Bosses at supermarket chain Safeway learned the importance of data protection the hard way this year when hackers sent a spoof e-mail warning of impending price hikes to everyone on the company's customer database.
Rules covering the use of this kind of customer information are being updated. First, the new Data Protection Act increased requirements to inform customers about the intended use of their details. Privacy policies are now on test across the web. Some will be found wanting as the authorities scrutinise CRM techniques.
Next, do you need permission from your target before sending a direct marketing message? It depends on your target and your medium, with different rules for phone, fax and e-mail.
Now e-business systems come under two new strains. The Human Rights Act puts more emphasis on privacy; the Regulation of Investigatory Powers Act could forbid interception of network traffic.