PCPD - Electronic Commerce, Consumer Rights and Data Privacy

Information Centre
speeches and Articles

Date: July 30 - August 1, 1998

Electronic Commerce, Consumer Rights and Data Privacy

by Stephen Lau, Privacy Commissioner for Personal Data, Hong Kong at the NetAsia '98 + Internet Commerce Expo (ICE) Hong Kong '98, 30 July - 1 August, 1998 Hong Kong

Electronic Commerce and Internet

Telematics - the marriage of computers and telecommunications technology - is creating new application and services in our daily life. The awesome growth of Internet, with 100 million people world-wide now surfing the Internet for fun and information and with the estimated number of Internet users to reach at least 300 million by the end of the century, provides impetus to new initiatives in electronic commerce.

Electronic commerce, conducting business over Internet, is growing at an phenomenal rate. Its many recognised advantages include a new channel of doing business which brings in new revenue, particularly with small and medium enterprises (SMEs) which could now access global markets easier and cost-effectively. New and innovative businesses also are mushrooming, e.g. contents providers with numerous databases, WEB design and marketing companies, and specialised hardware and software vendors for Internet applications and security.

There is a significant road block to the seemingly unstoppable momentum in harnessing the potentials of electronic commerce. This stumbling block is to do with ensuring trust and confidence of both the consumers and the businesses. A European Union document on electronic commerce summaries this concern admirably ¹.

"For electronic commerce to develop, both consumers and businesses must be confident that their transaction will not be intercepted or modified, that the seller and the buyer are who they say they are, and that transaction mechanisms are available, legal and secure. Building such trust and confidence is the prerequisite to win over businesses and consumers to electronic commerce. Yet many remain concerned about the identity and solvency of suppliers, their actual physical location, the integrity of information, the protection of privacy and personal data, the enforcement of contracts at a distance, the reliability of payments, the recourse for errors or fraud, the possible abuses of dominant position - considerations which are heightened in cross-border trading."

Of all these concerns related to trust and confidence, data privacy is regarded as dominant, as the Internet is multiple networks with many pathways connecting many thousands of computers. Messages which could contain sensitive personal data are routed to their destinations via different routes often than not without adequate security. There exist the dangers of data being intercepted during transmission as well as their use and disclosure for unintended, unauthorised or fraudulent purposes.

Data Privacy

Such a concern is consistently reflected in the annual Electronic Commerce and Privacy Survey ² conducted by Louis Harris and Associates and Dr Alan Westin in the US which has the largest electronic marketplace in the world.

The primary focus of the survey examines the experiences, concerns and policy preferences of the American public with regard to using the Internet.

The 1998 findings recently announced are consistent with previous Harris-Westin surveys conducted in the mid to late 1990's. Computer users and Net users in 1998 register similar patterns of intense concern over threats to their personal privacy:

87% of computer users say they are concerned, with 56% "very concerned";
86% of Net users say they are concerned, with 56% "very concerned"; and
86% of Net users that buy products and services are concerned, with 55% "very concerned".

85% of Net users rated collecting personal information about children without parental consent as "very serious" and 48% felt that receiving unsolicited e-mail (spam) was "very serious".

Net users in the 70% ranges rated the following four issues as "very serious":

Someone tracking what web sites people visit and using
that information improperly....................................... 72%
Personally-identified public record information about
individuals being put on the Internet........................... 72%
People reading e-mail that is not addressed to them....71%
Websites collecting the e-mail addresses of site visitors
without their knowledge or consent to compile e-mail
marketing lists........................................................ 70%

Of those who say they are not likely to access the Internet in the next year, greater privacy protection is the factor that would most likely convince them to do so.

According to Patrick Sullivan of PriceWaterhouse, "The results of the survey, especially concerning meaningful, verifiable privacy policies, are made all the more important by the Federal Trade Commission's recent report that only 14% of commercial websites in the U.S. tell consumers anything about the sites' information practices, and only about 2% have any clear privacy policies posted".

Another consumer survey conducted in March 1997 in the US by the Boston Consulting Group (BCG) ³ indicated that three in five consumers do not trust Web merchants with their personal information. Based on the survey results, BCG estimated that as much as US$6 billion in additional electronic commerce could be gained by the year 2000 if consumers' privacy issues were addressed.

A recent survey conducted in Hong Kong ⁴ found that only 26% of Internet users polled had used the Internet for purchases and 45% of the non-buyers felt that transaction on the Internet were not safe.