Trust, privacy, and legal protection in the use of software with surreptitiously installed operations: An empirical evaluation

The class of software which is “surreptitiously installed on a user’s computer and monitors a user’s activity and reports back to a third party on that behavior” is referred to as spyware “(Stafford and Urbaczewski in Communications of the AIS 14:291–306, 2004)”. It is a strategic imperative that software vendors, who either embed surreptitious data collection and other operations in legitimate software applications or whose software is unwittingly used as a delivery vehicle for surreptitious operations, understand users’ perceptions of trust, privacy, and legal protection of such software to remain competitive. This paper develops and tests a research model to explore application software users’ perceptions in the use of software with embedded surreptitious operations. An experiment was undertaken to examine whether the presence of spyware in application software impacts users’ perceptions and beliefs about trustworthiness of the application software, privacy control of the software vendor, United States legal protection, and overall trust of the software vendor. The results indicate users of software with spyware, versus users of software without spyware, have lower trust perceptions of a software vendor. Further examination of trustworthiness as a multi-dimensional construct reveals a software vendor’s competence in appropriately using private user information collected and the user’s belief that the vendor will abide by acceptable principles in information exchange are important influences in gaining users’ overall trust in a vendor. User trust in software utilization is critical for a software vendor’s success because without it, users may avoid a vendor’s software should the presence of spyware be discovered. Software vendors should respond to the strategic necessity to gain users’ trust. Vendors must institute proactive and protective measures to demonstrate that their software should be trusted. These protections could take the form of technological approaches or government legislation, or both.

Burke T. WardEmail: