2. Data What personal data have you sent over the web? What personal data do you enclose when you purchase an item over the internet? Are you happy to share all of this data or would you rather some was kept private?
3. Data Integrity The assurance that Data is consistent and correct. Making sure data is complete when it is sent, stored or operated upon in any way. Within the field of E-Commerce any Data that is sent between the customer and the business or between businesses must be subject to data integrity checks.
4. Data Privacy Making sure that personal data kept by companies is only used in the correct way. Companies have a legal responsibility to ensure that personal data is not disclosed to the wrong people. Data Security controls are in place to make sure access to data is controlled.
5. Data Integrity How can data get “damaged”? Try and think of a few examples…
6. Data Integrity Data integrity can be compromised in a number of ways: Human errors when data is entered Errors that occur when data is transmitted from one computer to another Software bugs or viruses Hardware malfunctions, such as disk crashes Natural disasters, such as fires and floods
7. Data Integrity There are many ways to minimize these threats to data integrity. These include: Backing up data regularly Controlling access to data via security mechanisms Designing user interfaces that prevent the input of invalid data Using error detection and correction software when transmitting data
8. Data Integrity Task Where does your data travel, when you buy something on the web? Imagine you buy something on eBay, try and plot the path of data from your PC. At what points in this path must data be protected?
9. Data Privacy Many types of personal data are required be kept private by companies: Lifestyle Religion, Sexual orientation, Political affiliation Financial Bank details, Credit card details, Financial records Email Medical Health records
10. Data Privacy What are the potential risks for people whose personal data is not kept private? Discrimination Embarrassment Damage to personal reputation Email Spam Identity theft Fraud
11. European Laws European Laws state that the data must: Fairly and lawfully processed. Processed for limited purposes. Adequate, relevant and not excessive. Accurate. Not kept longer than necessary. Processed in accordance with the data subject's rights. Secure. Not transferred to countries without adequate protection.
12. Data Protection Act 1984 United Kingdom introduced a Data Protection Act in 1984 in order to protect consumers. Data may only be used for the specific purposes for which it was collected Data must not be disclosed to other parties without the consent of the individual whom it is about Individuals have a right of access to the information held about them Personal information may be kept for no longer than is necessary. Companies holding personal information are required to secure this information.
13. Your Task Today Pair work – 2 students Internet Research Data Privacy and Security in Thailand What are the laws for Thai E-Commerce companies? Are there any laws? If not, why not? Are there plans to implement data protection laws? Give me some actual example of personal data being stolen or abused in Thailand? What happened? Identity theft? Credit card theft? Fraud? Damaged reputation? Embarrassment?
14. Your Task Today How are these laws kept in place? Police? Government agencies? What happens if companies break the law? Prison? Fines? Any examples? Please include any information you find interesting. Please use Microsoft Word for this task. Complete the report and email to me before the start of the next lesson. pompey_jim@msn.com
15. References Include in your document any links to websites or web pages that helped you to collect information. This is called a Reference You link text quoted, from the net or books, to a reference at the bottom of your document, like this: Although the Act does not mention privacy, in practice it provides a way in which individuals can enforce the control of information about themselves. Most of the Act does not apply to domestic use,[1] References [1] Data Protection Act 1998, Part IV (Exemptions), Section 36, Office of Public Sector Information This is something you will have to do at University every time you complete an assignment.
16. Helpful links for research http://www.oic.thaigov.go.th/ http://www.ipthailand.org/ipthailand/ http://www.wikipedia.org/