This project has three main goals: 1) to estimate how privacy regulation will affect the shape and direction of electronic commerce; 2) to empirically investigate how online consumers respond to being given control over how their personal data are used and how these responses are interconnected across consumers; and 3) to assess how best organizations can safeguard and protect consumer data and the legal risks that might entail, with particular application to the health sector.
This 5-year integrated program of research will build upon concepts from multiple fields, including computer science, economics, marketing and information systems, to measure and evaluate the current effects and the likely future effects of various ways of regulating firms' use of consumer data online. The research program combines computer science techniques designed to optimize the mining of online information with economic analysis and policy evaluation techniques. The research will advance and synergize literatures in each of these fields, and apply these advances to the important academic topic of measuring the likely effect of privacy regulation and other governmental attempts to safeguard digital data. The program will uniquely yield prescriptive recommendations regarding significant industry and public concerns, based on scientific measurements.
The activities are designed to have broader impact within the practitioner, policy and academic community. Once the research program is complete, practitioners, policymakers and academics will have new ways that they can measure the impacts of existing and proposed privacy regulations. This will lead to clearer guidance for policymakers seeking to improve the design of privacy laws, and better practices for firms trying to retain a viable business model while safeguarding consumers' privacy. The research program will enable websites to use consumer data in ways that improve consumers' experience of online advertising, rather than unintentionally creating situations where consumers feel that their privacy has been violated. It will help guide privacy regulation directed at protecting the most vulnerable types of digital consumer data, such as digitized patient records, from unintentional security risks.
The educational program will create a new mentoring program for undergraduate and graduate students, focusing especially on recruiting undergraduate and graduate women and under-represented minorities with an interest in the intersection between information systems and public policy. It also involves a specialized digital data and privacy course at MIT Sloan School of Management, introducing a generation of students to new complexities raised by protecting privacy when digitization automates the collection of potentially personal data. It is increasingly important for business students to come to grips with the privacy challenges and the business practices encountered when using the Internet, and such course development will assist in that process. A graduate student seminar will help more technically-minded students understand the nuances of applying policy evaluation techniques to IS policy issues. The data, results and educational exercises resulting from this proposal will be made available to the broader academic community, to further disseminate the planned research and teaching advances.