E-C OMMERCE : T HE E -C ONSUMER AND THE ATTACKS AGAINST THE PERSONAL DATA Nomikou Eirini Attorney at Law, Piraeus Bar Association Master Degree in Web.

Slides:

Advertisements

Similar presentations

Data Protection Billy Hawkes Data Protection Commissioner Irish Human Rights Commission 20 November 2010.

Advertisements

E-Commerce and the Law Section Understanding Business and Personal Law E-Commerce and the Law Section 13.3 Contracts for the Sale of Goods Electronic.

© 2014 ACA International. All Rights Reserved. Obtaining Optimum Compliance Performance Foundational Training on ACA’s Professional Practices Management.

CHAPTER 4 E-ENVIRONMENT

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

Ethical and Social...J.M.Kizza 1 Module 5: Anonymity, Security, Privacy and Civil Liberties IntroductionAnonymitySecurityPrivacy Ethical and Social Issues.

Slide 1 Whois Workshop, ICANN Montreal Meeting Topic, June 2003 Privacy and Data protection consideration of the Whois directories discussion Diana ALONSO.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

How It Applies In A Virtual World. Phishing Definition: n. To request confidential information over the Internet under false pretenses in order to fraudulently.

E-commerce Law Jurisdiction. Jurisdiction is relevant to e-commerce law in 2 ways: 1.Private International Law 2.Taxation implications.

Principles of Information Systems, Sixth Edition Electronic Commerce Chapter 8.

Legal Issues on PKI & qualified electronic certificates. THIBAULT VERBIEST Attorney-at-law at the Brussels and Paris Bar Professor at the Universities.

Consumers Online: Privacy, Security and Identity Professor Margaret Jackson and Marita Shelly Presentation to the RMIT Financial Literacy, Banking & Identity.

MIS PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER 4 Hossein BIDGOLI Phishing that bites Paying for Privacy Pirates.

Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services

Anomalous Aspects of Transfer of Personal Data from the E.U. to the U.S. Stephen R. Bell Willkie Farr & Gallagher ABA Section of International Law New.

Data Protection: International. Data Protection: a Human Right Part of Right to Personal Privacy Personal Privacy : necessary in a Democratic Society.

Attorney at the Bars of Paris and Brussels Database exploitation & Data protection Thibault Verbiest Amsterdam 1 April 2005

Privacy and Encryption The threat of privacy due to the sale of sensitive personal information on the internet Definition of anonymity and how it is abused.

MIS PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER 4 LO1 Describe information technologies that could be used in computer.

Lawyer at the Brussels Bar Lecturer at the University of Strasbourg Assistant at the University of Brussels Data Protection & Electronic Communications.

COMPUTER CRIME AND TYPES OF CRIME Prepared by: NURUL FATIHAH BT ANAS.

E-Commerce and the Law Section Understanding Business and Personal Law E-Commerce and the Law Section 13.3 Contracts for the Sale of Goods What.

1st MODINIS workshop Identity management in eGovernment Frank Robben General manager Crossroads Bank for Social Security Strategic advisor Federal Public.

What is E-commerce Safety Precautions Password Strengths

Privacy Codes of Conduct as a self- regulatory approach to cope with restrictions on transborder data flow Dr. Anja Miedbrodt Exemplified with the help.

E-Commerce Directive 2002 Overview. This Map It was derived from Complying with the E-Commerce Regulations 2002 by the DTI.

Data protection supervision authority’s practice concerning exception provided in par. 2 of article 5 of Directive 2002/58/EC DIJANA ŠINKŪNIENĖ State Data.

Private and Confidential. Levels of Identity Verification Is this person who they claim to be? Knowledge based Authentication Is this a real identity?

E-commerce Vocabulary Terms. E-commerce Buying and selling of goods, services, or information via World Wide Web, , or other pathways on the Internet.

E-commerce Vocabulary Terms By: Laura Kinchen. Buying and selling of goods, services, or information via World Wide Web, , or other pathways on the.

7-Oct-15 Threat on personal data Let the user be aware Privacy and protection.

Privacy & Security Online Ivy, Kris & Neil Privacy Threat - Ivy Is Big Brother Watching You? - Kris Identity Theft - Kris Medical Privacy - Neil Children’s.

Data Protection Compliance Professor Ian Walden Institute of Computer and Communications Law, Centre for Commercial Law Studies, Queen Mary, University.

Dimensions of E – Commerce Security

IBT - Electronic Commerce Privacy Concerns Victor H. Bouganim WCL, American University.

COPYRIGHT © 2011 South-Western/Cengage Learning. 1 Click your mouse anywhere on the screen to advance the text in each slide. After the starburst appears,

© A. Kur IP in Transition – Proposals for Amendment of TRIPS Annette Kur, MPI Munich.

Chapter 7 Phishing, Pharming, and Spam. Phishing Phishing is a criminal activity using computer security techniques. Phishers try to acquire information.

Data protection and compliance in context 19 November 2007 Stewart Room Partner.

Protecting Yourself from Fraud including Identity Theft Personal Finance.

Privacy and Data Protection in e-Communications Sector Legislation, Codes of Practice and Standards Privacy and Data Protection in e-Communications Sector.

1 Law, Ethical Impacts, and Internet Security. 2 Legal Issues vs. Ethical Issues Ethics — the branch of philosophy that deals with what is considered.

WHOIS Public safety and data protection requirements.

Protecting Yourself from Fraud including Identity Theft Advanced Level.

Phishing & Pharming Methods and Safeguards Baber Aslam and Lei Wu.

LEARNING AREA 1 : INFORMATION AND COMMUNICATION TECHNOLOGY PRIVACY AUTHENTICATION VERIFICATION.

Workshop on Privacy of Public Figures and Freedom of Information - Skopje, 9-10 October 2012.

Issues for Computer Users, Electronic Devices, Computer and Safety.

Unit 2- Privacy and Cyberspace Kaizen MIDTERM Definition of Terms How is Technology eroding our privacy and anonymity? Protecting privacy online.

František Nonnemann Skopje, 10th October 2012 JHA Data protection and re-use of PSI as a tool for public control–CZ approach.

Agencija za zaštitu ličnih/osobnih podataka u Bosni i Hercegovini Агенција за заштиту личних података у Босни и Херцеговини Personal Data Protection Agency.

TRANSBORDER DATA FLOWS INA MEIRING. THE PROTECTION OF PERSONAL INFORMATION ACT (“POPI”) > 'personal information' means information relating to an identifiable,

Global One internet, worldwide Uncitral WTO Some laws: –Communications Decency Act –Child Online Protectioon Act –Children’s Internet Protection Act.

CNP Fraud. Occurs when a fraudster falsifies an application to acquire a credit card using an individual’s personal information. (Eg: postal intercept)

The Contractual Regime of PayPal and Electronic Payments Irene Kull ETAg funding, project 9301.

GDPR (General Data Protection Regulation)

THE NEW GENERAL DATA PROTECTION REGULATION: A EUROPEAN OR A GLOBAL STANDARD? Bart van der Sloot Senior Researcher Tilburg Institute for Law, Technology,

Data Protection: EU & International

Personal financial data: Regulatory framework of their e-processing focusing on the function of interbanking information systems in Greece and France.

EU Directive 95/46/EC (Paragraph 2) “Whereas data-processing systems are designed to serve man; whereas they must Respect their fundamental rights.

E-Commerce: Regulatory, Ethical, and Social Environments

The activity of Art. 29. Working Party György Halmos

The Modernisation of Convention108

Is Data Protection a Fundamental Right Protecting the Individual?

The E-Commerce Act and the Right to Privacy

Legal Terms electronic commerce (p. 284) electronic signature (p.286)

ONLINE SECURITY, ETHICS AND ETIQUETTES EMPOWERMENT TECHNOLOGY.

EU Data Protection Legislation

Presentation transcript:

E-C OMMERCE : T HE E -C ONSUMER AND THE ATTACKS AGAINST THE PERSONAL DATA Nomikou Eirini Attorney at Law, Piraeus Bar Association Master Degree in Web Law

INTRODUCTION Private Life Protected by legal texts such as:  the European Convention for the Protection of Human Rights and Fundamental Freedoms  the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data  Directive 95/46 of the EU  Difficulty of protection and adaptation of legislation to the new technological and social changes that threaten private life.

T HE ATTACKS AGAINST CONSUMER DURING THE DIFFERENT CONTRACT PHASES I. During the precontractual phase Usurpation of Identity Phishing Pharming Spoofing Cookies marketing and spamming Insufficient information on behalf of the person in charge of the data processing

II. During the contractual and post- contractual phase a. On line Authentication b. Abusive terms c. Transfer of the data of consumer to third countries d. The particular case of credit cards

D URING THE PRECONTRACTUAL PHASE Usurpation of identity: the act of taking the control of the virtual identity of a person, by stealing the password and the means of identification Phishing: “Technique of fraud aiming at obtaining confidential information, such as passwords or numbers of credit cards, by means of messages or sites usurping the identity of financial institutions or trade companies”

Pharming: a technique of usurpation of identity that consists of an act of hacking the domain name system. Spoofing: a technique that consists in pirating IP addresses of a machine, in order to have free access to it.  Legal Texts: - United States: “Identity Theft Penalty Enhancement Act” - Greece: Fraudulent collection of personal data (Law 2472/1997)

Cookies  Use of cookies : i. collection of information concerning the interests of consumers one-to-one marketing, spamming ii. Control of the effectiveness of the design of a site and the marketing used by the site.  Legal Texts: directive 2002/58/EC concerning the processing of personal data and the protection of privacy in the electronic communications sector Directive 95/46/EC on the protection of individuals with regard to the processing of personal data and on the free movement of such data

marketing and spamming - Necessity of preliminary consent of the consumer on the system called “opt in”. - Legitimate collection of information conforming to the directive 95/46/EU, within the framework of the sale of a product or supply of services. - Information of consumer about the right to opposition (opt out rule)  Legal Texts: - directive 2002/58/CE - Greece: article 11 of the Law 3471/2006

Insufficient information on behalf of the person in charge of the data processing - Lack of information about the service/product provider. Article 5 of the Directive 2000/31/EC ('Directive on electronic commerce'), provides the minimum of information that the provider is obliged to render.

II. D URING THE CONTRACTUAL AND POST - CONTRACTUAL PHASE a. On line Authentication - Creation of client’s account acceleration of purchase Dangers for private life:  collection of information concerning consumers’ preferences  Collection of credits cards’ numbers  use of adresses for marketing purposes  account thefts

b. Abusive terms -Article 2 of the Law 2251/1994: “abusive are the terms that have as a result the perturbation of balance of rights and obligations of the contracting parties and finally the damage of the consumer”. - Guidelines given by the jurisprudence of each country. - Important contribution of the Commission of abusive clauses in France.

o c. Transfer of the data of consumer to third countries  Towards countries which did not transpose the directive 95/46, the framework of the European Free Trade Association (EFTA) or for which there is not the Decision of the Commission related to the observation of the adequate character of the data protection in third countries.  Out of the “Safe Harbor”  Legal Texts: articles 25&26 of the directive 95/46

d. The particular case of credit cards  Attacks related to: - Identification of the card or the user - Authentification of the transaction - Traceability - Information exchange between banks  SWIFT CASE

CONCLUSION The universalization of trade requires the universalization of safety at the same time. Necessity for the consumer to trust e-commerce  International collaboration  More information of the consumer about the dangers  Quick adaptation of the legal texts to current circumstances