Technology gives Web site hosts a heretofore unprecedented ability to collect detailed information about customers who visit their sites and to use that information to customize subsequent interactions. Although data collection on this level can be a valuable business practice, such personalization comes at a price—a threat to personal privacy. Two approaches to privacy protection exist—self-regulation (based on government guidelines) and outright legislative protection. While the United States generally favors self-regulation, the European Community has taken the more restrictive legislative approach, which extends to all who wish to use European customer data. An examination of the Web sites hosted by ninety-seven large hotel companies indicates that while sites frequently include statements outlining what data are being collected and how they are being used, none comply with all legislative requirements, in particular with regard to onward transfer, access to the data, and whether consumers have a choice in how their information is used.
Awad, N., and M. Krishnan.2006. The personalization privacy paradox . MIS Quarterly30 (1): 13-28.
2.
Bellman, S., E. Johnson, S. Kobrin, and G. Lohse.2004. International differences in information privacy concerns: A global survey of consumers. The Information Society20:313-24.
3.
Blanchette, J.-F., and D.G. Johnson.2002. Data retention and the panoptic society: The social benefits of forgetfulness. The Information Society18:33-45.
4.
Cain, R.2002. Global privacy concerns and regulation—Is the United States a world apart? International Review Of Law Computers & Technology16 (1): 23-34.
5.
Camp, L.J.1999. Web security and privacy: An American perspective. The Information Society15:249-56.
6.
Carroll, B.2002. Price of privacy: Selling consumer databases in bankruptcy . Journal of Interactive Marketing16 (3): 47-58.
7.
Cassidy, C., and B. Chae.2006. Consumer information use and misuse in electronic business: An alternative to privacy regulation. Information Systems Management23 (3): 75-87.
8.
Culnan, M.2000. Protecting privacy online: Is self-regulation working?Journal of Public Policy and Marketing19 (1): 20-26.
9.
Culnan, M., and P.K. Armstrong.1999. Information privacy concerns, procedural fairness & impersonal trust: An empirical investigation. Organization Science10 (January): 104-15.
10.
Culnan, M., and R. Bies.1999. Managing privacy concerns strategically: The implications of fair information practices for marketing in the twenty-first century. In Visions of privacy, ed. C. J. Bennett and R. Grant, 149-67. Toronto , Canada: University of Toronto Press.
11.
DeMarco, D.2006. Understanding consumer information privacy in the realm of internet commerce: Personhood and pragmatism, pop-tarts and six-packs. Texas Law Review84:1013-64.
12.
Dinev, T., and P. Hart.2005. Internet privacy concerns and social awareness as determinants of intention to transact. International Journal of Electronic Commerce10 (2): 7-29.
13.
Endeshaw, A.2001. The legal significance of trademarks. Information & Communications Technology Law10 (2): 203-30.
14.
Electronic Privacy Information Center (EPIC).2000. Privacy. EPIC Alert, July 16. Washington, DC: EPIC.
15.
———. 2004. Privacy & human rights: An international survey of privacy laws and developments. Washington, DC: EPIC.
16.
Ernst & Young.2001. Global online retailing. New York: Ernst & Young.
17.
European Community.1995. Directive 95/46/EC of the European Parliament and the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data. Official Journal of the European Community23:L (November): 281.
18.
Federal Trade Commission (FTC).2000. Privacy online: Fair information practices in the electronic marketplace. A Report to Congress. Washington, DC: Federal Trade Commission.
19.
Gilbert, J.2001. Privacy? Who needs privacy? Business2.02 (7): 20.
20.
Godin, S.1999. Permission marketing: Turning strangers into friends, and friends into customers. New York: Simon & Schuster.
21.
Grabner-Kraeuter, S.2002. The role of consumers' trust in online shopping. Journal of Business Ethics39:43-50.
22.
Grove, A.1998. Only the paranoid survive. New York : HarperCollins Business.
23.
Grover, V., L. Hall, and S. Rosenberg.1998. The web of privacy: Business in the information age. Business Horizons41 (4): 5-11.
24.
Head, M., and Y. Yuan.2001. Privacy protection in electronic commerce—a theoretical framework. Human Systems Management20:149-60.
25.
Hinde, S.1998. Privacy and security—The drivers for growth of e-commerce . Computers and Security17:475-78.
26.
Hoffman, D., T. Novak, and M. Peralta.1999. Information privacy in the marketspace: Implications for the commercial uses of anonymity on the Web. The Information Society15:129-39.
27.
Hoofnagle, C.2005. Privacy self regulation: A decade of disappointment. Washington, DC: Electronic Privacy Information Center .
28.
Hotels' 325. 2004. Hotels 38 (7).
29.
IFAK. 2002. Nur begrenztes Vertrauen der Verbraucher beim Einkaufen in Internet. Reserach study. Taunusstein. www.ifak.de/presse_8.php.
30.
Internet & American Life.2000. New internet users: What they do online. http://www.pewinternet.org/reports/toc.asp?Report=22.
31.
Jamal, K., M. Maier, and S. Sunder.2003. Privacy in e-commerce: Development of reporting standards, disclosure and assurance services in an unregulated market . Journal of Accounting Research41 (2): 285-309.
32.
Jennings C., and L. Fena.2000. The hundredth window: Protecting your privacy and security in the age of the internet. New York : Free Press.
33.
Kandra, A., and A. Brandt.2003. The great American privacy makeover . PC World, November, pp 145-60.
34.
Krishnamurthy, S.2001. A comprehensive analysis of permission marketing. Journal of Computer-Mediated Communication6 (2). http://www.ascusc.org/jcmc/v016/issue2/krishnamurthy.html.
35.
Long, W., and M. Quek.2002. Personal data privacy protection in an age of globalization: the US—EU safe harbour compromise. Journal of European Public Policy9 (3): 325-44.
36.
Main, H., and P. O'Connor.1998. The use of smart card technology to develop a community based affinity/ loyalty scheme for SMEs in tourism and hospitality. In Information and communications technologies in tourism 1998 , ed. Dimitrios Buhalis, A Min Tjoa, and Jafar Jafari , 7-15. New York: Springer-Verlag Wien.
37.
Mayer-Schonberger, V.1998. The internet and privacy legislation: Cookies for a treat?Computer Law and Security Report14 (3): 166-74.
38.
Metz, C.2001. What they know. PC Magazine, November 13, pp. 104-18.
39.
Milne, G.R., and M.E. Gordon.1993. Direct mail privacy efficiency: Trade-offs within an implied social contract framework. Journal of Public Policy and Marketing12:206-15.
40.
Mitchener, B.2001. EU moves towards a ban on SPAM. Wall Street Journal Europe, December 7, p. 1.
41.
Miyazaki, A., and S. Krishnamurthy .2002. Internet seals of approval: Effects on online privacy policies and consumer perceptions. Journal of Consumer Affairs36 (1): 28-49.
42.
Moores, T.2003. Do consumers understand the role of privacy seals in e-commerce? Communications of theACM48 (3): 86-91.
43.
Nahra, K.2006. A privacy and security compliance check-list for the internet era. Journal of Internet Law9 (12): 1, 12-21.
44.
Nowak, G., and J. Phelps.1997. Direct marketing and the use of individual-level consumer information: Determining how and when privacy matters. Journal of Direct Marketing11 (4): 94-108.
45.
Nunes, P., and A. Kambil.2001. Personalization? No thanks. Harvard Business Review79 (4): 32-34.
46.
Opplinger, R.2000. Privacy protection and anonymity services for the World Wide Web (WWW). Future Generation Computer Systems16:379-91.
47.
Phelps, J.E., G. D'Souza, et al. 2001. Antecedents and consequences of consumer privacy concerns: An empirical investigation. Journal of Interactive Marketing15 (4): 2-17.
48.
PhoCusWright.2001. Online travel marketplace 2001-2003. New York: PhoCusWright.
49.
Piccoli, G., and P. O'Connor.2003. Customer relationship management—A driver for change in the structure of the U.S. lodging industry. Cornell Hotel and Restaurant Administration Quarterly44 (4): 61-73.
50.
Rust, R., P. Kannan, and N. Peng.2002. The customer economics of internet privacy . Journal of the Academy of Marketing Science30 (4): 455-64.
51.
Ryker, R., E. LaFleur, B. McManis, and C. Cox.2002. Online privacy policies: An assessment of the Fortune E-50. Journal of Computer Information Systems42 (4): 15-20.
52.
Taylor, S.2003. Protecting privacy in Canada's private sector. Information Management Journal37 (4): 33-39.
53.
Teltzrow, M., and A. Kobsa.2004. Impacts of user privacy preferences on personalised systems: A comparative study. In Designing personalised user experiences in ecommerce, ed. C. Karat, J. Blom, and J. Karat, 315-32. Dordrecht, the Netherlands: Kluwer Academic.
54.
Turinas, A., and S. Showalter.2002. Privacy in the electronic age. Managing Intellectual Property124: 72-78.
55.
Turow, J.2003. American & online privacy: The system is broken. Philadelphia: Annenberg Public Policy Center, University of Pennsylvania.
56.
Valentine, D.2000. Privacy on the internet: The evolving legal landscape. Santa Clara Computer and High TechLaw Journal16:407-8.
57.
Weber, T.2000. On the internet, everybody wants to be a nobody. Wall Street Journal Europe, June 12, p. 26.
58.
Zwick, D., and N. Dholakia.2001. Contrasting European and American approaches to privacy in electronic markets: Property right versus civil right. Electronic Markets11 (2): 116-20.
