[thelist] Online Employment App Ethics
Scott James
scott at coldcustard.org
Thu Jul 24 16:13:50 CDT 2003
On Thu, Jul 24, 2003 at 02:55:58PM -0500, Dan Boen wrote:
> Good Afternoon,
>
> My question today concerns a client who wants to have an online
> employment application - so prospective employees may apply to the
> company directly. This is strictly an HTML site using formmail to send
> the info to an HR representative. The form contains some sensitive
> information in my opinion:
>
> - employment history
> - education history
> - address, city, state, zip, phone, email
> - salary requirements
> - references
IMHO you are comming at this from the wrong angle, from a personal
perspective this information is 'private' however, the list of people in
the world who _care_ about my education results is VERY small. The list
of people who are going to sniff network packets on your web server in
the hope they may get my details??
Who could benifit from intercepting this information? Could it give
them a comercial advantage in any way? Could the information be useful
except from a voyeristic perspective? I dont think so, so really I
would not secure it in transit.
HOWEVER
The information once collected is VERY valuable. One persons salary
requirements is useless 100,000 salary requirements is a valuable
comercial asset. Dont worry about the web site, do worry about the
server.
Just a thought.
Scott
--
Truth is a river that is always splitting up into arms that reunite. Islanded
between the arms the inhabitants argue for a lifetime as to which is the main
river. -- Cyril Connolly http://www.coldcustard.org/~scott/
More information about the thelist
mailing list