1 Establishing Trust in Electronic Commerce With Special Reference to Consumer Data Protection and Privacy Trevor R. Stewart New Orleans, August 1998.

Slides:



Advertisements
Similar presentations
June 27, 2005 Preparing your Implementation Plan.
Advertisements

Regional Economic Integration Chapter 8
Cost Management ACCOUNTING AND CONTROL
Assurance Services Independent professional services that “improve the quality of information, or its context, for decision makers” Assurance service encompass.
Chapter 1 The Study of Body Function Image PowerPoint
EU Privacy Directive. What is a directive? A piece of European legislation, passed by bureaucrats, addressed to member states Member states must ensure.
2 Session Objectives Increase participant understanding of effective financial monitoring based upon risk assessments of sub-grantees Increase participant.
© fedict All rights reserved Legal aspects Belgian electronic identity card Samoera Jacobs – November 2008.
ASYCUDA Overview … a summary of the objectives of ASYCUDA implementation projects and features of the software for the Customs computer system.
Hamid Dom Reg WS March 04 1 INTRODUCTION THE GATS and DOMESTIC REGULATION.
1 Regulatory Reform of Domestic Regulations in the Telecommunications Sector - Japanese Experience- FURUICHI, Hirohisa Senior Advisor General Affairs Division.
© Copyright International Telecommunication Union (ITU). All Rights Reserved page - 1 Alexander NTOKO Project Manager, ITU Electronic Commerce.
ILO Convention N o. 189 ILO Recommendation N o. 201 DECENT WORK FOR DOMESTIC WORKERS.
Implications for the Regions EU-Regional Policy 1 Governance White Paper Introduction Adoption of White Paper on European Governance, July 25, 2001 Aim:
The Managing Authority –Keystone of the Control System
Mr. ALI GORKEM & Mr. BURAK KEMERCI MARITIME EXPERTS PRIME MINISTRY UNDERSECRETARIAT FOR MARITIME AFFAIRS Ship Recycling Technology & Knowledge Transfer.
Module N° 7 – Introduction to SMS
E-Marketplaces.
Public B2B Exchanges and Support Services
Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13
Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13
HIPAA AWARENESS TRAINING
1 Long term changes to P3P Long Term Future of P3P Workshop Giles Hogben Joint Research Centre European Commission.
The Legal Foundation TRICARE Management Activity HEALTH AFFAIRS 2009 Data Protection Seminar TMA Privacy Office.
Privacy Impact Assessment Future Directions TRICARE Management Activity HEALTH AFFAIRS 2009 Data Protection Seminar TMA Privacy Office.
Category Management Association Certification Mission Statement: To advancing professional standards in category management The Association is.
Fact-finding Techniques Transparencies
Marketing Essentials Section 32.2 Credit
formulation of national trade policies
MARKETING INFORMATION AND RESEARCH
International Privacy Laws Ashley Michele Green Sensitive Information in a Wired World October 30, 2003.
IBM’s Transformation to a Services Company and the Growth of Digital Trade Michael DiPaula-Coyle IBM Governmental Programs.
Additional Assurance Services: Other Information
©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley The Demand for Audit and Assurance Services Chapter.
Creating and Capturing Customer Value
VOORBLAD.
1 Regulation of Sponsors and Independent Financial Advisers Joint HKEx / SFC Press Conference 19 October 2004.
Privacy Reporting and Investment Certification TRICARE Management Activity HEALTH AFFAIRS 2009 Data Protection Seminar TMA Privacy Office.
Dave Chaffey, E-Business and E-Commerce Management, 4 th Edition, © Marketing Insights Limited 2009 Slide 1.1 Introduction to e-business and e-commerce.
Global E-Commerce Back to Table of Contents.
Electronic commerce EDI (8 decade) – base of EC – “Netscape” – propose SSL (Secure Sockets Layer) 1995 – “Amazon.com” “eBay.com” 1998 – DSL (Digital.
25 seconds left…...
1 Review of the EU regulatory framework for electronic communications Stephen Banable European Commission DG Information Society and Media ITU Conference.
Sedex: Registration and Account Set Up Instructions
McGraw-Hill/Irwin Copyright © 2010 by The McGraw-Hill Companies, Inc. All rights reserved. Global Business and Accounting Chapter 15.
1 Budapest, June 14, Cross border communication among registers - Practical aspects - Yves Gonner Managing director - Trade and Companies Register.
Privacy on the WEB Privacy on the WEB Group 0227 Efrain Castro, Dinesh Parmer, Michael Raiford Robert Reich, Kim Walker, Claudia Worme.
® NSTIC’s Effects on Privacy The Need to Balance Identity and Privacy- Protection with Market Forces in the National Strategy for Trusted Identities in.
NORMAPME ISO User Guide for European SMEs The essence of.
The Internet industry’s privacy seal program Silicon Valley Web Guild.
6/1/2015MINISTRY OF ENERGY, COMMUNICATIONS AND MULTIMEDIA 1 PRESENTATION OF PERSONAL DATA PROTECTION BILL PRESENTATION OF PERSONAL DATA PROTECTION BILL.
Managing Personal Information - Australian Companies Outsourcing to India and the Philippines Professor Margaret Jackson and Marita Shelly.
Per Anders Eriksson
The U.S.-E.U. Safe Harbor Framework The U.S.-E.U. Safe Harbor Framework New Developments in Data Flows, Standards, & Compliance Damon Greer U.S. Department.
Transborder dataflows Flow of information across national borders Much of this data involves personal information.
Personal Data Privacy and The Internet by Stephen Lau Privacy Commissioner for Personal Data, Hong Kong SAR at the Joint Conference of the OECD, HCOPIL,
Privacy Codes of Conduct as a self- regulatory approach to cope with restrictions on transborder data flow Dr. Anja Miedbrodt Exemplified with the help.
1 Click to Check Public FTAA.ecom/inf/122 February 13, 2002 Original: English.
The European influence on privacy law and practice Nigel Waters, Pacific Privacy Consulting International Dimension of E-commerce and Cyberspace Regulation.
A Perspective: Data Flow Governance in Asia Pacific & APEC Framework Martin Abrams October 21, 2008.
Secure e-Business Chartered Accountants of Canada Comptables agréés du Canada Overview of WebTrust TM.
IBT - Electronic Commerce Privacy Concerns Victor H. Bouganim WCL, American University.
Malcolm Crompton APEC Information Privacy Framework: review, impact, & progress APEC Symposium on Information Privacy Protection in E Government & E Commerce.
PROTECTION OF PERSONAL DATA. OECD GUIDELINES: BASIC PRINCIPLES OF NATIONAL APPLICATION Collection Limitation Principle There should be limits to the collection.
Privacy Advisory Services … … A Best Practices, Integrated Approach Insert Firm Name Here.
APEC Privacy Framework “The lack of consumer trust and confidence in the privacy and security of online transactions and information networks is one element.
MGMT 452 Corporate Social Responsibility
Presentation transcript:

1 Establishing Trust in Electronic Commerce With Special Reference to Consumer Data Protection and Privacy Trevor R. Stewart New Orleans, August 1998

IndustrializationTransportationComputerizationVirtualizationCommunication Beyond... Technological Shaping Forces

3 Phenomenal growth Total bandwidth increasing 300% annually Internet traffic doubling every 100 days Amount of e-business on the Internet doubling annually Internet community growing 50% annually 130 million people on-line as of June 1998 Web adopted faster than any previous technology E-business on the Internet could exceed $1 trillion by 2002

n Exploding connectivity is n Revolutionizing interaction, which will n Force fundamental change in business, and n Precipitate the transformation of entire industries, which will n Make possible new ways to serve, sell, buy and organize A Revolution in Interaction

Trust in the new cyberspace frontier 4 Security 4 Privacy 4 Assurance Trust, but verify Ronald Reagan

6 Privacy and data protection are major concerns

7

8

9

10 Consumer concerns online n Violations of privacy (snooping) n Misuse of private information by an organization to whom it has been entrusted n Theft of personal information from organization to whom it has been entrusted n Corruption of personal information n Theft of identity n Fraud, theft n Harassers, stalkers, pedophiles, and other sundry weirdoes

11 Useful feature or invasion of privacy?

12 Approaches to Privacy and Data Protection 1980, OECD, Guidelines on the Protection of Privacy and Transborder Flows of Personal Data; 1998, Focus on the Internet 1974, U.S., Privacy Act of 1974 Legislative Approach 1995, European Union, Directive on Data Protection Also: n Hong Kong n New Zealand n Taiwan n others... Self-regulatory Approach 1997, U.S., Framework for Global Electronic Commerce Also: n Canada n Japan n Australia n others...

13 The self-regulatory approach

14 Principles of Fair Information Practices Awareness. Consumers should be informed about what information is being collected, who is collecting it, and how it will be used Choice. Consumers should be allowed to choose whether and how their personal information is used, and choices should be easy to exercise Data Quality. Companies should ensure that the information they collect is accurate Data Security. Companies must protect the information they collect Consumer Access. Consumers should have reasonable access to information about them and be able to correct it

15 Effective Self-Regulatory Enforcement Mechanisms Consumer recourse. Companies should offer consumers readily available and affordable mechanisms for resolving complaints Verification. Companies assertions about privacy practices and their implementation should be independently verified Consequences. Failure to comply with fair information practices should have consequences that are stiff enough to be meaningful and swift enough to assure consumers that their concerns are addressed in a timely fashion

16 The Internet Industry is getting involved n The Internet Alliance (IA) n Commercial Internet Exchange (CIX) n Information Technology Association of America (ITAA) n Interactive Industry Association n Software Publishers Association n Direct Marketing Association n Online Privacy Alliance

17 Platform for Privacy Preferences (P3P) n Complements regulatory and self-regulatory approaches to privacy n P3P is a specification of syntax and semantics for describing both information practices and data elements n Enables consumers to: n Profile themselves once n Choose what information may be collected about them, and how it may be used and disclosed

18 1. Web site declares privacy practices and makes a data request through a machine-readable P3P proposal 2. Users Web browser parses the request and compares it with the privacy preferences set by the user 3. If there is a match, the transaction proceeds seamlessly 4. If not, the user is informed about the data request and the Web sites privacy practices and given an opportunity to agree or exit the site P3P draft published May 1998 How P3P Works

19 Seal programs Compliance with WebTrust criteria including data protection Membership of Better Business Bureau Compliance with privacy statement

20

21 Customer assurance, the WebTrust seal of approval The WebTrust Service n CPA provides assurance that website complies with criteria for good business practice n Seal of Assurance visible on the website n Seal refreshed every 3 months n Work performed under professional attest standards n VeriSign controls issuance, expiration, revocation Chartered Accountants of Canada Comptables agréés du Canada The WebTrust Criteria n Business Practices Disclosure n Business terms and conditions n Warranty, complaints, claims, etc. n Transaction Integrity Controls n Order and billing accuracy and completeness n Information Protection n Secure transmissions over Internet n Protection of private information n Permission to perform activities on customers computer

22WebTrust

23 WebTrust

24 The legislative approach

25 n 1400 Web sites sampled March 1998 n 85% collect personal information n 14% have information practice statements n 2% have comprehensive privacy policies n …industrys efforts to encourage the most basic fair information practice principle - notice - have fallen far short of what is needed to protect consumers Privacy Online A Report to Congress JUNE 1998 n Recommend legislation to protect children n This summer will recommend an appropriate response to protect the privacy of all online consumers

26 Accordingly, the Commission believes that, unless industry can demonstrate that it has developed and implemented broad-based and effective self- regulatory programs by the end of this year, additional governmental authority in this area would be appropriate and necessary. July 21 Testimony to the House Subcommittee on Telecommunications, Trade and Consumer Protection, n Encouraging signs that the private sector is attempting to address consumer concerns about online privacy. n Considerable barriers to be surmounted for self-regulation to work. n An effective enforcement mechanism is crucial. n It will be difficult for self- regulatory programs to govern all or even most commercial Web sites. continued...

27 European Union Directive on Data Protection n Requires all 15 member states to enact strict privacy laws n Prohibits transfer of personal information to other countries that the EU determines lack adequate protection of privacy (Article 25) n Effective October 25, 1998 n Question 1: Is privacy adequately protected in the U.S? n Question 2: If not, so what?

28 Stay Tuned... n Increasing public awareness of and concern about issues n Increased private sector activism n Showdown with European Union in 1998? n U.S. privacy legislation in 1999?

29 Establishing Trust in Electronic Commerce With Special Reference to Consumer Data Protection and Privacy Trevor R. Stewart New Orleans, August 1998

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.