Download - Ecommerce Chap 10
1© Prentice Hall, 2000
Chapter 10Public Policy:
From Legal Issues to Privacy
© Prentice Hall, 2000 2
Learning Objectives
List and describe the major legal issues related to electronic commerce
Understand the difficulties of protecting privacy and describe the measures taken by companies and individuals to protect it
Describe the intellectual property issues in EC and the measures provided for its protection
Describe some of the ethical issues in EC and the measures taken by organizations to improve ethics
© Prentice Hall, 2000 3
Learning Objectives (cont.)
Understand the conflict between Internet indecency and free speech, and the attempts to resolve the conflict
Describe the issues involved in imposing sales tax on the Internet
Discuss the controls over exporting encryption software and the issues of government policies
Differentiate between contracts online and offline
Describe the measures available to protect buyers and sellers on the Internet
© Prentice Hall, 2000 4
Legal and Ethical Issues: an Overview
PrivacyIntellectual Property
Difficult to protect since it is easy and inexpensive to copy and disseminate digitized information
Free Speech Internet provides the largest opportunity for free speech
Taxation Illegal to impose new sales taxes on Internet business at the
present time
Consumer Protection Many legal issues are related to electronic trade
© Prentice Hall, 2000 5
Ethical Issues
What is considered to be right and wrong?
What is unethical is not necessarily illegal.
Whether these actions are considered unethical depends on the organization, country, and the specific circumstances surrounding the scenarios.
© Prentice Hall, 2000 6
Ethical Issues (cont.)
Code of Ethics Many companies and professional
organizations develop their own codes of ethics
A collection of principles intended as a guide for its members
A guide for members of a company or an association
© Prentice Hall, 2000 7
PrivacyCollection, storage,
and dissemination of information about individuals
AccuracyAuthenticity, fidelity, and
accuracy of information collected and processed
PropertyOwnership and value of
information and intellectual property
AccessibilityRight to access information
and payment of fees to access it
Organize IT Ethical Issues into a Framework
© Prentice Hall, 2000 8
Protecting Privacy
Privacy The right to be left alone and the right to be
free of unreasonable personal intrusions
Information Privacy The “claim of individuals, groups, or
institutions to determine for themselves when, and to what extent, information about them is communicated to others”
© Prentice Hall, 2000 9
Protecting Privacy (cont.)
Two rules The right of privacy is not absolute.
Privacy must be balanced against the needs of society.
The public’s right to know is superior to the individual’s right of privacy.
© Prentice Hall, 2000 10
How is Private Information Collected?
Reading your newsgroups’ postings
Finding you in the Internet Directory Making your browser record information about you Recording what your browsers say about you
Reading your e-mail
© Prentice Hall, 2000 11
Web-Site Self-Registration
Registration Questionnairestype in private information in order to receive a
password to participate in a lottery, to receive information, or to play a game
Uses of the Private Informationcollected for planning the businessmay be sold to a third partyused in an inappropriate manner
© Prentice Hall, 2000 12
40% of all users have falsified information when registering online
66% of all U.S. and European respondents don’t register as they don’t know how the information is going to be used
63% don’t feel that registration is worthwhile considering the content of the sites
58% don’t trust the sites collecting this information from them
From the Eighth User Survey by GVU (1988)
© Prentice Hall, 2000 13
Cookies
Piece of information that allows a Web site to record one’s comings and goingsWeb sites can ‘remember’ information about
users and respond to their preferences on a particular site, process is transparent to users
Web sites can maintain information on a particular user across HTTP connections
© Prentice Hall, 2000 14
Reasons for using cookiesto personalize informationto improve online sales/servicesto simplify tracking of popular links or demographicsto keep sites fresh and relevant to the user’s intereststo enable subscribers to log in without having to enter a password every
visitto keep track of a customer’s search preferencespersonal profiles created are more accurate than self-registration
Solutions to cookiesusers can delete cookie files stored in their computeruse of anti-cookie software (e.g. Cookie Cutter and Anonymous Cookie)
CookCookies (cont.)
© Prentice Hall, 2000 15
Privacy Protection
5 basic principlesNotice/Awareness— Customers must be given notice and be able to
make informed decisions.Choice/Consent— Customers must be made aware of their options
as to how their personal information may be used. Consent may be granted through ‘opt-Out’ clauses requiring steps.
Access/Participation— Consumers must be able to access their personal information and challenge the validity of the data.
Integrity/security— Consumers must be assured that the data is secure and accurate.
Enforcement/Redress— There must always exist a method of enforcement and remedy. The alternatives are government intervention, legislation for private remedies, or self-regulation.
© Prentice Hall, 2000 16
Protecting Your Privacy
Think before you give out personal information on a site
Track the use of your name and information Keep your newsgroups’ posts out of archives Use the Anonymizer when browsing Live without cookies Use anonymous remailers Use encryption Reroute your mail away form your office Ask your ISP or employer about a privacy policy
© Prentice Hall, 2000 17
Legislation
The Consumer Internet Privacy Act
The Federal Internet Privacy Protection Act
The Communications Privacy and Consumer Empowerment Act
The Data Privacy Act
© Prentice Hall, 2000 18
Personal Information in Databases Databases of banks and financial institutions; cable
TV; telephone ; employers; schools; insurance companies; and online vendors
ConcernsUnder what circumstances will personal data be released?Do you know where the records are?How are the data used?
Electronic Surveillance - Monitoring Computer Users
Tens of millions of computer users are monitored, many without their knowledge
Employees have very limited protection against employers’ surveillance
© Prentice Hall, 2000 19
Privacy Policy Basics
Data Collection Data Accuracy Data Confidentiality Data should be collected on individuals only to accomplish a legitimate business objective. Data should be adequate, relevant, and not excessive in relation to the business objective. Individuals must give their consent before data pertaining to them can be gathered.
Sensitive data gathered on individuals should be verified before it is entered into the database. Data should be accurate and, where and when necessary, kept current. The file should be made available so the individual can ensure that the data are correct. If there is disagreement about the accuracy of the data, the individual’s version should be noted and included with any disclosure of the file.
Computer security procedures should be implemented to provide reasonable assurance against unauthorized disclosure of data. Third parties should not be given access to data without the individual’s knowledge or permission, except as required by law. Disclosures of data, other than the most routine, should be noted and maintained for as long as the data are maintained. Data should not be disclosed for reasons incompatible with the business objective for which they are collected.
© Prentice Hall, 2000 20
Protecting Intellectual Property
Copyright A statutory grant that provides the creators of
intellectual property with ownership of it for 28 years
Trade Secret Intellectual work such as a business plan, which is a
company secret and is not based on public information
Patent A document that grants the holder exclusive rights on
an invention for 17 years
© Prentice Hall, 2000 21
Copyright Protection Techniques
Digital watermarksembedding of invisible markscan be represented by bits in digital
contenthidden in the source data, becoming
inseparable from such data
© Prentice Hall, 2000 22
Legal Perspectives
Electronic Theft (NET) Actimposed criminal liability for individuals who reproduce or
distribute copies of copyrighted works even if no commercial advantage or financial gain exists
Digital Copyright Clarification and Technology Education Actlimits the scope of digital copyright infringement by allowing
distance learning exemptions
Online Copyright Liability Limitation Actseeks to protect Internet access providers from liability for
direct and vicarious liability under specific circumstances where they have no control or knowledge of infringement
© Prentice Hall, 2000 23
Legal Perspectives (cont.) Digital Millennium Copyright Act
reasserts copyright in cyberspacemakes illegal most attempts to defeat anti-copying technologyrequires the National Telecommunications and Information
Administration to review the effect the bill would have on the free flow of information and makes recommendations for any changes two years after it is signed into law
lets companies and common citizens circumvent anti-copying technology when necessary to make software or hardware compatible with other products, to conduct encryption research or to keep personal information from being spread via Internet “cookies” or other copy-protection tools
forbids excessive copying of databases, even when those databases contain information already in the public domain
© Prentice Hall, 2000 24
International Aspects of Intellectual Property
The World Intellectual Property Organization more than 60 member countries to come up with an
international treaty part of the agreement is called the ‘database treaty’ its aim is to protect the investment of firms that
collect and arrange information
© Prentice Hall, 2000 25
Domain Names
Two controversies Whether top-level domain names
(similar to com, org and gov) should be added
The use of trademark names by companies for domain names that belong to other companies
© Prentice Hall, 2000 26
Domain Names (cont.)
Network Solutions Inc. Contracted by the government to assign domain
addresses
Trade Name Disputes Companies are using trade names of other
companies as their domain address to help attract traffic to their Web site
Increase Top Level Names Idea is that an adult only top-level name will be created
to prevent pornographic material getting into the hands of children
© Prentice Hall, 2000 27
Defining Freedom of Speech
The Bill of Rights First Amendment to the Constitution of the U.S. of America reads
“Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press; or the right of the people peaceably to assemble, and to petition the government for a redress of grievances.”
© Prentice Hall, 2000 28
The united nations Universal Declaration of Human Rights in 1948 addresses the right of freedom of expression
“Everyone has the right to freedom of opinion and expression; this right includes freedom to hold opinions without interference and to seek, receive, and impart information and ideas through any media and regardless of frontiers.”
Defining Freedom of Speech (cont.)
© Prentice Hall, 2000 29
The Debate about Free Speechon the Internet
Free speech debate “Most citizens are implacably opposed to censorship in
any form — except censorship of whatever they personally happen to find offensive.”
What the boundaries are, and how they should be enforced
Governments protective of their role in society, parents
concerned about exposing their children to inappropriate Web
pages and chat rooms, and federal agencies attempting to
deal with illegal actions
Citizen action groups desiring to protect every ounce of their
freedom to speak, individuals concerned about their right to
information on the Internet, and organizations seeking to empower
the citizens of the earth
© Prentice Hall, 2000 30
The Debate about Free Speechon the Internet (cont.)
Provisions in law for 2 cases that limit free speechobscene materialcompelling government interest
“Indecency” “any comment, request, suggestion, proposal, image, or other communication that, in context, depicts or describes, in terms patently offensive as measured by contemporary
community standards, sexual or excretory activities or organs”
© Prentice Hall, 2000 31
Protecting Children
3 approaches (regarding the protection of children from inappropriate material on the Internet) No information should be held back and parents
should be responsible for monitoring their own children
The government is the only one who can truly protect children from this material
To hold the Internet providers responsible for all the material and information they provide
© Prentice Hall, 2000 32
Protecting Children (cont.)
Parents Governing Their Own Children
Government Protecting the Children
Responsibility for the Internet Providers
Forcing Internet Providers to be Accountable
© Prentice Hall, 2000 33
Legal Perspectives in the USA
Child Online Protection Act
Internet Tax Freedom Act
Family Friendly Internet Access Act
Internet Protection Act
Internet School Filtering Act
© Prentice Hall, 2000 34
Controlling Spamming
What is spamming, why is it bad?
Spamming “the practice of indiscriminate distribution of messages (for
example junk mail) without permission of the receiver and without consideration for the messages’ appropriateness”
Spamming’s negative impacts Spam comprised 30% of all mail sent on America Online
slowing the Internet in general shutting ISPs down completely now less than 10%
© Prentice Hall, 2000 35
Legislation, Legal
The Electronic Mailbox Protection Act
The Unsolicited Commercial Electronic Mail Act
The Netizens Protection Act
The Telephone Consumer Protection Act
Controlling Spamming (cont.)
© Prentice Hall, 2000 36
Controlling Spamming (cont.)
How to cut spamming
Tell users not to validate their addresses by answering spam requests for replies if they want to be taken off mailing lists
Disable the relay feature on SMTP (mail) servers so mail cannot be bounced off the server
Delete spam and forget it— it’s a fact of life and not worth wasting time over
Use software packages, e.g. www.getlost.com and www.junkbusters.com
© Prentice Hall, 2000 37
Taxation PoliciesThe Taxation Exemption Debate
Internet Tax Freedom Act (8 Oct,98)promotes electronic commerce through tax incentives by
barring any new state or local sales taxes on Internet transactions during the next three years
Applying existing law to new mediums of exchange is far more difficult than ever imagined. The global nature of business today
suggests that cyberspace be considered a distinct tax zone unto
itself with unique rules and considerations befitting the stature
of the environment.
Electronic commerce industries
The Internet businesses must pay its fair share of the bill for the nation’s social and physical infrastructure. They feel
that the Internet industries are not pulling their own weight. These companies are screaming that the same situation exists in the mail order business and that there are sufficient parallels to warrant similar
legal considerations.
Non-electronic commerce industries
© Prentice Hall, 2000 38
Taxation Policies (cont.)Proposed Taxation Solutions in the USA
The Internal Revenue Service might “come to the rescue” with a single and
simplified national sales tax.
This will reduce 30,000 different tax codes to ‘no
more than 50”.
Net sales would be taxed at the same rate as mail order or
Main Street transactions.
While states could set their one rate, each sale could be
taxed only once.38
© Prentice Hall, 2000 39
Encryption Policy
The 128-BIT Encryption Debate Export 128-bit encryption is 3.09X10 to the 26th
power times more difficult to decipher than the preceding legally exportable technology.
For the past 20 years there was a limitation
on exported encryption devices of 56 bit codes
Recent legislation allows 128 bit in
specific circumstances thus paving the way for
the Compaq permit
Secure e-commerce Government’s legal requirements
© Prentice Hall, 2000 40
Encryption Policy (cont.)
Data Encryption Standard (DES) A published federal encryption standard created to
protect unclassified computer data and communications Law Enforcement’s Plea
Cryptographers would follow an audit trail to ensure that keys haven’t been released improperly, however, law enforcement does not trust that process
First Amendment RightTechnology can encrypt so thoroughly, that every computer on
earth, working in tandem, would take trillions of years to decode the encryption
Business ViewEFF (Electronic Frontier Foundation) believes that
software, networked communications and cryptography industries are suffering
© Prentice Hall, 2000 41
Other Legal Issues What are the rules of electronic contracting, and whose jurisdiction
prevails when buyers, brokers, and sellers are in different states and/or countries?
How can gambling be controlled on the Internet? Gambling is legal in Nevada and other states. How can the winner’s tax be collected?
When are electronic documents admissible evidence in the courts of law? What do you do if they are not?
Time and place can carry different dates for the buyers and sellers when they are across the ocean.
Is a digital signature legal? The use of multiple networks and trading partners makes the
documentation of responsibility difficult. How is such a problem overcome?
© Prentice Hall, 2000 42
Electronic Contracts
Uniform Electronic Transactions Act Provides the means to effectuate transactions
accomplished through an electronic medium
Uniform Commercial Code (UCC) Provides a government code that supports
existing and future electronic technologies in the exchange of goods or of services related to exchange of goods
© Prentice Hall, 2000 43
Electronic Contracts (cont.)
Shrink-wrap agreements (or box top licenses) The user is bound to the license by opening the package This has been a point of contention for some time The court felt that more information would provide more
benefit to the consumer given the limited space available on the exterior of the package
Click-wrap contracts The software vendor offers to sell or license the use of the
software according to the terms accompanying the software The buyer agrees to be bound by the terms based on certain
conduct
© Prentice Hall, 2000 44
Fraud on the Internet
Internet Stocks Fraud SEC brought charges against 44 companies and individuals who illegally
promoted stocks on computer bulletin boards, online newsletters and investment Web sites
Other Financial Fraud Selling bogus investments, phantom business opportunities, and other
fraud schemes
Other Fraud in EC Customers may
receive poor quality products and servicesnot get products in timebe asked to pay for things they assume will be paid for by sellers
© Prentice Hall, 2000 45
Federal Trade Commission (FTC) Consumer Alerts
Business opportunitiesBulk mail solicitors Investment opportunitiesWork-at-home schemesHealth and diet schemes Effortless incomeGuaranteed loans or credit,
on easy terms
Free goodsChain lettersCable descrambler kitsCredit repair Vacation prize
promotions
The “Dirty Dozen”
© Prentice Hall, 2000 46
Buyer Protection
Tips for safe electronic shopping Look for reliable brand names at sites. Search any unfamiliar site for address and phone
and fax number. Call up and quiz a person about the sellers.
Check the seller with the local Chamber of Commerce, Better Business Bureau, or TRUSTe as described later.
Investigate how secure the seller’s site is and how well it is organized.
© Prentice Hall, 2000 47
Examine the money-back guarantees, warranties, and service agreements.
Compare prices to those in regular stores; too-low prices may be too good to be true.
Ask friends what they know. Find testimonials and endorsements.
Find out what you can do in case of a dispute. Consult the National Fraud Information Center. Check www.consumerworld.org Do not forget the you have shopper’s rights.
Buyer Protection
© Prentice Hall, 2000 48
Third Party Service
Public organizations and private companies attempt to protect consumers TRUSTe’s “Trustmark”
non-profit groupto build user’s trust and confidence in the Internet by
promoting the polices of disclosure and informed consent
BBB (Better Business Bureau)private non-profit organizations supported largely by
membershipto provide reports on business firms that are helpful to
consumers before making a purchase
© Prentice Hall, 2000 49
Authentication
If authentication can be solved ….. students will be able to take exams online fraud of recipients of government entitlements and other
payments will be reduced to a bare minimum buyers will be assured who the sellers are and sellers will
know who the buyers are with a very high degree of confidence
arrangements will be made so that only authorized people in companies can place purchasing orders
interviews for employment, possible marriage, and other matching applications will be accurate
trust in your partners and in EC in general will increase significantly
© Prentice Hall, 2000 50
Biometrics Controls
Photo of faceFingerprintsHand geometryBlood vessel pattern in the retina of a
person’s eyeVoiceSignatureKeystroke dynamics
Cathy .
© Prentice Hall, 2000 51
Seller Protection
Sellers must be protected against: Use of their names by others Use of their unique words and phrases, names, and slogans
and their web addresses Dealing with customers that deny that they placed an order Several other potential legal issues are related to sellers’
protection Customers downloading copyrighted software and/or
knowledge and selling it to others Not being properly paid for products and services provided
© Prentice Hall, 2000 52
Managerial Issues
Multinational corporations face different cultures in the different countries in which they are doing business
Issues of privacy, ethics, and so on may seem to be tangential to running a business, but ignoring them may hinder the operation of many organizations
The impact of electronic commerce and the Internet can be so strong that the entire manner in which companies do business will be changed, with significant impacts on procedures, people, organizational structure, management, and business processes