E-Commerce security is plagued with ethical issues on responsibility. If
fraud occurs, whose fault is it? Is it the business's fault for not securing
their information correctly? Is it the consumer's fault for assuming that
the technology used is secure? Is it the criminal's fault for stealing information,
even if the information was being sent in the clear? Or is it a combination
of the three?
It is critical that the system administrator of an e-commerce system be
aware of the security of the system and the consumer's information.
Is it ethical if an administrator could have prevented information but chose
not to for particular reasons? Would it also be ethical for businesses
to publicize only the criminal and not the security holes that allowed the
hacker to get through? Would the opinion change if the business knew
about the security hole but deemed it to expensive to fix and the probability
of a break-in low?
For a list of cases to examine and the aftereffects of the fraud, check
out the following links:
E-Commerce Security also has some main issues. They are interception of
data, redirection of data, identification of parties, exploitable program
errors, and being the weakest point in security. When administrating a secure
e-commerce site, it is important to remember that you are part of a link
of systems. If you're security is weak, it may be possible that you are allowing
criminals access to information they may not have had access to. This leads
to ethical issues where weak security on your system led to dire consequences
for other people or companies.
Compare security issues over the Internet compared to real-life. Is it
right to be protective of information over the Internet when people are not
protecting that same information normally? Is it ethical to deliver different
punishments to criminals who steal information over the Internet compared
to those who steal information personally?