RISKS and THREATS
used in the following courses taught by Prof. Richardson
E-commerce and the role of Third Parties
|Chpt 4, page
TRUSTe is a nonprofit organization that issues a seal to companies that comply with its rules of disclosure and informed consent
Under the heading of education, TRUSTe has a section titled
TRUSTe's Privacy Protection Guidelines
- go there www.truste.com/education/protection_guidelines.html
they have 6 points
1. Read Privacy Statements.
I was just going through third party risks and I spotted a link on privacy issues for 2011 with regard to Facebook.
website is : http://www.facebook.com/note.php?note_id=468265679423
It has a set of 10 points for Facebook's privacy issues. This deals with employee location information. This is easily available with the latest iPhone's Check in. Employee locations can be accessed easily and pose a threat to employer information. Exposure of data on social networks is much higher than ever as a quarter of the time spent on the internet is spent networking. With the new Facebook email a greater threat is posed to the corporate email system. These are namely just two or three but there are 10 different types posted on this website.
I thought this was a relatively new concept with Facebook and its privacy issues. Since we are anyways dealing with privacy issues under third party risks I thought this could be a relevant issue to share with you.
Under the heading "Proofpoint's
predictions for the top 10 privacy issues in 2011: "
"1. The privacy and confidentiality of location-based information will become a major concern for both consumers and corporations. With the rise in mobile GPS information, companies will have to protect both personally identifiable information (PII) of employees, customers and partners, and also create new policies for handling location-based information. Not only will real-time information about location be a vulnerability, but companies will have access to information about where people (or their devices) spend much of their time."
"5. Blended threats will increase. While email is still the number one threat vector for personal information loss, threats from newer communications channels is increasing, especially in the form of blended threats where the target is first attacked through email, then directed to Web or social media."
Thanks Nikhita, as more and more people access the web through mobile devices, and as GPS technology is used in more and more applications, there will be an increasing number of situations where people are identified "geographically" as well as by addy and IP. This situation can be advantageous for marketing people because they can be more precise in advertising based on "where" potential customers are, but, like anything, the technology can have a security consequence that may put people at risk, or, at the least, compromise privacy issues.
And, I may add, as a fan of BlackBerry, I am interested to know how the companies products and services will be able to attract more customers away from iPhone because R.I.M. processes all their emails encrypted through R.I.M. servers, whereas iPhone emails are just open emails on the internet.
Canadian bank vulnerable to Third-Party supplier of services
Tara Perkins of the Toronto
"Canadians who bought binoculars or blood pressure monitors after receiving brochures for the products in their CIBC Visa statements will be issued refunds, the Competition Bureau has announced... The bureau launched an investigation after receiving a complaint from a CIBC customer."
"...investigation found that two [Third-Party] companies responsible for the [CIBC VISA] sales brochures deceptively overstated the products' original prices to make the sale price look more attractive...A New York firm, Media Syndication Global, and a Paris firm, Havas SA, have agreed to issue partial refunds to purchasers of the products."
bank vulnerable to Third-Party supplier of services
competitive environment within the credit card industry is so intense that
card issuing companies like CIBC must be very nervous about a situation
where a Third-Party agency causes negative feelings among large numbers
The concern would be that these customers switch to a RBC VISA or even a Mastercard or some of the U.S. products such as MBNA.
At the time this story broke (2nd week of June 2006) CIBC did NOT have any statements in the News Release section of their website apologizing to customers about this problem. It remains to be seen whether they can "get away with it" and keep most of these customers.
Sharing / Selling of Data,
Electronic Commerce: Security, Risk Management, and Control
Chpt 5, p. 156
In Canada, our federal government has dealt with the consequences of Third-Party Sharing / Selling of Data by enacting Bill C6
We have a unit on Bill C6
in the context of Privacy, go to
||CONTACT I MAIN PAGE I NEWS GALLERY I E-BIZ SHORTCUTS I INT'L BIZ SHORTCUTS I MKTG&BUSINESS SHORTCUTS I TEACHING SCHEDULE|
|MISTAKES ITEXTS USED I IMAGES I RANK IDISCLAIMER I STUDENT CONTRIBUTORS I FORMER STUDENTS I|