[thelist] Online Employment App Ethics

Scott James scott at coldcustard.org
Thu Jul 24 16:13:50 CDT 2003


On Thu, Jul 24, 2003 at 02:55:58PM -0500, Dan Boen wrote:
> Good Afternoon,
> 
> My question today concerns a client who wants to have an online 
> employment application - so prospective employees may apply to the 
> company directly.  This is strictly an HTML site using formmail to send 
> the info to an HR representative.    The form contains some sensitive 
> information in my opinion:
> 
> - employment history
> - education history
> - address, city, state, zip, phone, email
> - salary requirements
> - references


IMHO you are comming at this from the wrong angle, from a personal
perspective this information is 'private' however, the list of people in
the world who _care_ about my education results is VERY small.  The list
of people who are going to sniff network packets on your web server in
the hope they may get my details??  

Who could benifit from intercepting this information?  Could it give
them a comercial advantage in any way?  Could the information be useful
except from a voyeristic perspective?  I dont think so, so really I
would not secure it in transit.  

HOWEVER

The information once collected is VERY valuable.  One persons salary
requirements is useless 100,000 salary requirements is a valuable
comercial asset.   Dont worry about the web site, do worry about the
server.

Just a thought.

Scott




-- 
Truth is a river that is always splitting up into arms that reunite. Islanded 
between the arms the inhabitants argue for a lifetime as to which is the main 
river.  -- Cyril Connolly                http://www.coldcustard.org/~scott/


More information about the thelist mailing list