FAQ   |   Reputable   |   Polls   |   Live Chat!

Users' Information Privacy Policy (IT Security and Privacy Research)



EssayChat / Dec 31, 2016

A users information privacy policy is an individual company's policy for managing the personal information of their clients. Many businesses, both in 'real' space and online, come into contact with personal information about their customers. Consider even the library, which has a great deal of information about what their patrons read, listen to, and the like, in addition to information like the patron's full name, phone number, and home address. Other businesses will have credit card numbers, addresses, shopping habits, social security numbers, and more. Many online businesses are required to let their customers know what they will do with the personal information they receive. This stated policy usually includes information about what, if any, information they will share, with whom, and under what circumstances.

User Privacy PolicyWhile it makes sense that someone making an online purchase should be required to provide enough information to confirm their identity and their right to access a credit card, for example, the security implications are many. Most of that information stays in company databases, in one form or another for at least some period of time. Companies are deemed somewhat legally responsible for keeping that information secure from hackers because of the potential for privacy invasion and identity theft. For that reason, any company that provides opportunities to shop online (or that have online systems for their in-store purchases) have either their own security protocols or use a merchant services company that has such protocols. Many companies have some combination of the two.

For CIOs and IT management this issue is of extreme importance, though sometimes the cultures of business and IT underplay it. Path was fined less than a million dollars, but they now have to participate in audits of their information for twenty years. For a business interested in the bottom line, this matters in terms of employees and work hours at the least. What also matters is the ill-will of existing customers, and the alienation of potential customers. A Google search for Path prompts the user toward their privacy issues, and a simple search for "Path social network" puts the Federal Trade Commission report very high in the returns. Another issue is the likelihood that once your business is known as an easy target, others hackers will make note of it, putting your business at constant risk.

From a strategic perspective, this is not a risk to take lightly. The damage can be tremendous and, as the Zetter article shows, can have far reaching implications. Zetter refers to a report that The New York Times had been hacked not for subscriber information, but for writer information in an attempt to find out who the sources were for a story on the prime minister of China. It is important to remember that both employees and customers are included in those at risk from unsecured information" being a company that people do not want to work for is not small risk. Franzen reveals another risk; there are often requests from government agencies for client information. However, many of those requests are being contested both ethically and legally. Some organizations are handling the latter by dumping information frequently. This allows them to cooperate with government requests without risking user privacy. In response to subpoena they can provide everything they have, which will be little or nothing. Strategically, CIOs need to account for whether they should gather as little or as much information as possible, maintaining it securely, and responding to future requests for that information. While the area has fairly low regulation, counting on that to continue is a recipe for disaster, as indication are that will soon change (Yadron). It is not reasonable to assume that those things will not happen to your company, a good CIO assumes they will and guards against the fallout.

References

Bea, F. Path settles with FTC over privacy spat and gets slapped with $800,000 fine. Digital Trends.

Franzen, C. Google reveals how U.S. government obtains user information. Talking Points Memo.

Yadron, D. FTC suggests privacy controls for mobile devices. Wall Street Journal.

Verify Your IP. Check IP of your online customers privately. Online. verifyyourip.com

Zetter, K. Twitter hacked; Company says 250K users may have been affected. Wired.


Home   |   About   |   Privacy     References:   Writing Guide   |   Content Writers   |   Freelance Writing