This Document Contains Chapters 7 to 8 Chapter 7 The Environment of Electronic Commerce: Legal, Ethical, and Tax Issues At a Glance Instructor’s Manual Table of Contents • Introduction • Learning Objectives • Teaching Tips • Quick Quizzes • Class Discussion Topics • Additional Projects • Additional Resources • Key Terms Lecture Notes Introduction Apple App Store gives iPhone and iPad users an easy and convenient way to purchase apps for their Apple smartphones and tablets, generating more than $10 billion in revenue for Apple each year. To make purchases more convenient, Apple decided to allow users purchase additional content for purchased apps for the first 15 minutes after a purchase without entering a password. This allowed children to purchase an unlimited amount of additional content which, in one case, led to a $2600 purchase in 15 minutes. Apple agreed to refund these and similar charges in 2013, but an FTC investigation ensued and in 2014 Apple paid $32.5 million to over 37,000 claims and made changes to the 15 minute purchase authorization terms. In 2015 the FTC began another investigation for the potential anticompetitive nature of Apple’s practice of adding 30% to any commercial transaction processed through an app purchased in the company’s App Store. The probe is ongoing and could prompt the U.S. Justice Department to launch its own investigation. Companies that do business on the Web expose themselves, often unwittingly, to liabilities that arise from today’s business environment. That environment includes laws and ethical considerations that may be different from those with which the business is familiar. As companies do business online, they can find themselves subject to unfamiliar laws and different ethical frameworks much more rapidly than when they operated in familiar physical domains. Learning Objectives In this chapter, your students will learn: • How the legal environment affects electronic commerce activities • What elements combine to form an online business contract • When copyright, patent, and trademark laws govern the use of intellectual property online • How the Internet has opened doors for online crime, terrorism, and warfare • What ethics issues arise for companies conducting electronic commerce • Ways to resolve conflicts between companies’ desire to collect and use their customers’ data and the privacy rights of those customers • How taxes are levied on electronic commerce activities Teaching Tips The Legal Environment of Electronic Commerce 1. Explain that businesses that operate on the Web must comply with the same laws and regulations that govern the operations of all businesses. If they do not, they face the same penalties – including fines, reparation payments, court-imposed dissolution, and even jail time for officers and owners – that any business faces. 2. Describe the two additional complicating factors businesses operating on the Web face as they try to comply with the law. First, the Web extends a company’s reach beyond traditional boundaries and second the Web increases the speed and efficiency of business communications. Borders and Jurisdiction 1. Use Figure 7-1 to discuss the relationships among a society’s culture, laws, and ethical standards. Explain that culture affects laws directly and indirectly through its effect on ethical standards. Also, note that laws and ethical standards affect each other. 2. Emphasize that legal scholars define the relationship between geographic boundaries and legal boundaries in terms of four elements: power, effects, legitimacy, and notice. Power 1. Explain that power is a form of control over physical space and the people and objects that reside in that space, and is a defining characteristic of statehood. 2. Introduce the term jurisdiction. 3. Note that laws in the physical world do not apply to people who are not located in or do not own assets in the geographic area that created those particular laws. 4. Point out that the level of power asserted by a government is limited to that which is accepted by the culture that exists within its geographic boundaries. Effects 1. Laws in the physical world are grounded in the relationship between physical proximity and the effects, or impact, of a person’s behavior. 2. Mention that the characteristics of laws are determined by the local culture’s acceptance or rejection of various kinds of effects. 3. Students should understand that once businesses began operating online, they found that traditional effects-based measures did not apply and that the laws based on these measures did not work well either. Legitimacy 1. Point out that legitimacy is the idea that those subject to laws should have some role in formulating them. 2. Explain that online businesses must be ready to deal with a wide variety of regulations and levels of enforcement of those regulations as they expand their businesses to other countries. Notice 1. Physical boundaries are a convenient and effective way to announce the ending of one legal or cultural system and the beginning of another. The physical boundary, when crossed, provides notice that one set of rules has been replaced by a different set of rules. 2. People receive constructive notice that they have become subject to new laws and cultural norms when they cross an international border, even if they are not specifically warned of the changed laws and norms by a sign or a border guard’s statement. 3. The concept of notice – even constructive notice– does not translate very well to online business. 4. Refer to Figure 7-2 to illustrate the relationship between physical geographic boundaries and legal boundaries in terms of these four elements. Jurisdiction on the Internet 1. Explain that the tasks of defining, establishing, and asserting jurisdiction are much more difficult on the Internet than they are in the physical world, mainly because traditional geographic boundaries do not exist. 2. Introduce the terms contract, breach of contract, tort, and sufficient jurisdiction. Subject-Matter Jurisdiction 1. Note that in the U.S. federal courts have subject-matter jurisdiction over issued governed by federal law and state courts have jurisdiction over state laws. 2. If the parties to a contract are both located in the same state, a state court has subject-matter jurisdiction over disputes that arise from the terms of that contract. Teaching Tip To learn more about subject matter jurisdiction, see: http://www.law.cornell.edu/wex/subject_matter_jurisdiction Personal Jurisdiction 1. Introduce personal jurisdiction by noting that in general, it is determined by the residence of the parties. 2. Introduce the term forum selection clause. Refer to Figure 7-3 to illustrate a typical forum selection clause that might be used on a Web site. 3. Introduce the terms long-arm statutes, negligent tort, and intentional tort. Jurisdiction in International Commerce 1. Discuss the topic of jurisdiction in international commerce. 2. Introduce the term judicial comity. 3. Emphasize that jurisdictional issues are complex and change rapidly. Any business that intends conduct business online with customers or vendors in other countries should consult an attorney who is well versed in issues of international jurisdiction. Conflict of Laws 1. Note that in the United States, business is governed by federal laws, state laws, and local laws. Sometimes, these laws address the same issues in different ways. Lawyers call this situation a conflict of laws. 2. Explain that, since online businesses usually serve broad markets that span many localities and many states, they generally look to federal laws for guidance. On occasion, this can lead to problems with state and local laws. 3. Discuss the online wine sales industry in terms of the conflict of laws issue it faced. Contracting and Contract Enforcement in Electronic Commerce 1. Introduce the terms offer, acceptance, consideration, and implied contract. Creating Contracts: Offers and Acceptances 1. Describe the ways in which offers and acceptances are communicated using the Internet. 2. Review the contracting process on an online sale in Figure 7-4. 3. Note that when enforcing contracts, courts tend to view offers and acceptances as actions that occur within a particular context. Click-Wrap and Web-Wrap Contract Acceptances 1. Introduce the terms end-user license agreements (EULAs) and shrink-wrap acceptance. 2. Note that today a Web site user can agree to a site’s EULA or its terms and conditions by clicking a button on the Web site (called a click-wrap acceptance) or by simply using the Web site (called a Web-wrap acceptance or browser-wrap acceptance). Teaching Tip For related information, read and discuss Negotiating the Risks of Click-, Shrink- and Browse-Wrap User Agreements:http://www.law.com/jsp/lawtechnologynews/PubArticleLTN.jsp?id=1202546773896&slreturn=1#postComment Terms of Service Agreements 1. Point out that many Web sites have stated rules that site visitors must follow, although most visitors are not aware of these rules. 2. Introduce the term terms of service (ToS). Creating Written Contracts on the Web 1. Note that contracts are generally valid even if they are not in writing or signed but that certain categories of contracts are not enforceable unless written and signed by both parties. 2. Introduce the terms Statute of Frauds, writing, and signature. Implied Warranties and Warranty Disclaimers on the Web 1. Introduce the terms implied warranty and warranty disclaimer. 2. Refer to Figure 7-5 to illustrate a portion of a sample warranty disclaimer for a Web site. Authority to Form Contracts 1. Remind students that a contract is formed when an offer is accepted for consideration. 2. Note that problems can arise when the acceptance is issued by an imposter or someone who does not have the authority to bind the company to a contract. 3. Mention that digital signatures may be used to avoid identity problems. 4. Introduce the term authority to bind. Quick Quiz 1 1. ____ is a form of control over physical space and the people and objects that reside in that space and is a defining characteristic of statehood. Answer: Power 2. The ability of a government to exert control over a person or corporation is called ____. Answer: jurisdiction 3. ____ is the idea that those subject to laws should have some role in formulating them. Answer: Legitimacy 4. A(n) ____ is a promise or set of promises between two or more legal entities– people or corporations– that provides for an exchange of value (goods, services, or money) between or among them. Answer: contract Use and Protection of Intellectual Property in Online Business 1. Introduce the terms intellectual property and right of publicity. Teaching Tip To learn more about intellectual property issues related to electronic commerce, see: http://www.wipo.int/sme/en/e_commerce/index.htm. Copyright Issues 1. Define the term copyright. 2. Mention most U.S. Web pages are protected by the automatic copyright provision of the law because they arrange the elements of words, graphics, and HTML tags in a way that creates an original work. 3. In addition, many Web pages have been registered with the U.S. Copyright Office.. This creates a potential problem because of the way the Web works. 4. Explain the concept of fair use. 5. Refer to Figure 7-6 to illustrate the text of the U.S. law that creates the fair-use exception. Teaching Tip To learn more about fair use, see: http://www.copyright.gov/fls/fl102.html. 6. Describe some recent issues with copyright law related to vicarious copyright infringement, including file sharing Web sites such as Napster. Patent Issues 1. Define the term patent and discuss the type of patent that is of interest to companies engaging in electronic commerce: the business process patent. 2. Mention that business process patents are common only in the United States. 3. Introduce the terms patent assertion entities or patent trolls. Trademark Issues 1. Introduce the terms trademark, service mark, trade name, common law, and statutory law. 2. Mention that Web site designers must be very careful not to use any trademarked name, logo, or other identifying mark without the express permission of the trademark owner. Teaching Tip To learn more about trademarks, see: http://www.uspto.gov/trademarks/index.jsp. Domain Names and Intellectual Property Issues 1. Introduce the terms cybersquatting and name changing(also called typo squatting). 2. Point out that since 1999, the U.S. Anticyber squatting Consumer Protection Act has prevented businesses’ trademarked names from being registered as domain names by other parties. 3. Mention that disputes that arise when one person has registered a domain name that is an existing trademark or company name are settled by the World Intellectual Property Organization (WIPO). 4. Explain that a dispute can arise when a business has a trademark that is a common term. If a person obtains the domain name containing that common term, the owner of the trademark must seek resolution at World Intellectual Property Organization (WIPO). 5. Introduce the terms name stealing and domain name ownership change. Protecting Intellectual Property Online 1. Introduce the terms digital watermark and copy control. Teaching Tip To learn more about digital watermarking and mobile devices, refer to the article, “Beyond QR Codes Digital watermarks provide unobtrusive product information”: http://www.stores.org/STORES%20Magazine%20September%202013/beyond-qr-codes. Defamation 1. Introduce the terms defamatory, product disparagement, and per se defamation. 2. Note that an important exception in U.S. law exists for statements that are defamatory but that are about a public figure (such as a politician or a famous actor). The law allows consider able lee way for statements that are satirical or that are valid expressions of personal opinion. Deceptive Trade Practices 1. Students should understand that Web sites that include links to other sites must be careful not to imply a relationship with the companies sponsoring the other sites unless such a relationship actually exists. 2. Introduce the term trademark dilution. Advertising Regulation 1. Note that in the United States, advertising is regulated primarily by the Federal Trade Commission (FTC). The FTC publishes regulations and investigates claims of false advertising. 2. Explain that other federal agencies have the power to regulate online advertising in the United States. These agencies include the Food and Drug Administration (FDA), the Bureau of Alcohol, Tobacco, and Firearms (BATF), and the Department of Transportation (DOT). Quick Quiz 2 1. ____ is a general term that includes all products of the human mind. Answer: Intellectual property 2. A(n) ____ is a right granted by a government to the author or creator of a literary or artistic work. Answer: copyright 3. An entity becomes liable for ____ if it is capable of supervising the infringing activity and obtains a financial benefit from the infringing activity. Answer: vicarious copyright infringement 4. A(n) ____ is an exclusive right granted by the government to an individual to make, use, and sell an invention. Answer: patent Online Crime, Terrorism, and Warfare 1. Ask your students to share their reactions about people who have found the Internet to be a useful tool for perpetrating crimes, conducting terrorism, and even waging war. Online Crime: Jurisdiction Issues 1. Point out that the difficulty of prosecuting fraud perpetrators across international boundaries has always been an issue for law enforcement officials. Note that the Internet has given new life to old fraud scams that count on jurisdictional issues to slow investigations of crimes. Teaching Tip Review Internet crime prevention tips: http://www.ic3.gov/preventiontips.aspx. 2. Introduce the term advance fee fraud. 3. Explain why enforcing laws against the distribution of pornographic material has been difficult because of jurisdiction issues. 4. Discuss jurisdiction issues in the case of online gambling. New Types of Online Crime 1. Introduce the terms cyberbullying and sexting. 2. Discuss the vulnerability of smaller companies to infiltration of computer systems. Also, point out that large businesses are not immune to these activities. Teaching Tip Invite students to share recent news stories in which the Internet has assisted law agencies in tracking down perpetrators of crimes. Online Warfare and Terrorism 1. Students should be aware that a considerable number of Web sites currently exist that openly support or are operated by hate groups and terrorist organizations. Ethical Issues 1. Explain that in general, advertising or promotion on the Web should include only true statements and should omit any information that could mislead potential purchasers or wrongly influence their impressions of a product or service. Ethics and Online Business Policies 1. Note that in the United States, organizations are not legally bound to limit their use of information collected through their Web sites. They may use the information for any purpose, including the sale of that information to other organizations. Privacy Rights and Obligations 1. Explain that in recent years, a number of legislative proposals have been advanced that specifically address online privacy issues, but, thus far, none have withstood constitutional challenges. 2. Point out that ethics issues are significant in the area of online privacy because laws have not kept pace with the growth of the Internet and the Web. 3. Note that differences in cultures throughout the world have resulted in different expectations about privacy in electronic commerce. 4. Mention that one of the major privacy controversies in the United States today is the opt-in versus opt-out issue. Introduce the terms opt-in and opt-out. 5. Refer to Figure 7-7 to illustrate an example Web page that presents a series of opt-in choices to site visitors. 6. Refer to Figure 7-8 to illustrate the opt-out approach. Teaching Tip The following link provides information about Opt-In Laws in the USA and EU: http://www.lsoft.com/resources/optinlaws.asp Communications with Children 1. Inform students that an additional set of privacy considerations arises when Web sites attract children and engage in any form of communication with those children. 2. Explain that many people are concerned about children’s ability to read and evaluate privacy statements and then consent to providing personal information to Web sites. 3. Discuss the Children’s Online Privacy Protection Act of 1998 (COPPA), which provides restrictions on data collection that must be followed by electronic commerce sites aimed at children. 4. Refer to Figure 7-9 to illustrate how the Sanrio site encourages visitors to notify the company that operates the site if they know a child who has gained access to the site in violation of COPPA. 5. Review the set of rules and new requirements the FTC issued in 2013 that clarified existing requirements under COPPA. 6. Note that even companies that do not focus on children need to be aware of the COPPA provisions by discussing the fine the FTC levied on Yelp! In 2014. Taxation and Electronic Commerce 1. Emphasize that companies that do business on the Web are subject to the same taxes as any other company. 2. Introduce the terms income taxes, transaction taxes, transfer taxes and property taxes. Nexus 1. Introduce the term nexus. 2. Note that companies that do business in more than one country face national nexus issues. If accompany undertakes sufficient activities in a particular country, it establishes nexus with that country and becomes liable for filing tax returns in that country. U.S. Income Taxes 1. Explain that a basic principle of the U.S. tax system is that any verifiable increase in a company’s wealth is subject to federal taxation. Thus, any company whose U.S.-based Web site generates income is subject to U.S. federal income tax. 2. Make sure students understand that if a company conducts activities in several states, it must file tax returns in all of those states and apportion its earnings in accordance with each state’s tax laws. U.S. State Sales Taxes 1. It is important to note that businesses that establish nexus with a state must file sales tax returns and remit the sales tax they collect from their customers. 2. Define the term use tax. Teaching Tip Note that, in the United States, different states have different use tax policies and rates. 3. Introduce the term Amazon laws. 4. Explain that many of the states have joined together to create the Streamlined Sales and Use Tax Agreement (SSUTA). Import Tariffs 1. Introduce the terms tariff or customs duty or duty. European Union Value Added Taxes 1. Note that companies based in European Union (EU) countries must collect Value Added Tax (VAT) on digital goods no matter where in the EU the products are sold. This legislation has attracted the attention of companies based outside of the EU that sell digital goods to consumers based in one or more EU countries. Quick Quiz 3 1. ____ can include threats, sexual remarks, or pejorative comments transmitted on the Internet or posted on Web sites (social networking sites are often used for such postings). Answer: Cyberbullying 2. ____ are levied by states and local governments on the personal property and real estate used in the business. Answer: Property taxes 3. A(n) ____ is a tax levied by a state on property used in that state that was not purchased in that state. Answer: use tax 4. A(n) ____ is a tax levied on products as they enter the country. Answer: tariff, customs duty, duty Class Discussion Topics 1. What measures can be taken to protect children on the Web? 2. Discuss the role of ethics when formulating Web business policies. Additional Projects 1. In about 300 words, discuss the steps that you would take to reduce the level of online cyberbullying. 2. You are the owner of a registered trademark, and you just discovered that the domain name is being held hostage for a large sum of money. In approximately 300 words, discuss the steps that you would take to stop the cyber squatter. Additional Resources 1. Copyright infringement: http://www.copyright.gov/title17/92chap5.html 2. Cyber Extortion: http://resources.infosecinstitute.com/cyber-extortion/ 3. Guide To Patenting And USPTO Patent Applications: http://inventors.about.com/od/patentinfringement/a/Infringement.htm 4. Trademark Infringement: http://www.uspto.gov/page/about-trademark-infringement Key Terms Acceptance: the expression of willingness to take an offer, including all of its stated terms. Advance fee fraud: the perpetrator offers to share the proceeds of some large payoff with the victim if the victim will make a “good faith” deposit or provide some partial funding first. Amazon laws: state laws that require online retailers to collect and remit sales taxes on sales they make in their states, even though the online retailers do not have nexus with the state. Authority to bind: can arise when an employee of a company accepts a contract and the company later asserts that the employee did not have such authority to do so. Breach of contract: occurs when either party to a contract does not comply with the terms of the contract; the other party can sue for failure to comply. Browser-wrap acceptance: agreeing to a site’s EULA or its terms and conditions by using a Web site. Business process patent: protects a specific set of procedures for conducting a particular business activity, and is quite controversial. Click-wrap acceptance: agreeing to a site’s EULA or its terms and conditions by clicking a button on the Web site. Common law: the part of British and U.S. law established by the history of court decisions that has accumulated over many years. Conflict of laws: in the United States, business is governed by federal laws, state laws, and local laws. Sometimes, these laws address the same issues in different ways. Consideration: the agreed upon exchange of something valuable, such as money, property, or future services. Constructive notice: received by people that have become subject to new laws and cultural norms when they cross an international border, even if they are not specifically warned of the changed laws and norms by a sign or a border guard’s statement. Contract: a promise or set of promises between two or more legal entities - people or corporations - that provides for an exchange of value (goods, services, or money) between or among them. Cookies: small text files placed on Web client computers to identify returning visitors. Copy control: an electronic mechanism for limiting the number of copies that one can make of a digital work. Copyright: a right granted by a government to the author or creator of a literary or artistic work. Customs duty: a tax levied on products as they enter the country. Cyberbullying: young people can use technology to harass, humiliate, threaten, and embarrass each other. Cybersquatting: the practice of registering a domain name that is the trademark of another person or company in the hopes that the owner will pay huge amounts of money to acquire the URL. Defamatory: a statement that is false and that injures the reputation of another person or company. Digital watermark: a digital code or stream embedded undetectably in a digital image or audio file. Domain name ownership change: occurs when owner information maintained by a public domain registrar is changed in the registrar’s database to reflect a new owner’s name and business address. Duty: a tax levied on products as they enter the country. End-user license agreements (EULAs):a contract that the user must accept before installing the software. Fair use: copying copyrighted work for use in criticism, comment, news reporting, teaching, scholarship, or research. Forum selection clause: a contract that includes a statement that the contract will be enforced according to the laws of a particular state. Implied contract: formed by two or more parties that act as if a contract exists, even if no contract has been written and signed. Implied warranty: promise to which the seller can beheld even though the seller did not make an explicit statement of that promise. Income taxes: levied by national, state, and local governments on the net income generated by business activities. Intellectual property: a general term that includes all products of the human mind. These products can be tangible or intangible. Intentional tort: when the seller knowingly or recklessly causes injury to the buyer. Judicial comity: principle followed by courts when they voluntarily enforce other countries’ laws or judgments out of a sense of comity, or friendly civility. Jurisdiction: the ability of a government to exert control over a person or corporation. Legitimacy: the idea that those subject to laws should have some role in formulating them. Long-arm statutes: individual states have laws that can create personal jurisdiction for their courts. Name changing: a problem that occurs when someone registers purposely misspelled variations of well-known domain names. These variants sometimes lure consumers who make typographical errors when entering a URL. Name stealing: occurs when someone other than a domain name’s owner changes the ownership of the domain name. Negligent tort: the seller unintentionally provides a harmful product. Nexus: the connection between a tax-paying entity and a government. Notice: the expression of a change in rules. Offer: a commitment with certain terms made to another party, such as a declaration of willingness to buy or sell a product or service. Opt-in: in this approach, the company collecting the information assumes that the customer does not object to the company’s use of the information unless the customer specifically chooses to deny permission. Opt-out: the company collecting the information does not use the information for any other purpose (or sell or rent the information) unless the customer specifically chooses to allow that use (that is, to opt in and grant permission for the use). Patent: an exclusive right granted by the government to an individual to make, use, and sell an invention. Patent assertion entity: a person or company who buys patents from the original inventors and then enforce the rights granted by the patents by suing others who use the patents without permission. Patent troll: a person or company who buys patents from the original inventors and then enforce the rights granted by the patents by suing others who use the patents without permission. Per se defamation: a court deems some types of statements to be so negative that injury is assumed. Personal jurisdiction: in general, determined by the residence of the parties. Power: a form of control over physical space and the people and objects that reside in that space; a defining characteristic of statehood. Product disparagement: occurs if the statement injures the reputation of a product or service instead of a person. Property taxes: levied by states and local governments on the personal property and real estate used in the business. Right of publicity: a limited right to control others’ commercial use of an individual’s name, image, likeness, or identifying aspect of identity. Service mark: similar to a trademark, but it is used to identify services provided. Sexting: the illegal practice of sending sexually explicit messages or photos using a mobile phone. Shrink-wrap acceptance: the practice of accepting the conditions of the EULA by removing the shrink-wrap from the box. Signature: any symbol executed or adopted for the purpose of authenticating a writing. Statute of Frauds: specifies that contracts for the sale of goods worth more than $500 and contracts that require actions that cannot be completed within one year must be created by a signed writing. Statutory law: arises when elected legislative bodies pass laws, which are also statutes. Streamlined Sales and Use Tax Agreement (SSUTA): an agreement between U.S. states that would simplify state sales taxes by making the various state tax codes more congruent with each other while allowing each state to set its own rates. Subject-matter jurisdiction: a court’s authority to decide a particular type of dispute. Sufficient jurisdiction: when a court has both subject-matter jurisdiction and personal jurisdiction. Tariff: a tax levied on products as they enter the country. Terms of service (ToS): detailed rules and regulations intended to limit the Web site owner’s liability for what you might do with information you obtain from the site. Tort: an intentional or negligent action (other than breach of contract) taken by a legal entity that causes harm to another legal entity. Trade name: the name (or a part of that name) that a business uses to identify itself. Trademark: a distinctive mark, device, motto, or implement that a company affixes to the goods it produces for identification purposes. Trademark dilution: the reduction of the distinctive quality of a trademark by alternative uses. Transaction taxes: sales taxes, use taxes, and excise taxes that are levied on the products or services that a company sells or uses. Transfer taxes: sales taxes, use taxes, and excise taxes that are levied on the products or services that a company sells or uses. Typo squatting: a problem that occurs when someone registers purposely misspelled variations of well-known domain names. These variants sometimes lure consumers who make typographical errors when entering a URL. Use tax: a tax levied by a state on property used in that state that was not purchased in that state. Vicarious copyright infringement: an entity becomes liable if it is capable of supervising the infringing activity and obtains a financial benefit from the infringing activity. Warranty disclaimer: a statement declaring that the seller will not honor some or all implied warranties. Web-wrap acceptance: agreeing to a site’s EULA or its terms and conditions by using a Web site. Writing: exists when the terms of a contract have been reduced to some tangible form. Chapter 8 Web Server Hardware and Software At a Glance Instructor’s Manual Table of Contents • Introduction • Learning Objectives • Teaching Tips • Quick Quizzes • Class Discussion Topics • Additional Projects • Additional Resources • Key Terms Lecture Notes Introduction Israel’s Channel 2 News produces content for the daily evening television news as well as news and current affairs programming for other Channel 2 shows, Web sites and its mobile device app. Both the Web site and mobile app offer significant numbers of high-resolution photographs and video clips. The operation of an online news organization faces wide variations in interest level and the accompanying need for Internet bandwidth. When demand was high and users overloaded the system, they would often experience delays or pauses in video playbacks on their devices. The wide variation in the volume of Internet traffic made planning for and implementing an optimal Web server configuration difficult To solve this problem, Channel 2 contracted with Google Cloud Computing to store its content on their Web servers. Cloud computing services provide a way for companies with wide variations in their Internet traffic to buy availability on the service provider’s servers, avoiding making an investment in their own servers that would be unused most of the time. Learning Objectives In this chapter, your students will learn: • How a Web server performs its basic functions • What operating system and server software is used on Web servers • How to identify and manage e-mail and spam control issues • How commonly used Internet and Web site utility programs work • What hardware online businesses use to power their Web sites • How cloud computing and content delivery networks are providing new Web infrastructure options for online businesses Teaching Tips Web Server Basics 1. Introduce this topic by explaining the function of a Web server. 2. Explain that when people use Web browser software to become part of the Web, their computers become Web client computers on a worldwide client/server network. 3. Introduce the term platform neutrality. Use Figure 8-1 to illustrate how the Web’s platform neutrality provides multiple interconnections among a wide variety of client and server computers. 4. Point out that the job of a Web server computer is to respond to requests from Web client computers. 5. Explain the three main elements of a Web server: the hardware (computers and related components), operating system software, and Web server software. Dynamic Content Generation 1. Introduce the terms static page, dynamic page, and dynamic content. Teaching Tip To learn more, refer to the article, The Pros and Cons of Static and Dynamic Web Pages:http://page.ezinemark.com/the-pros-and-cons-of-static-and-dynamic-web-pages-1681fcd0c2a.html 2. Note that dynamic content can give the user an interactive experience with the Web site. The text, graphics, form fields, and other Web page elements can change in response to user input or other variables. 3. Describe the difference between client-side scripting and server-side scripting. 4. Introduce the most common software tools used to create dynamic Web pages such as Microsoft’s ASP.NET, Apache Software Foundation’s Hypertext Preprocessor (PHP), Abode’s ColdFusion, AJAX, Ruby on Rails, Python and Scala. Teaching Tip To learn more about AJAX, see: http://www.w3schools.com/Ajax/Default.Asp Multiple Meanings of “Server” 1. Introduce the terms server, server software, e-mail server, database server, and transaction server. Web Client/Server Architecture 1. Explain that when a person uses a Web browser to visit a Web site, the Web browser (also known as a Web client)requests files from the Web server at the company or organization that operates the Website. 2. Introduce the term two-tier client/server architecture. 3. Use Figure 8-2 to illustrate how a Web client and a Webserver communicate with each other in a two-tier client/server architecture. 4. Introduce the terms request message, request line, request headers, entity body, response message, response header line, and response header field. Describe the function of each of these elements in terms of communication between a client and server. Note that some of the elements such as the request headers and entity body are optional. 5. Introduce the term three-tier architecture. Describe the advantages of a three-tier network over two tiers. 6. Use Figure 8-3 to illustrate how information flows in a three-tier architecture. 7. Define the term n-tier architecture. Quick Quiz 1 1. A(n) ____ is a Web page whose content is shaped by a program in response to user requests. Answer: dynamic page 2. (True or False) Python is a scripting language that can also be used in dynamic Web page generation. Answer: True 3. A(n) ____ is any computer used to provide files or make programs available to other computers connected to it through a network (such as a LAN or a WAN). Answer: server 4. The message that a Web client sends to request a file or files from a Web server is called a(n) ____. Answer: request message Software for Web Servers 1. In this section, students will learn about the operating system software used on most Web servers, the Web server software itself, and other programs, such as Internet utilities and e-mail software that companies often run on Web servers or other computers as part of electronic commerce operations. Operating Systems for Web Servers 1. Note that, for large systems, the operating system’s responsibilities include keeping track of multiple users logged onto the system and ensuring that they do not interfere with one another. 2. Describe commonly used operating systems, including Microsoft Windows Server products, Linux, or UNIX-based operating systems. Web Server Software 1. Use Figure 8-4 to discuss the percentage of active Web sites that use major Web server software products. Apache HTTP Server 1. Point out that the Apache HTTP Server has dominated the Web since it became widely available because it is free, performs efficiently, and has a large number of knowledgeable users who contribute technical advice to online discussion forums, wikis, and blogs. Teaching Tip To learn more about Apache, see: http://www.apache.org/ Microsoft Internet Information Server 1. Explain that IIS is used on many corporate intranets because many companies have adopted Microsoft products as their standard products. Electronic Mail (E-Mail) 1. In this section, your students will learn more about e-mail and the technologies used to implement it on the Internet. E-Mail Benefits 1. Describe the benefits of using e-mail. 2. Introduce the term attachments. 3. Point out that today, e-mail is the most popular form of business communication– far surpassing the telephone, conventional mail, and fax in volume. E-Mail Drawbacks 1. Note that one annoyance associated with e-mail is the amount of time that businesspeople spend answering their e-mail today. 2. Introduce the term computer virus(virus)and explain how computer viruses are transmitted through e-mail. 3. Introduce the term spam. Spam 1. Use Figure 8-5 to illustrate the proportion of all e-mail entering business e-mail servers that has been spam during the years in which e-mail has been widely used. Teaching Tip Encourage students to relate their own spam-fighting strategies. Solutions to the Spam Problem 1. Emphasize that as long as it remains inexpensive to send e-mails (and thus, spam), the benefits reaped by spammers will remain sufficient to make it an attractive enterprise. Individual User Antispam Tactics 1. Individuals can reduce the likelihood that a spammer can automatically generate their e-mail addresses. Individuals can also control the exposure of an e-mail addresses. Some individuals maintain multiple e-mail addresses to thwart spam. Other approaches use one or more techniques that filter e-mail messages based on their contents. Basic Content Filtering 1. Introduce the terms client-level filtering, server-level filtering, black list spam filter, white list spam filter, and false positives. Challenge-Response Content Filtering 1. Introduce the term challenge-response. Refer to Figure 8-6 as an example. 2. Review the major drawback to challenge-response systems. Advanced Content Filtering 1. Note that many advanced content filters operate by looking for spam indicators throughout the e-mail message. 2. Introduce the terms Bayesian revision and naïve Bayesian filter. Legal Solutions 1. Note that the U.S. CAN-SPAM law regulates all e-mail messages sent for the primary purpose of advertising or promoting a commercial product or service. 2. Describe the main provisions in the U.S. CAN-SPAM law. Discuss actions that can allow for fines and criminal penalties under the law. 3. Emphasize that legal solutions to the spam problem have achieved only limited success in reducing spam because it is expensive for governments to prosecute spammers. Technical Solutions 1. Review technical strategies for fighting spam. 2. Introduce the term teer grubing and the concerns regarding its use. 3. Mention the Internet Engineering Task Force working group discussions. Teaching Tip Encourage students to visit the CAPTCHA Project site at Carnegie Mellon University for more information about challenge response. Quick Quiz 2 1. A program that attaches itself to another program and can cause damage when the host program is activated is known as a(n) ____. Answer: computer virus, virus 2. A(n) ____ looks for From addresses in incoming messages that are known to be spammers. Answer: black list spam filter 3. A(n) ____ examines From addresses and compares them to a list of known good sender addresses. Answer: white list spam filter 4. ____ is a statistical technique in which additional knowledge is used to revise earlier estimates of probabilities. Answer: Bayesian revision Web Site Utility Programs 1. Note that in addition to Web server software, people who develop Web sites work with a number of utility programs, or tools. Mention that e-mail was one of the earliest Internet utility programs and it has become one of the most important. 2. In this section, your students will learn about several of these programs and see examples of how they work. Tracert and Other Route-Tracing Programs 1. Introduce the term tracert. 2. Explain that a tra cert provides an indication of the time it takes a message to travel from one computer to another and back, ensure that the remote computer is online, and pinpoint any data traffic congestion. 3. Use Figure 8-7 to illustrate a route traced from a Cox Cable network in Connecticut to one of the BBC’s Web servers in London using the Tra cert program on a Windows PC. Teaching Tip To learn more about tra cert: http://pcsupport.about.com/od/commandlinereference/p/tracert-command.htm. Telnet and FTP Utilities 1. Describe the Telnet program. 2. Describe the File Transfer Protocol (FTP). Indexing and Searching Utility Programs 1. Explain that, when a browser requests a Web site search, the search engine compares the index terms to the requester’s search term to see which documents contain matches for the requested term or terms. Data Analysis Software 1. Introduce the term Web log file. 2. Briefly describe the use of third party Web log file analysis programs. Link-Checking Utilities 1. Introduce the terms dead link, link rot, link checker and orphan files. Remote Server Administration 1. Note that, with remote server administration, a Web site administrator can control a Web site from any Internet-connected computer. Web Server Hardware 1. Note that organizations use a wide variety of computer brands, types, and sizes to host their online operations. Very small companies can run Web sites on desktop PCs. 2. Point out that most electronic commerce Web sites are operated on computers designed specifically for the task of Web site hosting, however. Server Computers 1. Explain that Web server computers generally have more memory, larger (and faster) hard disk drives, and faster processors than the typical desktop computer. 2. Introduce the term blade servers. Use Figure 8-8 to illustrate a set of rack-mounted blade servers. Teaching Tip To learn more about Lenovo blade servers: http://shop.lenovo.com/us/en/systems/servers/blades/bladecenter/ Web Servers and Green Computing 1. Introduce the term green computing. 2. Provide examples of companies that operate large numbers of Web server computers and how they are minimizing the impact of using so much electricity and heat. Web Server Performance Evaluation 1. Introduce the terms benchmarking, throughput, response time, and server architectures. Web Server Hardware Architectures 1. Note that many electronic commerce sites require more than one computer within each tier. 2. Introduce the terms server farms, centralized architecture, and distributed architecture (more commonly a decentralized architecture). Review Figure 8-9 to aid in explaining these approaches. Load-Balancing Systems 1. Introduce the term load-balancing switch. 2. Point out that in a simple load-balancing system, the traffic that enters the site from the Internet through the site’s router encounters the load balancing switch, which then directs the traffic to the Web server best able to handle the traffic. 3. Use Figures 8-10 and 8-11 to illustrate basic and complex load-balancing systems. Cloud Computing 1. Introduce the term cloud computing and point out benefits and cost savings to organizations of using it. 2. Introduce the terms infrastructure as a service (IaaS), platform as a service (Paas) and hybrid cloud computing. Content Delivery Networks 1. Introduce the term latency and discuss how online businesses have turned to content delivery networks (CDNs) to combat the problem. Quick Quiz 3 1. ____ is strategy where large firms move large-volume, routine work to a cloud provider but retain their more sensitive data and processes on internal servers. Answer:Hybrid cloud computing 2. ____ sends data packets to every computer on the path (Internet) between one computer and another computer and clocks the packets’ round-trip times. Answer: Tra cert 3. A(n) ____ is a file on the Web server that is not linked to any Web page. Answer: orphan file 4. ____is the number of HTTP requests that a particular hardware and software combination can process in a unit of time. Answer: Throughput 5. ____ is the amount of time a server requires to process one request. Answer: Response time Class Discussion Topics 1. Discuss the financial implications of spam. 2. How is benchmark testing conducted? 3. Discuss how the ability of cloud computing impacts businesses of different sizes. Additional Projects 1. Imagine that you are advising a small retail company building an e-commerce Web site. What type of Web server hardware and software would you recommend and why? 2. In an Osterman Research survey published January 2014,it was found that decision makers are concerned about a range of issues related to the security of their networks in the context of how email, Web applications, and social media are used. As a result, security for all of the venues through which threats could enter into or data could leak from an organization must be addressed as an issue of the utmost importance. E-mail, Web, and social media tools are pervasive in the vast majority of organizations. For example, Osterman Research has found that the typical information worker spends 153 minutes per day working in email and 51 minutes in social media – 42.5 percent of a typical eight-hour workday – not to mention the various work-related and personal use of the Web that takes place on a daily basis. Consequently, security for all of these tools must be of paramount concern for decision makers because of the substantial opportunity that they represent for ingress of malware and other threats. Source: Best Practices in Email, Web and Social Media Security http://www2.trustwave.com/rs/trustwave/images/Best_Practices_in_Email_Web_and_Social_Media_Security_Trustwave.pdf Read the entire white paper and write a 300-500 word paper summarizing the main ideas. 3. Cloud computing allows companies to gain the benefits of software without having to install hardware and maintain it. Read the following articles to explore other considerations surrounding cloud computing: A. Cloud Computing Saves Energy http://www.scientificamerican.com/article/cloud-computing-saves-energy B. Public Cloud Computing Saves Energy http://cloudtimes.org/2013/07/03/public-cloud-computing-saves-energy/ C. 10 Benefits of Cloud Computing https://www.salesforce.com/uk/blog/2015/11/why-move-to-the-cloud-10-benefits-of-cloud-computing.html D. Cloud computing raises new ethics, sustainability questions Cloud Computing - Is it Really All That Beneficial?: Advantages and Disadvantages of Cloud Computing: http://mobiledevices.about.com/od/additionalresources/a/Cloud-Computing-Is-It-Really-All-That-Beneficial.htm Answer these questions: • How does cloud computing contribute to green computing? • What are some negative aspects of cloud computing? • What additional impacts do you perceive as cloud computing continues to expand? Additional Resources 1. Telnet applications: http://www.telnet.org/htm/applications.htm 2. 2015 Internet Security Report: https://www4.symantec.com/mktginfo/whitepaper/ISTR/21347932_GA-internet-security-threat-report-volume-20-2015-social_v2.pdf 3. Understanding Load Balancing:http://www.liquidweb.com/kb/understanding-load-balancing 4. What is Cloud Computing? http://www.pcmag.com/article2/0,2817,2372163,00.asp 5. The 100 Coolest Cloud Computing Vendors of 2016: http://www.crn.com/news/cloud/300079585/the-100-coolest-cloud-computing-vendors-of-2016.htm Key Terms Attachments: documents, pictures, movies, worksheets, or other information that can be sent along with an e-mail message. Bayesian revision: a statistical technique in which additional knowledge is used to revise earlier estimates of probabilities. Benchmarking: testing that is used to compare the performance of hardware and software. Black list spam filter: looks for From addresses in incoming messages that are known to be spammers. Blade servers: putting small server computers on a single computer board and then installing many of those boards into a rack-mounted frame. Centralized architecture: the use of a few very large and fast computers. Challenge-response: compares all incoming messages to a white list. Client-level filtering: occurs when software that performs the filtering task is placed on individual users’ computers. Client-side scripting: software operates on the Web client (the browser) to change what is displayed on the Web page in response to a user’s actions (such as mouse clicks or keyboard text input). Cloud computing: service that allows multiple organizations to share a network of server computers and the software that runs on those computers. Computer virus: a program that attaches itself to another program and can cause damage when the host program is activated. Content delivery network (CDN): service that stores large file contents on multiple servers located throughout the Internet and routes customer Web browser large file requests to the server nearest to them that has a stored copy. Database server: the server computer on which database management software runs. Dead link: when clicked, displays an error message rather than a Web page. Decentralized architecture: using a large number of less-powerful computers and dividing the workload among them. Distributed architecture: using a large number of less-powerful computers and dividing the workload among them. Dynamic content: customized pages created in response to specific queries from site visitors. Dynamic page: a Web page whose content is shaped by a program in response to user requests. E-mail server: the server computer that handles incoming and outgoing e-mail. Entity body: sometimes used to pass bulk information to the server. False positives: messages that are rejected but should not have been. File Transfer Protocol (FTP):the part of the TCP/IP rules that defines the formats used to transfer files between TCP/IP-connected computers. Green computing: efforts to reduce the environmental impact of large computing installations. Hypertext Preprocessor (PHP): technology used to create dynamic Web pages. Infrastructure as a service (IaaS): another term for cloud computing. latency: delay in transmission caused by the inability of a network to handle the full traffic load momentarily. Link checker: utility program that examines each page on a site and reports any URLs that no longer exist. Link rot: when a site contains a number of dead links. Load-balancing switch: a piece of network hardware that monitors the workloads of servers attached to it and assigns incoming Web traffic to the server that has the most available capacity at that instant in time. Log file: used to store data about who is visiting a Web site (the visitor’s URL), how long the visitor’s Web browser viewed the site, the date and time of each visit, and which pages the visitor viewed. Naïve Bayesian filter: the software begins by not classifying any messages. The user reviews messages and indicates to the software which messages are spam and which are not. N-tier architecture: architectures that have more than three tiers. Orphan file: a file on the Web site that is not linked to any page. Platform as a service (PaaS): another term for cloud computing. Platform neutrality: the ability of a network to connect devices that use different operating systems. Remote server administration: software that allows a Web site administrator to control a Web site from any using an Internet-connected computer. Request headers: can contain information about the types of files that the client will accept in response to a request. Request line: contains a command, the name of the target resource (a file name and a description of the path to that file on the server), and the protocol name and version number. Request message: the message that a Web client sends to request a file or files from a Web server. Response header field: returns information describing the server’s attributes. Response header line: indicates the HTTP version used by the server, the status of the response (whether the server found the file that the client wanted), and an explanation of the status information. Response message: created by server to send back to the client. Response time: the amount of time a server requires to process one request. Server: any computer used to provide (or “serve”) files or make programs available to other computers connected to it through a network (such as a LAN or a WAN). Server architectures: the different ways that servers can be connected to each other and to related hardware, such as routers and switches. Server farms: large collections of Web servers, often lined up in large rooms, row after row, like crops in a field. Server software: the software that the server computer uses to make files and programs available to the other computers. Server-level filtering: occurs when software that performs the filtering task is placed on mail server computers. Server-side scripting: programs running on the Web server create the Web pages before sending them back to the requesting Web clients as parts of response messages. Spam: unsolicited commercial e-mail. Static page: an unchanging page retrieved from a file or set of files stored on a Web server. Teer grubing: sending e-mail messages back to the computer that originated the suspected spam. Telnet: a program that allows a person using one computer to access files and run programs on a second computer that is connected to the Internet. Three-tier architecture: extends the two-tier architecture to allow additional processing to occur before the Web server responds to the Web client’s request. Throughput: the number of HTTP requests that a particular hardware and software combination can process in a unit of time. Tra cert: sends data packets to every computer on the path (Internet) between one computer and another computer and clocks the packets’ round-trip times. Transaction server: the computer on which a company runs its accounting and inventory management software. Two-tier client/server architecture: has only one client and one server. Virus: a program that attaches itself to another program and can cause damage when the host program is activated. White list spam filter: examines From addresses and compares them to a list of known good sender addresses. Instructor Manual for Electronic Commerce Gary P. Schneider 9781305867819
Close