Privacy the personal information that one shares. Security

 

Privacy
and Security

Privacy is the control
over the personal information that one shares. Security is the protection from
the attempted access to the information by unauthorized body.() . Privacy and
security is about protecting information that reveals who we are, what we do,
what we think what we believe.()With the increasing popularity of E-commerce
and the use of computer technology along with it provides higher chance of
issues relating to privacy and security.() Privacy and security are two critical
problems for both e-commerce consumers and sites. Consumers are concerned about
their personal data leaking unexpectedly or uncontrollably, and ecommerce sites
fear the financial losses associated with bad publicity, unauthorized access,
and break-ins.()

Commencing ecommerce
sites may seem easier but practically it’s not. There are many rules,
regulations and standards to comply with. Consumer privacy and handling
customer data are one of the regulations to comply with. While browsing online,
we have to log in to the sites to make a purchase and hand in different
information such as our identity, date of birth, mail address, email, bank
account and card details. If such personal information ends up in wrong hands,
it could hamper us financially. There are certain privacy laws for
collecting and storing personal information about customers that businesses
need to comply with. It is the responsibility of ecommerce sites to protect
personal information from misuse, interference, loss, and from unauthorised access,
modification or disclosure.()

Realising the need of
privacy of information, personal information is protected by the Commonwealth
Privacy Act. However, the privacy act does not cover physical privacy.()

Consumers have a right
to have their personal information kept private under the Privacy Act. Privacy
Act adhere to strict laws in social security, health, child support and
disability services.()

Under the Privacy Act
1988 , there are 13 Australian Privacy Principles regulating how way how personal
information is collected, stored, 
provide accessed to, used and disclosed.(). The
Australian Privacy Principles  contain guidelines about collecting,
storing, accessing and correcting your customers’ personal information.

The Office of the
Australian Information Commissioner (OAIC) include following tips to protect
customer’s personal information:

·        
implementing a handling process and
policy for personal information

·        
only collecting the personal information
you need

·        
only using or disclosing personal
information for the purpose it was collected

·        
accessing personal information on a
need-to-know basis

·        
keeping personal information secure

The rights, the privacy
act provides includes:

·        
being told generally what kind of
information is being collected and how it is being collected

·        
being told generally why personal
information is being collected

·        
personal information can only be
collected for a lawful purpose

·        
finding out what information we hold
about you and have it corrected if it is incorrect, out of date or incomplete, supported
by the Freedom
of Information Act 1982 

·        
advising that your personal information
must be stored securely and protected from interference or misuse

Ecommerce Data Protection 

E-commerce sites or the website owners
should pay high attention towards protection of data. As e-commerce sites
require collecting personal information, it should be registered under the Data
Protection Act, and to handle the personal data in accordance to the law. Under
data protection act, only those information can be retained which is relevant
to the business. If the customer asks to remove the information from the
previously held record, or to reveal to them, it should be done as per the law.

Protecting Your Customer’s Privacy Online

Online privacy is a major issue as
ecommerce sites collect and hold personal information about customers. Such
personal information includes customer’s name, address, email address, and the
bank account and bank card details. It is the responsibility of the ecommerce
site owner to ensure the protection of personal information and comply with the
law. Ecommerce site owners should provide privacy policy and post it on the website.
Such policy should provide the clear guidelines what kind of personal
information will be collected from visiting the website and how it will be used
and stored and to whom it will be shared. If such privacy policy fails to
comply with the law, business can face legal fees.

Privacy
Policies

The
Commonwealth has acted to address a number of e-commerce privacy issues,
initially concentrating on information flows. On 30 April 1998, the
Attorney-General announced proposed amendments to the Copyright Act
1968 to cover material on the Internet yet make exceptions for fair
dealing and ISPs. On 20 February 1998, the Attorney-General released National
Principles for the Fair Handling of Personal Information, in conjunction
with the Privacy Commissioner.(31) These raised matters of minimum general
standards, flexibility, consistency and harmony with other laws. On 31 March
1998, the Attorney-General’s Expert Group on Electronic Commerce presented a
report on Electronic Commerce: Building the Legal Framework. The report had three broad aims, to
move towards technological neutrality, create functional equivalence of all
forms of commerce and, the facilitation of international harmonisation and
standards. It thus related to matters of the legal status of information and
identification. Currently, the Privacy
Act 1988 partially implements the individual’s right to
information privacy.

On 16
April 1998, the Government released twelve Principles for Consumer
Protection in Electronic Commerce drafted by the National Advisory
Council on Consumer Affairs. The principles aim for technology neutral
accountability and disputes resolution including matters of information
provision, dispute resolution and privacy. These followed a 1997 paper from the
Human Rights and Equal Opportunity Commission on Information Privacy in
Australia.(32) The paper proposed a national self-regulatory scheme for privacy
protection in the private sector. Such matters assumed the operation of a basic
level of security on information networks presumably provided by cryptographic
systems. On 16 December 1998, the Attorney-General announced legislation to
protect the privacy of personal and other data handled by the private sector,
while exempting employment records. The plan, to be developed in consultation
with States and Territories, will endorse industry privacy codes of practice
developed under a privacy framework, rather than through regulation.

The Australian Government is working to make it
easier and more reliable to use electronic communications in business and
personal transactions. This includes a commitment to provide government
services online wherever possible.

The Electronic Transactions Act 1999 ensures
that a transaction under a Commonwealth law will not be invalid
simply because it was conducted through electronic communication.

If a Commonwealth law requires you to:

give information in writing

provide a handwritten signature

produce a document in material form

record or retain information

the Electronic Transactions Act means you can
do these things electronically.

The Act applies to all laws of the Commonwealth
unless they are specifically exempted by the Electronic Transactions Regulations 2000.The Electronic Transaction Act 1999
ensures that a transaction under a Commonwealth law will not be invalid simply
because it was conducted through electronic communication.

The
objective of this act is to provide a regulatory framework that recognizes the
importance of the information economy to the future economic and social
well-being of Australia, facilitates the use of electronic transactions.

 

Electronic Banking

Electronic
banking is one of the challenging areas of electronic methods of communication.
Financial activity involving electronic banking is regulated by common law and
the provisions of the competition and consumer Act 2010, Electronic transaction
s act 1999 and the Privacy Act 1988, together with the e-payment code which
deals with the rights and obligations of the parties to electronic transfers.
The epayments code is administered by ASIC which ensures that businesses who
have become subscribers to the code comply with its terms which include the
following:

that subscribers
give consumers clear and unambiguous terms and conditions

that
subscribers clearly set out how changes to terms and conditions (such as fee
increases), receipts and statements must be made.

the
establishment of a regime for determining who pays for unauthorized
transactions and recovery of mistaken internet payments.

If a law is exempt you may still have to use paper
forms or retain paper-based information. Most exemptions can be found in
Schedule 1 of the Regulations

E-commerce refers to business transactions that
utilize electronic networks, including the internet. The traditional way of
shopping interacting face to face are now carried out electronically.

Electronic Transactions Act 1999 (ETA) provides a
legal framework to support and encourage businesses and consumers using
electronic commerce. ETA removes legal obstacles that may prevent a person
using electronic communications to fulfil legal obligations under commonwealth
law. In may1999 the states and territories agreed to enact parallel legislation,
based on commonwealth legislation. From July 2001 the ETA has applied to all
Australian states, unless specifically excluded.

 

 

 

 

31. OPC, National Principles for the Fair Handling
of Personal Information, Office of the Privacy Commissioner, Human Rights
and Equal Opportunity Commission, February 1998.

32. HREOC, Information Privacy in Australia: A
National Scheme for Fair Information Practices in the Private Sector,
Human Rights and Equal Opportunity Commission, August 1997.

27 Norjihan bt Abdul
Ghani. (2005). Building Consumer’s Trusts toward Online Shopping : Malaysia
Scenario. Paper Presented at Seminar on E-Commerce, Port Dickson, Malaysia.

Rodgers, W 2010, E-Commerce Issues Addressed in a Throughput
Model, Nova Science Publishers, Inc., Hauppauge. Available from: ProQuest Ebook
Central. 20 January 2018.

Solanas, A, & Martinez-balleste, A 2009, Advances in
Artificial Intelligence for Privacy Protection and Security, World Scientific
Publishing Co Pte Ltd, Singapore. Available from: ProQuest Ebook Central. 20
January 2018.

Xu, J, & Quaddus, M 2014, E-Business in the 21st Century
: Realities, Challenges and Outlook, World Scientific Publishing Co Pte Ltd,
Singapore. Available from: ProQuest Ebook Central. 20 January 2018.

Chapter 39 Privacy and
Security Issues in E-Commerce Mark S. Ackerman* Donald T. Davis, Jr.† *School
of Information and † Cryptographer and Security Consultant, Department of
Electrical Engineering Somerville, MA and Computer Science, University of
Michigan