E-commerce has become the most critical facilitator of international trade. However that benefit comes at the cost of having to manage the risk of unlawful application of customer-related data. E-commerce facilitates access to detailed information regarding customers’ lifestyles and their finances and therefore this information used for purposes of criminal intent could result in losses amounting to billions of dollars. The European Union manages this risk by imposing the restrictions from above. These restrictions guide e-commerce companies in how to use their databases so that the privacy of their customers is not violated. In the EU the framework of rules and regulations concerning how data are to be disseminated outside to non-members of the EU is centralized at the governmental level. In the US, protection of data privacy is left to the market and the government does not intervene in this respect. This is the fundamental difference in philosophy between the EU and the US when it comes to data protection. The EU practices enforcement while the US practices a voluntary system.
Implementation of the safe harbor agreement would enhance the volume of trade conducted via e-commerce because consumers are wary of sharing information online. They fear that their privacy will not be respected. This uncertainty surrounding data security restricts the potential of the e-commerce business model. According to one study, consumers preferred that the government should intervene in ensuring data privacy (cited in Laudon & Traver, 2007). The safe harbor agreement is a step in that direction. It would not only bolster consumer confidence in the e-commerce business model, in the process generating more business for companies that are conducting their transactions through e-commerce, but it would also facilitate international data exchange, in the process enhancing the scope of transnational e-commerce.
Therefore data privacy issues incorporated by the safe harbor agreement would remove the biggest roadblock to the expansion of trans-Atlantic e-commerce. The problem is that many companies in the US would find it difficult to enter the safe harbor agreement because of structural complexities in their IT management systems which make it difficult to monitor exposure. However data privacy issues raised by the safe harbor agreement go to the very heart of the business potential inherent in e-commerce and therefore companies which have been neglecting consumer demand for enhanced privacy should use this agreement as a roadmap in the continuing evolution of their information systems.
E-commerce is the primary facilitator of globalization. This is because the speed with which information flows from one country to another becomes instantaneous via e-commerce. However that would not happen unless data protection policies in different countries were standardized. The case of the different policies being implemented in the US and the EU illustrates how the flow of e-commerce might be checked if issues of data protection are not standardized across borders. This lack of standardization has a direct bearing on the state of the economy in both regions because a large volume of business transactions flows back and forth between the two regions and these transactions would be disrupted if the EU and the US could not agree on the standards of data protection. Companies incorporated in the US have no limitations on sending data to countries in the EU because they are exempt from government control. In the US the companies are free to formulate their own policies regarding data privacy.
However, these same companies have large scale investments in the EU and therefore the need for data exchange is critical. At some level these are issues of international business and companies in the US and the EU would have to customize their operations in order to be able to effectively globalize their operations. This customization is possible only when companies have detailed market data related to the country they are contemplating moving to. The detailed market data would also have to be available on a continuing basis for monitoring changing market conditions. Therefore the availability of information is critical and that availability would be severely hampered if there is disagreement between the US and the EU regarding data protection. As a result, the scope of international trade would be greatly restricted and economies in both regions would suffer.
Some of the executive level decisions are concerned with the restrictions that compliance with a safe harbor agreement would impose. Unless the company involved has a very short operating history, it is difficult for the management to anticipate the possible uses for which they would need the customer-related information which has been collected for a long time. Companies in the US which operate complex electronic networks would have a hard time monitoring when data are seen by parties other than company employees. Therefore the decision that has to be made by the management of these companies is how to define confidentiality under the safe harbor approach. In this respect, the Department of Commerce, the EU commission and representations from the business community in both regions would have reach a consensus that would allow businesses in both regions to comply without having modify their legacy IT system extensively.
Laudon, Kenneth., and Carol Traver. (2007). E-commerce: Business, Technology, Society.
South western college pub.