Cyber Privacy
CYBER PRIVACY INTRODUCTION
Privacy in cyberspace has assumed great
importance given the proliferation in electronic commerce. The privacy
violation particularly in western societies is viewed as an infringement of
one’s right, whether the violation concerns activity that is of a commercial or private nature. In this unit, you will find a detailed discussion regarding
privacy issues confronting the cyber world.
importance given the proliferation in electronic commerce. The privacy
violation particularly in western societies is viewed as an infringement of
one’s right, whether the violation concerns activity that is of a commercial or private nature. In this unit, you will find a detailed discussion regarding
privacy issues confronting the cyber world.
CYBER PRIVACY OBJECTIVE
This unit will discuss important issues
that figure in cyberpiracy. You will be able to explain the different aspects
of cyber privacy and analyze the privacy issues that need to be addressed.
that figure in cyberpiracy. You will be able to explain the different aspects
of cyber privacy and analyze the privacy issues that need to be addressed.
 |
| Cyber Privacy |
CYBER PRIVACY-A PERSPECTIVE
Be that as it may, like the benefits we are
also experiencing the risk and effects of vulnerabilities of the information
technology in the same way. Among other concerns, privacy in cyberspace has
acquired center stage, of late, in view of more than one reason. As the number
of online users increases, the information rendered by them multiplies. The
concern about that information is, whether online users can exercise any kind
of control over the information that has been passed on to the service provider
in the cyber medium? The concern is quite legitimate, because, by and large, such information is personal and private.
also experiencing the risk and effects of vulnerabilities of the information
technology in the same way. Among other concerns, privacy in cyberspace has
acquired center stage, of late, in view of more than one reason. As the number
of online users increases, the information rendered by them multiplies. The
concern about that information is, whether online users can exercise any kind
of control over the information that has been passed on to the service provider
in the cyber medium? The concern is quite legitimate, because, by and large, such information is personal and private.
Depending upon the nature of the transaction
that is likely to be entered and create, the nature and extent of information
will be provided by the users or rather demanded by the service provider. The
information includes e-mail identity, address for communication, telephone
numbers, employment, marital status, health status, financial information, and
the like. In other words, the growing influence of information technology is
resulting in the sharing and storing of the wealth of personal information. Today
enormous amounts of information are being collected by many thousands of web
sites. As of now in the practice, while an effective technology called SSL
(secure sockets layer) is used for protecting the privacy of the transaction
between a browser and a web server, the protection ceases once the information
is on the server and in the hands of entity.
that is likely to be entered and create, the nature and extent of information
will be provided by the users or rather demanded by the service provider. The
information includes e-mail identity, address for communication, telephone
numbers, employment, marital status, health status, financial information, and
the like. In other words, the growing influence of information technology is
resulting in the sharing and storing of the wealth of personal information. Today
enormous amounts of information are being collected by many thousands of web
sites. As of now in the practice, while an effective technology called SSL
(secure sockets layer) is used for protecting the privacy of the transaction
between a browser and a web server, the protection ceases once the information
is on the server and in the hands of entity.
In the area of data gathering and use by
on-line business, the new technology has made it possible not only to store
personal information provided by consumers but also to track consumer’s
decisions as they move through on-line sits- whether or not they complete
transactions. Should sort of transactional data be used differently than the
personal information affirmatively provided by consumers? The personal and
transactional information than can be captured on-line differs both
qualitatively and quantitatively from the information a merchant obtains when
an in-person transaction is completed. Should the nature of the information
gather limit the uses to which such information may be put by business? Are
there, for example, types of information that should not be used for target
marketing purposes? Should information gathered for the purpose of communicating a
transaction be used for market research? What are the limits on a business’s
ability to resell/rent personal consumer information to other businesses? Is it
appropriate to think of a consumer’s interest in his or her personal or
transactional information as a “right”? If so, what is the responsibility of the
business with regard to that right? If not, to what extent should the consumer
have control over personal and transactional information? How should the
consumer’s control be exercised? What constitutes voluntary consent to the use
of personal or transactional information that has been gathered on-line? How
much is the consumer entitled to know about the uses to uses to which personal
or transactional information will be put? At what stage in a business
relationship should the consumer be asked for consent? Should that be informed
consent? If so, what kind of information is to be furnished by the service
provider? To what extent should consumers have access to the information about
and the ability to correct or modify information that is being collected from
them and gathered about them? These are well-founded concerns of online users
who part with the information, as and when demanded by the service provider.
on-line business, the new technology has made it possible not only to store
personal information provided by consumers but also to track consumer’s
decisions as they move through on-line sits- whether or not they complete
transactions. Should sort of transactional data be used differently than the
personal information affirmatively provided by consumers? The personal and
transactional information than can be captured on-line differs both
qualitatively and quantitatively from the information a merchant obtains when
an in-person transaction is completed. Should the nature of the information
gather limit the uses to which such information may be put by business? Are
there, for example, types of information that should not be used for target
marketing purposes? Should information gathered for the purpose of communicating a
transaction be used for market research? What are the limits on a business’s
ability to resell/rent personal consumer information to other businesses? Is it
appropriate to think of a consumer’s interest in his or her personal or
transactional information as a “right”? If so, what is the responsibility of the
business with regard to that right? If not, to what extent should the consumer
have control over personal and transactional information? How should the
consumer’s control be exercised? What constitutes voluntary consent to the use
of personal or transactional information that has been gathered on-line? How
much is the consumer entitled to know about the uses to uses to which personal
or transactional information will be put? At what stage in a business
relationship should the consumer be asked for consent? Should that be informed
consent? If so, what kind of information is to be furnished by the service
provider? To what extent should consumers have access to the information about
and the ability to correct or modify information that is being collected from
them and gathered about them? These are well-founded concerns of online users
who part with the information, as and when demanded by the service provider.
That the individual shall have full
protection in person and in property is a principle as old as the common law;
but it has been found necessary from time to time to define a new the exact
nature and extent of such protection. Political, social, and economic changes
entail the recognition of new rights, and the common law, in its eternal youth,
grows to meet the demands of society. Thus, in very early times, the law gave a
remedy only for physical interference with life and property, for trespass, etc.
(See Samuel D. Warren and Louis D. Brandies, The to privacy, Harvard Law
Review, Vol, 15, 1890, at P, 192). However, the passage of time revealed that
only a part of the pain, pleasure, and profit of life lay in physical things,
and the remaining in the personhood, in the sense of thoughts, emotions and
sensations, and the like. The unique feature of common law enables the judges to
afford the requisite protection, without the interposition of the legislature,
in this area of intangible nature i.e. privacy. Judge Cooley pronounced this as a right “to be left alone”.
protection in person and in property is a principle as old as the common law;
but it has been found necessary from time to time to define a new the exact
nature and extent of such protection. Political, social, and economic changes
entail the recognition of new rights, and the common law, in its eternal youth,
grows to meet the demands of society. Thus, in very early times, the law gave a
remedy only for physical interference with life and property, for trespass, etc.
(See Samuel D. Warren and Louis D. Brandies, The to privacy, Harvard Law
Review, Vol, 15, 1890, at P, 192). However, the passage of time revealed that
only a part of the pain, pleasure, and profit of life lay in physical things,
and the remaining in the personhood, in the sense of thoughts, emotions and
sensations, and the like. The unique feature of common law enables the judges to
afford the requisite protection, without the interposition of the legislature,
in this area of intangible nature i.e. privacy. Judge Cooley pronounced this as a right “to be left alone”.
In this process, over a period of time,
the nature of the legal responsibility in the form of common law based tort law, has
evolved towards privacy concerns. This development had a profound impact, particularly on constitutional law. In so far as the Indian context is concerned,
by and large, the evolution of privacy-related law had undergone a similar
experience. One unique development in this respect is, judiciary’s painstaking
efforts o recognize the right to privacy involving gender dimension which can be
required by virtue of the local custom or a grant or special permission.
the nature of the legal responsibility in the form of common law based tort law, has
evolved towards privacy concerns. This development had a profound impact, particularly on constitutional law. In so far as the Indian context is concerned,
by and large, the evolution of privacy-related law had undergone a similar
experience. One unique development in this respect is, judiciary’s painstaking
efforts o recognize the right to privacy involving gender dimension which can be
required by virtue of the local custom or a grant or special permission.
In recent times, the Supreme Court’s
pronouncements (particularly focusing on surveillance and telephone tapping
situations. Govind v. the State of M.P. (1975) 2 SSC 148 per Hon’ble K.K. Mathew,
V.R. Krishna Iyer and P.K. Goswamy JJ. Also, see kharak Singh v. the State of U.P.
AIR 1963 SC 1295 per Hon’ble B.P. Sinha, Syed Jafar Imam, K Subba Rao, J.C.
Shah, N. Rajagopala Iyengar, J.R. Mudholkar JJ. On this matter from the
perspective of constitutional law are quite enlightening, Justice K.K. Mathew,
in one such case, observed that ‘privacy-claims deserve to be examined with
care and to be denied only when an important countervailing interest is shown
to be superior. If the court does find that acclaimed right entitled to
protection as a fundamental privacy right, a law infringing it must satisfy the
compelling state most inert. Then the question would be whether a state interest
is of such paramount importance as would justify an infringement of the right,
obviously, if the enforcement of morality were held to be compelling as well as permissible state interest, the characterization of a claimed right as a
fundamental privacy right would be of far less significance. Privacy primarily
concerns the individual. It therefore related to and overlaps with the concept of
liberty. The most serious advocate of privacy must confess that there are
serious problems of defining the essence and scope of the right. Privacy
interest in autonomy must also be placed in the context of rights and
values. Any right to privacy must compass and protect the personal intimacies
of the home, the family, marriage, motherhood, procreation and child-rearing.
This catalog approach to the question is obviously not as instructive as it
does not give an analytical picture of the distinctive characteristics of the
right of privacy. Perhaps, the only suggestion that can be offered as a unifying
principle underlying the concept has been the assertion that claimed right must
be fundamental right implicit in the concept of ordered liberty. The right to
privacy, in any event, will necessarily have to go through a process of ‘case by
case development’. In an attempt to legitimately justify this kind of
interpretation of bringing right to privacy under Article 21 of our
constitution, justice Kuldip Singh (People’s Union for Civil liberties(PUCL) v.
Union of India(1997) I SCC 301 per Hon’ble Kuldip Singh, S. Saghir Ahmed JJ.) affirmed that ‘India is a signatory to the
International Covenant on Civil and Human Rights. 1966, Article 17 thereof
provides for the right to privacy. Article 12 of the universal declaration of Human
Rights, 1948 is almost in similar terms; article 17 of the International Covenant
does not go contrary to any part of our municipal law. Article 21 of the
constitution has, therefore, to be interpreted in conformity with t international law. The right to privacy, the Supreme Court continued, to by
itself, has not been identified under the constitution. As a concept, it may be
too broad and moralistic to define it judicially. Whether the right to privacy can
be claimed or has been infringed in a given case would depend on the facts of
the said case. But the right to hold a telephone conversation in the privacy of
one’s home or office, without interference can certainly be claimed as a right to
privacy. Telephone conversations on the telephone are often of an intimate and
confidential character. Telephone conversation is a part of modern man’s life. The right of privacy would certainly include telephone conversation in the privacy
of one’s home or office. Telephone tapping would, thus, infract Article of the
Constitution of India unless it is permitted under the procedure established by
law. Though it is claimed that constitutionally interpreted right to privacy
under Article 21 can be enforced against private persons as well, many others
strongly feel that the right to privacy against private persons can only be
enforced by invoking the principle of privacy as an actionable tort per se.
(see R. Rajagopal v. State of Tamil Nadu (1994) 6 SCC 632 per Hon’ble B.P.
Jeevan Reddy and Suhas C. Sen JJ. Also see, Soli Sorabjee, Privacy and Defamation:
Supreme Court defines parameters, Indian Express dated 12th
November, at, 9).
pronouncements (particularly focusing on surveillance and telephone tapping
situations. Govind v. the State of M.P. (1975) 2 SSC 148 per Hon’ble K.K. Mathew,
V.R. Krishna Iyer and P.K. Goswamy JJ. Also, see kharak Singh v. the State of U.P.
AIR 1963 SC 1295 per Hon’ble B.P. Sinha, Syed Jafar Imam, K Subba Rao, J.C.
Shah, N. Rajagopala Iyengar, J.R. Mudholkar JJ. On this matter from the
perspective of constitutional law are quite enlightening, Justice K.K. Mathew,
in one such case, observed that ‘privacy-claims deserve to be examined with
care and to be denied only when an important countervailing interest is shown
to be superior. If the court does find that acclaimed right entitled to
protection as a fundamental privacy right, a law infringing it must satisfy the
compelling state most inert. Then the question would be whether a state interest
is of such paramount importance as would justify an infringement of the right,
obviously, if the enforcement of morality were held to be compelling as well as permissible state interest, the characterization of a claimed right as a
fundamental privacy right would be of far less significance. Privacy primarily
concerns the individual. It therefore related to and overlaps with the concept of
liberty. The most serious advocate of privacy must confess that there are
serious problems of defining the essence and scope of the right. Privacy
interest in autonomy must also be placed in the context of rights and
values. Any right to privacy must compass and protect the personal intimacies
of the home, the family, marriage, motherhood, procreation and child-rearing.
This catalog approach to the question is obviously not as instructive as it
does not give an analytical picture of the distinctive characteristics of the
right of privacy. Perhaps, the only suggestion that can be offered as a unifying
principle underlying the concept has been the assertion that claimed right must
be fundamental right implicit in the concept of ordered liberty. The right to
privacy, in any event, will necessarily have to go through a process of ‘case by
case development’. In an attempt to legitimately justify this kind of
interpretation of bringing right to privacy under Article 21 of our
constitution, justice Kuldip Singh (People’s Union for Civil liberties(PUCL) v.
Union of India(1997) I SCC 301 per Hon’ble Kuldip Singh, S. Saghir Ahmed JJ.) affirmed that ‘India is a signatory to the
International Covenant on Civil and Human Rights. 1966, Article 17 thereof
provides for the right to privacy. Article 12 of the universal declaration of Human
Rights, 1948 is almost in similar terms; article 17 of the International Covenant
does not go contrary to any part of our municipal law. Article 21 of the
constitution has, therefore, to be interpreted in conformity with t international law. The right to privacy, the Supreme Court continued, to by
itself, has not been identified under the constitution. As a concept, it may be
too broad and moralistic to define it judicially. Whether the right to privacy can
be claimed or has been infringed in a given case would depend on the facts of
the said case. But the right to hold a telephone conversation in the privacy of
one’s home or office, without interference can certainly be claimed as a right to
privacy. Telephone conversations on the telephone are often of an intimate and
confidential character. Telephone conversation is a part of modern man’s life. The right of privacy would certainly include telephone conversation in the privacy
of one’s home or office. Telephone tapping would, thus, infract Article of the
Constitution of India unless it is permitted under the procedure established by
law. Though it is claimed that constitutionally interpreted right to privacy
under Article 21 can be enforced against private persons as well, many others
strongly feel that the right to privacy against private persons can only be
enforced by invoking the principle of privacy as an actionable tort per se.
(see R. Rajagopal v. State of Tamil Nadu (1994) 6 SCC 632 per Hon’ble B.P.
Jeevan Reddy and Suhas C. Sen JJ. Also see, Soli Sorabjee, Privacy and Defamation:
Supreme Court defines parameters, Indian Express dated 12th
November, at, 9).
Similarly, any act or behavior threatening
and disturbing privacy per se has not been subjected to criminalization, in the
initial phase. One plausible reason could be, like criminal law, for long has
not recognized any kind of injury or interference caused to either intangible
or incorporeal property. That’s the reason why, till suitable and subject-specific statutory codifications have made, in English criminal law, theft of
information was not construed as a criminal offense. (See Chrish Reed and John
Angel, computer law at pp, 270-71). For similar developments in Scott Law and
Canadian Law, (see ibid, at pp, 271-76). More or less similar developments have
taken place in the Indian context as well.
and disturbing privacy per se has not been subjected to criminalization, in the
initial phase. One plausible reason could be, like criminal law, for long has
not recognized any kind of injury or interference caused to either intangible
or incorporeal property. That’s the reason why, till suitable and subject-specific statutory codifications have made, in English criminal law, theft of
information was not construed as a criminal offense. (See Chrish Reed and John
Angel, computer law at pp, 270-71). For similar developments in Scott Law and
Canadian Law, (see ibid, at pp, 271-76). More or less similar developments have
taken place in the Indian context as well.
The concern has acquired a new dimension in
the electronic era. Unlike the legal rules concerning corporeal objects, information law does not
only consider the economic interests of the proprietor or holder but takes into
account the interests of persons concerned with the content of information.
Before the invention of computers, the legal protection of persons in regard to
the content of information was limited. Few provisions existed in the criminal
law in other than those in relation to libel, since the 1970s; however, new
technologies have expanded the possibilities of collection, storing, accessing,
comparing, selecting, linking, and transmitting data, thereby causing new
threats to privacy. This has prompted many countries to enact new elements of
administrative, civil, and penal regulations.
the electronic era. Unlike the legal rules concerning corporeal objects, information law does not
only consider the economic interests of the proprietor or holder but takes into
account the interests of persons concerned with the content of information.
Before the invention of computers, the legal protection of persons in regard to
the content of information was limited. Few provisions existed in the criminal
law in other than those in relation to libel, since the 1970s; however, new
technologies have expanded the possibilities of collection, storing, accessing,
comparing, selecting, linking, and transmitting data, thereby causing new
threats to privacy. This has prompted many countries to enact new elements of
administrative, civil, and penal regulations.
Various
international measures support this evolution by developing a common approach
to privacy protection. (http://www.ifs.univie.ac.at/~pr2gqI/rev4344.html)
international measures support this evolution by developing a common approach
to privacy protection. (http://www.ifs.univie.ac.at/~pr2gqI/rev4344.html)
In response to all the challenges
posed by the cyber context, different legal measures have been initiated in
diverse jurisdictions, particularly envisaging remedial measures of privacy
violations. (For instance see Data Protection Act, 1998. For comprehensive
source of primary and secondary legislation in this regard, see Encyclopedia of
data protection, S. Chalton, S. Gaskill, H. Grant and I. Walde (eds), London
Sweet & Maxwell, Section 72 of the Information Technology Act, 2000 states
that any person who, in pursuance of any of the powers conferred under this
Act, rules or regulation made thereunder has secured access to any electronic
record, book, register, correspondence, information, document, or other material
without the consent of the person concerned discloses such electronic record,
book, register, correspondence, information, document or other material to any other person shall be punished with imprisonment for a team which may extend to
two years, or with fine which mar extend to one lakh rupees or with both).
posed by the cyber context, different legal measures have been initiated in
diverse jurisdictions, particularly envisaging remedial measures of privacy
violations. (For instance see Data Protection Act, 1998. For comprehensive
source of primary and secondary legislation in this regard, see Encyclopedia of
data protection, S. Chalton, S. Gaskill, H. Grant and I. Walde (eds), London
Sweet & Maxwell, Section 72 of the Information Technology Act, 2000 states
that any person who, in pursuance of any of the powers conferred under this
Act, rules or regulation made thereunder has secured access to any electronic
record, book, register, correspondence, information, document, or other material
without the consent of the person concerned discloses such electronic record,
book, register, correspondence, information, document or other material to any other person shall be punished with imprisonment for a team which may extend to
two years, or with fine which mar extend to one lakh rupees or with both).
At the outset, it
is necessary to understand and realize that any attempt to address the concerns
pertaining to consumer privacy should not ignore or overlook the concerns of
all those who possess an interest in the continued growth of e-commerce and
trade. There appears to be kind of consensus which in largely driven by the
thinking of Nati0nal Information Infrastructure Task Force (NIIF) (constituted
by Clinton administration based on U.S.A) to the effect that electronic medium
must shape development of a workable privacy policy which could be
pragmatically subjected to realistic enforcement without compromising interests
of either the industry and the consumers. In this regard, fundamentally
envisaged principles include: (a) everyone associated particularly, consumers,
government and business have shared responsibility toward fair and proper use
of personal information; (b) the technology must be consumer-friendly, in the sense that it would empower individuals to take steps to protect that information
themselves; (c) transparency about and accountability for the process of
collecting and using personal information; (d) dissemination of information
about the ways in which personal information is used or misused in
cyberspace. (This is with a view to creating public awareness so that the public
will be able to initiate appropriate preventive measures.)
is necessary to understand and realize that any attempt to address the concerns
pertaining to consumer privacy should not ignore or overlook the concerns of
all those who possess an interest in the continued growth of e-commerce and
trade. There appears to be kind of consensus which in largely driven by the
thinking of Nati0nal Information Infrastructure Task Force (NIIF) (constituted
by Clinton administration based on U.S.A) to the effect that electronic medium
must shape development of a workable privacy policy which could be
pragmatically subjected to realistic enforcement without compromising interests
of either the industry and the consumers. In this regard, fundamentally
envisaged principles include: (a) everyone associated particularly, consumers,
government and business have shared responsibility toward fair and proper use
of personal information; (b) the technology must be consumer-friendly, in the sense that it would empower individuals to take steps to protect that information
themselves; (c) transparency about and accountability for the process of
collecting and using personal information; (d) dissemination of information
about the ways in which personal information is used or misused in
cyberspace. (This is with a view to creating public awareness so that the public
will be able to initiate appropriate preventive measures.)
The NIIF privacy
principle broadly identify three fundamental concerns that must govern the way
in which personal information is acquired, disclose, and used on the net-information
privacy, information integrity, and information quality. First an assurance as
to the collected personal information regarding its proper usage. Second,
unfair or improper alteration of personal information. And, third, personal
information should be accurate, timely, complete, and relevant for the purposes
for which it is provided and used.
principle broadly identify three fundamental concerns that must govern the way
in which personal information is acquired, disclose, and used on the net-information
privacy, information integrity, and information quality. First an assurance as
to the collected personal information regarding its proper usage. Second,
unfair or improper alteration of personal information. And, third, personal
information should be accurate, timely, complete, and relevant for the purposes
for which it is provided and used.
CYBER PRIVACY POLICY APPROACHES TO PRIVACY CONCERNS
According to current thinking, the policy regime pertaining
to the protection of privacy concerns may be premised upon three approaches, namely
based on markets, human rights, and contracts.
to the protection of privacy concerns may be premised upon three approaches, namely
based on markets, human rights, and contracts.
Cyber Privacy Market
approach
Fundamentally, the market-oriented approach rejects extrinsic
legal enforcement and takes within its field self-regulatory mechanism which
would enable the market players to employ or adopt. Any failure on the part of
the market player will get disciplined or rectified by the market place.
However, this approach of market discipline does not talk about tangible consumer
remedies.
legal enforcement and takes within its field self-regulatory mechanism which
would enable the market players to employ or adopt. Any failure on the part of
the market player will get disciplined or rectified by the market place.
However, this approach of market discipline does not talk about tangible consumer
remedies.
Cyber Privacy Human rights approach
The human rights approach recognizes the right to information and
the related attribute of privacy as a human right. Naturally, surveillance
becomes an operation strategy to protect the interests of the members.
the related attribute of privacy as a human right. Naturally, surveillance
becomes an operation strategy to protect the interests of the members.
 |
| Cyber Privacy |
Cyber Privacy Contract approach
The third approach recognizes the contract model, Prima facie
this model premises on the ground that in a given context the privacy concerns
are better protected if the concern is treated as terms and conditions of the
contract. As a result, the contract imposes an obligation on the parties to
protect the privacy concerns, if not or in the event of a breach, the contract
itself provides for contractual remedies.
this model premises on the ground that in a given context the privacy concerns
are better protected if the concern is treated as terms and conditions of the
contract. As a result, the contract imposes an obligation on the parties to
protect the privacy concerns, if not or in the event of a breach, the contract
itself provides for contractual remedies.
Almost in every
case of cyber service providers, policy pertaining to the protection of the privacy
interests of the consumer is normally announced. Normally this forms part of
the envisaged terms and conditions of the contractual relationship. For
instance, Transpoint’s privacy policy runs as “respecting customer privacy is
of utmost importance to transpoint. To assure you of transport’s commitment to
privacy, transport publishes and complies with this privacy policy in its
delivery of the transport service to you, the end-user. Treanspoint minimizes
the collection of information that personally identifies you or allows you to
be contacted. Transport and its necessary service provider use your personal
information to operate the transport service, which include providing customer
service to end-users, billers, and financial institutions, to keep you informed
of transport services, and to fulfill legal and regularity obligations. In
order to protect your privacy, transport does not share your personal
information with any third party except as necessary to operate the transport
system and to fulfill legal and regulatory obligations”.(http://www.transpoint.com/privacy_policy.asp)
case of cyber service providers, policy pertaining to the protection of the privacy
interests of the consumer is normally announced. Normally this forms part of
the envisaged terms and conditions of the contractual relationship. For
instance, Transpoint’s privacy policy runs as “respecting customer privacy is
of utmost importance to transpoint. To assure you of transport’s commitment to
privacy, transport publishes and complies with this privacy policy in its
delivery of the transport service to you, the end-user. Treanspoint minimizes
the collection of information that personally identifies you or allows you to
be contacted. Transport and its necessary service provider use your personal
information to operate the transport service, which include providing customer
service to end-users, billers, and financial institutions, to keep you informed
of transport services, and to fulfill legal and regularity obligations. In
order to protect your privacy, transport does not share your personal
information with any third party except as necessary to operate the transport
system and to fulfill legal and regulatory obligations”.(http://www.transpoint.com/privacy_policy.asp)
Similarly, the Pay trust
privacy pledge reads as “the privacy and security of your personal information
is the foremost consideration of the Pay trust service. Pay trust will never
sell any of your personal information contacts, financial bill history-to any
other company, period. Unlike many billers who routinely sell their customers to
direct marketing organizations. Pay trust keeps all subscribers lists
confidential. And, unlike many other web sites, Pay trust does not depend on
advertising for revenue. Pay trust is completely committed to safeguarding your
personal information and protecting your privacy”. (http://www.paytrust.com/htmlu/privacy.html).
privacy pledge reads as “the privacy and security of your personal information
is the foremost consideration of the Pay trust service. Pay trust will never
sell any of your personal information contacts, financial bill history-to any
other company, period. Unlike many billers who routinely sell their customers to
direct marketing organizations. Pay trust keeps all subscribers lists
confidential. And, unlike many other web sites, Pay trust does not depend on
advertising for revenue. Pay trust is completely committed to safeguarding your
personal information and protecting your privacy”. (http://www.paytrust.com/htmlu/privacy.html).
Despite the business practice of treating privacy concerns as part of overall contractual
terms and conditions, the current experiences have clearly revealed that they
have little to offer in terms of providing an equitable remedy to the online
consumers. And also the different ways in which such personal information is
misused in the cyber context has unfolded down-sliding nature of public faith
in cyber systems. Naturally, it is necessary to preempt possible onslaught on technological innovation by strategizing newer ways of protecting and
promoting privacy concerns. In response to this, the Privacy Preference Project
(P3P) agreements have come to be viewed as an important process.
terms and conditions, the current experiences have clearly revealed that they
have little to offer in terms of providing an equitable remedy to the online
consumers. And also the different ways in which such personal information is
misused in the cyber context has unfolded down-sliding nature of public faith
in cyber systems. Naturally, it is necessary to preempt possible onslaught on technological innovation by strategizing newer ways of protecting and
promoting privacy concerns. In response to this, the Privacy Preference Project
(P3P) agreements have come to be viewed as an important process.
CYBER PRIVACY PLATFORM
FOR PRIVACY PREFERENCES PROJECT :
The platform for
Privacy Preference Project (P3P) developed the World Wide Web Consortium (W3C), which aims at providing a simple, automated way for users to gain more control over
the use of personal information on web sites they browse. To put it simply, P3P
is a standardized set of multiple-choice questions, covering all the major
aspects of web site privacy policies. In other words, this information
enables the online consumer to select the ways in which his or her personal
information will be handled by the service provider.P3P enabled browsers can
read this snapshot automatically and compare it to the consumer’s own set of
privacy preferences. P3P enhances user control by putting privacy policies
where users can find them, in a form users can understand, and, most
importantly, enables users to act on what they see. (For details brows, http://www.w3c.org/p3p)
Privacy Preference Project (P3P) developed the World Wide Web Consortium (W3C), which aims at providing a simple, automated way for users to gain more control over
the use of personal information on web sites they browse. To put it simply, P3P
is a standardized set of multiple-choice questions, covering all the major
aspects of web site privacy policies. In other words, this information
enables the online consumer to select the ways in which his or her personal
information will be handled by the service provider.P3P enabled browsers can
read this snapshot automatically and compare it to the consumer’s own set of
privacy preferences. P3P enhances user control by putting privacy policies
where users can find them, in a form users can understand, and, most
importantly, enables users to act on what they see. (For details brows, http://www.w3c.org/p3p)
Professor Lawrence
Lessing opines that, in the context of proper legislation, P3P is the most
promising solution to cyberspace privacy. It will make it easy for companies to
their practices in a form that computers can read, and make it is for consumers
to express their preferences in a way that computers will automatically
respect.
Lessing opines that, in the context of proper legislation, P3P is the most
promising solution to cyberspace privacy. It will make it easy for companies to
their practices in a form that computers can read, and make it is for consumers
to express their preferences in a way that computers will automatically
respect.
P3P, on one hand,
while providing a facilitating environment for the consumer to decide, negotiate, and firm up the contractual relationship, on other recognizes nine aspects of
online privacy. The first five aspect deals with (a) Who is collecting this
data? (b) What information being collected? (c) For what purpose is it beings
collected? (d) Which information is being shared with others? (e) Who are these
data recipients? The remaining four aspects focus on the site’s internal
privacy policies. They include (a) can users make changes in how their data is
used? (b) How are disputes resolved? (c) What is the policy for retaining data? (d)
Where can the detailed policies be found in human-readable form?
while providing a facilitating environment for the consumer to decide, negotiate, and firm up the contractual relationship, on other recognizes nine aspects of
online privacy. The first five aspect deals with (a) Who is collecting this
data? (b) What information being collected? (c) For what purpose is it beings
collected? (d) Which information is being shared with others? (e) Who are these
data recipients? The remaining four aspects focus on the site’s internal
privacy policies. They include (a) can users make changes in how their data is
used? (b) How are disputes resolved? (c) What is the policy for retaining data? (d)
Where can the detailed policies be found in human-readable form?
Essentially P3P
will help responsible online businesses empower users to choose the privacy
relationship best for them. As of now, international market players of diverse
business practices are adopting this approach. They include Microsoft, Nokia,
IBM, Netscape, etc.
will help responsible online businesses empower users to choose the privacy
relationship best for them. As of now, international market players of diverse
business practices are adopting this approach. They include Microsoft, Nokia,
IBM, Netscape, etc.
If we look into the
way in which the P3P agreement is invoked, there seems to be adequate material to
structure our critical response. P3P is nothing but the software to negotiate privacy
agreements between web sites and online visitors. It is a kind of social
technology that involves not merely technology but also the active participation
of human beings. Software generated information enabling browsers to decide
about the effective ways of protecting their privacy interests, (in the form of
P3P) as a process presupposes prior knowledge on the parts of the consumers.
Mere computer literacy in the sense of operating a system is not adequate. What
is required is technical know-how in understanding and appreciating the
technical language that is employing in structuring the agreements.
Particularly the kind of vocabulary that is used. Secondly, the entire
framework of P3P lacks transparent negotiability factors, as a result of which
the online consumer has to depend on what is given as a possible option and
choice. In a sense, the agreement reflects more of a unitary approach with a standardized set of terms and conditions. Another significant part is that,
before the consumer finalizes the deal, he or she must be categorically and
unequivocally informed as to what the entity is going to do with the
information to be provided by the consumer. Under no circumstances, this option
can be given to the party after finalization of the contract, in such a case;
it would not serve any purpose. How do we ensure this? Unless it is ensured, it
is difficult to say that the P3P agreement empowers netizens to exercise control
over the information given by them.
way in which the P3P agreement is invoked, there seems to be adequate material to
structure our critical response. P3P is nothing but the software to negotiate privacy
agreements between web sites and online visitors. It is a kind of social
technology that involves not merely technology but also the active participation
of human beings. Software generated information enabling browsers to decide
about the effective ways of protecting their privacy interests, (in the form of
P3P) as a process presupposes prior knowledge on the parts of the consumers.
Mere computer literacy in the sense of operating a system is not adequate. What
is required is technical know-how in understanding and appreciating the
technical language that is employing in structuring the agreements.
Particularly the kind of vocabulary that is used. Secondly, the entire
framework of P3P lacks transparent negotiability factors, as a result of which
the online consumer has to depend on what is given as a possible option and
choice. In a sense, the agreement reflects more of a unitary approach with a standardized set of terms and conditions. Another significant part is that,
before the consumer finalizes the deal, he or she must be categorically and
unequivocally informed as to what the entity is going to do with the
information to be provided by the consumer. Under no circumstances, this option
can be given to the party after finalization of the contract, in such a case;
it would not serve any purpose. How do we ensure this? Unless it is ensured, it
is difficult to say that the P3P agreement empowers netizens to exercise control
over the information given by them.
Though P3P
agreements apparently claim protection or control over the information,
however, do not provide a technical mechanism for making sure service providers
act according to their agreements. Therefore, there is a need for parallel laws
and systemic processes including self regularity programmed which can provide
enforcement mechanisms, if not P3P may be construed by the public as an effective
and an alternative methods of protecting privacy interests.
agreements apparently claim protection or control over the information,
however, do not provide a technical mechanism for making sure service providers
act according to their agreements. Therefore, there is a need for parallel laws
and systemic processes including self regularity programmed which can provide
enforcement mechanisms, if not P3P may be construed by the public as an effective
and an alternative methods of protecting privacy interests.