Privacy and security issues in E-commerce
By (students Name):
Course name and number:
Instructors name:
Date submitted:
Table of Contents
Title Page1
Table of Contents2
Introduction3
Executive Summary3
Security Issues in doing online business4
Mishandling of Client data5
Poor management of call lists ………………………………………………………………………………………………………………6
Cybercrime Law ……………………………………………………………………………..6
Risk of stalking and kidnappings……………………………………………………………….7
Data corruption and malicious software……………………………………………………….7
How to address these issues……………………………………………………………………8
Conclusion ………………………………………………………………………………….8
References……………………………………………………………………………………..9
Executive summary
This paper will present the security and privacy issues that evolve around doing online business and also touch on the risks identified by both parties. The report will also present solutions and recommendations that are being worked on to reduce/cushion the risk of doing business online. However, it is clear that there are security and privacy issues in doing business online.
The methods and procedures used to prepare this paper include research on the internet and published literature. Also surveys from few people who have had the online business experience. Therefore the information used in this paper is both firsthand and secondary sources. The paper can be used as a reference material for other research purposes on the same topic.
The research conducted proved that there are various risks of online business. These include data security and data corruption risks. Clients who do online transactions are at a risk of falling for non-existing companies and loss of their funds. There is a physical security risk in sharing personal information online.
To overcome the security risks that lie in doing business online, companies have to improve their data handling techniques. Online business consumers should also take time to understand how to improve security on their part to ensure that they do not fall victim to these risks.Privacy and security issues in E-commerce
Introduction
Doing online business is one of the riskiest business strategies in the world. Although business is all about risk, there should be a way to cushion a business against risk. However, this is only possible when you know whom you are dealing with, either the supplier or client. Security issues come along when a party in the business transaction, either the supplier or the client, discloses too much information to the other thus compromising their security (Battelle, 2005: 55-56). Privacy arises when one party wants to find out more about the other party, for example the supplier may snoop around the internet to find out more about the purchase thus compromising the client’s privacy. All these are issues that the businesses doing E-commerce are concerned about.
Problems associated with doing business online
There are augmenting rates of cybercrime, which is a crime that is done online. At most times, it is hard to catch the perpetuators of such crimes since the do not leave any traces behind. It is possible to commit an online crime and not to leave any trace behind because of the advanced levels of technology. People are able to hide their tracks on the internet; this is possible by using false details like names and photos to identify themselves. The use of false details is the main cause of cyber-crime; people will post false products and get others to purchase their products, while actually there are no such products (Battelle, 2005: 55-56). By posting products which do not exist, and at the same time, get people to make payments through their credits cards for the products. The wait is quite long since the products do not exist. Impersonation is a major issue in cybercrime, where people create false company websites and profiles where they claim to be a certain company. The website and profile are used to defraud unknowing members who do their shopping online. Through this, companies with great reputations are compromised since the shoppers are not able to know the real and false companies.
Security issues in doing online business
It is difficult to establish trust between people who have not met physically, but only meet online for business purposes. Most buyers online are not comfortable with giving their personal and financial details to a company whose managers remain anonymous or whose location is not clear to them. The two parties have not met physically but only meet on the internet for business purposes. Buyers do not trust the suppliers and at times are not willing to pay for goods or services before they actually see the product that they are buying. At the same time, suppliers may not be willing to supply goods and services that have not yet been paid for, or that will be paid for by a buyer, whom they only know virtually. The only businesses with no or less trust issues on the internet are the service oriented businesses, where a client can view part of the product in a tutorial and can decide whether they want the rest or not (Dixon, & Nixon, 2000: 63-74). As they make the decision, they will also be considering the price charged for the services and methods that they can use for payment of the services.
Mishandling of client data
Another privacy issue that affects online business is the mishandling of consumer information. This could be by the company itself or by those who handle the company’s data. The data is at times mishandled and leaked to other companies or the press by the company’s employees. For example, at times, the media is snooping around looking to expose people and how they make their money or spend their money. The employees who handle customer data may compromise the privacy and confidentiality of client information and leak it to the media without considering the effects of such actions (Dixon, & Nixon, 2000: 63-74). With such actions, the company may either issue a warning of such employees or fire them immediately. If customer data is not handled correctly, it may also be stolen by competing firms or other individuals with hidden agendas. Online data can be stolen by hacking into the companies systems. When such activities take place, it is easy to defraud the client whose data you have obtained thus the client is at the risk of losing property by the security of their details being compromised. Client data should be handled appropriately by each company that does business online, otherwise the company risks losing its clients due to insecurity.
Poor management of call lists
When online companies take your information by asking you to fill various forms, they ask you if you want to be on the call list or not. If a client does not understand the significance of being on the call list of a company, they may compromise their own privacy. When companies put you on their call list, they at times share your information with other companies, which provide them with telemarketing services (Engdahl, 2010: 12-15). The telemarketing companies come in as a third party in the relationship between the client and the online business. The third company may not necessarily safeguard customer data since they have no direct relationship with the customer. Such data may be shared with other companies which offer the same services. The online business firm may also terminate its contract with the telemarketing company and opt for another telemarketing company that offers cheaper rates. This means that the clients data will be shared to another company, while the first telemarketing company has the same data, the question is; what does the first company do or how does the first company dispose the data? Lack of effective methods of disposing such data presents the risk of data mishandling.
Cyber-crime law
It has been difficult to clearly state whose role it is to provide online security. Generally, the role of providing security to any citizen belongs to the government (Engdahl, 2010: 12-15). The government should provide security to all it citizens without fear or favor. However, when conducting business online, a person may be doing global business and thus be the responsibility of another jurisdiction. There is no law currently in existence that governs global business; such business is mainly governed by business ethics. Where a company operates by what it considers right and does not venture into wrongful practice. It should be the responsibility of the businesses that are doing online transactions to provide security online. They have a role to play in the creation of a conducive and secure environment for clients to do their transactions. Only the company that operates online has control over the handling client data and can manage who has access to it (Engdahl, 2010: 12-15). All governments should have laws that regulate the conduct of online business. Cybercrime law should be implemented by the specific companies that are doing online transactions with the government assisting them in enforcing and interpretation of the law. Cybercrime law should be universal since the internet and online businesses are global.
Risk of stalking and kidnappings
Online data and profiles are a passage to physical crime. This has been in the rise in third world countries where people have shared their details on the internet. The data shared in the internet is at times compromised and accessed by criminals who stalk the weak and vulnerable. An example is unaware clients who share their personal details in social media websites and company websites. Criminals who do such acts are able to hack into the company websites and track the innocent clients who have shared their information there (Lastowka, 2010: 44). Some are successful to commit their acts of crime by kidnapping the innocent victims and asking for ransom. The stalker or kidnapper befriends an innocent person online and gets to know their personal details, at this time they are interacting at a level of friendship. They advance and arrange to meet for a coffee or lunch date and at this time exchange contacts and plan for the meeting. They meet up as planned, if the innocent person is unaware of the ill intention of the “new friend”, he/she is kidnapped and a ransom is posted in order for them to return home. It may seem like all this is caused by the nativity of the client for sharing personal information on the internet but major question remains, while the forum to meet and exchange contacts was made possible by the online business.
Data corruption and malicious software
Another major security issue in doing online business is risk of data corruption and virus attacks. Some company websites are full of links, which redirect a client to other pages or websites. With numerous links and redirecting, a computer may get malicious software. Virus attacks may lead to data corruption since some files are stored in the computers and databases of the clients. Data loss is the greatest effect of such an occurrence (Murray, 2004: 74). When browsing and a link appears, a client may not be able to distinguish between a promotion link and a link to what they were browsing for. The problem lies in the design of the company’s website, where there are many links in one page. Links are meant to connect webpages and have a flow of webpages, instead of a client having to search for each page by entering the web address to them all. Links are meant to make work easier for people on the internet. However, they have a disadvantage of bringing in viruses that may corrupt a system or a network.
How to address these issues/Recommendations
One viable solution is creating universal cybercrime laws. Since the internet is a global tool, the laws used to regulate businesses in the internet should not vary from one state to another. Online business laws should be universal, so that anybody transacting their business from any location in the world knows the guidelines to their business (Samarati & Syverson, 2003: 63). These laws should have an international body, which interprets them for the people to understand. Laws do not function well if there is nobody to interpret and translate them. Policy makers in this case should consider all factors, and should be experts in the field of the internet and E-commerce because only the policy makers have an understanding of the transactions.
The second solution is providing online literacy. Ensure that before a person goes to the internet to conduct any online business, they are aware of the rules and regulations that revolve around online transactions. Governments around the world are working hard to ensure that their citizens are computer literate, which includes use of the internet. This will reduce the chances of data corruption from viruses and malicious software since people know how to go about the internet (Tancer, 2008: 10).
Companies are taking measures to improve data handling on their databases. Since data is very imperative, and should be handled in the right way, companies are channeling their resources towards ensuring that customer data is handled in the right way. This includes hiring database administrators, who are able to handle large data and using the right database software to manage company databases (Tassabehji, 2003: 72-73). Companies are also taking time to identify the right telemarketing companies, which safeguard the data issued to them. In online business, providing security is not a matter of cost rather a matter of client confidentiality.
All stakeholders are creating awareness about cybercrime. This involves providing information to everyone who is online on cybercrime and where to report cases of cyber-crime. When people are aware of the cases of cybercrime they will be able to fight it. With advancement in technology, criminals who commit cybercrime are also taking advancement and coming up with new ways of defrauding people online. As they advance in doing crime online, people are raising awareness of this advancements and how to beat them. This aims at doing away completely with cybercrime and having online business and the safest way of transacting businesses (Amoroso, 2007: 25-32).
Conclusion
There are many challenges regarding privacy and security of consumers in online businesses. The challenges revolve around data handling and cybercrime. There are the main worries, and if not well handled they could lead to discouragement to all those who want to do online business. However, all these challenges have solutions; one major solution that can turn around how online business is done is the design and implementation of cybercrime laws (Karat, Blom & Karat, 2004: 50-53). With universal cybercrime laws there will be regulations on all online transactions and it will be easier to implement them.
Bibliography
Amoroso, E. G. 2007. Cyber security, Summit, NJ: Silicon Press.
Battelle, J. 2005. The search: how Google and its rivals rewrote the rules of business and transformed our culture, New York: Portfolio.
Dixon, M., & Nixon, B. 2000. E-Banking: managing your money and transactions online, Indianapolis, Ind.: Sams.
Engdahl, S. 2010. Cybercrime, Farmington Hills, MI: Greenhaven Press.
Karat, C., Blom, J. O., & Karat, J. 2004.Designing personalized user experiences in eCommerce, Dordrecht: Kluwer Academic.
Lastowka, F. G. 2010. Virtual justice: the new laws of online worlds, New Haven, Conn.: Yale University Press.
Murray, B. H. 2004. Defending the brand aggressive strategies for protecting your brand in the online arena, New York: American Management Association.Samarati, P., & Syverson, P. F. 2003.WPES ’03: proceedings of the 2003 ACM Workshop on Privacy in the Electronic Society: Washington, DC, USA, October 30, 2003: co-located with CCS ’03. New York: Association for Computing Machinery.
Tancer, B. 2008. Click: what millions of people are doing online and why it matters, New York: Hyperion.Tassabehji, R. 2003. Applying e-commerce in business. London: Sage.