Privacy in Distributed Electronic Commerce

In recent years there has been a movement toward deployment of distributed approaches for electronic commerce. Intelligent software agents, for instance, may be instructed to act on behalf of human users in electronic transactions. A challenge with this approach is that the agents would be entrusted with access to sensitive personal or business information. How can this sensitive information be protected from unauthorized access? How can agents negotiate across jurisdictional boundaries; both corporate, and country? The latter question is of particular concern when one considers the potential for considerable variance between the regulations and policies of different governments and corporations. This is especially evident with the disparity of legislation for privacy in different countries. How can disparate regulations be accommodated effectively? What technologies are appropriate for maintaining user privacy and for protecting sensitive information for agent-based e-commerce? In this paper, we describe the issues that provoke privacy challenges for agent-based e-commerce due to current and impending privacy legislation as well as an approach for policy-driven privacy negotiation for use in distributed agent-based systems.