In the last three columns, I’ve been looking at the complexities of protecting client or prospect privacy (personally identifiable information or PII) in an interconnected world.
The problem is greatly complicated by the web of relationships that can develop in the world of marketing. The relationships can involve remote firms that have contracts with your marketing division or contracts with firms that are one or more levels removed from direct interaction with your organization. Worse still, some sites may even be run by rogue organizations which have never had any contractual links whatever with you or with any of your legitimate agents. These facts make it almost impossible to prevent PII from visitors interested in your products, services or programs from being spread to other institutions.
You are left with a distasteful duty to warn all applicants that you can control the use of their PII only when they enter data into forms directly under the control of your own staff or of firms which have contractual obligations to follow your privacy policy. Examine your privacy policies to see if you should include explicit warnings that they apply only to your clients and not to people asking for information. It may make sense also to include a warning about the impossibility of your controlling privacy policies on Web sites outside your own domain.
In terms of response to complaints, you will have to continue being prepared to respond, basically, “Caveat emptor” (buyer beware). You can prepare general texts regretting (and repudiating) the impression that your organization has violated any privacy policy and explaining that anyone entering data on any Web site would do well to examine the local privacy policy for clarification of what degree of protection is offered for PII. If the privacy terms seem too loose, privacy-conscious individuals may decide to skip using those Web sites; instead, they can look for safer, more trustworthy alternatives that provide the same access to the desired information.
As mentioned above, an additional and probably intractable problem is that not everyone who uses your name and your logo necessarily has any business relationship with your organization at all. Phishing (using fake e-mail that looks like legitimate messages from well-known organizations) and pharming (using fake Web pages that look like legitimate Web sites belonging to well-known organizations), for example, are based on impersonation of business entities.
Someone could easily use your organization’s name and logo on a form claiming to be related to providing information about your organization, products, services or programs – and then simply use the collected PII for their own purposes. Failure to send the victim the requested information reflects badly on your perfectly innocent and unknowing organization; selling the PII to spammers makes you look terrible. And what are you going to do about it?
If someone is abusing your trademark or your servicemark, you can sue them for misappropriation – if you can find them. With fraudulent Web sites appearing and disappearing with lifetimes measured in hours or days, it is going to be hard to locate the criminals who are ruining your reputation.
Read up on the latest ideas and technologies from companies that sell hardware, software and services. Zones provide focussed content from Computerworld and leading technology partners.
Discover how SOA can create smarter outcomes for your business.
Attend and learn:
- How SOA is helping leading companies to become more agile
- Where you should be applying SOA processes in your company
- The top SOA implementation mistakes to avoid
Click here for more information.
- +
Computerworld Live Podcast #97: The Future of Enterprise Networking 25/07/2008 09:45:36
This week CW Live chats with Mark Thompson, global sales and marketing manager for HP ProCurve, on the future of the enterprise networking. Mark discusses the trends we can expect to see in the near future and how the right infrastructure can ensure your enterprise network is secure. - +
Computerworld Live Podcast #96: Security at the Edge 11/06/2008 09:22:22
CW Live speaks with Amol Mitra, HP ProCurve Director of Marketing for Asia Pacific and Japan. Today's topic: how enterprises are starting to shift away from simply controlling security via server logins, firewalls and moving to more adaptive security frameworks. - +
Data Management Edition #10: Multi-Petascale Systems 02/05/2008 09:12:33
This week we look at sustainability and the development of multicore technologies to build multi-petascale systems. - +
IT Security Edition #11: How to poison the Storm botnet 01/05/2008 08:51:55
This week CW Live presents a case study on how to poison the notorious Storm botnet . Plus we take a look at Cisco's plans for Ironport. - +
IT Security Edition #10: Cyber-battles fought and won 24/04/2008 11:09:47
Vendors bow to end user pressure to improve product security, and we take a look at the latest concepts shaping the cyber-battlefield of the future.
Fortinet November Threatscape Report Shows Calm Before Holiday Storm 2008-12-05 16:00:00+11
Epicor® Cited as an Order Management Solutions Leader by Independent Research Firm 2008-12-05 15:52:00+11
F-Secure: Growth In Internet Crime Calls For Growth In Punishment 2008-12-05 13:00:00+11
International researchers gather in Sydney to preview the clever web 2008-12-05 09:48:00+11
Borderless corporate networks to shift focus to secure content management in Australia in 2009 2008-12-04 16:06:00+11
Radicati Market Quadrant 2008 on Corporate Web Security
An Analysis of the Market for Corporate Web Security Solutions, revealing Top Players, Mature Players, Specialists and Trail Blazers. Read on to discover who makes the grade.
Buying Guides
Buying Guides
