Consumer Power in Flux: Implications of International Privacy Regulations on Consumer Attitudes towards U.S. Online Retailers.
Date
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
The Internet has never been as significant to both consumers and brands as it is today. The increased interest in online retailing among consumers has eight out of ten U.S. adults now shopping online (Pew Research Center, 2016). Technology such as cookies or flash beacon enables online retailers and marketers to connect many consumers' personal data from just their name and email address. The General Data Protection Regulation (GDPR) was implemented in May 2018 by the European Union to protect European citizens’ data privacy. Many U.S.-based retailers that also serve European consumers have started to change their practices to comply with the law. However, they are not required to do so by the U.S. federal government. In this study, our research questions are: (1) Using Westin’s privacy segment index (Kumaraguru & Cranor, 2005), what are consumers' perceptions of the current U.S. privacy regulations and how will it influence consumer data right preferences? (2) Will U.S.-based online retailers’ choice to apply or not to apply GDPR consumer data rights to consumers in the United States affect consumers trust and privacy concern, as well as their commitment toward online retailers? and (3) What consumer data rights stated in GDPR do U.S. consumers want? Do specific U.S consumer demographic groups prefer more consumer data rights? For theoretical implications, the study findings added empirical evidence in the body of Westin’s consumer privacy segmentation index (PSI) study and extends Bandura’s social cognitive theory in the context of business-consumer relationships. The results revealed that the three PSI groups (namely, fundamentalists, pragmatists, and unconcerned) are similar in terms of their preferences for different types of consumer data rights (primary versus secondary consumer data rights). Moreover, the percentage of respondents who were found to be privacy fundamentalists (44%) was higher than the those found in the U.S. national population samples (around 25%) (Jai & King, 2016; King, 2014; Kumaraguru & Cranor, 2005). Results also suggest that fundamentalists have the highest level of online privacy knowledge and the unconcerned have the lowest. For industry implications, the results better inform marketers and brands of their consumers’ levels of privacy concern and how they may increase consumer trust and commitment by addressing the GDPR rights. Moreover, this study sheds light on U.S. federal privacy policies in the wave of growing consumers’ privacy concerns within the global economy. The present study indicates a rise of online privacy knowledge among people between the ages of 35-54, and among U.S. consumers in general. The results indicated that consumers perceived higher trust and commitment toward online retailers if the retailers apply the GDPR consumer data rights to U.S. consumers. Results suggest that applying the GDPR consumer data rights to U.S. consumers decreases a consumer’s Privacy Concern and increases a consumer’s Brand Trust. It was then found as a consumer’s privacy concern decreased and their trust increased, subsequently their brand commitment increased. These results suggest a direct relationship between applying consumer data rights and its effects on consumer attitudes toward the identified retailer. Furthermore, results showed that the consumer data rights clustered into Primary Rights: 1) Access, 2) Restriction, 3) Consent, 5) Forgotten, and 8) Object, and Secondary Rights: 4) Correction, 6) Data Portability, and 7) Automated Processing Decisions. For marketers who are hesitant to apply all rights to their consumers due to either technical difficulties or limited available resources, they could possibly choose to provide just the primary rights instead of all the rights to their consumers.