 |
 |
 |
|
 |
 |
|
||
       
|
 |
 |
 |
||
|
Newsletter Volume 4 (9) 20 July 2006 
|
|
|
||
User Centred Design of Financial Services Project News Volume 4 (9), July 20, 2006 User Centred Design (UCD) of Financial Services Project News is a fortnightly e-newsletter that keeps you in touch with what is happening in the Banking and E-Commerce streams of the Smart Internet Technology CRC project on Security, Trust, Identity and Privacy. The aim is to stimulate interaction with our wider project team, industry partners and researchers involved with the use and design of financial services. <><><><><><><><><><><><><><><><><><><><><<><><><><><<><><><><>< 1. Small Business, Websites and the Privacy Act 1988 (Cth)) 4. Readings <><><><><><><><><><><><><><><><><><><><><<><><><><><<><><><><>< Generally, a business with a turnover of $3 million or less is exempted from the operation of the Privacy Act 1988 (Cth) (Privacy Act). Small businesses are thus exempt from having to comply with the National Privacy Principles (NPPs) which set out guidelines for handling personal information. However, a small business that handles personal information may, in some circumstances, be regarded as either collecting or disclosing personal information for a benefit, service or advantage and will not be exempt. Also, small businesses that provide a health service to another individual and hold any health information except in an employee record; or that are contracted service provider s for a Commonwealth contract (whether or not a party to the contract) are also not exempt. Many small businesses do not understand that they are not covered by the Privacy Act and, when developing websites, include statements such as the following: ‘Our privacy policy voluntarily complies with the Privacy Act' or ‘We are bound by the National Privacy Principles in the Privacy Act'. Such statements are misleading and deceptive and in breach of s52 of the Trade Practices Act. It is possible to choose to be bound by the Privacy Act but this choice must be formally registered with the Office of the Privacy Commissioner. An application form to opt in to be covered by the Act is available on the Privacy Commissioner's website. The small business will then be placed on a publicly available register. Both the application form and the Register can be viewed at http://www.privacy.gov.au/business/register/index.html#1. Professor Margaret Jackson ********************************************************************************* Julian Ligertwood is attending the 2nd International Conference on Social and Organizational Informatics and Cybernetics in Orlando, Florida on July 20 -23. The paper he is presenting is entitled: 'Government Approaches to Identity Management: An Australian Perspective'. Jenine Beekhuyzen, Alison Ruth and Catherine Demosthenous visited Melbourne on 19 July. It was the first time Catherine and Alison met the other members of the project team in Melbourne. Alison will be working on the quantitative banking study and Catherine is interviewing Aboriginal and Torres Straits Islanders for the banking project. The discussions were good and so was the lunch and the dinner. ********************************************************************************* Marcia, 65+ is single and lives with her two daughters. One is currently in Hobart studying, and the other recently got married, but is travelling around Australia. When Marcia's daughter and her husband return, they will live with Marcia “because they will not have any money left”. She keeps in contact with her children via the internet, and mobile phone. Her married daughter has a satellite on her van, so she can send emails from anywhere. Marcia says that email is often a better form of communication with her daughter than the mobile phone, as the mobile is often out of range. Marcia is not concerned about privacy, or identity, and she trusts the banks, but does not like them. She thinks other people can monitor everything, all the time about anyone - such as listening into a phone conversation or monitoring people's movements on the internet, or even watching where a person physically is, and what they are doing. In spite of this, she has no privacy concerns. She says that people today are too concerned about privacy. Marcia stated that in the past, people had the balance right, that they were not overly concerned about privacy, but that they understood some of the implications. She thinks that things should go back to that. She does not understand the big deal about the identity card, because people have that sort of information anyway. Marcia thinks phone banking is the worst in terms of security, and she will not check or transfer money though the phone. However, she does pay her bills on the phone. She will not touch internet banking, as she had a friend who lost all his money because of the internet for three months. The bank allowed him an overdraft until the matter was resolved, and they eventually refunded him his money, she does not want a similar experience happen to her. When first asked if she bought things on the internet, she said she did not, but later said she did buy airline tickets. “But that is different” she said. ********************************************************************************* In MIS Quarterly, Volume 30, August 2006 Circuits of Power in Creating de jure Standards: Shaping an International Information Systems Security Standard," James Backhouse, Carol W. Hsu, and Leiser Silva “This paper addresses the role of power and politics in setting standards. It examines the interaction of external contingencies, powerful agents, resources, meaning, and membership of relevant social and institutional groupings in generating successful political outcomes. The case study portrays how the institutionalization of this ad hoc development process results from the interactions of power among the stakeholders involved. The case study also shows how the different interests and objectives of the stakeholders were influenced by exogenous contingencies and institutional forces. The paper discusses theoretical and practical implications for the future development of such standards.” ********************************************************************************* CALL FOR PAPERS Conference topics include theories, methods, and findings concerning social and business aspects of For more information, Please see: http://www.gor.de |