Online Consumer Trust: Trends in Research

This paper presents the literature review of studies published in 2004-2014 (Web 2.0 period) in the area of consumer online trust. Based on the content analysis of 138 papers, this study highlights three major research themes: (1) trust models, (2) technological, and (3) social factors impacting online trust. It also explores topics in each major theme found in direct studies of online consumer trust. Since this literature review uses the concept-centric approach, it points out not only the major trends in research but also three understudied areas: (1) green trust, (2) trust recovery, and (3) the role of ethics in developing online trust

Signaling Mechanisms and Survival of Service Providers in an Electronic Market

This research studies the survival of software implementation service providers in an electronic market (or e-market), and the role that vendor characteristics such as reputation, education, experience, ‘preferred provider’ status, and references play in predicting which service providers will exit the e-market after it (the e-market) implements trust enhancing mechanisms. Using theories from asymmetric information, signaling, and trust literatures, we propose a model to examine the relation between firm characteristics and survival. Our empirical results support the key role played by these signals in inducing the separating equilibrium that leads to the shakeout among software service providers in an e-market

Design science research towards resilient cyber-physical eHealth systems

Most eHealth systems are cyber-physical systems (CPSs) making safety-critical decisions based on information from other systems not known during development. In this design science research, a conceptual resilience governance framework for eHealth CPSs is built utilizing 1) cybersecurity initiatives, standards and frameworks, 2) science of design for software-intensive systems and 3) empowering cyber trust and resilience. According to our study, a resilient CPS consists of two sub-systems: the proper resilient system and the situational awareness system. In a system of CPSs, three networks are composed: platform, software and social network. The resilient platform network is the basis on which information sharing between stakeholders could be created via software layers. However, the trust inside social networks quantifies the pieces of information that will be shared - and with whom. From citizens’ point of view, eHealth is wholeness in which requirements of information security hold true. Present procedures emphasize confidentiality at the expense of integrity and availability, and regulations/instructions are used as an excuse not to change even vital information. The mental-picture of cybersecurity should turn from “threat, crime, attack” to “trust” and “resilience”. Creating confidence in safe digital future is truly needed in the integration of the digital and physical world’s leading to a new digital revolution. The precondition for the exchange of information “trust” must be systematically built at every CPS’ level. In health sector, increasingly interconnected social, technical and economic networks create large complex CPSs, and risk assessment of many individual components becomes cost and time prohibitive. When no-one can control all aspects of CPSs, protection-based risk management is not enough to help prepare for and prevent consequences of foreseeable events, but resilience must be built into systems to help them quickly recover and adapt when adverse events do occur.Most eHealth systems are cyber-physical systems (CPSs) making safety-critical decisions based on information from other systems not known during development. In this design science research, a conceptual resilience governance framework for eHealth CPSs is built utilizing 1) cybersecurity initiatives, standards and frameworks, 2) science of design for software-intensive systems and 3) empowering cyber trust and resilience. According to our study, a resilient CPS consists of two sub-systems: the proper resilient system and the situational awareness system. In a system of CPSs, three networks are composed: platform, software and social network. The resilient platform network is the basis on which information sharing between stakeholders could be created via software layers. However, the trust inside social networks quantifies the pieces of information that will be shared - and with whom. From citizens’ point of view, eHealth is wholeness in which requirements of information security hold true. Present procedures emphasize confidentiality at the expense of integrity and availability, and regulations/instructions are used as an excuse not to change even vital information. The mental-picture of cybersecurity should turn from “threat, crime, attack” to “trust” and “resilience”. Creating confidence in safe digital future is truly needed in the integration of the digital and physical world’s leading to a new digital revolution. The precondition for the exchange of information “trust” must be systematically built at every CPS’ level. In health sector, increasingly interconnected social, technical and economic networks create large complex CPSs, and risk assessment of many individual components becomes cost and time prohibitive. When no-one can control all aspects of CPSs, protection-based risk management is not enough to help prepare for and prevent consequences of foreseeable events, but resilience must be built into systems to help them quickly recover and adapt when adverse events do occur

Industry Self-Regulation of Consumer Data Privacy and Security, 32 J. Marshall J. Info. Tech. & Privacy L. 15 (2015)

Industry self-regulation of consumer data privacy and security has been proposed as a flexible alternative and compliment to traditional government regulation. This study analyzes whether different types of existing industry-led standards improve online privacy and security. This paper examines which types of firms join voluntary standards and whether there is a difference in outcomes between trade association memberships (like the Digital Advertising Alliance) and certification programs (like TRUSTe). Results suggest that more trafficked websites are more likely to adopt standards, and that trade association member-ship does not have an effect on privacy and security performance. This article highlights the need for a valid privacy metric for robust empirical study of data privacy and security

Online Consumer Trust: Trends in Research

This paper presents the literature review of studies published in 2004-2014 (Web 2.0 period) in the area of consumer online trust. Based on the content analysis of 138 papers, this study highlights three major research themes: (1) trust models, (2) technological, and (3) social factors impacting online trust. It also explores topics in each major theme found in direct studies of online consumer trust. Since this literature review uses the concept-centric approach, it points out not only the major trends in research but also three understudied areas: (1) green trust, (2) trust recovery, and (3) the role of ethics in developing online trust

Buyers of ‘lemons’: How can a blockchain platform address buyers’ needs in the market for ‘lemons’?

The second-hand automotive market is one with the least trust from consumers. Customers on the second-hand car market suffer from such problems as the car being in worse condition than initially indicated, accident damage that is not disclosed, fraud, etc. Akerlof, described the market for used cars as an example of the problem of information asymmetries and resulting quality uncertainty. In order to cope with quality uncertainties, used car buyers actively engage themselves in information seeking. Blockchain technology promises to automatize the tracking of cars through their lifecycles and provide reliable information at any point in time it is needed. In our study, we investigate the problems car buyers face during information seeking and propose requirements for the design of a blockchain-based system to address these

Trust Across Borders: Buyer-Supplier Trust in Global Business-to-Business E-Commerce

This study focuses on trust formation and development in global buyer-supplier relationships. Trust affects all business relationships, especially global business-to-business (B2B) transactions due to the distances between buyers and suppliers. We use information signaling theory to examine how information indices and signals affect buyers’ trust in suppliers in global B2B commerce. Specifically, we examine how buyers’ trust is affected by (1) their perceptions of the national integrity and legal structure of suppliers’ country, and (2) third-party verifications of suppliers on B2B exchanges. Because buyer-supplier relationships usually evolve over time, we study how the effects of indices and signals change as the number of transactions between the partners increases. A survey of global organizational buyers finds that perceptions of national integrity, legal structure, and supplier verifications are all positively related to buyers’ trust. However, the number of prior transactions between buyers and suppliers moderates the impact of perceived legal structure on buyers’ trust

Buyers of Lemons: Addressing Buyers’ Needs in the Market for Lemons with Blockchain Technology

The automotive market is in the top three markets with the least trust from consumers. In particular, in the second-hand car market, consumers suffer from such problems as the car being in worse condition than initially indicated, accident damage that is not disclosed, fraud, etc. Akerlof, described the market for used cars as an example of the problem of information asymmetries and resulting quality uncertainty. In order to cope with quality uncertainties, used car buyers actively engage themselves in information seeking. Blockchain technology promises to automatize the tracking of cars through their lifecycles and provide reliable information at any point in time it is needed. In our study, we investigate the problems car buyers face during information seeking and propose requirements for the design of a blockchain-based system to address these

Trustworthy Privacy Indicators: Grades, Labels, Certifications, and Dashboards

Despite numerous groups’ efforts to score, grade, label, and rate the privacy of websites, apps, and network-connected devices, these attempts at privacy indicators have, thus far, not been widely adopted. Privacy policies, however, remain long, complex, and impractical for consumers. Communicating in some short-hand form, synthesized privacy content is now crucial to empower internet users and provide them more meaningful notice, as well as nudge consumers and data processors toward more meaningful privacy. Indeed, on the basis of these needs, the National Institute of Standards and Technology and the Federal Trade Commission in the United States, as well as lawmakers and policymakers in the European Union, have advocated for the development of privacy indicator systems. Efforts to develop privacy grades, scores, labels, icons, certifications, seals, and dashboards have wrestled with various deficiencies and obstacles for the wide-scale deployment as meaningful and trustworthy privacy indicators. This paper seeks to identify and explain these deficiencies and obstacles that have hampered past and current attempts. With these lessons, the article then offers criteria that will need to be established in law and policy for trustworthy indicators to be successfully deployed and adopted through technological tools. The lack of standardization prevents user-recognizability and dependability in the online marketplace, diminishes the ability to create automated tools for privacy, and reduces incentives for consumers and industry to invest in privacy indicators. Flawed methods in selection and weighting of privacy evaluation criteria and issues interpreting language that is often ambiguous and vague jeopardize success and reliability when baked into an indicator of privacy protectiveness or invasiveness. Likewise, indicators fall short when those organizations rating or certifying the privacy practices are not objective, trustworthy, and sustainable. Nonetheless, trustworthy privacy rating systems that are meaningful, accurate, and adoptable can be developed to assure effective and enduring empowerment of consumers. This paper proposes a framework using examples from prior and current attempts to create privacy indicator systems in order to provide a valuable resource for present-day, real world policymaking. First, privacy rating systems need an objective and quantifiable basis that is fair and accountable to the public. Unlike previous efforts through industry self-regulation, if lawmakers and regulators establish standardized evaluation criteria for privacy practices and provide standards for how these criteria should be weighted in scoring techniques, the rating system will have public accountability with an objective, quantifiable basis. If automated rating mechanisms convey to users accepted descriptions of data practices or generate scores from privacy statements based on recognized criteria and weightings rather than from deductive conclusions, then this reduces interpretive issues with any privacy technology tool. Second, rating indicators should align with legal principles of contract interpretation and the existing legal defaults for the interpretation of silence in privacy policy language. Third, a standardized system of icons, along with guidelines as to where these should be located, will reduce the education and learning curve now necessary to understand and benefit from many different, inconsistent privacy indicator labeling systems. And lastly, privacy rating evaluators must be impartial, honest, autonomous, and financially and operationally durable in order to be successful