Categories
Computer Science

U.S. Telecommunication Policy

1      Executive Summary

This paper provides a generic overview of current and ethical and legal issues surrounding the topic i.e. Telecommunication policy. One of the ethical and legal issues is personal data privacy that flows on the nationwide telecommunication infrastructure. The first section provides the issue, the second section demonstrates a survey of these issues, and the last section provides the improvements made.

2      U.S Telecommunication Policy Ethical and Legal Issues

The telecommunication industry is continuously evolving due to up gradation of next generation networks. Moreover, the industry has its own significance in the context of human communication regardless of time, location and environmental factors, however, call rates may vary due to roaming services.   Apart from advances in human communication, the industry has contributed to provide a carrier of digital transmission, for providing Internet to the people. Modern computer technologies are utilize for assembling, storing, operating, communicating information and for spreading data. In addition, new technologies in the field of information technology (IT) are creating ethical dilemmas. The effectiveness and speediness related to the electronic information technology systems that consist of limited and international networks, databases and processing programs for information technology. These systems also force consumers to tackle new rights and responsibilities in order to use the data and re-evaluate principles of advent computers.

Telecommunication Policy must address these factors in terms of privacy on the cyber world:

  • What information will be collected?

The website must specify the kind of information that will be collected from the user. For example, home address, email address, or telephone number etc.

  • What are the method of colleting this information?

Define the procedures of collecting personal data to the customers. No matter how the company collects personal data, it must be disclosed in the privacy statement.

  • How to utilize this information?

If the personal information is disclosed or shared with third parties, it has to be mentioned in the privacy statement including the purpose of selling of sharing data with other parties.

  • What level of access does the customer?

Customers must be given access to certain extent of changing their personal information on the site.

  • How to secure this personal information?

Privacy policy must specify how the customer data is protected. Moreover, violating any laws related to online customer privacy will result in legal actions against the organization. Moreover, organization must make sure to regularly regulate privacy policy and inform to the customers.

Authority, source and control are the major resources of the information. In fact, the key to success is the right access towards the information. As a result, the social and political relationships are also involved in the development and growth of information systems. It is more important and ethical that how this information is been utilized by the people. For instance, government levels, headquarters and homes include the electronic systems. This involvement is increased so much that the people without access to these systems are exaggerated in a particular way. For this reason, new and modern techniques, innovative ethical and lawful decisions are needed in order to balance the requirements and privileges of every person.

The legal decision lags lies as in modern technological field behind technical development and growth. These gaps are filled through confronting on the issue and by discussing the facts on how to use the electronic information should be proceed. Furthermore, the above observation delineates the ethical issues in a broad way. On the contrary, the deciding laws include some characteristics related to the issues. These legal issues should be resolved in Electronic Information Systems.

In relation to the entire community, the ethics consists of moral options choose by the individuals. These include standards of acceptable behavior and rules governing members of an occupation. Moreover, these extend to the Electronic Networks, Electronic Databases and significantly to a Geographic Information Systems. The problems that are present particularly in the three areas require a little different type of ethical decisions.

In modern days, network has become a place to share ideas, thoughts and personal information. It is a social place where individuals can discover friendships, discuss on several issues, share some unusual interests, fight, form groups, show sympathy, proselytize and fall in love. With other traditional activities, these activities have also become a part of life. Ray Oldenburg an author delineates network as a new kind of “third Place” where people can communicate, share ideas and gather for hospitality a part from home and work which is the first and second place. The hypothesis stated that, the networks can replace chances of social interaction that is been vanished in the modern world of fringes, express highways and shopping arenas. Moreover, other authors are more conscious regarding the social networking and communicating therefore they termed this as: virtual communities or virtual villages. There are some terms that remind the differences present in the types of interactions that took place over the computer networks of workstations. For example, this has a significant effect due to the lack of face to face interaction. In social networking the race, class, gender and physical appearance is hidden thus allowing the individuals to create a communication that is free from all the delicate issues that usually comes between human relations directly. On the contrary, the virtual interaction allows an individual to interact without any kind of commitments and obligations. The sense of responsibility particularly present in a real community does not exist in virtual networking on the Internet. One of the examples incorporates Google Inc. that introduced its Buzz social network in February 2010 without adequate consideration of the ethical or privacy impacts (Wright, 2011). President Barrack Obama Telecommunication Policy is critical as it interacts with the telecom sector in the U.S. (Regulatory development.2010) It is believed that President Barrack Obama is positive for utilizing Internet to fill the digital division in the U.S along with the allocation of US$ 7.2 Billion for the  areas where Internet is not available. Moreover, the senate also decided in January 2009, to deactivate analog Television signals. However, there were several million citizens in the U.S without required hardware to receive digital signals (Regulatory development.2010).

3      Data Privacy Survey

Findings from the survey include:

  • 45% do not think that banks and online retailers do enough to protect their personal data;
  • 83% specifying the security of their bank and credit card details as being their priority concern.
  • 36% of consumers would not put personal information online, yet 11% of them have still been a victim of data theft.
  • Only 5% of the UK public surveyed are not worried about data loss.
  • As well as the security of financial data being a concern, 46% of all respondents are most concerned about protecting their medical records, and is highest amongst the 45+ ages 45-plus (52%).

Data retrieved from (Lack of Consumer Trust in Data Security in the UK. 2007)

After interviewing the people, most people blamed themselves, for making their personal information vulnerable and includes the rating of 60% people blamed retailers, 28% people blamed themselves as they consider that they have exposed their personal information themselves and it is their own fault. Moreover, 12% people blamed financial institutions i.e. banks (Survey Reveals Massive Incidence of Credit Card Fraud and Identity Theft; Retailers blamed for making people vulnerable to fraud. 2010). After reviewing these figures, there is also a requirement to create an awareness program for people who tends to provide personal information on the Internet.

The requirement for securing personal data and privacy online is due to many reasons. The first reason incorporates not a single law of how to handle customer data. For instance, if an online company sells products and maintains databases including customer information, they can do whatever they want. Most probably, they can sell data in terms of cash. Every website has a link stated as ‘Website Privacy Policy’, but no one knows exactly, to what extent they are authentic. The practical approach to that privacy policy is a different story. The second most prominent reasons are hacking, viruses, Trojans, spywares, phishing and many more. All these threats are designed to gain administrative access to user systems and to steal confidential and personal information Due to these threats; organizations are bound to incorporate strict security procedures and compliance for databases that are incorporated with customer data. Moreover, incorporation of intrusion detection systems and expensive security devices are not new. Customers provide information online due to many reasons, but most importantly, they provide information mostly on the website. Due to lack of technology and measures of customer personal privacy, online businesses fail to protect their database by security breaches conducted by hackers or cyber criminals. The data including all the personal information of the customer is breached resulting in exposure of thousands of authentic customer personal information and financial status. In order to conduct a security breach on the web server, cyber criminals use Internet, as a carrier along with intelligent codes that are purposefully constructed to extract confidential information, the most favorable point of attack is the web server. The information that is provided online by the users is gathered in a database that is connected to the web server. Hackers and cyber criminals deploy various methods to attack web servers in order to extract information that is stored in the database. Due to this reason, business suffer severe losses from data theft issues as in 2009 investigators related to data breach reported from Verizon business that crooks nabbed 285 million records. Peter Tippett, who is the author of the report and vice president of innovation and technology with Verizon Business, says that the report includes all the IP addresses associated with the account that are used in the thefts, and criminals are identified only because of in depth investigations by collaborative support of law enforcement agencies including FBI and Scotland Yard,. From this particular report, 90 security breaches were studied out of which 68 were reversed for further investigation to a specific IP address and location. The conclusions highlighted Eastern Europe as a common source followed by East Asia and North America (Larkin 2009).

4      Legal Issues

E-commerce has provided various benefits but losses from security breaches are severe along with legal problems. The study conducted by (Fusilier & Penrod 2009) highlighted gained versus loss prevention in terms of regulatory focus. The research shows the review of the courses that the 163 master’s programs that are offered were examined. The data was collected by the web search that was related to master’s program curriculum. After the examination of all the results from all these masters programs, the conclusion was that master’s programs lack courses or modules related to security, law or ethics. As these topics highlights the issues that are currently faced by the e-commerce such as legal and security incidents, it is very important to add these courses or modules to the master’s programs. Measures in security will strengthen ways to improve some prominent issues including data theft, data privacy, identity theft, hacking etc.

5      Personal Data and Privacy Acts

In order to address data privacy concerns, European Union constructed a framework to protect personal information and privacy, as “Directive 95/46/EC is the reference text, at European level, on the protection of personal data. It sets up a regulatory framework which seeks to strike a balance between a high level of protection for the privacy of individuals and the free movement of personal data within the European Union (EU). To do so, the Directive sets strict limits on the collection and use of personal data and demands that each Member State set up an independent national body responsible for the protection of these data”  (Protection of personal data ). The directive 95/46/EC is applicable on automated and computerized data. For example, client information databases and data, which include involvement of non-automated filing system. Moreover, the main purpose of this directive is to protect personal data privacy by associating certain guidelines that defines the credibility of process in the context of law (Protection of personal data). Moreover, the European Union also addressed the data privacy in the context of e-commerce by further balancing it with Directives 2002/58/EC on Privacy and Electronic and Communication (DPEC), in the context of computing personal data in the domain of electronic communications sector 9 wrapping computer personal data by communication mediums and services that is publicly available (Wong, 2011). However, ‘Art. 29’ suggested an expression on ‘comprehensive and consistent data protection framework’ in order to eliminate all the remaining concerns and to dominate European Union competence (Wong, 2011).

6      Measures to Preserve Privacy

These seals ensure data privacy for consumers who provide data online. These security seals implements certain rules and policies when they are incorporated with any website. This gives customers some assurance of their personal data, as identity theft is a debatable issue that is still rising. As the servers of these websites, contain all the personal information of the customer and most importantly credit card numbers due to e commerce transactions. Some of the seals are defined as each of them specifies their own rules and policies.

6.1     ‘Truste’

‘Truste’ was the first to introduce seals on e-commerce websites. It was established in July 1996 along with a pilot program by the electronic frontier foundation and commerce net consortium. However, it was launched on 1996, but the final release was in 1997. All the websites that are incorporated with ‘Truste’ must publish a privacy policy for the website (Moores & Dhillon 2003). The policy must include (Moores & Dhillon 2003):

  • What personal information is collected through the website
  • How this information is utilized.
  • How the website collected this information for example, in terms of cookies or some type of form.
  • The personal information of the customers is shared with third parties or not?
  • What security measures are applied to the personal data that is in the possession of the company?

6.2     Web Trust

Similarly, after ‘truste’, in September 1997 ‘Web Trust’ was released. The American Institute of Certified Public Accountants (AICPA) launched it. Likewise, the next version 3.0 was released in November 2000. The requirements for incorporating this seal to the website are different as compared to ‘truste’ (Moores & Dhillon 2003).  The requirements are (Moores &Dhillon 2003):

  • If a website wants the seal of Web trust, ‘Licensed Chartered Public Accountants’ (CPA) will inspect the website  to ensure compliance related to security, transaction integrity, business practices, confidentiality, availability and non-disclaimer.
  • The website must publish its privacy processes and to ensure for the protection of customer personal information.
  • Customers can also contribute for the data collection process.
  • The processes for encryption techniques, disaster recovery procedures, security breaches are mandatory when the website is also incorporating with the ‘WebTrust’ Security principle.

6.3     BBB Online

BBB online was established in 1998, and released in March 1999 by the Better Business Bureau (BBB). BBB online contains two seals named as reliability seal and privacy seal. The reliability seal is related to the certification of companies that only operates online and do not have a physical presence. The seal ensures that the particular online business is reliable and secure for the online customers. In contrast, the privacy seal focus on privacy statement and customer choice (Moores & Dhillon 2003). As per (Moores & Dhillon 2003), if the website wants to apply any one of the two seals of BBB online on their website they should:

  • Respond efficiently to customer complains
  • Publish a privacy statement on their website and list all issues in one document.
  • Annual review is required for online transactions.

6.4     Security and Trust

Doing business online has changed many trends in terms of communication between external and internal stakeholders within an organization. Online business or e-business can lead to a competitive advantage for an organization and maximize profitability. Moreover, many factors play role for making e-business successful. The factor that is on top is trust. It is very important for the organization to develop trust in their customers. Customer trust can be gained by several factors. A good website, unique product offering, provides low cost services, branding, and most importantly trusted seals. The most important factor trust has many dimensions including information contents of the website, electronic transactions, technology, product and organization standing. The research conducted by Velmurugan, M. S. (2009) that highlights security issues in web services. Moreover, the study also includes the role of trust in terms of online transaction and other factors that are involved in building trust for the online customers. The results of the study were that the organization must think every time for building trust for the customers and providing them security during online transactions. The organization must protect their customers by providing and eliminating these issues:

  • Good customer service,
  • No misuse of technology
  • Build customer trust
  • Protect personal information of the customers
  • Maintain the reputation of the organization.

The study also highlighted that for creating infrastructure for securing the online business several factors are required for consideration. The factors are regulation, policies, laws, law enforcement, and technical standards.

7      Conclusion

Data privacy must be prevented as no one has right to obtain and use anyone’s personal information in terms of any business or fraudulent activity. Survey demonstrated that online users sometimes tend to be careless while providing personal information on the Internet. Hackers steal this information to obtain funds and other advantages. Moreover, websites that are not credible sell customer information, in terms of cash. Furthermore, social networking sites must be regulated in the telecommunication policy, as they are favorite for hackers and cyber criminals to track and gain knowledge to victimize anyone. However, European Union has constructed counter measures in terms of Privacy and Electronic and Communication (DPEC) and Directive 95/46/EC. Moreover, privacy seals demonstrated credibility of online businesses that are relatively secure for providing personal information. Certain improvements are required in terms of legal issues and creating awareness of data privacy on the Internet.

References

Regulatory development. (2010). USA Telecommunications Report, (4), 70-72.

Wright, D. (2011). A framework for the ethical impact assessment of information technology.

Survey reveals massive incidence of credit card fraud and identity theft. (2010). Software World, 41(3), 26-26.

Larkin, E. (2009). Organized crime moves into data theft. PC World, 27(7), 33-34.

Fusilier, M., & Penrod, C. (2009). e-crime prevention: An investigation of the preparation of e-commerce professionals. Journal of Internet Commerce, 8(1), 2-22. doi:10.1080/15332860903341281

Protection of personal data Retrieved 5/6/2011, 2011, from http://europa.eu/legislation_summaries/information_society/l14012_en.htm

Wong, R. (2011). Data protection: The future of privacy. Computer Law & Security Review, 27(1), 53-57. doi:10.1016/j.clsr.2010.11.004

Moores, T. T., & Dhillon, G. (2003). Do privacy seals in E-commerce really work? Communications of the ACM, 46(12), 265-271.