Chapter 10

Public Policy:
From Legal Issues to Privacy

Learning Objectives

List and describe the major legal issues

related to electronic commerce
Understand the difficulties of protecting
privacy and describe the measures taken
by companies and individuals to protect it
Describe the intellectual property issues in
EC and the measures provided for its
protection
Describe some of the ethical issues in EC
and the measures taken by organizations
to improve ethics
2

Learning Objectives (cont.)

Understand the conflict between Internet
indecency and free speech, and the attempts to
resolve the conflict
Describe the issues involved in imposing sales
tax on the Internet
Discuss the controls over exporting encryption
software and the issues of government policies
Differentiate between contracts online and offline
Describe the measures available to protect
buyers and sellers on the Internet

Legal and Ethical Issues: an

Overview
Privacy
Intellectual Property

Difficult to protect since it is easy and inexpensive to

copy and disseminate digitized information
Free Speech

Internet provides the largest opportunity for free speech

Taxation

Illegal to impose new sales taxes on Internet business

at the present time
Consumer Protection

Many legal issues are related to electronic trade

Ethical Issues
What is considered to be right and wrong?
What is unethical is not necessarily illegal.
Whether these actions are considered unethical depends
on the organization, country, and the specific
circumstances surrounding the scenarios.

Ethical Issues (cont.)

Code of Ethics
Many companies and professional
organizations develop their own
codes of ethics
A collection of principles intended as
a guide for its members
A guide for members of a company
or an association
6

Organize IT Ethical Issues into

a Framework
Privacy
Collection, storage,
and dissemination of
information about
individuals

Accuracy
Authenticity, fidelity,
and accuracy of
information
collected and
processed

Property
Ownership and
value of information
and intellectual
property

Accessibility
Right to access
information and
payment of fees to
access it
7

Protecting Privacy

Privacy
The right to be left alone and the right
to be free of unreasonable personal
intrusions

Information Privacy
The claim of individuals, groups, or
institutions to determine for
themselves when, and to what extent,
information about them is
communicated to others
8

Protecting Privacy (cont.)

Two rules
The right of privacy is not
absolute. Privacy must be
balanced against the needs of
society.
The publics right to know is
superior to the individuals
right of privacy.
9

How is Private Information

Collected?
Reading your newsgroups postings
Finding you in the Internet Directory
Making your browser record information about you
Recording what your browsers say about you
Reading your e-mail

10

Web-Site Self-Registration
Registration Questionnaires
type in private information in order to receive a
password to participate in a lottery, to receive
information, or to play a game

Uses of the Private Information

collected for planning the business
may be sold to a third party
used in an inappropriate manner

11

From the Eighth User Survey

by GVU (1988)
40% of all users have falsified information when
registering online
66% of all U.S. and European respondents dont register
as they dont know how the information is going to be
used
63% dont feel that registration is worthwhile
considering the content of the sites
58% dont trust the sites collecting this information
from them

12

Cookies
Piece of information that allows a Web
site to record ones comings and
goings
Web sites can remember information
about users and respond to their
preferences on a particular site, process is
transparent to users
Web sites can maintain information on a
particular user across HTTP connections
13

Cookies (cont.)

Cook

Reasons for using cookies

to personalize information
to improve online sales/services
to simplify tracking of popular links or demographics
to keep sites fresh and relevant to the users interests
to enable subscribers to log in without having to enter a
password every visit
to keep track of a customers search preferences
personal profiles created are more accurate than selfregistration
Solutions to cookies

users can delete cookie files stored in their computer

use of anti-cookie software (e.g. Cookie Cutter and
Anonymous Cookie)
14

Privacy Protection
5 basic principles

Customers must be given notice and be

able to make informed decisions.
Choice/Consent Customers must be made aware of their
options as to how their personal information may be used.
Consent may be granted through opt-Out clauses
requiring steps.
Access/Participation Consumers must be able to access their
personal information and challenge the validity of the data.
Integrity/security Consumers must be assured that the data is
secure and accurate.
Enforcement/Redress There must always exist a method of
enforcement and remedy. The alternatives are government
intervention, legislation for private remedies, or selfregulation.

Notice/Awareness

15

Protecting Your Privacy

Think before you give out personal information on a site

Track the use of your name and information
Keep your newsgroups posts out of archives
Use the Anonymizer when browsing
Live without cookies
Use anonymous remailers
Use encryption
Reroute your mail away form your office
Ask your ISP or employer about a privacy policy

16

Legislation
The Consumer Internet Privacy Act
The Federal Internet Privacy Protection
Act
The Communications Privacy and
Consumer Empowerment Act
The Data Privacy Act
17

Electronic Surveillance Monitoring Computer Users

Tens of millions of computer users are monitored, many

without their knowledge
Employees have very limited protection against
employers surveillance

Personal Information in Databases

Databases of banks and financial institutions; cable
TV; telephone ; employers; schools; insurance
companies; and online vendors
Concerns
Under what circumstances will personal data be released?
Do you know where the records are?
How are the data used?
18

Privacy Policy Basics

Data
Data Accuracy
Collection
Data should
be

Sensitive data gathered on

collected on
individuals should be
individuals only to
verified before it is entered
accomplish a
into the database.
legitimate business
Data should be accurate
objective.
and, where and when
Data should be
necessary, kept current.
adequate, relevant, and
The file should be made
not excessive in
available so the individual
relation to the business
can ensure that the data are
objective.
correct.
Individuals must give
If there is disagreement
their consent before
about the accuracy of the
data pertaining to
data, the individuals
them can be gathered.
version should be noted and
included with any
disclosure of the file.

Data Confidentiality

Computer security procedures

should be implemented to
provide reasonable assurance
against unauthorized disclosure
of data.
Third parties should not be
given access to data without the
individuals knowledge or
permission, except as required
by law.
Disclosures of data, other than
the most routine, should be
noted and maintained for as
long as the data are maintained.
Data should not be disclosed
for reasons incompatible with
the business
objective for which
19
they are collected.

Protecting Intellectual Property

Copyright
A statutory grant that provides the creators of intellectual
property with ownership of it for 28 years

Trade Secret
Intellectual work such as a business plan, which is a company
secret and is not based on public information

Patent
A document that grants the holder exclusive rights on an
invention for 17 years

20

Copyright Protection Techniques

Digital watermarks
embedding of invisible marks
can be represented by bits in digital
content
hidden in the source data, becoming
inseparable from such data

21

Legal Perspectives
Electronic Theft (NET) Act
imposed criminal liability for individuals who reproduce or distribute
copies of copyrighted works even if no commercial advantage or financial
gain exists

Digital Copyright Clarification and Technology Education Act

limits the scope of digital copyright infringement by allowing distance
learning exemptions

Online Copyright Liability Limitation Act

seeks to protect Internet access providers from liability for direct and
vicarious liability under specific circumstances where they have no control
or knowledge of infringement

22

Legal Perspectives

(cont.)

Digital Millennium Copyright Act

reasserts copyright in cyberspace

makes illegal most attempts to defeat anti-copying technology
requires the National Telecommunications and Information
Administration to review the effect the bill would have on the
free flow of information and makes recommendations for any
changes two years after it is signed into law
lets companies and common citizens circumvent anti-copying
technology when necessary to make software or hardware
compatible with other products, to conduct encryption
research or to keep personal information from being spread via
Internet cookies or other copy-protection tools
forbids excessive copying of databases, even when those
databases contain information already in the public domain

23

International Aspects of
Intellectual Property
The World Intellectual Property Organization
more than 60 member countries to come up with
an international treaty
part of the agreement is called the database
treaty
its aim is to protect the investment of firms that
collect and arrange information

24

Domain Names

Two controversies
Whether top-level domain names
(similar to com, org and gov) should
be added
The use of trademark names by
companies for domain names that
belong to other companies
25

Domain Names (cont.)

Network Solutions Inc.
Contracted by the government to assign domain addresses

Increase Top Level Names

Idea is that an adult only top-level name will be
created to prevent pornographic material getting
into the hands of children

Trade Name Disputes

Companies are using trade names of other

companies as their domain address to help
attract traffic to their Web site
26

Defining Freedom of Speech

The Bill of Rights First Amendment to the Constitution
of the U.S. of America reads
Congress shall make no law respecting an establishment of
religion, or prohibiting the free exercise thereof; or abridging
the freedom of speech, or of the press; or the right of the
people peaceably to assemble, and to petition the
government for a redress of grievances.

27

Defining Freedom of Speech (cont.)

The united nations Universal Declaration of Human Rights
in 1948 addresses the right of freedom of expression
Everyone has the right to freedom of opinion and expression;
this right includes freedom to hold opinions without interference
and to seek, receive, and impart information and ideas through
any media and regardless of frontiers.

28

The Debate about Free

Speech
the debate
Internet
on
Free speech
Most citizens are implacably opposed to
censorship in any form except censorship of
whatever they personally happen to find
offensive.
What the boundaries are, and how they should be
enforced
Governments protective of their
role in society, parents concerned
about exposing their children to
inappropriate Web pages and
chat rooms, and federal agencies
attempting to deal with illegal
actions

Citizen action groups desiring to

protect every ounce of their
freedom to speak, individuals
concerned about their right to
information on the Internet, and
organizations seeking to empower
the citizens of the earth
29

The Debate about Free

Speech
on the Internet (cont.)

Provisions in law for 2 cases that limit free speech

obscene material
compelling government interest

Indecency

any comment, request, suggestion, proposal,

image, or other communication that, in context,
depicts or describes, in terms patently offensive as
measured by contemporary community standards,
sexual or excretory activities or organs

30

Protecting Children
(regarding the protection of
children from inappropriate material on the
Internet)

3 approaches

No information should be held back and parents should be

responsible for monitoring their own children
The government is the only one who can truly protect children
from this material
To hold the Internet providers responsible for all the material
and information they provide

31

Protecting Children (cont.)

Parents Governing Their Own Children
Government Protecting the Children
Responsibility for the Internet Providers
Forcing Internet Providers to be Accountable

32

Legal Perspectives in the USA

Child Online Protection Act
Internet Tax Freedom Act
Family Friendly Internet Access Act
Internet Protection Act
Internet School Filtering Act

33

Controlling Spamming
What is spamming, why is it bad?

Spamming
the practice of indiscriminate distribution of messages (for
example junk mail) without permission of the receiver and
without consideration for the messages appropriateness

Spammings negative impacts

Spam comprised 30% of all mail sent on America Online
slowing the Internet in general
shutting ISPs down completely
now less than 10%
34

Controlling Spamming (cont.)

Legislation, Legal
The Electronic Mailbox Protection Act
The Unsolicited Commercial Electronic Mail Act
The Netizens Protection Act
The Telephone Consumer Protection Act

35

Controlling Spamming (cont.)

How to cut spamming
Tell users not to validate their addresses by answering spam
requests for replies if they want to be taken off mailing lists
Disable the relay feature on SMTP (mail) servers so mail cannot
be bounced off the server
Delete spam and forget it its a fact of life and not worth
wasting time over
Use software packages, e.g. www.getlost.com and
www.junkbusters.com

36

Taxation Policies
The Taxation Exemption Debate
Internet Tax Freedom Act (8 Oct,98)

promotes electronic commerce through tax incentives

by barring any new state or local sales taxes on
Internet transactions during the next three years
Electronic commerce industries
Applying existing law to new
mediums of exchange is far more
difficult than ever imagined. The
global nature of business today
suggests that cyberspace be
considered a distinct tax zone unto
itself with unique rules and
considerations befitting the stature
of the environment.

Non-electronic commerce industries

The Internet businesses must pay its fair
share of the bill for the nations social
and physical infrastructure. They feel
that the Internet industries are not pulling
their own weight. These companies are
screaming that the same situation exists
in the mail order business and that there
are sufficient parallels to warrant similar
legal considerations.
37

Taxation Policies (cont.)

Proposed Taxation Solutions in the USA
The Internal Revenue
Service might come to the
rescue with a single and
simplified national sales tax.
This will reduce 30,000
different tax codes to no
more than 50.
Net sales would be taxed at
the same rate as mail order or
Main Street transactions.

38

While states could set their

one rate, each sale could be
38
taxed
only once.

Encryption Policy
The 128-BIT Encryption Debate
Export 128-bit encryption is 3.09X10 to the 26th power times
more difficult to decipher than the preceding legally
exportable technology.

Secure e-commerce
For the past 20 years
there was a limitation
on exported encryption
devices of 56 bit codes

Governments legal requirements

Recent legislation
allows 128 bit in
specific circumstances
thus paving the way for
the Compaq permit
39

Encryption Policy (cont.)

Data Encryption Standard (DES)

A published federal encryption standard created to

protect unclassified computer data and
communications
Law Enforcements Plea
Cryptographers would follow an audit trail to ensure that
keys havent been released improperly, however, law
enforcement does not trust that process

First Amendment Right

Technology can encrypt so thoroughly, that every computer

on earth, working in tandem, would take trillions of years to
decode the encryption

Business View

EFF (Electronic Frontier Foundation) believes that software, networked

communications and cryptography industries are suffering
40

Other Legal Issues

What are the rules of electronic contracting, and whose
jurisdiction prevails when buyers, brokers, and sellers are in
different states and/or countries?
How can gambling be controlled on the Internet? Gambling
is legal in Nevada and other states. How can the winners
tax be collected?
When are electronic documents admissible evidence in the
courts of law? What do you do if they are not?
Time and place can carry different dates for the buyers and
sellers when they are across the ocean.
Is a digital signature legal?
The use of multiple networks and trading partners makes
the documentation of responsibility difficult. How is such a
problem overcome?
41

Electronic Contracts
Uniform Electronic Transactions Act
Provides the means to effectuate transactions accomplished
through an electronic medium

Uniform Commercial Code (UCC)

Provides a government code that supports existing and future
electronic technologies in the exchange of goods or of
services related to exchange of goods

42

Electronic Contracts (cont.)

Shrink-wrap agreements (or box top licenses)
The user is bound to the license by opening the
package
This has been a point of contention for some time
The court felt that more information would provide
more benefit to the consumer given the limited space
available on the exterior of the package
Click-wrap contracts
The software vendor offers to sell or license the use of
the software according to the terms accompanying the
software
The buyer agrees to be bound by the terms based on
43
certain conduct

Fraud on the Internet

Internet Stocks Fraud

SEC brought charges against 44 companies and individuals

who illegally promoted stocks on computer bulletin boards,
online newsletters and investment Web sites
Other Financial Fraud

Selling bogus investments, phantom business opportunities

and other fraud schemes
Other Fraud in EC

Customers may
receive poor quality products and services
not get products in time
be asked to pay for things they assume will be paid for by sellers

44

Federal Trade Commission

(FTC) Consumer Alerts
The Dirty Dozen
Business opportunities Free goods
Bulk mail solicitors
Chain letters
Investment opportunities
Cable descrambler kits
Work-at-home schemes Credit repair
Health and diet schemes Vacation prize
Effortless income
promotions
Guaranteed loans or credit,
on easy terms
45

Buyer Protection
Tips for safe electronic shopping
Look for reliable brand names at sites.
Search any unfamiliar site for address and phone and fax
number. Call up and quiz a person about the sellers.
Check the seller with the local Chamber of Commerce, Better
Business Bureau, or TRUSTe as described later.
Investigate how secure the sellers site is and how well it is
organized.

46

Buyer Protection
Examine the money-back guarantees, warranties, and service
agreements.
Compare prices to those in regular stores; too-low prices may
be too good to be true.
Ask friends what they know. Find testimonials and
endorsements.
Find out what you can do in case of a dispute.
Consult the National Fraud Information Center.
Check www.consumerworld.org
Do not forget the you have shoppers rights.

47

Third Party Service

Public organizations and private companies attempt to
protect consumers
TRUSTes Trustmark
non-profit group
to build users trust and confidence in the Internet by promoting the polices
of disclosure and informed consent

BBB (Better Business Bureau)

private non-profit organizations supported largely by membership
to provide reports on business firms that are helpful to consumers before
making a purchase

48

Authentication
If authentication can be solved ..

students will be able to take exams online

fraud of recipients of government entitlements and
other payments will be reduced to a bare minimum
buyers will be assured who the sellers are and sellers
will know who the buyers are with a very high degree
of confidence
arrangements will be made so that only authorized
people in companies can place purchasing orders
interviews for employment, possible marriage, and
other matching applications will be accurate
trust in your partners and in EC in general will increase
significantly

49

Biometrics Controls
Photo of face
Fingerprints
Hand geometry
Blood vessel pattern in the retina of a persons eye
Voice
Signature
Keystroke dynamics

t
a
C

.
y
h
50

Seller Protection
Sellers must be protected against:
Use of their names by others
Use of their unique words and phrases, names, and slogans and their
web addresses
Dealing with customers that deny that they placed an order
Several other potential legal issues are related to sellers protection
Customers downloading copyrighted software and/or knowledge and
selling it to others
Not being properly paid for products and services provided

51

Managerial Issues
Multinational corporations face different cultures
in the different countries in which they are doing
business
Issues of privacy, ethics, and so on may seem to
be tangential to running a business, but
ignoring them may hinder the operation of
many organizations
The impact of electronic commerce and the
Internet can be so strong that the entire manner
in which companies do business will be
changed, with significant impacts on
procedures, people, organizational structure,
management, and business processes
52