Privacy seal

Last updated

A privacy seal is a type of trust seal or trustmark granted by third party providers for display on a company's website. Companies pay an annual fee (usually ranging from a few hundred to several thousand U.S. dollars) to have an image of the third party provider's seal pasted onto their homepage or privacy policy page. [1] Users can oftentimes click on the seal and be redirected to the web assurance seal service's website which verifies the validity of the privacy seal. They are meant to act as a visual assurance for consumers that the website in question meets a certain standard of privacy. [2] The idea of a privacy seal originates with its physical manifestation – companies have long sought seals of approval like Good Housekeeping to be placed on their tangible products in order to draw in customers who value "quality". [2] While all web assurance seal services follow the guidelines set by the Federal Trade Commission, some providers may have additional requirements. [3] Checks are then conducted on a regular or random basis to ensure compliance. [2] Privacy seals can be applied to various types of e-commerce websites. Some seal providers even create a special privacy seal that is geared toward a certain product like mobile apps or accounting. [4] There are many privacy compliance technology companies, most notably TRUSTArc (formerly TRUSTe), CPA Canada WebTrust, PwC Privacy and BBBOnline. [4] [5]

Contents

The U.S. does not regulate e-commerce privacy as stringently as Europe or other countries in the world. [3] With this in mind, U.S. companies have more freedom when it comes to disclosure notices and selling data to third parties for advertising purposes. American based privacy seal companies make a pivot toward the broader field of reliability assurance and complaint resolution in the European marketplace. [6] [4] Privacy seals also have a major presence in the accounting industry of Canada and in general e-commerce in Japan and South Korea.

Privacy seals are meant to boost customers' perception of a company's website safety and regard for their privacy protection. Web assurance seal services also aid in online dispute resolution. [2] A hot button public policy issue has been whether the U.S. government should regulate privacy in e-commerce. [3] Past controversies and concerns have caused the need for privacy seals to come into question.

Origin

Privacy seals have been around since the 1990s – with the TRUSTArc seal program being founded in 1996 and BBBOnline's in 1998. [6] Privacy seals are self-regulatory tools that were invented to combat privacy concerns without governmental legislation. [7] With the rise of e-commerce, it became apparent that privacy concerns were deterring potential customers. [6] When purchasing online, customers are prompted to provide private information such as name, address, credit card information, and sometimes age or birthdate. [8] This information can be sold to third-parties for advertising purposes or be used by the company for data profiling purposes. Companies can price discriminate by using the information collected to predict the highest price point a customer is willing to pay. [8]

Except for Federal Trade Commission guidelines, first established in a 1999 report, privacy protection is mainly self-regulated in the United States. [6] Self regulators argue that governmental intervention would harm e-commerce because its inflexibility does not allow for each company to experiment with their policies and disclosures. They believe that legislative practices are too slow and bureaucratic to be effectual; this makes regulations more burdensome than helpful in e-commerce. [6] Self regulation allows for quick adaptations that will ultimately create the most ideal privacy practices. In theory, businesses will be forced to create privacy policies that satisfy customers' concerns because their economic success relies on being able to draw in more and more customers. [6] Because privacy is a major concern for customers, they will purchase from websites they feel secure using. This relation between a consumer's perception of a company's website and their intention to purchase is the cornerstone of privacy seals. [9]

Some detractors of self regulation and laissez faire regulation believe a "race to the bottom" effect will occur if there are no regulatory (financial) penalties. Strauss et al. found that seal programs seem effective in regards to privacy but believes lack of regulation is why privacy seals have not seen high rates of participation. [6] They note the conflict resolution and investigative aspect of privacy seal programs, but state that they have limited power to redress the situation. They are not given any powers for punitive action against companies in violation of privacy standards. Research by Jamal et al., however, suggests that lack of regulation should not be a concern. [5] Even without governmental or financial threats, e-commerce companies still adopt policies and practices of privacy protection and disclosure. This is despite no general federal or state law requiring them – there are slight overlaps in the case of protecting health information or children. Proponents of governmental regulation believe legislation would officialize rules that are already being followed by many already. FTC guidelines are already followed by most companies (as a result of meeting customer expectation). [6] Proponents also state that legislation in the United States could be less specific than the European Union's – wiggle room for how a business uses the data collected could still exist.

Privacy seals assure consumers that a company is taking measures to protect their privacy and data. Companies must undergo a process of inspection by the seal provider to make sure they meet certain standards. Checks are then conducted regularly (depending on the provider this can be done annually, biannually or randomly) to ensure compliance. [4] Although FTC guidelines act as a bare minimum, additional standards can differ between seal providers. For example, SecureAssure (launched in 1999) resorts to an opt-in practice rather than disclosure measures. [6] They do not allow companies participating in their seal certification service to share any information beyond its primary use – i.e. no selling to advertisers. People using these websites must opt-in to receive promotional material (this includes emails). [6] Privacy seals usually come with a fee that ranges from a few hundred to several thousand U.S. dollars. The Entertainment Software Rating Board (ESRB) Privacy Certification program utilizes a sliding scale (starting at $0) that is based on the annual revenue of the company seeking certification. [4]

Many privacy seal providers also serve as complaint resolution services. [2] Participating seal service providers mediate conflicts between customers and the website in which their seal is displayed. [6] They will also on occasion launch a formal investigation. The most severe action a privacy seal provider can enact is revoking the privacy seal from a company and thus producing negative attention. [6] Action cannot be taken to remove the website or to enact a sizable financial penalty.

Uses

Privacy seals can be placed on many different types of e-commerce websites. Companies may also have different motives for wanting a privacy seal. Studies in the past have looked at the effectiveness of privacy in general e-commerce, as well as in specific categories like loan providers, travel booking, and online bookstores. ESRB has several types of privacy seals. Their Kids Online Compliance seal certifies companies whose target market are children. [4] There are special laws that stipulate extra measures of protection and privacy for children – e.g. Children's Online Privacy Protection Act (COPPA). [4] This seal is meant to indicate compliance to those additional standards. ESRB entered the privacy assurance space in 1999 and also introduced a privacy seal for mobile app services in 2013. [4]

Examples of ESRB's Privacy Certified Globe and Kids Seals Privacy Certified Globe and Kids Seal.png
Examples of ESRB's Privacy Certified Globe and Kids Seals

A study conducted by Mai et al. examined online stores that sold e-books, textbooks, and audiobooks found that websites with privacy seals are able to charge a price premium because customers are willing to pay more if the website is deemed "safer" (via privacy seals) by them. [8] Customers' perception of trustworthiness results from the presence of a privacy assurance tool like a privacy seal and the reputation of the company in question. [10] Customers using websites with seals have higher rates of satisfaction and intention to purchase again. [8] [11] Privacy seals also desensitizes customers' perceptions of service performance. [12] Kimery et al. found in their study that privacy seals only had a slightly positive impact on trust where unfamiliar e-commerce retailers were concerned. [13] This means that well-known brick and mortar companies may after consideration decide that privacy seals are not worthwhile. [8]

While privacy seals do not inform users about privacy like disclosure notices, they serve as a learning tool. [1] Users can go to the seal provider's website (by clicking the seal) to learn what privacy protection practices are used by the participating company, as well as if the company is in good standing. [4]

Privacy seals do not make customers more informed about their internet safety. This is because most customers do not read privacy policies (or click on the privacy seal) and therefore do not know the actual policies and privacy practices of a company. [14] Still, company privacy practices usually align with what customers' expect in websites with privacy seals. [5] Even though most customers do not take the extra step of clicking the seal, there is still accountability. Privacy seal providers would lose business if they did not uphold privacy and data protection to a certain extent or did not shape their policies to the desires (and priorities) of customers. [15] Additionally, a study by Ruppel et al. which followed four fledgling websites states that businesses will build websites to reflect their values. A brick and mortar store that has established trust with consumers would be unlikely to build a website that would jeopardize that relationship. [16] For this reason, websites may start off with the intention to promote product rather than facilitate actual transactions. [16]

Effectiveness

There are four main privacy seal providers: TRUSTArc, BBBOnline, WebTrust, and PwC Privacy. [5] Companies must make a decision on how much they want to pay, in addition to deciding which seal provider is the best fit. Companies can fall into the same trap that users fall into: perception of trust. Reputation from brick and mortar companies often translates to the online business place even though it may be unearned. When BBBOnline first started they had less clients then the already established TRUSTArc, but they were able attract big clients like American Airlines, eBay, Dell Computers, and AT&T. [6] This is because they were already established as the Better Business Bureau (BBB), a global credential evaluator, in the brick and mortar marketplace.

Sheng et al. used eye tracking in their experiments to determine what draws consumers' attentions and the amount of information retained. [17] They found that regardless of risk condition (cost of product), fixation times were longer for privacy icons then for privacy text or non-privacy content.

Research by Miyazaki et al. has compared perceived risk in e-commerce to other forms of shopping, more specifically mail order and purchases made by telephone. They found that consumers perceive online shopping as more dangerous than these other methods, but privacy seals are effective in mitigating concerns. [18]

Although privacy seals have shown to work in attracting customers, they have experienced limited success. In the case of the WebTrust privacy seal program which is a joint venture between the U.S. and Canada, a study was done to determine the cause of its slow growth. [19] The authors of this study, Lala et al. suggest it might be a marketing issue. [19] Consumers are unaware of what privacy seals look like, as well as their purpose. BBBOnline Privacy Seal service ceased taking new applicants in 2007 and stopped their service in 2008, but this has not stopped websites from displaying their privacy seal to this day. [4]

Privacy concerns

Level of privacy concern can vary depending on the type of website. This can partially impact a consumer's intention to purchase – which is also affected by price of product and level of certainty that the company will protect consumer data after the fact. [11] A study by Sheng et al. examined how levels of concern changed with product. They found that in situations dealing with financial services, participants paid more attention to privacy practices (looking for a privacy seal or notice). Similarly, websites pertaining to homework assistance, dating, and medication also received high rates of attention to privacy practices. [17]

Impact of internet literacy and social awareness

Privacy is talked about from an internet literacy perspective, as well as a social awareness dimension. [20] People who are knowledgeable in terms of how to use the internet are not necessarily well versed in internet safety or the extent to which the government is involved. Dinev et al. analyzed data from over 400 respondents using structural equation modeling to test various relationships between Internet literacy, social awareness, Internet privacy concerns, and intention to transact. [20] They found that people who were more Internet literate had less concerns whereas people who are more socially aware (pay more attention to socio-political factors and current events) are more concerned about their privacy. Past research has shown that young adults (18 to 29) are less likely to be concerned or proactive about their privacy even though they are the most likely to have their identity stolen. [14] Risk in e-commerce is not just about the security measures put in place by the organization's website but also has to do with the behavior of the consumer.

Each privacy seal provider has its own standards in addition to following the rough guidelines the Federal Trade Commission has established on privacy protection. BBBOnline was found to make more statements about how they secure transmission of information than TRUSTArc. [2] Generally speaking, websites with privacy seals are more transparent about their privacy practices, but they often ask for more personal information than websites without a privacy seal. [2] This is because privacy seals evoke a sense of trust from the customers which makes them more willing to share personal information. Privacy seals are tools of persuasion. Companies benefit from having a privacy seal because it creates an appearance of trustworthiness. [7] Privacy seals have little effect on perceived risk of using a website, but does strongly affect how trustworthy a customer perceives a website. [9] Websites without seals are not necessarily more risky. This is because privacy seals are a product companies must opt-into, they are not automatically given to any websites that meet certain requirements. [1] Privacy seals do not mitigate risk, they are a safety heuristic.

Controversies

Privacy seals have landed in hot water in the past due to slip ups. TRUSTArc mistakenly used a third party that tracks information on its own website. TRUSTArc also discovered that two of the websites certified by them were in violation of providing data to a marketing firm. [2]

International applications

European Union

An American creation, privacy seals, have slowly made their way into Europe. Most seal programs are not only American in origin but also mainly consist of U.S. websites. QXL, a now defunct online auction house, was one of the first European companies to receive certification by TRUSTArc. [6] Seal programs in Europe make their main focus reliability of a specific sector rather than privacy protection because the European Union (EU) already has regulations in place. [6] U.S. company, ePublicEye, partnered with France's eBuyClub in 1999 to rate the reliability of shopping websites – they expanded in 2000 to include Germany and Spain. [6] Like the United States, seal programs have failed to gain traction in Europe. [6]

Basic Europrise European Privacy Seal - the seal assigned to a company would have the country of origin, certification number, and expiration date Europrise european privacy seal.jpg
Basic Europrise European Privacy Seal - the seal assigned to a company would have the country of origin, certification number, and expiration date

Prior to the European Union's passage of Directive 95/46/EC, data protection laws were enacted on an individual (country) basis. Also known as "The Protection of Individuals with Regard to the Processing of Personal Data and the Free Movement of Such Data", Directive 95/46/EC was passed in 1995. [4] The European Union (EU) not only regulates but also institutionalizes data privacy: every EU country has a data protection commissioner appointed to an agency. [4]

The European Union has strict regulations for privacy unlike the United States and also needs to ensure the compliance of multiple countries rather than just one. As a result, many American based privacy seal services are used only for their complain resolution services. [4]

EuroPrise (started in 2003) is an EU funded project which serves as the main privacy seal service in Europe. [4] Starting in 2009, it has been controlled by the Independent Centre for Privacy Protection Schleswig-Holstein (ULD) which is a German data protection agency. [4] It was later converted into a dedicated company EuroPriSe Cert GmbH. Each EuroPrise seal includes the country of the certification body (company being certified), a unique certification number, and the expiration date. European Multi-channel and Online Trade Association (EMOTA) also has a trust seal geared towards European e-commerce, however it cannot be displayed alone. [4] It needs to be placed next to an accredited e-Commerce trust seal. They are also not solely privacy focused. Privacy and data protection is just one of their requirements for qualification. [4]

The European General Data Protection Regulation (GDPR) provides legal basis for the adoption of official European Data Protection Seals under Art. 42 and 43 GDPR. In October 2022, the European Data Protection Board officially approved Europrivacy criteria to serve as official European Data Protection Seal for data controllers and processors under Art. 42 GDPR. In March 2024, the European Acreditation forum approved Europrivacy for accreditation at European level, in conformity with Art. 43 GDPR. In June 2024, the first official European Data Protection Seal has been delivered to a company in Luxembourg. Europrivacy is managed by the European Centre for Certification and Privacy in Luxembourg and is made available for free to qualified certification bodies. It is supported by an ecosystem of academics, research centres, and service providers.

Whereas there is a huge debate between governmental and self-regulation of privacy in the United States, it is less controversial in Europe. This stems from the European idea that the state should have an active role in protecting its constituents from social harm. [6]

Canada

The WebTrust seal program is a joint venture between the American Institute of Certified Accountants (AICPA) and the Canadian Institute of Chartered Accountants (CICA). A study by Lala et al. shows that despite initial excitement, this product has failed to gain traction. [19] They state that this is likely due to a mix of two factors: 1) costs of participating in a seal program are prohibitive and 2) consumers cannot tell the difference in quality between various privacy seal providers. Lala et al. found a preference in consumers for high information assurance seals. They believe that the issue is marketing. WebTrust needs to do a better job of convincing Internet firms that it is worth the money to use their program. [19]

The Privacy and Big Data Institute at Ryerson University partnered with Deloitte to create a privacy scorecard and seal. Based on Ryerson University's seven foundational principles, Deloitte created 29 measurable criteria. [4] Once it is determined that a company passes all the requirements, they are given permission to display the privacy seal referred to as "Privacy by Design Certification Seal". This seal is valid for three years but must be renewed annually – which involves signing an attestation form and paying a renewal fee. [4]

South Korea

Privacy seals are not received the same in all countries. In a comparative study between the United States and South Korea, Kim et al. found privacy seals had a strongly positive effect on customer's intention to purchase and a strongly negative effect on concerns in the United States. [21] The study's two surveys (one based in each country) revealed that privacy seals did not significantly influence South Korean shopper's intent to purchase or their concerns. Kim et al. suggest this is because of South Korea's collectivist culture which makes them more trusting of their government. [21] Places where governmental influence is welcomed would have less use for privacy seals because users would in theory be satisfied with the measures the government takes to protect their privacy.

Japan

Privacy seals entered the Japanese market because the Japanese government believed privacy assurance to be paramount to ensuring the growth of e-commerce. [4] Starting in April 1998, the Japan Information Processing Development Center (JIPDEC) has been managing the PrivacyMark program. [4] Ten years prior, JIPDEC published their "Guidelines for personal data protection in the private sector". [4] As of 2015, PrivacyMark has certified 19,000 organizations. [4] In 2008, JIPDEC created a mutual recognition program in China in partnership with Dalian Software Industry Association (DSIA). [4]

See also

Related Research Articles

Consumer privacy is information privacy as it relates to the consumers of products and services.

Information privacy is the relationship between the collection and dissemination of data, technology, the public expectation of privacy, contextual information norms, and the legal and political issues surrounding them. It is also known as data privacy or data protection.

Medical privacy, or health privacy, is the practice of maintaining the security and confidentiality of patient records. It involves both the conversational discretion of health care providers and the security of medical records. The terms can also refer to the physical privacy of patients from other patients and providers while in a medical facility, and to modesty in medical settings. Modern concerns include the degree of disclosure to insurance companies, employers, and other third parties. The advent of electronic medical records (EMR) and patient care management systems (PCMS) have raised new concerns about privacy, balanced with efforts to reduce duplication of services and medical errors.

<span class="mw-page-title-main">Online shopping</span> Form of electronic commerce

Online shopping is a form of electronic commerce which allows consumers to directly buy goods or services from a seller over the Internet using a web browser or a mobile app. Consumers find a product of interest by visiting the website of the retailer directly or by searching among alternative vendors using a shopping search engine, which displays the same product's availability and pricing at different e-retailers. As of 2020, customers can shop online using a range of different computers and devices, including desktop computers, laptops, tablet computers and smartphones.

Internet privacy involves the right or mandate of personal privacy concerning the storage, re-purposing, provision to third parties, and display of information pertaining to oneself via the Internet. Internet privacy is a subset of data privacy. Privacy concerns have been articulated from the beginnings of large-scale computer sharing and especially relate to mass surveillance.

A privacy policy is a statement or legal document that discloses some or all of the ways a party gathers, uses, discloses, and manages a customer or client's data. Personal information can be anything that can be used to identify an individual, not limited to the person's name, address, date of birth, marital status, contact information, ID issue, and expiry date, financial records, credit information, medical history, where one travels, and intentions to acquire goods and services. In the case of a business, it is often a statement that declares a party's policy on how it collects, stores, and releases personal information it collects. It informs the client what specific information is collected, and whether it is kept confidential, shared with partners, or sold to other firms or enterprises. Privacy policies typically represent a broader, more generalized treatment, as opposed to data use statements, which tend to be more detailed and specific.

<span class="mw-page-title-main">Video Privacy Protection Act</span> 1988 American law on tape rental privacy

The Video Privacy Protection Act (VPPA) is a bill that was passed by the United States Congress in 1988 as Pub. L. 100–618 and signed into law by President Ronald Reagan. It was created to prevent what it refers to as "wrongful disclosure of video tape rental or sale records" or similar audio visual materials, to cover items such as video games. Congress passed the VPPA after Robert Bork's video rental history was published during his Supreme Court nomination and it became known as the "Bork bill". It makes any "video tape service provider" that discloses rental information outside the ordinary course of business liable for up to $2,500 in actual damages unless the consumer has consented, the consumer had the opportunity to consent, or the data was subject to a court order or warrant.

TrustArc Inc. is a privacy compliance technology company based in Walnut Creek, California. The company provides software and services to help corporations update their privacy management processes so they comply with government laws and best practices. Their privacy seal or certification of compliance can be used as a marketing tool.  

Privacy law is a set of regulations that govern the collection, storage, and utilization of personal information from healthcare, governments, companies, public or private entities, or individuals.

Security breach notification laws or data breach notification laws are laws that require individuals or entities affected by a data breach, unauthorized access to data, to notify their customers and other parties about the breach, as well as take specific steps to remedy the situation based on state legislature. Data breach notification laws have two main goals. The first goal is to allow individuals a chance to mitigate risks against data breaches. The second goal is to promote company incentive to strengthen data security.Together, these goals work to minimize consumer harm from data breaches, including impersonation, fraud, and identity theft.

A click path or clickstream is the sequence of hyperlinks one or more website visitors follows on a given site, presented in the order viewed. A visitor's click path may start within the website or at a separate third party website, often a search engine results page, and it continues as a sequence of successive webpages visited by the user. Click paths take call data and can match it to ad sources, keywords, and/or referring domains, in order to capture data.

Privacy-enhancing technologies (PET) are technologies that embody fundamental data protection principles by minimizing personal data use, maximizing data security, and empowering individuals. PETs allow online users to protect the privacy of their personally identifiable information (PII), which is often provided to and handled by services or applications. PETs use techniques to minimize an information system's possession of personal data without losing functionality. Generally speaking, PETs can be categorized as either hard or soft privacy technologies.

<span class="mw-page-title-main">Digital privacy</span>

Digital privacy is often used in contexts that promote advocacy on behalf of individual and consumer privacy rights in e-services and is typically used in opposition to the business practices of many e-marketers, businesses, and companies to collect and use such information and data. Digital privacy, a crucial aspect of modern online interactions and services, can be defined under three sub-related categories: information privacy, communication privacy, and individual privacy.

Privacy by design is an approach to systems engineering initially developed by Ann Cavoukian and formalized in a joint report on privacy-enhancing technologies by a joint team of the Information and Privacy Commissioner of Ontario (Canada), the Dutch Data Protection Authority, and the Netherlands Organisation for Applied Scientific Research in 1995. The privacy by design framework was published in 2009 and adopted by the International Assembly of Privacy Commissioners and Data Protection Authorities in 2010. Privacy by design calls for privacy to be taken into account throughout the whole engineering process. The concept is an example of value sensitive design, i.e., taking human values into account in a well-defined manner throughout the process.

Do Not Track legislation protects Internet users' right to choose whether or not they want to be tracked by third-party websites. It has been called the online version of "Do Not Call". This type of legislation is supported by privacy advocates and opposed by advertisers and services that use tracking information to personalize web content. Do Not Track (DNT) is a formerly official HTTP header field, designed to allow internet users to opt-out of tracking by websites—which includes the collection of data regarding a user's activity across multiple distinct contexts, and the retention, use, or sharing of that data outside its context. Efforts to standardize Do Not Track by the World Wide Web Consortium did not reach their goal and ended in September 2018 due to insufficient deployment and support.

<span class="mw-page-title-main">Economics of digitization</span>

The economics of digitization is the field of economics that studies how digitization, digitalisation and digital transformation affects markets and how digital data can be used to study economics. Digitization is the process by which technology lowers the costs of storing, sharing, and analyzing data. This has changed how consumers behave, how industrial activity is organized, and how governments operate. The economics of digitization exists as a distinct field of economics for three reasons: it studies a world that is digital, exponential and combinatorial. First, new economic models are needed because digital goods have very low or even zero marginal costs unlike most traditional goods, thus many traditional assumptions no longer hold in a digitized world. Second, the rate of improvement of computers, networks and other engines of digitization, is exponential, as reflected by Moore's Law. Third, digital goods can easily be combined and recombined, increasing their value not only via networks and platforms, but also novel combinations. Each of these effects is important individually, but together they have synergies and constitute a distinct economic landscape.

Data re-identification or de-anonymization is the practice of matching anonymous data with publicly available information, or auxiliary data, in order to discover the person to whom the data belongs. This is a concern because companies with privacy policies, health care providers, and financial institutions may release the data they collect after the data has gone through the de-identification process.

<span class="mw-page-title-main">Dark pattern</span> Deceptive user interface designs

A dark pattern is "a user interface that has been carefully crafted to trick users into doing things, such as buying overpriced insurance with their purchase or signing up for recurring bills". User experience designer Harry Brignull coined the neologism on 28 July 2010 with the registration of darkpatterns.org, a "pattern library with the specific goal of naming and shaming deceptive user interfaces". In 2023 he released the book Deceptive Patterns.

Soft privacy technologies fall under the category of PETs, Privacy-enhancing technologies, as methods of protecting data. Soft privacy is a counterpart to another subcategory of PETs, called hard privacy. Soft privacy technology has the goal of keeping information safe, allowing services to process data while having full control of how data is being used. To accomplish this, soft privacy emphasizes the use of third-party programs to protect privacy, emphasizing auditing, certification, consent, access control, encryption, and differential privacy. Since evolving technologies like the internet, machine learning, and big data are being applied to many long-standing fields, we now need to process billions of datapoints every day in areas such as health care, autonomous cars, smart cards, social media, and more. Many of these fields rely on soft privacy technologies when they handle data.

Electronic Commerce Modeling Language (ECML) is a protocol which enables the e-commerce merchants to standardize their online payment processes. Through the application of ECML, customers' billing information in their digital wallet can be easily transferred to fill out the checkout forms.

References

  1. 1 2 3 Rifon, Nora J.; LaROSE, Robert; Choi, Sejung Marina (2005). "Your Privacy Is Sealed: Effects of Web Privacy Seals on Trust and Personal Disclosures". Journal of Consumer Affairs. 39 (2): 339–362. doi:10.1111/j.1745-6606.2005.00018.x. ISSN   1745-6606. S2CID   18605420.
  2. 1 2 3 4 5 6 7 8 Larose, Robert; Rifon, Nora (2006-12-01). "Your privacy is assured-of being disturbed: Websites with and without privacy seals". New Media & Society. 8 (6): 1009–1029. doi:10.1177/1461444806069652. S2CID   13175346.
  3. 1 2 3 Bowie, Norman E.; Jamal, Karim (2006). "Privacy Rights on the Internet: Self-Regulation or Government Regulation?". Business Ethics Quarterly. 16 (3): 323–342. doi:10.5840/beq200616340. ISSN   1052-150X. JSTOR   3857919. S2CID   144799568.
  4. 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 Cavoukian, Ann; Chibba, Michelle (2018), Rodrigues, Rowena; Papakonstantinou, Vagelis (eds.), "Privacy Seals in the USA, Europe, Japan, Canada, India and Australia", Privacy and Data Protection Seals, Information Technology and Law Series, The Hague: T.M.C. Asser Press, pp. 59–82, doi:10.1007/978-94-6265-228-6_5, ISBN   978-94-6265-228-6
  5. 1 2 3 4 Jamal, Karim; Maier, Michael S.; Sunder, Shyam (2002). "Privacy in E-Commerce: Development of Reporting Standards, Disclosure and Assurance Services in an Unregulated Market". SSRN Electronic Journal. doi:10.2139/ssrn.309753. ISSN   1556-5068. S2CID   219373652.
  6. 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 Strauss, Jared; Rogerson, Kenneth S (2002-05-01). "Policies for online privacy in the United States and the European Union". Telematics and Informatics. Regulating the Internet: EU and US perspectives. 19 (2): 173–192. doi:10.1016/S0736-5853(01)00012-0. ISSN   0736-5853.
  7. 1 2 Miyazaki, Anthony D.; Krishnamurthy, Sandeep (2002). "Internet Seals of Approval: Effects on Online Privacy Policies and Consumer Perceptions". Journal of Consumer Affairs. 36 (1): 28–49. doi:10.1111/j.1745-6606.2002.tb00419.x. ISSN   1745-6606.
  8. 1 2 3 4 5 Mai, Bin; Menon, Nirup M.; Sarkar, Sumit (2010-10-01). "No Free Lunch: Price Premium for Privacy Seal-Bearing Vendors". Journal of Management Information Systems. 27 (2): 189–212. doi:10.2753/MIS0742-1222270206. ISSN   0742-1222. S2CID   7188034.
  9. 1 2 PhD, Sang M. Lee; Choi, Jeongil; PhD, Sang-Gun Lee (2004-07-20). "The Impact of a Third-Party Assurance Seal in Customer Purchasing Intention". Journal of Internet Commerce. 3 (2): 33–51. doi:10.1300/J179v03n02_03. ISSN   1533-2861. S2CID   153850858.
  10. Kaplan, Steven E.; Nieschwietz, Robert J. (2003-06-01). "A Web assurance services model of trust for B2C e-commerce". International Journal of Accounting Information Systems. 4 (2): 95–114. doi:10.1016/S1467-0895(03)00005-8. ISSN   1467-0895.
  11. 1 2 Tang, Zhulei; Hu, Yu (Jeffrey); Smith, Michael D. (2008). "Gaining Trust through Online Privacy Protection: Self-Regulation, Mandatory Standards, or Caveat Emptor". Journal of Management Information Systems. 24 (4): 153–173. doi:10.2753/MIS0742-1222240406. ISSN   0742-1222. JSTOR   40398915. S2CID   2701990.
  12. Park, Insu; Bhatnagar, Amit; Rao, H. Raghav (2010). "Assurance Seals, On-Line Customer Satisfaction, and Repurchase Intention". International Journal of Electronic Commerce. 14 (3): 11–34. doi:10.2753/JEC1086-4415140302. ISSN   1086-4415. JSTOR   20749970. S2CID   15619168.
  13. Kimery, Kathryn; McCord, Mary (2002-07-01). "Third Party Assurances: Mapping the Road to Trust in eRetailing". Journal of Information Technology Theory and Application (JITTA). 4 (2). ISSN   1532-4516.
  14. 1 2 Larose, Robert; Rifon, Nora J. (2007). "Promoting i-Safety: Effects of Privacy Warnings and Privacy Seals on Risk Assessment and Online Privacy Behavior". Journal of Consumer Affairs. 41 (1): 127–149. doi:10.1111/j.1745-6606.2006.00071.x. ISSN   1745-6606. S2CID   9537379.
  15. Rifon, Nora J.; LaROSE, Robert; Choi, Sejung Marina (2005). "Your Privacy Is Sealed: Effects of Web Privacy Seals on Trust and Personal Disclosures". Journal of Consumer Affairs. 39 (2): 339–362. doi:10.1111/j.1745-6606.2005.00018.x. ISSN   1745-6606. S2CID   18605420.
  16. 1 2 Ruppel, Cynthia; Underwood-Queen, Linda; Harrington, Susan J. (2003). "e-Commerce: The Roles of Trust, Security, and Type of e-Commerce Involvement". E-Service Journal. 2 (2): 25–45. doi:10.2979/esj.2003.2.2.25. ISSN   1528-8226. JSTOR   10.2979/esj.2003.2.2.25. S2CID   17027652.
  17. 1 2 Sheng, Xiaojing; Felix, Reto; Saravade, Swapnil; Siguaw, Judy A.; Ketron, Seth C.; Krejtz, Krzysztof; Duchowski, Andrew T. (2020-04-01). "Sight unseen: The role of online security indicators in visual attention to online privacy information". Journal of Business Research. 111: 218–240. doi:10.1016/j.jbusres.2019.11.084. ISSN   0148-2963. S2CID   214352598.
  18. Miyazaki, Anthony D.; Fernandez, Ana (2001). "Consumer Perceptions of Privacy and Security Risks for Online Shopping". Journal of Consumer Affairs. 35 (1): 27–44. doi:10.1111/j.1745-6606.2001.tb00101.x. ISSN   1745-6606. S2CID   154681339.
  19. 1 2 3 4 Lala, Vishal; Arnold, Vicky; Sutton, Steve G; Guan, Liming (2002-12-01). "The impact of relative information quality of e-commerce assurance seals on Internet purchasing behavior". International Journal of Accounting Information Systems. Second International Research Symposium on Accounting Information Systems. 3 (4): 237–253. doi:10.1016/S1467-0895(02)00069-6. ISSN   1467-0895.
  20. 1 2 Dinev, Tamara; Hart, Paul (2005). "Internet Privacy Concerns and Social Awareness as Determinants of Intention to Transact". International Journal of Electronic Commerce. 10 (2): 7–29. doi:10.2753/JEC1086-4415100201. ISSN   1086-4415. JSTOR   27751182. S2CID   45443569.
  21. 1 2 Kim, Dan J.; Yim, Myung-Seong; Sugumaran, Vijayan; Rao, H. Raghav (2016-05-01). "Web assurance seal services, trust and consumers' concerns: an investigation of e-commerce transaction intentions across two nations". European Journal of Information Systems. 25 (3): 252–273. doi:10.1057/ejis.2015.16. ISSN   0960-085X. S2CID   34358438.