E-Commerce

This white paper presents information about the relationship between personal privacy and two forms of electronic commerce: retail transactions by individual Internet users and the trade in personal information. In addition, this paper recommends against using school information systems for personal transactions, and describes a few simple precautions individuals should use when purchasing online.

Introduction

The term “explosive growth” has been used so often to describe anything internet so often that is it has almost lost meaning. Suffice it to say that Internet retail sales are big and getting bigger.

• In 2004, online sales grew by nearly 24% reaching 141.4 billion dollars according to the National Retail Federation (2005).
• For 2005, The National Retail Federation (2005) predicts a growth rate of 22% and total sales of $172.4 billion.
• The Latest Trends section of The Pew Internet & American Life Project Web site (2004,) reports that of the approximately 135 million adults who use the Internet, 67% of the approximately 135 million adults who use the Internet claim ed to have bought a product online (or about 45% of all American adults).

However Even as electronic retail continues to grow, many distrust online shopping. In a survey conducted for Consumer WebWatch by Princeton Survey Research Associates (2002, January) just 29% of users responded that they trust ed web sites that sell products or services.

While criminal activity -- scams, identity theft, and hacker raids on databases for example to name a few -- get receives most of the headlines but, the more pervasive privacy threat is the legal trade in personally identifiable information (PII). Brown & Muchira (2004) note “Personal information has become a commodity to be bought, sold, and traded.” (p.65). When consumers buy goods and services online, they don’t always just place an order, they can also become the raw material for the PII market.

Click and Tell

By visiting a web site, a potential customer reveals more than they might realize including:

• ISP number
• service providers location
• previous site
• software being used

In addition Then, while at the site , the consumer’s pattern and length of page visits and the amount of time spent at the different pages may be recorded. Many sites require registration, name, address, phone number, etc. and that then information may be harvested harvest the information. Some, but not all, sites plant “cookies”, small programs that reside on a user’s computer , that . The cookie surreptitiously track s and report s the user’s “clickstream”, the trail of sites, pages, blogs, forums, chat-rooms, and so on visited by the user. “Web Bugs” and “spyware” are other categories of software used to report on collect a record of an individual’s net activity without the individual’s knowledge or consent (Howe, 2003).

Online Profiling

Why would a company care that if someone visited The Digital Watergun Museum 126 times in the past month? Because, according to Brown & Muchira, “An Internet user’s every movement is a potential piece of marketing information.” (p.63).

When transactional data, the “clickstream” mentioned above, is merged with other sources of both online and conventional information, the resulting meta- databases can be analyzed to develop detailed personal profiles. These profiles allow companies to target their marketing efforts more efficiently. Since marketing costs are often a large part of a companies expenditures, these efficiencies go directly to the bottom line are added directly to the bottom line. Efficient marketing equals increased profitability.

Companies that use profiling argue that consumers benefit s from profiling by efficiently matching consumers them with products they like and appreciate. Efficient marketing means lower production costs and, in theory, lower prices to the consumer (CDT’s Guide to Online Privacy ,). Many hold that the concerns about the legal collection and use of personal information are unfounded misplaced. Unlike criminal breaches, writes MSNBC reporter Bob Sullivan, “Stories of companies abusing this information are actually hard to come by; most of the complaints center on what could happen if the Web company were careless or ill intentioned.” (2004, December 6, “Corporate Problems” sub-heading, first para.)

Even so, users do not appreciate being tracked . without their knowledge or consent. In a presentation to Franklin & Marshall College on December 4, 2002, Lee Rainie from the Pew Internet & American Life Project reported that 54% of internet users believe tracking invades their privacy (slide #5).

Credit Cards

Having a credit cart number stolen during an online transaction is a well publicized concern. Respondents to the National Consumer League’s 2001 Shopping Online Survey identified credit card number theft as their biggest worry (“Consumer’s Problems and Concerns”) . But according to Privacy Rights Clearinghouse’s Online Shopping Tips (2002), this worry is exagerated exaggerated, “The safest way to shop on the Internet is with a credit card.” (tip #4). Legitimate e-tailers use secure web sites with encryption technology to minimize the possibility of theft. Howe notes that “The risk of using credit cards on the nets are probably less than every day usage, and the banks generally cover losses anyway.”

Educators and E-Commerce

In their professional role, most educators will not deal with engage in e-commerce directly anymore that they would catalogue or telephone shopp ing. However, including e-commerce privacy issues as part of a consumer education program is worth consideration considering.

Also, the The commercial practices outlined in this paper underscore the inappropriateness of using school systems for personal purchases. Spyware in particular can “hijack” a system by demanding large chunks of processor and and storage capacity. Students and teachers Teachers and students are cautioned may want to remember that “It is possible to record virtually all online activities…” (Privacy Clearinghouse Fact Sheet 18: Privacy in Cyberspace, 2003, Part Two, first para.) and approach online activities internet use as transparent and public.

Smart E-Shopper

Outside of their professional role, educators are also consumers. With this in mind, links to information about safe online shopping appear practices appear in the “Learn More” section below Links section of this web site. . Here are a few of the typical recommendations:

• Use secure web sites. Look for the “https” versus the “http” url prefix. Do not conduct transactions on a site that is not secure.
• If a site doesn’t post a clear, easily accessible privacy policy, don’t buy from that site.
• Read the site’s privacy and security policies. Reputable e-tailers disclose how orders are processed, what information is gathered, and how the information is used.
• Never disclose your social security number. Merchants have no legitimate use for this information reason to ask.
• Keep passwords private.

Conclusion

While identity theft and other forms of fraud do occur, most e-commerce transactions are safe and secure. Consumers should be aware, however, that personal information is vigorously sought and collected. This information is merged with data from other sources and analyzed to create sophisticated consumer profiles for marketing. Educators and students alike should not use school information systems for personal online shopping.