PRIVACY GOVERNANCE FOR INSTITUTIONAL TRUST (OR ARE PRIVACY VIOLATIONS AKIN TO INSIDER TRADING?).

• Author: Martin, Kirsten

ABSTRACT

Currently, we frame individuals online as in a series of exchanges with specific firms, and privacy, accordingly, is governed to ensure trust within those relationships. However, the focus on the relationship between consumers and specific firms does not capture how the online environment behaves. The aggregation and secondary use of consumer data is performed by market actors behind the scenes without any relationship with consumers. Trusting a single firm is not enough; individuals must trust the online market in general. Such institutional trust has gone under-examined in regards to privacy online. Little has been done to measure how aggregating and using consumer data supports a larger online market and impacts institutional trust online.

This paper explores how privacy governance should also be framed as protecting a larger market to ensure consumers trust being online. In a series of studies, I empirically examine (a) how typical secondary uses are judged along a generalized (for the good of the market) versus reciprocal (for the good of the consumer) exchange and impact institutional and consumer trust, and (b) whether governance mechanisms (limitations on the use of data such as adequate notice, auditing, non-identifiable information, limited storage, etc.) increase consumer trust in companies. I find:

* Respondents find secondary uses of consumer data more appropriate if judged more within a generalized exchange (academic research) or within a reciprocal exchange (product search results) or both (credit security). However, most secondary uses of data are deemed privacy violations and decrease institutional trust online.

* Using privacy notices is the least effective governance mechanism of those included here whereas being subject to an audit was as effective as using anonymized data in improving consumer trust.

* Institutional trust online impacts a consumer's willingness to engage with a specific online partner in a trust game experiment

The findings have implications for public policy and practice. Secondary uses of information online need not only be justified in a simple quid- proquo exchange with the consumer but could also be justified as appropriate for the online context within a generalized exchange. However, the majority of secondary uses currently popular cannot be justified as within either a general exchange or a reciprocal exchange and are judged inappropriate, violations of privacy, and decrease both interpersonal and institutional trust.

Second, if privacy violations hurt not only interpersonal consumer trust in a firm but also institutional trust online, then privacy would be governed similar to insider trading, fraud, or bribery--to protect the integrity of the market. Punishment for privacy violations would be set to ensure bad behavior is curtailed and institutional trust is maintained rather than to remediate a specific harm to an individual.

TABLE OF CONTENTS INTRODUCTION I. REGULATING PRIVACY AND TRUST A. Regulating Privacy to Protect Individual Rights B. Regulating Privacy to Protect Relationships C. Regulating Privacy for Institutional Trust D. Research Implications II. STUDY 1: SECONDARY USES OF CONSUMER INFORMATION A. Design Study 1 B. Results Study 1 C. Discussion Study 1 III. STUDY 2: VIGNETTE STUDY ON USE OF DATA AND TRUST A. Design Study 2 1. Vignette Factors (Independent Variables in the Vignette) 2. Vignette Design 3. Rating Task 4. 2x2 Design B. Results Study 2 1. Consumer Trust in a Firm 2. Governance Mechanisms 3. Institutional Trust C. Discussion Study 2 IV. STUDY 3: EXPERIMENT A. Design Study 3 B. Results Study 3 C. Discussion Study 3 V. DISCUSSION AND CONCLUSION A. Institutional Trust and Privacy Violations B. Secondary Use of Data C. Governance Mechanisms CONCLUSION INTRODUCTION

Trust makes markets work. Trust facilitates transactions, supports individuals entering a market, decreases the need for expensive safeguards, and limits bureaucratic inefficiencies. Sometimes trust is personal, such as when we decide to trust a local dry cleaner to take care of our clothes. Other times trust is more general, such as when I took my daughter to a hospital based only on the recommendation of a stranger. (1)

For consumers concerned about privacy online, trust has been elusive. Online, consumers increasingly judge firms to be untrustworthy including firms who keep information for a secondary use, (2) who partner with a data aggregator, (3) or who store information. (4) Regulators and scholars seek to understand how privacy is related to trust between market actors, e.g., through the Federal Trade Commission's (FTC) focus on informed choice within a relationship, through the promotion of information fiduciaries or data stewards that emphasize honesty and discretion within a relationship," (5) or through a more robust tort for breach of confidentiality between market actors. (6) Such focus on interpersonal trust seeks to optimize transactions between market actors. (7) When trust is insufficient and a market actor needs expensive safeguards to protect themselves against opportunistic partners, the actor considers alternative forms of governance, such as choosing a competitor, building out the competence themselves, or switching governance structures. (8) Repeated bad acts by firms are identified and handled in the market by other actors. Accordingly, privacy regulators and scholars attempt to facilitate trust within the relationship between individuals and firms. (9)

However, the focus on fixing the relationship between consumers and specific firms does not capture how the online environment behaves. (10) The majority of the work done in the online ecosystem of consumer data is done by market actors with no relationship with the consumer. Data brokers aggregate consumer data from different sources and sell information to firms who then use the information when it is not in a consumer's interest. (11) These data traffickers "do not have a relationship with either individual users whose information they possess or with major platforms," and "there is no contractual relationship between the data traffickers and the individuals with profiles in their databases." (12) Figure 1 depicts one vision of the anonymous online ecosystem of actors involved in consumer data. Such tracking is pervasive: on average, (25) third-party trackers are found on news, arts, and sports websites. (13) In fact, data traffickers--to include those trafficking in the consumer data behind the scenes--are the market actors who make money under the current regime. (14)

While we currently focus on optimizing interpersonal trust online as if we are in a market of local dry cleaners, consumers are facing a confusing market more akin to the medical system or financial securities, with many anonymous actors working behind the scenes to create the experience and deliver the service. In such a situation, generalized trust in the institution matters more because individuals cannot gain evidence of trustworthiness of specific individuals or firms. (15) In other words, when information is not available about firms or the quality of the product, we rely upon institutional trust to uphold norms and quality standards. (16) Institutional trust means the threat of opportunism of one firm does not matter as much because we trust the system to take care of bad actors. (17)

Institutional trust is not a unique phenomenon. (19) When dealing with strangers, people still become vulnerable to others: "They walk into an unfamiliar branch office of their bank or into a hospital emergency room." (20) Such institutional trust is regularly measured in larger systems with information asymmetries such as with banks, newspapers, congress, big business (21) or in law and medicine. (22) And privacy online has all the markers of a system that would rely upon institutional trust with anonymous actors outside the reach of consumers and information asymmetries wherein the consumer is the least informed.

We treat interactions online as a series of exchanges with specific firms and justify tracking, sharing, aggregating, and using consumer information as within a reciprocal exchange between two parties. However, the aggregation and secondary use of consumer data, the subject of much concern, is performed by market actors behind the scenes without any relationship with consumers. A generalized exchange, where the benefits received are not directly related to the transaction but rather are for the good of the online institution, may offer a better explanation of consumer exchange online. (23) A generalized exchange would suggest that consumers would approve uses of information that benefit a larger community or where the purpose and benefits are just--similar to the justification in other institutions with anonymous actors such as medical and financial systems.

Little has been done to measure how aggregating and using consumer data supports a larger online market and impacts the institutional trust online. This paper explores how privacy governance should be framed as protecting a larger market or institution. I position maximizing institutional trust as a natural extension of work in regulating privacy. In a series of studies, I then examine (a) whether secondary uses of consumer information arc deemed appropriate within a generalized exchange online, (b) how uses along a generalized versus reciprocal exchange impact institutional and consumer trust, and (c) whether governance mechanisms (limitations on the use of data such as adequate notice, auditing, non-identifiable information, limited storage, etc.) increase consumer trust in companies using consumer data. I use three empirical studies:

1. I categorized uses of consumer data by the degree the use is perceived to be within a reciprocal exchange (benefit immediate actors) and general exchange (within furtherance of the institution).

2. Using a factorial vignette survey...