- Email: [email protected]
Law ignores B2B privacy
pp1-20.qxd
11/30/00
11:01 AM
Page 4
news The group moved the site to seven different servers while they were repairing the damage to www.hizbollah.org. The Hezbollah say they will never give up the Internet as it has brought them success in the past, for example when they showed images of an Israeli bombed Lebanon.
Privacy news
Online CVs are privacy concern When shopping for a job using an online CV broker, you could be allowing your personal information to be sold to multiple third parties for just a few coppers claims recruitment company FirstPersonGlobal. Their survey of customers showed that although consumers are worried about their privacy, they do not tend to read the fine print. Only 21% of the 1145 IT professionals surveyed actually read the terms and conditions for every agency to whom they have submitted their resume. Just 12% said that the actual terms and conditions were the “most important factor in deciding whether you are comfortable with the way your personal information will be used in a website,” but the remaining 88% were more interested in trusting the brand that supports the website. Of those asked, 632 of respondents were registered with 2 or 3 such sites. However, only 48% of the 4
total were concerned about the confidentiality of their personal data on the Internet. Another confidentiality worry is their current employer getting hold of their CV, especially as 80% thought that their colleagues would recognise them form their CV, even after contact details had been removed. Respondents were also asked about their employers monitoring habits: only 9% currently prevent employees from searching Internet job sites, but 40% expect the introduction of such policing in the future. For more on FirstPerson Global see www.firstpersonglobal.com.
RIP Act makes more red-tape With the implementation of the Regulation of Investigatory Powers Act (24 October 2000), companies are being warned to change business practices. The controversial UK law gives people a right to sue if their communications are intercepted without “lawful authority”. The only way around this is to gain consent from all parties for this monitoring, however, this could prove to be impractical when staff are dealing with international suppliers, clients and others. Even so, the monitoring must be for a legitimate business purpose: this does not include staff training, marketing research or quality control.
The Act is unclear as to what constitutes “reasonable grounds for believing consent has been given”, according to technology law firm, Tarlo Lyons. They suggest the following: • Draft a policy for interception of communication and decide on procedure. • Amend employee contracts to outline interception policy and the action which may be taken. • Insert a note onto all Emails to say that they may be monitored. Particularly effected will be call centres, financial services companies, information industries and some charitable helplines. Other contributory legislation also makes life difficult; the new Human Rights Act gives individuals a right to privacy and the Data Protection Act restricts companies on how they can use personal information.
Europeans blindfold Echelon Paranoid European vendors are touting their hardwarebased security solutions on the grounds that they have been developed without US intervention. They say that this is the only way to foil detection of corporate communications by Echelon. The Americans are alleged to be using Echelon technology in order to commit industrial espionage against Europeans.
The French, Danish and European parliaments are looking into the matter.
Law ignores B2B privacy When asked about legal concerns online, 48% of businesses cited privacy of trade, and 48% said they worried about the abuse of market information. A new report from Forrester Research, “E-marketplaces face the law”, highlights the privacy concerns of business to business consumers online. Analyst Jaap Favier explains that in the physical world it is expected that a non-disclosure agreement should be set up before certain transactions are made. He raises the question of why this should be any different online? However, companies feel that, “The E-marketplace doesn’t make it clear who owns which information, where it is stored, and who can sell it…we can’t do anything about it, and we have to join because all our suppliers are in it.” This attitude of a lack of control over information seems to be prevalent. This may be partially due to the ‘hands-off ’ approach which is taken by the law. The European Commission’s digital privacy law states that terms such as ‘privacy’ and ‘data protection’ are applicable to personal data but not to corporate information, the report explains. Thus, Forrester says, “Net markets privacy statements are empty shells,” some include confi-
pp1-20.qxd
11/30/00
11:01 AM
Page 5
news dentiality statements, but most force users into secrecy whilst leaving the Marketplace itself free to publish at will. Liability for disclosure is another grey area. Some companies offer indemnity against processing errors resulting in inappropriate disclosures, but this is not compulsory. Another confusing factor is that the Rome Convention states that a party can choose which law and court to abide by, and if not properly managed this can mean that, “Simple disputes can turn into multiple court cases with laws of various countries.” More details can be obtained from www.forrester.com.
Product news
Hitachi roll out secure notebooks Already successful in the Far East, Hitatchi is introducing notebooks with added security into Europe. The HN8300, HN7300 and HN7200 notebooks use the Triunet suite which includes auto-configuring network access facility, E-mail filtering and anti-intrusion firewall. The makers say it is the first out-ofthe-box notebook offering these features to be available in Europe. Development of the system was in response to changing working patterns whereby many people now work from home, yet need access to the corporate network.
A spokesperson from Hitachi said, “home networking, remote access and electronic business are really starting to take off, Hitachi is providing a security blanket that nobody with confidential or mission critical data stored on a notebook will want to be without.” Further information can be obtained from Farid Khan at Hitachi on +44 020 8566 0378 or [email protected].
Transaction insurance for B2B ITXmarket.com, an online market place for business to business IT hardware merchants, is to offer transaction insurance. The solution is intended to ensure that merchants get their money when they sell goods within the marketplace. As high value transactions have been coming online, it was found that “A seller is not going to ship off US $20 000 in hard disks to someone they never heard of,” according to Stephan Stephensen, managing director of ITXmarket.com. Although such insurance is fairly common in the physical world, it is a new concept for the online market. It works by ITXmarket checking the credit worthiness its members who wish to buy. It then provides a guarantee to the seller in real-time, for the cost of half a percent of the transaction, to cover the cost of the buyer failing to pay up.
Alternative methods of seeking insurance of this kind are often costly and almost invariably time consuming. Sometimes a bank will write a letter of credit payment, or an escrow agreement will occur whereby funds are held in an account which is only accessible upon delivery of goods. The pressure is on to speed up internet transactions without skipping the process of verifying details for each transaction, and this idea may be a solution for building trust. Although public fears abound about hacked credit card details, it is often the merchants who suffer the financial loss. For more information please see www.ITXmarket.com
Splash Plastic enables teen market Splash Plastic is working on a payment infrastructure to reduce fraud and serve the emerging teen market within E-commerce. The £1 million deal will enable under 18s who are not eligible to hold credit cards to use a reloadable pre-paid card for shopping on the Internet. It will use YES.pay from Thyron as a platform. Philip Jording, COO at Thyron explained that, “Teenagers in the UK currently spend around £20 billion a year and more than 80% of them want to shop online”. The system will function by cardholders uploading money onto a reusable card at
payment terminals situated in the high street and at convenience stores. They will be able to shop at enabled E-tailers. Splash Plastic hope to extend the infrastructure to enable a similar system for pre-pay mobile phones. For more information visit www.thyron.com.
Firewall for ‘always on’ connections Network Associates branch, myCIO has produced a new managed firewall solution to keep up with changing security needs. Mark McArdle at myCIO says, “Corporate security needs are changing rapidly as more individuals make the shift to non-traditional locations and telecommuting.” The firewall makes enduser desktops immediately invisible outside of the firewall, regardless of physical location. The system, called PC FireWall ASaP, can be installed, managed and monitored remotely at the myCIO website and thus does not require input from the IT department. The benefit from this is not just saved time, but also the ability to update an entire network for new vulnerabilities at the same time. It is designed to work with ‘always-on’ connections to provide 24-hour protection against threats. See also www.myCIO.com. 5
11/30/00
11:01 AM
Page 4
news The group moved the site to seven different servers while they were repairing the damage to www.hizbollah.org. The Hezbollah say they will never give up the Internet as it has brought them success in the past, for example when they showed images of an Israeli bombed Lebanon.
Privacy news
Online CVs are privacy concern When shopping for a job using an online CV broker, you could be allowing your personal information to be sold to multiple third parties for just a few coppers claims recruitment company FirstPersonGlobal. Their survey of customers showed that although consumers are worried about their privacy, they do not tend to read the fine print. Only 21% of the 1145 IT professionals surveyed actually read the terms and conditions for every agency to whom they have submitted their resume. Just 12% said that the actual terms and conditions were the “most important factor in deciding whether you are comfortable with the way your personal information will be used in a website,” but the remaining 88% were more interested in trusting the brand that supports the website. Of those asked, 632 of respondents were registered with 2 or 3 such sites. However, only 48% of the 4
total were concerned about the confidentiality of their personal data on the Internet. Another confidentiality worry is their current employer getting hold of their CV, especially as 80% thought that their colleagues would recognise them form their CV, even after contact details had been removed. Respondents were also asked about their employers monitoring habits: only 9% currently prevent employees from searching Internet job sites, but 40% expect the introduction of such policing in the future. For more on FirstPerson Global see www.firstpersonglobal.com.
RIP Act makes more red-tape With the implementation of the Regulation of Investigatory Powers Act (24 October 2000), companies are being warned to change business practices. The controversial UK law gives people a right to sue if their communications are intercepted without “lawful authority”. The only way around this is to gain consent from all parties for this monitoring, however, this could prove to be impractical when staff are dealing with international suppliers, clients and others. Even so, the monitoring must be for a legitimate business purpose: this does not include staff training, marketing research or quality control.
The Act is unclear as to what constitutes “reasonable grounds for believing consent has been given”, according to technology law firm, Tarlo Lyons. They suggest the following: • Draft a policy for interception of communication and decide on procedure. • Amend employee contracts to outline interception policy and the action which may be taken. • Insert a note onto all Emails to say that they may be monitored. Particularly effected will be call centres, financial services companies, information industries and some charitable helplines. Other contributory legislation also makes life difficult; the new Human Rights Act gives individuals a right to privacy and the Data Protection Act restricts companies on how they can use personal information.
Europeans blindfold Echelon Paranoid European vendors are touting their hardwarebased security solutions on the grounds that they have been developed without US intervention. They say that this is the only way to foil detection of corporate communications by Echelon. The Americans are alleged to be using Echelon technology in order to commit industrial espionage against Europeans.
The French, Danish and European parliaments are looking into the matter.
Law ignores B2B privacy When asked about legal concerns online, 48% of businesses cited privacy of trade, and 48% said they worried about the abuse of market information. A new report from Forrester Research, “E-marketplaces face the law”, highlights the privacy concerns of business to business consumers online. Analyst Jaap Favier explains that in the physical world it is expected that a non-disclosure agreement should be set up before certain transactions are made. He raises the question of why this should be any different online? However, companies feel that, “The E-marketplace doesn’t make it clear who owns which information, where it is stored, and who can sell it…we can’t do anything about it, and we have to join because all our suppliers are in it.” This attitude of a lack of control over information seems to be prevalent. This may be partially due to the ‘hands-off ’ approach which is taken by the law. The European Commission’s digital privacy law states that terms such as ‘privacy’ and ‘data protection’ are applicable to personal data but not to corporate information, the report explains. Thus, Forrester says, “Net markets privacy statements are empty shells,” some include confi-
pp1-20.qxd
11/30/00
11:01 AM
Page 5
news dentiality statements, but most force users into secrecy whilst leaving the Marketplace itself free to publish at will. Liability for disclosure is another grey area. Some companies offer indemnity against processing errors resulting in inappropriate disclosures, but this is not compulsory. Another confusing factor is that the Rome Convention states that a party can choose which law and court to abide by, and if not properly managed this can mean that, “Simple disputes can turn into multiple court cases with laws of various countries.” More details can be obtained from www.forrester.com.
Product news
Hitachi roll out secure notebooks Already successful in the Far East, Hitatchi is introducing notebooks with added security into Europe. The HN8300, HN7300 and HN7200 notebooks use the Triunet suite which includes auto-configuring network access facility, E-mail filtering and anti-intrusion firewall. The makers say it is the first out-ofthe-box notebook offering these features to be available in Europe. Development of the system was in response to changing working patterns whereby many people now work from home, yet need access to the corporate network.
A spokesperson from Hitachi said, “home networking, remote access and electronic business are really starting to take off, Hitachi is providing a security blanket that nobody with confidential or mission critical data stored on a notebook will want to be without.” Further information can be obtained from Farid Khan at Hitachi on +44 020 8566 0378 or [email protected].
Transaction insurance for B2B ITXmarket.com, an online market place for business to business IT hardware merchants, is to offer transaction insurance. The solution is intended to ensure that merchants get their money when they sell goods within the marketplace. As high value transactions have been coming online, it was found that “A seller is not going to ship off US $20 000 in hard disks to someone they never heard of,” according to Stephan Stephensen, managing director of ITXmarket.com. Although such insurance is fairly common in the physical world, it is a new concept for the online market. It works by ITXmarket checking the credit worthiness its members who wish to buy. It then provides a guarantee to the seller in real-time, for the cost of half a percent of the transaction, to cover the cost of the buyer failing to pay up.
Alternative methods of seeking insurance of this kind are often costly and almost invariably time consuming. Sometimes a bank will write a letter of credit payment, or an escrow agreement will occur whereby funds are held in an account which is only accessible upon delivery of goods. The pressure is on to speed up internet transactions without skipping the process of verifying details for each transaction, and this idea may be a solution for building trust. Although public fears abound about hacked credit card details, it is often the merchants who suffer the financial loss. For more information please see www.ITXmarket.com
Splash Plastic enables teen market Splash Plastic is working on a payment infrastructure to reduce fraud and serve the emerging teen market within E-commerce. The £1 million deal will enable under 18s who are not eligible to hold credit cards to use a reloadable pre-paid card for shopping on the Internet. It will use YES.pay from Thyron as a platform. Philip Jording, COO at Thyron explained that, “Teenagers in the UK currently spend around £20 billion a year and more than 80% of them want to shop online”. The system will function by cardholders uploading money onto a reusable card at
payment terminals situated in the high street and at convenience stores. They will be able to shop at enabled E-tailers. Splash Plastic hope to extend the infrastructure to enable a similar system for pre-pay mobile phones. For more information visit www.thyron.com.
Firewall for ‘always on’ connections Network Associates branch, myCIO has produced a new managed firewall solution to keep up with changing security needs. Mark McArdle at myCIO says, “Corporate security needs are changing rapidly as more individuals make the shift to non-traditional locations and telecommuting.” The firewall makes enduser desktops immediately invisible outside of the firewall, regardless of physical location. The system, called PC FireWall ASaP, can be installed, managed and monitored remotely at the myCIO website and thus does not require input from the IT department. The benefit from this is not just saved time, but also the ability to update an entire network for new vulnerabilities at the same time. It is designed to work with ‘always-on’ connections to provide 24-hour protection against threats. See also www.myCIO.com. 5