Online Privacy and Your Company
Upcoming SlideShare
Loading in...5

Like this? Share it with your network


Online Privacy and Your Company






Total Views
Views on SlideShare
Embed Views



2 Embeds 64 62 2


Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment
  • Collection, enhancement, and aggregation… Companies must realize that technology is merely an enabler. The application of technology—based on understanding the impact of each and every dialogue has on the total customer relationship—is quickly becoming the highest priority within corporations Information can be collaborated… Corporations face the challenge of making appropriate information available at all customer touch points while protecting privacy at the same time Expectations of consumers are shifting… Having basic permission and privacy policies, for example an opt-in policy, is becoming just the price of entry for marketers as opposed to the differentiator it used to be Privacy and customer permission… Business must walk a fine line between customer wants and business needs The business community must recognize the need to protect consumer privacy, but it also depends on consumer information to facilitate many transactions
  • Four in five users say that being able to trust the information on a site is very important to them and 14 percent say it is somewhat important Only 4 percent say it is not too important or not important at all This puts credibility right up with ease-of-use at the top of users’ list There is not much variation by age, race, income or education in these statistics 82 percent of those age 18-42 say trusting information is very important, compared with 75 percent of those age 50 and older 81 percent of whites, the same percentage of African-Americans and 77 percent of Hispanics say trusting information is very important Trusting content also rates as more important among those who use a credit card online (83%) than those who do no (75%)
  • Only 3 in 10 (29%) say they trust e-commerce sites either ‘just about always’ or ‘most of the time’ while more than six in ten (64%) trust them ‘only some of the time’ or ‘never’ Internet users show a similar degree of skepticism towards consumer advice sites Just over three in ten (33%) trust them and six in ten (59%) express low levels of trust Compare these ratings of Web sites with those of other organizations 68% say they trust small businesses 58% trust newspapers and television news 55% trust financial companies such as banks, insurance companies and stockbrokers 54% trust charities and other non-profit organizations 47% trust the federal government
  • The Internet industry is built on trust between businesses and their customers – and privacy is the number one ingredient is trust Real-life example of what causes consumer’s privacy concerns: In 1999, Internet advertising company DoubleClick announced plans to purchase direct marketing company Abacus Direct, which housed the nation’s largest catalog database The purchase would have allowed DoubleClick to marry information about consumers’ online habits (clickstream data) with Abacus’ information, thereby creating personally identifiable online profiles and allowing DoubleClick’s customers to better target online ads to consumers In March 2000, DoubleClick backed away from its plans
  • 93% of those online believe a statement of how the site will use personal and credit card information is very important Slightly more of those who use their credit card online (95%) find this very important compared to those who don’t (90%) Not surprisingly, those users who read most privacy policies find them more important (91%) than those who look at only some or none of them (68%)
  • About three-quarters of online users (73%) say that they have visited news and information sites within the past several months Expectations for a news and information site are different from those of an e-commerce site
  • Internet users say they want privacy policies, credit card protection policies, and access to important facts about who runs a site Do they actually look at the information that sites provide? For many users, yes. Almost six in ten (57%) read all or most of these policies Another two in ten (23%) read some of the policies Predictably, those who use a credit card on the Internet read these policies more often (91% at least most of the time) that those who don’t use a credit card online (59%) About as many users report reading privacy pages of sites (83%) as report reading credit card privacy pages (80%)
  • Cable Communications Policy Act Cable TV operators must inform their subscribers annually about the nature of data collected, data disclosure practices, and subscriber rights to inspect and correct errors in such data Census Confidentiality Statute Prohibits use of census data for other than the original statistical purpose Children’s Online Privacy Protection Act Requires web sites directed at children under the age of 13 to obtain ‘verifiable parental consent’ before collecting personal information online Customer Proprietary Network Information Restricts private sector access and use of customer data Driver’s Privacy Protection Act Prohibits State DMVs from releasing ‘personal information’ from drivers’ licenses and motor vehicle registration records Electronic Communications Privacy Act Prohibits persons from tampering with computers or accessing certain computerized records without authorization Freedom of Information Act Provides individuals with access to many types of records that are exempt from access under the Privacy Act, including many categories of personal information Gramm-Leach-Bliley Act Regulates the privacy of personally identifiable, nonpublic financial information disclosed to non-affiliated third parties by financial institutions Privacy Act Mandates that personal data be collected as much as possible directly from the record subject Generally prohibits collection of information about an individual’s exercise of First Amendment rights Requires Federal agencies to: Keep an accounting of extra-agency disclosures Instruct record management personnel in the requirements of the Act and the rules for its implementation ‘ Establish appropriate administrative, technical, and physical safeguards to insure the security and confidentiality of records Telephone Consumer Protection Act Requires entities who use the telephone to solicit individuals, to provide such individuals with the ability to prevent future telephone solicitations
  • U.S. companies must voluntarily… Customers must be informed of the identity of the entity collection the data, the purposes for the processing, and the recipients of the data collected, as well as any rights they may have Fewer than 75 U.S. companies… Recently pledged to provide European-grade privacy protection to their customers in the U.S. and around the world, even though no law requires them to do so.
  • Adoption and Implementation of a Privacy Policy Organization has a responsibility to adopt and implement a policy for protecting the privacy of individually identifiable information Organization should also take steps to foster the adoption of effective privacy policies by the orgs with which they interact Notice and Disclosure Privacy policy must be easy to find, read and understand Must be available prior to or at the time that the individually identifiable information is collected or requested Policy must state clearly: What information is being collected Use of information Choices available regarding collection, use and distribution of information Statement of an orgs commitment to data security Steps the org takes to ensure data quality and access Policy should also disclose consequences, if any, of an individual’s refusal to provide information Choice/Consent Individuals must be given opportunity to exercise choice regarding how information collected may be used when such use is unrelated to the purpose for which the information was collected Minimum: individuals must be given option to opt-out Data Security Orgs should take appropriate measures to assure data reliability and should take reasonable precautions to protect it from loss, misuse or alteration Data Quality and Access Orgs should take reasonable steps to assure that the data are accurate, complete and timely for the purposes for which they are to be used Appropriate processes or mechanisms so that inaccuracies may be corrected Reasonable and appropriate consumer access and correction must also be planned for
  • TRUSTe TRUSTe is an independent, non-profit privacy initiative dedicated to building users' trust and confidence on the Internet and accelerating growth of the Internet industry. We've developed a third-party oversight "seal" program that alleviates users' concerns about online privacy, while meeting the specific business needs of each of our licensed Web sites. The TRUSTe program is backed by a multi-faceted assurance process that establishes Web site credibility, thereby making users more comfortable when making online purchases or providing personal information. TRUSTe Privacy Statement Trust Mark The trustmark is awarded only to sites that adhere to our established privacy principles of disclosure, choice, access and security. Furthermore, Web sites that display the TRUSTe privacy seal agree to comply with ongoing TRUSTe oversight and our alternative dispute resolution process. TRUSTe Kids Privacy Statement Trust Mark The TRUSTe Children's Privacy Seal Program offers companies a solution for addressing children's privacy issues. The Children's Privacy Seal Program is compliant with the Children's Online Privacy Protection Act (COPPA) and as such has been approved by the FTC as an authorized COPPA safe harbor. TRUSTe eHealth Privacy Statement Trust Mark TRUSTe has teamed up with the American Accreditation Health Care Commission (URAC) to provide a certification program for companies that provide health services and information on the Internet. TRUSTe EU Privacy Statement Trust Mark Allows companies that do business with Europe and wish to comply with the Safe Harbor Privacy Framework set forth by the U.S. Department of Commerce. Better Business Bureau A wholly owned subsidiary of the Council of Better Business Bureaus, BBB OnLine 's mission is to promote trust and confidence on the Internet through the BBB OnLine Reliability and Privacy Seal Programs. BBB OnLine 's web site seal programs allow companies with web sites to display the seals once they have been evaluated and confirmed to meet the program requirements. BBB Reliability Program The BBB OnLine Reliability Seal confirms a company is a member of their local Better Business Bureau, has been reviewed to meet truth in advertisement guidelines and follows good customer service practices. BBB Privacy Program The BBB OnLine Privacy Seal confirms a company stands behind its online privacy policy and has met the program requirements regarding the handling of personal information that is provided through its web site.

Online Privacy and Your Company Presentation Transcript

  • 1. Online Privacy and Your Company Zach Evans
  • 2. Why Is Privacy Important?
    • Collection, enhancement, and aggregation of data are instantaneous
    • Information can be collaborated upon across the entire organization
    • Expectations of consumers are shifting rapidly: customer’s patience levels are getting shorter and shorter
    • Privacy and customer permission are cornerstone to customer trust
  • 3. Nine Factors in Deciding to Visit a Web Site Source: Consumer WebWatch 23 36 30 9 The site displays awards and certificates from other groups 12 26 41 19 The site displays seals of approval from other groups 11 27 37 24 What businesses and organizations financially support the site 12 22 33 32 Knowing who owns a Web site 4 8 36 50 Being able to find out important facts about a Web site 2 4 28 65 Knowing the site is updated frequently with new information 2 4 25 68 Being able to easily identify the sources of information 1 3 14 80 Being able to trust the information 1 2 16 80 The site is easy to navigate and to find what you want NOT AT ALL IMPORTANT NOT TOO IMPORTANT SOMEWHAT IMPORTANT VERY IMPORTANT
  • 4. Internet Users’ Trust of Organizations Source: Consumer WebWatch
  • 5. Privacy Survey Results
    • Wall Street Journal and NBC News
      • Individuals were asked to identify the issue(s) that concern them the most about the 21 st century
      • 29% responded that they were more concerned about threats to personal privacy that other social issues such as overpopulation, war, and global warming
    • Business Week
      • 37% of Internet users would be “a lot” more inclined to purchase on a site that had a privacy policy
      • 63% of Internet users are very concerned about the use of personal information
    • Jupiter Communications
      • Privacy/Security was the #1 factor that would convert researchers into buyers
  • 6. Six Factors in Choosing an E-Commerce Site Source: Consumer WebWatch 2 4 18 76 The site’s privacy policy 2 2 14 81 The email address, street address or telephone number where you can reach the site’s staff about any problems 2 1 8 88 A statement of the site’s policies for returning unwanted items or canceling reservations 1 1 9 89 An explanation of when you can expect delivery of your products or confirmation of your reservations 1 1 4 93 A statement of how the site will use your name, address, credit card number and other personal information you provide 1 0 3 95 A statement of fees that you will be charged for using the site, including shipping costs, transaction fees and handling fees NOT AT ALL IMPORTANT NOT TOO IMPORTANT SOMEWHAT IMPORTANT VERY IMPORTANT
  • 7. Six Factors in Choosing News/Information Sites Source: Consumer WebWatch 10 24 42 22 The financial relationships the site has with other sites or other businesses 10 22 37 30 A page that lists the editor or people responsible for the content on the site, like the masthead on a print publication 6 13 45 34 A prominently displayed page for corrections and clarifications 7 16 39 36 Email addresses for the editor or people responsible for the content on the site 4 10 25 59 Advertising is clearly labeled as advertising and distinguished from news and information on the site 4 8 22 65 The site’s privacy policy NOT AT ALL IMPORTANT NOT TOO IMPORTANT SOMEWHAT IMPORTANT VERY IMPORTANT
  • 8. Comparison of Importance Users Place on Various Factors and How Much They View Policies Source: Consumer WebWatch
  • 9. Economic Impact of Privacy Concerns
    • Report by Forrester Research found that $15 billion of projected e-commerce revenue would be unrealized because of privacy concerns
  • 10. Basis for Privacy Laws
    • No “right of privacy” in the U.S. Constitution
    • Does restrict how government, at all levels, can collect/use personal information
    • “ Common law” historically limits intrusive collection of personal information
    • Privacy Protection Study Commission (1977) recommended to Congress the following objectives
      • Minimize intrusiveness in the lives of individuals
      • Maximize fairness in institutional decisions made about individuals
      • Provide individuals with legitimate, enforceable expectations of confidentiality
  • 11. Current Federal Privacy Laws
    • Cable Communications Policy Act
    • Census Confidentiality Statute
    • Children’s Online Privacy Protection Act of 1998
    • Customer Proprietary Network Information
    • Driver’s Privacy Protection Act
    • Electronic Communications Privacy Act
    • Freedom of Information Act
    • Gramm-Leach-Bliley Act
    • Privacy Act
    • Telephone Consumer Protection Act
  • 12. Australian Privacy Amendment Act of 2000
    • Provides that personal information cannot be collected without the consent of person giving it
    • Once collected, information must be kept confidential
    • Information “cannot be transferred to another country that does not have privacy protection”
  • 13. Australian Privacy Amendment Act Impact
    • U.S. companies with Australian subsidiaries cannot transfer information between countries because U.S. does not (currently) have privacy protection
  • 14. European Union Directive 95/46/EC
    • Adopted in 1998 and became applicable to U.S. in 2001
    • Users must ‘unambiguously’ give consent for personal data to be collected after being informed about the purposes of the data collection
    • Expressly forbids collection of ‘sensitive data’ such as: racial or ethnic origin, political opinions, religious beliefs, trade union membership, and sexual preference
    • Forbids transfer of personal data to a country that does not provide a level of protection similar to its own
  • 15. European Union Directive 95/46/EC Impact
    • U.S. companies must voluntarily abide to ‘Safe Harbor’ provisions negotiated by U.S. Chamber of Commerce
    • Fewer than 75 U.S. companies had signed up for it as of mid-2001
      • Microsoft, Intel, Hewlett Packard, and Procter & Gamble
  • 16. Making Privacy a Top-Level Issue
    • Posted privacy policies on their Web sites
    • Created Chief Privacy Officer (CPO) positions
    • Increased employee awareness and training about the issue
    • Established self-regulatory initiatives
    • Taken other noticeable measures to shore up their privacy policies and practices
  • 17. Chief Privacy Officer (CPO)
    • Serve as a liaison between the corporation and consumer
    • Often have veto power over:
      • Product launches
      • Marketing campaigns
      • Strategic partnerships
  • 18. Guidelines for Online Privacy Policies
    • Adoption and Implementation of a Privacy Policy
    • Notice and Disclosure
    • Choice/Consent
    • Data Security
    • Data Quality and Access
  • 19. Online Privacy Resources and Certifying Organizations TRUSTe Better Business Bureau
  • 20. Questions?
  • 21. Sources
    • A Matter of Trust: What Users Want From Web Sites : : January 2003
    • A Review of Federal and State Privacy Laws : Better Business Bureau :
    • Global Commerce and The Privacy Clash : The Information Management Journal : January/February 2002
    • Guidelines for Online Privacy Policies : Online Privacy Alliance :
    • How Does Online Privacy Impact Your Bottom Line? : TRUSTe :
    • PRIVACY - What Every Manager Should Know : The Information Management Journal : May/June 2002
    • The Ethics of Database Marketing : The Information Management Journal : May/June 2002