Privacy in Electronic Commerce - Research Paper Example

Privacy in Electronic Commerce Introduction Technology remains a medium through which people conduct different activities. It has affected various life aspects like education, business, and even social growth globally.Apart from bringing many advantages in the developing world, technology also brings with it disadvantages like insecurity where terrorist groups use it to conduct criminal activities over the world. Electronic commerce refers to businesses conducted over the web using internet-reliant applications like web services, instant messaging, e-mails, Electronic Data Interchange, online transactions, and electronic money transfer, among others (Qin 8). The rising technological advancementslargely affectconsumer behavior due to the many people engaging in online businesses.Different countries have set laws to govern electronic commerce. The work that follows is a research on privacy as a consumer issue in electronic commerce. Consumer privacy is an important aspect that businesses need to consider to preserve and retain their customers. Electronic commerce largely relies on the use of World Wide Web since most of its transactions use technologies like telephones, e-mails, and social media devices like mobile phones, which need a lot of privacy.Businesses or organizations willing to conduct online transactions need to create an environment that ensures consumer security.Electronic commerce is facing customer shortages because many consumers opt not to make online purchases. This is probably because of risks involved in electronic commerce such as loss of jobs, blocking of careers, and losses resulting from unauthorized access and inappropriate use of personal information (Frost). However, various countries like the United States lack regulations governing disclosure of how they use information gathered from online consumers, information that gives them freedom to use customers’ personal information. Companies participating in electronic commerce take advantage of customers’ unawareness on whether the companies can gather and access their personal information online, though the customers know the need for privacy of their personal information (Frost).According to the U.S Federal Trade Commission (FTC), failure of electronic commerce to attain its potential, results from lack of proper regulations on consumer privacy.Privacy concerns have led to losses in sales, a situation that has left the determination on whether companies should regulate online privacy issues on their own, or whether there is a need for the government’s intervention to the commission. To counter worries from the public over websites’ handling of personal information, the U.S Congress, local communities and state legislatures havereceived introduction of a number of bills concerning protection of customers’ private information (Frost).However, the rapidly changing technology acts as an obstacle to drafting the regulations.Imposing tight requirements on the internet, according to some legislators would adversely affect electronic commerce growth, and possibly its effect be greater than the fears people have on the loss of privacy. In past days, businesses using the internet like for example, banks and insurance companies enjoyed the confidence in their business with customers, but nowadays the privacy lies in question. This results from the technological advancement that currently exists in the world. Apart from baking and insurance institutions, communication companies keep wide information about their customers’ details. This information reveals much information like consumer’s location at the time they use the service, the content of e-mails or texts sent, the visited sites, and information downloaded, among others (Frost). Due to lack of proper consumer privacy laws, these institutions can access consumers’ personal information and use it for their benefit. Lack of consumer privacy, accompanied by technological advancement has led to access of personal information about individuals when consumers are surfing the internet. The persons or companies tracking them use their information to make profits, which betrays consumer’s expectation on the privacy of their personal information. Consumer Privacy and Security Issues Consumers and businesses exist in a new technical environment with use of technology to benefit both of them, and attempts to set regulations to govern the business environment (Ackerman and Davis).These changes affect online business since people have different expectations on the handling of their information by websites or government regulations on electronic commerce.Engaging in electronic commerce brings about effects on consumers’ privacy and security issues.Privacy issues have an effect on a customers’ social and business progress. Privacy Issues Electronic commerce involves the use of digital media to track and record consumers’ data at an improved speed due to the rise in technology. Information showing a consumer’s purchase or shopping patterns, their preferences, and the pattern they use in searching for information remains confidential to them.However, lack privacy in electronic commerce creates room for access to the information. This happens when websitescumulate the data across different sites by websitesexposingthecustomer’ssocial privacy (Ackerman and Davis). Lack of privacy allows a company access to consumer’s personal information and can use it tomarket their organization through personalized electronic experience or expanding their customer support.This largely affects the trust consumers have had on companies as media surveys show companies not abiding by their promise to keep privacy ofconsumer information (Ackerman and Davis). Consumers’ concern in privacy of their information lies in two aspects; first, accessing personal information without their authorized permission may infringe their data security, and secondly, there is the risk of using their personal information for other purposes without their permission like sharing the data with a third party not included in the transaction made between the consumer and the organization. Security Issues Security in electronic commerce affects both the consumer and the sites. As consumers fear losing their financial data, the sites fear financial losses resulting from unauthorized access or publicity (Ackerman and Davis). The most common financial security vulnerabilities occur when a customer accessing an electronic commerce site discloses their details on credit card and address information when shipping a purchase made. A scenario like this involves a number of networks and systems, and lack of privacy control can lead to unauthorized access to customer and organization’s information. Many processes that exist involve a lot of dissemination of personal information since an online shopper has to access a certain web site for personal identification to the site, a process that begins with the home computer and its browser (Ackerman and Davis).Data security remains questionable here becausethe server has to capture and record the customer’s personal information as they transact online. Privacy in electronic commerce thus remains a consumer issue because of the rise in technological advancements where people keep on learning new approaches to technological advancements. However, different organizational groups, nations, and internationalorganizations have come together with regulations to fight and control violation of consumer privacy in electronic commerce.These regulations exist in the form of laws. Globalization also contributes to the success of the program since member countries in the World Trade Organization (WTO) have to cooperate with each other.The organization pressurizes nations for example, U.S to implement laws on consumer privacy protection apartthose invented by consumer privacy groups in the country (Frost).Since countries have differing privacy laws, sites doing electronic commerce have to abide by the regulations of the host country. Evolution of Consumer Privacy Protection Consumers participating in electronic commerce have different perceptions on information privacy. According to Federal Trade Commission (FTC), while some consumers view the collection and sharing of their personal information as a trouble to them, others do not have knowledge whether the collection and sharing of information exist.Others know about the existence of the practice, but assume it is a worthypractice through which they can engage in business and access innovative products and services and thus have no concern on the risks involved (FTC 1). The Federal Trade Commission aims at protecting consumers’ personal information and maintaining their confidence in taking advantage of the continuously changing marketplace. The commission initiated public seminars in December2009 to look into issues of consumer privacy and challenges associated with the rise in technology in businesses collecting and using consumers’ personal information (FTC 1). The commission organized the seminars based on its continued approach to consumer privacy protection given the rise in marketplace changes, which include new technology developments and business modules namely; mobile services, social media services, increasing advertising behaviors and cloud computing (Howells and Stephen 381). These services prove important to consumers as they inform them of the availability of new commodities in the market. They too require a lot of data collection from the consumers to enable them access the services. The seminars organized by the commission aimed at evaluating how the commission can offer the best protection of consumer information privacy putting into consideration the ability of companies to offer innovative and competent services to consumers (FTC 1). The seminars covered topics including the risks and benefits collecting information from consumers, what consumers expect on the information collected, how adequate the current data privacy legislation is, and how companies treat sensitive and health information (FTC 2). They also considered the impact of online advertising behaviors, mobile services, social networking, among others on privacy of personal information. Participants in the seminars ranged from government officials, technologists, industry representatives, consumer and privacy advocates, and academics. FTC’s efforts on privacy issues came after the Fair Credit Reporting Act (FCRA) enactment in 197 (FTC 3). This law protects disclosure of sensitive consumer information used in decision making on employment, credit or insurance services to unauthorized persons. The FTC has been on the first line in ensuring consumer information privacy since those days through enforcing laws, educate consumers and businesses, and policy initiation. The FTC has maintained the balance of consumer privacy threats with the benefits offered by technology advancement by applying a flexible approach to protection of privacy that moves with the changes in the market place (FTC 3). From FTC Act Section 5, the commission has authority to act on unfair and illusory practices exercised on consumers. It has also, apart from enforcing laws held civic events and studied activities concerning the implications on privacy and security of the various business practices and technologies. The commission has held workshops focusing on the effect of mobile marketing and online advertisement, and technologies on radio frequency identification (RFID) and authentication (FTC 4). The FTC has also published a consumer educational information about diversity issues of privacy, and ways through which businesses can fulfilllegal requirements (FTC 5). Despite the commission’s commitment to consumer privacy remaining constant, the changes in the marketplace have made the commission to apply different approaches to privacy.Between mid and late 1990s, the commissions encouraged companies to practice fair information practices an enforced claims that companies made in regard to their privacy notices (FTC 6).However, in the early 2000s, the FTC began its focus on harms connected to misappropriation of consumer’s personal information, like unauthorized access to the daily lives of consumers, physical security and economic injury. These enforcements largely touched on companies that lacked adequate protection of consumer information, and vendors of spam and spyware. The Commission’s Approach to Fair Information Practices Principle Introduction of online business led the FTC to begin examining the privacy of online transactions, and the concerns consumers have about the privacy of the information they provide over the internet. In its examination, the commission drew upon set Fair Information Practice Principles, which represented the original transparency concepts, independence and accountability of the consumer (FTC 6). The commission noted the issuance of reports, model codes, and guidelines containing these fair information principles from government agencies in Europe, the United States and Canada. However, FTC focused on four key elements of the approach to fair information practices. First, the companies should give notice about the kind and use of the information they collect from consumers. Secondly, consumers should choose how companies should use the information collected from them. Thirdly, consumers should not be restricted to access of information collected from them, and fourthly, it is the companies’ responsibility to ensure security of information collected from consumers (FTC 7).The FTC also identified enforcement as an important component of regulatory program where mechanisms are used to inflictsanctions on non-compliant companies. The FTCconducted policy initiatives to promote these practices through surveys of policies of online privacy, hosting workshops and issuing the subject’s report to Congress together with comments on development on technology and self-regulation geared at enhancing consumer privacy (FTC 7). The report given to Congress by FTC showed that among the privacy policies surveyed, only a quarter addressed the four principles of fair information.The majority of the commission concluded that for electronic business to achieve its full potential and ensure confidence of consumers to participate in the market there is a need for legislation requiring online businesses’ compliance with the principles, together with self-regulation (FTC 8). The surveys, workshops, and reports conducted by the commission created public awareness on consumer privacy and made companies examine their practices for data collection despite Congress’ failure to enact the legislation. It is also during this period that the commissionused its Section 5 to handle companies that participated in unmerited and misleading practices like false policy statements on how companies collected and used consumers’ information (FTC 8). FTC’s Harm-Based Approach The commission focused on the harms that consumers may face as an approach to address consumer privacy matters.It focused on practices that caused or laid risk of causing economic or physical harm, or unauthorized access in consumer’s daily lives (FTC 9).This approach has effectively promoted consumer privacy through ensuring data security, unwanted mobile marketing, children’s privacy, identity theft, among others. The commission has used its authority to bring cases against businesses that do not practice protection of consumer’s personal data. The cases leveled include big companies that fail to: adhere to privacy policies, take appropriate measures for protection against common risks, properly dispose data, and ensure no sharing of consumers’ information third party (FCT 10). From the cases, Federal Trade Commission requires companies to execute programs that provide security of consumer information, and obtain third-party audits on how effective the programs are on consumer protection (FTC 11).The commission also cased incidences where companies collected data from children without consent from parents. Situations like these may affect children safety, and the commission enacted laws to protect these risks on children. Current Consumer Privacy Laws and Initiatives Nations practice different consumer privacy laws, which differ from the others depending on law enforcements that exist in the country making the difference in various ways of handling cases related to online businesses.The case York University v. Bell Canada Enterpriseshows tests that a Norwich order performs before it decides on a consumer privacy case. The Ontario Superior Justice Court issued a Norwich order that permitted York University to seek for disclosure of information about the identity of the persons who posted offensive information on an electronic medium concerning a professor of the York University from third parties (Elliott PC). From this case, a Norwich order permits a plaintiff to seek disclosure of identity information from a third party so as to act against a defendant.As pointed out earlier, different privacy laws exist in different countries.Elliott gives an example of Norwich order test, which gives the court authority to order for disclosure of the identity of persons accused using the internet abusively from the third-party. In this case, Bell Canada Enterprises and Rogers Communications are the third-party providing information about the defendants. But, the othertest works after several considerations were conducted; the test found the words in the email as offensive to the professor, Bell and Rogers were the conduit through which the email was sent, there was no other source of information apart from Bell and Rogers, there was minimal cost of the two to abide by the order, and justice could not be achieved until disclosure of the defendant’sidentity (Elliott PC).It is only after consideration of these factors that the other test applies, and the court can order for identity disclosure.These are laws that exist in Canada concerning consumer privacy in online services. Notice There is no notice or any representation or appearance of the defendants before the court in this case. The court did not consider notifying the targeted persons, but concluded that the case needed no notification to the defendants (Cameron).As Cameron points, although it might seem appropriate to notify persons involved in consumer privacy cases, it appeared to the contrary that the Canadian court did not practice it in handling these cases.However, the concern of notifying individuals affected by these cases will arise in future cases where privacy interests and those of a Norwich applicant in pursuing a potential claim are balanced (Cameron). Privacy Expectation Generally, customers engaging in electronic commerce or other internet services except that the service providers preserve the privacy ofwhatever they do because they read the conditions of service from their service providers, most of which guarantee their privacy(Consumer Protection Handbook 31). The court making decision on theYork University v. Bell Canada Enterpriseshad read the terms and conditions of services provided by Bell and Rogers and concluded that; a customer accessing services from Bell can consider that a court can order for disclosure of their identity when they engage in unlawful or offensive activities (Cameron), and that the customer who publishes the information should not expect privacy inn using the communication for publishing offensive statements. The above conclusion rests on the fact that targeted persons have conducted unlawful practices. However, the court’s decision to disclose the identity of the defendants was not based on permitting the plaintiff to sue or determine whether the action took place.This means that when a court is issuing a Norwich order, it necessarily does not know whether the suspect engaged in the practice or not (Cameron).From the case, conclusions on privacy expectations can be that internet service users expect privacy intheir use of the internet, though the court, under certain circumstances can peep into their privacy especially when they participate in unlawful practices. Privacy by Design (PbD) As earlier mentioned, countries have different laws governing consumer information privacy. Some jurisdictions have privacy as a right in their constitutions. For example, all member states in the European Union have agreed to the protection of human rights and fundamental freedoms, and they recognize privacy as a law. Article 8 of the European Convention for the Protection of Human Rights and Fundamental Freedom (ECHR) protects the right to respect for private and family life, and the modern privacy protection in Europe bases from this law (Krebs 3). However, the right to privacy is not constitutionally granted, but has its roots and protection in the court’s interpretation of Section 8 of the Charter of Rights and Freedom, the right to be free from unreasonable search and seizure(Krebs 3). The protection of privacy rights in Canada is similar to the 4th amendment in the United States; however, individuals should not draw to conclusions since the jurisprudence in America and Canada istotally different.In situations where an individual expects privacy, the constitution protects the right of the individual when infringement on consumer’sprivacy expectation occurs from the state. Privacy rights not only comprise of liberty protection, but also privacy of information and the individual’s dignity (Krebs 4). Enforcement The Federal Trade Commission has been engaged in cases on upcoming technologies that allow access to and use of consumer information.The commission gives an example of a case involving a violation of consumers’ privacy rights by Searsby lying to customers about the extent of its online data tracking (FTC 12).According to the commission, Sears had to pay customers who visited their website and downloaded research software. This was through enforcement of laws governing consumer information privacy. Consumer and Business Education The FTChas educated businesses and consumers on information security and privacy of consumers. It educates consumers on online threats like spyware, and the measures they can take to avoid them. Other programs include teaching medium-sized and small businesses on the implementation of data security for personal information (FTC 14). Other initiatives by the commission include policy making and research where organized workshops teach consumers on the effects of emerging technologies on consumer security and data privacy. Proposed Initiatives in Consumer Protection One of the main proposed initiatives is cloud computing where, apart from having private control of online businesses as it happens nowadays, the control remains to cloud service providers (Mell and Grance). Companies practicing cloud computing will not have to buy IT equipmentlike storage facilities, servers, maintenance services of or even software since they are outsourced to IT outfits specializing in such services(European Parliament 15).One major advantage of this program is that it gives companies to specialize on their core business objective. Cloud computing will not only benefit business sector, but other sectors like education and health. Comparative analysis of proposed frameworks over the current The rising technological advancement has brought benefits to consumer privacy. Use of internet in cloud computing has promised cost reduction and allows accessibility regardless of time and location.Compared to the existing frameworks, the benefits of using cloud computing are; i) Cost reductions where consumers do not have to buy their own IT equipment like servers, software, among others (Boch- Anderson). ii) Using cloud computing increases security of small and medium-sized businesses, which may lack ability to access high security tools. iii) Cloud service providers are in charge of IT resources maintenance and updating. It helps organizations cut costs incurred in employing departments for maintenance and update of resources. iv) It creates independence since it can be used with a wide range of devices like computers, mobile phones, and tablets among others, thus when changing devices, the applications still remain. Conclusion Technology makes the greatest contribution to electronic commerce. Implementation of various accessibility patterns to the web has also led to unauthorized access toconsumers’information like purchasing behaviors, among others.To protect unauthorized access, nations have set laws governing protecting consumer information privacy, laws that differ from each other. Consumer protection remains a constitutional right in some countries like European Union member nations, while in other nations like Canada and U.S, security of consumer information lies mostly under court control(Krebs 3).Due to standardization and insights on commercial law, proposals have been made on consumer protection frameworks, which prove to be more advantageous, compared to the current. If properly implemented, the frameworks can help improve consumer privacy in electronic commerce. Work Cited Ackerman, Mark S. and Davis, Donald T., Jr. Privacy and Security Issues in E-Commerce. Web. 4. November. 2013. Boch- Anderson, Lisa. Hospital uses cloud computing to improve patient care and reduce costs. 15. April. 2011. Web. 4. November. 2013 Cameron, Alex. “York University v. Bell Canada Enterprises: Observation and Implications for Future Norwich Jurisprudence”. Slaw. 15. September. 2009. Web. 4. November. 2013 Consumer Protection Handbook. Chicago, Ill: ABA, Section of Antitrust Law, 2004. Print. Krebs,David “Privacy by Design”: Nice-to-have or a Necessary Principle of Data Protection Law? Jipitec. 4. January. 2013. Web. 4. November. 2013. Elliott PC, Heydary. Ontario Court GrantsNorwich Order to Disclose Identity of Defendants. Laws of.com. 14. October. 2009. Web. 4. November. 2013 Frost, Randall. “Who is securing your identity online?” Brandchannel. 22. September 2003. Web. 4. November. 2013 FTC. “Protecting Consumer Privacy in an Era of Rapid Change”. Federal Trade Commission. 01 December 2010. Web. 3. November. 2013. Howells, Geraint G, and Stephen Weatherill. Consumer Protection Law. Aldershot [u.a.: Ashgate, 2005. Print. Mell, Peter and Grance , Timothy. The NIST Definition of Cloud Computing. 2011. Web. 4. September. 2013. Qin, Zheng. Introduction to E-Commerce. Berlin: Springer Berlin, 2007. Print. The European Parliament, Cloud Computing Study. 2012. Web. 4. November. 2013 Read More