Impact of Exposing Personal Data - Research Proposal Example

Impact of Exposing Personal Data The requirement for securing personal data and privacy online is due to many reasons. The first reason incorporates not a single law of how to handle customer data. For instance, if an online company sells products and maintains databases including customer information, they can do whatever they want. Most probably, they can sell data in terms of cash. Every website has a link stated as ‘Website Privacy Policy’, but no one knows exactly, to what extent they are authentic. The practical approach to that privacy policy is a different story. The second most prominent reasons are hacking, viruses, Trojans, spywares, phishing and many more. All these threats are designed to gain administrative access to user systems and to steal confidential and personal information Due to these threats; organizations are bound to incorporate strict security procedures and compliance for databases that are incorporated with customer data. Moreover, incorporation of intrusion detection systems and expensive security devices are not new. Customers provide information online due to many reasons, but most importantly, they provide information mostly on the website. Due to lack of technology and measures of customer personal privacy, online businesses fail to protect their database by security breaches conducted by hackers or cyber criminals. The data including all the personal information of the customer is breached resulting in exposure of thousands of authentic customer personal information and financial status. In order to conduct a security breach on the web server, cyber criminals use Internet, as a carrier along with intelligent codes that are purposefully constructed to extract confidential information, the most favorable point of attack is the web server. The information that is provided online by the users is gathered in a database that is connected to the web server. Hackers and cyber criminals deploy various methods to attack web servers in order to extract information that is stored in the database. Due to this reason, business suffer severe losses from data theft issues as in 2009 investigators related to data breach reported from Verizon business that crooks nabbed 285 million records. (Larkin 2009) Peter Tippett, who is the author of the report and vice president of innovation and technology with Verizon Business, says that the report includes all the IP addresses associated with the account that are used in the thefts, and criminals are identified only because of in depth investigations by collaborative support of law enforcement agencies including FBI and Scotland Yard,. From this particular report, 90 security breaches were studied out of which 68 were reversed for further investigation to a specific IP address and location. The conclusions highlighted Eastern Europe as a common source followed by East Asia and North America (Larkin 2009). 1.1 Social Networking Sites Moreover, social network sites are another domain that is of prime concerned, in the context of exposing personal privacy. People are spending an enormous amount of time on these websites, and are becoming habitual of online communication, which portrays a negative impact on face-to-face communication. The teenagers are not aware that the information and published material including pictures can be retrieved even after deletion from the social networking site. By over sharing, personal information may attract cyber criminals, burglars and even employers who can evaluate values of a person by reviewing comments on the site that may compromise the individual to lose his job. There is no credibility of the user authentication of what they are claiming to be on social networking sites. Users trust textual communication from these social networking sites more than emails. The security of these websites can be compromised anytime and can publish the communication or personal pictures on the web if breached. However, the integration of email filtering and spam protection is not available on social networks as compared to the traditional email software, which can be integrated with anti-viruses and anti-phishing frauds. Moreover, online users are unaware of the public nature of online profiles generating security risks to the personal and confidential data that can be trade in for various purposes against cash. 1.2 A Treat for Hackers Social networking profiles are the best sources for cyber criminals to gather information, which can be used for stealing information, for example; birth days, pet names, mothers' maiden names, secret questions, names of children can be revealed from the interest column of the user profile. By posting personal information, offline crime may result. For example, an individual is discussing a vacation plan and the robbers on the other side planning for home robberies, discussing about the new laptop, which the user has purchased along with the expensive cell phone, which can also result in street crimes. Moreover, hacker traces whether, the victim is online or offline with the aid of SNS. A research was conducted in the past for evaluating data privacy issues of social networking sites. The impact of wrong identity on social networking sites has a high impact as majority of students and teenagers are addicted of cyber bullying. 1.3 Legal Issues E-commerce has provided various benefits but losses from security breaches are severe along with legal problems. The study conducted by (Fusilier, Penrod 2009) highlighted gained versus loss prevention in terms of regulatory focus. The research shows the review of the courses that the 163 master’s programs that are offered were examined. The data was collected by the web search that was related to master’s program curriculum. After the examination of all the results from all these masters programs, the conclusion was that master's programs lack courses or modules related to security, law or ethics. As these topics highlights the issues that are currently faced by the e-commerce such as legal and security incidents, it is very important to add these courses or modules to the master’s programs. Measures in security will strengthen ways to improve some prominent issues including data theft, data privacy, identity theft, hacking etc. 2 Personal Data and Privacy Acts In order to address data privacy concerns, European Union constructed a framework to protect personal information and privacy, as “Directive 95/46/EC is the reference text, at European level, on the protection of personal data. It sets up a regulatory framework which seeks to strike a balance between a high level of protection for the privacy of individuals and the free movement of personal data within the European Union (EU). To do so, the Directive sets strict limits on the collection and use of personal data and demands that each Member State set up an independent national body responsible for the protection of these data” (Europa 2011). The directive 95/46/EC is applicable on automated and computerized data. For example, client information databases and data, which include involvement of non-automated filing system? Moreover, the main purpose of this directive is to protect personal data privacy by associating certain guidelines that defines the credibility of process in the context of law (Protection of personal data). Moreover, the European Union also addressed the data privacy in the context of e-commerce by further balancing it with Directives 2002/58/EC on Privacy and Electronic and Communication (DPEC), in the context of computing personal data in the domain of electronic communications sector 9 wrapping computer personal data by communication mediums and services that is publicly available (Wong 2011). However, ‘Art. 29’ suggested an expression on ‘comprehensive and consistent data protection framework’ in order to eliminate all the remaining concerns and to dominate European Union competence (Wong 2011). 2.1 Measures to Preserve Privacy These seals ensure data privacy for consumers who provide data online. These security seals implements certain rules and policies when they are incorporated with any website. This gives customers some assurance of their personal data, as identity theft is a debatable issue that is still rising. As the servers of these websites, contain all the personal information of the customer and most importantly credit card numbers due to e commerce transactions. Some of the seals are defined as each of them specifies their own rules and policies. References Europa. 2011. Summaries of EU legislation. [ONLINE] Available at: http://europa.eu/legislation_summaries/information_society/data_protection/l14012_en.htm. [Accessed 11 November 13]. FUSILIER, M. and PENROD, C., 2009. e-Crime Prevention: An Investigation of the Preparation of e-Commerce Professionals. Journal of Internet Commerce, 8(1), pp. 2-22. GUTWIRTH, S., 2011. Computers, Privacy and Data Protection: an Element of Choice: An Element of Choice. Springer. LARKIN, E., 2009. Organized Crime Moves Into Data Theft. PC World, 27(7), pp. 33-34. Wong, R., 2011. Data protection: The future of privacy. Computer Law & Security Review, 27(1), 53-57. doi:10.1016/j.clsr.2010.11.004 Read More