Chapter 10

Public Policy:
From Legal Issues to Privacy

Prentice Hall, 2000

Learning Objectives
List and describe the major legal issues related
to electronic commerce
Understand the difficulties of protecting privacy
and describe the measures taken by companies
and individuals to protect it
Describe the intellectual property issues in EC
and the measures provided for its protection

Describe some of the ethical issues in EC and

the measures taken by organizations to improve
ethics
Prentice Hall, 2000

Learning Objectives (cont.)

Understand the conflict between Internet
indecency and free speech, and the attempts to
resolve the conflict
Describe the issues involved in imposing sales
tax on the Internet
Discuss the controls over exporting encryption
software and the issues of government policies

Differentiate between contracts online and

offline
Describe the measures available to protect
buyers and sellers on the Internet
Prentice Hall, 2000

Legal and Ethical Issues: an Overview

Privacy
Intellectual Property
Difficult to protect since it is easy and inexpensive to
copy and disseminate digitized information

Free Speech
Internet provides the largest opportunity for free speech

Taxation
Illegal to impose new sales taxes on Internet business
at the present time

Consumer Protection
Many legal issues are related to electronic trade
Prentice Hall, 2000

Ethical Issues
What is considered to be right and wrong?
What is unethical is not necessarily illegal.
Whether these actions are considered
unethical depends on the organization,
country, and the specific circumstances
surrounding the scenarios.
Prentice Hall, 2000

Ethical Issues (cont.)

Code of Ethics
Many companies and professional
organizations develop their own codes of
ethics
A collection of principles intended as a
guide for its members
A guide for members of a company or an
association
Prentice Hall, 2000

Organize IT Ethical Issues into a

Framework
Privacy

Property

Collection, storage,
and dissemination of
information about
individuals

Accuracy

Ownership and
value of information
and intellectual
property

Accessibility

Authenticity,
fidelity, and
accuracy of
information
collected and
processed

Right to access
information and
payment of fees to
access it

Prentice Hall, 2000

Protecting Privacy
Privacy
The right to be left alone and the right to
be free of unreasonable personal
intrusions

Information Privacy
The claim of individuals, groups, or
institutions to determine for themselves
when, and to what extent, information
about them is communicated to others
Prentice Hall, 2000

Protecting Privacy (cont.)

Two rules
The right of privacy is not absolute.
Privacy must be balanced against
the needs of society.
The publics right to know is
superior to the individuals right of
privacy.
Prentice Hall, 2000

How is Private Information

Collected?
Reading your newsgroups postings
Finding you in the Internet Directory

Making your browser record information

about you
Recording what your browsers say about
you
Reading your e-mail
Prentice Hall, 2000

10

Web-Site Self-Registration
Registration Questionnaires
type in private information in order to
receive a password to participate in a
lottery, to receive information, or to play
a game

Uses of the Private Information

collected for planning the business
may be sold to a third party
used in an inappropriate manner
Prentice Hall, 2000

11

From the Eighth User Survey by

GVU (1988)
40% of all users have falsified information
when registering online
66% of all U.S. and European respondents
dont register as they dont know how the
information is going to be used
63% dont feel that registration is worthwhile
considering the content of the sites
58% dont trust the sites collecting this
information from them
Prentice Hall, 2000

12

Cookies
Piece of information that allows a Web
site to record ones comings and goings
Web sites can remember information about
users and respond to their preferences on a
particular site, process is transparent to users
Web sites can maintain information on a
particular user across HTTP connections

Prentice Hall, 2000

13

Cook (cont.)
Cookies

Reasons for using cookies

to personalize information
to improve online sales/services
to simplify tracking of popular links or demographics
to keep sites fresh and relevant to the users interests
to enable subscribers to log in without having to enter a password
every visit
to keep track of a customers search preferences
personal profiles created are more accurate than self-registration

Solutions to cookies
users can delete cookie files stored in their computer
use of anti-cookie software (e.g. Cookie Cutter and Anonymous
Cookie)
Prentice Hall, 2000

14

Privacy Protection
5 basic principles
Notice/Awareness Customers must be given notice and be
able to make informed decisions.

Choice/Consent Customers must be made aware of their

options as to how their personal information may be used.
Consent may be granted through opt-Out clauses requiring
steps.

Access/Participation Consumers must be able to access

their personal information and challenge the validity of the data.

Integrity/security Consumers must be assured that the data

is secure and accurate.

Enforcement/Redress There must always exist a method of

enforcement and remedy. The alternatives are government
intervention, legislation for private remedies, or self-regulation.
Prentice Hall, 2000

15

Protecting Your Privacy

Think before you give out personal information
on a site
Track the use of your name and information
Keep your newsgroups posts out of archives
Use the Anonymizer when browsing
Live without cookies
Use anonymous remailers
Use encryption
Reroute your mail away form your office
Ask your ISP or employer about a privacy policy
Prentice Hall, 2000

16

Legislation
The Consumer Internet Privacy Act
The Federal Internet Privacy Protection
Act
The Communications Privacy and
Consumer Empowerment Act
The Data Privacy Act

Prentice Hall, 2000

17

Electronic Surveillance - Monitoring

Computer Users
Tens of millions of computer users are
monitored, many without their knowledge
Employees have very limited protection
against employers surveillance
Personal Information in Databases
Databases of banks and financial institutions; cable
TV; telephone ; employers; schools; insurance
companies; and online vendors
Concerns
Under what circumstances will personal data be released?
Do you know where the records are?
How are the data used?
Prentice Hall, 2000

18

Privacy Policy Basics

Data Collection Data Accuracy
Data should be
collected on individuals
only to accomplish a
legitimate business
objective.
Data should be
adequate, relevant, and
not excessive in relation
to the business objective.
Individuals must give
their consent before data
pertaining to them can be
gathered.

Sensitive data gathered on

individuals should be verified
before it is entered into the
database.
Data should be accurate
and, where and when
necessary, kept current.
The file should be made
available so the individual can
ensure that the data are
correct.
If there is disagreement
about the accuracy of the
data, the individuals version
should be noted and included
with any disclosure of the file.
Prentice Hall, 2000

Data Confidentiality
Computer security procedures
should be implemented to provide
reasonable assurance against
unauthorized disclosure of data.
Third parties should not be
given access to data without the
individuals knowledge or
permission, except as required by
law.
Disclosures of data, other than
the most routine, should be noted
and maintained for as long as the
data are maintained.
Data should not be disclosed
for reasons incompatible with the
business objective for which they
are collected.
19

Protecting Intellectual Property

Copyright
A statutory grant that provides the creators of
intellectual property with ownership of it for 28
years

Trade Secret
Intellectual work such as a business plan, which
is a company secret and is not based on public
information

Patent
A document that grants the holder exclusive
rights on an invention for 17 years
Prentice Hall, 2000

20

Copyright Protection Techniques

Digital watermarks
embedding of invisible marks
can be represented by bits in digital
content
hidden in the source data, becoming
inseparable from such data

Prentice Hall, 2000

21

Legal Perspectives
Electronic Theft (NET) Act
imposed criminal liability for individuals who reproduce
or distribute copies of copyrighted works even if no
commercial advantage or financial gain exists

Digital Copyright Clarification and Technology

Education Act
limits the scope of digital copyright infringement by
allowing distance learning exemptions

Online Copyright Liability Limitation Act

seeks to protect Internet access providers from liability
for direct and vicarious liability under specific
circumstances where they have no control or
knowledge of infringement
Prentice Hall, 2000

22

Legal Perspectives (cont.)

Digital Millennium Copyright Act
reasserts copyright in cyberspace
makes illegal most attempts to defeat anti-copying
technology
requires the National Telecommunications and Information
Administration to review the effect the bill would have on the
free flow of information and makes recommendations for any
changes two years after it is signed into law
lets companies and common citizens circumvent anticopying technology when necessary to make software or
hardware compatible with other products, to conduct
encryption research or to keep personal information from
being spread via Internet cookies or other copy-protection
tools
forbids excessive copying of databases, even when those
databases contain information already in the public domain
Prentice Hall, 2000

23

International Aspects of Intellectual

Property
The World Intellectual Property
Organization
more than 60 member countries to come
up with an international treaty
part of the agreement is called the
database treaty
its aim is to protect the investment of firms
that collect and arrange information
Prentice Hall, 2000

24

Domain Names
Two controversies
Whether top-level domain names
(similar to com, org and gov) should be
added
The use of trademark names by
companies for domain names that
belong to other companies
Prentice Hall, 2000

25

Domain Names (cont.)

Network Solutions Inc.
Contracted by the government to assign domain
addresses

Increase Top Level Names

Idea is that an adult only top-level name will be
created to prevent pornographic material getting
into the hands of children

Trade Name Disputes

Companies are using trade names of other

companies as their domain address to help
attract traffic to their Web site
Prentice Hall, 2000

26

Defining Freedom of Speech

The Bill of Rights First Amendment to the
Constitution of the U.S. of America reads
Congress shall make no law respecting an
establishment of religion, or prohibiting the free
exercise thereof; or abridging the freedom of
speech, or of the press; or the right of the people
peaceably to assemble, and to petition the
government for a redress of grievances.

Prentice Hall, 2000

27

Defining Freedom of Speech

(cont.)
The united nations Universal Declaration of
Human Rights in 1948 addresses the right of
freedom of expression
Everyone has the right to freedom of opinion
and expression; this right includes freedom to
hold opinions without interference and to seek,
receive, and impart information and ideas
through any media and regardless of frontiers.

Prentice Hall, 2000

28

The Debate about Free Speech

on the Internet
Free speech debate
Most citizens are implacably opposed to censorship in
any form except censorship of whatever they
personally happen to find offensive.

What the boundaries are, and how they

should be enforced
Governments protective of their
role in society, parents concerned
about exposing their children to
inappropriate Web pages and
chat rooms, and federal agencies
attempting to deal with illegal
actions

Citizen action groups desiring to

protect every ounce of their
freedom to speak, individuals
concerned about their right to
information on the Internet, and
organizations seeking to empower
the citizens of the earth

Prentice Hall, 2000

29

The Debate about Free Speech

on the Internet (cont.)
Provisions in law for 2 cases that limit free
speech
obscene material
compelling government interest

Indecency
any comment, request, suggestion, proposal, image, or
other communication that, in context, depicts or describes,
in terms patently offensive as measured by contemporary
community standards, sexual or excretory activities or
organs

Prentice Hall, 2000

30

Protecting Children
3 approaches (regarding the protection of children
from inappropriate material on the Internet)
No information should be held back and parents
should be responsible for monitoring their own
children
The government is the only one who can truly
protect children from this material
To hold the Internet providers responsible for all
the material and information they provide

Prentice Hall, 2000

31

Protecting Children (cont.)

Parents Governing Their Own Children

Government Protecting the Children

Responsibility for the Internet Providers

Forcing Internet Providers to be Accountable

Prentice Hall, 2000

32

Legal Perspectives in the USA

Child Online Protection Act

Internet Tax Freedom Act

Family Friendly Internet Access Act

Internet Protection Act

Internet School Filtering Act

Prentice Hall, 2000

33

Controlling Spamming
What is spamming, why is it bad?
Spamming
the practice of indiscriminate distribution of messages (for
example junk mail) without permission of the receiver and
without consideration for the messages appropriateness

Spammings negative impacts

Spam comprised 30% of all mail sent on America Online
slowing the Internet in general
shutting ISPs down completely
now less than 10%
Prentice Hall, 2000

34

Controlling Spamming (cont.)

Legislation, Legal
The Electronic Mailbox Protection Act
The Unsolicited Commercial Electronic Mail Act
The Netizens Protection Act
The Telephone Consumer Protection Act

Prentice Hall, 2000

35

Controlling Spamming (cont.)

How to cut spamming
Tell users not to validate their addresses by
answering spam requests for replies if they want
to be taken off mailing lists
Disable the relay feature on SMTP (mail) servers
so mail cannot be bounced off the server
Delete spam and forget it its a fact of life and
not worth wasting time over
Use software packages, e.g. www.getlost.com
and www.junkbusters.com
Prentice Hall, 2000

36

Taxation Policies
The Taxation Exemption Debate
Internet Tax Freedom Act (8 Oct,98)
promotes electronic commerce through tax incentives by
barring any new state or local sales taxes on Internet
transactions during the next three years
Electronic commerce industries
Non-electronic commerce industries
Applying existing law to new
The Internet businesses must pay its fair
mediums of exchange is far more
share of the bill for the nations social
difficult than ever imagined. The
and physical infrastructure. They feel
global nature of business today
that the Internet industries are not pulling
suggests that cyberspace be
their own weight. These companies are
considered a distinct tax zone unto
screaming that the same situation exists
itself with unique rules and
in the mail order business and that there
considerations befitting the stature
are sufficient parallels to warrant similar
of the environment.
legal considerations.
Prentice Hall, 2000

37

Taxation Policies (cont.)

Proposed Taxation Solutions in the USA
The Internal Revenue
Service might come to the
rescue with a single and
simplified national sales tax.

This will reduce 30,000

different tax codes to no
more than 50.
Net sales would be taxed at
the same rate as mail order or
Main Street transactions.

38

Prentice Hall, 2000

While states could set their

one rate, each sale could be
taxed only once.

38

Encryption Policy
The 128-BIT Encryption Debate
Export 128-bit encryption is 3.09X10 to the 26th
power times more difficult to decipher than the
preceding legally exportable technology.
Secure e-commerce
For the past 20 years
there was a limitation
on exported encryption
devices of 56 bit codes

Governments legal requirements

Recent legislation
allows 128 bit in
specific circumstances
thus paving the way for
the Compaq permit

Prentice Hall, 2000

39

Encryption Policy (cont.)

Data Encryption Standard (DES)
A published federal encryption standard created to
protect unclassified computer data and communications
Law Enforcements Plea
Cryptographers would follow an audit trail to ensure that keys
havent been released improperly, however, law enforcement
does not trust that process

First Amendment Right

Technology can encrypt so thoroughly, that every computer on
earth, working in tandem, would take trillions of years to decode
the encryption

Business View
EFF (Electronic Frontier Foundation) believes that
software, networked communications and cryptography
industries are suffering
Prentice Hall, 2000

40

Other Legal Issues

What are the rules of electronic contracting, and whose jurisdiction
prevails when buyers, brokers, and sellers are in different states
and/or countries?
How can gambling be controlled on the Internet? Gambling is legal
in Nevada and other states. How can the winners tax be
collected?
When are electronic documents admissible evidence in the courts
of law? What do you do if they are not?
Time and place can carry different dates for the buyers and sellers
when they are across the ocean.
Is a digital signature legal?
The use of multiple networks and trading partners makes the
documentation of responsibility difficult. How is such a problem
overcome?
41
Prentice Hall, 2000

Electronic Contracts
Uniform Electronic Transactions Act
Provides the means to effectuate transactions
accomplished through an electronic medium

Uniform Commercial Code (UCC)

Provides a government code that supports
existing and future electronic technologies in the
exchange of goods or of services related to
exchange of goods

Prentice Hall, 2000

42

Electronic Contracts (cont.)

Shrink-wrap agreements (or box top licenses)
The user is bound to the license by opening the package
This has been a point of contention for some time
The court felt that more information would provide more
benefit to the consumer given the limited space available on
the exterior of the package

Click-wrap contracts
The software vendor offers to sell or license the use of the
software according to the terms accompanying the software
The buyer agrees to be bound by the terms based on
certain conduct
Prentice Hall, 2000

43

Fraud on the Internet

Internet Stocks Fraud

SEC brought charges against 44 companies and individuals

who illegally promoted stocks on computer bulletin boards,
online newsletters and investment Web sites

Other Financial Fraud

Selling bogus investments, phantom business opportunities,

and other fraud schemes

Other Fraud in EC
Customers may
receive poor quality products and services
not get products in time
be asked to pay for things they assume will be paid for by sellers
Prentice Hall, 2000

44

Federal Trade Commission (FTC)

Consumer Alerts
The Dirty Dozen
Business opportunities
Free goods
Bulk mail solicitors
Chain letters
Investment opportunities Cable descrambler kits
Work-at-home schemes
Credit repair
Health and diet schemes Vacation prize
promotions
Effortless income
Guaranteed loans or credit,
on easy terms
Prentice Hall, 2000

45

Buyer Protection
Tips for safe electronic shopping
Look for reliable brand names at sites.
Search any unfamiliar site for address and
phone and fax number. Call up and quiz a person
about the sellers.
Check the seller with the local Chamber of
Commerce, Better Business Bureau, or TRUSTe
as described later.
Investigate how secure the sellers site is and
how well it is organized.
Prentice Hall, 2000

46

Buyer Protection
Examine the money-back guarantees,
warranties, and service agreements.
Compare prices to those in regular stores; toolow prices may be too good to be true.
Ask friends what they know. Find testimonials
and endorsements.
Find out what you can do in case of a dispute.
Consult the National Fraud Information Center.
Check www.consumerworld.org
Do not forget the you have shoppers rights.
Prentice Hall, 2000

47

Third Party Service

Public organizations and private companies
attempt to protect consumers
TRUSTes Trustmark
non-profit group
to build users trust and confidence in the Internet by
promoting the polices of disclosure and informed consent

BBB (Better Business Bureau)

private non-profit organizations supported largely by
membership
to provide reports on business firms that are helpful to
consumers before making a purchase
Prentice Hall, 2000

48

Authentication
If authentication can be solved ..
students will be able to take exams online
fraud of recipients of government entitlements and
other payments will be reduced to a bare minimum
buyers will be assured who the sellers are and
sellers will know who the buyers are with a very high
degree of confidence
arrangements will be made so that only authorized
people in companies can place purchasing orders
interviews for employment, possible marriage, and
other matching applications will be accurate
trust in your partners and in EC in general will
increase significantly
Prentice Hall, 2000

49

Biometrics Controls
Photo of face
Fingerprints
Hand geometry
Blood vessel pattern in the retina of a
persons eye
Voice
Signature
Keystroke dynamics
Prentice Hall, 2000

50

Seller Protection
Sellers must be protected against:
Use of their names by others
Use of their unique words and phrases, names, and
slogans and their web addresses
Dealing with customers that deny that they placed
an order
Several other potential legal issues are related to
sellers protection
Customers downloading copyrighted software
and/or knowledge and selling it to others
Not being properly paid for products and services
provided
Prentice Hall, 2000

51

Managerial Issues
Multinational corporations face different cultures in the
different countries in which they are doing business
Issues of privacy, ethics, and so on may seem to be
tangential to running a business, but ignoring them
may hinder the operation of many organizations
The impact of electronic commerce and the Internet
can be so strong that the entire manner in which
companies do business will be changed, with
significant impacts on procedures, people,
organizational structure, management, and business
processes
Prentice Hall, 2000

52