Breaking the Privacy Paradox: The Value of Privacy and Associated Duty of Firms

Abstract

The oft-cited privacy paradox is the perceived disconnect between individuals’ stated privacy expectations as captured in surveys and consumer market behavior in going online: i.e. individuals purport to value privacy yet still disclose information to firms. The privacy paradox is important for business ethics because the narrative of the privacy paradox defines the scope of corporate responsibility as quite narrow: firms have little to no responsibility to identify or respect privacy expectations if consumers are framed as relinquishing privacy online. The goal of this paper is to test the privacy paradox and empirically examine the conceptualization of privacy post disclosure assumed in the privacy paradox. Contrary to the privacy paradox, the results suggest consumers retain strong privacy expectations even after disclosing information. Privacy violations are valued akin to security violations in creating distrust in firms and in consumer (un)willingness to engage with firms in an experiment. Where firms currently are framed as having, at most, a duty to not interfere with consumers choosing to relinquish privacy, this paper broadens the scope of corporate responsibility to suggest firms have a positive obligation to identify reasonable expectations of privacy of consumers. In addition, the results impact how privacy is conceptualized and empirically examined in business ethics; research perpetuating the privacy paradox through the mistaken framing of disclosure as proof of anti-privacy behavior is harmful by giving license to firms to act contrary to the interests of consumers.