Fraud Prevention and Privacy Laws
Internet is the foremost important tool and the prominent resource that is being used by almost every person across the world. It connects millions of computers, webpages, websites, and servers. Using the internet we can send emails, photos, videos, messages to anyone across the world. But with the freedom of expression and a chance to interact with the world, something which is often missed out is social laws and ethics. Social ethics are the general set of human values which every human has to follow whether online or offline. Internet fraud is a good example of social laws and ethics missout. So to stop such types of misuse of internet privacy laws are created and applied. In this article, we will discuss these privacy laws and internet fraud.
Privacy law is the part of the law that works for regulating, storing, and using the personal information of people like their personal healthcare information, financial information, family information, etc. This information can be collected by governments or any other organization. Personal information also includes things like trade secrets and the liability of directors, officers etc in handling sensitive information. Privacy laws are limited to an individual’s privacy rights and are within reasonable limits. Everyone has the right to privacy as declared in the Universal Declaration of Human Rights. However, the interpretation of these rights varies from country to country.
Internet privacy is all about the rights of personal privacy on the internet. It concerns storing, reusing, provision for third parties, and displaying personal information pertaining to oneself via the internet. Internet privacy is a subset of data privacy, as data can be breached off the internet as well. Since the start of large-scale computer sharing, privacy concerns have been there ever since.
Privacy can be broadly divided into two categories, personally identifiable information (PII) and non-personal identifiable information (Non-PII). Any information that can be used to identify a particular individual comes under PII. Age and physical address are enough in themselves to identify an individual without disclosing their name. Other forms of PII may include GPS tracking soon.
Classification of privacy laws:
Privacy laws can be broadly classified into:
- Privacy laws that have a complete impact on the personal information of individuals
Global internet privacy laws
As we know that on the internet privacy breach every day around the world. So using a single law cannot save people’s privacy, instead, a group of laws is put in place to work for online privacy, both internationally as well as on the state level. Some of them are:
- The Federal Trade Commission Act (FTC): Regulates unfair and deceptive commercial practices. This act is the primary federal regulator in the privacy area and brings enforcement actions against companies.
- Electronic Communications Privacy Act (ECPA) : This act is used to protect certain wire, oral, and electronic communications from unauthorized interception, access, use, and disclosure.
- Computer Fraud & Abuse Act (CFAA) : This act is used to criminalize unlawful computer-related activities involving unauthorized access to a computer in order to obtain information.
- Children’s Online Privacy Protection Act (COPPA) : This act compels online service providers and some websites to obtain parents’ consent before collecting and using personal information from minors under the age of 13.
- Financial Services Modernization Act (GLBA) : This act regulates the collection, use, and disclosure of personal information collected by financial institutions.
Privacy law in India
In India, the Right to privacy is a fundamental right and is an integral part of Article 21. As a part of the freedoms guaranteed by Part III of the Constitution, this article protects the life and liberty of the citizens. In 2011, the Indian Parliament passed Subordinate legislation that had various new sets of rules that had companies and consumers under it. The most important aspect of these new rules was that any organization that intends to process personal information obtained from the customers has to obtain written consent from the customers before using the data in any activity. On 24 August 2017, a nine-judge bench of the Supreme Court held the right to privacy as an integrated part of the right to life and personal liberty under Article 21 of the Constitution.
Before this, an act was brought in 2008 called Information Technology (Amendment) Act 2008. This act made changes to the Information Technology (IT) Act, 2000 and added these two sections related to privacy :
- Section 43A deals with the implementation of quality security practices for sensitive personal data and provides compensation to the person affected.
- Section 72A is having a provision for imprisonment up to three years and/or a fine up to Rs. 500,000 for a person who causes wrongful loss or wrongful gain by distributing personal information of another person.
Internet frauds have a huge range now, from the use of online services and software to taking advantage of the victim’s ignorance or illiteracy. This crime covers cybercrime activities that take place over the internet, an email. It includes crimes like identity theft, phishing, and other unfair and unethical activities, made out to scam people out of money. Internet fraud has become a large industry in itself. Every year these frauds account for millions of dollars, and these figures continue to increase as internet usage is expanding and criminals are updating their techniques.
Types of Internet Fraud
Cybercriminals are very smart and keep finding new techniques to outsmart people and commit fraud. They use malicious software, email, links to spread malware, websites that steal users’ data and help in completing the fraud. Following are the broad types of internet frauds:
- Phishing and spoofing: Fake messages are shared to the victim’s email, and a story is cooked up to make it look real. They mainly declare the victim as the winner of some lottery or some huge prizes, then ask for personal details such as bank details, login credentials. Sometimes they also ask for a huge amount to process and send the gifts.
- Data breach: Data breach is stealing protected and sensitive data from a safe location and moving it into an untrusted environment from where the scammer can easily get it. This includes data-stealing from users and organizations.
- Denial of service (DoS): Hackers block the victim’s system completely, nothing can be done on the system. Sometimes they only block access to a few websites, mostly visited by the user. They ask for money to restore the system to its original state.
- Malware: The use of malicious software to damage devices to steal personal and sensitive data.
- Ransomware: In this attack, malware is injected into the victim’s system that prevents the user from accessing some critical files, or sometimes even the entire system is blocked. Then they demand payment in order to restore the access. Ransom money is generally delivered by phishing attacks.
- Credit/ATM Card Scams: This fraud happens when hackers get the victim’s credit or debit card details for transferring funds or to make purchases. To get card details, scammers generally use credit cards or bank loan deals to lure victims. For example, a victim might receive a message from their bank telling them that they have won some competition and now have some huge amount to collect as a prize. They also say that the ATM is blocked, and I need the details to unblock it. These scams still continue to work, despite widespread awareness of such calls being fake and a scam.
How to Detect Fraud?
We can detect fraud using the following ways:
- Monitor your accounts: One must keep a frequent eye on his/her account activities. Getting to know a fraud at an early stage can save a lot of damage. If anything suspicious is seen, one must contact the concerned authorities immediately. One must also keep an eye on the family member’s accounts.
- Use online alert tools and services: There are many online tools to detect fraud. One must always sign up for email or text alerts in bank accounts. It will notify the user immediately about any transaction or a new card being issued or any new order placed.it is also advised to set up notifications/alerts for unusual low account balances and high-value transactions. These alerts give a signal of any unusual transaction so you can stop it immediately.
- Use a credit monitoring service: There are tools to keep monitoring the credit service, it notifies the user wherever there is a change to the credit report. It is the fastest way to find out if someone has opened a new account with your name.
Warning signs of a fraud
Following are some warning signs that show that someone else is using your data or the sign of fraud:
- Unusual charges on your account.
- Unknown accounts on the credit report or wrong information.
- Bills or statements stop arriving by themselves. This means someone has taken over your account and changed the billing address.
- Banks and financial institutions freeze accounts without your permission.
- Receiving credit cards without asking.
- Unexpected denial of services.
- Unexpected notifications.
- Notifications about the unrequested address, password, or information changes.
Prevention from fraud
Following are the ways to prevent yourself from fraud:
- Protect personal and financial information — Never respond to requests for personal or financial information, unless you have started the talk or know that organization is legitimate.
- Always tear financial documents before throwing them in the garbage — Before throwing, always tear or burn credit cards and bank statements and any other important documents with sensitive information on them.
- Never pass on personal information over the phone — Unless you initiated the call or trust the person.
- Report lost or stolen documents immediately – By doing so the bank can block or cancel the card so no one else can use it.
- Always consult a trusted and knowledgeable financial advisor only — Talk about your financial stuff with your trusted contacts only, that could be any bank employee or any relative or friend with sound financial knowledge.
- Review the financial statements monthly — Check for any charges or withdrawals you don’t remember making.
- Never share the PIN number or passwords with anyone and choose PINs and passwords that are tough to guess — Hide the machine’s keypad with hand or body whenever using an ATM machine or card machines. Never have PINs or passwords that will be easy to guess, such as part of your address, phone number, or closely related dates.
- Keep viruses and antispyware up to date on your computers, tablets, and mobile devices — This is key to making sure that no one can get access to the personal information on your devices.
- Only visit legitimate websites — Shop online with reputed businesses only.
- Secure your internet connection – Always enable passwords on your home wireless network. While connecting to public Wi-Fi networks, be careful about what information you are passing over it. Never make payments on open networks, always use a personal network for payments.