PROJECT IN BRIEF

PROJECT TITLE: Transaction Processing System

UNDER TAKEN BY: Kiran Afshan

Huma Naz

Sobia Sheraz

SUBMITTED TO: MISS: Tahira Hasan

References:
Mr. Sohail Khan
Branch Manager
Soneri Bank G-9 Islamabad

www.Soneri bank.com
Acknowledgement

All praise to Almighty ALLAH, the most merciful and compassionate, who enabled us to
complete this Project.

We express our gratitude to our kind course coordinator Miss Tahira Hasan who kept our moral
high by her suggestions and appreciation. She was available to us whenever and for whatever we
consulted her. Without her precious guidance and help we could never be able to complete this
task.

At last but not the least, we would like to acknowledge the support of our family members. We
would like to admit that we owe all our achievements to our truly, sincere and most loving
family members who mean the most to us, and whose prayers are source of determination for us.

2
 PREFACE

This report is one of the necessary elements to

complete the course of E_Business; we try our best to
write this report in such a way that gives more
information about the websites of Ministry of Education
to the reader in simple language.
For the sake of simplicity, we have divided this report
in portions. So, reader will not face any difficulty in
understanding this report.
We have also tried our level best to obtain as accurate
data and present all what we have learnt, in the
following pages.
We hope that this report will be a true representative
of our efforts and will satisfy the purpose, which we
were meant to achieve.

3
 Chapter # 1
INTRODUCTION

4
INTRODUCTION

Many definitions exist for e-governance. “E-governance is the interaction

between government and citizens and government and businesses, as well
as in and government and businesses, as well as internal government
operations” (Michiel Backus, 2001).
E-governance brings the concept of good governance with itself which
included transparent, participatory, accountable, consensus oriented,
responsive and effective and efficient government. “E-governance refers to
the process of using information and communication technology for
automating internal operations of government as well as its external
interactions with citizens and other businesses” (Gyanendra Narayan,
Amrutaunshu N. Nerurkar, 2006). E-governance incorporates process and
structures by which new ICTs can be organized by the government for e-
administration, e-business, e-citizen, e-services, e-society, and e-
democracy.

The terms government and governance are often used interchangeably or in

conjunction, so a certain level of clarification and distinction needs to be met
between them in order to understand & visualize the conceptual overview of
electronic versions of each. In the broader perspective, Government can be
defined as an institution which represents the people of any country and
carries out legislation process, policy and decision making and their
implementation in the interest of public. However, Governance is the result
and outcome of dealings of government with different tiers of society during
political process, policy-making and implementation.

E-governance in the world

After few decades the war is not occur but electrical war decide who win and
who loss.
E-governance is an emerging trend in the globalize world. Different
developed and developing countries make efforts for successful e-
governance. Europeans and Americas region get the lead in e-governance
whereas Asia, Africa and Oceania still trying to get huge success in e-
governance. E-governance provides unlimited benefits but e-governance
also contains the issue of digital bridge and design- reality gap. Developing
and developed countries faces the problem of digital divide and design-
reality gap.

5
E-governance in Pakistan

Electronic government directorate is wing of ministry of information and

technology of Pakistan is responsible for

• Preparation of e-government projects

• Implementation of federal level e-government projects approved by
government.
• Preparations of standards, guidelines.
• Providing technical support to the federal, provincial, and district
department.

In the context of Asia, Pakistan got eleventh position in e-governance and in

worldwide ranking one hundred and thirty six is the position capture by
Pakistan (UNPAN, 2005). The position of Pakistan goes downs in the ranking
of e-governance just in one year. Pakistan is a developing country and
developing country faces the problems and issue of e-governance with
intensity. Digital divide, design and reality is not just issues but corruption,
dishonesty, low literacy rate, lack of skilled and technical human resource,
cultural differences, lack of funds and lack
Of proper infrastructure make it more difficult to enjoy the facilities of e-
governance.

This report focuses on e-governance Pakistan. We select website of ministry

of education of Pakistan. E-governance is new concept in Pakistan so a lot of
commitment and efforts are required. Not much research is available on this
e-governance in Pakistan so we take this project as challenge and
opportunity.
They use the Internet. Government, as a collector and source of information,
could follow this trend, to serve its customers (citizens and businesses) better
and to save costs by making internal operations more efficient. If we look at
global level, we shall know that there are 15.7 million people go online each
day. Internet is the fastest growing technology which took only 5 years to
achieve 50 million users whereas TV took 13 years and Radio took 38 years.

RESEARCH OBJECTIVE

The objective of this research is to analyze the Website of ministry of

education of Pakistan with respect to its design, model, internet marketing,
legal ethical and social issues and computer and network security. Also
conduct the SWORT analysis.

6
Importance of Government websites:
Making government sites usable can help citizens understand
 how their government works
 how to access services
 how to change the laws and policies under which they live.

Characteristics of good e-government sites:

1. The informational (institutional) side, which explains:

a. Policies. For example, when the garbage is picked up,
which pets need licenses, etc.
b. Political structure. For example, who reports to whom
and who is elected versus who is appointed.
2. The actions (services) side, which lets people do such
things as:
a. Pay taxes.
b. Get a license renewed.
c. Check who owns a building or factory.

E-government information architecture:

• Information-oriented:
– Includes institutional policies, politics, and procedures.
– Organized around citizens’ lives, not government bureaucracies.
• Action-oriented:
– Online services.
• Accessible:
– The site has to work for everyone.
• Navigable:
– Understandable navigation, search, index with synonyms, site
map.
• Private and Secure:
– What information is used for. How information is protected.
– People don’t want hackers getting their ID numbers and data
from government sites, or data from one government site
showing up on another.
• Easily maintained and added to
– There are no million-ruble budgets for maintaining government
sites.

7
LIFE CYCLE:

The four stages

1. In the embryonic stage, e-governance means being present on the
web, providing the public (G2C & G2B) with relevant information. The
format of the early government websites is similar to that of a
brochure or leaflet. The value to the public is that government
information is publicly accessible; processes are described and become
more transparent, which improves democracy and service. Internally
(G2G) the government can also disseminate static information with
electronic means, such as the Internet.

2. In the growth stage, the interaction between government and the

public (G2C & G2B) is stimulated with various applications. People can
ask questions via e-mail, use search engines, and download forms and
documents. These save time. In fact the complete intake of (simple)
applications can be done online 24 hours per day. Normally this would
only have been possible at a counter during opening hours. Internally
(G2G) government organizations use LANs, intranets and e-mail to
communicate and exchange data.

3. With stage three, the complexity of the technology is increasing, but

customer (G2C & G2B) value is also higher. Complete transactions can
be done without going to an office. Examples of online services are
filing income tax, filing property tax, extending/renewal of licenses,
visa and passports and online voting.
Phase three is made complex because of security and personalization
issues. E.g. digital (electronic) signatures will be necessary to enable
legal transfer of services. On the business side, the government is
starting with e-procurement applications. In this phase, internal (G2G)

8
 processes have to be redesigned to provide good service. Government
needs new laws and legislation to enable paperless transactions.
4. The fourth stage is the when all information systems are integrated
and the public can get G2C & G2B services at one (virtual) counter.
One single point of contact for all services is the ultimate goal. The
complex aspect in reaching this goal is mainly on the internal side, e.g.
the necessity to drastically change culture, processes and
responsibilities within the government institution (G2G). Government
employees in different departments have to work together in a smooth
and seamless way. In this phase cost savings, efficiency and customer
satisfaction are reaching highest possible levels.

In

Pakistan, e-governance is near to complete the embryonic stage and very

soon it will enter in growth stage. If government takes appropriate and
revolutionary steps to implement the e-governance, there is no doubt that
Pakistan can become a role model for developing countries.

9
 Chapter # 2
SWORT ANALYSIS

10
SWOT ANALYSIS

SWORT analysis is presented on the basis of political, Social, economic and

technological aspects. And analyze the challenges of e_governanace for
Pakistan as developing country.

Economic aspects related to e-governance are funding, cost-savings,

business models, e-commerce, and spin-offs of e-governance.

Economic Aspects
Strength Weaknesses

E-governance argument for Investors

external funding Budget
Transparency for businesses control
(procurement)

Opportunities Threats

Higher cost Corruption

efficiency
New business

11
Political aspects related to e-governance include strategies and policies, laws
and legislation, leadership, decision making processes, funding issues,
international affairs, and political stability.

Political Aspects
Strength Weaknesses
Combination with Budget
democratization reforms Lack of cyber laws
Internet as pull factor No problem owner within
Modern image government
Slow decision making process
Hierarchical structures
Short term approach due to
elections
Integration and reform

Opportunities Threats

Bureaucracy
Raise external funding Piracy, misuse
Show competitive edge Corruption
Transparency causes natural Maintaining disorder, no
change of processes transparency
Reinvent government Political instability
Resistance
12
Social aspects related to e-governance are people, (level of) education,
employment, income, digital divide, rural areas vs. cities, rich vs. poor,
literacy, IT skills.

Social Aspects
Strength Weaknesses
People eager to learn IT skills Basic education poor
Skilled people possible export Low literacy
product IT literacy
Different languages
Public acceptance of self-service
models
Skill shortage: competition with
private sector

Opportunities Threats

Employment increases Brain drain IT skilled people after

Education system improve training
People get structural job Influence of other cultures
Cheap manpower widely Resistance of people
available Digital divide
Promotion of Internet Privacy

13
Technological aspects involve software, hardware, infrastructure, telecom,
IT skilled people, and maintenance, safety and security issues.

Technological Aspects
Strength Weaknesses
Shortage IT skills
High cost of internet
Heterogeneous data
Lack of IT
standards?
Software licenses

Opportunities Threats

14
 Chapter # 3
E-Business Model and Internet Marketing

15
E-Business Model Used by Ministry of Education for their
Website:

This website is based on portal model. (Vertical portal) .

The model for e-governance is a one-stop portal, where citizens have access
to a variety of information and services. An ideal portal would be one for
employment where a citizen creates a profile and is presented with
employment opportunities at the federal, state, local, non-profit, and
private-sectors.
All the information regarding jobs, scholarships, polices and rules and
regulations of ministry of education would be available at the portal, which
would help the public at large.

Domain Name:

http://www.moe.gov.pk/
Its domain name is short and easy to remember. It is the short form of
Ministry of Education.

Internet Marketing Research:

It is not used for internet marketing research and not keep record of their
visitors.

Web Design:

1. As this is the government website. The color selection is good. Blue

and white color is used.

16
2. Multimedia such as streaming video and audio are not use in this
website because it is essential to know that there are few who have
access to ICTs, to digital information and knowledge, and to the
benefits of reform in governance.

3. Makes things easy to find

 Navigation Is simple and easy on the website:

 Use A to Z dictionary in links

17
  Use Site map

 Include search options

4. One way information

 Provide access to policies, budgets, and reports

18
  Explain who does what

5. Two way information.

 Encourage participation, listen well

19
E_Business Public Relation:

– Keeps customers and company current on latest information

about products, services and internal and external issues such as
company promotions and consumer reactions

Public relation Methods used by Website of Ministry of Education:

1. Provide media cell
Provide all press releases on the website.

2. Give all Publication

20
3. Provide curriculum and forms on the website

4. Special Events and functions on the website

21
22
 Chapter # 4
Computer and Network Security

Website security policy for Ministry of Education Pakistan

The creation of a security policy for a website or web application should be

one of the first steps in the software development life cycle. By defining the
policy, it sets the basis and requirements for the subsequent system design.

Policy scope

A policy is a collection of high level statements of intent as opposed to

standards (a set of requirements about specific topics or technologies) and
procedures (describing a process of implementing a standard or a part of a
standard). It should be reasonable, enforceable and auditable. The policy's
scope should be restricted to the single website or web application but must

23
encompass all components and related services. A web site / web application
security policy should be referenced in the primary corporate information
security policy and mandated by the Chief Information Officer (CIO), or
equivalent.

Website security policy

Defining a security policy can be a complicated task as each Government

must decide beforehand which aspects of protection are most important,
thereby compromising between security and ease of use. When a Web site is
compromised, it can erode customer confidence and threaten the
enterprise’s intellectual property. Therefore, Web content should be
protected through content validation tools, digital signatures and digital
rights management. A good security policy will become a reference point
during the development process but will need to be subsequently reviewed
and updated as the project's requirements change.

The policy should be broad enough to include all development, laboratory,

test and production systems since a data loss from any of these might
compromise the project's security. Where requirements in the primary
corporate information security policy are not applicable, they should be
identified as such. Any primary requirements that contradict the project
requirements should change the project requirements or be escalated to the
primary maintainers resulting in a change to the primary requirements or an
exception that is explicitly documented.

A web site security policy would normally include:

o Data classification scheme

o Security rating scheme
o Constraints on data based on the schemes
o Authentication requirements
o Authorization requirements
o Encryption requirements
o System architecture
o Security testing scheme
o Logging requirements
o Relevant regulatory and legal requirements

An ideal Cyber Security Policy will ensure the existence of a sound and
secure e-governance and critical infrastructure base in Pakistan. The security
and safety of various ICT platforms and critical infrastructures in Pakistan
must be considered on a priority basis before any e-governance base is

24
made fully functional. With the introduction of computers, the need for
automated tools for protecting files and other information stored on
computers became evident. The information security is essential for a shared
system, such as a time sharing system, and the need is even more acute for
systems that can be accessed over public telephone or data network. The
second major change that affected security is the introduction of distributed
systems and the use of networks and communication facilities for carrying
data between terminal user and computer and between computer and
computer. Network security measures are needed to protect data during
their transmission because virtually all business, Government and academic
organizations are interconnected their systems with a collection of networks
referred as Internet. A new approach to the standards based e-Governance
that simultaneously provides for the security and availability of network
resources is the need of the hour. This approach keeps information safe, yet
available whenever, wherever and to whomever the needs dictate. The
Network and Information security standards need to be put in place for
prevention of intrusions, detecting and removing malicious code, managing
the organizations security systems, ensuring the service continuity with
proper disaster management, data protection with data backup and recovery
procedures and many more.

Privacy and Security

The unregulated and accessible structure of the Internet has prompted many
to question the privacy and security of government websites. Public opinion
surveys place these areas near the top of the list of citizen concerns about e-
government. Having visible statements outlining what the site is doing on
privacy and security are valuable assets for reassuring a fearful population
and encouraging citizens to make use of e-government services and
information. However, few global e-government sites offer policy statements
dealing with these topics. Only 14 percent of examined sites have some form
of privacy policy on their site, and 8 percent have a visible security policy.
Both of these are areas that government officials need to take much more
seriously. Unless ordinary citizens feel safe and secure in their online
information and service activities, e-government is not going to grow very
rapidly.

Need for Standards

Some standards are needed for implementation of a security policy.

Areas of Network and Information Security Standards

Following are some of the areas of Network and Information Security where
Standards need to be put in place in the context of e_Governance in the
ministry of education

25
 o Data protection and Retention
o Backup and Recovery (Including Disaster Recovery and Service
o Continuity)
o Security Appliances (Firewalls, VPN Gateways, Content filtering,
Wi-Fi and more)
o Electronic Mail
o SPAM Prevention
o Anti Virus
o Password Selection
o Early Warning Systems (Intrusion Prevention)
o Computer Emergency Response Teams (CERT)
o Digital Signature
o Electronic Commerce

System used by Ministry of Education for web security

Web Privacy Policy:

Ministry of Education website policy is simple. They collect no personal

information about visitors unless visitors choose to provide that information.
they do not give, share, sell, or transfer any personal information to a third
party.

Links to Other Sites:

MOE website provides links to many external websites. Visitors must be

aware that when they leave the MOE website they will be going to sites that
are beyond their control and standards. visitors will always receive a notice
when they are about to leave MOE site. Websites external to MOE have their
own privacy policies, and may collect data or solicit personal information.
The privacy and security policies and procedures described for MOE do not
apply to any external links. MOE suggest contacting these sites directly for
information on their privacy and security policies.

26
Non-personal Information they Record:

During visit as visitors browse through the website or download information,

MOE website operating system will automatically record some general
information about visitors.

During visit, web operating system will record:

1. The type of browser (such as "Netscape version X" or "Internet

Explorer version X") that you are using.
2. The type of operating system that visitors use (such as Macintosh,
Unix, or Windows).
3. The date and time visit website, and the web pages that visitors visit
on their site.
4. The address of the previous website were visiting, if visitors linked to
MOE from another website.
5. The Internet domain for Internet service, such as "xcompany.com" or
"xcompany.net" if visitors use a private Internet access account or
"yourschool.edu" if visitors connect from a college or university
domain.

27
They use this information for statistical analysis, to help them make their
site more useful to visitors. This tracking system does not record information
about individuals.

Web Security Policy:

For security purposes and to make sure website remains available to all
users, MOE site use special software programs for monitoring network traffic
to identify unauthorized attempts to upload or change information, or
otherwise to cause damage to this government computer system. These
programs collect no information that would directly identify individuals, but
they do collect information that could help them to identify someone
attempting to tamper with this website. If visitors use website, visitors
should understand that all activities may be monitored and recorded. Anyone
using this system expressly consents to such monitoring.

WARNING

If such monitoring reveals possible evidence of criminal activity, monitoring

records may be provided to law enforcement officials. Except for authorized
law enforcement investigations, they make no other attempts to identify
individual users or their usage habits. They only use raw monitoring data
logs for determining trends in usage patterns and in diagnosing system
problems.

Number of visitors

28
Cookies:
A cookie is a small piece of information that is sent to visitors browser when
they access a website. The use of cookies is an industry standard and they
are found at most major websites. There are two kinds of cookies. A session
cookie is a line of text that is stored temporarily in your computer's RAM. It
is never written to a computer's drive and it is destroyed as soon as you
close your browser. A persistent cookie is a more permanent line of text that
gets saved by your browser to a file on visitor’s hard drive. Depending on
visitor’s browser settings, you may receive notification that a site is
requesting cookie information, possibly with an expiration date. Persistent
cookies have a future expiration date. Session cookies have no date
associated with them.

On those pages where MOE uses "cookies" to facilitate visitors use of site, do
not collect personal information about visitors and the cookie is destroyed
when visitors exit browser. There is no information stored on visitors
computer and no unauthorized files are written onto visitors disk drives.
These cookies are called "session cookies." They help visitors use website
interactively and are destroyed when visitors close their browser. These
"session cookies" do not collect information about visitors, but only about
their browser "session." The cookie makes it easier for visitors to use the
dynamic features of these web pages, without having to provide the same

29
information as visitors move from one page to another. visitors will find the
use of these "session cookies" on several of website data access tools.

To protect visitor’s privacy, be sure to close your browser completely after

they have finished conducting business with any website that uses cookies.
If visitors are concerned about the potential use of information gathered
from your computer by cookies, visitors can set your browser to prompt you
before it accepts a cookie. Most Internet browsers have settings that let
visitors identify and/or reject cookies.

Information from e-mail you send to MOE site:

If visitors decide to send us an e-mail message, the message will usually

contain visitors return e-mail address. If visitors include personally-
identifying information in their e-mail because they want to address issues
specific to visitor’s situation, they may use that information in responding to
visitors’ request, but it will be destroyed when they complete their return
correspondence. Also, e-mail is not totally secure against interception. Your
e-mail addresses are not sold, leased or shared with any non-governmental
or commercial entities without the user's consent. When a user has given
their e-mail address for purposes of communicating with or requesting
information from, that communication becomes part of the public record and
may be subject to public inspection and copying if not protected by law.
Information submitted via e-mail or web forms may be at risk of being
intercepted, read or modified. Visitors are advised not to pass on any
personal and confidential information such as security passwords and credit
card numbers while using this Website unless specifically required by an
authorized person. Government of Pakistan shall not be liable for any misuse
or loss of any such information.

30
Voluntary Submission of Information

On some of their web pages they provide forms that let you voluntarily
submit personal information (such as e-mail address or name). For example,
this occurs when visitors are registering for various conferences or training
sessions or when visitors sign up for our "Newsflash" subscription service. In
those cases, all submitted information is used only for the expressed
purposes for which it is intended and is not made available to any third
party.

Pakistan.Gov is committed to protecting your privacy and to making your

online experience secure, comfortable, valuable and pleasant.Pakistan.Gov is
committed to protecting your privacy and to making your online experience
secure, comfortable, valuable and pleasant. They do not collect any
information about visitors unless they choose to provide that information.
They may share necessary data with other Government agencies and
departments. However, information collected is used only for official
purposes, internal reviews, improvement of the content of Website,
customization of the content and layout of Website and to contact users.
They do not use, share or pass on visitors information for commercial
purposes. All record keepers face the possibility of disclosure of their records
in some civil, criminal, or administrative matter. Government of Pakistan
could be required to disclose personal information in response to valid legal

31
processes such as a search warrant, subpoena, or court order. Disclosures
may also be necessary to protect the Government's legal rights or during
emergencies if physical safety is believed to be at risk.

Security Measures

MOE take very seriously the integrity of the information and systems that
they maintain. Hence, appropriate safeguards have been employed to
ensure that any personal information is secure from destruction, corruption,
unauthorized access and breach of confidentiality.

Several steps have been taken to safeguard the integrity of their computer
systems and networks. These steps include, but are not limited to individual
authentication, the security of transmitted data, security monitoring,
auditing and encryption of your information.

Is User Information Shared?

Except as provided by applicable laws, they do not collect, use or disclose

user information without the user's knowledge and approval. They do not
share user information with third parties unless they have informed users
about the disclosures or have prior consent.

Can I Access and Correct My Personal Information?

Users concerned about information contained in their personal records

should contact the custodian of the record, which typically is the
governmental entity that collects and maintains the information. visitors
may request changes or annotate their personal information if they believe it
to be inaccurate by submitting a written request describing the error.

The Government of Pakistan does not collect any personally identifiable

information other than what you provide. The automatic data recorded is not
matched with any of that personally identifiable information, therefore
information cannot be provided about visit.

Policy Revision and Notification of Changes

The Government of Pakistan may at any time revise or update this policy
without notice. They may inform their users about policy changes through
notices on this page containing a version number and date. Any information
collected under the current policy will remain subject to these terms.
Information collected after any changes take effect will be subject to the
revised privacy policy.

32
Security Issues in e-Government Applications

The main issues from the security point of view are the verification of the
identity of the server computer (Authentication), the integrity of the
message, confidentiality, and the privacy associated with the transmission of
the information. Although the authentication of the user is also desirable,
simple user authentication mechanisms such as passwords are cost-effective
for most of these applications.. Protecting the integrity of data, guaranteeing
the privacy of the citizens, and controlling the access to data only to the
authorized agents are undoubtedly the most relevant security issues in this
kind of applications. The integration of databases calls for a clear definition
of information ownership and access. Finally, for transactions and services
among government agencies and private corporations such as procurement,
authentication and non-repudiation becomes important issues.
Modern cryptography offers a series of technologies that can be used to
satisfy several security concerns. Although cryptographic techniques were
used initially to facilitate confidentiality and integrity of communications,
recent uses (public key infrastructure, digital certificates, and digital
signatures) include authentication and non-repudiation. In a very simple
way, encryption is a process that consists in scrambling the original message
in an undecipherable form. Each encryption scheme has its own capabilities
and limitations, and none of them is 100% secure. Finally, the human
element involved in the implementation of any security system makes all of
them vulnerable. Human error is identified as one of the main security
threats and vulnerabilities in the form of imperfect designs, bad
programming practices or user decisions.

Disability Access

Disability access is vitally important to citizens who are hearing impaired,

visually impaired, or suffer from some other type of handicap. If a site is ill-
equipped to provide access to individuals with disabilities, it fails in its
attempt to reach out to as many people as possible. Eleven percent of
government websites had some form of disability access using measures
that we employed. Web provide easy and accessibility for its visitors.

33
 Chapter # 5

Legal and ethical issues Related to E-governance

34
Ethical Problems for e-Government:

It is claimed that there is a lack of fully developed rules and models of

behavior in the kinds of electronic environments constituted by e-commerce
(Wielki, 2001). New ethical issues have arisen as business becomes
increasingly bound up with ‘virtual behavior’ .The issues, which arise in e-
business and e-Government, are intrinsically linked. The failure to develop
appropriate ethics for a virtual society may result in disorder overwhelming
democratic dialogue and in mistrust undermining commerce (Rogerson
2002). The rapid diffusion of e-commerce in particular has placed existing
norms and moral behavior under pressure and may affect the successful
implementation of successive governments’ visions of e-Government

TECHNOLOGY AND THE WORKPLACE:

Employees are accustomed to using the technology made available in the

workplace for purposes other than job duties. Although generally
discouraged by employers, checking news headlines, doing some on on-line
shopping, or sending personal emails while at work are everyday
occurrences. Many still feel as though these actions go unnoticed by
employers and assume, incorrectly, that their activities remain private.

Most (75 percent) medium and large companies use technology to monitor
employees’ email and Internet activities (George and Jones, 2003).
Conversely, only 57 percent of employees think employers should have the
right to monitor their email at work (Muhl, 2003). Despite employee
concerns, sales of email monitoring software are expected to grow
significantly, from $139 million in 2001, to an estimated $662 million in
2006 (Wakefield, 2004). Reasons cited for monitoring include: potential legal
liability (68%), security concerns (60%), and employee productivity
concerns (45%).

The ease of use, and the speed at which information can be sent and
received, causes difficulty for managers and technology professionals. Email,
for example, sometimes lacks the formality a phone call or traditional letter
has. The lack of formality can cause the sender to pay less attention to the
content, which may include items of a personal nature, sensitive
information, or information that could be considered offensive. Add to that
the possibility that a message sent in confidence may be viewed by others,
or the risk of uncontrolled distribution, and serious problems could occur for
both employer and employee (Adams, Scheuing, and Feeley, 2000).

35
 1. Introduction:

Internet companies or ISP’s publishes its information services in print and

various electronic media, including Web-based formats. They are continually
adapting to changes in technology to bring you the information you rely on
faster and more efficiently than ever before.

Websites publishes this Privacy Policy to reaffirm their commitment to

maintaining the privacy of customers in the electronic environment and
inform them of their practices concerning the collection and use of
information they provide us.

In this Privacy Policy you will find a description of the policies and
procedures that make this Privacy Policy work for customers. They have
included in their Privacy Policy an explanation of their information practices,
such as:

oWhat information they collect

o How they collect the information
o How they use the information
o How they provide choice to Users about how they use the
information they collect
o Whether they disclose the information they collect to third
parties
o Whether third parties collect information through their Products
2. Websites Privacy Pledge.

Website makes the following pledge to heir customers:

o They are committed to protecting the privacy of Users at all

times.
o They only shares Customer Information and other Personally
Identifiable Information with third parties as described in their
Privacy Policy.
o They maintain security standards and procedures designed to
protect Customer Information and other Personally Identifiable
Information. They will continue to test and update their
technology to improve their ability to protect Customer
Information and other Personally Identifiable Information.

36
3. Consent to Use Information:

By using any Product and/or by affirmatively accepting the License

Agreement or this Privacy Policy, each User consents to the collection and
use of all information that the User provides to Internet companies or ISP’s,
all information that is provided to website on behalf of that User, and all
information that it collects based on that User's use of the Products,
including, without limitation, all Customer Information and other Personally
Identifiable Information.

4. Policies Regarding the Collection of Information:

At Internet companies or ISP’s, their goal is to provide Users with quality

information, products, and services. They are also committed to providing
Users with responsive, personalized service, and keeping Users informed
about new information, products, and services that may be of immediate
interest to Users or that can help Users derive the greatest value from the
Products.

Customer Information is at the heart of their ability to provide superior

service to Users. They describe in this Privacy Policy the types of Customer
Information and other Personally Identifiable Information that they collect,
and how and why they may share that Customer Information and other
Personally Identifiable Information with others.

A visitor who browses the Web site is not required to reveal any Personally
Identifiable Information, such as name, address, or telephone number,
unless subscribing to a product. Nor is such information collected passively
by electronic means. Web servers collect other information such as the make
of a visitor's browser software and the Internet domain name of the location
from which the visitor enters. This information helps them diagnose technical
problems and manage our sites by tracking user interests.

The primary reason that they collect and maintain Customer Information and
other Personally Identifiable Information is to serve Users and administer
customer relationships. They may collect Customer Information and other
Personally Identifiable Information from a variety of sources, such as the
following:

o Information Users provide them, such as information Users

provide to us in the registration process.
o Information they receive from a Customer that purchases
Subscriptions for Users, such as registration information.

37
 o Information about transactions by Users as part of the Products
or other User experiences with Internet companies or ISP’s, such
as the information they receive when a User submits a question
through a search box in a Product. They collect Customer
Information and other Personally Identifiable Information in a
number of ways, such as the following:
o Registration Process:
 In order to use their Products, each User may be asked to
complete a registration process, which requires providing
certain registration information to Internet companies or
ISP’s.
o Credit Cards:
 They collect credit card information for billing purposes.
For convenience of customers, they do not store, use, or
share credit card information for any other purpose
o Log Files:
 They track information about each User's usage of the
Products in log files. They use this information as follows:
 To analyze trends
 To administer the Products
 To track statistical information about how Users use
the Products
 To gather broad demographic information for
aggregate use
 Internet companies or ISP’s does link information
regarding a User's usage of the Products to the User's
Personally Identifiable Information

Surveys and Promotional Activities:

From time to time websites may request information from Users via
voluntary participation in promotional or market research activities.

The information that they request may include contact information (such as
name and business address), and demographic information (such as zip
code and age level).

5. Policies Regarding the Use and Disclosure of Information.

a) Information Use and Sharing:

They may use and share the Customer Information and other Personally
Identifiable Information that they collect among various departments within
websites and its subsidiaries that perform functions such as servicing User

38
accounts, preparing reports regarding Product use, market research, and
promotional activities. The reasons that they share this Customer
Information and other Personally Identifiable Information include the
following:

o To protect Users.
 They use the Customer Information and other Personally
Identifiable Information they maintain about Users and
their use of the Products, including registration
information, as follows:
 To help them identify Users.
 To help them prevent unauthorized persons from
accessing Customer Information and other Personally
Identifiable Information and the Product features
that they make available to specific Users for their
use.
o To provide superior service.
 They use Customer Information and other Personally
Identifiable Information to respond quickly and efficiently
to User needs.
o To tell you about new or enhanced services and/or
products.
o By understanding more about Users and their use of the
Products, they can better meet User needs and determine
how other Product features could be of value to Users.
o E-mail Updates:
 Once a User completes the registration process, websites
may keep the User updated by e-mail on important news
and events concerning Internet companies or ISP’s,
Product features, and other information that a website
deems relevant.
 By accepting the License Agreement and this Privacy Policy
and by using any Product, each User agrees that website
may contact the User by e-mail with respect to website
and any aspect of the Products whatsoever.
o To improve and develop their information, products and
services.
o Every Product feature that they offer is designed to
reflect the ways Users actually use the Products.
 They collect and analyze information about Product use so
that they can tailor new types of information, products and
services to meet User needs.
 When it comes to sharing Customer Information and other
Personally Identifiable Information outside Internet

39
 companies or ISP’s, they do so only for specific purposes.
They share Customer Information and other Personally
Identifiable Information with third parties as follows:
o General
 They reserve the right to share with website’s subsidiaries
and/or other reputable organizations the following
information, for purposes of permitting those organizations
to sell their products and services to our Customers:
 With respect to each Customer, the following current
information: company name, industry, business mailing
address, and primary contact information (name, e-mail
address, street address, mailing address, and telephone
number).
 With respect to each User, the following current
information: name, industry, job title, business e-mail
address, office name (branch and main office), and mailing
address.
 They reserve the right to share Customer Information and
other Personally Identifiable Information with third parties
that provide hot links to the Web page at
http://www.bna.com/ to promote the Products, such as
web portals, or otherwise sell Subscriptions on our behalf
through their own marketing channels. In certain
instances, these parties will co-own certain Customer
Information and other Personally Identifiable Information
about Product revenue generating activity that originates
from that third party. Such Customer Information and
other Personally Identifiable Information may include,
without limitation, the following information: company
name, street address, e-mail address, contact name, lead
date, first sale date, and services accessed.
 They reserve the right to share Customer Information and
other Personally Identifiable Information with other third
parties that perform services on our behalf, such as
companies that help us market Products, renew
subscriptions, or assist new customers.
 They reserve the right to share all Customer Information
and Personally Identifiable Information with third parties
who act as independent contractors to help us administer
the Products, such as data centers that host our servers
and technical system consultants who program our
hardware and Software.
 They reserve the right to share Customer Information and
Non-Identifying Information in the form of aggregated

40
 demographic information that is not linked to Personally
Identifiable Information with our subsidiaries, advertisers,
and other third parties.
 They reserve the right to disclose certain Customer
Information and Personally Identifiable Information to
government agencies and consumer reporting agencies as
permitted or required by applicable law. Websites may
make these disclosures for specific, limited purposes, such
as verifying individuals' identities (reducing fraud and
identity theft).
 Website will also disclose a User's Customer Information
and Personally Identifiable Information when and to the
extent they believe, in good faith, that they are legally
compelled to do so pursuant to an order of a court of
competent jurisdiction or other governmental body
(including, without limitation, such disclosures required by
applicable securities laws as are necessary to comply
therewith or with the rules and regulations of any
applicable stock exchange). In such an event, websites will
use reasonable efforts to do the following:
 Give the User reasonably prompt written notice of such
requirement so that the User has an opportunity to
comment thereon or object thereto and to preserve the
confidential nature of the Customer Information and
Personally Identifiable Information that website is required
to disclose.
 At the User's expense, use commercially reasonable efforts
to cooperate with any of the User's efforts to preserve the
confidential nature of the Customer Information and
Personally Identifiable Information that a website is
required to disclose.
o User Information
 They reserve the right to share a User's Customer
Information and Personally Identifiable Information with
the Customer who purchased the User's Subscription.
 They also reserve the right to share a User's Customer
Information and other Personally Identifiable Information
in the manner described in Privacy Policy.
o Customer Information
 They also reserve the right to share the aggregate
Customer Information and other Personally Identifiable
Information for any Customer with respect to all Users for
which that Customer purchased a Subscription in the
manner described in Section 6 of this Privacy Policy.

41
 b) Policies Regarding the Use and Disclosure of
Information about Former Customers:

For a period of time after a Customer relationship ends, our

policies and practices regarding the use and disclosure of
Customer Information about former Customers are the same as
those regarding the collection and disclosure of Customer
Information and other Personally Identifiable Information about
existing Customers. However, after the relationship ends, they
may use such Customer Information and other Personally
Identifiable Information about former Customers less and less
over time. They reserve the right to eventually remove such
Customer Information and other Personally Identifiable
Information about former Customers from our records.

c) Links to Third Party Web Sites:

The Internet Privacy Policy applies solely to the Products. The

Products may contain links to Web sites owned and operated by
third parties. Any User's use of third party Web sites is at their
own risk and subject to any terms and conditions of use, policies
regarding the collection of information, privacy policies, and
other practices and procedures for such Web sites. Website is
not responsible for any such terms and conditions of use, policies
regarding the collection of information, privacy policies, or other
practices and procedures of the third party Web sites that a User
may access through hot links in the Products. They cannot
guarantee how these third parties use cookies or whether they
place cookies on your computer that may include Customer
Information and other Personally Identifiable Information. They
encourage Users to be aware when they leave the Products and
to read any terms and conditions of use, policies regarding the
collection of information, privacy policies, and other practices
and procedures of each Third Party Web site before Users
provide them with any Customer Information and other
Personally Identifiable Information.

6. Information Confidentiality and Security:

Web site is committed to prevent any unauthorized access to

each User's Customer Information and other Personally
Identifiable Information. They maintain procedures and
technology designed to prevent such unauthorized access.

42
 a) Security Programs:

No one can guarantee that data transmission over the Internet

will be 100% secure. Nevertheless, web site has taken technical,
administrative, and physical steps to protect against
unauthorized access to Customer Information and other
Personally Identifiable Information used to administer its
customer accounts. All such information is handled securely
within website and is not disclosed to unauthorized third parties.

b) User IDs and Passwords. Each User is responsible for

maintaining the confidentiality of his or her User ID and
password, and is responsible for all Product activities that occur
under his or her User ID and password, including, without
limitation, all related Customer Information and other Personally
Identifiable Information. Each User agrees to immediately notify
website of any unauthorized use of his or her User ID or
password or of his or her Customer Information and other
Personally Identifiable Information or any other breach of
security regarding the Products or his or her Customer
Information and other Personally Identifiable Information.
Websites will not be liable for any Loss whatsoever arising from
a User's failure to comply with these security requirements and
each User agrees to hold websites harmless from any and all
Losses that arise from that failure to so comply.

7. Tips To Help You Protect Your Information:

If any User suspects that someone has had unauthorized access

to his or her account, or access to his or her Customer
Information and other Personally Identifiable Information, such
as his or her User ID or password, the User should send an email
to customercare@bna.com immediately so they can take
appropriate action to protect the User and his or her Customer
Information and other Personally Identifiable Information.

In addition, Users may want to consider if it is important to

report the crime to local law enforcement agencies and to the
Federal Trade Commission (FTC). To enter information about any
complaint into a secure FTC online database, sign onto
www.consumer.gov/idtheft. The site also provides links to
numerous consumer education materials.

43
 Chapter # 6
Recommendations

44
Recommendations for Web Design:

One way Information:

 Show how decisions are made by ministry of education like how to

speak at a meeting, when and where meetings are held etc
 Organize information by people’s life events, not by government
organization charts

Two ways Information:

 Provide live and online forums where visitors can share ideas and
information about government education polices. Through online
forum and live discussion it is east to check people response about
government polices about education whether their response is positive
or negative.
 Accept proposals from citizens.

Let people to do things like submit their forms and application online

Improve public relationship by

 Video clips about new, meetings, and press releases should be

available on the website.
 With the improvements in one way and two way information
distribution public relation should also improve.

To be recorded as accessible to the disabled, the site had to display features

that would be helpful to the hearing or visually impaired. For example, TTY
(Text Telephone) or TDD (Telephonic Device for the Deaf) phone numbers
allow hearing-impaired individuals to contact the agency by phone. Second,
the site could have web accessibility features consistent with standards
mandated by groups such as the World Wide Web Consortium (W3C) or local
legislative acts. Finally, if the site provided text labels for graphics or text
versions of the website, it was counting as having some degree of
accessibility.

Foreign Language Access

45
Few city government websites have bi-language features that allow access
to non-native speaking individuals. By bi-language feature, we mean any
accommodation to the non-native speakers, such as text translation into a
different language.

Takes help from standard companies

Oracle is known to offer the most secured computing environment, and has
been certified against 14 standards of security requirements in the
government, defenses and financial services industries. Ministry may takes
help from oracle for security in following areas

o Selective Encryption
o Evaluated Security
o Proxy authentication
o Three tier security
o Label base access control

Recommendations regarding ethical issues

The site of Ministry of Education provides physical environment consisting of

temporal and geographic boundaries.

RECOMMENDATIONS:
• To keep track of their visitor, the site should use
– A tailored web experience but at the same time its a violation of the
privacy

• The site should avoid surveillance. Reasons for surveillance are:

– Slower transmission times
– Harassment suits
– Low productivity

• The site should follow the stated policy regarding the collection and
use of visitor’s personal information by using Privacy policy services and
software i.e.
– PrivacyBot.com
– TRUSTe

• The ministry of education should be responsible for a fair use of

copyright i.e.
– The use of a copyrighted work for education, research, criticism
– The purpose of the copyrighted work is examined
– The nature of the copyrighted work is taken into account
46
– The amount of the material that has been reproduced is reviewed
– The effect is taken into consideration

• The site should promote online commerce by legitimizing online

contractual agreements

47