Cited By
View all- Siponen M(2025)Evidence-Based Cybersecurity Management: How to Use Sanctions Effectively and Avoid PitfallsComputer10.1109/MC.2024.349085258:1(142-145)Online publication date: 1-Jan-2025
The Impacts of Internet Monitoring on Employees’ Cyberloafing and Organizational Citizenship Behavior: : A Longitudinal Field Quasi-Experiment
Pages 1175 - 1194
Abstract
Many organizations have adopted internet monitoring to regulate employees’ cyberloafing behavior. Although one might intuitively assume that internet monitoring can be effective in reducing cyberloafing, there is a lack of research examining why the effect can occur and whether it can be sustained. Furthermore, little research has investigated whether internet monitoring can concurrently induce any side effects in employee behavior. In this paper, we conducted a longitudinal field quasi-experiment to examine the impacts of internet monitoring on employees’ cyberloafing and organizational citizenship behavior (OCB). Our results show that internet monitoring did reduce employees’ cyberloafing by augmenting employees’ perceived sanction concerns and information privacy concerns related to cyberloafing. The results also show that internet monitoring could produce the side effect of reducing employees’ OCB. Interestingly, when examining the longitudinal effects of internet monitoring four months after its implementation, we found that the effect of internet monitoring on cyberloafing was not sustained, but the effect on OCB toward organizations still persisted. Our study advances the literature on deterrence theory by empirically investigating both the intended and side effects of deterrence and how the effects change over time. It also has important broader implications for practitioners who design and implement information systems to regulate employee noncompliance behavior.
History: Yong Tan, Senior Editor; David (Jingjun) Xu, Associate Editor.
Funding: This study was funded by the National Natural Science Foundation of China [Grants 71901201, 72372150, 72025402, 71921001, 72293573, and 72034001], the Research Grants Council of Hong Kong (HKU 17502921), the University Research Committee of the University of Hong Kong (201905159007), Theme-based Research Fund from HKU Education Consulting (Shenzhen) Co., LTD. [Grant SZRI2023-TBRF-02].
Supplemental Material: The online appendix is available at https://doi.org/10.1287/isre.2020.0216.
References
[1]
Acquisti A, Brandimarte L, Loewenstein G (2015) Privacy and human behavior in the age of information. Science 347(6221):509–514.
[2]
Agarwal U (2019) Impact of supervisors’ perceived communication style on subordinate’s psychological capital and cyberloafing. Australasian J. Inform. Systems 23:1–27.
[3]
Alder GS, Noel TW, Ambrose ML (2006) Clarifying the effects of internet monitoring on job attitudes: The mediating role of employee trust. Inform. Management 43(7):894–903.
[4]
Alder GS, Schminke M, Noel TW, Kuenzi M (2008) Employee reactions to internet monitoring: The moderating role of ethical orientation. J. Bus. Ethics 80(3):481–498.
[5]
Alge BJ (2001) Effects of computer surveillance on perceptions of privacy and procedural justice. J. Appl. Psych. 86(4):797–804.
[6]
Aryee S, Chen ZX, Sun LY, Debrah YA (2007) Antecedents and outcomes of abusive supervision: Test of a trickle-down model. J. Appl. Psych. 92(1):191–201.
[7]
Ashton-James CE, Ashkanasy NM (2005) What lies beneath? A process analysis of affective events theory. Ashkanasy NM, Zerbe WJ, Hartel CEJ, eds. The Effect of Affect in Organizational Settings. Research on Emotion in Organizations, vol. 1 (Elsevier Science, Oxford), 23–46.
[8]
Baron RM, Kenny DA (1986) The moderator–mediator variable distinction in social psychological research: Conceptual, strategic, and statistical considerations. J. Personality Soc. Psych. 51(6):1173–1182.
[9]
Beal DJ, Trougakos JP, Weiss HM, Green SG (2006) Episodic processes in emotional labor: Perceptions of affective delivery and regulation strategies. J. Appl. Psych. 91(5):1053–1065.
[10]
Bélanger F, Crossler RE (2011) Privacy in the digital age: A review of information privacy research in information systems. MIS Quart. 35(4):1017–1042.
[11]
Belot M, Schröder M (2015) The spillover effects of monitoring: A field experiment. Management Sci. 62(1):37–45.
[12]
Bolino MC, Hsiung HH, Harvey J, LePine JA (2015) “Well, I’m tired of tryin’!” Organizational citizenship behavior and citizenship fatigue. J. Appl. Psych. 100(1):56–74.
[13]
Bulgurcu B, Cavusoglu H, Benbasat I (2010) Information security policy compliance: An empirical study of rationality-based beliefs and information security awareness. MIS Quart. 34(3):523–548.
[14]
Chiaburu DS, Byrne ZS (2009) Predicting OCB role definitions: Exchanges with the organization and psychological attachment. J. Bus. Psych. 24:201–214.
[15]
Cram WA, D’Arcy J, Proudfoot JG (2019) Seeing the forest and the trees: A meta-analysis of the antecedents to information security policy compliance. MIS Quart. 43(2):525–554.
[16]
D’Arcy J, Devaraj S (2012) Employee misuse of information technology resources: Testing a contemporary deterrence model. Decision Sci. 43(6):1091–1124.
[17]
D’Arcy J, Lowry PB (2019) Cognitive-affective drivers of employees’ daily compliance with information security policies: A multilevel, longitudinal study. Inform. Systems J. 29(1):43–69.
[18]
D’Arcy J, Herath T, Shoss MK (2014) Understanding employee responses to stressful information security requirements: A coping perspective. J. Management Inform. Systems 31(2):285–318.
[19]
D’Arcy J, Hovav A, Galletta D (2009) User awareness of security countermeasures and its impact on information systems misuse: A deterrence approach. Inform. Systems Res. 20(1):79–98.
[20]
Dawson GS, Karahanna E, Buchholtz A (2014) A study of psychological contract breach spillover in multiple-agency relationships in consulting professional service firms. Organ. Sci. 25(1):149–170.
[21]
Dekas KH, Bauer TN, Welle B, Kurkoski J, Sullivan S (2013) Organizational citizenship behavior, version 2.0: A review and qualitative investigation of OCBs for knowledge workers at Google and beyond. Acad. Management Perspect. 27(3):219–237.
[22]
Dickinson D, Villeval MC (2008) Does monitoring decrease work effort?: The complementarity between agency and crowding-out theories. Games Econom. Behav. 63(1):56–76.
[23]
Dirks KT, Ferrin DL (2001) The role of trust in organizational settings. Organ. Sci. 12(4):450–467.
[24]
Faul F, Erdfelder E, Lang AG, Buchner A (2007) G* Power 3: A flexible statistical power analysis program for the social, behavioral, and biomedical sciences. Behav. Res. Methods 39(2):175–191.
[25]
Ferrin DL, Bligh MC, Kohles JC (2007) Can I trust you to trust me? A theory of trust, monitoring, and cooperation in interpersonal and intergroup relationships. Group Organ. Management 32(4):465–499.
[26]
Finnegan M (2020) The new normal: When work-from-home means the boss is watching. Computerworld (October 29), https://www.computerworld.com/article/3586616/the-new-normal-when-work-from-home-means-the-boss-is-watching.html.
[27]
Gibbs JP (1975) Crime, Punishment, and Deterrence (Elsevier, Amsterdam).
[28]
Glassman J, Prosch M, Shao BBM (2015) To monitor or not to monitor: Effectiveness of a cyberloafing countermeasure. Inform. Management 52(2):170–182.
[29]
Harvey J, Bolino MC, Kelemen TK (2018) Organizational citizenship behavior in the 21st century: How might going the extra mile look different at the start of the new millennium? Buckley MR, Wheeler AR, Halbesleben JRB, eds. Research in Personnel and Human Resources Management (Emerald Publishing Limited, Bingley, UK), 51–110.
[30]
Hensel PG, Kacprzak A (2021) Curbing cyberloafing: Studying general and specific deterrence effects with field evidence. Eur. J. Inform. Systems 30(2):219–235.
[31]
Hsu JSC, Shih SP, Hung YW, Lowry PB (2015) The role of extra-role behaviors and social controls in information security policy effectiveness. Inform. Systems Res. 26(2):282–300.
[32]
Hui C, Lam SS, Law KK (2000) Instrumental values of organizational citizenship behavior for promotion: A field quasi-experiment. J. Appl. Psych. 85(5):822–828.
[33]
Ivaturi K, Chua C (2021) Rethinking time: Ubichronic time and its impact on work. Eur. J. Inform. Systems 32(2):315–330.
[34]
Jiang H, Siponen M, Tsohou A (2023) Personal use of technology at work: A literature review and a theoretical model for understanding how it affects employee job performance. Eur. J. Inform. Systems 32(2):331–345.
[35]
Judd CM, Kenny DA, McClelland GH (2001) Estimating and testing mediation and moderation in within-subject designs. Psych. Methods 6(2):115–134.
[36]
Khansa L, Kuem J, Siponen M, Kim SS (2017) To cyberloaf or not to cyberloaf: The impact of the announcement of formal organizational controls. J. Management Inform. Systems 34(1):141–176.
[37]
Kleiman M, Kilmer B (2009) The dynamics of deterrence. Proc. Natl. Acad. Sci. USA 106(34):14230–14235.
[38]
Koay KY, Lim VKG, Soh PCH, Ong DLT, Ho JSY, Lim PK (2022) Abusive supervision and cyberloafing: A moderated moderation model of moral disengagement and negative reciprocity belifes. Inform. Management 59(2):1–10.
[39]
Konovsky MA, Pugh SD (1994) Citizenship behavior and social exchange. Acad. Management J. 37(3):656–669.
[40]
Larson JR, Callahan C (1990) Performance monitoring: How it affects work productivity. J. Appl. Psych. 75(5):530–538.
[41]
Lester SW, Brower HH (2003) In the eyes of the beholder: The relationship between subordinates’ felt trustworthiness and their work attitudes and behaviors. J. Leadership Organ. Stud. 10(2):17–33.
[42]
Li N, Liang J, Crant JM (2010) The role of proactive personality in job satisfaction and organizational citizenship behavior: A relational perspective. J. Appl. Psych. 95(2):395–404.
[43]
Lim VKG (2002) The IT way of loafing on the job: Cyberloafing, neutralizing and organizational justice. J. Organ. Behav. 23(5):675–694.
[44]
Lim VKG, Chen DJQ (2012) Cyberloafing at the workplace: Gain or drain on work? Behav. Inform. Tech. 31(4):343–353.
[45]
Malhotra NK, Kim SS, Agarwal J (2004) Internet users’ information privacy concerns (IUIPC): The construct, the scale, and a causal model. Inform. Systems Res. 15(4):336–355.
[46]
McNall LA, Roch SG (2009) A social exchange model of employee reactions to electronic performance monitoring. Human Perform. 22(3):204–224.
[47]
Meagher KJ, Wait A (2020) Worker trust in management and delegation in organizations. J. Law Econom. Organ. 36(3):495–536.
[48]
Minor WW, Harry J (1982) Deterrent and experiential effects in perceptual deterrence research: A replication and extension. J. Res. Crime Delinquency 19(2):190–203.
[49]
Mishra J, Morrissey MA (1990) Trust in employee/employer relationships: A survey of West Michigan managers. Public Personnel Management 19(4):443–486.
[50]
Molm LD (2003) Theoretical comparisons of forms of exchange. Sociol. Theory 21(1):1–17.
[51]
Montoya AK, Hayes AF (2017) Two-condition within-participant statistical mediation analysis: A path-analytic framework. Psych. Methods 22(1):6–27.
[52]
Moody GD, Siponen M (2013) Using the theory of interpersonal behavior to explain non-work-related personal use of the internet at work. Inform. Management 50(6):322–335.
[53]
Moody GD, Siponen M, Pahnila S (2018) Toward a unified model of information security policy compliance. MIS Quart. 42(1):285–311.
[54]
Mooijman M, Van Dijk WW, Ellemers N, Van Dijk E (2015) Why leaders punish: A power perspective. J. Personality Soc. Psych. 109(1):75–89.
[55]
Murphy K (2004) The role of trust in nurturing compliance: A study of accused tax avoiders. Law Hum. Behav. 28(2):187–209.
[56]
Murphy ST, Zajonc RB (1993) Affect, cognition, and awareness: Affective priming with optimal and suboptimal stimulus exposures. J. Personality Soc. Psych. 64(5):723–739.
[57]
Nagin DS (1998) Criminal deterrence research at the outset of the twenty-first century. Crime Justice 23:1–42.
[58]
Nagin DS, Pogarsky G (2001) Integrating celerity, impulsivity, and extralegal sanction threats into a model of general deterrence: Theory and evidence. Criminology 39(4):865–892.
[59]
Niehoff BP, Moorman RH (1993) Justice as a mediator of the relationship between methods of monitoring and organizational citizenship behavior. Acad. Management J. 36(3):527–556.
[60]
Nielsen TM, Hrivnak GA, Shaw M (2009) Organizational citizenship behavior and performance: A meta-analysis of group-level research. Small Group Res. 40(5):555–577.
[61]
Organ DW, Konovsky M (1989) Cognitive vs. affective determinants of organizational citizenship behavior. J. Appl. Psych. 74(1):157–164.
[62]
Oulasvirta A, Pihlajamaa A, Perkio J, Ray D, Vahakangas T, Hasu T, Vainio N, Myllymaki P (2012) Long-term effects of ubiquitous surveillance in the home. ACM Conf. Ubiquitous Comput (Association for Computing Machinery, New York), 41–50.
[63]
Parke MR, Tangirala S, Hussain I (2021) Creating organizational citizens: How and when supervisor-vs. peer-led role interventions change organizational citizenship behavior. J. Appl. Psych. 106(11):1714–1733.
[64]
Pavlou PA (2011) State of the information privacy literature: Where are we now and where should we go? MIS Quart. 35(4):977–988.
[65]
Petrosino A, Boruch RF, Rounding C, McDonald S, Chalmers I (2000) The Campbell Collaboration Social, Psychological, Educational and Criminological Trials Register (C2-SPECTR) to facilitate the preparation and maintenance of systematic reviews of social and educational interventions. Evaluation Res. Ed. 14(3–4):206–219.
[66]
Pierce L, Snow DC, McAfee A (2015) Cleaning house: The impact of information technology monitoring on employee theft and productivity. Management Sci. 61(10):2299–2319.
[67]
Piquero AR, Paternoster R, Pogarsky G, Loughran T (2011) Elaborating the individual difference component in deterrence theory. Annual Rev. Law Soc. Sci. 7:335–360.
[68]
Podsakoff NP, Whiting SW, Podsakoff PM, Blume BD (2009) Individual-and organizational-level consequences of organizational citizenship behaviors: A meta-analysis. J. Appl. Psych. 94(1):122–141.
[69]
Porath CL, Erez A (2007) Does rudeness really matter? The effects of rudeness on task performance and helpfulness. Acad. Management J. 50(5):1181–1197.
[70]
Posey C, Bennett B, Roberts T, Lowry PB (2011) When computer monitoring backfires: Invasion of privacy and organizational injustice as precursors to computer abuse. J. Inform. System Security 7(1):24–47.
[71]
Puhakainen P, Siponen M (2010) Improving employees’ compliance through information systems security training: An action research study. MIS Quart. 34(4):757–778.
[72]
Ravid DM, Tomczak DL, White JC, Behrend TS (2020) EPM 20/20: A review, framework, and research agenda for electronic performance monitoring. J. Management 46(1):100–126.
[73]
Reychav I, Sharkie R (2010) Trust: An antecedent to employee extra-role behaviour. J. Intellectual Capital 11(2):227–247.
[74]
Robinson SL (1996) Trust and breach of the psychological contract. Admin. Sci. Quart. 41(4):574–599.
[75]
Rousseau DM, Sitkin SB, Burt RS, Camerer C (1998) Not so different after all: A cross-discipline view of trust. Acad. Management Rev. 23(3):393–404.
[76]
Sarkar S, Vance A, Ramesh B, Demestihas M, Wu DT (2020) The influence of professional subculture on information security policy violations: A field study in a healthcare context. Inform. Systems Res. 31(4):1240–1259.
[77]
Schweitzer ME, Ho TH, Zhang X (2018) How monitoring influences trust: A tale of two faces. Management Sci. 64(1):253–270.
[78]
Sherman LW (1990) Police crackdowns: Initial and residual deterrence. Crime Justice 12:1–48.
[79]
Siponen M, Vance A (2010) Neutralization: New insights into the problem of employee information systems security policy violations. MIS Quart. 34(3):487–502.
[80]
Siponen M, Vance A, Willison R (2012) New insights into the problem of software piracy: The effects of neutralization, shame, and moral beliefs. Inform. Management 49(7–8):334–341.
[81]
Smith HJ, Milberg SJ, Burke SJ (1996) Information privacy: Measuring individuals’ concerns about organizational practices. MIS Quart. 20(2):167–196.
[82]
Staats BR, Dai H, Hofmann D, Milkman KL (2017) Motivating process compliance through individual electronic monitoring: An empirical examination of hand hygiene in healthcare. Management Sci. 63(5):1563–1585.
[83]
Stanton JM, Julian AL (2002) The impact of electronic monitoring on quality and quantity of performance. Comput. Human Behav. 18(1):85–101.
[84]
Stanton JM, Weiss EM (2000) Electronic monitoring in their own words: An exploratory study of employees’ experiences with new types of surveillance. Comput. Human Behav. 16(4):423–440.
[85]
Straub DW, Nance WD (1990) Discovering and disciplining computer abuse in organizations: A field study. MIS Quart. 14(1):45–60.
[86]
Thornberry TP (1987) Toward an interactional theory of delinquency. Criminology 25(4):863–892.
[87]
Tourigny L, Han J, Baba VV, Pan P (2019) Ethical leadership and corporate social responsibility in China: A multilevel study of their effects on trust and organizational citizenship behavior. J. Bus. Ethics 158(2):427–440.
[88]
Trougakos JP, Hideg I, Cheng BH, Beal DJ (2014) Lunch breaks unpacked: The role of autonomy as a moderator of recovery during lunch. Acad. Management J. 57(2):405–421.
[89]
Truelove V, Freeman J, Watson B, Kaye SA, Davey J (2020) Are perceptions of penalties stable across time? The problem of causal ordering in deterrence applied to road safety. Accident Anal. Prev. 146:105746.
[90]
Wagner DT, Barnes CM, Lim VK, Ferris DL (2012) Lost sleep and cyberloafing: Evidence from the laboratory and a daylight saving time quasi-experiment. J. Appl. Psych. 97(5):1068–1076.
[91]
Wang B, Liu Y, Qian J, Parker SK (2021) Achieving effective remote working during the COVID‐19 pandemic: A work design perspective. Appl. Psych. 70(1):16–59.
[92]
Wang J, Tian J, Shen Z (2013) The effects and moderators of cyber-loafing controls: An empirical study of Chinese public servants. Inform. Tech. Management 14:269–282.
[93]
Westin AF (1967) Privacy and Freedom (Atheneum, New York).
[94]
Williams LJ, Anderson SE (1991) Job satisfaction and organizational commitment as predictors of organizational citizenship and in-role behaviors. J. Management 17(3):601–617.
[95]
Willison R, Lowry PB, Paternoster R (2018) A tale of two deterrents: Considering the role of absolute and restrictive deterrence to inspire new directions in behavioral and organizational security research. J. Assoc. Inform. Systems 19(12):1187–1216.
[96]
Xu E, Huang X, Lam CK, Miao Q (2012) Abusive supervision and work behaviors: The mediating role of LMX. J. Organ. Behav. 33(4):531–543.
[97]
Yoo CW, Ahn HJ, Rao HR (2012) An exploration of the impact of information privacy invasion. Proc. 33rd Internat. Conf. Inform. Systems (Association for Information Systems, Atlanta), 2260–2278.
[98]
Zhao H, Wayne SJ, Glibkowski BC, Bravo J (2007) The impact of psychological contract breach on work‐related outcomes: A meta‐analysis. Person. Psych. 60(3):647–680.
[99]
Zoghbi-Manrique-de-Lara P, Olivares-Mesa A (2010) Bringing cyber loafers back on the right track. Indust. Management Data Systems 110(7):1038–1053.
Index Terms
- The Impacts of Internet Monitoring on Employees’ Cyberloafing and Organizational Citizenship Behavior: A Longitudinal Field Quasi-Experiment
Index terms have been assigned to the content through auto-classification.
Recommendations
The Relationship between Organizational Citizenship Behavior and Entrepreneurial Orientation: A Research in the Hospitality Industry
AbstractIn the 21st century, the most important intellectual capital that makes organizations successful is the employee. The critical point for fierce competition and survival of the organizations is the ability of management of employees’ attitude and ...
Employee job attitudes and organizational characteristics as predictors of cyberloafing
Cyberloafing is the personal use of the Internet by employees while at work. The purpose of this study is to examine whether employee job attitudes, organizational characteristics, attitudes towards cyberloafing, and other non-Internet loafing behaviors ...
Organizational Citizenship Behavior of Information System Personnel: The Influence of Leader-Member Exchange
Leader-member exchange LMX represents the quality of interaction between leaders and members of a work unit, such as the information system function within an organization. LMX is expected to improve organizational citizenship behavior, beneficial ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
Copyright © 2023 The Author(s).
This work is licensed under a Creative Commons Attribution 4.0 International License. You are free to copy, distribute, transmit and adapt this work, but you must attribute this work as “Information Systems Research. Copyright © 2023 The Author(s). https://doi.org/10.1287/isre.2020.0216, used under a Creative Commons Attribution License: https://creativecommons.org/licenses/by/4.0/.”
Publisher
INFORMS
Linthicum, MD, United States
Publication History
Published: 01 September 2024
Accepted: 19 July 2023
Received: 15 April 2020
Author Tags
Qualifiers
- Research-article
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- View Citations1Total Citations
- 0Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Reflects downloads up to 02 Mar 2025
Other Metrics
Citations
Cited By
View all- Siponen M(2025)Evidence-Based Cybersecurity Management: How to Use Sanctions Effectively and Avoid PitfallsComputer10.1109/MC.2024.349085258:1(142-145)Online publication date: 1-Jan-2025