Privacy and Security Issues in E-Commerce
Privacy – the control over one’s personal data – and security – the attempted access to data by unauthorized others – are two critical problems for both e-commerce consumers and sites alike. Without either, consumers will not visit or shop at a site, nor can sites function effectively without considering both. This chapter reviews the current state of the art and the relevance for privacy and security respectively. We examine privacy from social psychological, organizational, technical, regulatory, and economic perspectives. We then examine security from technical, social and organizational, and economic perspectives.
Privacy is a serious issue in electronic commerce, no matter what source one examines. Fisher  reported “Forty-one percent of Web buyers surveyed last year by Forrester Research of Cambridge, Mass., said they have contacted a site to be taken off their databases because they felt that the organization used their information unwisely. (pp. 20-21).” A Business Week/Harris Poll found that over forty percent of online shoppers were very concerned over the use of personal information, and 57% wanted some sort of laws regulating how personal information is collected and used [Harris Poll 2000]. Similarly, Culnan  argued that privacy concerns were a critical reason why people do not go online and provide false information online. Why this concern about privacy? The answer is simple. As of 1998, the FTC found that the majority of online businesses “had failed to adopt even the most fundamental elements of fair information practices. ([Culnan 2000], p. 8).” Indeed, relatively few consumers believe that they have very much control over how personal information, revealed online, is used or sold by businesses [Culnan and Armstrong 1999]. The combination of current business practices, consumer fears, and media pressure has combined to make privacy a potent problem for electronic commerce. Tackling privacy, however, is no easy matter. If nothing else, privacy discussions often turn heated very quickly. Some people consider privacy to be a fundamental right; others consider it to be a tradable commodity. Detailed arguments about the historical progression of privacy can be found, for example, in [Davies 1997] and [Etzioni 1999].(Even these historical accounts have sharply differing viewpoints. For example Etzioni argues that privacy is societally illegitimate or infeasible, while Davies argues that it has become a squandered right.)For the purposes of this article, we will explore the potential space of privacy concerns, not privileging any particular viewpoint. In our view, both consumers and businesses may have legitimate viewpoints, sometimes conflicting.This is in the nature of most societal issues. We also restrict ourselves to the privacy issues that accrue in electronic commerce; we omit, for examples, the issues emerging from vehicle tracking chips, the wholesale monitoring of telephone and other communication mechanisms, and image recognition from public cameras (see [Froomkin 2000] for other examples)
Click here for free