With the fast growing of internet population, organisations always target in getting more personal information or contact details for doing internet or interaction marketing on internet, sometimes it may violet the privacy and ethical rights, and we are noting some of the areas which the organisation may have violated the data privacy without noticing it, and we are suggesting what the organisation could do to enhance better information security.
1)
Physical records containing personal data are not securely stored in systems or database, leads to a accidental disclosure of information and data of customers to unauthorized personnel, such as the customer details of CSL were leaked out, which could be downloaded from the internet in 2006.
In order to prevent this, organisations need to ensure that all customers’ information are kept confidentail and for own record usage, and not leaking the information out regardless of any other purposes. Also, organisations should restrict the access of the sensitive information, and only authorised person could access, and proper compliance procedures in handling the private data are in place.
2)
Most organisation such as banks, telecommunication companie or beauty companies will keep the customers data even their contracts are over, and they will send unwanted advertising post to customers, as well as sharing the information to their affliate or subsidiary companies.
To prevent this, organisation should have practices in updating and deleting the expired record, and before sharing the information, they should have got the customers' consent for any information disclosure
3)
Some of the Internet searching enginee or public email domain such as MSN, Yahoo, Google will keep users data when they create or login to the account, and advertising emails will be sent to users' email without getting customers' consent, and customers should be carefully reading the terms and conditions for blocking the advertising emails.
They should first understand preference and filter which advertisements should be shared to different users. Without making any arguements, inconvenience to the customers, they should have done the preference understanding from users' prepective, instead of unchecking the unwanted boxes while sign-up, customers should be asked to check the boxes of categories about the information they would like to receive.
發表文章
These are good and well-expressed insights !
回覆刪除You can also add that businesses should use opt-in model of information collection (asking users to give permission to receive marketing communications by ticking the box) rather than opt-out model (checking the boxes for them first and waiting for them to uncheck the boxes).
Businesses should also be aware of government laws or ordinances governing the use of customer data (e.g. Privacy Ordinance) and e-mail addresses.