Online Social Networks and E-Commerce - MIT Computer Science ...
Online Social Networks and E-Commerce - MIT Computer Science ...
Online Social Networks and E-Commerce - MIT Computer Science ...
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Clarence Lee <strong>and</strong> Shirley Fung<br />
behind the curtains. There are currently no policies in the United States that protect the misuse of data<br />
being passed on to third parties.<br />
On the other h<strong>and</strong>, the European Union actually has a directive (95/46/EC) that protects private<br />
information by ensuring that a proper procedure has been taken during the action of passing data onto<br />
another party. As of now, there is no such st<strong>and</strong>ard to protect consumer privacy in the United States.<br />
Many transnational companies have adopted the policy to ensure that they meet the guidelines in the<br />
European Union, but it is unclear whether domestic U.S. companies will follow suit.<br />
Non-profit organizations, such as TRUSTe, have begun to allow online businesses to be certified as a<br />
TRUSTe member. TRUSTe gives out different seals for businesses for different kinds of st<strong>and</strong>ards. One of<br />
them is the Web privacy st<strong>and</strong>ard. To obtain the seal for Web privacy, businesses are required to have an<br />
approved privacy notice, disclosure of practices, <strong>and</strong> provide mechanisms for choice <strong>and</strong> consent.<br />
Without enough pressure from the public, online businesses will not have an incentive to meet these<br />
guidelines. Moreover, this action is completely voluntary, <strong>and</strong> has no infrastructure for accountability<br />
when something does go wrong. Without accountability <strong>and</strong> legal binding, this system will not adequately<br />
protect consumer privacy. For instance, even though TRUSTe requires disclosure of how sensitive data is<br />
used, it does not guarantee that misuse of customer’s sensitive data would have any adverse consequences<br />
on the businesses.<br />
Scenario 2: Insurance Raising Your Premiums Because of Your Lifestyle<br />
You have browsed <strong>and</strong> searched for books on skydiving, <strong>and</strong> have posted on your public Facebook<br />
profile that you enjoy extreme sports. For the purposes of better marketing, Amazon <strong>and</strong> Facebook as<br />
used this data to label you as the “extreme adventurist,” so that they can send you regular email<br />
newsletters about mountain climbing, white water rafting, etc. Your health insurance company<br />
purchases this information from Amazon <strong>and</strong> Facebook, <strong>and</strong> has decided to raise your health insurance<br />
premiums this year.<br />
As browsing history <strong>and</strong> purchase history become more <strong>and</strong> more informative, companies can deduce all<br />
kinds of characteristics about consumer behavior. While companies can use the information to better<br />
promote products that suits your needs, there are times where this information can be held against you, as<br />
illustrated in scenario 2. For instance, if you have posted pictures on Facebook of your sports car, <strong>and</strong><br />
joined a forum for underground street racing enthusiasts, car insurance can raise your premiums.<br />
Likewise, your browsing <strong>and</strong> search history of WebMD.com may help health <strong>and</strong> life insurance companies<br />
to determine what your health risks might be.<br />
Most often, consumers would use a Web site <strong>and</strong> never think that this information can be held against<br />
them in another context. While companies may disclose this information to another party, consumers<br />
rarely know what exactly had been disclosed, <strong>and</strong> how the information was used. In addition, when harm<br />
Page 27