E-Privacy for Electronic E-Privacy for Electronic Commerce Commerce Implementing E-Privacy - Implementing E-Privacy - An Enterprise Approach An Enterprise Approach Tony LAM Tony LAM Deputy Privacy Commissioner for Personal Data, Hong Deputy Privacy Commissioner for Personal Data, Hong Kong SAR Kong SAR Conference on E-Privacy in the New Economy Conference on E-Privacy in the New Economy March 26, 2001 March 26, 2001 1
21
Embed
E-Privacy for Electronic Commerce Implementing E-Privacy - An Enterprise Approach Tony LAM Deputy Privacy Commissioner for Personal Data, Hong Kong SAR.
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
E-Privacy for Electronic CommerceE-Privacy for Electronic Commerce
Implementing E-Privacy - Implementing E-Privacy -
An Enterprise ApproachAn Enterprise Approach
Tony LAMTony LAM
Deputy Privacy Commissioner for Personal Data, Hong Kong SARDeputy Privacy Commissioner for Personal Data, Hong Kong SAR
Conference on E-Privacy in the New EconomyConference on E-Privacy in the New Economy
March 26, 2001March 26, 2001
1
Why the concern about E-PrivacyWhy the concern about E-Privacy
It’s a core value of an organisation in any E-
Business initiative
“It is not whether an organisation can afford to adopt an E-Privacy policy, but whether it can afford not to do so”
2
E-Privacy : A Business issueE-Privacy : A Business issue
How can organisations improve key processes in an increasingly competitive environment?
How can organisations maximise the benefit of information in the new information age?
Can E-Commerce maximise its value to consumers and simultaneously retain their trust and confidence?
3
E-Privacy : A Management issueE-Privacy : A Management issue“Failure to deal with privacy issues can present frightening risks to the E-Business enterprise”
Loss of competitive advantage
Loss to potential business
4
E-Privacy : A Management issueE-Privacy : A Management issue
“When the client of a major bank can have $900,000 stolen from his account despite all the protections that are written into the system, it seems that even the biggest companies are vulnerable against the skills of a determined Internet criminal.”
Source : South China Morning Post, February 22 2001
Unfavourable publicity
Customers walk away
5
E-Privacy : A Management issueE-Privacy : A Management issue
“In 1998, a federal jury in the US awarded an identity theft victim $50,000 in actual damages and $4.7 million in punitive damages against a major credit-reporting agency. Jurors found that the company failed to follow reasonable procedures to maximise accuracy and that it, in doing so, willfully defamed the defendant”
Source : Privacy Times Magazine, May 29 1998
Other costs of remedy
Direct costs of litigation
6
E-Privacy : A Consumer issueE-Privacy : A Consumer issue
“Despite the fact that the majority of the sites collected personal information from the user, only a tiny minority provided a privacy policy that gave users meaningful information about how that data would be used. Sites both in the US and EU fall woefully short of the standards set by international guidelines on data protection”
Source : Consumer International Privacy@net Report, 2001
Trust and confidence are not yet the hallmarks of E-Commerce
7
E-Privacy : A Consumer issueE-Privacy : A Consumer issue
“Fewer than 2% of all respondents have bought goods or services or traded securities online. The main reason cited by respondents for not using the Internet to shop or trade was concern about security”
Source : Census & Statistics Department Survey, 2000
“Of all the respondents, about 52% gave a rating of 8 or more on a scale of 0 to 10 to indicate their privacy concern about purchasing online. The highest privacy concern was “money loss due to interception of your credit card (84%), followed by “misuse of personal data by third parties (72%)””
Privacy policies and accurate public statements outlining such policies are a vital step
towards encouraging openness and trust in E-
Commerce among consumers
“They can help consumers to make informed choices about entrusting an organisation with personal data and doing business with it”
17
Core elements of an E-PPSCore elements of an E-PPS General statement of personal data policyGeneral statement of personal data policy
– your overall commitment to protecting the privacy your overall commitment to protecting the privacy interests of your consumersinterests of your consumers
Statement of data handling practicesStatement of data handling practices– the kind of personal data heldthe kind of personal data held
– main purposes for which personal data are usedmain purposes for which personal data are used
Notice of other practicesNotice of other practices– data disclosure practicedata disclosure practice
– data retention and security policydata retention and security policy
– choice & consent in Internet marketingchoice & consent in Internet marketing
18
Making an Effective E-PPSMaking an Effective E-PPSWhenever a web site collects personal data of consumers
• A prominent “hotlink” from the home page
• A linked page from any data collection forms
• Written in simple and easy to understand manner
• Conforming with acceptable privacy standards
• Relevant to the online environment of the site
• Reflecting the core values of privacy protection
Avoid “over-commitment” and “under-delivery”
19
E-Privacy : The Pay-offE-Privacy : The Pay-off
Building trust & confidence Building trust & confidence in the E-Economyin the E-Economy