Feeds

Web privacy bandits named and shamed

Spam merchants and credit card data dogs

  • alert
  • submit to reddit

Security for virtualized datacentres

Internet sites are failing to either protect consumers privacy or adhere to international data protection laws.

A study of 751 sites by Consumers International, the global federation of 13 consumer organisations, reveals that many European and American Internet sites aimed at consumers fall woefully short of international standards on data protection.

The vast majority of sites gave users no choice about inclusion on mailing lists or having their name passed on to affiliates or third parties. More than two thirds of sites collect some sort of personal information from users, which would make it easy to identify and contact that person.

Worse still, only ten per cent of sites targeting children asked kids to get their parents' consent before giving personal information.

Despite tight European Union regulation, sites in Europe were found to be no better at being up-front about how users' data would be used than those in the US.

Many companies were found to flout EU legislation requiring them to give customers the option of insisting that their personal information is not divulged.

As part of the study, a team of researchers set up a set of online identities which were used to test the practice of some sites against their stated privacy policies. This part of the research only tested 17 US sites and 16 sites in Europe but it still threw up some interesting anecdotal evidence.

Three sites disregarded requests to be left off mailing lists. These were French book site lalibrairie.com, healthshop.com and UK wine retailer Berry Bros & Rudd, bbr.com. Among the sites that didn't give people any choice about receiving email were babyworld.co.uk, and US bookseller, harvard.com.

Another issue thrown up was over the security of credit card information sent online. In one case, US CD retailer cdworld.com sent out two emails requesting credit card confirmation be faxed to the company. This was not done but the order was processed anyway. UU T-shirt retailer 3tee.com sent an unencrypted email containing credit card information.

Consumers International is calling for government and regulators to take urgent action to adopt laws, rules and procedures to tighten up on privacy and establish a body that consumers can turn to for redress.

The organisation has provided a helpful five-point plan for people to protect themselves from misuse of private information in ecommerce. This includes: limiting disclosure of your personal information, using a separate email account for ecommerce activities, rejecting cookies planted on PCs by intrusive businesses, using privacy tools which allow users to surf anonymously and learning and applying your legal rights. ®

External links

Consumer International's report

Related stories

FTC clears DoubleClick of privacy invasion
Travelocity drops customers' pants in public
Europe warms to spam ban

Reducing the cost and complexity of web vulnerability management

More from The Register

next story
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
JINGS! Microsoft Bing called Scots indyref RIGHT!
Redmond sporran metrics get one in the ten ring
Driving with an Apple Watch could land you with a £100 FINE
Bad news for tech-addicted fanbois behind the wheel
Murdoch to Europe: Inflict MORE PAIN on Google, please
'Platform for piracy' must be punished, or it'll kill us in FIVE YEARS
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Found inside ISIS terror chap's laptop: CELINE DION tunes
REPORT: Stash of terrorist material found in Syria Dell box
Sony says year's losses will be FOUR TIMES DEEPER than thought
Losses of more than $2 BILLION loom over troubled Japanese corp
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Protecting users from Firesheep and other Sidejacking attacks with SSL
Discussing the vulnerabilities inherent in Wi-Fi networks, and how using TLS/SSL for your entire site will assure security.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.