【文章內(nèi)容簡介】 y Act of 1974) 169。 2022 by Prentice Hall The Moral Dimensions of Information Systems Essentials of Business Information Systems Chapter 12 Ethical and Social Issues in Information Systems ? Fair information practices: ? Set of principles governing the collection and use of information ? Basis of most . and European privacy laws ? Based on mutuality of interest between record holder and individual ? Restated and extended by FTC (Federal Trade Commission) in 1998 to provide guidelines for protecting online privacy ? Used to drive changes in privacy legislation ? COPPA ? GrammLeachBliley Act ? HIPAA 169。 2022 by Prentice Hall The Moral Dimensions of Information Systems Essentials of Business Information Systems Chapter 12 Ethical and Social Issues in Information Systems ? FTC FIP principles: ? Notice/awareness (core principle): ? Web sites must disclose practices before collecting data ? Choice/consent (core principle): ? Consumers must be able to choose how information is used for secondary purposes ? Access/participation: ? Consumers must be able to review, contest accuracy of personal data 169。 2022 by Prentice Hall The Moral Dimensions of Information Systems Essentials of Business Information Systems Chapter 12 Ethical and Social Issues in Information Systems ? FTC FIP principles (cont.) ? Security: ? Data collectors must take steps to ensure accuracy, security of personal data ? Enforcement: ? Must be mechanism to enforce FIP principles 169。 2022 by Prentice Hall The Moral Dimensions of Information Systems Essentials of Business Information Systems Chapter 12 Ethical and Social Issues in Information Systems ? European Directive on Data Protection: ? Requires panies to inform people when they collect information about them and disclose how it will be stored and used. ? Requires informed consent of customer ? EU member nations cannot transfer personal data to countries without similar privacy protection (. .) ? . businesses use safe harbor framework ? Selfregulating policy and enforcement that meets objectives of government legislation but does not involve government regulation or enforcement. 169。 2022 by Prentice Hall 安全港協(xié)議是 2022年 12月美國商業(yè)部跟歐洲聯(lián)盟建立的協(xié)議，它用于調(diào)整美國企業(yè)出口以及處理歐洲公民的個人數(shù)據(jù)（例如名字和住址）。該協(xié)議不同于美國跟歐洲之間的傳統(tǒng)商業(yè)過程，是響應(yīng)歐洲的意圖而建立的折衷政策。 安全港協(xié)議要求：收集個人數(shù)據(jù)的企業(yè)必須通知個人其數(shù)據(jù)被收集，并告知他們將對數(shù)據(jù)所進行的處理，企業(yè)必須得到允許才能把信息傳遞給第三方，必須允許個人訪問被收集的數(shù)據(jù)，并保證數(shù)據(jù)的真實性和安全性以及采取措施保證這些條款得到遵從。 安全港協(xié)議確立了折衷處理美國和歐盟之間隱私手續(xù)的框架。 15個成員國都服從該協(xié)議，這意味著可不經(jīng)個人授權(quán)而進行數(shù)據(jù)轉(zhuǎn)移，而未加入安全港的美國企業(yè)必須單獨從各個歐洲國家獲取授權(quán)。 169。 2022 by Prentice Hall The Moral Dimensions of Information Systems Essentials of Business Information Systems Chapter 12 Ethical and Social Issues in Information Systems ? Inter Challenges to Privacy: ? Cookies ? Tiny files downloaded by Web site to visitor’s hard drive ? Identify visitor’s browser and track visits to site ? Allow Web sites to develop profiles on visitors ? Web bugs ? Tiny graphics embedded in messages and Web pages ? Designed to monitor who is reading message and transmit information to another puter ? Spyware ? Surreptitiously installed on user’s puter ? May transmit user’s keystrokes or display unwanted ads 169。 2022 by Prentice Hall The Moral Dimensions of Information Systems Essentials of Business Information Systems Chapter 12 Ethical and Social Issues in Information Systems ? . allows businesses to gather transaction information and use this for other marketing purposes ? Online industry promotes selfregulation over privacy legislation ? However, extent of responsibility taken varies ? Statements of information use ? Optout selection boxes ? Online ―seals‖ of privacy principles ? Most Web sites do not have any privacy policies 169。 2022 by Prentice Hall The Moral Dimensions of Information Systems Essentials of Business Information Systems Chapter 12 Ethical and Social Issues in Information Systems ? Technical solutions ? The Platform for Privacy Preferences (P3P) ? Allows Web sites to municate privacy policies to visitor’s Web browser – user ? User specifies privacy levels desired in browser settings ? . ―medium‖ level accepts cookies from firstparty host sites that have optin or optout policies but rejects thirdparty cookies that use personally identifiable information without an optin policy 169。 2022 by Prentice Hall P3P是萬維網(wǎng)聯(lián)盟（ W3C）公布的一項隱私保護推薦標(biāo)準，旨在為網(wǎng)上沖浪的 Inter用戶提供隱私保護?，F(xiàn)在有越來越多的網(wǎng)站在消費者訪問時，都會收集一些用戶信息。制定 P3P標(biāo)準的出發(fā)點就是為了減輕消費者因網(wǎng)站收集個人信息所引發(fā)的對于隱私權(quán)可能受到侵犯的憂慮。 P3P標(biāo)準的構(gòu)想是： Web 站點的隱私策略應(yīng)該告之訪問者該站點所收集的信息類型、信息將提供給哪些人、信息將被保留多少時間及其使用信息的方式，訪問支持 P3P網(wǎng)站的用戶有權(quán)查看站點隱私報告，然后決定是否接受 cookie或是否使用該網(wǎng)站。 169。 2022 by Prentice Hall Figure 123 Cookies are written by a Web site on a visitor’s hard drive. When the visitor returns to that Web site, the Web server requests the ID number from the cookie and uses it to access the data stored by that server on that visitor. The Web site can then use these data to display personalized information. How Cookies Identify Web Visitors The Moral Dimensions of Information Systems Essentials of Business Information Systems Chapter 12 Ethical and Social Issues in Information Systems 169。 2022 by Prentice Hall The Moral Dimensions of Information Systems Essentials of Business Information Systems Chapter 12 Ethical and Social Issues in Information Systems Web sites are posting their privacy policies for visitors to review. The TRUSTe seal designates Web sites that have agreed to adhere to TRUSTe’s established privacy principles of disclosure, choice, access, and security. 169。 2022 by Prentice Hall TRUSTe成立于 1997年 ,是一家非營利組織，總部設(shè)立于加州舊金山，并在華盛頓設(shè)有分支機構(gòu)。 TRUSTe目前運營著世界上最大的“隱私認證計劃”，截止到 2022年，有超過 2022家網(wǎng)站通過了該項認證，其中包括了一些主流網(wǎng)站和領(lǐng)先品牌如 IBM, Oracle Corporation, eBay等。 169。 2022 by Prentice Hall