Knowledge Management International Conference (KMICe) 2014, 12 – 15 August 2014, Malaysia http://www.kmice.cms.net.my/ 332 Investigating Culture Influences to Information Privacy Wan Abdul Rahim Wan Mohd Isa, Anitawati Mohd Lokman, or Laila Md oor and Emely Shazwan Abdul Wahid Universiti Teknologi MARA (UiTM) Malaysia, [email protected]ABSTRACT There is strong inclination on the importance of knowledge management (KM) concept and role towards ensuring components such as ethics and culture are relevant to the applications development, implementation and maintenance. However, less is understood on the relationship between culture and information privacy. The aim of this study is to investigate the cultural influences to privacy by using Malaysia’s computer professionals’ self-regulatory efficacy concerning information privacy practices and Islamic culture, as the case study. This study adapts the theoretical frameworks of ‘Islamic Cultural Dimensions’ and ‘Information Privacy Self-regulatory Efficacy Dimensions’. The survey forms were sent to Muslims working in computer or Information Technology (IT) fields in Malaysia, with at least one year working experience. A total of 435 data were being analysed by using Ordinal Regression Analysis. The findings include: (i) a conceptual framework of ‘information privacy self-regulatory efficacy dimensions’ and ‘cultural dimensions’, and (ii) empirical findings on the mixture of a positive and negative empirical relationship on the culture influence to the self-regulatory efficacy towards safeguarding information privacy. Future work may involve incorporating the knowledge management concepts into information privacy and culture model to aid the application’s development, implementation, maintenance and usage. Keywords: Culture, Information Privacy, Ethics I ITRODUCTIO Computer professionals have the understanding on their consumers’ data handling and manipulation (Oz, 1992). It is important for them to understand the issues surrounding information privacy in order to protect the user’s rights (Henderson, & Snyder (1999). In general, information privacy encompasses:- ‘The rights and responsibilities of both individuals and organizations related to the collection, use, disclosure and retention of personally identifiable information’ (Culnan, 2011). Research issues on information privacy are mainly focused on how the data are gathered, stored, analysed and reported while ignoring the data handling process itself. However, there exists information privacy issues related to the person responsible for managing the data (Reynolds, 2011). There is strong inclination on the importance of knowledge management (KM) role in ensuring components such as ethics and culture are relevant to the applications development and maintenance (Samsuri, Ismail, & Ahmad, 2013). In addition, there is a need for more research to investigate on how different cultural practices of morality and computer use may shape the different development patterns of privacy self-efficacy (Kuo, Lin, & Hsu, 2007). Less is understood on the relationship between culture and information privacy. The aim of this study is to investigate the cultural influences to privacy by using Malaysia’s computer professionals’ self-regulatory efficacy concerning information privacy practices, as the case study. The following sections discuss; (i) literature review, (ii) conceptual framework of cultural influences to information privacy self regulatory efficacy, (iii) research methods, (iv) results and analysis and (v) conclusion. II LITERATURE REVIEW A. Privacy, Culture and Knowledge Management Culture value and privacy concern had become important aspects when designing and implementing culturally-sensitive IT applications (Zakaria, Stanton, & Sarkar-Barney, 2003). IT designers can use different approaches to ensure the effective use of IT based on prevailing culture values (Zakaria, Stanton, & Sarkar-Barney, 2003). There is strong inclination on the importance of knowledge management (KM) role in ensuring components that are relevant to the applications development and maintenance (Samsuri, Ismail, & Ahmad, 2013). Such components are (i) legislation, (ii) ethics (iii) technology and (iv) culture; which are considered important towards securing the privacy of the application (Samsuri, Ismail, & Ahmad, 2013). Application should not depended entirely on the technology-centered development as it must also incorporate the explicit and tacit knowledge concept into ethics and culture model (Samsuri, Ismail, &
Transcript
Knowledge Management International Conference (KMICe) 2014, 12 – 15 August 2014, Malaysia
http://www.kmice.cms.net.my/ 332
Investigating Culture Influences to Information Privacy
Wan Abdul Rahim Wan Mohd Isa, Anitawati Mohd Lokman, or Laila Md oor
and Emely Shazwan Abdul Wahid Universiti Teknologi MARA (UiTM) Malaysia,
I I TRODUCTIO Computer professionals have the understanding on their consumers’ data handling and manipulation (Oz, 1992). It is important for them to understand the issues surrounding information privacy in order to protect the user’s rights (Henderson, & Snyder (1999).
In general, information privacy encompasses:-
‘The rights and responsibilities of both individuals and organizations related to the collection, use, disclosure and retention of personally identifiable information’ (Culnan, 2011).
Research issues on information privacy are mainly focused on how the data are gathered, stored, analysed and reported while ignoring the data handling process itself. However, there exists
information privacy issues related to the person responsible for managing the data (Reynolds, 2011).
There is strong inclination on the importance of knowledge management (KM) role in ensuring components such as ethics and culture are relevant to the applications development and maintenance (Samsuri, Ismail, & Ahmad, 2013). In addition, there is a need for more research to investigate on how different cultural practices of morality and computer use may shape the different development patterns of privacy self-efficacy (Kuo, Lin, & Hsu, 2007). Less is understood on the relationship between culture and information privacy.
The aim of this study is to investigate the cultural influences to privacy by using Malaysia’s computer professionals’ self-regulatory efficacy concerning information privacy practices, as the case study. The following sections discuss; (i) literature review, (ii) conceptual framework of cultural influences to information privacy self regulatory efficacy, (iii) research methods, (iv) results and analysis and (v) conclusion.
II LITERATURE REVIEW
A. Privacy, Culture and Knowledge
Management
Culture value and privacy concern had become important aspects when designing and implementing culturally-sensitive IT applications (Zakaria, Stanton, & Sarkar-Barney, 2003). IT designers can use different approaches to ensure the effective use of IT based on prevailing culture values (Zakaria, Stanton, & Sarkar-Barney, 2003).
There is strong inclination on the importance of knowledge management (KM) role in ensuring components that are relevant to the applications development and maintenance (Samsuri, Ismail, & Ahmad, 2013). Such components are (i) legislation, (ii) ethics (iii) technology and (iv) culture; which are considered important towards securing the privacy of the application (Samsuri, Ismail, & Ahmad, 2013).
Application should not depended entirely on the technology-centered development as it must also incorporate the explicit and tacit knowledge concept into ethics and culture model (Samsuri, Ismail, &
Knowledge Management International Conference (KMICe) 2014, 12 – 15 August 2014, Malaysia
http://www.kmice.cms.net.my/ 333
Ahmad, 2013) during the application's development, implementation, maintenance and usage.
B. Dimensions of Information Privacy Self-
regulatory Efficacy
The Social Cognitive Theory (SCT) study implies
on the morality domain in self-regulation. Bandura
(1991) in his research stated that personal factors
such as moral thought, affective self-reactions,
moral conduct, and environmental factors will
interact and influence each other in both directions
(as cited from Kuo et al., 2007). There are different
elements affecting the self-regulatory efficacy and
come out with the dimensions of information
privacy self-regulatory efficacy (Kuo et al. (2007).
Table 1 shows the dimensions of information
privacy self-regulatory efficacy.
Table 1. Dimensions of Information Privacy Self-Regulatory
Efficacy (Kuo et al., 2007).
Dimension (Challenge Level)
Protection on-distribution on-Acquisition
Improper use Improper transfer Improper acquisition
Improper use Internal/external
unauthorized secondary use
Improper collection
Improper
monitoring Privacy
invasion
Improper storage
Improper transfer Improper access
Improper collection Improper analysis
Protection: One’s perception of efficacy in protecting others’ privacy
information.
on-distribution: One’s perception of efficacy in sanctioning against distributing the privacy information to others.
on-acquisition: One’s perception of efficacy in sanctioning against
acquiring the privacy information to others.
Based on the relevant literature review, Kuo et al.
(2007) has divided the information privacy self-
regulatory efficacy into three dimensions; namely,
(i) Protection, (ii) 7on-distribution and (iii) 7on-
acquisition (see Table 1). The general description
is as follow (Kuo et al., 2007):-
(i) Protection refers ‘to whether an individual can
take the necessary courses of action for
guarding accidental disclosures of information
in a public environment or setting’.
(ii) Non-distribution refers ‘to whether a person
can exert his or her control not to distribute the
privacy information of others’.
(ii) Non-acquisition refers ‘to whether a person has
the self-confidence to refuse to acquire and use
privacy information before obtaining necessary
authorization’.
C. Culture and Kansei
The studies involving Kansei span across industrial
product design, service and hospitality design,
interface design, interaction design and many more.
Kansei is unique to cultural studies. Cross-cultural
investigation were performed to understand
similarities and differences of Kansei or affective
values (Yashmi, Rizi, & Sabet, 2013; Lokman,
Ishak, Razak, & Aziz, 2012; Adelabu, Yamanaka,
& Moalosi, 2012; Peranginangin, Chen, & Shieh,
2011). Other example include cross-cultural
dynamic of demand in African design culture
(Adelabu et al., 2012) adoption of Kansei approach
for improving design process of cross-culturally
sensitive products.
III CO CEPTUAL FRAMEWORK OF
CULTURAL I FLUE CES TO
I FORMATIO PRIVACY SELF
REGULATORY EFFICACY
Figure 1. Conceptual Framework of Cultural Influences to
Information Privacy Self-Regulatory Efficacy.
Figure 1 illustrates the conceptual framework of
cultural influences to information privacy self-
regulatory efficacy. The framework were adapted
from cultural dimensions (Hofstede, & Hofstede,
2005; Trompenaars, 1994; Halls, 1996), information
privacy self-regulatory efficacy dimensions (Kuo et
al., 2007) and Islamic culture (Wan Abdul Rahim,
Nor Laila, & Shafie, 2008a; Wan Abdul Rahim, Nor
Laila, & Sharifah Sakinah, 2008b).
A. High Uncertainty Avoidance (HUA)
Hofstede and Hofstede (2005) stated that ‘HUA is a
belief that often relies on the ultimate truth, and
always refers to the society that avoid taking risks
as well as uncomfortable with uncertainty’.
Hofstede and Hofstede (2005) also gives indirect
impression that the existence of Islamic religion is
based on the absolute Truth that human can possess.
Since Islam is based on the Truth belief, we can
Knowledge Management International Conference (KMICe) 2014, 12 – 15 August 2014, Malaysia
http://www.kmice.cms.net.my/ 334
relate the idea of Islam as HUA cultures (Wan
Abdul Rahim et al., 2008a).
B. Short Term Orientation (STO)
STO is generally ‘nurturing of virtues that are
related to the past as well as the present; respecting
the tradition and satisfying the social obligation’
(Hofstede, & Hofstede, 2005). The two similarities
of Islam and STO are; (i) Islam are concern with the
Truth and (ii) it has universal guideline on the
definition of good and evil (Wan Abdul Rahim et
al., 2008). Islam virtues came from the absolute
Truth and the focus is on the good judgement of the
past, in which the decisions are based on the Holy
Book and this can be considered related to STO
(Hofstede, & Hofstede, 2005).
C. Individualism (I D) and Collectivism (COL)
Collectivism refers to the ‘culture where people
integrated as one cohesive group’, whereas
individualism refers to ‘cultures that have loose ties
among the people’ (Hofstede, & Hofstede, 2005).
Since Islamic culture is based on the concept that
humans are as one equal and united community,
thus, we can relate the role of Muslims lies between
‘Individualism’ and ‘Collectivism’ (Wan Abdul
Rahim et al., 2008).
D. High Power Distance (HPD)
High Power Distance (HPD) concerns on the
‘inequality of power distribution in a society’
(Hofstede, & Hofstede, 2005). Islamic culture is
basically high in power distance, as the Islamic
society is expected to follow the rules and
regulations as stated by the God’s revelation and
authoritative resources. The Muslim resources are
solely dependent on their Holy Book, Prophets and
authoritative sources and this can be considered
related to ‘High Power Distance’ (Wan Abdul
Rahim et al., 2008).
E. Polychronics (POL)
Polychronic cultures are ‘able to adapt any changes
on the initial plan and prone to multitasking’ (Halls,
1966). Islamic culture is considered as Polychronics
culture due to the multiple roles and responsibilities
as an individual as well as a member of the society
(Wan Abdul Rahim et al., 2008).
F. High Context (HC)
High Context dimension requires ‘only high level
details of information exchange’ (Halls, 1966).
Islamic culture falls in High Context dimension
because of the nature of information dissemination
and communication. A good example of this can be
seen on the constant practice of common phrases
among Muslims, for instance, “Bismillah’, at the
beginning of any tasks, which reflects the attributes
and characteristics of ‘High Context’ community
(Shafie, Wan Abdul Rahim, Nor Laila, & Mohd
Shukri, 2010).
The second segment of the conceptual framework is
the Information Privacy Self-regulatory Efficacy
Dimensions, which are enclosed within the Islamic
Cultural Dimensions, consisting of three major
components: Protection, 7on-distribution and 7on-
acquisition, which are the main areas of this
research. Each of these components has their own
elements as shown in Figure 1. Furthermore, Kuo et
al. (2007) uses the Self-efficacy Theory introduced
by Bandura (1977) as the theoretical background.
Table 2. Dimensions of Information Privacy Self-Regulatory
Efficacy (Adapted from Kuo et al., 2007).
Information Privacy Self-
regulatory Efficacy Dimensions
Dimension of Culture
Influence
1) Protection
Copy Information (CI) HC – Unethical copying of
information
Protect Information (PI) STO - Improper monitoring
STO - Privacy invasion HC - Improper storage
2) on-Distribution
Not to Share Customer
Information (SCI)
HC - Improper transfer
Not to Purchase Customer
Information (PCI)
HUA - Internal/external
unauthorized secondary use
3) on-Acquisition
Not Analysed Customer Information Beyond Original
Purpose (ACI)
STO - Improper analysis HC - Improper acquisition
Not Collaborate To analyse
Customer Information Beyond Original Purpose (CACI)
HPD - Improper access
IC - Improper collection
Not Keeping Customer
Information (KCI)
HC - Improper storage
Not Gathering Customer
Information (GCI)
HC - Improper collection
Not Accessing Customer Private
Information (API)
HUA - Improper access
Not Accessing Customer
Multiple Private Information Via
Internet (AMI)
POL - Improper multiple
access
Protection: ‘One’s perception of efficacy in protecting others’ privacy information’.
on-distribution: ‘One’s perception of efficacy in sanctioning against
distributing the privacy information to others’.
on-acquisition: ‘One’s perception of efficacy in sanctioning against
acquiring the privacy information to others’.
Knowledge Management International Conference (KMICe) 2014, 12 – 15 August 2014, Malaysia
http://www.kmice.cms.net.my/ 335
By using the six ‘Islamic Cultural Dimensions’ and
‘Information Privacy Self-regulatory Efficacy
Dimensions’, further analysis are done to determine
on the influence of Islamic culture on the computer
information privacy practices and Islamic culture as
the case study. This study adapted the theoretical
frameworks of ‘Islamic Cultural Dimensions’ and
‘Information Privacy Self-regulatory Efficacy
Dimensions’. Survey method was used for the data
collection. The data were analysed by using Ordinal
Regression Analysis.
The findings included: (i) a conceptual framework
of ‘information privacy self-regulatory efficacy
dimensions’ and ‘cultural dimensions’, and (ii)
empirical findings on the mixture of a positive and
negative empirical relationship on the culture
influence to the self-regulatory efficacy towards
safeguarding information privacy. Although only
three out of thirteen hypotheses received significant
supports from the data, the additional exploratory
analysis conducted provided promising results for
future research and exploration. Future work may
involve incorporating the knowledge management
concepts into information privacy and culture
model to aid the application’s development,
implementation, maintenance and usage.
ACK OWLEDGME T
This research is funded by the Dana RMI Principal Investigator Support Initiative (PSI), Research Management Institute (RMI), Universiti Teknologi MARA (UiTM) Malaysia (Project Code: 600-RMI/DANA 5/3/PSI (258/2013)).
REFERE CES
Adelabu, O. S. , Yamanaka, T., & Moalosi, R. (2012). Towards kansei evaluation of african product design. International Journal of Affective Engineering, 12(2), 135-144. doi:http://dx.doi.org/10.5057/ijae.12.135
Bandura, A. (1977). Self-efficacy: toward a unifying theory of behavioural change. Psychological Review 84(2), 191–215. Doi: 10.1037/0033-295X.84.2.191
Bandura, A. (1991). Social cognitive theory of moral thought and action. In W. M. Kurtines, & J. L. Gewirtz (Eds.), Handbook of Moral Behavior and Development (pp. 45–103). Hillsdale, NJ: Lawrence Erlbaum.
Culnan, M. J. (2011). Social perspectives on information privacy. In H. C. A. van Tilborg, S. Jajodia (Eds), Encyclopedia of Cryptography and Security. Springer. doi: 10.1007/978-1-4419-5906-5
Halls, E. T. (1996). The hidden dimensions: Doubleday & Company Inc.
Henderson, S. C., & Snyder, C. A. (1999). Personal information privacy: implications for MIS managers, Information & Management, 36(4), 213 - 220. doi: 10.1016/S0378-7206(99)00019-1
Hofstede G., & Hofstede G. J. (2005). Cultures and organization: McGraw-Hill.
Kuo, F.-Y., Lin, C. S., & Hsu, M.-H. (2007). Assessing Gender Differences in Computer Professionals’ Self-regulatory Efficacy Concerning Information Privacy Practices. Journal of Business Ethics, 73(2), 145-160. doi:10.1007/s10551-006-9179-1
Lokman, A. M., Ishak, K. K., Razak, F. H., & Aziz, A. A. (2012). The Feasibility Of PrEmo In Cross-cultural Kansei Measurement. 2012 IEEE Symposium on Humanities, Science and Engineering Research (SHUSER), 1033 - 1038, IEEE. doi:10.1109/SHUSER.2012.6268780
Oz, E. (1992). Ethical standards for information system professionals: a case for a unified code. MIS Quarterly, 16(4), 423–433. doi:10.2307/249729
Peranginangin, E., Chen, K., & Shieh, M. (2011). Cross-cultural consumers’ kansei research: the study of product needs on male and female. International Refereed Research Journal, II(1), 11-16.
Reynolds, G. W. (2011). Ethics in information technology. Cengage Learning. USA.
Samsuri, S., Ismail, Z., & Ahmad, R. (2013). Adopting a Knowledge Management Concept in Securing the Privacy of Electronic Medical Records Systems. In L. Uden, F. Herrera, J. B. Perez, & J. M. C. Rodriguez (Eds.), 7th International Conference on Knowledge Management in Organizations: Service and Cloud Computing (547-558). Springer-Verlag Berlin. doi:10.1007/978-3-642-30867-3_49.
Shafie, M., Wan Abdul Rahim, W. M. I., Nor Laila, M. N., & Mohd Shukri, H. (2010). Muslim user interface evaluation framework (Muslim-UI) for Islamic genre website: A quantitative approach. 2010 International Conference on Information and Communication Technology for the Muslim World (ICT4M), IEEE. doi:10.1109/ICT4M.2010.5971933
Trompenaars, F. (1994). Riding the Waves of Culture: Understanding Diversity in Global Business. Irwin, New York.
Wan Abdul Rahim, W. M. I., Nor Laila, M. N., & Shafie, M. (2008a). Inducting the cultural dimensions of islamic culture: a theoretical building approach and website IA design application. In C. W. Khong, C. Y. Wong, & B. V. Niman (Eds.), 21st International Symposium Human Factors in Telecommunication: User Experience of ICTs (pp. 89-96). Prentice Hall.
Wan Abdul Rahim, W. M. I., Nor Laila, M. N., & Sharifah Sakinah S. H. A. (2008b). Culture influences to website information architecture: an empirical investigation. International Symposium on Information Technology, 2008, IEEE. doi:10.1109/ITSIM.2008.4631629
Yashmi, N., Rizi, M. S., & Sabet, M. B. (2013). Translation of customer feelings by Kansei in iranian culture, case study: Pot holder & oven glove. IASDR 2013.
Zakaria, N, Stanton, J. M., & Sarkar-Barney, S. T. M. (2003). Designing and implementing culturally-sensitive IT applications: The interaction of culture values and privacy issues in the Middle East, Information Technology & People, 16(1), 49 – 75. doi: 10.1108/09593840310463023
