This paper aims at examining hacker culture and related cyber security issues. It is apparent that most organizations around the world have established privacy policies that are aimed at ensuring the security of the information collected from their websites regarding their customers. Three companies, such as Coca-Cola Company, PepsiCo Inc. and Dr. Pepper Snapple Group Inc. will be analyzed with regard to their privacy policies. The paper will also provide some of the possible changes these organizations can incorporate into their privacy policies to enhance the protection of their customers and give the organizations more flexibility to use the customers’ personal information without contravening their privacy policies.
Apparently, cyber security is one of the most significant issues in the present times, and it is speculated that its importance will continue to grow (Johannes and Michel, 2009). Furthermore, its future appears to be indeterminable, considering the fact that this threat remains ambiguous (Wark, 2004). Effects of cyber security are factual, affecting most organizations as well as the government agencies globally. During this time organizations meet with information security issues such as hacking, or even data breaches that developing and managing the correct responses to such security issues becomes very important (Marco, 2010). Moreover, as the number of people using the internet and mobile phones is rapidly increasing, it remains a collective duty of all to ensure that the information and communication technologies are secure and safe (Johannes and Michel, 2009).
Basically, almost all operations are dependant on information and communication technology, and furthermore, cyber security is significant in attaining a vibrant information society (Delloitte, 2010). However, the highlighted concerns with regard to security, fraud, privacy and reliability have prevented people from taking the merits of communication and information technologies (Marco, 2010). The newer and enhanced information and communication technologies come with increasingly complicated problems, such as hacking, identity theft, online extortion and phishing among many other problems (Johannes and Michel, 2009; Nicholas, 2008). As a result, most organizations have established privacy policies that will enable them to protect the personal information of their customers. This paper basically aims at examining the hacker culture and the related cyber security issues. The paper will compare and contrast the privacy policies of three organizations within the beverage industry, describing their missions and the possible changes, which can be enacted to ensure that customers are protected. The paper will also list and explain the possible changes to the outlined privacy policies within each organization, in order to provide organizations with more flexibility to use personal information of their customers, while avoiding the privacy issues.
Thesis statement: Cyber security is one of the most significant issues today, but its future appears to be threatened by various complicated challenges such as hacking, data breaches and online extortions, affecting most organizations as well as government agencies. This paper will examine the hacker culture and the related cyber security issues.
The Coca-Cola Company
The Coca-Cola Company is an international corporation that deals in the manufacture, retail and marketing of the non-alcoholic beverage syrups and concentrates. The company has its headquarters in Atlanta, Georgia and operates in more than 200 countries (Stallman, 2002). The company is well-known for its foremost product Coca-Cola, and besides this beverage, the company is currently offering over 500 brands. Generally, the company produces the syrup concentrate that is then distributed and sold to varied bottlers holding the Coca-Cola franchise globally. Apparently, the company recognizes the fact that the business world is changing and continuing to thrive, therefore, the company has a mission which is enduring. This mission declares the purpose of the company and acts as a standard against which it evaluates its decisions and actions. These include:
• To refresh the world;
• Generate value and make a difference;
• Arouse moments of happiness and optimism;
The Coca-Cola Company values the privacy of each individual visiting its website. Regarding the personal data, the company highlights that not any personally identifiable information, such as name, telephone number or email address will be collected through its website, except when this has been voluntarily offered. The personal data is basically stored and processed to enable the company to review consumer needs and how it can enhance its products and services. The company may also either through its fulfillment party or any other third party, use the personal information to contact the customers, and it is worth noting that the information provided to the third parties is not individual information about users or visitors to the company’s sites. Apparently, the company has no intention of selling, renting or marketing the visitors’ personal data to the third parties. It is crucial noting that the company’s website is hosted by a third party, who might access the visitors’ personal information, but is only contractually compelled to use that information for reasons not other than hosting the site.
PepsiCo Inc. is an American multinational corporation that is basically concerned with the manufacturing, distribution and marketing of beverages, grain-based snacks and many other products. The company was established in 1965 as a result of a merger between the Frito-Lay Inc. and the Pepsi-Cola Company, and has since expanded to a broader range of beverage and food brands. The company’s mission is to become the premier consumer products company in the world with the main focus on beverages and convenient foods. The company has established a website through which it seeks to reach its customers. However, the company’s main goal is to protect the privacy of the visitors as well as that of the information submitted to the company through the internet. Children under the age of thirteen years are not allowed to provide their personal information to the site. Basically, the company collects personal information from its users, and users may choose to offer their personal details. However, it is crucial noting that there are various approaches through which information can be submitted; for instance, through contact the site, which requires the visitor to provide his personal information like a phone number among others to enable the company to respond to the users’ queries and comments. Those wishing to receive the company’s investor relations alerts or news alerts are also required to provide their names and email address to get these alerts. The visitors must give their email address when contacting the company’s board of directors, or be required to provide a friend’s address when sending some content to the friend. Besides, it is worth noting that the company will collect the visitors’ internet protocol address to help to administer this site considering the fact that the internet protocol address will help the company to identify the visitor. The company may also transfer or share the information provided by the visitors with the service providers, but the service providers have been restricted from disclosing or using that information except when adhering to the legal requirements or performing the services on behalf of the company. Additionally, the company can also disclose the users’ personal information when requested to carry out this by the law enforcing authorities, or for other legal reasons, or when the company deems this appropriate to avoid financial loss or to carry out an investigation about an actual or suspected illegal activity. Basically, PepsiCo Inc. protects personal information by maintaining technical, administrative and physical safeguards to guard against illegal alteration, use, destruction or disclosure of the information offered by all visitors. The secure socket layer technology is applied to ensure security of the personal information.
Dr Pepper Snapple Group Inc.
This information is often collected after registering with the site, taking part in surveys or promotions, submitting comments or interacting or communicating with the firm. However, it is crucial noting that this is often done voluntarily. Through the interaction, the company can bring the usage information from the visitor, which can include the operating system that is being used by the visitor and the preceding page views. This allows the company in maintaining the website in order to ensure that the information being offered matches with their interests. The company also collects the internet protocol address of the computer or any other technology that is used by the visitor to access the website. Basically, the information that is collected is used for business purposes, such as advertisement, improvement of the site and the company’s internal processes, response to the comments and queries, and identity verification among many other functions.
The visitors’ personal information is always protected from the third party unless consent is obtained to allow the company to share or transfer that information to the third parties. It is crucial noting that the business does not collect any personal information from children of the age of 13 years (Hacker, 2002). However, the company ensures security of all the personal information collected, although 100 per cent security is not guaranteed, considering the fact that the company’s sites may contain links to various sites, which are not operated by Dr Pepper Snapple Group Inc.
Possible Changes that Could Improve Protection of Customers and Offer the Organizations More Flexibility to Use This Information
The security of the visitors’ personal information is paramount for any organization considering the fact that it is through such forums that organizations are able to identify the interests of their customers as well as other useful information that could be applied to improve the organization. Various organizations have established privacy policies with the aim of ensuring security of the information collected from visitors. Despite the presence of such policies, most organizations still encounter challenges when it comes to the security of the information collected from their websites. Looking at the case of Coca-Cola Company, this paper suggests that the company should not make a condition that customers have to give their personally identifiable information, despite the fact that this is often done on a voluntary basis. The company should also look for one sole body to be charged with the duty of collecting information from visitors and managing it, without involving a third party. To assure the security of such information, the company should also liaise with the internet community to ensure that any suspicious malpractice is reported to the company.
PepsiCo Inc. should make some of the changes to its privacy policies including eliminating the provision where visitors are supposed to offer their personal information, regardless of the fact that this is often done voluntarily. Instead, the visitors should be allowed to leave their queries and comments without having to offer their personal details. However, despite the fact that the company applies the secure socket layer technology to manage its visitors’ personal information, it would be better if the company liaises with the internet community to improve the security of such information. Furthermore, it would be better if the visitors’ privacy data is not given to third party or associate.
However, looking at the privacy polices of these three organizations, it is worth noting that companies recognize the need to protect the personal information of their visitors. In addition, the organizations recognize the fact that children below the age of 13 years should not be allowed to provide personal information to these sites. However, to provide organizations with more flexibility with regard to the use of the customers’ personal information without breaching their privacy policies, it is important that the organizations ensure adequate security of the customers’ personal information. This can be attained, for instance, by ensuring that this information is not disclosed to the third parties or the company’s associates. Each company should hold exclusive control of its sites and the information collected should not be shared or transferred to the third parties. This will provide the company more flexibility while dealing with the collected information.
These companies could also consider forming better collaborations with the internet community, as well as with the law enforcement bodies to which is indeed important the enhancing of cyber security. The internet community, for instance, will be able to notify the company in case there is any suspicious activity. However, despite the fact that forming collaborations is often considered a challenge, considering the fact that solidifying and formalizing communication channels is not easy, indeed, this is one of the strategies that could be applied to ensure cyber security (Johannes and Michel, 2009). Another possible change that could be made into the privacy policies is that companies should not request for personal identifiable information, such as name, mobile phone contacts and e-mail addresses from the visitors, despite the fact that this is perfomed under voluntary. The company should be able to respond to the customers’ comments and queries without having to request for their personal information details.
It would also be important if the organizations conducted assessments of their security architecture, with the aim of identifying practical strategies that can be used to consolidate, minimize and rationalize the risks. The rapid development, adoption and acquisition of newer user devices and business tools require that organizations conduct a rapid assessment of their information technology security (Johannes and Michel, 2009). In addition, it is important to train employees on security skills considering the fact that this is a matter that concerns the entire organization. Apparently, a common form of the security violations is the insider threat, whereby the company’s employees have unknowingly or deliberately assisted in the attack, necessitating that they were trained on security skills (Johannes and Michel, 2009).
Cyber security has turned out to be a significant issues of today considering the fact that its effects are factual, affecting most organizations as well as the government agencies across the globe. A good examples of the most highlighted concerns regarding cyber security include fraud, privacy and the reliability which have prevented people and organizations from making the most out of information and communication technologies. As a result, most organizations have come up with privacy policies that are aimed at protecting the personal information collected from their customers.
This paper examined the privacy policies of three companies, the Coca-Cola Company, PepsiCo Inc. and Dr. Pepper Snapple Group Inc. However, looking at the privacy polices of these three organizations, it is clear that all these organizations recognize the important of shielding privacy data of their visitors. However, it is important if the changes are incorporated in order to ensure that security of the customers’ personal information is enhanced.