Absrtact: With the advent of the electric business 11 sales promotion War, the network information security of the electric business has again become the hot topic that the consumer pays great attention to. Recently, the Electronic Commerce field also appears the information security accident successively, causes the on-line consumer dispute unceasingly. How to strengthen network information Ann
With the advent of the "double 11" promotional campaign, the issue of network information security has again become a hot topic of consumer concern. Recently, the Electronic Commerce field also appears the information security accident successively, causes the on-line consumer dispute unceasingly. How to strengthen the network information security supervision becomes the focus problem that needs to be solved urgently.
A few days ago, the well-known network operators 1th stores burst personal user information was leaked, Jingdong Mall also appeared a large number of "malicious orders", in the consumer caused unrest and controversy. A number of experts in the industry to accept this reporter interviewed all pointed out that for personal information security and network information security incidents, the current regulatory level of the corresponding laws and regulations are relatively absent, the cost of infringement is low, consumer protection costs too high. Therefore, as soon as possible to improve the relevant laws and regulations, establish and improve the electricity business consumption order, can further promote the development of electric commerce.
Phenomenon
No. 1th Store 11 employees leaked user information was controlled by the police
Recently, the Shanghai Public Security Department has informed the latest results of special action to combat cyber crime, among them, famous net buys the Company "No. 1th Shop" the bad staff suspected collusion outside personnel to disclose 700,000 customer information, caused the huge uneasiness in the consumer.
According to the Shanghai Pudong Public Security Bureau revealed the news, after the preliminary discharge survey, has been seized "No. 1th shop" online mall staff and turnover, external staff and internal collusion, resulting in some of the customer information leaked a case. Up to now, 11 people have been controlled by the Public Security Department.
In fact, as early as half a year ago, there are micro-blogging users "it" to the media reported that there are sellers selling 1th stores 700,000 user information, the price is 500 yuan. At that time, shop No. 1th strongly denied disclosing user information. However, with the announcement of the Pudong police, the fact that the user information of store 1th was leaked was surfaced.
In response to 700,000 user information leaked, shop 1th vice President Saturday recently said six months ago, Shop No. 1th in the daily work of the investigation found that some of the customer's order information (that is, the customer's receipt information) may exist for human causes of the leakage, shop 1th attaches great importance to the initiative to report to Shanghai police, and actively cooperate with the police investigation, Forensics work. For the affected customers, shop No. 1th has properly handled the security of their order information. Store 1th will also continue to actively cooperate with the Shanghai police in case investigation, and closely monitor the police investigation results. Based on the independence and confidentiality of police investigation, the company has no more details to disclose at present. As the case investigation progresses, store 1th will cooperate with the police in the timely release of relevant information to the public and the media.
"As a business, we are very sorry to see the event happen," Saturday said. The incident has caused some consumers to be disturbed, shop 1th hope that through the media to express sincere apology. ”
Weibo user "It" in the interview with the reporter said: "Now the public security organs to disclose the facts (refers to the disclosure of user information), I hope that shop 1th through public channels including their own website, to consumers apologize and explain the situation." ”
Jingdong Mall Revocation of malicious orders were "onlookers"
With the advent of "double 11" shopping carnival, the issue of network information security has again become a hot topic of consumer concern, in addition to the 1th store 700,000 user information leaked case, another electric business giant Jingdong Mall also encountered network information security accident.
October 30 around 10:30 P.M., Beijing East recharge platform points for change in the activity of the phone is a bug (loophole), click after the system automatically recharge successfully, but do not deduct points, and not recharge the success of the integral is doubled back to the account, a recharge action only need 10 seconds to complete. Jingdong Mall of this bug was immediately the vast number of consumers found, and in the network was widely disseminated, triggered a netizen "leackage" upsurge. Until the same day online around 11:40, Jingdong Mall to fix the bug. Industry rumors, because of the loophole, Jingdong Mall lost more than 200 million yuan.
For the Beijing-East recharge platform points to change the error and loss of 200 million of the claim, Jingdong Mall public relations director Tan Xiaozi in an interview, said that the system bug's Recharge platform is 30th just online points to redeem the new business, the business is in the test period. "Jingdong Mall in the first time to successfully repair the bug, the current user can use points to redeem the relevant products." It is a rumor that the bug led to the loss of 200 million yuan in east Beijing. ”
Jingdong Mall in response to the security incident issued a written statement, Beijing East has been reported to the Public Security Department, the latter will be negotiated with the relevant users to resolve. For some malicious order users reserve the right to further investigate legal liability.
To investigate the legal responsibility of the statement, immediately caused by netizens onlookers. A netizen to the reporter spit Trough said: "The so-called negotiated settlement, is to force the cancellation of orders." Jingdong has been forced to withdraw orders several times before. The loophole is caused by his own mistakes, how can we ask the user to take responsibility. ”
Well-known IT industry legal experts Zhao occupation, said the Jingdong mall's bug accident, the accident is the Jingdong mall's own technical fault, but if netizens use this loophole for malicious steal brush, will assume the corresponding responsibility. "In two cases, one is that the user is unaware of the vulnerability, under the order and recharge successfully, this situation, the user is unjust enrichment, this issue can be negotiated to resolve; another situation is that the user knowingly is a loophole, and the use of loopholes in large numbers of orders, the amount of huge, may constitute a crime of theft, such users should bear the corresponding criminal responsibility. ”
Analysis
For the Internet field
Legislation is very urgent
With the network depth to all aspects of life, network security issues are more and more users of high concern. No. 1th Store 700,000 user information was leaked, Jingdong Mall because of the system bug stolen brush, similar situation in recent two years many times, making network information security encounter severe challenges.
China Electronic Commerce Research Center analyst Feng Lin pointed out that, because many electricity merchant website to use the member information material is the plaintext, but not the encryption preservation way, is very easy by the hacker or the company internal personnel obtains, thus causes the user information to leak out. "There are technical reasons for this, more for management reasons." "And for the Web site system vulnerabilities caused by network security incidents, Jinshan company security expert Tiejun said the responsibility of the site." "Jingdong related products before the test is not strict, is the cause of the bug." ”
For the site to disclose the user's personal information, due to the lack of relevant laws, as of now, it is still difficult to give the legal level of the qualitative. "Before many large websites have leaked information about users, but these companies do not assume the legal responsibility, which also makes the site has no incentive to strengthen the user information security work." Feng Lin said that the relevant laws and regulations should be promulgated as soon as possible to strengthen the legal awareness of Internet enterprises and netizens, and to promote the illegal costs, which is the basic policy to deal with network security accidents.
The site was stolen by a system bug, so far it is difficult to characterize. "A large number of netizens use system bugs, to achieve their own mobile phone recharge, or to the Q-currency recharge purposes, from the nature of the theft is indeed." Just as a warehouse door is not locked, passers-by go in and steal things. But many netizens believe that the virtual network of such behavior is not illegal, not to mention crime. Therefore, the crime in the Internet field, timely legislation, so that netizens set up a law-abiding consciousness, also appear very urgent. Guangdong Cotton Tree Drive law firm Peng Zhou lawyer told our correspondent.