Organizations sometimes adopt technology not because it works but because not adopting it would look bad. Legitimacy theory explains why this is rational.
In late 2017 and through 2018, I lost count of how many companies announced a "blockchain strategy." The announcements shared a common structure. A press release, a quote from the CEO or CTO about the transformative potential of decentralized ledger technology, a vague timeline for integration, and usually very little detail about what problem was actually being solved or how blockchain was better than a regular database for that problem.
A few of these projects were genuine. Most of them were not. And yet the announcements kept coming. Not because executives had all independently decided blockchain was their best available solution, but because the announcement itself was doing a specific job. It was signaling. It was managing legitimacy.
Legitimacy theory provides the explanation. My understanding from the broader organizational theory literature is that Mark Suchman (1995) gave a widely cited definition: legitimacy is "a generalized perception or assumption that the actions of an entity are desirable, proper, or appropriate within some socially constructed system of norms, values, beliefs, and definitions." I am citing this from my reading of secondary sources and course materials, as Suchman's 1995 paper does not appear directly in my verified study-hub files. But the concept itself is well-established in organizational research.
What the definition captures is that legitimacy is not about performance. It is about perception within a social context. An action is legitimate when relevant stakeholders, investors, analysts, customers, peers, regulators, perceive it as the appropriate kind of action for an organization in your position. The consequence for technology adoption is significant. Organizations may adopt technology not primarily because it will improve operations, but because adopting it signals to those stakeholders that the organization is credible, modern, and well-managed.
This is not cynicism. The theory says this behavior is rational. If your investors expect organizations in your industry to have an AI strategy, and you do not announce one, you face a legitimacy deficit. The cost of that deficit, skepticism from investors, questions from the board, disadvantage in talent recruitment, can exceed the cost of announcing a strategy that has not fully materialized yet. So organizations announce. The announcement manages the legitimacy problem even before the technology does anything.
DiMaggio and Powell (1983) framed the mechanism that produces this behavior as mimetic isomorphism. Under conditions of uncertainty, organizations imitate other organizations that appear successful or legitimate. When one company announces a blockchain strategy and gets positive press coverage and no apparent punishment for it, other companies are incentivized to do the same. The field converges. Not because everyone independently evaluated blockchain and reached the same conclusion, but because imitation under uncertainty is a rational strategy for managing legitimacy. I wrote about this more directly in a previous post on institutional isomorphism and AI adoption.
The post-ChatGPT period from late 2022 onward is the most recent vivid example. By most accounts, companies that had never built a machine learning model in their history were announcing AI roadmaps within months of ChatGPT's release. Some of those commitments turned into real products. Many of them turned into "AI-powered" labels attached to existing features with minimal change. And a significant portion of them were simply legitimacy management in press release form.
The interesting IS research question is how you distinguish between adoption driven by legitimacy pressure and adoption driven by genuine technological fit. It is not always easy. Organizations themselves may not know which is operating. A CIO who genuinely believes their company needs an AI strategy might not be wrong, but the belief could be partly driven by the social pressure to believe it, rather than a clean-eyed assessment of business need. Legitimacy pressure is not always conscious.
There is also a timing problem that legitimacy theory helps explain. Organizations that adopt technology early, before it is proven, are taking a risk. But they gain a legitimacy benefit: the appearance of being forward-thinking leaders. Organizations that wait until a technology is proven face lower technical risk but a legitimacy cost, looking like followers who were slow to see what was coming. The optimal adoption timing from a legitimacy standpoint is different from the optimal timing from a pure technology evaluation standpoint. And in many industries, the legitimacy calculus wins.
This has real consequences. When organizations adopt technology primarily for legitimacy reasons, implementation is usually underresourced. The announcement was the point. The hard work of actually integrating the technology, training people, redesigning processes, measuring outcomes, comes second. So you get a lot of organizations with "AI strategies" that consist of a vendor contract, a pilot that runs for six months, and a gradual quiet de-emphasis as attention moves to whatever legitimacy signal comes next.
There is nothing uniquely modern about this. The blockchain example could have been the intranet in 1996, or e-commerce in 1999, or big data in 2012, or the cloud in 2015. Each of those cycles had a period where the announcement mattered more than the implementation, where looking like you had a strategy was at least as important as having one. Legitimacy theory is not a critique of individual organizations. It is a description of how social pressure shapes organizational behavior in ways that efficient-market logic alone cannot explain.
The technology changes. The social dynamics producing adoption waves do not.
About the author
Share
More notes
Related notes