Personal information security : legislation, awareness and attitude.
Date
2011
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
Ecommerce refers to the buying and selling of products and services electronically via the
Internet and other computer networks (Electronic Commerce 2011). The critical components
of ecommerce are a well designed website and a merchant account for payment by the
customer (Ecommerce critical components 2008). Merchants that sell their products and
services via the Internet have a competitive edge over those that do not. It is therefore
becoming common practice for both small and large business to transact electronically. With
the vast opportunities, new risks and vulnerabilities are introduced. Consumers are reluctant
to transact electronically because of the fear of unauthorized access and interception of
confidential information (Online Banking Concerns 2011). Other fears include the changing
of data with malicious intent, denial of use, hacking, deliberate disclosure of confidential
information and e-mail associated risks (Safeena, Abdulla & Date 2010). The use of
technology such as encryption and decryption has not adequately addressed these problems
because fraudsters have found new and sophisticated methods of attaining consumer
information illegally. Phishing is one such method. Phishing results in identity theft and
financial fraud when the fraudster tricks the online users into giving their confidential
information like passwords, identity numbers, credit card number and personal information
such as birthdates and maiden names. The fraudster will then use the information to
impersonate the victim to transfer funds from the victim‟s account or use the victim‟s
information to make purchases (Srivastava 2007). Since 2002, many laws passed in South
Africa have attempted to allay fears so that consumers can conduct business electronically
with confidence. The following legislation aims to protect consumers:
- The Electronic Communications and Transactions Act (Republic of South Africa
2002).
- The Consumer Protection Act (Republic of South Africa 2008).
- The Protection of Personal Information Bill which is expected to be passed in 2011
(Republic of South Africa 2009).
This research aims to examine the extent to which these legislation can address the security
concerns of consumers. The researcher is also interested in ascertaining how knowledgeable
consumers are on these legislation and what their attitudes are towards their personal
information security.
Description
Thesis (M.Com.)-University of KwaZulu-Natal, Westville, 2011.
Keywords
Data protection., Computer security., Computer networks--Security measures., Theses--Management studies.