eBay 2007 Annual Report Download - page 29

Download and view the complete annual report

Please find page 29 of the 2007 eBay annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 128

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128

expect to continue to receive communications from users requesting reimbursement or threatening or commencing
legal action against us if no reimbursement is made. Our liability for these sort of claims is only beginning to be
clarified and may be higher in some non-U.S. jurisdictions than it is in the U.S. Litigation involving liability for
third-party actions could be costly for us, divert management attention, result in increased costs of doing business,
lead to adverse judgments, or otherwise harm our business. In addition, affected users will likely complain to
regulatory agencies that could take action against us, including imposing fines or seeking injunctions.
Negative publicity and user sentiment generated as a result of fraudulent or deceptive conduct by users of our
eBay and PayPal services could damage our reputation, reduce our ability to attract new users or retain our current
users, and diminish the value of our brand names. We believe that negative user experiences are one of the primary
reasons users stop using our services.
Any factors which reduce cross-border trade could harm our business
Cross-border transactions using our websites generally provide higher gross margins than similar transactions
that take place within a single country due to higher transaction fees we earn for those transactions. To the extent
that any factors, including fluctuations in exchange rates or the application of specific national laws to users in other
countries, result in a net reduction in cross-border trade, our business could suffer.
Our business is subject to online security risks, including security breaches and identity theft.
To succeed, online commerce and communications must provide a secure transmission of confidential
information over public networks. Our security measures may not detect or prevent security breaches that could
harm our business. Currently, a significant number of our users authorize us to bill their credit card accounts directly
for all transaction fees charged by us. PayPal’s users routinely provide credit card and other financial information.
We rely on encryption and authentication technology licensed from third parties to provide the security and
authentication to effect secure transmission of confidential information, including customer credit card numbers.
Advances in computer capabilities, new discoveries in the field of cryptography or other developments may result in
a compromise or breach of the technology used by us to protect transaction data. In addition, any party who is able to
illicitly obtain a user’s password could access the user’s transaction data. An increasing number of websites
including, recently, our Korean subsidiary, have reported breaches of their security. Any compromise of our security
could harm our reputation and, therefore, our business, and could result in a violation of applicable privacy and
other laws. In addition, a party that is able to circumvent our security measures could misappropriate proprietary
information, cause interruption in our operations, damage our computers or those of our users, or otherwise damage
our reputation and business. Under credit card rules and our contract with our card processors, if there is a breach of
credit card information that we store, or that is stored by PayPal’s direct credit card processing customers, we could
be liable to the credit card issuing banks for their cost of issuing new cards and related expenses. In addition, if we
fail to follow credit card industry security standards, even if there is no compromise of customer information, we
could incur significant fines or lose our ability to give customers the option of using credit cards to fund their
payments or pay their fees. If we were unable to accept credit cards, our business would be seriously damaged.
Our servers are also vulnerable to computer viruses, physical or electronic break-ins, and similar disruptions,
and we have experienced “denial-of-service” type attacks on our system that have made all or portions of our
websites unavailable for periods of time. We may need to expend significant resources to protect against security
breaches or to address problems caused by breaches. These issues are likely to become more difficult as we expand
the number of places where we operate. Security breaches, including any breach that results in the release of our
users’ personal information, could damage our reputation and expose us to a risk of loss or litigation and possible
liability. Our insurance policies carry low coverage limits, which may not be adequate to reimburse us for losses
caused by security breaches.
Our users, as well as those of other prominent Internet companies, have been and will continue to be targeted
by parties using fraudulent “spoof” and “phishing” emails to misappropriate passwords, credit card numbers, or
other personal information or to introduce viruses through “trojan horse” programs to our users’ computers. These
emails appear to be legitimate emails sent by eBay, PayPal, Skype, or a user of one of those businesses, but direct
recipients to fake websites operated by the sender of the email or request that the recipient send a password or other
19