Assessing Threats to Privacy in Web Design
Some of the Internet's biggest companies (i.e., Google, Microsoft, Yahoo, IBM, and Verisign) are working on a new "single sign-on" system that would make it easier to surf the Web. As corporate members of the OpenID Foundation, they are supporting the development of a system that would make it easier for users to sign on to a number of sites without having to remember multiple user IDs, passwords, and registration information. Under OpenID, the companies would share the sign-on information for any Web user who agrees to participate. They would also share personal information such as credit card data, billing addresses, and personal preferences.
Discuss the threats to privacy in this situation. Who would own the data? Explain.
Who do you think should have access to the data? How should that access be controlled?