Current Legislation

Current Legislation on the Web 

    

Amazon currently stores details about millions of its customers on a data base.  This information is used to analyze their shopping habits and make personal recommendations.   However, the business has run into controversy in the past few years about the way that this information is used.  The Data Protection Act of 1998 (DPA) was passed in the UK because of increasing concerns about the way technology is changing the way personal data is processed and distributed.   The Act came into force in March 2000, and its main principles are as follows:  

• Personal data must be adequate, relevant and not excessive in relation to purpose
• Personal data shall be accurate and kept up to date
• Personal data shall not be kept longer than necessary
• Personal data shall be processed in accordance with the rights of data subjects
• Appropriate security measures shall be taken for personal data
• Personal data shall not be transfered outside the European Economic Area (EEA) without proper protection
  

It is the last point that caused controversy for Amazon in September 2000, when it was revealed that the UK site was sharing information with other organisations in America.  Several customers complained that Amazon was in breach of EU regulations which prohibit the transfer of information to countries with lower standards of data protection.  However the Data Protection Commissioner pointed out that the Safe Harbour Agreement, drawn up in July 2000 between the EU and the US, enabled businesses that have signed the agreement to send data to a company in the US that is part of the agreement.   Although the Agreement is now up and running, in Sept 2000 it was a grey area, because there was no information about which businesses had signed up.

Amazon defended its actions, saying that it regarded customer information as a business asset, and it had the right to sell or buy assets as it expanded.  The Electronic Privacy Information Centre decided to boycott Amazon as a result of this.

Another area of legislation which affects Amazon is copyright.  A lot of people assume that because something appears on the web, it is freely available for everyone to use, but in fact it is subject to the same legal issues as non-online material. 

As I mentioned in my history of Amazon.com, they launched a 'Search Inside' feature in 2003 which allows a potential customer to search key words or phrases within the text of a book, emulating the browsing process that most people like to do before committing to a purchase.  Some authors have complained that this will weaken sales of their work and violate copyright laws.  However, Amazon have sidestepped the copyright laws, by not actually reproducing the works, but by obtaining the publisher's permission to scan the original publication and display it, digitally adjusted to make it easy readable on a computer screen.  The number of pages one viewer can access is limited, and printing is disabled.  

Some users are still sceptical about the whole process, even if they find the feature useful.  One scholar who was researching a scientific topic found that the keyword he searched for appeared throughout an entire book.  Amazon allows the user to look at the two previous and two subsequent pages as well as the search results page, so each search result returned five pages of the book.  The scholar was able to take screen grabs of each page, then return to the next set of search results, until he had copied the entire book.  He pointed out that while not technically illegal, it took away his incentive to buy the book, and it did not seem a fair use of copyrighted material.  Others argue that the tedious, time consuming process of 'stealing' a book this way, and the relatively unsatisfactory experience of reading scanned images will put most people off, and that the system of increased browsing will ultimately lead to increased sales.  Amazon claims that once a book goes to 'Search Inside' sales increase by an average of 8%.

As more and more books become digitized, the copyright debate intensifies.  Google, who offer a rival online book scheme, announced plans in 2005 to publish searchable online texts from a variety of America's top libraries.  The Authors Guild and the Association of American Publishers threatened to sue Google, claiming that scanning entire texts was in breach of copyright laws.  Google defended its decision, claiming that by displaying only a snippet of the book at one time was allowed under the 'fair use' clause of the copyright law.  It seems that the developing technology has created a legal grey area, which will take time be consolidated.  

I have also researched the areas of personal privacy, payment security, and message security which are relevant to online shopping.  One of the major methods of internet security is encryption.    Encryption works by translating message data into code.  To read the data, it is necessary to possess the decryption key.  The most widely used code is the Data Encryption Standard  (DES) which was developed by IBM.  The most up to date versions encrypts messages with 3 different keys (triple DES).  This is the most common method of credit card data protection.   An internet user can tell if a browser is in secure encrypted mode by a lock icon displaying in the bottom right hand corner.  As well as encryption, there are usually extra precautions such as passwords.  At the present time the most secure payment method is Secure Sockets Layer (SSL).  This uses a 128 key encryption to scramble credit card data, and creates a secure channel to prevent third parties being able to tamper with information.

Another method of internet security is biometry.  This works by using a unique aspect of the human body.  The most commonly used areas are fingertips, retinal patterns, and voice recognition.  Customers can also sign with a digitized pen.  This method is not yet in widespread use, but could become more common in the future.

Firewalls are now commonplace, with most new computers sold with them ready installed.  They work by putting a 'wall' between the public internet and private access.  The firewall filters messages and does not allow them to pass to private access without authentication/ verification.  

A final method of secure internet shopping is known as the Smart Card.  This is a plastic card similar to a credit/debit card.  It can be used at an ATM to be charged with money from the owners' account, and then inserted into a reader on a computer when the owner wishes to make an online purchase.  A password or pin is also needed, and the bank will then confirm to the cybershop that the payment will be made.  

Making a payment online is equally as safe as traditional shopping methods, and new technology is being constantly developed.

Sources:

Michael De Kare-Silver- e-shock: the new rules   (Palgrave 2001)  pages 192- 201 

Data Protection Act

www.opsi.gov.uk/acts/acts1998

Article- Amazon Accused of Breaking Data Protection Laws

-  news.znet.co.uk

Article-  Online Dispute Expose Publishers Copyright Vulnerability

-  www.law.com/jsp/article