Download - Chapter Five ACG 5458 The Regulatory
![Page 1: Chapter Five ACG 5458 The Regulatory](https://reader033.vdocument.in/reader033/viewer/2022061121/546e48f3af7959fb1f8b50ee/html5/thumbnails/1.jpg)
Chapter Five
ACG 5458
The Regulatory
Environment
![Page 2: Chapter Five ACG 5458 The Regulatory](https://reader033.vdocument.in/reader033/viewer/2022061121/546e48f3af7959fb1f8b50ee/html5/thumbnails/2.jpg)
The Regulatory Environment
Primary International and Legal Issues– Cryptography Issues– Privacy Issues– Web Linking– Internet Sales Tax– Electronic Agreements and Digital Signatures– Spam Mail– Online Auctions and Content Filtering
Implications for the Accounting Profession
![Page 3: Chapter Five ACG 5458 The Regulatory](https://reader033.vdocument.in/reader033/viewer/2022061121/546e48f3af7959fb1f8b50ee/html5/thumbnails/3.jpg)
Cryptography
Cryptography is a mathematical encoding that transforms readable messages into unreadable formats (cyphertext).
Key length (size) determines the difficulty to crack the code.
Encryption is the coding
Decryption is the decoding
•40-Bit Key-3 hours to break code•56-Bit Key-22 hours to break code•64-Bit Key-30 days to break code•128-Bit Key-2,000 years to break code
![Page 4: Chapter Five ACG 5458 The Regulatory](https://reader033.vdocument.in/reader033/viewer/2022061121/546e48f3af7959fb1f8b50ee/html5/thumbnails/4.jpg)
Cryptography
Regulatory Issues: Domestic use, Importation and Exportation
rules– Rules differ by country– US is “looser” than China, Belarus, Kazakhstan and
Pakistan Use of encryption by criminals, terrorists, and
money launderers. Ability of law enforcement to obtain decrypted
forms of encrypted messages, either through a key recovery or a key escrow system.
![Page 5: Chapter Five ACG 5458 The Regulatory](https://reader033.vdocument.in/reader033/viewer/2022061121/546e48f3af7959fb1f8b50ee/html5/thumbnails/5.jpg)
Cryptography
Key escrow systems involves a central repository that contains all encryption keys.
Key recovery systems have some mechanism that will provide authorized law enforcement agencies the ability to recover and use the key (e.g., trusted third party).
Issues: How will sufficient controls be created and
maintained to protect citizens from law enforcement abuse of authority?
How is it possible to enforce internationally?– INTERPOL prefers a key recovery system.
![Page 6: Chapter Five ACG 5458 The Regulatory](https://reader033.vdocument.in/reader033/viewer/2022061121/546e48f3af7959fb1f8b50ee/html5/thumbnails/6.jpg)
Privacy of Private Citizens
Information Privacy: the right to have one’s personal or business data be kept confidential.
Privacy Groups: Center for Democracy and Technology Electronic Frontier Foundation Electronic Privacy Information Center Privacy International Privacy Rights Clearinghouse Online Privacy Alliance
![Page 7: Chapter Five ACG 5458 The Regulatory](https://reader033.vdocument.in/reader033/viewer/2022061121/546e48f3af7959fb1f8b50ee/html5/thumbnails/7.jpg)
0.62
0.97
0.76
0.94
Random Sample Most PopularSites
Post a PrivacyPolicy.
Links thePrivacy Policyfrom the HomePage
Figure 5-1: Percentage of US Sites That Post Privacy Policies and Link From Home Pages
Source: FTC, 2000
![Page 8: Chapter Five ACG 5458 The Regulatory](https://reader033.vdocument.in/reader033/viewer/2022061121/546e48f3af7959fb1f8b50ee/html5/thumbnails/8.jpg)
Privacy of Private Citizens
Federal Trade Commission (FTC) Five Core Principles of Privacy Protection:
Notice Choice Access Integrity and Security EnforcementRegulatory Issues: Self-regulation or government regulation?
– If government regulation, which one? Differences exist between countries, US “looser” than European Union
How do we protect children’s privacy?
![Page 9: Chapter Five ACG 5458 The Regulatory](https://reader033.vdocument.in/reader033/viewer/2022061121/546e48f3af7959fb1f8b50ee/html5/thumbnails/9.jpg)
Figure 5-2: Percentage of US Sites That Collect Personally Identifiable Information and Utilize the FTC Principles
55%
89%
50%
67%
43%
83%
55%
74%
20%
42%
0
0.1
0.20.3
0.4
0.5
0.60.7
0.8
0.9
Notice Choice Access Security All 4 tosomeextent
RandomSample
MostPopular
Source: FTC, 2000
![Page 10: Chapter Five ACG 5458 The Regulatory](https://reader033.vdocument.in/reader033/viewer/2022061121/546e48f3af7959fb1f8b50ee/html5/thumbnails/10.jpg)
Figure 5-3 Percentage of US Sites That Collect Personally Identifiable Information and Implement Choice Options
Random Sample(detail of the 50% who offer choice)
Opt-In25%
Opt-Out 71%
Unclear4%
Most Popular
Opt-Out 75%
Opt-In16%
Unclear9%
(detail of the 67% who offer choice)
Source: FTC, 2000
![Page 11: Chapter Five ACG 5458 The Regulatory](https://reader033.vdocument.in/reader033/viewer/2022061121/546e48f3af7959fb1f8b50ee/html5/thumbnails/11.jpg)
Privacy and Security
From the FTC’s 2000 study: Only 39% of the random sample (54% of the
most popular sites) take steps to provide security during transmission.
Only 29% of the random sample (48% of the most popular sites) take steps to provide security after receipt.
Only 8% of the random sample (45% of the most popular sites) display some sort of privacy seal from an independent third party.
![Page 12: Chapter Five ACG 5458 The Regulatory](https://reader033.vdocument.in/reader033/viewer/2022061121/546e48f3af7959fb1f8b50ee/html5/thumbnails/12.jpg)
Children’s Privacy Regulation
FTC’s 1998 study found that 89% of children’s sites were collecting private information on children:– Email and postal addresses
– Telephone numbers and Social security numbers
– Age, date of birth, and Gender
– Education
– Interests and Hobbies Enticements such as prizes, raffles or contests
are used often.
![Page 13: Chapter Five ACG 5458 The Regulatory](https://reader033.vdocument.in/reader033/viewer/2022061121/546e48f3af7959fb1f8b50ee/html5/thumbnails/13.jpg)
Adults’ Privacy Rights and the EU’s Directive
1998 European Union Privacy Directive states that personal data on the Internet must be:– Collected only for specified purpose– Processed fairly and lawfully– Kept accurate and current– Destroyed after stated purpose is fulfilled.
Users have the right to access their information for correction, erasure or blockage, choose to opt in or out, oppose automated decisions, and have judicial remedy and compensation.
![Page 14: Chapter Five ACG 5458 The Regulatory](https://reader033.vdocument.in/reader033/viewer/2022061121/546e48f3af7959fb1f8b50ee/html5/thumbnails/14.jpg)
EU Privacy Directive Affects US Companies doing Business with the EU EU citizens have greater privacy rights than US
citizens US and the EU developed a “safe harbor” for
US businesses in 2000:– Notice– Choice– Transfers to third parties– Access– Security– Data integrity– Enforcement
![Page 15: Chapter Five ACG 5458 The Regulatory](https://reader033.vdocument.in/reader033/viewer/2022061121/546e48f3af7959fb1f8b50ee/html5/thumbnails/15.jpg)
More on Privacy: Past and Current Events
Toysmart.com selling its customer list More.com passed customer’s
prescription information to HealthCentral Carnivore: FBI’s Internet sniffing code
– Argument with Earthlink.com exposed a high level of citizen monitoring.
![Page 16: Chapter Five ACG 5458 The Regulatory](https://reader033.vdocument.in/reader033/viewer/2022061121/546e48f3af7959fb1f8b50ee/html5/thumbnails/16.jpg)
Web-Linking
Legal problems occur when: Inappropriately referencing a linked site Not referencing the site from which you copied
information to your site Displaying another site’s information without
the original advertisements Unauthorized use of trademarks in metatags Unauthorized display of registered trademarks
![Page 17: Chapter Five ACG 5458 The Regulatory](https://reader033.vdocument.in/reader033/viewer/2022061121/546e48f3af7959fb1f8b50ee/html5/thumbnails/17.jpg)
Web-Linking and Defamation
Defamation occurs when an individual makes a false statement about another individual or business that is damaging to their reputation.
The issue: whose rights prevail? The right to free speech? The right to be safe from harassment?
It’s often not clear: Can opinions be separated from facts?
![Page 18: Chapter Five ACG 5458 The Regulatory](https://reader033.vdocument.in/reader033/viewer/2022061121/546e48f3af7959fb1f8b50ee/html5/thumbnails/18.jpg)
Web linking withoutProper Referencing
Linking using framing involves: Not carrying the original site’s
advertisements to the new site TotalNews case of copyright and
trademark infringement, unfair competition, and wrongful interference
![Page 19: Chapter Five ACG 5458 The Regulatory](https://reader033.vdocument.in/reader033/viewer/2022061121/546e48f3af7959fb1f8b50ee/html5/thumbnails/19.jpg)
Web linking using Metatags
Corporations attempt to increase the visits to their sites by putting well-recognized trademarks in the HTML metatags that are labeled as keywords for search engines
Trademarks include words, names, symbols, logos, and graphical designs
Federally registered trademarks bear an ®
![Page 20: Chapter Five ACG 5458 The Regulatory](https://reader033.vdocument.in/reader033/viewer/2022061121/546e48f3af7959fb1f8b50ee/html5/thumbnails/20.jpg)
Trademark Infringement
Trademark is displayed on the website without explicit permission granted by the owner of the trademark, and
Trademark display causes either– A likelihood of confusion
• Similarity to something else, malicious intent, actual evidence of confusion
– Or tarnishes the value of the trademark• Association with inferior quality, alteration of
the trademark, or representing the trademark in an attack.
![Page 21: Chapter Five ACG 5458 The Regulatory](https://reader033.vdocument.in/reader033/viewer/2022061121/546e48f3af7959fb1f8b50ee/html5/thumbnails/21.jpg)
Linking to Illegal Files
Downloading of copyrighted materials, such as music, increases your risks of litigation:– Napster cases– MP3.com cases
![Page 22: Chapter Five ACG 5458 The Regulatory](https://reader033.vdocument.in/reader033/viewer/2022061121/546e48f3af7959fb1f8b50ee/html5/thumbnails/22.jpg)
Domain Name Disputes Top level domains (e.g., .com, .org)
– Internet Corporation for Assigned Names and Numbers (ICANN) – nonprofit organization
• Many domain name registrants, such as Network Solutions, Inc.
1999 Anticybersquatting Consumer Protection Act – Does not allow domain names to be held hostage or
used if they are established trademarks.– Does not allow similar or identical trademarks to
share a domain name.– Changed the domain name assignment from “first
come, first served” to “who utilized the name for business purposes first”
![Page 23: Chapter Five ACG 5458 The Regulatory](https://reader033.vdocument.in/reader033/viewer/2022061121/546e48f3af7959fb1f8b50ee/html5/thumbnails/23.jpg)
Internet Sales Taxes
It is an interstate taxation problem: which jurisdiction applies? There are over 30,000 tax jurisdictions in the US alone.
2001(1998) Internet Tax Freedom Act– No state/local sales taxes on Internet services
provision or use.– Does not apply if the buyer and seller are in
the same state and the seller has a corporate presence (if no corporate presence, then a use tax applies).
– A future federal sales tax may be the only solution in the future to this problem.
![Page 24: Chapter Five ACG 5458 The Regulatory](https://reader033.vdocument.in/reader033/viewer/2022061121/546e48f3af7959fb1f8b50ee/html5/thumbnails/24.jpg)
International Tax Issues
Different countries have different opinions and tax systems:
European Union prefers a value-added tax, but still has to resolve different rates in different countries within the EU.
China prefers sales taxes on Internet transactions.Corporate presence: Differing definitions between countries. Global infrastructures: what if company building is in
one country, and web server is in another? Organization for Economic Cooperation and
Development (OECD) is working on a global definition of physical presence
![Page 25: Chapter Five ACG 5458 The Regulatory](https://reader033.vdocument.in/reader033/viewer/2022061121/546e48f3af7959fb1f8b50ee/html5/thumbnails/25.jpg)
Electronic Agreements and Digital Signatures
American Bar Association (ABA) details important aspects of digital signatures:
Signature and document authentication Affirmative act Efficiency
2000 Electronic Signatures Act (E-Sign) Allows but does not require electronic signatures for
contracts for international and interstate contracts Electronic record should accurately reflect the written
document information and stay accessible to all parties. Wills, trusts, family matters such as divorce, transportation
of hazardous materials, recalls of products, cancellation of insurance do not apply.
![Page 26: Chapter Five ACG 5458 The Regulatory](https://reader033.vdocument.in/reader033/viewer/2022061121/546e48f3af7959fb1f8b50ee/html5/thumbnails/26.jpg)
1999 Uniform Electronic Transactions Act (UETA)
National Conference of Commissioners on Uniform State Laws (NCCUSL)
22 states have adopted this attempt at a common standard, similar to E-Sign
Provides standards for electronic contract acceptance, accuracy and integrity, enforcement, and electronic agents.
![Page 27: Chapter Five ACG 5458 The Regulatory](https://reader033.vdocument.in/reader033/viewer/2022061121/546e48f3af7959fb1f8b50ee/html5/thumbnails/27.jpg)
1999 Uniform Computer Information Transactions Act (UCITA)
National Conference of Commissioners on Uniform State Laws (NCCUSL)
2 states have adopted this attempt at a common business transactions standard
Clarifies the UCC law in terms of computer information transactions
Makes the law uniform among various jurisdictions
![Page 28: Chapter Five ACG 5458 The Regulatory](https://reader033.vdocument.in/reader033/viewer/2022061121/546e48f3af7959fb1f8b50ee/html5/thumbnails/28.jpg)
International Digital Signature Environment
Many countries have passed digital signature laws:
Argentina, Australia, Austria, Canada, Columbia, Estonia, European Union, Finland, Germany, Hong Kong, Ireland, Japan, Malaysia, Philippines, Singapore, Switzerland
Many more are currently in process.
![Page 29: Chapter Five ACG 5458 The Regulatory](https://reader033.vdocument.in/reader033/viewer/2022061121/546e48f3af7959fb1f8b50ee/html5/thumbnails/29.jpg)
SPAM e-mails
Spam mail is the mass sending of unsolicited e-mail advertisements.
E-mail addresses may be purchased lists or may be retrieved from intelligent agents.
Cost of sending SPAM is very low Costs to recipients is high on network
loads
![Page 30: Chapter Five ACG 5458 The Regulatory](https://reader033.vdocument.in/reader033/viewer/2022061121/546e48f3af7959fb1f8b50ee/html5/thumbnails/30.jpg)
Online Auctions and Content Filtering
What does an e-marketplace do when found to be supporting “unethical” transactions?
Filter (censor) incoming packets Filter (censor) outgoing packets depending on the
recipient (IP information such as country code)Who should determine the limits? Web site owners? Web site users? Government regulation?
![Page 31: Chapter Five ACG 5458 The Regulatory](https://reader033.vdocument.in/reader033/viewer/2022061121/546e48f3af7959fb1f8b50ee/html5/thumbnails/31.jpg)
Implications for the Accounting Profession
Expansion of legal skill sets, resources and services are warranted from:
Increased liability exposures– Taxation, privacy, intellectual property,
cryptography, digital signatures, acceptable business practices
New liability exposures More complex risk assessments Changing legal and regulatory environmentsIncreased opportunities for new services: Consulting in system design Certificate authority role in society