|
E-Privacy:
A Policy Approach to Building Trust and Confidence
In E-Business
Stage 1 : E -Privacy Drivers
7.1
This initial step in the cycle requires the provider
to think carefully about what the future will look like
in any given business domain. For example, currently
there is considerable interest in migrating the success
of conventional 'bricks and mortar' operations to an
E-Business format. There have been spectacular success
stories in this process but many more failures. This
suggests that the transfer to a new modus operandi is
a complex process or that, as some observers note, the
'whole E-Business thing' has been blown out of proportion.
That is, for many customers, E-Business is something
that is simply ahead of its time. Certainly the evidence
is that there have been difficulties in the diffusion
and adoption process and Hong Kong is no exception to
this.
7.2
The present state of E-Business suggests
that some providers have better conceptualised or mapped
an accurate picture of the future. This has been matched
with the ability to implement strategic initiatives
that seek to secure that vision of the future. However,
clear thinking alone is not enough; it must be matched
by reasoned analysis and judgements that are relevant
to the individual provider's business domain. So, any
E-Privacy Policy must be preceded by reconnaissance
to ascertain what is tenable, in terms of the future,
for any particular provider; the contention being that
E-Privacy should be a constituent element of that vision.
7.3
If this is accepted then E-Privacy needs to become a
core value that influences behaviour in the workplace.
A commitment to creating this value means that all planning
and implementation activity must be aligned with the
vision of the future. This can be seen in the following
examples. to become a core value that influences behaviour
in the workplace. A commitment to creating this value
means that all planning and implementation activity
must be aligned with the vision of the future. This
can be seen in the following examples.
- E-Privacy
Culture - Creating the Value
Organisational cultures take their cues both from
the prevailing values and customs evident within the
society in which business is conducted, and from the
leadership of the organisation. Frequently, change
in the 'ways of doing things' is met with resistance.
The lessons of the past offer insights into what may
happen in the future with E-Privacy. The initial ideas
of thinkers on social issues such as consumerism and
the environment were often regarded with scepticism.
However, some entrepreneurs took a more enlightened
approach by looking at these developments not as a
threat, but as an opportunity for the business. That
is the way in which E-Privacy should be regarded.
A concept whose time has come and one that presents
the provider with a new opportunity and basis upon
which to compete.
The
future-oriented provider should regard E-Privacy as
a 'new' value. The creation of that value necessitates
the support and involvement of top management. However,
this leadership should go beyond the trappings of
E-Privacy if the initiative is to be credible. If
that is the case then a provider will benefit by creating
a favourable perception towards E-Privacy as a corporate
value both with internal and external customers. The
challenge then is to match the expectation created
in the market place. This requires a disciplined approach
to the implementation of operational strategies. The
danger, of course, is that that the provider may over-promise
and under-deliver which is likely to be counter-productive.
Expectations should be appropriately pitched
and managed.
Creating
the E-Privacy value, and sustaining it, will become
part of the benchmark of excellence that consumers
expect of leading providers. More significantly, commitment
to the maintenance of this value will result in a
win-win outcome for providers and customers alike.
Though
essential, creating the value may seem a rather obscure
process. To try and make it more tangible it is useful
to move to the micro level and look at an E-Privacy
Policy Statement that encompasses the value and key
features of online personal data privacy.
-
E-Privacy Policy Statement (E-PPS)
Good E-Privacy must respect E-Privacy principles in
the conduct of all
aspects of online and offline transactions. This means
that E-Privacy values need to be
apparent in the provider's on-screen E-Privacy Policy
Statement ("E-PPS"). An E-PPS
is a requirement of the Ordinance where a provider
collects information online from
individuals, that enables those individuals to be
identified. This is most likely to arise in
connection with online registration or service sign-up.
However, such information may
also be collected through other means such as the
use of cookies.
7.4
It has been said that if you can't measure it, you can't
manage it. The effectiveness of any particular E-Privacy
Policy statement must be measured against its ability
to deliver on four key dimensions:
- Respect
for the Provisions of the Ordinance
Providers need to create the value for E-Privacy so
that it becomes one of the
distinguishing features of the provider's organisational
culture.
- Accountability
Procedures should be put in place that will ensure
operational compliance on a day-to
day basis. This implies the appointment by the provider
of appropriately qualified
person(s) whose job description addresses this responsibility.
- Informed
Consent
The right of the customer to exercise control over
the collection and use of their personal data by a
provider. This can only be achieved if the provider
accepts the principle of informed choice and consent.
- Customer
Redress Mechanism
Providers should ensure that, in the event of a customer
grievance, there is an effective online redress mechanism
that is user-friendly.
7.5
In summary, E-Privacy Policy should seek to eliminate
the possibility of unlawful and unauthorised access
and use of personal data. The ultimate goal is zero
tolerance.
[Image of Previous Page][Image of image][Image of Next Page]
|