Preventing Data Security Breaches And Identity Thefts Information Technology Essay
Current online marketing strategies deliver immense benefits to the modern global firm by way of better market reach, cheap and convenient transaction possessing, multiple online payment options and real time consumer data management. Marked benefits are commonly discernible in the area of internet based business-to-business or B2B, and business-to-consumer or B2C e-commerce models. These online commerce models rely on digital marketing for their success, which in turn in essentially a remarkable success of information technology and data management techniques. However, the growth of digital marketing is getting severely affected by the misuse of technology by criminals and unscrupulous persons in various ways. Such misuse of technology encompasses identity theft, data loss and other data security breaches. Increasing information security breaches and cases of identity theft in recent times threaten the marketing of products and services either online or offline like never before. This paper attempts to understand issues and outcomes of identity theft, data loss and security breaches on the present and future global marketing environment by examining several secondary sources of information.
2. What is identity theft?
Identity theft is the theft of a person’s identifying features and is recognized as a crime by The Identity Theft and Assumption Deterrence Act or ITADA in the United States. The ITADA, U.S. Public Law 105-318, defines identity theft as the action of knowingly transferring, possessing, or using, without legal authority, another person’s identification means with the intention of committing, aiding or abetting crime. Again, Lawson and Lawford (2003) define identity theft simply as the unauthorized collection and subsequent fraudulent usage of another person’s personal information. The US Federal trade Commission lists some common uses of identity thefts as the fraudulent opening or use of credit cards, fraudulently opening utility or telecommunications accounts, endorsing or passing on bad bank checks, availing credit in another person’s or some fictitious name, or even working in another individual’s name. It refers to identity theft mostly as an incidence involving financial fraud. The personal information fraudulently accessed, used or stored includes another person’s name, identity, address, phone number, mother’s maiden name, Social Insurance Number, credit card number, bank account number, ATM PIN, driving license number, passport, etc. The mechanism to affect identity theft includes phishing, dumpster diving, pretexting, database related frauds, hacking, etc. Phishing is the attempts by third parties to access or obtain confidential information by tricking the computer user into disclosing such information (Shreft, 2007). The various frauds in which identity theft finds use are credit card fraud, bank fraud, utility fraud, government benefits fraud, internet or email frauds, etc.
3. Impact of identity thefts
Commonly, identity theft occurs in crimes like card or check fraud, various financial crimes, as also crimes relating to the Internet and telemarketing (Newman and Clark, 2003), among others. Newman and McNally (2005) observe that identity theft attempts are related to one or more of the following contexts: as technology part of financial scams, as motivation for other crimes, exploiting technological or IS weaknesses, as facilitation for other crimes, for avoiding arrest, As a case of “Repeat Victimization”, or, as part of an organized large scale crime. Generally, the identity theft impacts consumers in one or several of three way- losses are suffered y the victims, the consumers have poor credit rating as a result of such information misuse, and the customers’ reputation gets ruined. Identity theft also affects commercial activities involving financial institutions, public sector organizations, the government, and other organizations that need to process sensitive personal data. The implementation of various public policy measures by the authorities directed specifically at curbing identity theft is gradually bringing results, albeit slowly. Thus, websites are mandated to provide visitors and customers several confidence building and communication methods like online complaint forms. The websites work in collaboration with federal or local government authorities. For instance, governments provide consumers with consumer kits for resolving identity theft problems as also provide options for correcting personal credit histories.
4. About data loss or pilferage
When firms lose confidential personal information or the same gets stolen, a breach in information security is said to occur. Data loss can usually occur when laptops are stolen, emails are mismanaged, databases are compromised or back-up media gets lost. Usually, data breaches are due to hacking and stealing of digital information stored on computer systems. Data breaches result in decreased customer confidence, loss in brand salience, customer flights and loss in revenues by way of lower customer acquisitions. Current legal requirement also mean that the firm incurs losses by way of legal costs. Costs thus include customer costs, losses in revenues, legal costs, etc.
Data losses can occur in several ways like intentional deletion of files or programs, unintentional file deletions; misplacement of removable storage media, administration errors, and unreadable file formats; failure of power, hardware or software and corruption of stored data, natural disasters like earthquake, tornadoes, etc; criminal action like theft, sabotage, hacking, and or malicious acts including worms, viruses, etc. (www.85under.com, 2008). Firms commonly use Disaster Recovery Solutions for reducing costs due to data loss. Such solutions comprise providing for data back-ups and a pre-formulated strategy for meeting future unforeseen data loss events.
5. Identity theft and data loss, information security and marketing
For tackling cases of data pilferage or identity theft, security needs to be built or scaled up in the organizational information systems environment and this entails escalated costs for business enterprises which ultimately translate into higher interests, prices and fees for the consumers. In as much as digital marketing methods involve internet tracking of personal web surfing characteristics and search engines can detect personal information on the web, issues of privacy loss caused by identity thefts or data pilferage can seriously decrease consumer confidence as well as impact e-commerce in the long-term. The data loss and pilferage issues add to the privacy debate, complicate the legal environment further, and also seriously impact growth of direct as well as online marketing. Modern marketing methods like viral marketing, email marketing, social marketing, etc. rely to a large extent on information system use. Hence, data protection is of primary importance for achieving and sustaining entire marketing efforts as well helping prevent economic losses. Typical losses that businesses incur due to identity theft related frauds include productivity loses, financial losses, damages to reputation and business due to customer complaints, legal costs, trust loss, etc. The marketing efforts of the businesses suffer due to these costly losses and the huge systemic change efforts that firms need to make in order to prevent or minimize such losses. A strong marketing system needs a healthy communication environment and trustworthy transaction, data processing and payment systems. In case of identity theft or data loss, the integrity and reliability of entire marketing system comes into question. The personal information of consumers which is misused by identity thieves is of significance to online marketers and can affect their activities seriously.
6. Misuse of marketing tools
In today’s technology driven marketplace, common tools adopted for successful marketing include data sharing, consumer profiling and direct marketing using online or offline databases. Sensitive personal information is shared and exchanged for profit, often unscrupulously by many marketing firms. Thus, firms often resort to unsolicited marketing, cross sell products and services using database marketing techniques, share data with other firms or affiliates as well as third parties (e.g. third parties) which threaten the individual’s right to privacy of personal information. Data pilferage involves breach of information security that may be put in place in order to protect consumers, the company or individuals whose personal information is used wrongly. At heavy costs and losses to the consumer and the firm, data identity thieves and pilferers pocket huge profits through unscrupulous means by using personal information, often without informing the identity owner of the theft. The consumer’s confidence and trust in the market gets affected in a continuously changing information system oriented marketplace. Consumers may also feel that firms, governments and legal authorities are not doing enough for protecting their interests or for ensuring proper use of personal data, whether such data use is for online commercial activity or traditional buying and selling of products or services. The only silver lining appears to be the increasing awareness of the problem by consumers which is perhaps mostly driven by self-protection instinct.
The use of the internet for successful marketing relies on the success with which internet websites of companies selling products or services are able to attract and retain loyal clientele acquired through the web. Any adverse feature of the internet is bound to keep most customers away from perceived potential risks due to such cyber-crimes like identity theft, data pilferage or security breaches. Consumers get to connect to the web through use of telephones, PDA devices, television, DSL or cable connections, laptop wireless connections, etc. The ultimate objective of the entire internet infrastructure is in deriving economic benefits. Frauds linked with practices like data loss, theft or security breaches obviously are highly detrimental to the entire web marketing efforts. If the use of email communication has tremendously impacted online marketing strategy, so also do the ills plaguing internet use itself portend a bleak future for further e-marketing. Identity or data theft can severely impact the emotional and social lives of victim consumers which in turn endanger the efficiency of information systems on which direct and digital marketing is sought to be built up. Identity theft itself appears to be facilitated by an inadequate information security infrastructure which is unable to protect personal data and also does not allow for sufficient participation of the victims in the data collection, exchange or use of their own personal information (Solove, 2003). Indeed, many of the cases of theft of personal information is the handiwork of marketing companies that do not think fit to inform or seek consent from the persons whose information they use commercially. Experts trace most data security breaches to poor information management that do not respect the customer’s privacy or sensitive nature of personal information (Cavoukian, 2005).
7. Impact on E-commerce
Harmon observes that as companies increasingly seek to adopt e-commerce modes of doing business in order to gain competitive advantage, they also increasingly perceive information technology as the key for creating value for the customer. He also avers that information processing can be used to enable mass customization of products or services that impact the way marketing is now done (2003). An efficient and secure computerized marketing information system facilitating fast information exchanges can successfully support entire organizational marketing functions through efficient and timely data exchange amongst various stakeholders. This is backed up by appropriate decision support system that facilitates CRM, sales automation, market research, marketing communications, product development and facilities development. The firm is driven in modern times by the need to understand the consumer behavior that makes him or her exercise a particular choice or select a particular product or service. It has to resort to strategic marketing that needs an efficient IS architecture to drive successful sales. Firms thus need to collect, store, analyze, and use personal information on consumers for their marketing strategy via the internet to succeed. Harmon aptly says that internet marketing is the integration of interconnectivity, multimedia, GUI tools, computers, IS and customer demands (2003). It is quite apparent that IS holds vital significance for any marketing effort to succeed. However data breaches or identity thefts can impact this marketing environment by compromising information security, as previously mentioned.
In an increasingly knowledge-driven economy, market information systems also assume vital significance in facilitating better functional integration, effective and continuous marketing monitoring, effective strategy development and implementation. The system itself comprises four key parts: user interfaces, databases, applications, and systems support. Thus, building secure user interfacing points, using foolproof software applications capable of analyzing and utilizing information collected, and implementing secure database storage systems, adequately supported by systems personnel, is a necessary prerequisite for an online marketing system to succeed. The storage for use of critical or other data is affected at data warehouses, which combines the processes of collection, management and access of the data. Again, data collected are converted to meaningful and useful information through data mining that essentially consists of the marketing firm adopting procedures to process, filter and interpret the data for giving effect to the planned market strategy. Data consists of a sequence of processes, viz. classification of data, estimation of data variables, grouping associated data, understanding and summarizing data features, using clustering to analyze the data and then finally predicting data behavior through techniques like neural networks, decision trees, querying, etc. The e-marketing process starts with the user accessing the company website. However, in trying to gauge consumer preferences, the website utilizes tracking tools like web profiling, cookie tracking, IP address marking, online customer profiling, and collecting, storing and analyzing personal information, using referrals and also registering personal information.
8. Data handling by websites
Websites generally and frequently collect, share and analyze data on users. The personal user data may include individual computer’s IP address, web browser used, web user browsing habits, operating system used, PC geographical location, etc. (website tracking). Many ad-serving companies collect huge volume of behavioral data using third party cookies, employ web bugs (e.g. Java Script), incorporate web research and analysis to provide for consumer value-additions, share or rent such personal information to marketing partners or affiliates, and also collect data for re-profiling and profitable resale (Gomez, Pinnick and Soltani, 2009), etc. While such data use and analysis can benefit consumers and companies, the processes also allow for identity theft and unauthorized use of personal information that can ultimately reduce user trust in the internet and hence even minimize future marketing revenues; this can also seriously undermine all e-commerce models that are in use or may be developed in future. Various efforts at regulation like government regulation, private-public partnerships or self-regulation seem woefully inadequate in dealing with the rapidly spreading malaise. In one study, PGP and Vontu Inc. (2006) observe that stolen laptops and data back-up tapes, compromised databases and misused email can result in the loss of vital customer information and also that such data breach can mean that the organizations also lose customer confidence, suffer brand damage and even stand to lose their future revenues. Additionally, their report argues, the costs of legal steps or customer complaint handling is prohibitive.
Data security breach and identity theft can also be affected using spyware and malware applications. In fact, marketing organizations use such applications, with or without the victim’s knowledge, in order to collect and analyze personal information like emails, clipboard contents, keystrokes, online shopping habits, browsing habits, keyword search usage, etc. Online marketers use such personal information to give effect to marketing campaigns via spams, spims, popups, home page hijacks, etc. Common spyware techniques include browser session hijacking, browser help objects, bots, web bugs, cookies, false anti-spyware tools, etc. Web users’ trust and confidence in the reliability of online business dealings suffer as a result of such spyware and malware intrusions on their privacy and personal information and this can cause long-term economic losses to individuals as well as producer firms. Spyware seriously impact healthy online economic activity owing to the increased lack of confidence of consumers to use online payment services as they fear personal financial losses. Vendor-producers also lose confidence in ascertaining the identity of the purchasers and view the transactions as possible criminal acts using stolen identity or funds sourced illicitly. Indeed, vendors and financial institutions often attempt to risk manage by setting up additional security gateways for facilitating proper verification of personal identity as also several other costly loss prevention programs. There is a resulting slowdown in transaction frequency or size which can also make for slower growth rates both of e-commerce and the economy as a whole. Modern marketing systems require openness, transparency, reliability, security and easy access as the basic elements of an internet marketing infrastructure, although no marketing efforts can succeed unless the customer is willing to opt for such innovative new marketing systems. An indirect consequence that impacts the customer is also that of increased costs to the organization y way of legal, security enhancement, disaster recovery and other such costs to be provided. Such higher costs get passed on as service fees, interest rates, or other similar price increases on the goods and services consumed. Viewed in economic terms, it can also be stated that market or economic growth rates are slowed, the production, marketing and operating costs increase, and consequently demand for products or services decreases.
In as much as both direct and digital marketing relies for success on a sound, advanced, and fast organizational information processing architecture, both identity theft and data loss constitute a few of the most critical events that can severely hamper any and every business effort. The problem is escalating in most countries of the world. One cause of such criminal acts on the internet is that marketing firms themselves use various innovative tools for driving improved business results. Their attempts can even be viewed as illegal acts to invade privacy and access and use personal information of individuals. And while such criminal acts can and do hamper marketing both of the offline and online kind, the phenomenon has spawned marketing of newer products and services-these are for better protecting individual privacy, securing personal information and helping firms face disasters more effectively and with minimum costs. It remains to be seem, also, how the growth of the internet is also sustained in the face of such intrusive marketing techniques like email marketing, viral marketing and so on.