Security and Privacy in E-Commerce

Security and Privacy in E-Commerce

DOI: 10.4018/978-1-4666-1800-8.ch010
OnDemand PDF Download:
No Current Special Offers

Chapter Preview


Learning Objectives

After completing this chapter, you will be able to:

  • Understand various types of security threats;

  • Describe major approaches to the management of security threats;

  • Understand how authentication methods are used to enhance security;

  • Understand a public key infrastructure (PKI);

  • Discuss principles for privacy management;

  • Discuss different approaches to privacy protection in e-commerce;

  • Describe popular end-user privacy-enabling technologies (PETs);

  • Understand principles for privacy management;

  • Discuss how third party web seals can be used to address consumers’ various concerns.


Online Privacy Issues

The online privacy issue encompasses topics such as website privacy policies and practices, encryption, industry standards, and government surveillance. This issue also includes topics such as online anonymity, disclosures of personal information, and the online tracking of consumer behavior. Along with advent of social media and the mobile network, customers’ privacy and information security become more important than ever before. For example, online advertising provides marketers with the means to collect, measure, and analyze consumer online buying patterns (both individually and in aggregate). Social networking sites also collect a massive amount of subscribers’ personal data and analyze the data to improve their performance.

By tracking consumer activities on websites, and collecting responses to information placed on the company’s own website, companies are able to create an enormous amount of personal profiles for marketing purposes. For online businesses, giving consumers the control of their privacy in order to create an acceptable level of trust is highly desirable (Smith & Shao, 2007).

Doubleclick, an ad management and ad serving technology foundation (Figure 1), allows companies that buy, create or sell online advertising to track the activities of their visitors. Over time, Doubleclick can create a detailed profile of a person’s spending and computing habits on the web that can help companies to target the web advertisement more precisely.

Figure 1.

Doubleclick home page


LexisNexis® Risk Solutions, one of the largest data brokers, uses an extensive network of contractors to collect data from police and motor vehicle records, credit and employment histories, addresses, licenses, insurance claims, loan applications, and so on. LexisNexis® Risk Solutions has collected information on almost every adult in the United States and serves the multi-billion dollar risk information industry, which is comprised of professionals and organizations such as law enforcement, government agencies, financial services firms, collection agencies, insurance and health care providers, hiring managers, and other professionals.

However, there has been very little federal/state control over how data brokers collect, maintain, and sell their data. Recently, the privacy issue drew more attention due to cloud computing. The Federal Trade Commission (FTC) is looking at the privacy and security issues tied to cloud computing where documents and other data are stored on cloud servers, in the hands of third parties, as opposed to being on a user's storage device.

In Europe, especially with the European Commission’s Directive on Data Protection coming into effect in 1998, privacy protection is much stronger and more comprehensive than in the U.S. In EU (European Union) nations, the businesses are not allowed to use personally identifiable information without consumer’s prior informed consent. Furthermore, the customers have the right to access that information, correct it, and request that no further data be collected.

After reading this chapter, you will be able to answer the following:

Complete Chapter List

Search this Book: