Monday, 14 June 2010

E-Commerce and Privacy: Fiend-ly, Friendly or Medley?

Yesterday, I had a sort of an IT dilemma and decided to ask Adam about it. This is how everything between us went.

Eva: Adam, I looked over the Internet to buy a book and when I found it at a very reasonable price, I realised that I have to create a new account before I checked it out and I had to provide very personal information including in addition to the regular name, address, payment card, etc.. they also required gender and age! I got slightly suspicious at how this website handles customers’ data and wondered why would the website require that information. I thought perhaps to avoid all this, I might just pay a little more and buy it from the online book store I usually buy from and already had an account with or go and buy it from the library. This was a dilemma for me Adam because in return for providing extra information about myself, I was going to save a bit of money. I am therefore turning to you for some advice and perhaps a discussion about this issue which I think is important for my buying behaviour in the future.

Adam: I think what you are going through here Eva can fit into the huge umbrella under which all the effects of privacy issues on e-commerce are covered.

Eva: Wow, “Effects of Privacy Issues on E-commerce” what a title! I am familiar with issues (I got lots of them) and well privacy kind of and have a lot heard of e-commerce, I suppose websites that sell stuff online are involved in it; but what on earth do you mean by “Effects of privacy issues on e-commerce”?…

Adam: Before I could answer your question directly, it will be valuable if I start with a brief introduction. As you may already know, the twentieth century has witnessed the development of many technological advances. One of these advances is the personal computer. In the last decade more societies around the world got exposed to the many services provided by personal computers among which the Internet constitutes a major domain. Electronic services available on the Internet include educational, organizational, recreational and commercial services under which the term electronic commerce or ecommerce has come to being. Since ecommerce involves a lot about consumer behaviour, a lot should be known about targeted and potential customers. This had perpetuated the awareness of privacy issues and concerns among consumers and among legislative authorities, and electronic businesses themselves.

Eva: say, ecommerce is…

Adam: Electronic commerce or ecommerce is defined in Whiteley’s book ‘e-commerce: strategy, technologies and applications’ as a deal taking place between a company and either its public administration, or its customers, or another company. This deal proceeds via what is called ‘Information Communication Technology’

Eva: So what you mean is that when I go online to buy a book for example, the company that I buy the book from is involved in ecommerce?

Adam: That’s right!

Eva: Great! but how is this related to my privacy?

Adam: It should be well known that there are many legislative, financial and consumer behaviour effects of privacy on ecommerce. To begin with the Oxford dictionary assigns three meanings for privacy: ‘the state of being private and undisturbed’, ‘freedom from intrusion or public attention’, and avoidance of publicity’. From another angle, Adam et al. in their book Electronic commerce, tackle the issue of privacy awareness by stating that the understanding of the term varies from one society to another and understood differently in various cultures. Walters and his colleagues identify three domains of privacy. The privacy of the body, of communication and of personal space. From a philosophical point of view privacy is related to human dignity, but from a an economic approach, in the third ACM conference on electronic commerce, Spiekermann et al. depict that it is more about who is going to have control over the customer’s data and to which extent.

Eva: So you mean the presence of our data in the hands of online businesses makes issues?

Adam: That’s correct!

Eva: So what are the effects of these issues on ecommerce?

Adam: First let me begin with legislative issues. Back in the late sixties, computer scientists such as J.L Hoffman (they used to work in huge labs and wear white robes back then), spoke in his survey titled ‘Computers and Privacy’ that people handling data processing must exert control on themselves to protect these data. Neglecting what he called ‘self control’ will compel the community to bring about new legislations. These legislations, he concludes way back then, that they will be so strict that they might become and obstacle in the face of the development of future computer research. What he mentioned was true to some extent as nowadays, laws and legislations extend to cover modern aspects like the issue if privacy in ecommerce. They are meant to organize and protect the rights to privacy but also have negative implications on online businesses. One of the laws that Bolin thinks it restrains online businesses is the ‘Children’s Online Privacy Act’. This act obliges commercial sites to obtain the consent of parents before gathering information about children. The ‘European Union Privacy Regulations’ give consumers the right over their private info. One of them is the right to pursue legal action if an electronic company does not respect these regulations. The ‘US Privacy Protection Initiative’ derived from the ‘Self Regulation’ scheme compelled Netscape and Microsoft to come up with their own privacy regimen, the ‘Open Program Standard OPS’ and the Internet Explorer 6 IE6. IE6 involves a ‘privacy preference project’ P3P guide. This guide gives users the choice to whether or not disclose their private information. However, as good as it may sound, Hochheiser denotes that the P3P has been criticized because it does not resolve the issue of ‘self regulation’ practised by US and the ‘privacy legislations’ practised by EU. Both Bolin and Hochheiser agree that the ‘World Wide Consortium’ W3C are trying to find ideas to fill the gap between ‘Self Regulation’ and ‘privacy legislation’. The U.S department of commerce publishes on its website ‘the safe harbour framework’. The framework became effective as of July 2000. According to the framework, American businesses must join the checklist before they are allowed to carry on their business dealings with an EU country. A business that does not join the agreement will face disruption and prosecution.

Besides the ‘self regulation’ and ‘privacy legislation’ debate, there are rules that create a conflict between what commercial online websites need to know about customers and potential customers and between the policy of privacy protection. Some of them stop ebussinesses from communicating information among each other and can be strict enough to halt the gathering of data about customers completely. However, some are less strict and allow the collection of data that is relevant for a specific and secured purpose. The data must not be used for another purpose before notifying the customer whilst the customer has the right to modify the information when appropriate.

Hence as you can see, effects of privacy issues on ecommerce are many. In sum, they involve practising self regulation, abiding by privacy policies, restricting the manipulation of personal data or being subjected to face prosecution.

Eva: WOW .. but I think ebussinesses are businesses after all their aim is to make money, so how do they deal with all the potential losses that these laws may cause and how do they keep functioning in the long run? And With the recession, many people are looking at the Internet as a means to supplement their income as well.

Adam: You are right! There are many financial effects of privacy issues on ecommerce. The cost of abiding by EU privacy regulations and legislations are in the hundreds of millions of dollars as Bolin predicts. Acquissti denotes in his paper titled ‘privacy in electronic commerce and the economics of immediate gratification’ that a research reveals that 5.5 billion dollars were lost by electronic sales due to privacy issues in 2002. The speculations are that these costs reached to 24.5 billion dollars by 2006. This is described by many as a financial burden. This burden manifests itself greatly in the cost of privacy seals such as the TRUST e, CPA, Web Trust and BBBonline. The annual fee of BBBonline for example is $75,000 per year. Applying privacy legislations, implementing privacy seals and applying security measures such as firewalls and passwords are costly as well as other security means designed to protect customer information from hackers.

Eva: What happens if a company breaches any of those laws?

Adam: The cost of that can be quite tremendous. A ‘third party’ transfer of information has once cost Yahoo 4 billion dollars after they were sued by ‘Universal Image’. A hacker named Maxim once gathered information of 300,000 customers credit card information and demanded 100,000$ just to delete this information which was collected over a period of three years.

Eva: That’s a lot of money to protect the privacy of people!Isn’t it?

Adam: Well, it is not just about money spent but also about the limitations of information about consumer behaviour. As some 80% of web surfers that do not involve in ecommerce are not doing it because of their concerns about privacy as stated by Bolin. Out of the remaining 20%, less than half do not provide honest data about themselves. Many surfers are also put off from carrying an online transaction the moment the encounter a page to be filled whereby personal information is required. I am one of them to be honest!

Some companies use recommendation applications and personalization services, to target electronic customers. These modes work by adjusting to the customer’s tastes and interests and function only by knowing a lot about his or her buying behaviour. Cranor illustrated in his publication ‘I didn’t buy it for myself’ that people don’t like when the computer predicts for them or keep cookies about their surfing trends. The author points that people fear that if sensitive information such as sexual preferences, health problems, and items they purchased are revealed, other may develop presumed ideas about them. Moreover, the writer states that people don’t like to be objects of ‘unsolicited marketing’ that is, they do not wish to become targets for advertisements. Aquisiti says that if people knew that their privacy was protected, they will shop more. He adds that according to reports, 67% of web surfers are extremely protective of their privacy and fear ‘online exposure’. These web surfers are afraid that some other person or party will steal their profile or disclose their financial data.

Eva: So, where do you see this is going? Is it with more privacy laws that gains peoples trust and convince them to shop more or is it with better designed recommendation applications that people will fall for regardless of privacy risks or what?

Adam: The research that has been undergone in this domain for years now about consumer behaviour have discovered a valuable and breakthrough piece of information about human nature and online companies are using that very well.

Research performed in 2001 by Spiekermann, Grossklags and Berendt, three German scholars from the University of Berlin, that people concerns of privacy issues are remarkably diminished when being asked to disclose them by a computer simulated Bot. The result of this experiment suggests that when people are subjected to a computer friendly atmosphere forget about their fear of disclosure. Privacy statements do not affect anymore how much information they do not mind to share. In a follow up study, people who refused to disclose information in a previous questionnaire, where happy to reveal a lot of it when they were rewarded by price cutting, entertaining, and most importantly an interactive web atmosphere.

Eva: Interactive web atmosphere you say. What do you mean by that?

Adam: A lot of online navigators are concerned about their privacy and this stands in their way from electronic shopping. However, these studies confirmed that a reward in exchange for privacy is successful in making individuals less concerned about this particular issue. Further research, especially in the area of networking media, an example of a very interactive web atmosphere, I would say, revealed that people who are concerned with their privacy are even less and less concerned when they disclose it within these networks. Online companies are ofcourse aware of that and are using it in order to gather information about consumer behaviour and promote their products. So far, laws and legislations that govern these networking mediums are in the phase of infancy. Ecommerce companies know that and are taking full advantage of the situation.

Eva: Thank you. I really didn’t know it had that much in it. I am not sure if I still want to buy my book online… but again perhaps I will ;)


  1. I really liked the dialog, and the way you managed to explain technical words in a simple way,

    and btw am i the first reply on ur blog :)?

    it is an honor

  2. Thank you for your comments, and yes you're the first, and the honour is mine to have your comments :)

  3. ok i am the second (i guess)who read this nice dialog , hope will read more for u :)