0 introduction
With the increasing integration of information technology, business and life in recent years, data has become one of the core tangible assets in the digital economy era. New technology research and development and new industrial applications in the fields of the Internet and big data continue to generate new economic growth points and solve more and more social governance problems. But at the same time, issues of citizen privacy leaks caused by technology continue to arise, and the industry faces severe regulatory compliance and security challenges.
In recent years, my country, the European Union, and the United States have successively released dataprivacy protectionlaws and regulations. In 2021, our country will successively promulgate the "People's Republic of Chinadata security law” and “The People’s Republic of ChinaPersonal information protectionLaw", which puts forward clear requirements for standardizing data processing and protecting personal information rights and interests. The "14th Five-Year Plan for Digital Economy Development" promulgated by the State Council in 2022 also clearly focuses on strengthening the digital economy security system to effectively prevent various risks. visible,Data SecurityIt plays a key role in the development of the digital economy, affecting the whole body. Only by building a strongData SecurityOnly the cornerstone can safeguard the high-quality development of the digital economy.
With the rapid development and popularization of the digital economy, consumers' awareness of personal privacy protection in various consumption scenarios is also increasing. This article focuses on analyzing the high-frequency scenarios of personal privacy leakage in the food delivery industry and its governance measures. Take the "Privacy Form", a consumer personal user privacy data protection plan under the "Consumer Personal Privacy Protection Special" on the Ele.me platform, as an example.Takeaway sceneUnder the new model of user privacy data protection, analyze the difficulties and feasibility of the entire business link.
1 The “Privacy Order” of the food delivery service platform and its implementation difficulties
1.1 Overview of Privacy Form
The instant delivery industry has similar business scenarios and huge scale to the generalized logistics industry. It also exposes the problem of consumers' personal privacy information "naked" in the delivery process. Customer complaints and public opinions caused by personal privacy leakage have gradually occurred in recent years, which has sounded the a personinformation securityA wake-up call for protection.
To this end, food delivery service platforms have also conducted a lot of exploration around consumer privacy protection from the perspective of long-term development and social value. At present, the food delivery service platform has jointly launched a "privacy sheet" with a number of third-party ecological service provider brands, which has become an important implementation scenario in the management of personal privacy protection in the food delivery service scenario.
As the name suggests, "privacy face sheet" refers to the desensitization of consumers' names and real mobile phone numbers through technical processing, and the delivery address is hidden according to different business scenarios and delivery methods, so that consumers' personal information is not directly displayed on the takeaway face. On the order, the delivery staff obtains the user's information through other methods to complete the delivery service. In the pharmaceutical retail business scenario, when users purchase goods that involve personal privacy (such as drug names that expose psychological, physiological and other important privacy), the platform also hides them on demand based on the drug category, and also protects consumption based on the "privacy sheet" privacy and personal information.
In recent years, whether it is the express delivery industry or the takeout industry, related companies have begun to make efforts to popularize "privacy forms". So far, the popularity of "privacy orders" on food delivery service platforms is relatively high, but there is still room for further development. Taking the Ele.me platform as an example, desensitization of consumer names and real mobile phone numbers has been fully covered, delivery address hiding has covered nearly 90% (merchant self-delivery service has not yet been covered), and pharmaceutical privacy forms have been fully launched on its own platform. , are still exploring cooperation with third-party ecological service providers and brands to achieve full coverage.
1.2 Difficulties in “Privacy Form” Business
From the perspective of the logistics industry as a whole, although privacy face sheets have received close attention in recent years, the coverage and promotion rate are still not high. China Central Broadcasting Network published an article on October 30, 2021 titled "Why has the popularity rate of express delivery "privacy form" declined instead of rising after four years of promotion? 》, elaborated on the difficulty of popularizing the privacy form in the express delivery industry. For example, increasing the cost of delivery and pickup time requires multi-party information exchange among sellers, platforms, and express delivery companies.
However, the fulfillment time limit of the food delivery industry is shorter than that of express delivery, and it mainly focuses on point-to-point delivery to homes, which to a certain extent reduces the time cost for riders to check the order address and for consumers to pick up meals. At the same time, most takeout orders are delivered by real-time logistics and distribution platforms (such as Hummingbird) operated by the Internet platform. The platform's transformation and standard requirements for privacy orders can be unified to a certain extent, making it easier to coordinate internal and external resources.
Therefore, compared with the express delivery industry, the main problem faced by the food delivery industry is that the business links are longer and the scope is wider.
This article sorts out the overall business links of a takeout order as follows (shown in Figure 1):
figure 1
The first stage: C-end consumers place orders on the food delivery service platform APP/mini-program. When placing orders, the system will check "Number Protection" by default. After checking, a virtual account will be enabled to replace the mobile phone number to complete the ordering action on the platform. .
The second stage: The platform provides services and data to the open platform, including order services, product services, store services, merchant services, message services, etc. Service providers or brands can apply for interfaces for required business scenarios on the merchant open platform of the food delivery service platform to complete the development of business systems.
The third stage: The service provider completes system research and development based on the interface from the open platform, and provides business services in different scenarios to merchants, such as printers, merchant operations, ERP systems, SAAS systems, aggregate orders, etc. Brand owners also develop self-developed systems for use by their own brands based on the interface of the open platform.
The fourth stage: Merchants use the system provided by the service provider to conduct business and complete order processing and food delivery, and riders go to the store to collect takeaways.
Stage 5: The rider gets the food and delivers it to the consumer.
In the entire business link, three issues need to be considered:
The first is how riders can quickly and efficiently locate delivery orders before delivery. In actual scenarios, after consumers place an order, the rider goes to the store to pick up the order. However, valid information such as the order address is hidden, and the rider cannot find the order efficiently. The timeliness and accuracy of fulfillment cannot be guaranteed, which will inevitably lead to user complaints about delivery overtime. Complaints such as , wrong order delivery, etc. will increase the rider’s performance work pressure, which is not what the platform wants.
The second is how the rider can accurately determine and deliver the order address during delivery. In busy delivery tasks, even if the rider relies on the address provided by the system, how can the rider accurately determine the order's ownership in a simple and fast way? Whether the hiding of the address affects the efficiency of delivery, and whether it can ensure the rider's accurate delivery.
The third is how merchants and riders communicate with consumers after sales or emergencies after delivery. In actual scenarios, without real user information, how do merchants and riders provide services to ensure user service experience when users initiate after-sales services? Or how do merchants and riders reach users when encountering special or emergency situations? Communicate.
Faced with the above problems, how does the platform protect consumers' personal privacy and security while ensuring rider delivery, merchant performance, and platform business operations? This requires comprehensive evaluation and analysis on the platform and multiple strategies to complete the privacy issue.
2 “Privacy Form” Protection Strategy for Food Delivery Service Platforms
The continuous availability of business is the bottom line of the business that the platform must ensure. If the user information cannot be displayed in the privacy form, the rider must be informed of the delivery address and contact information through another method. Through a series of explorations and attempts, in addition to desensitizing user names, the current food delivery service platform also adopts a three-pronged approach of "order pickup number", "express order address hiding" and "one-to-one virtual account" to ensure user privacy. While protecting, it also ensures smooth performance links between riders and merchants.
This article is from a contribution, does not represent the position of the Chief Security Officer, if reproduced, please specify the source: https://cncso.com/en/practice-and-exploration-of-consumer-personal-privacy-protection-html
Comments(2)
Thanks for sharing. Is the above solution suitable for third-party service providers or self-delivery by merchants?
Great best practices and explorations, useful information to share👍