Privacy and Security Aspects of Social Media: Institutional and Technological Environment

Nir Kshetri


Legitimate as well as illegitimate organizations and entities are gaining access to information about social media (SM) users through illegal, extralegal, and quasi-legal means. Worse still, many organizations and individuals using SM have become targets and victims of cybercrimes. SM have also led to an exposure of unethical and illegal conducts within some organizations. One estimate suggested that 36% of social networking users have reported experiencing mal-ware attacks through their profiles. Another study suggested that one in four companies have become cybercrime victims via social networking sites. Likewise, about a quarter of employers surveyed by the Society of Corporate Compliance and Ethics in 2009 had disciplined an em-ployee for improper activities on social networking sites. Organizations that fail to take appropri-ate technological and behavioral measures related to SM are likely to suffer reputation damages, loss of customers' confidence, and other types of economic losses. The goal of this paper is to develop a framework that provides a simple, explicit mechanism for understanding privacy and security issues associated with SM.  To achieve this goal, we draw upon literatures on diverse areas such as institutional theory, marketing and criminology. Specifically, we examine how var-ious institutions from the standpoint of SM superimpose in a unique interaction with SM related technologies’ natures that influence businesses’ and consumers’ privacy and security.  We dis-cuss how various features of SM related technologies such as newness (leading to ineffective-ness of existing IT security   products), complexity (difficulty to understand SM’s functioning) and attractiveness of SM as a cybercrime target (availability of information with superior tar-getability and huge size and rapid growth of SM). We also examine how regulative institutions (lack of laws to deal with SM as well as lack of enforcement of existing laws), normative institu-tions (lack of ethical and professional guidelines) and cognitive institutions (lack of precautionary measures and lack of defensive measures or counterpoison) have contributed to a lack of be-havioral and attitudinal measures to ensure privacy and security.


Social Media; Rare Enemy Syndrome; Targetability; Privacy and Security; Institutions

Full Text:

Views 19048

Kshetri, N. (2011). " Privacy and Security Aspects of Social Media: Institutional and Technological Environment "Pacific Asia Journal of the Association for Information Systems, 3(4), pp.1-20.