Background
E-commerce and social media sites like Facebook and Twitter have become more and more popular over the years. This popularity has produced significant user privacy issues. Oftentimes people are asked to provide personal information like their home addresses, date of birth and even social security numbers by these sites. Amazon, E-bay and even tax filing sites can cause great concern for the privacy and protection of personal information that can be hacked into or distributed by anyone in this information age. (Bose, 2013)
Why the need to protect consumer privacy
There are numerous reasons for the need of protecting consumer privacy on the internet. First, the increasing number of hackers develops an unsafe online environment. (Digital Strategy Consulting, 2009) It is also the most significant cause of this issue because hackers illegally steal information through loopholes found in internet programming. Second, people provide their personal information when they do online shopping or banking services. Since companies own a large amount of consumer data, they should accept the responsibility of protecting the privacy of their customers. For the sake of generating profit, companies sometimes sell the information to advertising companies. For example, Octopus issue in August reminds customers about the importance of protecting personal information as there have been cases where a lot of personal data were sold for commercial targeting use. The third concern is that most people have no conscious sense of protecting their personal information especially on sites they see as secure. People can be naïve, so they simply give information to websites or companies even though they might not know the protective measures these sites are taking.
However, in a study conducted in the United Kingdom, people appear to be less concern of their online privacy this year compared to last year as can be gleaned from the following graph.
Source: http://econsultancy.com/ph/blog/63600-stats-internet-privacy-and-responsibility-among-consumers
Effects of cases of invasion of privacy
After revealing the causes, we are now looking into the influences deeply. The main effect is that customers will lose confidence in doing transactions online. If people understand the potential risk of the disclosure of customers’ privacy, the number of people using e-businesses will greatly be reduced. Customers’ information is as important as property in the e-business world. If privacy cannot be protected, many would not conduct business online. Another effect is that it hinders the growth of the economy. If people lose confidence in e-business, it can have negative economic consequences. All the consequences of lack of information privacy at the first glance may seem insignificant, but they really do affect us a lot. Fortunately, people are now becoming more aware of the importance of information security.
For protecting the customer privacy, no one can guarantee that the problem is uprooted. However, in view of this serious problem, the government should start to take measures before it is too late. Very often, people commit a crime because they think that the punishment is not harsh enough. Therefore, to show the determination to protect consumer privacy, the government should impose harsher punishment that is deterrent enough. Besides, it is essential to allocate more resources to establish some departments that can help protect people's privacy in e-business. In addition to punishment and establishing departments, the government should implement an education plan for young people on the importance of online privacy and security. This should be done everywhere. For example, in school, in public areas, and on television, so that it can instill the importance of privacy at a very early age.
Companies also ought to take effective measures to protect consumer privacy. One practical proposal would be that organizations should establish internal controls and physical safeguard for information security. Companies do build up security systems to control their internal enterprise. Data control and management is a critical issue for corporations. Service providers should be able to ensure the protection of customers' information especially sensitive data like credit card numbers, ID’s, and email that avoid information falling into the wrong hands. The e-business providers should keep their marketing ethics and social responsibility during the business operation. Apart from companies, consumers also have something to do in keeping information security. One measure that must be taken is to study and assess privacy risk of operations for handling personal information. Also, consumers need to have their self-regulation of the Internet usage, as it is believed that information sometimes can be shared only if consumer agrees.
It is apparent from the above suggestions that it is necessary to uproot the illegal activities on e-business. Although the hackers act illegally and steal information on Internet when there are loopholes and as a result, customers lose their confidence on having transactions online, the government should impose harsher punishment, establish some departments and educate young people about importance of respecting people’s privacy to minimize the problem. When people do business on Internet, information being exposed is inevitable. It is more important that people have their social responsibility and do control themselves. Otherwise, many people may pay a high price for it. Hopefully, with the unremitting efforts by corporations, government, and consumers, it is believed that the problems of information privacy will be eliminated in sooner rather than later. (McKenna, 2012)
Definition of the issue
There are three major drivers of the vast changes regarding notions, perceptions, and expectations of privacy: technological change, societal shifts, and discontinuities in circumstance. Major differences in the technological environment compared to what existed many decades ago, and which has a major influence on today’s social and legal practices toward governing privacy refers to technological change. The hardware essential to information technology has become incredibly more powerful. Development in processor speed, memory sizes, disk storage capacity, and networking bandwidth allow double, triple, even quadruple the amount of data to be collected, stored, and analyzed. Other tech drivers are constantly emerging, including sensor networks that capture data and connect that data to the real world. Increasingly universal networking translates into more information exchanged online. Data stores are available in electronic form for analysis. New algorithms have been established that allow extraction of information from a plethora of collected data. The end result is that new kinds of data are being collected and stored in large quantities and over long periods of time. Obscurity or difficulty of access is now less practical ways of protecting user privacy. Because information technologies are continually dropping in cost, facilities for collecting and analyzing personal information from are more readily becoming available to individuals, corporations, and governments. (Okazaki, 2009)
The next driver (societal shift) pertains to evolutionary changes in the society. This includes all the organizations, activities and the practices which utilizes technology together with their transformation and changes in the social institutions, behavior and practices of all those involve in the process. Providing personal information to institutions have been a key practice and a necessity in the day to day transactions with these organizations. Almost every transaction we have that concerns the use of technology and information systems like licensing, government transactions and business transactions require individuals to provide personal information. (Okazaki, 2009)
The last driver, discontinuities in circumstance, pertains to certain events developing concerns that immediately lead to a debates and discussions on privacy issues. The most noticeable example in recent years is about the tragedy of September 11, 2001, which transformed the nation and tossed counterterrorism and national security to the top of the concerns of the public. The SARS outbreak of ‘03 hinted at the potential for a global pandemic within such a short time frame. In the past, the Watergate scandal of 1972-1973, the Church Committee Hearings of 1976, and the attack on Pearl Harbor in 1941 could also be seen as break point events that lead to the untimely discussion and concerns on privacy and national security. These several factors suggest how our attitudes toward privacy are dependent on the context. It is difficult to formulate a precise portrayal of what privacy is. Privacy is not an easy thing to discuss as there are different points of view of what the extent of privacy is. Government and employers for example would require private information from the people while the individual themselves sees that these information should be kept within the family circles only. (Okazaki, 2009) Determining what should be left to ethics and common courtesy, what should be incentivized or discouraged, and what should be formalized into law is something that needs to be taken into consideration. Taken together, these drivers opened the minds of people to a different era on the concept of privacy. It has been likewise that this concept has largely differ from the concept looked-at decades ago. Because of the constant changes in the environment, one can never predict the perception of privacy in the coming days or years.
Sources of the breach of information privacy come in many forms. However, in today’s current set-up, mobile devices are one of the top means of stealing or acquiring private information. Below is a graph that shows the types of mobile devices based on their security measures as studied in 2012 by dimensionalresearch.com.
Source: http://www.checkpoint.com/downloads/products/check-point-mobile-security-survey-report.pdf
Past and Current Efforts
Resolutions
Web sites need to be careful with all of their information they store. Cookies are the most common sources of information on the sites an individual has visited. This information is stored on a textfile. Well-designed cookies on a website proved to be useful as they allow the user to comeback to a restricted site without needing to enter again their credentials since these are already stored on the cookie file. However, cookies can also be sources of information for those who want to “intrude” your private information online. This data can be used as a medium to obtain restricted information on the sites that you visited. This problem can be corrected by web developers through the installation of encryption software that encrypts the data entered collected by the cookie. (Butchanan et.al., 2007)
The use of Virtual Private Networks (VPN) is another technology that has been utilized by today’s computer scientist to instill security of computer systems. It serves as a watchdog between a corporate’s network and the larger network which is the internet. With this, hackers are provided entry barriers. Although this doesn’t fully bar hackers to enter a company’s network, it has proven to be a good security method when used hand in hand with encryption.
Firewalls on the other hand had been a long standing technology used for securing systems but firewalls are not enough. These are usually used along VPNs to increase the security among business systems. (Perez, 2007) One strength of firewalls is that they are capable of supporting a wide range of authentication schemes. This is especially helpful today when rampant identify theft and fraud have been reported especially on the use of credit cards for online payments. If a company has a firewall well in place, it adds up to about 90% protections of leakage and fraud.
With the growing e-commerce in today’s world, there is an increasing concern over internet security. Keeping privacy among individuals has been a major concern that computer scientist have been trying to solve. Security is one major concern in today’s technology. With all the efforts put in trying to increase security, still, there no guarantee that all of this technology will be able to provide 100% security. Although, we have seen that internet security has been improving, we still cannot say that they is an existing one technology that is 100% secure.
Conclusion
With its worldwide reach, the Web is a profitable distribution channel with unprecedented potential. By setting up an online business, millions of people around the world already using the Internet for transactions can be reached. Ensuring the security of online payments allows businesses to minimize risk and reach a far larger market. An SSL certificate enables you to immediately begin conducting online business securely, with authentication, message privacy, and message integrity. As a result, you can minimize risk, win customer confidence, and, ultimately, gain a competitive edge. Some believe that encryption without authentication is enough to ensure a secure Web storefront and to build trust between you and your customers. But, encryption alone is not sufficient. Unauthenticated SSL certificates provide confidentiality and integrity, but lack the third-party authentication necessary to verify that the user is actually visiting the company’s Web storefront and not an imposter’s site. Allow the receiver of a digital message to be confident of both the identity of the sender and the integrity of the message. Ensure safe online transactions that protect both customers and your business. For these reasons, it is critical that your Web storefront is authenticated, which will improve Web visitors’ trust in you and your Web storefront. Furthermore, if certificates can be issued to unauthorized parties, the trustworthiness of legitimate certificates is diminished. Requiring verification of the certificate applicant’s authority to request a certificate which guards against the threat of issuing a certificate to a malicious individual who is not associated with the organization. (McLaughlin, 2011) An authenticated SSL certificate provides the ultimate in credibility for your online storefront. Rigorous authentication practices set by industry standards provide assurance that subscribers are properly identified and authenticated, and subscriber certificate requests are accurate, authorized, and complete. In addition, by displaying a Secure Site Seal, you can give your customers the confidence to communicate and transact business with your site. A Secure Site Seal allows your visitors to check your SSL certificate’s information and status in real time, and provides additional protection against the misuse of revoked and expired certificates. Finally, rigorous authentication practices, as well as leading-edge cryptographic techniques and ultra secure facilities are designed to maximize you and your customers’ confidence. These practices, technology, and infrastructure are the foundation for server certificates to secure transactions, working in conjunction with your Web storefront server.
Works Cited:
Bose, Utpal (2013). "Analyzing the Ethical Dilemma between Protecting Consumer Privacy and Marketing Customer Data." International Journal of Dependable and Trustworthy Information Systems (IJDTIS) 2.3 (2013): 55-68.
Buchanan, T., Paine, C., Joinson, A. N., Reips U. (2007). Development of Measures of Online Privacy Concern and Protection for Use on the Internet, JOURNAL OF THE AMERICAN SOCIETY FOR INFORMATION SCIENCE AND TECHNOLOGY, 58(2), p157–165
Digital Strategy Consulting (2009), “Digital Strategy Consulting & Partners” Report.
Ifeng.com (November, 1st,2010) Retrieved on November 20th, 2013 from http://tech.ifeng.com/internet/detail_2010_11/01/2965668_0.shtml
Dimensional Research (January 2012). “Information Security: A survey of IT Professionals”. Retrieved from http://www.checkpoint.com/downloads/products/check-point-mobile-security-survey-report.pdf
Lee, Newton (2013). "Consumer Privacy in the Age of Big Data." Facebook Nation. Springer New York, 2013. 61-66.
McKenna, Eoghan, Ian Richardson, and Murray Thomson (2012). "Smart meter data: Balancing consumer privacy concerns with legitimate applications." Energy Policy 41 (2012): 807-814.
McLaughlin, Stephen, Patrick McDaniel, and William Aiello (2011). "Protecting consumer privacy from electric load monitoring." Proceedings of the 18th ACM conference on Computer and communications security. ACM, 2011.
Okazaki, Shintaro, Hairong Li, and Morikazu Hirose (2009). "Consumer privacy concerns and preference for degree of regulatory control." Journal of Advertising 38.4 (2009): 63-77.
Perez, J. C. (November, 30th, 2007) Facebook's Beacon More Intrusive Than Previously Thought, PC World, 2007. Retrieved on November 20th, 2013 from http://www.isy.vcu.edu/~jsutherl/Info658/FBOOKADS8.doc
Richards, Luke (18 October 2013). “Stats: internet privacy and responsibility among consumers” Retrieved on December 7th, 2013 from http://econsultancy.com/ph/blog/63600-stats-internet-privacy-and-responsibility-among-consumers