Page 255 - E-Bussiness and E-Commerce Management Strategy, Implementation, and Practice
P. 255
M04_CHAF9601_04_SE_C04.QXD:D01_CHAF7409_04_SE_C01.QXD 16/4/09 11:11 Page 222
222 Part 1 Introduction
how users can access and correct information;
how users can decide to deactivate themselves from the site or withhold information from
third parties.
A UK accreditation initiative aimed at reassurance coordinated by the Internet Media in Retail
Group is ISIS, a trade group for e-retailers (Internet Shopping Is Safe) (www.imrg.org/ISIS).
Another initiative, aimed at education is GetSafeOnline (www.getsafeonline.org) which is a
site created by government and business to educate consumers to help them understand and
manage their online privacy and security.
Government initiatives will also define best practice in this area and may introduce laws
to ensure guidelines are followed. In the UK, the Data Protection Act covers some of these
issues and the 1999 European Data Protection Act also has draft laws to help maintain per-
sonal privacy on the Internet.
We conclude this section on privacy legislation with a checklist summary of the practical
steps that are required to audit a company’s compliance with data protection and privacy
legislation. Companies should:
1 Follow privacy and consumer protection guidelines and laws in all local markets. Use
local privacy and security certification where available.
2 Inform the user, before asking for information:
who the company is;
what personal data are collected, processed and stored;
what is the purpose of collection.
3 Ask for consent for collecting sensitive personal data, and it is good practice to ask before
collecting any type of data.
4 Reassure customers by providing clear and effective privacy statements and explaining
the purpose of data collection.
5 Let individuals know when ‘cookies’ or other covert software are used to collect infor-
mation about them.
6 Never collect or retain personal data unless it is strictly necessary for the organization’s
purposes. For example, a person’s name and full address should not be required to
provide an online quotation. If extra information is required for marketing purposes this
should be made clear and the provision of such information should be optional.
7 Amend incorrect data when informed and tell others. Enable correction on-site.
8 Only use data for marketing (by the company, or third parties) when a user has been
informed this is the case and has agreed to this. (This is opt-in.)
9 Provide the option for customers to stop receiving information. (This is opt-out.)
10 Use appropriate security technology to protect the customer information on your site.
Other e-commerce legislation
Sparrow (2000) identified eight areas of law which need to concern online marketers.
Although laws have been refined since that time, this is still a useful framework for consider-
ing the laws to which digital marketers are subject.
1 Marketing your e-commerce business
Domain name At the time of writing, Sparrow used this category to refer to purchasing a domain name for
The domain name refers its web site. There are now other legal constraints that also fall under this category.
to the name of the web
server and it is usually A Domain name registration
selected to be the same
as the name of the Most companies are likely to own several domains, perhaps for different product lines,
company, e.g. www. countries or for specific marketing campaigns.Domain name disputes can arise when an indi-
<company-name>.com,
and the extension will vidual or company has registered a domain name which another company claims they have
indicate its type. the right to. This is sometimes referred to as ‘cybersquatting’ and was covered in Chapter 3.
