Third Party Risks and Threats

THIRD PARTY
RISKS and THREATS
- fundamentals

last updated 2006 June 15

This page used in the following courses taught by Prof. Richardson
.

BIT 801

LEARNING
OBJECTIVES

understand the role of Third Parties in validation, verification and privacy policies
identify the role of the government in Third-Party Sharing / Selling of Data
appreciate the controversial issues in Web Linking re: 3rd parties
vulnerability to Third-Party supplier of services

Chpt 4
E-commerce and the role of Third Parties

Chpt 4, page 125

TRUSTe is a nonprofit organization that issues a seal to companies that comply with its rules of disclosure and informed consent

TRUSTe is an independent, non-profit initiative whose mission is to build users' trust and confidence in the Internet by promoting the principles of disclosure and informed consent.

.
"Web sites displaying the TRUSTe Privacy Seal are committed to abiding by a privacy policy that gives users notice, choice, access, security, and redress with regard to their personal information."

.	One of the critical areas that TRUSTe focuses on in their Public Relations is educating people about privacy issues. In fact, on their website they say "Education is the number one priority in privacy protection. WTGR

.
Under the heading of education, TRUSTe has a section titled
TRUSTe's Privacy Protection Guidelines
- go there www.truste.com/education/protection_guidelines.html
they have 6 points

1.      Read Privacy Statements.
2.      Seal Programs.
3.      Credit cards.
4.      Security.
5.      Common sense.
6.      Protect children

.
.
.

.

Third-Party suppliers CASE:
Canadian bank vulnerable to Third-Party supplier of services
June 2006

CIBC announced a rebate for thousands of customers who bought products available through their VISA card promo material.

Tara Perkins of the Toronto Star wrote
"CIBC spokesman Rob McLeod said the bank had arrangements with third-party companies that would offer merchandise to CIBC customers via inserts into Visa statements. The third-party customers would source the merchandise, developing pricing and produce the inserts, he said."
"Canadians who bought binoculars or blood pressure monitors after receiving brochures for the products in their CIBC Visa statements will be issued refunds, the Competition Bureau has announced... The bureau launched an investigation after receiving a complaint from a CIBC customer."
"...investigation found that two [Third-Party] companies responsible for the [CIBC VISA] sales brochures deceptively overstated the products' original prices to make the sale price look more attractive...A New York firm, Media Syndication Global, and a Paris firm, Havas SA, have agreed to issue partial refunds to purchasers of the products."

..

Third-Party suppliers
Canadian bank vulnerable to Third-Party supplier of services

KEY
POINTS Basically, what happened was a Third-Party firm in the U.S. was contracted by CIBC to send out stuff to CIBC VISA card customers. The Third-Party firm took the opportunity to solicit VISA customers to buy some items (one was a blood pressure monitor) by saying it was really really cheap and that it was a special low price for VISA customers.
In reality, the price offered was nothing special - nevertheless a couple of thousand people sent in their money for these monitors.
CIBC then got investigated when someone complained that the price of the monitors was not discounted they way it had been advertised, and the U.S. company is going to have to fork out a lot of money in rebates.
WTGR

.

.

KEY
POINTS
The competitive environment within the credit card industry is so intense that card issuing companies like CIBC must be very nervous about a situation where a Third-Party agency causes negative feelings among large numbers of customers.
The concern would be that these customers switch to a RBC VISA or even a Mastercard or some of the U.S. products such as MBNA.
At the time this story broke (2nd week of June 2006) CIBC did NOT have any statements in the News Release section of their website apologizing to customers about this problem. It remains to be seen whether they can "get away with it" and keep most of these customers.

.

Third-Party Sharing / Selling of Data,
Electronic Commerce: Security, Risk Management, and Control
Chpt 5, p. 156
by Greenstein
In Canada, our federal government has dealt with the consequences of Third-Party Sharing / Selling of Data by enacting Bill C6
We have a unit on Bill C6 in the context of Privacy, go to
http://www.witiger.com/ecommerce/privacyissues.htm

.
.
CIBC logo freely available on their site at http://www.cibc.com/ca/press-centre/logos-images.html
.

witiger.com CONTACT I MAIN PAGE I NEWS GALLERY I E-BIZ SHORTCUTS I INT'L BIZ SHORTCUTS I MKTG&BUSINESS SHORTCUTS I TEACHING SCHEDULE

.

MISTAKES ITEXTS USED I IMAGES I RANK IDISCLAIMER I STUDENT CONTRIBUTORS I FORMER STUDENTS I

.

.

witiger.com	CONTACT I MAIN PAGE I NEWS GALLERY I E-BIZ SHORTCUTS I INT'L BIZ SHORTCUTS I MKTG&BUSINESS SHORTCUTS I TEACHING SCHEDULE
	.
	MISTAKES ITEXTS USED I IMAGES I RANK IDISCLAIMER I STUDENT CONTRIBUTORS I FORMER STUDENTS I
	.