Personal Data Privacy in E-Commerce


E-commerce has emerged as one of the most important new method of carrying out business in the modern world. Through e-commerce, businesses are able to exploit the efficiency and power of the internet and computing devices to carry out business transactions. This observation is confirmed by Parayitam, Kiran and Mayur (2008) who state that companies are presently embarking on ecommerce to gain competitive advantage in the market. Some economic researchers are of the opinion that e-commerce is the future of business. While the commercial significance of e-commerce is unquestionable, this technology introduces a number of major problems.

One of the most important problems is the privacy of personal data. By its very nature, e-commerce requires consumers to provide some personal information while carrying out transactions online. This information is then stored by the vendor and it may be used in various ways or even shared with third parties. Disclosing personal information over the internet creates privacy concerns as consumers do not know who has access to this information or how it will be used.

In recent years, the issue of privacy has escalated in importance as more consumers became aware of the various ways in which the data they provide online can be used with or without their knowledge. This paper will set out to discuss privacy of personal data in e-commerce with focus on why consumers feel that their privacy is intruded upon. The paper will also review some of the steps taken by various players in the industry to address the privacy issues in e-commerce.

Privacy of Personal Data

Transacting in e-commerce necessitates the provision of personal information to the business website. Rhys and Shao (2007) asserts that the typical e-commerce transaction requires a person to divulge large amounts of personal information which is either necessary for the transaction or is desired by the e-business. Once the information is on the internet, the issue of privacy of personal data emerges. Belanger and Crossler (2011) observe that most people desire to have some control over their personal information. However, this is sometimes not possible as the e-commerce business maintains control of the information.

Major concerns about privacy have been caused by the practice of firms collecting and using consumer information to provide personalized products or services online. Many online businesses wish to know the shopping trends of their customers. If these trends can be accurately identified, the business can market specific products to the client. Dong-Joo and Youngsok (2011) reveal that this data collection makes it possible for companies to make personalized offers to individual consumers based on the information available online about the particular consumer. One of the methods of collecting user data is using cookies.

By definition, cookies are identifying tags that are stored on the consumer of a person who visits a website (Thompson & Hamilton, 2002). Using cookies, a business can collect data on the individual’s shopping habits and then use the information for marketing purposes. Dong-Joo and Youngsok (2011) state that by using the information obtained from the consumer’s computer, the firm is able to offer personalized products that fit with the consumer’s preferences. Up to 90% of e-commerce operations use cookies to collect information about online behaviour of internet users. In spite of this high usage of cookies, most websites fail to display privacy policies informing users that their activities are being tracked. The privacy issue arises since the data collection occurs in the background and most consumers are unaware of it.

In addition to this, major technology companies such as Microsoft, Google, and Facebook use pervasive technologies to analyse user behaviour online for advertisement purposes. Rhys and Shao (2007) declare that information is valuable and can give economic advantages to the individuals who possess it. With this understanding, software has been developed to extract and store a wide variety of user information. Analysis technologies aggressively track users wherever they may go on the internet and create personal data profiles. The profiles include information such as a person’s profession, his interests, favourite music, and even address.

Parayitam et al. (2008) state that through the techniques, the companies are able to develop elaborate data profiles that are used to carry out sophisticated and personalized advertising. This collection and subsequent use of private information have caused widespread concern among consumers who feel that their privacy is being intruded upon (Dong-Joo & Youngsok, 2011). For many consumes, their right to privacy is infringed upon by the online tracking done for e-commerce purposes.

Another privacy issue concerns the ownership of the personal information provided by the consumer. Many consumers assume that the information they provide while carrying out the online transaction will not be shared out by the vendor. According to Kiryanova and Makienko (2011), there is an expectation by consumers that the firm will limit the accessibility to and control the release of their personal information. When privacy rights are respected, the consumer feels that he has a measure of control over his personal information. Ciocchetti (2007) declares that if a company adopts choice as a privacy principle, consumers submitting information necessary to complete a transaction should not find their information disseminated in any way unrelated to that transaction without their explicit permission.

However, there are instances where websites divulge personal information about their customers without the customers’ consent (Farah & Higby, 2001). This divulgence is done out of financial motivations since third parties pay for the information. When consumers cannot trust the e-commerce business with their information, they may choose not to engage in online commerce. Rhys and (2007) declares that a vast proportion of individuals able to engage in e-commerce are unwilling to do so simply because they do not trust e-commerce sites to be respectful of their privacy.

A major concern of many consumers is access to their personal information by malicious elements. There is a perception among some internet users that personal information supplied to e-commerce sites might be obtained and used by unauthorized third parties. This perception demonstrates that some users are not confident about the security measures employed by e-commerce sites.

Ciocchetti (2007) admits that in the 21st e-commerce environment, company websites are under continued that of security breaches. A breach of a company’s database has the potential to release millions of personal data into the hands of malicious parties such as hackers. Access to personal information by unauthorized persons can lead to identity theft (Zwass, 2012). In many developed nations including the US, UK and Australia, the crime of identity theft has reached a crisis level.

Credit card fraud is one of the most common forms of identity theft. This crime is committed when criminals gain access to personal information supplied by the consumer during e-commerce transactions. The fear of falling victim to malicious people on the internet has caused some people to avoid taking part in online shopping. According to Dinev and Hart (2006), the perception of uncertainty in the internet environment contributes to users being hesitant to disclose the personal information necessary to engage in e-commerce transactions.

Addressing the Privacy Issues

Privacy is a widely coveted and highly privileged value in our society. Rhys and Shao (2007) declare that by giving precedence to consumer privacy, all the parties involved in e-commerce can reap bigger benefits. Many businesses engaged in e-commerce have acknowledged that privacy is an important concept in this sector and addressing it is crucial to ensure growth. Parayitam et al. (2008) declare that only by guaranteeing privacy can consumer safety and subsequently consumer confidence in e-commerce be promoted. One way of doing this is by assuring consumers that their data is not going to be shared with third parties. Privacy concerns often occur because of the uncertainty about who has access to the information and how it is used.

The level of transparency demonstrated by commercial data brokers has increased. These entities take steps to ensure that individuals know the type of personal data collected from them and the manners in which this data will be used. Kiryanova and Makienko (2011) note that according to the transparency strategy, customers are more willing to trust the e-commerce firm with their personal information if the firm explains the intended uses of customer information. In addition to this, the data brokers provide notifications when they experienced a breach involving sensitive personal data (Boritz & Gyun, 2011). This gives individuals a chance to take appropriate action to ensure that their personal information is not used to steal their identities.

Another step taken to address privacy concern is formulating privacy policies that the consumer can review online. These privacy policy statements include details of the measures taken by the retailer to protect consumer personal information. Research indicates that for most consumers, privacy notices on a website are an important assurance, particularly when dealing with unfamiliar vendors. Kiryanova and Makienko (2011) confirm that privacy policy statements posted on a firm’s website have an effect on consumers’ perception of the trustworthiness of the particular business. An important consideration when implementing privacy statements is that they should be in a language that the average consumer can understand. Policies that are written using legal jargon are unhelpful to most users who fail to understand the content.

E-commerce firms have implemented various security technologies to ensure that client information is adequately protected. Farah and Higby (2001) document that businesses are often forced, by consumer concerns or the government, to implement privacy tools for the protection of customers’ privacy. Many businesses engaged in e-commerce understand that their ability to carry out online transaction is dependant on creating safe online environments for the clients. When clients are unsure of the security of a website, their risk perception is high. High risk perception decreases the wiliness of the consumer to provide personal information since they are not sure if the website is reliable and safe. When internet users are confident of the security implementations employed by the online vendor, their risk perception decreases. This leads to an increased willingness to disclose personal information necessary to conduct e-commerce transactions since the consumer feels safe.

Discussion and Conclusion

While the area of e-commerce has exhibited exponential growth over the last decade, it is yet to reach its full potential. The major reason why e-commerce has failed to reach its full potential is the issue of privacy of personal data in the area. As has been noted, many individuals are not willing to provide their personal information online since they feel that their privacy will not be respected. This inhibits e-commerce growth rates in the country. By taking steps to protect the privacy of individuals, businesses and governments increase the confidence of the people who use e-commerce. Addressing the privacy issue is therefore mandatory for the society to fully embrace e-commerce and benefit from the many advantages of this method of conducing business.

E-commerce has significantly changed the manner in which business is conducted over the past decade. As more people engage in e-commerce, the issue of privacy has become more prominent. This paper set out to discuss privacy of personal data in e-commerce. It has noted that most of the privacy issues pertain to the use and ownership of personal data supplied by the consumer. Many businesses use the personal data to gain a competitive advantage in the market. This usage of consumer data is sometimes occurs without the knowledge or permission of the individual. The paper has acknowledged the significance of addressing the potential threats to consumer privacy posed by e-commerce. If the privacy concerns surrounding personal data are fully addressed, more people will be willing to provide personal information to transact on the internet. This will contribute to the growth and future success of e-commerce.


Belanger, F., & Crossler, R. (2011). Privacy in the digital age: a review of information privacy research in information systems. MIS Quarterly, 35(4), 1017-1036. Web.

Boritz, E., & Gyun, W. (2011). E-Commerce and Privacy: Exploring What We Know and Opportunities for Future Discovery. Journal of Information Systems, 25(2): 11-45. Web.

Ciocchetti, C. (2007). E-Commerce and Information Privacy: Privacy Policies as Personal Information Protectors. American Business Law Journal, 44(1), 55-126. Web.

Dinev, T. & Hart, P. (2006). An Extended Privacy Calculus Model for E-Commerce Transactions. Information Systems Research, 17(1), 61-80. Web.

Dong-Joo, L., Youngsok, B. (2011). Managing consumer privacy concerns in personalization: a strategic analysis of privacy protection. MIS Quarterly, 35(2), 423-453. Web.

Farah, B., & Higby, M. (2001). E-Commerce and Privacy: Conflict and Opportunity. Journal of Education for Business, 76(6), 303-307 Web.

Kiryanova, B., & Makienko, I. (2011). The effects of information privacy and online shopping experience in e-commerce. Academy of Marketing Studies Journal, 15(1), 97-112. Web.

Parayitam, S., Kiran, D., & Mayur, D. (2008). E-Commerce Policies, Customer Privacy and Customer Confidence. The XIMB Journal of Management, 5(2), 45-58. Web.

Rhys, S., & Shao, J. (2007). Privacy and e-commerce: a consumer-centric perspective. Electronic Commerce Research, 7(2) 89-116. Web.

Thompson, G., & Hamilton, L. (2002). Privacy Protection: The Safe Harbor for E-Marketing. Management Accounting Quarterly, 4(1), 11-15. Web.

Zwass, V. (2012). Electronic Commerce and Organizational Innovation: Aspects and Opportunities. International Journal of Electronic Commerce 7(3), 7-37. Web.