Protecting data which is handed over to any institute by itscustomers is a must. Like so any financial institutes it is compulsory tofollow data protecting legal acts to safe keep themselves as well as theircustomers. In a legal perspective thinking it is also customer’s soleresponsibility to check legal acts and status at an institute before startingbanking with them. Hence legally it is his/her responsibly to be in a safe zonetoo.
Increasing in online banking and electronic card servicese-commerce websites has increased gradually in last decade or two. In a studyheld by Gartner Group shows estimated 47% of United States and 30% of UnitedKingdom adults use banking services. Over 1 Billion US dollars are paid inelectronic bills on 2009. Using online banking and electronic cards fore-commerce or online shopping comes with its advantages. It is easy, reliable,time saving etc. (Batchelor, 2017).Although this service is easy and public accessible it comeswith huge risk for criminal activities. These issues arise from customer side,service provider side and also from e-commerce or any other vendor where onlinepayment made through internet banking or electronic cards.
Some of these issuesinclude:· Using customer information for other purposes · Collecting unnecessary information· Information incorrect and not up to date· Poor security features· Leaking private data· Misusing E-commerce websitesThese are few of the issues that may arise using internetbanking and electronic cards. In fact some of these issues had happened in pastwith world leading brands. For example in 2011 April Sony was fined by EURO250,000 due to security breach. This happened because their out dated securityfeatures in their PlayStation Network (Glenday, 2013). Furthermore in 2013 Yahoo servers werebreached which Yahoo claimed later that all the account they had at the timemay be affected. They are also well known brand. In 2016 Uber was breached byhackers which lead in compromising over 57 million users and 600,000 driverinformation.
Later Uber paid the hackers 100,000 USD to delete the data. (Staff, 2017)Laws act as a shield for all the crimes that may arise inthis service. In order for any parties involved in this service systemorganizations must abide or follow good data protection acts or laws. DataProtection act 1998 is one of them. Data Protection Act 1998 or DPA is an actor law abided by United Kingdom parliament in 1984.
Later in 1998 this law wasupdated. DPA is govern by Information Commissioners office ICO in UntitledKingdom who directly to the parliament of UK (www.getsafeonline.org). DPA consists of mainly 8 Principles.
First is personal datamust be collected lawfully and fairly. Meaning bank or ecommerce website whilecollecting customer data must be collected for a relevant purpose. It is also upto customer not to give sensitive data if they feel like it is not the purposethey intend to do. Also when the information is collected for eitherregistration or for service these information must not be used for any otherpurpose.
They cannot be used for advertising, sold to another party etc. If thecustomer agrees that their information can be used for other purposes, for thiscustomer must be informed and get clear consent. Leaking or misusing data forother purpose will lead in violating DPA number 2 principles which statespersonal data must not be used for any other purpose rather than the purposewhich it was collected.Third principle of DAP states that personal data must bedata must be adequate and relevant. For example while registering for ecommerce website customer must not give information such as account number,banking branch, salary or any other kind of incomes. But they can ask forinformation such as address, email or credit card number.
Legally it is a hugeproblem giving any false testimony or information. While registering for anyservice related to online banking and electronic cards customers must alwaysgive correct information. Keeping this information up to date is also their responsibility.DAP principle number four indicated this.
Any institute that follows DAP must always keep theirsecurity feature always up to date. Online banking service providers mustfollow DPA principles and always keep their system security features always upto date.