ArticlePDF Available

The Role of Data Anonymization in Protecting Customer Data: Examining the techniques and benefits of data anonymization in ensuring compliance with data protection regulations

Authors:
Tim Jiam
Tim Jiam
Tim Jiam
  • This person is not on ResearchGate, or hasn't claimed this research yet.
Liano Pie
Liano Pie
Liano Pie
  • This person is not on ResearchGate, or hasn't claimed this research yet.
Butel Leo
Butel Leo
Butel Leo
  • This person is not on ResearchGate, or hasn't claimed this research yet.
Ada John at Ladoke Akintola University of Technology
Ada John
Download full-text PDF
Read full-text
Download citation

Abstract

Data anonymization plays a crucial role in safeguarding customer privacy by transforming personal data into anonymous formats that prevent identification of individuals. As data protection regulations, such as the General Data Protection Regulation (GDPR), impose stringent requirements on how personal data is processed and stored, the application of anonymization techniques has become increasingly significant. This paper explores the various data anonymization methods, including k-anonymity, differential privacy, and data perturbation, analyzing their effectiveness in protecting sensitive information. Additionally, the study examines the benefits of anonymization, such as compliance with regulatory standards, enhancement of data utility for research, and mitigation of privacy risks. By reviewing current best practices and legal frameworks, this research highlights the importance of data anonymization in ensuring both compliance and ethical data handling in an era of growing data privacy concerns.
Content uploaded by Ada John
Author content
All content in this area was uploaded by Ada John on Dec 04, 2024
Content may be subject to copyright.
The Role of Data Anonymization in Protecting Customer
Data: Examining the techniques and benefits of data
anonymization in ensuring compliance with data protection
regulations.
Authors
Tim Jiam, Liano Pie, Butel Leo, Ada John
Date; December 4, 2024
Abstract:
Data anonymization plays a crucial role in safeguarding customer privacy by transforming
personal data into anonymous formats that prevent identification of individuals. As data
protection regulations, such as the General Data Protection Regulation (GDPR), impose stringent
requirements on how personal data is processed and stored, the application of anonymization
techniques has become increasingly significant. This paper explores the various data
anonymization methods, including k-anonymity, differential privacy, and data perturbation,
analyzing their effectiveness in protecting sensitive information. Additionally, the study
examines the benefits of anonymization, such as compliance with regulatory standards,
enhancement of data utility for research, and mitigation of privacy risks. By reviewing current
best practices and legal frameworks, this research highlights the importance of data
anonymization in ensuring both compliance and ethical data handling in an era of growing data
privacy concerns.
Keywords:
Data Anonymization, Customer Data Protection, Privacy, Data Privacy, GDPR, Anonymization
Techniques, k-Anonymity, Differential Privacy, Data Compliance, Data Protection Regulations,
Privacy Risk Mitigation.
Introduction:
In today’s data-driven world, the protection of customer data has become a critical concern for
organizations across various industries. With the increasing volume and complexity of data being
collected, processed, and stored, the risk of data breaches and unauthorized access has also risen.
As a result, regulatory frameworks such as the General Data Protection Regulation (GDPR) have
imposed stringent requirements to ensure that organizations handle customer data responsibly.
One of the most effective methods for safeguarding privacy and ensuring compliance with these
regulations is data anonymization.
Data anonymization refers to the process of transforming personal data in such a way that
individuals cannot be identified, either directly or indirectly, from the information. This process
is essential for maintaining the confidentiality of sensitive data while allowing organizations to
leverage valuable data for analysis, research, and decision-making. Techniques such as k-
anonymity, differential privacy, and data perturbation have been developed to ensure that data
remains useful without compromising privacy.
This paper aims to explore the role of data anonymization in protecting customer data, focusing
on the different techniques available, their benefits, and how they contribute to compliance with
data protection regulations. In addition to protecting individuals' privacy, anonymization helps
organizations mitigate the risks associated with data breaches and unauthorized data access,
thereby fostering trust with customers and regulatory bodies alike. As privacy concerns continue
to grow in the digital age, understanding and implementing robust data anonymization practices
will be pivotal in ensuring that data usage aligns with ethical standards and legal obligations.
II. Understanding Data Anonymization
Definition:
Data anonymization is the process of removing or altering identifiable information from data so
that individuals cannot be readily identified. The goal is to protect personal privacy while still
allowing the data to be used for analysis, research, or operational purposes. Anonymization is a
vital tool for ensuring compliance with privacy regulations, such as the GDPR, while
safeguarding sensitive information from unauthorized access or misuse.
Types of Anonymization Techniques:
1. Data Masking:
Data masking involves replacing sensitive data with random or meaningless values. This
ensures that the original data cannot be reconstructed, while allowing the masked data to
be used in non-sensitive contexts such as testing or training. For example, a customer’s
name could be replaced with a random string of characters, preventing identification
while maintaining the format of the data.
2. Data Aggregation:
Data aggregation combines information from multiple individuals to create group-level
insights, reducing the risk of identifying any one person. Instead of revealing individual
data points, aggregated data shows patterns or trends across a population. For instance,
instead of revealing the salaries of individual employees, aggregated data might show the
average salary of a group.
3. Data Generalization:
Data generalization involves reducing the specificity of the data, making it less precise.
For example, an exact age of 29 could be generalized to an age range such as "20-30".
This technique preserves data trends while obscuring exact details that could potentially
lead to identification.
4. Data Suppression:
Data suppression refers to the practice of removing specific data elements altogether.
Sensitive attributes, such as a person’s full address or social security number, may be
entirely suppressed to eliminate the possibility of identifying an individual.
Challenges and Limitations:
1. Residual Identifiability:
Despite anonymization efforts, there remains a risk of re-identification. When
anonymized data is combined with other available data sources, there is a chance that
individuals can be re-identified, especially if the anonymized dataset is sparse or lacks
sufficient masking. This is known as residual identifiability and poses a significant
challenge to ensuring full privacy.
2. Utility Loss:
Anonymizing data often leads to a reduction in its utility. After anonymization, the data
may lose some of its original detail, making it less useful for certain analytical tasks. For
example, using generalized data may limit the ability to perform precise statistical
analysis, or aggregated data might mask important variations within groups. Finding a
balance between privacy protection and data utility is one of the primary challenges in
implementing effective anonymization.
III. Benefits of Data Anonymization
Compliance with Data Protection Regulations:
1. GDPR (General Data Protection Regulation):
Data anonymization plays a pivotal role in ensuring compliance with the European
Union's GDPR. The regulation requires that organizations handle personal data with the
utmost care and privacy, enforcing strict rules about data storage, usage, and sharing.
Anonymization helps organizations meet GDPR’s requirements by allowing them to use
personal data for analysis, research, or innovation without violating individuals’ privacy
rights. By anonymizing data, organizations can also demonstrate their commitment to
safeguarding personal information and avoiding penalties for non-compliance.
2. CCPA (California Consumer Privacy Act):
The CCPA gives California residents greater control over their personal data, including
the right to opt out of data sales and the right to request data deletion. Data
anonymization helps businesses comply with these provisions by allowing them to
process and share data without compromising individual privacy. Anonymized data may
also be excluded from certain CCPA regulations, such as the "right to be forgotten," as it
is no longer considered personal data once anonymized.
3. HIPAA (Health Insurance Portability and Accountability Act):
In the healthcare industry, HIPAA sets standards for the protection of sensitive patient
data. Data anonymization is essential for complying with HIPAA's privacy and security
rules, particularly when using health information for research, analysis, or secondary
purposes. By anonymizing patient data, organizations can share medical records and
health information for research without exposing individuals to privacy risks, thus
ensuring compliance with HIPAA standards.
Risk Mitigation:
1. Reducing the Risk of Data Breaches and Cyberattacks:
Anonymizing data minimizes the potential for data breaches and cyberattacks to result in
significant harm. In the event of a breach, anonymized data is less likely to lead to the
exposure of sensitive personal information, as it cannot be traced back to individual
identities. This reduces the potential for financial, reputational, and legal consequences
that may arise from compromised personal data.
2. Minimizing the Impact of Data Leaks:
Data leaks, whether accidental or malicious, can have devastating consequences for
individuals and organizations. Anonymization acts as an effective safeguard by ensuring
that even if data is exposed, it will not contain identifiable information. This helps
mitigate the risks associated with leaks, protecting individuals’ privacy and maintaining
trust in the organization handling the data.
3. Protecting Sensitive Personal Information:
Anonymization shields sensitive personal information, such as financial details, medical
history, or social security numbers, from being exposed in the event of unauthorized
access. By anonymizing data, organizations can help protect customers and employees
from potential identity theft, fraud, or other forms of harm associated with privacy
breaches.
Enhanced Data Sharing:
1. Facilitating Data Collaboration and Research:
Data anonymization enables organizations to share data for collaborative purposes, such
as academic research or cross-industry partnerships, without jeopardizing individual
privacy. Researchers and analysts can work with anonymized datasets to derive insights
while ensuring that the information remains non-identifiable. This opens up opportunities
for innovation and knowledge exchange without breaching privacy regulations.
2. Enabling Data-Driven Insights Without Compromising Privacy:
Anonymization allows organizations to unlock the value of their data by making it
available for analysis, even when it contains sensitive information. By anonymizing data,
companies can use it for market research, trend analysis, and predictive modeling, while
protecting personal details. This helps organizations remain compliant with privacy laws
while still making data-driven decisions that benefit both the business and its customers.
IV. Case Studies: Real-World Applications
Healthcare: Anonymizing Patient Records for Research Purposes
In healthcare, anonymization is crucial for protecting patient privacy while enabling the use of
medical data for research, policy development, and public health initiatives. One notable
example is the use of anonymized patient records for clinical research studies. Hospitals and
research institutions collect vast amounts of patient data, including medical history, diagnostic
information, and treatment outcomes. By anonymizing this data, researchers can analyze trends,
conduct epidemiological studies, and develop new treatments without compromising patient
confidentiality. For instance, the use of anonymized health records has been key in accelerating
the development of vaccines and therapies, particularly during the COVID-19 pandemic. By
ensuring that identifiable information is removed or masked, healthcare organizations can
comply with privacy laws like HIPAA, while still allowing valuable data to be used for public
health benefits.
Finance: Protecting Customer Financial Data in Data Analytics
The finance sector handles a vast amount of sensitive customer data, including account details,
credit history, and transaction records. To comply with regulations such as the GDPR and the
CCPA, financial institutions often anonymize customer data before using it for analytics, fraud
detection, and credit scoring. For example, banks may anonymize transaction records to detect
patterns of fraudulent activity without risking the exposure of individuals' financial information.
Anonymization allows financial institutions to share aggregate insights with third-party partners
or use data for internal analysis while minimizing the risk of data breaches or identity theft. This
practice not only helps mitigate risk but also ensures that customer privacy is respected when
performing data-driven decision-making processes.
Marketing: Analyzing Customer Behavior Without Revealing Personal Information
In the marketing industry, organizations collect large amounts of data on consumer behavior,
preferences, and purchase patterns. However, due to growing concerns over privacy,
anonymizing customer data has become an essential practice. By removing or obscuring
personally identifiable information, companies can analyze buying habits and target
advertisements without compromising individual privacy. For instance, retail businesses may
aggregate anonymized data from loyalty programs or e-commerce platforms to identify trends in
customer preferences or improve product recommendations. This approach allows marketers to
optimize their campaigns and strategies based on broad customer insights, without risking
customer exposure or violating data protection regulations. By using anonymization techniques
such as data aggregation or masking, marketers can conduct sophisticated analyses while
respecting privacy rights and ensuring compliance with privacy laws.
V. Future Directions and Considerations
Advanced Anonymization Techniques: Exploring Emerging Methods Like Differential
Privacy and k-Anonymity
As data privacy concerns continue to evolve, so too must the techniques used to anonymize data.
Emerging methods, such as differential privacy and k-anonymity, are gaining prominence for
their ability to provide stronger privacy guarantees while retaining valuable data utility.
Differential Privacy:
Differential privacy is a technique that adds noise to the data in a way that prevents the
identification of individual data points, even when multiple datasets are analyzed
together. This ensures that the privacy of any single individual cannot be compromised
through the release of aggregate data. As more industries and research organizations
adopt data-sharing models, differential privacy promises to offer a robust, mathematically
sound method for balancing privacy and utility. Future advancements in differential
privacy may focus on reducing the amount of noise required, thus improving the accuracy
of data while still protecting privacy.
k-Anonymity:
k-anonymity ensures that each data point in a dataset is indistinguishable from at least k-
1 other data points, reducing the risk of re-identification. This technique is particularly
useful in scenarios where datasets are released for public use or shared across
organizations. However, as the ability to link anonymized data to other datasets improves,
new variations and enhancements to k-anonymity (such as l-diversity and t-closeness) are
being explored to better protect sensitive attributes within datasets.
Emerging anonymization techniques will continue to evolve in response to the growing
sophistication of data analytics and the increasing interconnectivity of information. These
advancements will focus on making anonymization both more effective and less disruptive to the
value derived from the data.
Ethical Implications: Balancing Privacy and Utility in Data Anonymization Practices
One of the key challenges in data anonymization is finding the right balance between privacy
protection and the utility of data for analytical purposes. While anonymization techniques help
mitigate privacy risks, they can also lead to a loss of data precision or granularity, which may
affect the quality of insights derived from the data. Striking this balance raises important ethical
questions:
Data Quality vs. Privacy:
In some cases, overly aggressive anonymization may render data less useful, which could
undermine the objectives of research, business decisions, or policy development. For
example, excessive generalization or suppression of data could lead to misleading
conclusions, especially in fields such as healthcare, where precise data is crucial for
patient outcomes. Organizations must carefully evaluate the potential trade-offs between
privacy protection and data utility to ensure that anonymization practices are not overly
restrictive.
Informed Consent and Transparency:
Ethical considerations also extend to how data is anonymized and shared. Organizations
should ensure transparency about their anonymization processes and the potential risks of
re-identification, especially when data is being shared with third parties. Individuals
whose data is being anonymized should be informed of how their data will be used, even
if it is anonymized, and given the option to consent to its use for specific purposes. As
data collection and usage become more complex, respecting individuals' autonomy and
privacy rights will continue to be a key ethical concern.
Continuous Evaluation and Improvement: Monitoring the Effectiveness of Anonymization
Techniques and Adapting to Evolving Threats
The effectiveness of data anonymization techniques must be regularly evaluated to ensure they
remain robust in the face of evolving technological threats. As the capabilities of data analytics
and machine learning improve, so too does the potential for re-identifying anonymized data. To
address this, organizations must establish continuous monitoring systems to assess the adequacy
of their anonymization methods.
Monitoring Re-identification Risks:
Periodic audits should be conducted to evaluate the risk of re-identification, especially
when new data sources are introduced or anonymized data is shared across platforms. By
continuously monitoring for vulnerabilities, organizations can identify emerging risks and
take proactive measures to mitigate them.
Adapting to New Technologies:
The rapid advancement of technologies such as artificial intelligence (AI) and big data
analytics presents new challenges to data anonymization. As AI systems become more
capable of making connections between disparate data points, previously anonymized
information could be at risk of re-identification. Organizations must stay ahead of these
technological advancements by regularly updating their anonymization techniques and
adapting to new threats. This may include integrating more advanced privacy-preserving
technologies like federated learning or homomorphic encryption, which allow for data
analysis without exposing the raw data.
VI. Conclusion
Recap of Key Findings:
Data anonymization plays a pivotal role in protecting personal privacy and ensuring compliance
with various data protection regulations, such as the GDPR, CCPA, and HIPAA. By employing
techniques like data masking, aggregation, generalization, and suppression, organizations can
safeguard sensitive information while still leveraging data for research, analytics, and business
operations. Anonymization not only mitigates risks associated with data breaches and
cyberattacks but also facilitates data sharing and collaboration across sectors like healthcare,
finance, and marketing, without compromising individual privacy. However, challenges such as
residual identifiability, utility loss, and the balance between privacy and data quality must be
addressed to ensure that anonymization is both effective and sustainable in the long term.
Recommendations for Data Privacy Professionals:
To effectively implement data anonymization strategies, data privacy professionals should
consider the following best practices:
1. Conduct Regular Risk Assessments:
Regularly evaluate the effectiveness of anonymization techniques and assess the risk of
re-identification, especially when integrating new data sources or sharing anonymized
data with third parties. Implement continuous monitoring to ensure data remains
sufficiently protected as privacy risks evolve.
2. Implement Advanced Anonymization Methods:
Stay informed about emerging anonymization techniques, such as differential privacy and
k-anonymity, and consider integrating these advanced methods to enhance privacy
protection. Adopt a layered approach to anonymization, combining multiple techniques
for more robust security.
3. Balance Privacy and Data Utility:
Strive to maintain the utility of anonymized data for research or business purposes, while
ensuring that privacy is not compromised. Carefully consider the trade-offs between data
precision and privacy when applying anonymization techniques, and make adjustments
based on the specific use case.
4. Prioritize Transparency and Consent:
Ensure transparency in the anonymization process and inform stakeholders about how
their data is being used and anonymized. Obtain explicit consent where possible,
especially when data is being shared with external entities, to build trust and ensure
compliance with privacy regulations.
The Future of Data Anonymization:
The future of data anonymization is shaped by evolving privacy laws, technological
advancements, and the increasing value of data for decision-making and research. Emerging
techniques like differential privacy and federated learning are expected to become more widely
adopted as organizations seek stronger privacy safeguards in the face of growing data sharing
and integration. However, as re-identification methods become more sophisticated, the need for
continuous evaluation and adaptation of anonymization strategies will be crucial.
In addition, the ethical implications of anonymization, particularly regarding the balance
between privacy and data utility, will continue to be a central focus. Data privacy professionals
will need to navigate these ethical considerations carefully to ensure that the benefits of data
sharing and analytics do not come at the expense of individual rights.
As data collection practices become more complex, organizations must remain proactive in
updating their anonymization strategies, leveraging new technologies, and fostering a culture of
privacy. By doing so, they can protect sensitive information, comply with evolving regulations,
and harness the full potential of data in a responsible and secure manner.
REFERENCES
1. Ball, R. (2009). Market and Political/Regulatory Perspectives on the Recent Accounting
Scandals. Journal of Accounting Research, 47(2), 277–323.
https://doi.org/10.1111/j.1475-679x.2009.00325.x
2. Akash, T. R., Islam, M. S., & Sourav, M. S. A. (2024). Enhancing business security
through fraud detection in financial transactions. Global Journal of Engineering and
Technology Advances, 21(02), 079-087.
3. Clarke, R. (1988). Information technology and dataveillance. Communications of the
ACM, 31(5), 498–512. https://doi.org/10.1145/42411.42413
4. Conti, M., Kumar, E. S., Lal, C., & Ruj, S. (2018). A Survey on Security and Privacy
Issues of Bitcoin. IEEE Communications Surveys & Tutorials, 20(4), 3416–3452.
https://doi.org/10.1109/comst.2018.2842460
5. Graham, J., Li, S., & Qiu, J. (2008). Corporate misreporting and bank loan contracting.
Journal of Financial Economics, 89(1), 44–61.
https://doi.org/10.1016/j.jfineco.2007.08.005
6. Karpoff, J. M., Lee, D. S., & Martin, G. S. (2008). The cost to firms of cooking the
books. Journal of Financial and Quantitative Analysis, 43(3), 581–611.
https://doi.org/10.1017/s0022109000004221
7. Khan, N., Yaqoob, I., Hashem, I. a. T., Inayat, Z., Ali, W. K. M., Alam, M., Shiraz, M., &
Gani, A. (2014). Big Data: Survey, Technologies, Opportunities, and Challenges. The
Scientific World JOURNAL, 2014, 1–18. https://doi.org/10.1155/2014/712826
8. Khan, S. N., Loukil, F., Ghedira-Guegan, C., Benkhelifa, E., & Bani-Hani, A. (2021).
Blockchain smart contracts: Applications, challenges, and future trends. Peer-to-Peer
Networking and Applications, 14(5), 2901–2925. https://doi.org/10.1007/s12083-021-
01127-0
9. Treiblmaier, H. (2018). The impact of the blockchain on the supply chain: a theory-based
research framework and a call for action. Supply Chain Management an International
Journal, 23(6), 545–559. https://doi.org/10.1108/scm-01-2018-0029
10. Stiglitz, J. E. (1993). The Role of the State in Financial Markets. The World Bank
Economic Review, 7(suppl 1), 19–52. https://doi.org/10.1093/wber/7.suppl_1.19
11. Wang, Y., Han, J. H., & Beynon-Davies, P. (2018). Understanding blockchain technology
for future supply chains: a systematic literature review and research agenda. Supply
Chain Management an International Journal, 24(1), 62–84. https://doi.org/10.1108/scm-
03-2018-0148
ResearchGate has not been able to resolve any citations for this publication.
Enhancing business security through fraud detection in financial transactions
Article
Full-text available
  • Nov 2024
Today the threat of fraud is a real issue in security threats for business, due to complexity and volume of financial transactions, especially with the rapid changes of technology. This research paper focuses on the major role that needs to be implemented for the prevention of fraudulent activities regarding monetary issues. The paper also explores different approaches that are currently used in the identification of frauds such as the artificial neural networks, statistical analysis, rules based systems and others. From the existing literature review and case studies, the paper gives an overview of the strengths and weaknesses of these approaches as well as the implementation of the best practices. The methodology entails a literature review of the current fraud detection systems, then using the identified techniques on a sample dataset to test them. In this paper research data shows that combining several detection measures improves efficiency and minimizes the number of false alarms, which contributes to the improvement of business protection. The discussion also underlined the necessity for the constant appropriateness of technologies dedicated to fraud detection to correspond to new fraud schemes. Finally, recommendations regarding occurrence of effective anti-fraud measures for firms are given in order to promote effective financial transactions and safeguard organizational resources.
View
Blockchain smart contracts: Applications, challenges, and future trends
Article
Full-text available
  • Apr 2021
In recent years, the rapid development of blockchain technology and cryptocurrencies has influenced the financial industry by creating a new crypto-economy. Then, next-generation decentralized applications without involving a trusted third-party have emerged thanks to the appearance of smart contracts, which are computer protocols designed to facilitate, verify, and enforce automatically the negotiation and agreement among multiple untrustworthy parties. Despite the bright side of smart contracts, several concerns continue to undermine their adoption, such as security threats, vulnerabilities, and legal issues. In this paper, we present a comprehensive survey of blockchain-enabled smart contracts from both technical and usage points of view. To do so, we present a taxonomy of existing blockchain-enabled smart contract solutions, categorize the included research papers, and discuss the existing smart contract-based studies. Based on the findings from the survey, we identify a set of challenges and open issues that need to be addressed in future studies. Finally, we identify future trends.
View
Understanding blockchain technology for future supply chains: a systematic literature review and research agenda
Article
Full-text available
  • Dec 2018
  • SUPPLY CHAIN MANAG
Purpose This paper aims to investigate the way in which blockchain technology is likely to influence future supply chain practices and policies. Design/methodology/approach A systematic review of both academic and practitioner literature was conducted. Multiple accounts of blockchain adoption within industry were also consulted to gain further insight. Findings While blockchain technologies remain in their infancy, they are gaining momentum within supply chains, trust being the predominant factor driving their adoption. The value of such technologies for supply chain management lies in four areas: extended visibility and traceability, supply chain digitalisation and disintermediation, improved data security and smart contracts. Several challenges and gaps in understanding and opportunities for further research are identified by this research. How a blockchain-enabled supply chain should be configured has also been explored from a design perspective. Research limitations/implications This systematic review focuses on the diffusion of blockchain technology within supply chains, and great care was taken in selecting search terms. However, the authors acknowledge that their choice of terms may have excluded certain blockchain articles from this review. Practical implications This paper offers valuable insight for supply chain practitioners into how blockchain technology has the potential to disrupt existing supply chain provisions as well as a number of challenges to its successful diffusion. Social implications The paper debates the poential social and economic impact brought by blockchain. Originality/value This paper is one of the first studies to examine the current state of blockchain diffusion within supply chains. It lays a firm foundation for future research.
View
The Impact of the Blockchain on the Supply Chain: A Theory-Based Research Framework and a Call for Action
Article
Full-text available
  • Aug 2018
  • SUPPLY CHAIN MANAG
STRUCTURED ABSTRACT Purpose-This paper strives to close the current research gap pertaining to potential implications of the Blockchain for SCM by presenting a framework built on four established economic theories (principal agent theory, transaction cost analysis, resource-based view, network theory). These theories can be used to derive research questions that are theory-based as well as relevant for the industry. This paper is intended to initiate and stimulate an academic discussion on the potential impact of the Blockchain and introduces a framework for middle-range theorizing together with several research questions. Design/methodology/approach-This paper builds on previous theories that are frequently used in SCM research and shows how they can be adapted to Blockchain-related questions. Findings-This paper introduces a framework for middle-range theorizing together with several research questions. Research limitations/implications-The paper presents Blockchain-related research questions derived from four frequently used theories: namely principal agent theory (PAT), transaction cost theory (TCA), resource-based view (RBV) and network theory (NT). These questions will guide future research pertaining to structural (PAT, TCA) and managerial issues (RBV, NT) and will foster middle-range theory development in SCM research. Practical implications-Blockchain technology has the potential to significantly change SCM. Given the huge investments by industry, academic research is needed that investigates potential implications and supports companies. In this paper various research questions are introduced that illustrate how the implications of Blockchain on SCM can be investigated from different perspectives. Originality/value-To the best of our knowledge, no academic papers are published in leading academic journals that investigate the relationship between SCM and Blockchain from a theory-based perspective.
View
Big Data: Survey, Technologies, Opportunities, and Challenges
Article
Full-text available
Big Data has gained much attention from the academia and the IT industry. In the digital and computing world, information is generated and collected at a rate that rapidly exceeds the boundary range. Currently, over 2 billion people worldwide are connected to the Internet, and over 5 billion individuals own mobile phones. By 2020, 50 billion devices are expected to be connected to the Internet. At this point, predicted data production will be 44 times greater than that in 2009. As information is transferred and shared at light speed on optic fiber and wireless networks, the volume of data and the speed of market growth increase. However, the fast growth rate of such large data generates numerous challenges, such as the rapid growth of data, transfer speed, diverse data, and security. Nonetheless, Big Data is still in its infancy stage, and the domain has not been reviewed in general. Hence, this study comprehensively surveys and classifies the various attributes of Big Data, including its nature, definitions, rapid growth rate, volume, management, analysis, and security. This study also proposes a data life cycle that uses the technologies and terminologies of Big Data. Future research directions in this field are determined based on opportunities and several open issues in Big Data domination. These research directions facilitate the exploration of the domain and the development of optimal techniques to address Big Data.
View
A Survey on Security and Privacy Issues of Bitcoin
Article
  • Jun 2017
Bitcoin is a popular "cryptocurrency" that records all transactions in an distributed append-only public ledger called "blockchain". The security of Bitcoin heavily relies on the incentive-compatible distributed consensus protocol which is run by participants called "miners". In exchange of the incentive, the miners are expected to honestly maintain the blockchain. Since its launch in 2009, Bitcoin economy has grown at an enormous rate is now worth about 40 billions of dollars. This exponential growth in the market value of Bitcoin motivates adversaries to exploit weaknesses for profit, and researchers to identify vulnerabilities in the system, propose countermeasures, and predict upcoming trends. In this paper, we present a systematic survey on security and privacy aspects of Bitcoin. We start by presenting an overview of the Bitcoin protocol and discuss its major components with their functionality and interactions. We review the existing vulnerabilities in Bitcoin which leads to the execution of various security threats in Bitcoin system. We discuss the feasibility and robustness of the state-of-the-art security solutions. We present privacy and anonymity considerations, and discuss the threats to enabling user privacy along with the analysis of existing privacy preserving solutions. Finally, we summarize the critical open challenges, and suggest directions for future research towards provisioning stringent security and privacy techniques for Bitcoin.
View
The Role of the State in Financial Markets
Article
  • Dec 1993
This paper reexamines the role of the state in financial markets and identifies seven major market failures that provide a potential rationale for government intervention. In practice, government interventions in capital markets, even in industrial countries, have been pervasive. The paper provides a taxonomy of those interventions with respect to both the objectives they serve and the instruments they employ. There is a role for the government in financial markets, but the success of government interventions has been mixed. It is important that interventions be well designed. The paper sets out principles of government regulatory interventions and applies them to prudential regulation. It then examines three other areas of intervention—directed credit, financial repression, and competition policy—and identijies circumstances in which some amount of financial repression may actually be beneficial.
View
The Cost to Firms of Cooking the Books
Article
  • Sep 2008
  • J FINANC QUANT ANAL
We examine the penalties imposed on the 585 firms targeted by SEC enforcement actions for financial misrepresentation from 1978-2002, which we track through November 15, 2005. The penalties imposed on firms through the legal system average only 23.5millionperfirm.Thepenaltiesimposedbythemarket,incontrast,arehuge.Ourpointestimateofthereputationalpenaltywhichwedefineastheexpectedlossinthepresentvalueoffuturecashflowsduetolowersalesandhighercontractingandfinancingcostsisover7.5timesthesumofallpenaltiesimposedthroughthelegalandregulatorysystem.Foreachdollarthatafirmmisleadinglyinflatesitsmarketvalue,onaverage,itlosesthisdollarwhenitsmisconductisrevealed,plusanadditional23.5 million per firm. The penalties imposed by the market, in contrast, are huge. Our point estimate of the reputational penalty-which we define as the expected loss in the present value of future cash flows due to lower sales and higher contracting and financing costs - is over 7.5 times the sum of all penalties imposed through the legal and regulatory system. For each dollar that a firm misleadingly inflates its market value, on average, it loses this dollar when its misconduct is revealed, plus an additional 3.08. Of this additional loss, 0.36isduetoexpectedlegalpenaltiesand0.36 is due to expected legal penalties and 2.71 is due to lost reputation. In firms that survive the enforcement process, lost reputation is even greater at $3.83. In the cross section, the reputation loss is positively related to measures of the firm's reliance on implicit contracts. This evidence belies a widespread belief that financial misrepresentation is disciplined lightly. To the contrary, reputation losses impose substantial penalties for cooking the books. Copyright 2008, Michael G. Foster School of Business, University of Washington, Seattle, WA 98195.
View
Corporate Misreporting and Bank Loan Contracting
Article
  • Dec 2007
  • J FINANC ECON
This paper is the first to study the effect of financial restatement on bank loan contracting. Compared with loans initiated before restatement, loans initiated after restatement have significantly higher spreads, shorter maturities, higher likelihood of being secured, and more covenant restrictions. The increase in loan spread is significantly larger for fraudulent restating firms than other restating firms. We also find that after restatement, the number of lenders per loan declines and firms pay higher upfront and annual fees. These results are consistent with banks using tighter loan contract terms to overcome risk and information problems arising from financial restatements.
View
Information Technology and Dataveillance
Article
  • May 1988
Data surveillance is now supplanting conventional surveillance techniques. With this trend come new monitoring methods such as personal dataveillance and mass dataveillance that require more effective safeguards and a formal policy framework.
View