The collection of information and data about people is a characteristic of e-business transactions. e-Business marketplaces and portals derive value from data mining activities. Construction companies engaged in e-business will have to manage multiple risks relating to privacy; some relate to personal privacy concerns about their own firms, and others relate to concerns about infringement.
Construction companies wanting to engage in e-business transactions have to give away some information about the company for the purposes of authentication, and attribution; the question is how much information?
Online portals and marketplaces collect more information than is needed for legally authenticating an e-contracting party. They collect information through user registration forms, cookies and track companies’ ‘bidding behavior’. Who owns this information? Does the information collection process violate any privacy laws? This data mining operation presents a potential risk for construction companies engaging in e-business.
For risks relating to infringement, consider the case of a contractor engaging in e-procurement activities. The contractor keeps information about potential suppliers on the company IT system. It legitimately
uses this information to select appropriate bidders. To aid future estimating operations, the contractor records all historical bids on all suppliers who previously electronically bid for projects on its e-procurement system.
The historical database includes supplier information, historical bid prices, financial performance collected from pre-qualification forms, safety performance, comments about the supplier performance on previous projects, amongst other information. As a result of a security breach, or a virus, the contractor realizes that the information ended up with a third party – other than the contractor and suppliers. The contractor is liable to the supplier for the loss of information and distribution to other parties and the damages to the supplier that could ensue as a result of
Another variation to the same risk relates to using online marketplaces. An owner or a contractor places a Request for Proposals on one of the online marketplaces owned by a third party. Suppliers bid on the project
after entering information about their respective companies. The third party, owner and operator or the marketplace, have a security breach in which other people had access to stored information about this project
mistakenly. Though common sense indicates that the third party should be liable, the contractor or owner may realize that they signed a ‘click through’ agreement that limits the third party’s liability to such instances;
a bad situation to be in.