EP 6/12

What personal data have you sent over the web?

What personal data do you enclose when you purchase an item over the internet?

Are you happy to share all of this data or would you rather some was kept private?

The assurance that Data is consistent and correct.

Making sure data is complete when it is sent, stored or operated upon in any way.

Within the field of E-Commerce any Data that is sent between the customer and the business or between businesses must be subject to data integrity checks.

Making sure that personal data kept by companies is only used in the correct way.

Companies have a legal responsibility to ensure that personal data is not disclosed to the wrong people.

Data Security controls are in place to make sure access to data is controlled.

How can data get “damaged”?

Try and think of a few examples…

Data integrity can be compromised in a number of ways: Human errors when data is entered Errors that occur when data is transmitted

from one computer to another Software bugs or viruses Hardware malfunctions, such as disk crashes Natural disasters, such as fires and floods

There are many ways to minimize these threats to data integrity. These include: Backing up data regularly Controlling access to data via security

mechanisms Designing user interfaces that prevent the

input of invalid data Using error detection and correction

software when transmitting data

TaskWhere does your data travel, when

you buy something on the web? Imagine you buy something on eBay,

try and plot the path of data from your PC.

At what points in this path must data be protected?

Many types of personal data are required be kept private by companies: Lifestyle▪ Religion, Sexual orientation, Political affiliation

Financial▪ Bank details, Credit card details, Financial records

Email Medical▪ Health records

What are the potential risks for people whose personal data is not kept private? Discrimination Embarrassment Damage to personal reputation Email Spam Identity theft Fraud

European Laws state that the data must: Fairly and lawfully processed. Processed for limited purposes. Adequate, relevant and not excessive. Accurate. Not kept longer than necessary. Processed in accordance with the data

subject's rights. Secure. Not transferred to countries without adequate

protection.

United Kingdom introduced a Data Protection Act in 1984 in order to protect consumers. Data may only be used for the specific purposes for

which it was collected Data must not be disclosed to other parties without

the consent of the individual whom it is about Individuals have a right of access to the information

held about them Personal information may be kept for no longer than

is necessary. Companies holding personal information are required

to secure this information.

Group work – 3 or 4 students Internet Research Data Privacy and Security in Thailand

What are the laws for Thai E-Commerce companies? Are there any laws? If not, why not? Are there plans to implement data protection laws?

Give me some actual example of personal data being stolen or abused in Thailand? ▪ What happened?▪ Identity theft? Credit card theft? Fraud? Damaged

reputation? Embarrassment?

How are these laws kept in place? Police? Government agencies?

What happens if companies break the law? Prison? Fines? Any examples?

Please include any information you find interesting.

Please use Microsoft Word for this task. Complete the report and email to me before the start of the next lesson.pompey_jim@msn.com

Include in your document any links to websites or web pages that helped you to collect information.

This is called a Reference You link text quoted, from the net or books, to a

reference at the bottom of your document, like this:

Although the Act does not mention privacy, in practice it provides a way in which individuals can enforce the control of information about themselves. Most of the Act does not apply to domestic use,[1]

References [1] Data Protection Act 1998, Part IV (Exemptions), Section 36, Office of Public Sector Information

This is something you will have to do at University every time you complete an assignment.

http://www.oic.thaigov.go.th/

http://www.ipthailand.org/ipthailand/

http://www.wikipedia.org/