1
© Prentice Hall, 2000
Chapter 10
Public Policy:
From Legal Issues to Privacy
© Prentice Hall, 2000
2
Learning Objectives
❚
List and describe the major legal issues related
to electronic commerce
❚
Understand the difficulties of protecting privacy
and describe the measures taken by companies
and individuals to protect it
❚
Describe the intellectual property issues in EC
and the measures provided for its protection
❚
Describe some of the ethical issues in EC and
the measures taken by organizations to improve
ethics
© Prentice Hall, 2000
3
Learning Objectives (cont.)
❚
Understand the conflict between Internet indecency
and free speech, and the attempts to resolve the
conflict
❚
Describe the issues involved in imposing sales tax
on the Internet
❚
Discuss the controls over exporting encryption
software and the issues of government policies
❚
Differentiate between contracts online and offline
❚
Describe the measures available to protect buyers
and sellers on the Internet
© Prentice Hall, 2000
4
Legal and Ethical Issues: an Overview
❚
Privacy
❚
Intellectual Property
❙
Difficult to protect since it is easy and inexpensive to copy and
disseminate digitized information
❚
Free Speech
❙
Internet provides the largest opportunity for free speech
❚
Taxation
❙
Illegal to impose new sales taxes on Internet business at the
present time
❚
Consumer Protection
❙
Many legal issues are related to electronic trade
© Prentice Hall, 2000
5
Ethical Issues
❚
What is considered to be right and wrong?
❚
What is unethical is not necessarily illegal.
❚
Whether these actions are considered unethical
depends on the organization, country, and the
specific circumstances surrounding the scenarios.
© Prentice Hall, 2000
6
Ethical Issues (cont.)
❚
Code of Ethics
❙
Many companies and professional
organizations develop their own codes of
ethics
❙
A collection of principles intended as a
guide for its members
❙
A guide for members of a company or an
association
© Prentice Hall, 2000
7
❙
Privacy
❘
Collection, storage,
and dissemination of
information about
individuals
❙
Accuracy
❘
Authenticity, fidelity, and
accuracy of information
collected and processed
❙
Property
❘
Ownership and value of
information and
intellectual property
❙
Accessibility
❘
Right to access information
and payment of fees to
access it
Organize IT Ethical Issues into a
Framework
© Prentice Hall, 2000
8
Protecting Privacy
❚
Privacy
❙
The right to be left alone and the right to be
free of unreasonable personal intrusions
❚
Information Privacy
❙
The “claim of individuals, groups, or
institutions to determine for themselves
when, and to what extent, information
about them is communicated to others”
© Prentice Hall, 2000
9
Protecting Privacy (cont.)
❚
Two rules
❶
The right of privacy is not absolute.
Privacy must be balanced against
the needs of society.
❷
The public’s right to know is superior
to the individual’s right of privacy.
© Prentice Hall, 2000
10
How is Private Information
Collected?
❙
Reading your newsgroups’ postings
❙
Finding you in the Internet Directory
❙
Making your browser record information about you
❙
Recording what your browsers say about you
❙
Reading your e-mail
© Prentice Hall, 2000
11
Web-Site Self-Registration
❙
Registration Questionnaires
❘
type in private information in order to receive a password
to participate in a lottery, to receive information, or to play
a game
❙
Uses of the Private Information
❘
collected for planning the business
❘
may be sold to a third party
❘
used in an inappropriate manner
© Prentice Hall, 2000
12
❙
40% of all users have falsified information when registering
online
❙
66% of all U.S. and European respondents don’t register as
they don’t know how the information is going to be used
❙
63% don’t feel that registration is worthwhile considering the
content of the sites
❙
58% don’t trust the sites collecting this information from
them
From the Eighth User Survey by
GVU (1988)
© Prentice Hall, 2000
13
Cookies
❙
Piece of information that allows a Web site
to record one’s comings and goings
❘
Web sites can ‘remember’ information about
users and respond to their preferences on a
particular site, process is transparent to users
❘
Web sites can maintain information on a
particular user across HTTP connections
© Prentice Hall, 2000
14
❙
Reasons for using cookies
❘
to personalize information
❘
to improve online sales/services
❘
to simplify tracking of popular links or demographics
❘
to keep sites fresh and relevant to the user’s interests
❘
to enable subscribers to log in without having to enter a password every
visit
❘
to keep track of a customer’s search preferences
❘
personal profiles created are more accurate than self-registration
❙
Solutions to cookies
❘
users can delete cookie files stored in their computer
❘
use of anti-cookie software (e.g. Cookie Cutter and Anonymous Cookie)
Cook
Cookies (cont.)
© Prentice Hall, 2000
15
Privacy Protection
❙
5 basic principles
❘
Notice/Awareness— Customers must be given notice and be able
to make informed decisions.
❘
Choice/Consent— Customers must be made aware of their options
as to how their personal information may be used. Consent may be
granted through ‘opt-Out’ clauses requiring steps.
❘
Access/Participation— Consumers must be able to access their
personal information and challenge the validity of the data.
❘
Integrity/security— Consumers must be assured that the data is
secure and accurate.
❘
Enforcement/Redress— There must always exist a method of
enforcement and remedy. The alternatives are government
intervention, legislation for private remedies, or self-regulation.
© Prentice Hall, 2000
16
Protecting Your Privacy
❙
Think before you give out personal information on a site
❙
Track the use of your name and information
❙
Keep your newsgroups’ posts out of archives
❙
Use the Anonymizer when browsing
❙
Live without cookies
❙
Use anonymous remailers
❙
Use encryption
❙
Reroute your mail away form your office
❙
Ask your ISP or employer about a privacy policy
© Prentice Hall, 2000
17
Legislation
❙
The Consumer Internet Privacy Act
❙
The Federal Internet Privacy Protection
Act
❙
The Communications Privacy and
Consumer Empowerment Act
❙
The Data Privacy Act
© Prentice Hall, 2000
18
❚
Personal Information in Databases
❙
Databases of banks and financial institutions; cable
TV; telephone ; employers; schools; insurance
companies; and online vendors
❙
Concerns
❘
Under what circumstances will personal data be released?
❘
Do you know where the records are?
❘
How are the data used?
Electronic Surveillance - Monitoring
Computer Users
❚
Tens of millions of computer users are monitored,
many without their knowledge
❚
Employees have very limited protection against
employers’ surveillance
© Prentice Hall, 2000
19
Privacy Policy Basics
❍
Data Collection
❍
Data Accuracy
❍
Data Confidentiality
❏
Data should be
collected on individuals
only to accomplish a
legitimate business
objective.
❏
Data should be
adequate, relevant, and
not excessive in relation
to the business objective.
❏
Individuals must give
their consent before data
pertaining to them can be
gathered.
❏
Sensitive data gathered on
individuals should be verified
before it is entered into the
database.
❏
Data should be accurate
and, where and when
necessary, kept current.
❏
The file should be made
available so the individual can
ensure that the data are
correct.
❏
If there is disagreement
about the accuracy of the
data, the individual’s version
should be noted and included
with any disclosure of the file.
❏
Computer security procedures
should be implemented to provide
reasonable assurance against
unauthorized disclosure of data.
❏
Third parties should not be
given access to data without the
individual’s knowledge or
permission, except as required by
law.
❏
Disclosures of data, other than
the most routine, should be noted
and maintained for as long as the
data are maintained.
❏
Data should not be disclosed
for reasons incompatible with the
business objective for which they
are collected.
© Prentice Hall, 2000
20
Protecting Intellectual Property
❚
Copyright
❙
A statutory grant that provides the creators of intellectual property with ownership of it for 28 years
❚
Trade Secret
❙
Intellectual work such as a business plan, which is a company secret and is not based on public information
❚
Patent
❙
A document that grants the holder exclusive rights on an invention for 17 years
© Prentice Hall, 2000
21
Copyright Protection Techniques
❙
Digital watermarks
❘
embedding of invisible marks
❘
can be represented by bits in digital
content
❘
hidden in the source data, becoming
inseparable from such data
© Prentice Hall, 2000
22
Legal Perspectives
❙
Electronic Theft (NET) Act
❘
imposed criminal liability for individuals who reproduce
or distribute copies of copyrighted works even if no
commercial advantage or financial gain exists
❙
Digital Copyright Clarification and Technology Education Act
❘
limits the scope of digital copyright infringement by
allowing distance learning exemptions
❙
Online Copyright Liability Limitation Act
❘
seeks to protect Internet access providers from liability
for direct and vicarious liability under specific
circumstances where they have no control or
knowledge of infringement
© Prentice Hall, 2000
23
Legal Perspectives (cont.)
❙
Digital Millennium Copyright Act
❘
reasserts copyright in cyberspace
❘
makes illegal most attempts to defeat anti-copying technology
❘
requires the National Telecommunications and Information
Administration to review the effect the bill would have on the
free flow of information and makes recommendations for any
changes two years after it is signed into law
❘
lets companies and common citizens circumvent anti-copying
technology when necessary to make software or hardware
compatible with other products, to conduct encryption research
or to keep personal information from being spread via Internet
“cookies” or other copy-protection tools
❘
forbids excessive copying of databases, even when those
databases contain information already in the public domain
© Prentice Hall, 2000
24
International Aspects of Intellectual
Property
❚
The World Intellectual Property Organization
❙
more than 60 member countries to come up with
an international treaty
❙
part of the agreement is called the ‘database treaty’
❙
its aim is to protect the investment of firms that
collect and arrange information
© Prentice Hall, 2000
25
Domain Names
❚
Two controversies
❙
Whether top-level domain names
(similar to com, org and gov) should
be added
❙
The use of trademark names by
companies for domain names that
belong to other companies