Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie

Website privacy policy adherence

Options
  • 23-07-2008 10:02pm
    #1
    Hellm0
    Registered Users Posts: 1,028 ✭✭✭


    Howdy folks,
    May not be the correct forum for this however it's kind of a dual topic(legal matters / IT).

    I am wondering what the legal implications are of a site not adhering to it's own privacy policy in that they claim to utilise SSL in the ordering process and yet there are clearly no signs of SSL anywhere on the site. There is also a kick in that they clearly store and display credit card/personally identifiable information on an unsecure page(no ssl and login is achieved by way of a client-side cookie stored after a one time username/password authentication).

    Is this in breach of my privacy then? Can I loot the website's coffers for infringing upon it?

    Regards,
    H.


Comments

  • Options
    #2
    heggie
    Closed Accounts Posts: 1,879 ✭✭✭heggie


    why have you lost any money because of it?


  • Options
    #3
    egan007
    Registered Users Posts: 2,934 ✭✭✭egan007


    Their bank would have a problem with it as it would brrach their policies.


  • Options
    #4
    axer
    Registered Users Posts: 5,517 ✭✭✭axer


    You could report them to their bank or to whoever is providing their merchant account since it would be against their terms. They would suspend their ability to process credit cards or at least give them a severe warning.


  • Options
    #5
    deegs
    Registered Users Posts: 1,268 ✭✭✭deegs


    whats the website?


  • Options
    #6
    Doodlebug
    Registered Users Posts: 892 ✭✭✭Doodlebug


    Are you sure there is no iFrame, etc. used for the payment? The reason I ask is that there has been some (unfounded as it turned out) concern regarding www.CDWOW.ie (their credit card payment is handled in an iframe). This gives the impression that the page itself is unsecured, whereas the details themselves actually are submitted using SSL.

    Not the best from a design point of view (or reassuring customers), but some sites do this.


  • Advertisement
  • Options
    #7
    Eoin
    Registered Users Posts: 21,242 ✭✭✭✭Eoin


    Not much help, but if your credit card did get compromised, the chances of it being from someone packet sniffing an unsecured connection is probably the least likely way.


  • Options
    #8
    Bob the Builder
    Registered Users Posts: 2,919 ✭✭✭Bob the Builder


    i'm with eoin_s on this. someone on the other side can see it anyway, unless it is specifically configured not to.

    and if i was on the other end, i could email the credit card number to my friend in america who could buy something or whatever.

    whilst it may break bank policies, it will only add a very tiny level of risk to the situation as it is.

    definetley report it to the bank anyway, but imo, it will make very little difference either way, they'll just get a warning and a letter in writing to tell them that their account is disabled until they obtain an ssl cert.

    cdwow have been reported loads of times to the banks, even though, it is still a secure site. they sacrificed consumer confidence for website performance...


Advertisement