provided
within the study and the conclusion section.
x Contrary to existing earlier theoretical propositions, no significant effect of perception

of vulnerability was found upon perceived risk. A possible theoretical explanation has
been extended.
x No link could be found between previous privacy invasion and consequent willingness
to disclose information. This was one of the propositions of the Awad Krishnan
model.
7.4 Managerial implications:
Several recommended courses of action could be prescribed based upon the findings of
the study. As has been said before, one of the purposes of the study is to come up with a
set of strategic leverage points, which managers and corporations can utilize to both
reassure and retain customers.
Trust has repeatedly been identified as a precursor to any meaningful transaction. Within
this study, we have seen the crucial role trust plays even with respect to willingness to
disclose information, which is a company’s first interaction point with a potential member
or customer. While calculative trust was not a focus of research within this study, it was
243
made abundantly clear that institutional, cognitive, and knowledge based trust all have a
substantial part in molding customer opinion and intentions. Since purchase intentions can
be linked to actual purchase, managers do need to focus upon fostering trust in a
customer.
There is little companies can do regarding institutional trust, or trust in the internet itself.
It is an everchanging and fluid infrastructure that is also maturing, and patching itself up
on an ongoing basis. As internet and its inherent security infrastructure develops and
becomes more and more sophisticated due to market needs, the fallout effect can be
enjoyed by all without any extra efforts. However, the same cannot be said regarding
cognition based trust and knowledge based trust.
Even though internet is often touted as a global playing field without boundaries for
businesses where a store based in an attic can take on a giant on equal footing, some old
rules of business do appear to still apply. Perception about a company’s size is found to
instil a sense of trust in a potential customer, even on the internet. Thus unless a company
is mid to large sized, it may be wise not to advertise the detail in its site. If a company is
held at a disadvantage due to being small and this factor has to be made public at its site,
there may be other external cues the company can rely on to counter its effect. Such cues
are reputation for a first time customer, and familiarity for a returning customer.
Reputation was found to have a strong relationship to knowledge based trust, and as such
publicity efforts should be focused not just on the products, but towards raising the profile
of the company itself in the market, to distinguish it from the countless others perhaps all
selling the same product. To put it succinctly, now that we have empirically estimated it -
on the internet, reputation sells.
Whether a person has a bad experience from previous privacy invasion appears to have
little or no impact on other deciding factors. Privacy policies that are devised to assuage
such fears of customers also have no direct impact on whether a visitor becomes a
customer. If the aim of a company is to garner solely information, it is recommended that
they do employ properly worded privacy policies in place, as they are anticipated by
customer whether they are read or not.
244
A new construct ‘originating location’ was introduced in this study. The construct was
first proposed by the author in his earlier Licentiate work, and it was further tested in this
research and found to be a valid construct. This construct places a considerable import on
the choice of the top level domain name (TLD) of a corporate website. With theoretical
support embedded in the characteristics of ‘stereotyping’ and ‘user grouping’ (Morgan,
Hunt, 1994) this study found that there is considerable evidence of respondents preferring
websites whose domains fall within their own ‘clique’. Such preference for a country
specific domain was exhibited over even the ubiquitous ‘.com’ domain. This finding can
have both a savoury and unsavoury effect upon a company, depending on the chosen
course.
For corporations operating in clannish regions (for example, Scandinavia or Benelux), it is

advisable to operate with a country specific domain that helps it identify more with the
region and its inhabitants. The perceived ‘qualities’ of a region are found to be transferred
or superimposed upon a company that identifies itself accordingly, and the domain
address is a company’s first line of identifier. A less drastic option could be to opt for a
domain name that is not country specific, yet still identifies it to be operating principally
out of the European arena, for example domains ending with .eu and .nu. It should be
remembered that the sample used in reaching these conclusions were substantially of
European extract, and as such it is hard to generalize for other parts such as the Americas
or Asia.
7.5 Avenues for further research:
This study was initiated recognizing a need for research into an area that theoretically
warranted an aggregated and much closer look. This study has attempted to look at the
antecedents of willingness to disclose information and willingness to transact online.
Several seminal researches have hinted at the plausibility of combining the two realms,
and taking a closer look at whether the former does indeed have an effect on the latter. In
a departure from earlier research, we have also deconstructed trust from its more ethereal
form into more specific and role defined sub-constructs, extending earlier findings.
Finally, we were able to propose and empirically estimate a research model that conjoins
both trust and privacy concern factors leading to willingness to transact, enabling us to
achieve a much more holistic view of the entire transaction process. It is hoped that the
245
findings would help enterprises to achieve a more granular view of customers and a
deeper understanding of the process starting from potential customer eyeball to eventual
conversion into paying customer. The results suggest a few opportunities where further
research may be conducted:
x A scale was developed to empirically test the newly proposed variable originating
location. While the scale passed reliability testing, there can be scope for enriching
the scale items.
x While a firm relationship could be established between location and trust, further
replicative study is suggested to establish the finding.
x Reputation was found to be a surrogate of familiarity in absence of long term prior
exposure between customer and company. Further quantitative study is suggested
to revalidate and explore the finding more minutely.
x For our sample set, no substantive relation could be found between willingness to
transact and willingness to disclose. However, there are a few theoretical
propositions to such effect. Further study is suggested towards exploring this
claim.
x The study can be extended by retesting the applicability of the proposed research
model in other service areas of online shopping.
x The study was conducted with a company as subject that provided an intangible
service to customers, i.e. voice over ip solutions. The applicability of the model
can be tested against companies selling tangible goods over the internet to judge
whether the application context has an impact on the influence exerted by trust and
perceived risk.
246
References
Ackerman, M. S., Cranor, L. F., and Reagle, J.: “Privacy in E-commerce: Examining User
Scenarios and Privacy Preferences”. First ACM Conference on Electronic Commerce,
Denver, CO (1999) 1-8,
Agarwal R.1; Prasad J. “The antecedents and consequents of user perceptions in information
technology adoption”, Decision Support Systems, Volume 22, Number 1, January 1998, pp.
15-29(15)
Andrade, E., Kaltcheva, V., Weitz, B., ” Self-Disclosure On The Web: The Impact Of Privacy
Policy, Reward, And Company Reputation”, ACR Proceedings, 2001.
Awad, N.F., Krishnan, M.S., "The Personalization Privacy Paradox: An Empirical Evaluation
of Information Transparency and the Willingness to be Profiled Online for Personalization,"
MIS Quarterly, vol. 30 no. 1, pp. 13-28, 2006.
Babakus, E, Mangold, W.G., “Adapting the SERVQUAL scale to hospital services: An

empirical investigation”, Health Services Research, (26:6), pp. 767-786. 1992,
Bhattacherjee, A.,. Individual trust in online firms: scale development and initial trust. Journal
of Management Information Systems 19 (1), 213–243. 2002
Braþun, F., Consumer’s and merchant’s confidence in Internet payments, Management,. (8:
2), pp. 1-29, 2003
Bollen, K.A., “Overall fit in covariance structure models : Two types of sample size effects”,
Psychological Bulletin, (107:2), 256-259.
Chau, P., Cole, M., Massey, A., Montoya- Weiss, M, O’Keefe, R, “Cultural differences in the
online behavior of consumers”, Communications of the ACM, (45:10), Pages: 138 – 143,
2002
247
Chin, W., “Issues and opinion on structural Equation Modelling”, Management Information
Systems, Quarterly, Vol. 22 No. 1, 1998.
Chin, W., Todd, P.A., “On the Use, Usefulness, and Ease of Use of Structural Equation
Modelling in MIS Research: A Note of Caution,” MIS Quarterly, Vol. 19 No. 2, 1995.
Collier, J, Bienstock, C, “Measuring service quality in e-retailing”, Journal of service

research, 8, pp. 260-275.
Crocker, S.D., & Stevenson, R.B., Jr. Paying up: Payment systems for digital commerce. In
D. Leebaert, (Ed.), The future of the electronic marketplace (pp. 303-333). Cambridge, MA:
The MIT Press. 1999
Culnan, M. J. How did they get my name?: An exploratory investigation of consumer

attitudes toward secondary information use. MIS Quarterly, 17, pp. 341-361.1993
Culnan, M. J., and, Armstrong, P. K. “Information Privacy Concerns, Procedural Fairness,

and Impersonal Trust: An Empirical Investigation,” Organization Science (10:1), 1999, pp.
104-115.
Das, T. K., & Teng, B. Between trust and control: Developing confidence in partner
cooperation in alliances. Academy of Management Review, 23: 491–512. 1998
Dhillon, G.S. & Moores, T.T.. Internet privacy: Interpreting key issues. Information
Resources Management Journal, 14(4), pp.33-37., 2001
Dinev T and Hart P Privacy concerns and Internet use – a model of trade-off factors. In Best
Paper Proceedings of Annual Academy of Management Meeting, Seattle. 2003
Dinev, T., and, Hart, P. “Internet Privacy Concerns and Trade-Off Factors: Empirical Study
and Business Implications,” Working Paper, Florida Atlantic University, 2002.
248
Dinev, T., Hart, P., "Internet Privacy Concerns and their Antecedents – Measurement Validity
and a Regression Model," Behaviour and Information Technology (23:6), November -
December 2004, pp. 413-422.
Dommeyer, C.J., And Gross, B.L.;, What Consumers Know And What They Do: An
Investigation Of Consumer Knowledge, Awareness, And Use Of Privacy Protection
Strategies, Journal Of Interactive Marketing, Vol. 17, No. 2. 2003
Donney, P.M., and Cannon P., An Examination of the Nature of Trust in Buyer-Seller
Relationships, Journal of Marketing, (61), pp. 35-51.1997
Edward L. Glaeser; David I. Laibson; Jose A. Scheinkman; Christine L. Soutter, “Measuring

Trust”, The Quarterly Journal of Economics, (115:3). 2000, pp. 811-846.
Equifax. “Harris-Equifax Consumer Privacy Survey,” Equifax, Inc,Atlanta, GA, 1996.
Faja, S., “Privacy In E-Commerce: Understanding User Trade-Offs,” Issues in Information

Systems, (6:2),. pp. 83-89, 2005
Fombrun, Charles. J.. Reputation: Realizing value from the corporate image. Boston, Harvard
Business School Press. 1996
Friedman, B., Kahn, P., Howe, D.,” Trust online.” Communications of the ACM. Volume 43,
Number 12 (2000), Pages 34-40.
Fusilier, M. R., & Hoyer, W. D.. Variables affecting perceptions of invasion of privacy in
personnel selection situations.Journal of Applied Psychology, 65, 623–626. 1980
Gefen, D., “Customer Loyalty in E-Commerce”, Journal of the Association for Information
Systems (Volume 3, 2002) 27-51
Gefen, D.,. E-commerce: the role of familiarity and trust. Omega: The International Journal of
Management Science 28, 725–737.2000
249
Gefen, D., Karahanna, E. and Straub, D. W. ‘Trust and TAM in Online Shopping: An
Integrated Model’, MIS Quarterly 27(1): 51–90. 2003
Giddens, A. The Consequence of Modernity, Stanford, 1990.
Gilliom, J. Overseers of the poor. Chicago : University of Chicago Press, 2001
Goodwin, C. Privacy: Recognition of a Consumer Right, Journal of Public Policy &

Marketing, 10(1), pp.149-166., 1991
Grabner-Krauter, S,, Kaluscha, E.A., Empirical research in on-line trust: a review and Critical
assessment, International Journal of Human-Computer Studies 58 2003 783–812
Hair, J, Money, A.H., Samouel, P., Page, M., , Research Methods for Business., John Wiley
& Sons. 2007
Hair, J. F. J., Anderson, R. E., Tatham, R. L., and Black, W. C. Multivariate Data Analysis
with Readings, Prentice Hall, Englewood Cliffs, NJ, 1998.
Harris, L., and Westin, A. F. E-commerce and Privacy: What Net Users Want, Privacy and
American Business, Hackensack, NJ, 1998.
Hoffman, D. L., Novak, T. P. and Peralta, M. ‘Building Consumer Trust Online’,

Communications of the ACM 42(4): 805, 1999
Jarvenpaa, S. L. and Tractinsky, N. ‘Consumer Trust in an Internet Store: A Cross-Cultural

Validation’, Journal of Computer Mediated Communication 5(2) December. 1999
Jarvenpaa, S. L., Tractinsky, N. and Vitale, M. ‘Consumer Trust in an Internet Store’,

Information Technology and Management 1(1/2): 45–71.2000
Karahanna, E., Straub, D. W., and Chervany, N. L. “Information Technology Adoption

Across Time: A Cross-Sectional Comparison of Pre- Adoption and Post-Adoption Beliefs,”
MIS Quarterly (23:2), 1999, pp. 183-213.
250
Kini, A., Choobineh, J., Trust in electronic commerce: Definition and theoretical
considerations, in: 32nd Annual Hawai’i International Conference on System Sciences (IEEE
Computer Society Press, Kona Coast, HI, 1998.
Lewis, J.D.; Weigert, A., Trust as a Social Reality, Social Forces, Vol. 63, No. 4. (Jun., 1985),
pp. 967-985.
Luhmann, N., “Familiarity, confidence, trust: problems and alternatives”, In D. Gambetta

(ed.), Trust: Making and Breaking Cooperative Relations, New York: Blackwell, pp. 94-
107.1988
Mascarenhas, O.A.J., Kesavan, R., And Bernacchi; Co-Managing Online Privacy: A Call For
Joint Ownership, Journal Of Consumer Marketing, Vol. 20, No. 7, Pp 686-702. 2003
Mayer, R. J.; Davis, J. H.; and Schoorman, F. D “An integrative model of organizational
trust”, Academy of Management Review, Vol. 20, No. 3, pp. 709-734. 1995
McAllister, D.J., “Affect and Cognition based trust as foundations for interpersonal
cooperation in organizations”, The Academy of Management Journal, (38:1), 1995, pp. 24-59.
McKnight, D.H., Chervany, N.L. Conceptualizing Trust: A Typology and E-Commerce

Customer Relationships Model, Proceedings of the 34th Hawaii International Conference on
System Sciences - 2001
McKnight, D.H., Chervany, N.L., What trust means in E-commerce customer relationships:
an interdisciplinary conceptual typology, International Journal of Electronic Commerce 6 (2),
2001/2002, pp. 35-59.
McKnight, D.H., Choudhury, V., Kacmar, C., Developing and Validating Trust Measures for
e-Commerce: An Integrative Typology, Information Systems Research, v.13 n.3, p.334-359,
September 2002
251
McKnight, D.H., Choudhury, V., Kacmar, C., The impact of initial consumer trust on
Intentions to transact with a web site: a trust building model, Journal of Strategic Information
Systems 11 (3/4), 2002, pp. 297-323.
McKnight, D.H., Cummings, L.L., Chervany, N.L., “Initial trust formation in new
organizational relationships”, The academy of Management Review, (23:3), 1998, pp. 473-
490
Metzger, M.J., (2004), Privacy, trust and disclosure: exploring barriers to electronic
commerce, Journal of Computer Mediated Communication, Vol. 9, No. 4.
Milne, G.R. & Gordon, M.E. Direct mail privacy–efficiency trade-offs with an implied social
contract framework. Journal of Public Policy and Marketing, 12(2), pp. 206-215. 1993
Palmer, J. W.; Bailey, J. P.; and Faraj, S., "The Role of Intermediaries in the Development of
Trust on the WWW: The Use and Prominence of Trusted Third Parties and Privacy
Statements," JCMC, (5:3) 2000
Pavlou, P. A. ‘Institution-based Trust in Inter-organizational Exchange Relationships: The

Role of Online B2B Marketplaces on Trust Formation’, Journal of Strategic Information
Systems 11(3–4): 215–43. 2002
Pavlou, P. A. “Consumer acceptance of electronic commerce: integrating trust and risk with
the technology acceptance model”, International Journal of Electronic Commerce, Vol. 7, No.
3, pp. 69-103. 2003
Phelps, J. Novak, G. & Ferrell, E. “Privacy Concerns and Consumers Willingness to Provide
Personal Information,” Journal of Public Policy & Marketing, 19, 27-41. 2000
Quelch, J. A., & Klein, L. R. The Internet and international marketing. Sloan Management
Review, 37, Vol. 3, 60-75. (1996).
R.M. Morgan and S.D. Hunt, The commitment–trust theory of relationship marketing, Journal
of Marketing (July 1994) 20–38.
252
Ratnasingham, P., and Kumar, K. “Trading partner trust in electronic commerce
participation”, in: S. Ang, H. Krcmar, W. Orlikowski, P. Weil, and J. DeGross (eds.),
Proceedings of the Twenty-first International Conference on Information Systems, Brisbane:
Australia: Association for Information Systems, pp. 544-552. (2000),
Shapiro, S. P. ‘The Social Control of Impersonal Trust’, American Journal of Sociology

93(3): 623–58. 1987
Sheehan, K.B.. Toward a typology of Internet users and online privacy concerns. The
Information Society, 18, pp. 21-32. 2002
Sheehan, K.B., Hoy, M.G, “ Dimensions of privacy concern among online consumers”,
Journal of Public Policy and marketing, (19:1), pp. 62-73.2002
Sheppard, B., Hartwick, J., Warshaw, P.R., “The Theory of Reasoned Action: A Meta-
Analysis of Past Research with Recommendations for Modifications and Future Research”,
Journal of consumer research, (15:3), 325-343, 1988.
Sitkin, S. B., & Pablo, A. L. Reconceptualizing the determinants of risk behavior. Academy
of Management Review, 17, 9-38. 1992
Venkatesh, V, Davis, F., “A Theoretical Extension of the Technology Acceptance Model:

Four Longitudinal Field Studies”, Management Science; Feb2000, Vol. 46 Issue 2, p186-205.
Wang, H., Lee, Wang C. Consumer Privacy Concerns about Internet Marketing,
Communications of the ACM, 41 (3), pp.63-70. 1998
Wang, P. and Petrison L.A., Direct marketing activities and personal privacy: A consumer
survey, ft. Direct Marketing 7, 1, 7-19. 1993
Westin, A. F. Commerce, Communication, and Privacy Online, Center for Social and Legal
Research, Hackensack, NJ, 1997.
253
254
Appendix I
Missing value replacement table within variables
Missing
Result Values First Last Valid Creating
Variable Replaced Non-Miss Non-Miss Cases Function
PC1_1 0 1 323 323 SMEAN(PC1)

PC2_1 1 1 323 323 SMEAN(PC2)
PC3_1 0 1 323 323 SMEAN(PC3)
PC4_1 1 1 323 323 SMEAN(PC4)
PC5_1 0 1 323 323 SMEAN(PC5)
PC6_1 1 1 323 323 SMEAN(PC6)
PC7_1 1 1 323 323 SMEAN(PC7)
CI1_1 0 1 323 323 SMEAN(CI1)
CI2_1 1 1 323 323 SMEAN(CI2)
CI4_1 0 1 323 323 SMEAN(CI4)
PV1_1 0 1 323 323 SMEAN(PV1)
PV2_1 0 1 323 323 SMEAN(PV2)
PV3_1 0 1 323 323 SMEAN(PV3)
PV4_1 1 1 323 323 SMEAN(PV4)
PV6_1 2 1 323 323 SMEAN(PV6)
PV7_1 2 1 323 323 SMEAN(PV7)
IT1_1 5 1 323 323 SMEAN(IT1)
IT2_1 3 1 323 323 SMEAN(IT2)
IT3_1 3 1 323 323 SMEAN(IT3)
IT4_1 3 1 323 323 SMEAN(IT4)
PP1_1 3 1 323 323 SMEAN(PP1)
T2_1 6 1 323 323 SMEAN(T2)
T4_1 5 1 323 323 SMEAN(T4)
T6_1 8 1 323 323 SMEAN(T6)
PI1_1 5 1 323 323 SMEAN(PI1)
LC1_1 5 1 323 323 SMEAN(LC1)
LC2_1 4 1 323 323 SMEAN(LC2)
LC3_1 6 1 323 323 SMEAN(LC3)
F1_1 5 1 323 323 SMEAN(F1)
F2_1 6 1 323 323 SMEAN(F2)
F3_1 5 1 323 323 SMEAN(F3)
F4_1 5 1 323 323 SMEAN(F4)
SV1_1 7 1 323 323 SMEAN(SV1)
255
SV2_1 7 1 323 323 SMEAN(SV2)
SV3_1 7 1 323 323 SMEAN(SV3)
RV1_1 7 1 323 323 SMEAN(RV1)
RV2_1 7 1 323 323 SMEAN(RV2)
RV3_1 7 1 323 323 SMEAN(RV3)
T10_1 9 1 323 323 SMEAN(T10)
T11_1 8 1 323 323 SMEAN(T11)
T12_1 8 1 323 323 SMEAN(T12)
T13_1 8 1 323 323 SMEAN(T13)
T14_1 9 1 323 323 SMEAN(T14)
T7_1 7 1 323 323 SMEAN(T7)
T8_1 9 1 323 323 SMEAN(T8)
T9_1 9 1 323 323 SMEAN(T9)
PR1_1 7 1 323 323 SMEAN(PR1)
PR2_1 6 1 323 323 SMEAN(PR2)
PR3_1 6 1 323 323 SMEAN(PR3)
WT5_1 9 1 323 323 SMEAN(WT5)
WT6_1 7 1 323 323 SMEAN(WT6)
WT7_1 9 1 323 323 SMEAN(WT7)
WP1_1 7 1 323 323 SMEAN(WP1)
WP2_1 6 1 323 323 SMEAN(WP2)
Appendix II
Inter-item descriptives and Correlation Matrices
Mean Std Dev Cases
1. PC1_1 3,3065 1,2116 323,0

2. PC2_1 3,6056 1,1622 323,0
3. PC3_1 2,6594 1,3170 323,0
4. PC4_1 2,7578 1,3480 323,0
5. PC5_1 3,3406 1,2317 323,0
6. PC6_1 2,9441 1,2298 323,0
7. PC7_1 3,3261 1,2742 323,0
Correlation Matrix
PC1_1 PC2_1 PC3_1 PC4_1 PC5_1
256
PC1_1 1,0000
PC2_1 ,6865 1,0000
PC3_1 ,4237 ,4915 1,0000
PC4_1 ,3394 ,4312 ,6898 1,0000
PC5_1 ,4397 ,5163 ,4201 ,4646 1,0000
PC6_1 ,2765 ,3882 ,3393 ,3438 ,7158
PC7_1 ,2154 ,3829 ,3280 ,3216 ,4831
PC6_1 PC7_1
PC6_1 1,0000
PC7_1 ,5190 1,0000
Mean Std Dev Cases
1. CI1_1 3,6285 1,1025 323,0

2. CI2_1 3,6491 1,0797 323,0
3. CI4_1 3,3870 1,1042 323,0
Correlation Matrix
CI1_1 CI2_1 CI4_1
CI1_1 1,0000
CI2_1 ,6833 1,0000
CI4_1 ,4322 ,4259 1,0000
Mean Std Dev Cases
1. PV1_1 3,2601 1,3469 323,0

2. PV2_1 3,8978 1,1112 323,0
3. PV3_1 3,8916 1,2020 323,0
4. PV4_1 3,7671 1,2127 323,0
257
5. PV6_1 3,4922 1,2364 323,0
6. PV7_1 3,6355 1,1371 323,0
Correlation Matrix
PV1_1 PV2_1 PV3_1 PV4_1 PV6_1
PV1_1 1,0000
PV2_1 ,5075 1,0000
PV3_1 ,5162 ,7543 1,0000
PV4_1 ,5106 ,6143 ,6862 1,0000
PV6_1 ,3518 ,5634 ,5731 ,4565 1,0000
PV7_1 ,2953 ,4425 ,4558 ,3776 ,5233
PV7_1
PV7_1 1,0000
Mean Std Dev Cases
1. IT1_1 3,8868 1,0335 323,0

2. IT2_1 3,6344 1,1505 323,0
3. IT3_1 4,2531 ,9267 323,0
4. IT4_1 4,1031 ,9646 323,0
Correlation Matrix
IT1_1 IT2_1 IT3_1 IT4_1
IT1_1 1,0000
IT2_1 ,6445 1,0000
IT3_1 ,5122 ,5174 1,0000
IT4_1 ,5810 ,6410 ,6346 1,0000
Mean Std Dev Cases
258
1. T2_1 2,8265 1,0624 323,0
2. T4_1 2,9371 ,9337 323,0
3. T6_1 2,5302 1,1454 323,0
Correlation Matrix
T2_1 T4_1 T6_1
T2_1 1,0000
T4_1 ,4863 1,0000
T6_1 ,6570 ,4258 1,0000
Mean Std Dev Cases
1. T10_1 3,1975 ,6541 323,0

2. T11_1 3,4349 ,7710 323,0
3. T12_1 3,4635 ,9463 323,0
4. T13_1 3,3270 ,9280 323,0
5. T14_1 3,3694 ,9443 323,0
6. T7_1 3,3924 ,8140 323,0
7. T8_1 3,2325 ,7309 323,0
8. T9_1 3,1274 ,7156 323,0
Correlation Matrix
T10_1 T11_1 T12_1 T13_1 T14_1
T10_1 1,0000
T11_1 ,4191 1,0000
T12_1 ,3044 ,2609 1,0000
T13_1 ,3284 ,2960 ,6688 1,0000
T14_1 ,2629 ,3352 ,6069 ,7852 1,0000
T7_1 ,5606 ,4408 ,4779 ,5199 ,4952
T8_1 ,4907 ,4823 ,3251 ,4278 ,4126
T9_1 ,5632 ,3757 ,2229 ,3231 ,2809
259
T7_1 T8_1 T9_1
T7_1 1,0000
T8_1 ,6297 1,0000
T9_1 ,5089 ,5205 1,0000
Mean Std Dev Cases
1. T2_1 2,8265 1,0624 323,0

2. T4_1 2,9371 ,9337 323,0
3. T6_1 2,5302 1,1454 323,0
4. T10_1 3,1975 ,6541 323,0
5. T11_1 3,4349 ,7710 323,0
6. T12_1 3,4635 ,9463 323,0
7. T13_1 3,3270 ,9280 323,0
8. T14_1 3,3694 ,9443 323,0
9. T7_1 3,3924 ,8140 323,0
10. T8_1 3,2325 ,7309 323,0
11. T9_1 3,1274 ,7156 323,0
Correlation Matrix
T2_1 T4_1 T6_1 T10_1 T11_1
T2_1 1,0000
T4_1 ,4863 1,0000
T6_1 ,6570 ,4258 1,0000
T10_1 ,1463 ,1737 ,1372 1,0000
T11_1 ,0764 ,0768 ,0103 ,4191 1,0000
T12_1 ,2225 ,1644 ,1219 ,3044 ,2609
T13_1 ,2072 ,1679 ,1171 ,3284 ,2960
T14_1 ,1767 ,2302 ,0537 ,2629 ,3352
T7_1 ,1665 ,1815 ,0969 ,5606 ,4408
T8_1 ,0708 ,1526 ,0994 ,4907 ,4823
T9_1 ,0729 ,0813 ,1081 ,5632 ,3757
T12_1 T13_1 T14_1 T7_1 T8_1
260
T12_1 1,0000
T13_1 ,6688 1,0000
T14_1 ,6069 ,7852 1,0000
T7_1 ,4779 ,5199 ,4952 1,0000
T8_1 ,3251 ,4278 ,4126 ,6297 1,0000
T9_1 ,2229 ,3231 ,2809 ,5089 ,5205
T9_1
T9_1 1,0000
Mean Std Dev Cases
1. LC1_1 3,4465 1,1986 323,0

2. LC2_1 3,8150 1,1007 323,0
3. LC3_1 3,5584 1,1286 323,0
Correlation Matrix
LC1_1 LC2_1 LC3_1
LC1_1 1,0000
LC2_1 ,6835 1,0000
LC3_1 ,4786 ,5671 1,0000
Mean Std Dev Cases
1. F1_1 2,9906 1,5393 323,0

2. F2_1 2,8233 1,4892 323,0
3. F3_1 3,0377 1,4739 323,0
4. F4_1 3,2013 1,4544 323,0
Correlation Matrix
261
F1_1 F2_1 F3_1 F4_1
F1_1 1,0000
F2_1 ,7507 1,0000
F3_1 ,7037 ,7877 1,0000
F4_1 ,7527 ,7269 ,8353 1,0000
Mean Std Dev Cases
1. SV1_1 3,5348 ,9885 323,0

2. SV2_1 3,7658 ,9631 323,0
3. SV3_1 2,3251 ,9373 323,0
Correlation Matrix
SV1_1 SV2_1 SV3_1
SV1_1 1,0000
SV2_1 ,5891 1,0000
SV3_1 -,2687 -,4211 1,0000
Mean Std Dev Cases
1. SV1_1 3,5348 ,9885 323,0

2. SV2_1 3,7658 ,9631 323,0
3. SV3_1REV 3,6749 ,9373 323,0
Correlation Matrix
SV1_1 SV2_1 SV3_1REV
SV1_1 1,0000
SV2_1 ,5891 1,0000
SV3_1REV ,2687 ,4211 1,0000
262
Mean Std Dev Cases
1. RV1_1 3,5158 ,8505 323,0

2. RV2_1 3,4209 ,8322 323,0
3. RV3_1 4,0949 ,9210 323,0
Correlation Matrix
RV1_1 RV2_1 RV3_1
RV1_1 1,0000
RV2_1 ,5984 1,0000
RV3_1 ,3748 ,3905 1,0000
Mean Std Dev Cases
1. PR1_1 3,4114 ,7362 323,0

2. PR2_1 3,4416 ,7480 323,0
3. PR3_1 3,2555 ,8196 323,0
Correlation Matrix
PR1_1 PR2_1 PR3_1
PR1_1 1,0000
PR2_1 ,7072 1,0000
PR3_1 ,5696 ,6546 1,0000
Mean Std Dev Cases
1. WT5_1 3,0223 1,1937 323,0

2. WT6_1 2,8449 1,1575 323,0
3. WT7_1 3,2548 1,1631 323,0
263
Correlation Matrix
WT5_1 WT6_1 WT7_1
WT5_1 1,0000
WT6_1 ,8071 1,0000
WT7_1 ,7191 ,7168 1,0000
Mean Std Dev Cases
1. WP1_1 3,0063 1,1393 323,0

2. WP2_1 2,2808 1,2133 323,0
Correlation Matrix
WP1_1 WP2_1
WP1_1 1,0000
WP2_1 ,4818 1,0000
264
Appendix III
Histograms of distributions with normal curve
Histograms
PC_SUM CI_SUM
100 100
80 80
60 60
40 40
Frequency
Frequency
20 20
Std. Dev = ,90 Std. Dev = ,90
Mean = 3,13 Mean = 3,56
0 N = 323,00 0 N = 323,00
1,00 2,00 3,00 4,00 5,00 1,00 2,00 3,00 4,00 5,00
1,50 2,50 3,50 4,50 1,50 2,50 3,50 4,50
PC_SUM CI_SUM
PV_SUM IT_SUM
80 100
80
60
60
40
40
20
Frequency
Frequency
20
Std. Dev = ,93 Std. Dev = ,85
Mean = 3,66 Mean = 3,97
0 N = 323,00 0 N = 323,00
1,00 2,00 3,00 4,00 5,00 1,00 2,00 3,00 4,00 5,00
1,50 2,50 3,50 4,50 1,50 2,50 3,50 4,50
PV_SUM IT_SUM
265
PP_SUM T_SUM
160 80
140
120 60
100
80 40
60
20
40
Frequency
Frequency
Std. Dev = ,53

Std. Dev = 1,05
20 Mean = 3,17
Mean = 4,0
0 N = 323,00
0 N = 323,00
1,
1, 5
1, 0
2, 5
2, 0
2, 5
2, 0
3, 5
3,
3, 5
3, 0
4, 5
4, 0
4, 5
4, 0
1,0 2,0 3,0 4,0 5,0
2
5
7
0
2
5
7
00
2
5
7
0
2
5
75
PP_SUM T_SUM
PI_SUM L_SUM
140 80
120
60
100
80
40
60
40 20
Frequency
Std. Dev = ,97

Frequency
Std. Dev = 1,29 Mean = 3,61

20
Mean = 2,3 0 N = 323,00
0 N = 323,00 1,00 2,00 3,00 4,00 5,00
1,0 2,0 3,0 4,0 5,0 1,50 2,50 3,50 4,50
PI_SUM L_SUM
266
F_SUM SV_SUM
70 100
60
80
50
60
40
30
40
20
Frequency
Std. Dev = 1,35 Frequency 20

Std. Dev = ,76
10
Mean = 3,01 Mean = 3,66
0 N = 323,00 0 N = 323,00
1,00 2,00 3,00 4,00 5,00 1,50 2,50 3,50 4,50
1,50 2,50 3,50 4,50 2,00 3,00 4,00 5,00
F_SUM SV_SUM
RV_SUM PR_SUM
120 140
120
100
100
80
80
60
60
40
40
Frequency
Frequency
20 Std. Dev = ,69 Std. Dev = ,67

20
Mean = 3,68 Mean = 3,37
0 N = 323,00 0 N = 323,00
1,00 2,00 3,00 4,00 5,00 1,50 2,50 3,50 4,50
1,50 2,50 3,50 4,50 2,00 3,00 4,00 5,00
RV_SUM PR_SUM
267
WT_SUM WP_SUM
100 100
80 80
60 60
40 40
Frequency
Frequency
20 20
Std. Dev = 1,07 Std. Dev = 1,01
Mean = 3,04 Mean = 2,64
0 N = 323,00 0 N = 323,00
1,00 2,00 3,00 4,00 5,00 1,00 2,00 3,00 4,00 5,00
1,50 2,50 3,50 4,50 1,50 2,50 3,50 4,50
WT_SUM WP_SUM
268
Appendix IV
Demographic representations
Population by sex
Fem ale
34,4%
Male
65,6%
Population sample by age

160
140
120
100
80
60
40
Count
20
0
19-24 30-34 40-44 50 and above
25-29 35-39 45-49 Other
Age
269
Population sample residency
1%
0%
1% 0%
8% 2%0% 4%
1% 1%
82%
India Dubai USA Canada

Australia Sweden Norway Germany
Bangladesh UK Iran
270
Appendix
Population by educational level
1,5%
Completed secondary
Undergraduate studen
8,0%
22,6%
Masters completed
18,3%
Undergraduate comple
5,6%
Post graduate studen
13,3% Masters student
Other professional d 25,1%
2,8%
Other
2,8%
271
Appendix V
The survey and scale items
Privacy Concerns (PC)
Pc1 I am concerned about threats to my personal privacy today.

Pc2 I am concerned about threats to my personal privacy when using the Internet.
Pc3 When I am online, I have the feeling of being watched.
Pc4 When I am online, I have the feeling that all my clicks and actions are being tracked
and monitored
Pc5 I am concerned that a person can find the information about my personal details on
the internet.
Pc6 I am concerned that a person can find the information about my family information on
the internet.
Pc7 I am concerned that a person can find the information about my financial information
on the internet.
Control over information (CI)
CI1 I would only submit accurate and personal information at a website if the site allowed
me to control the information I volunteer
Ci2 I would only provide accurate and personal information at a website if the site allowed
me to control the information they can use
CI4 I would only provide accurate and personal information at a website if their control
policy is verified/monitored by a reputable third party
Perceived vulnerability (PV)
PV1 Records of transactions could be sold to third parties
PV2 Personal information submitted could be misused
PV3 Personal information could be made available to unknown individuals or companies

without my knowledge
PV4 Personal information could be made available to government agencies
PV6 Unauthorized charges could be made against credit card information submitted
PV7 Unethical use of credit card information is attractive to some companies
Information transparency (IT)
IT1 It is important to me to know whether a company will allow me to find out what
information about me they keep in their databases.
272
IT2 It is important to me whether a site tells me how long they will retain information they
collect from me.
IT3 It is important to me to know the purpose for which the site wants to collect info from
me.
IT4 It is important to me to know whether a site is going to use the information they collect
from me in a way that will identify me.
Privacy policy (PP)
PP1 It is important to me to know whether or not the site posts a privacy policy.
Trust (T)
T2 Internet websites are secure environments in which to conduct financial and business
transactions
T4 Internet website providers steadfastly hold to the privacy policies they publish on their
websites.
T6 Internet websites are safe and reliable places to exchange information with others.
T7 Based on my experience with Skype.com, I know it is honest
T8 Based on my experience with Skype.com, I know it cares about customers
T9 Based on my experience with Skype.com I know it is not opportunistic
T10 Based on my experience with Skype.com I know it is predictable.
T11 Based on my experience with Skype I know it knows its market
T12 Skype has nothing to gain by being dishonest in its interactions with me
T13 Skype.com has nothing to gain by not caring about me
T14 Skype.com has nothing to gain by not being knowledgeable when helping me.
Previous invasion of privacy (PI)
PI1 I have personally been the victim of what I felt was an invasion of privacy when using
the Internet.
Location (L)
LC1 A site's top level domain (for example, whether it end in .com, .se, or .net etc.) could
influence my willingness to transact with the site.
LC2 I prefer to transact with a site that has a top level domain more familiar to me.
LC3 A country specific top level domain of a site makes a difference as to its
trustworthiness.
273
Familiarity (F)
F1 I am familiar with the process of searching for call rates to other countries on Skype
web site
F2 I am familiar with the process of paying online for calling plans (buying "Skypeout") at
Skype.com
F3 I am familiar with signing up and retrieving my account informations on Skype
F4 Overall, I am familiar with Skype and how to use it
Size of vendor (SV)
SV1 Vf1 (recoded to Sv1 in analysis): Skype is a large company.
SV2 vf2 (recoded to Sv2 in analysis): Skype is one of the industry's biggest providers of
voice over IP service on the web.
SV3 vf3 (recoded to Sv3 in analysis): Skype is a small player in the IP telephony market.
Reputation of vendor (RV)
RV1 vf4 (recoded to Rv1 in analysis): Skype is known to be reputable.
RV2 vf6 (recoded to Rv2 in analysis): Skype.com is a dependable company.
RV3 vf7 (recoded to Rv3 in analysis): Skype.com is well known.
Perceived Risk (PR)
PR1 I would characterize the decision of whether to buy a product from Skype as
significant opportunity
PR2 I would characterize the decision of whether to buy a product from this company to
have a high potential for gain
PR3 I would characterize the likelihood of my making a good bargain by buying from Skype
as very likely
Willingness to transact (WT)
WT5 I intend on using Skype for some of my future purchases (voice over IP transactions
WT6 I am inclined to purchase Skype's services
WT7 I am likely to utilize the services provided by Skype
Willingness to be profiled online (WP)
274
WP1 If a site that you frequented asked you whether it could assign you an identification
number so that it could provide you with personalized service, you would agree
WP2 If a site that you frequented asked you whether it could assign you an identification
number so that it could provide you with personalized advertising, you would agree
Demographics (D)
D1 Sex (Male or female)
D2 Age
19-24
25-29
30-34
35-39
40-44
45-49
50 and above
Other
D3 Level of education completed
Completed secondary schooling
Undergraduate student or equivalent
Undergraduate completed
Masters student
Masters completed
Post graduate student or PhD
Other professional degree
Other
D4 Country where you currently live (Optional)
D5 Country of birth (Optional)
D7 How many countries have you visited? A rough estimate is ok too.
D8 Your email (Optional)
275

Atanu LTU DT 0765 SE

Enviado por

Dados do documento

Título original

Direitos autorais

Formatos disponíveis

Compartilhar este documento

Compartilhar ou incorporar documento

Opções de compartilhamento

Você considera este documento útil?

Este conteúdo é inapropriado?

Direitos autorais:

Formatos disponíveis

Atanu LTU DT 0765 SE

Enviado por

Direitos autorais:

Formatos disponíveis

2007:65

A Trust-Privacy Model of Customers’ Willingness to

Luleå University of Technology

2007:65|: -1544|: - -- 07⁄65 -- 

A TRUST-PRIVACY MODEL OF CUSTOMERS’ WILLINGNESS TO

Luleå University of Technology

My thanks go to my friends and colleagues at the Division of Industrial Marketing and E-

1.0 Introduction .......................................................................................................................... 1

Chapter 5 ................................................................................................................................ 113

Chapter 6 ................................................................................................................................ 127

Chapter 7 ................................................................................................................................ 233

References .............................................................................................................................. 247

Appendix I.............................................................................................................................. 255

Table 1: States of privacy with regard to control ..................................................................... 25

Figure 1: Linking the two studies............................................................................................. 17

A TRUST-PRIVACY MODEL OF CUSTOMERS’ WILLINGNESS TO BE

1.1.1 Skewed Equity in a surveillance society

Consumers today profess to be increasingly concerned with divulging personal information

Two drivers of asymmetry are identified:

b. Economies of sharing: consumer information earlier maintained by companies with

1.1.2 Differing views on Usefulness of online personalization strategies:

1.2 Privacy concerns and consumer participation in e-commerce

1.2.1 The cost benefit trade-off

1.3 Trust, risk, and the willingness to transact

1.4 Research problem identification:

“Does willingness to disclose information online have an effect on customers’ willingness

1.5 Motivation and Expected contributions of the thesis:

1.6 Outline of the study:

1.6.1 What to expect within chapters:

Figure 3: Activity schema

2.0 Literature Review

2.1 Consumer Control and Privacy Concerns

Thus we redefine Goodwin’s definition of privacy in terms of control to fit an online

“Consumer privacy online is the consumer’s ability to

Table 3 : Taxonomy of privacy states in an offline context

Control over who is present Control over unwanted

No control over Control over

No control over distribution No disclosure of

Source: Taxonomy of Privacy States, Goodwin (1991), pg. 156.

Control over information Control over

No control over information Control over

No control over distribution No disclosure of

2.2.1 Disposition to trust

2.2.2 Institution based trust

2.2.3 Cognition based trust

Social categorization and origination location

2.2.4 Knowledge based trust: familiarity with web vendor

Figure: Research model of Trust and TAM in online shopping

2.3 Trusting belief vs. trusting intentions in trust related behavior

Sharing of personal information (disclosure of information online), making a purchase, and

2.4 Trust and Perceived Risk

Figure 7: Mayer Davis Schoorman Model of trust

x frequency of internet usage,

2.5 Perceptions of vulnerability

Figure 9: Model of antecedents to Internet privacy concerns

Trust is a prerequisite of information disclosure, as it leads to perception of risk (Jarvenpaa,

Figure 10: Privacy - Trust - Behavioral Intention Model

The basic assumptions from the model as identified by Liu et al are:

2.9 Previous privacy invasion:

Metzger (2004) proposed the following model of online information disclosure:

2.10 A Social contract theory perspective

x Permission: it relates to how the information provided to complete a transaction is

Figure 12: A social contract framework for direct marketing