After reading the following case, write a unified essay in which you perform the following tasks.
(1) Describes potential privacy, access control, or other security concerns for this online enterprise (find at least three concerns). (2) Discuss how you would address them. (3) Let's assume that your security concerns identified in (1) are realized and violate laws. Discuss types of federal, state, or international laws that we can apply to the events and justify your choice of the law(s)
[Case Study]
A music distributor has identified an opportunity to partner with mall operators who have setup kiosks in their malls. The opportunity is to utilize the high-speed links (both wire and wireless) and CD burners to sell music to customers. The customer sits down at the kiosk and listens to and selects music for purchase. The music is then downloaded onto a CD, USB drive, or into a MP3 player's memory.
However, about 30% of their customers frequently don't have the ready cash or a credit card with them. This is seen as a chance to offer an instant credit card and, not only to make the immediate sale, but also to get substantial revenue from card usage and the related information (this would be a private label card from a bank).
The system is modified to prompt the consumer for getting this 'special' credit card when they first start their purchase. And, they are prompted again if they don't have sufficient means of payment. If they accept, additional personal and financial information must be entered to complete the application for the credit card. If they are approved, the new card account can be used to pay for the original purchase
Some 'master kiosks' in malls actually have the ability to generate physical credit cards on the spot (these are smart cards in some cases). So, if the customer wishes, they can have the just-approved credit card generated at the master kiosk. The customer presents a transaction number at the kiosk to receive the card.