美国作业代写：Personal information security in e-commerce

下面为大家整理一篇优秀的assignment代写范文- Personal information security in e-commerce，供大家参考学习，这篇论文讨论了电子商务中的个人信息安全。电子商务中的个人信息包括用户的姓名、通信地址、联系电话等等。而在电子商务的每一个环节中，用户的个人信息都有可能会被非法收集。而一旦消费者在支付平台的个人信息发生泄漏，那么消费者的个人安全包括财产安全在内都会受到威胁。

For the specific connotation of personal information, there is not an exact definition in China. But generally speaking, we can classify personal information as personal information and personal sensitive information. The processing of personal general information can be based on tacit consent, which can be collected and used as long as the user has not expressly objected. For personal sensitive information, it needs to be established on the basis of express consent, and before the collection and use, must first obtain the user's explicit authorization.

Personal information in e-commerce, China Internet Information Center (CNNIC) to its description: including the user's name, identity card number, mailing address, contact telephone, e-mail address and so on. In every a segments of E-commerce, the user's personal information may be illegally collected. Take the $literal model of online shopping, for example, when users need to buy items, first of all, in the online shopping platform to register the account, users in this part of the initiative to provide personal information such as name, sex, age, mailbox, mobile phone number; When you log on to a page, the browser will leave the log file and the consumer's network address on the Web server. This process will also generate automatic identification of the user's account, password, etc. when the user buys a items to release the order, they will be required to fill in the address, mobile phone number, name and other information, in the payment link will also have outlaws through the phishing website or other way to steal the customer's account and password and other information, so as to transfer the user's funds; When the user pays, the goods are mailed to the consumers, and in the process of mailing, the courier list that records the consumer's personal information has been exposed to the outer package of the courier. All these links have hidden dangers to the user's personal information security.

E-commerce is different from traditional commerce, in the E-commerce environment of the network transactions, the consumer's personal information is often not guaranteed, the third-party platform to a certain extent to protect the privacy of users, but at the same time, the third-party platform itself has a lot of problems. Third-party payment platform is not foolproof, its security remains to be discussed, and once consumers in the payment platform of personal information leakage, then the consumer's personal security, including property security will be threatened. Nowadays, there are two main categories of personal information protection in electronic commerce: the loss of personal data due to network security flaw and the infringement of personal information by website operators.

The loss of personal data caused by network security defects is mainly the use of network security loopholes, criminal activities of cyber criminals. Moreover is the hacker invades the website, causes the personal information to be stolen. In March 2013, due to hacking, cloud computing note application Evernote to nearly 50 million users to send a reset password notification. The way the personal information is leaked is a technical problem in the final analysis. As early as 2000, there was a tool identity and access management system for managing data privacy in the international market, and its core consisted of four parts, identity management, access control, identity opening, identity and policy library. However, the construction of identity and access management system started late, mainly because of the lag of the domestic application system, the overall level is not high, and is not relatively mature to cope with the loss of personal information caused by network security flaw.

In the four aspects of information processing, the collection, processing, transfer and deletion of data is very easy to disclose personal information. The infringement of personal information by businesses is manifested as the illegal collection of personal information, the development and utilization of personal information two times, and three aspects of personal information transaction.

The illegal collection of personal information, which is occurring in the information collection link. Usually the merchant uses the following two kinds of methods to obtain the user information: One kind is obtains the user's information through the human machine interactive pattern. In the E-commerce environment, people browsing, consulting or shopping, usually require a series of forms, such as: When the site registration, or the site will be asked to fill in the name, gender, age, e-mail, mobile phone number, address and other personal information. These forms involve a lot of personal privacy. Although most sites will have a corresponding privacy statement, but users do not know the real purpose of collecting information on the site, more can not be able to monitor their use of information. It is reasonable for businesses to collect personal data in order to expand their business, but the security of personal data collected is not completely guaranteed. Another kind of personal information collection method is through the user access records mining, to obtain the user's needs, interests and hobbies. Because current browsers allow users to restrict or disable cookies, businesses are starting to use other methods to track user activity and collect personal information. And more and more people use mobile devices for network activities, while most mobile devices are usually not allowed to use cookies. Therefore, the business began to humanize service, private customization as a gimmick, so that users actively provide personal information in exchange for more humane services, so that businesses in different terminals can track user activities, users will no longer be able to browse anonymously.

The development and utilization of personal information two times, usually occurs in the information processing link. Personal information two development and utilization refers to the personal data collected by the merchant after analysis and collation or data mining to get the deep-seated data, it used for commercial or other purposes. When people search and purchase a postgraduate exam-related book on a Web page, so after this very long period of time, your Web page will have information about postgraduate entrance to the window ads, and you will also receive the site to send you e-mail, recommend other related books. This is an example of two development and utilization of personal information around us. In fact, the two development and utilization of personal information in electronic commerce is a more complicated thing. From the business point of view, they are through their own analysis to obtain personal privacy, the purpose is mainly to provide users with more, better quality service, starting point is good, and often used methods are more scientific. And from the consumer's point of view, some people like the business of this behavior, they think this can bring convenience to themselves, and the other part of the people feel that personal privacy has been leaked, that this is a normal life of their own interference.

Personal information transactions occur in the information transfer or information deletion link. After the merchant obtains the personal information, the user's information is illegally traded without the user's request to delete the information, or without informing the user. There are two forms of personal information trading. The first is the exchange of personal information between companies. When a company is interested in the user information of company B, and B Company has certain requirements for a company, the two companies through consultation, the same. The other is the sale of personal data. Today more and more businesses and enterprises rely on third parties to obtain important information to serve the needs and expectations of users to promote their effective operation. They need to know who will buy their products and services to expand their user base. However, this kind of personal information transactions are often without the user's consent, in its unwitting circumstances, the move is convenient and effective, but still bear the risk of personal information disclosure.

To sum up, the illegal collection of personal information, personal information two development and utilization, personal information transactions, the three major issues for E-commerce personal information security impact can not be underestimated. Business in order to benefit, will take a variety of measures to capture the information of potential users, although it is to serve users, but has formed a user privacy violations, its role is likely to backfire, and then affect the development of e-commerce.

There are many factors that cause personal information leaking in China. First of all, with the further development of the network, the value of personal information is more and more high, huge benefits driven, making the lawless elements desperate. However, the Chinese people's awareness of the protection of personal information is not strong, to the criminals left the opportunity. Moreover, our country has been lack of clear laws and regulations, the collection and use of personal information on what is legal, how illegal and not a clear definition. At the same time, there is no strong punishment to deter the obvious unauthorized collection or circulation of personal information.

Most consumers lack awareness of personal information security and do not pay attention to protecting personal information from infringement, especially in the process of protecting electronic commerce. In the online shopping process, consumers do not have enough personal information security awareness, in the process of logistics information flow, filled out the consumer's personal information Express form directly exposed, and consumers often will not be the receipt in the aftermath of tearing up the processing, so that personal information received threats. For the business's information-gathering behavior, some consumers are not worried about their personal information will be known to them, and they enjoy the behavior of personalized services and efficient browsing experience. They have a laissez-faire, indifferent attitude to the violation of personal information. And they do not have the habit of patching up vulnerabilities and killing viruses or malicious programs on time. In addition, consumers lack of relevant legal knowledge, legal awareness is very weak, do not know how to use legal weapons to protect the legitimate rights and interests of individuals, but also not good at using technical means to protect personal information, these may lead to user's personal information is violated.

Enterprises to the user groups of their own information protection awareness and attention levels are gradually promoted, but most enterprises do not realize the importance of user's personal information protection, in the process of collecting and using the user's personal information, they do not have a perfect user Information protection system, which leads to the information leaking of the user's personal information in different degree. Second, enterprises and businesses in the collection, use of personal information, does not reflect the user's respect and responsibility, and even users in their own information after the collection has no right to know. E-commerce Enterprise to information processing of this situation, over time, will let users no longer trust, thus affecting the enterprise's own reputation and interests.

"Information security technology public and business Service information System Personal Information Protection Guide" (hereinafter referred to as the Guide) as our country's first personal information protection national standards, officially released on February 1, 2013. The guide focuses on the supervision from the technical means, information system, and the use of information systems to handle personal information activities to guide and standardize the role of the purpose is to improve the enterprise's personal information protection technology level, promote the rational use of personal information. The guide focuses on the user's right to know, requires that the processing of personal information to inform the user, and processing can not exceed the scope of the notification. The standard also raises the eight basic principles that should be followed when dealing with personal information, namely, clear objectives, minimum adequacy, public disclosure, personal consent, quality assurance, safety Assurance, good faith fulfillment and clear accountability.

The guide provides a powerful weapon for the next targeted fight against related crime. However, the guide is only a technical standard and lacks punitive measures to violate this standard, so it is not yet deterrent to the fight against personal information crimes. Protecting citizens ' rights and interests from illegal infringement and protecting national security is a systematic project, which can be accomplished not by a law or regulation alone. It is necessary to make the law of operability, but to solve the problem of personal information leakage fundamentally, we need to improve the relevant network laws and regulations and establish a sound corresponding system.

We can improve the protection of personal information in electronic commerce through four of efforts to address the various problems existing in E-commerce and the reasons for these problems. It is the technical level, the public guard level, the enterprise management level and the national legislation level.

Generally in the traditional business activities, in order to ensure the security and authenticity of the transaction, there will be a written contract signed by the two parties responsible, and such a contract is legally binding. In electronic commerce, the contract is in the form of electronic documents, in electronic documents, the traditional handwritten signature and seal can not be carried out, so there is a reliance on electronic technology means of electronic signatures.

In an E-commerce environment, most companies develop a privacy agreement that needs to go through this agreement when users register with the company's website to continue the next network activity. When users register and log in, they often choose me without consideration, they will not read the whole privacy clause, not only because these privacy terms are lengthy and legal, but also because users do not realize that it is an agreement concerning their personal information security. Use an electronic signature in a privacy agreement instead of using a simple button to pass a protocol, it allows users and companies to realize that they are bound by the agreement, that using electronic signatures is not only legal, it consolidates the legitimacy of the privacy agreement, but also enhances the privacy of the user from the side.

In order to prevent the leakage of personal information, to enhance the user's personal Information protection awareness is the key. As the subject of information, each of us should take measures to protect our own information, including the general scope of personal information, the principle of personal information protection and the specific measures that can be adopted. Name, ID number, telephone number and address are the categories of personal information. When the website or the electrical business asks us to fill in the personal information, we should know the reason that the other person obtains these personal information, and judge whether the other person obtains more information than the actual need. Adhere to the eight principles of personal information to follow the minimum principle of adequate, only to provide the other side with the necessary information, while we also want to avoid the informal web site to leave personal information. When providing information, measures should be taken to limit or indicate the scope of use of such information. For example, when we provide a copy of the ID card, we should indicate the purpose of the copy without affecting the use of the copy; When registering the information in the website, we should pay attention to whether the website provides privacy protection policy, limits the information confidentiality requirement or the scope of use. When dealing with media containing personal information, appropriate measures should be taken to destroy the information. such as personal resumes, bank business vouchers, credit card records and express orders, etc., in the scrap of such media should ensure that the above personal information will not be acquired, you can use tearing, painting and other ways to protect personal information.

Enterprises also need to strengthen the protection of personal information concerns, strictly comply with personal information related to compliance requirements, including information collection and use of norms, security measures and supervision and inspection, and to accept and cooperate with the relevant agencies of the supervision and inspection, as far as possible to avoid personal information related to illegal legal liability caused by the investigation.

Enterprises in the use of user information should pay attention to the user information disclosure of two possible ways: internal leakage and external leakage. Most of the internal leaks were due to employee leaks and illegal outsiders leaking. In 2012, 3.15 Parties reported that the system's managers sold user data. The main way of external leakage is in the process of cooperating with third party, user information is acquired by third party without knowing. Because the user information collection, processing, transfer, delete the process will have the risk of information leakage, therefore, enterprises in the collection, use of personal information, should do: In the collection of information, the first to obtain the user's authorization.

We can improve the protection of personal information in electronic commerce through four of efforts to address the various problems existing in E-commerce and the reasons for these problems. It is the technical level, the public guard level, the enterprise management level and the national legislation level.

Generally in the traditional business activities, in order to ensure the security and authenticity of the transaction, there will be a written contract signed by the two parties responsible, and such a contract is legally binding. In electronic commerce, the contract is in the form of electronic documents, in electronic documents, the traditional handwritten signature and seal can not be carried out, so there is a reliance on electronic technology means of electronic signatures.

In an E-commerce environment, most companies develop a privacy agreement that needs to go through this agreement when users register with the company's website to continue the next network activity. When users register and log in, they often choose me without consideration, they will not read the whole privacy clause, not only because these privacy terms are lengthy and legal, but also because users do not realize that it is an agreement concerning their personal information security. Use an electronic signature in a privacy agreement instead of using a simple button to pass a protocol, it allows users and companies to realize that they are bound by the agreement, that using electronic signatures is not only legal, it consolidates the legitimacy of the privacy agreement, but also enhances the privacy of the user from the side.

In order to prevent the leakage of personal information, to enhance the user's personal Information protection awareness is the key. As the subject of information, each of us should take measures to protect our own information, including the general scope of personal information, the principle of personal information protection and the specific measures that can be adopted. Name, ID number, telephone number and address are the categories of personal information. When the website or the electrical business asks us to fill in the personal information, we should know the reason that the other person obtains these personal information, and judge whether the other person obtains more information than the actual need. Adhere to the eight principles of personal information to follow the minimum principle of adequate, only to provide the other side with the necessary information, while we also want to avoid the informal web site to leave personal information. When providing information, measures should be taken to limit or indicate the scope of use of such information. For example, when we provide a copy of the ID card, we should indicate the purpose of the copy without affecting the use of the copy; When registering the information in the website, we should pay attention to whether the website provides privacy protection policy, limits the information confidentiality requirement or the scope of use. When dealing with media containing personal information, appropriate measures should be taken to destroy the information. such as personal resumes, bank business vouchers, credit card records and express orders, etc., in the scrap of such media should ensure that the above personal information will not be acquired, you can use tearing, painting and other ways to protect personal information.

Enterprises also need to strengthen the protection of personal information concerns, strictly comply with personal information related to compliance requirements, including information collection and use of norms, security measures and supervision and inspection, and to accept and cooperate with the relevant agencies of the supervision and inspection, as far as possible to avoid personal information related to illegal legal liability caused by the investigation.

Enterprises in the use of user information should pay attention to the user information disclosure of two possible ways: internal leakage and external leakage. Most of the internal leaks were due to employee leaks and illegal outsiders leaking. In 2012, 3.15 Parties reported that the system's managers sold user data. The main way of external leakage is in the process of cooperating with third party, user information is acquired by third party without knowing. Because the user information collection, processing, transfer, delete the process will have the risk of information leakage, therefore, enterprises in the collection, use of personal information, should do: In the collection of information, the first to obtain the user's authorization, and then only to collect the necessary personal information. In the process of information processing, should take appropriate measures to prevent data leakage, and inform users of the processing methods and purposes. In the information transfer link, the outsourcing and partners should be required to take the same security management requirements as the enterprise itself, to ensure that there will be no management short board during the use of personal information, and to inform users of the scope and purpose of the transfer. In the information deletion link, when uses the goal to achieve, should delete the personal information promptly, including the enterprise own preservation, as well as the subcontractor or the partner maintains personal information. To sum up, the enterprise in the management of personal information, in addition to doing their own security management, pay attention to outsourcing and partners in the security level, but also embodies the information subject to respect and responsibility, to protect the information subject to the use of personal information right to know.

At the national legislative level, it is an effective means to deal with the illegal trade of personal information to improve the relevant laws and regulations, especially to increase the punishment of the illegal activities. The purpose of this paper is to improve the crime cost of personal information related to crime, to deter the illegal personnel, and to reduce the occurrence of such behavior. Not only that, but also specify the limits of the security and utilization of personal information in electronic commerce, the rights and obligations of the subject of information, and the institutions that have the right to examine personal information. Stipulating that when the user's rights are infringed, the legal relief should be obtained through what channel, and how to hold the tort liability. At the same time, it is necessary to formulate specific and detailed operational compensation system, including material compensation and spiritual compensation. In addition, while strengthening the protection of legislation, the Government should increase the publicity of the protection of personal information, with the help of radio, television and other media, to create a good personal information protection atmosphere, improve the public awareness of information security. At the same time, the establishment of a personal protection system incentive mechanism to encourage the public to report violations of personal information. Some areas of our country have already been implemented, with actual action legislation to protect personal information. With the introduction of a series of measures related to personal information security, the disciplinary strength and punishment scope of the criminal offences related to personal information are also increasing.

With the use of all kinds of information technology in the electronic commerce era, the personal information protection has been raised many problems, also caused great difficulties. In fact, the proper use of personal information can make users and businesses benefit, users can get better and more user-friendly service and network experience. And businesses can use these personal information to improve their Web sites and services, to provide a better user experience, and thus further profit. However, users should not be able to downplay the awareness of personal information protection. Enterprises can not abuse personal information or illegal reselling of personal information, first of all, enterprises need to obtain the user's authorization to be able to use these personal information, and then ensure that users of their personal information to the whereabouts of the right to know. With regard to the use of personal information, it is necessary for the State to enact relevant legal provisions, while using the relevant technical means to implement the constraints. If the problem of personal information protection in e-commerce is not solved properly, it will become the bottleneck of the development of electronic commerce. As an irreversible trend of the times, countries are committed to strengthening the protection of personal information, using a variety of means. The personal information protection in e-commerce should make the corresponding rules, standardize them, and promote the development of electronic commerce under the precondition of the security of personal information, so as to flourish the business of electronic commerce.

51due留学教育原创版权郑重声明：原创assignment代写范文源自编辑创作，未经官方许可，网站谢绝转载。对于侵权行为，未经同意的情况下，51Due有权追究法律责任。主要业务有assignment代写、essay代写、paper代写服务。

51due为留学生提供最好的assignment代写服务，亲们可以进入主页了解和获取更多assignment代写范文 提供留学生作业代写服务，详情可以咨询我们的客服QQ：800020041。-ZR