M6 - E Commerce - Integrity And Security

1,965 views

Published on

E-Commerce - Data Integrity and Security

Published in: Education, Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,965
On SlideShare
0
From Embeds
0
Number of Embeds
11
Actions
Shares
0
Downloads
16
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • E-Commerce - Data Integrity and Data Privacy
  • M6 - E Commerce - Integrity And Security

    1. 1. EP 6/12
    2. 2. <ul><li>What personal data have you sent over the web? </li></ul><ul><li>What personal data do you enclose when you purchase an item over the internet? </li></ul><ul><li>Are you happy to share all of this data or would you rather some was kept private ? </li></ul>
    3. 3. <ul><li>The assurance that Data is consistent and correct. </li></ul><ul><li>Making sure data is complete when it is sent, stored or operated upon in any way. </li></ul><ul><li>Within the field of E-Commerce any Data that is sent between the customer and the business or between businesses must be subject to data integrity checks. </li></ul>
    4. 4. <ul><li>Making sure that personal data kept by companies is only used in the correct way. </li></ul><ul><li>Companies have a legal responsibility to ensure that personal data is not disclosed to the wrong people. </li></ul><ul><li>Data Security controls are in place to make sure access to data is controlled. </li></ul>
    5. 5. <ul><li>How can data get “damaged”? </li></ul><ul><li>Try and think of a few examples… </li></ul>
    6. 6. <ul><li>Data integrity can be compromised in a number of ways: </li></ul><ul><ul><li>Human errors when data is entered </li></ul></ul><ul><ul><li>Errors that occur when data is transmitted from one computer to another </li></ul></ul><ul><ul><li>Software bugs or viruses </li></ul></ul><ul><ul><li>Hardware malfunctions, such as disk crashes </li></ul></ul><ul><ul><li>Natural disasters, such as fires and floods </li></ul></ul>
    7. 7. <ul><li>There are many ways to minimize these threats to data integrity. These include: </li></ul><ul><ul><li>Backing up data regularly </li></ul></ul><ul><ul><li>Controlling access to data via security mechanisms </li></ul></ul><ul><ul><li>Designing user interfaces that prevent the input of invalid data </li></ul></ul><ul><ul><li>Using error detection and correction software when transmitting data </li></ul></ul>
    8. 8. <ul><li>Task </li></ul><ul><li>Where does your data travel, when you buy something on the web? </li></ul><ul><li>Imagine you buy something on eBay, try and plot the path of data from your PC. </li></ul><ul><li>At what points in this path must data be protected? </li></ul>
    9. 9. <ul><li>Many types of personal data are required be kept private by companies: </li></ul><ul><ul><li>Lifestyle </li></ul></ul><ul><ul><ul><li>Religion, Sexual orientation, Political affiliation </li></ul></ul></ul><ul><ul><li>Financial </li></ul></ul><ul><ul><ul><li>Bank details, Credit card details, Financial records </li></ul></ul></ul><ul><ul><li>Email </li></ul></ul><ul><ul><li>Medical </li></ul></ul><ul><ul><ul><li>Health records </li></ul></ul></ul>
    10. 10. <ul><li>What are the potential risks for people whose personal data is not kept private? </li></ul><ul><ul><li>Discrimination </li></ul></ul><ul><ul><li>Embarrassment </li></ul></ul><ul><ul><li>Damage to personal reputation </li></ul></ul><ul><ul><li>Email Spam </li></ul></ul><ul><ul><li>Identity theft </li></ul></ul><ul><ul><li>Fraud </li></ul></ul>
    11. 11. <ul><li>European Laws state that the data must: </li></ul><ul><ul><li>Fairly and lawfully processed. </li></ul></ul><ul><ul><li>Processed for limited purposes. </li></ul></ul><ul><ul><li>Adequate, relevant and not excessive. </li></ul></ul><ul><ul><li>Accurate. </li></ul></ul><ul><ul><li>Not kept longer than necessary. </li></ul></ul><ul><ul><li>Processed in accordance with the data subject's rights. </li></ul></ul><ul><ul><li>Secure. </li></ul></ul><ul><ul><li>Not transferred to countries without adequate protection. </li></ul></ul>
    12. 12. <ul><li>United Kingdom introduced a Data Protection Act in 1984 in order to protect consumers. </li></ul><ul><ul><li>Data may only be used for the specific purposes for which it was collected </li></ul></ul><ul><ul><li>Data must not be disclosed to other parties without the consent of the individual whom it is about </li></ul></ul><ul><ul><li>Individuals have a right of access to the information held about them </li></ul></ul><ul><ul><li>Personal information may be kept for no longer than is necessary. </li></ul></ul><ul><ul><li>Companies holding personal information are required to secure this information. </li></ul></ul>
    13. 13. <ul><li>Group work – 3 or 4 students </li></ul><ul><li>Internet Research </li></ul><ul><li>Data Privacy and Security in Thailand </li></ul><ul><ul><li>What are the laws for Thai E-Commerce companies? Are there any laws? If not, why not? Are there plans to implement data protection laws? </li></ul></ul><ul><ul><li>Give me some actual example of personal data being stolen or abused in Thailand? </li></ul></ul><ul><ul><ul><li>What happened? </li></ul></ul></ul><ul><ul><ul><li>Identity theft? Credit card theft? Fraud? Damaged reputation? Embarrassment? </li></ul></ul></ul>
    14. 14. <ul><li>How are these laws kept in place? </li></ul><ul><ul><li>Police? Government agencies? </li></ul></ul><ul><li>What happens if companies break the law? </li></ul><ul><ul><li>Prison? Fines? Any examples? </li></ul></ul><ul><li>Please include any information you find interesting. </li></ul><ul><li>Please use Microsoft Word for this task. Complete the report and email to me before the start of the next lesson. [email_address] </li></ul>
    15. 15. <ul><li>Include in your document any links to websites or web pages that helped you to collect information. </li></ul><ul><li>This is called a Reference </li></ul><ul><li>You link text quoted, from the net or books, to a reference at the bottom of your document, like this: </li></ul><ul><ul><li>Although the Act does not mention privacy, in practice it provides a way in which individuals can enforce the control of information about themselves. Most of the Act does not apply to domestic use, [1] </li></ul></ul><ul><li>References </li></ul><ul><ul><li>[1] Data Protection Act 1998 , Part IV (Exemptions), Section 36 , Office of Public Sector Information </li></ul></ul><ul><li>This is something you will have to do at University every time you complete an assignment. </li></ul>
    16. 16. <ul><li>http:// www.oic.thaigov.go.th / </li></ul><ul><li>http:// www.ipthailand.org/ipthailand / </li></ul><ul><li>http://www.wikipedia.org/ </li></ul>

    ×