3. Nine Factors in Deciding to Visit a Web Site Source: Consumer WebWatch 23 36 30 9 The site displays awards and certificates from other groups 12 26 41 19 The site displays seals of approval from other groups 11 27 37 24 What businesses and organizations financially support the site 12 22 33 32 Knowing who owns a Web site 4 8 36 50 Being able to find out important facts about a Web site 2 4 28 65 Knowing the site is updated frequently with new information 2 4 25 68 Being able to easily identify the sources of information 1 3 14 80 Being able to trust the information 1 2 16 80 The site is easy to navigate and to find what you want NOT AT ALL IMPORTANT NOT TOO IMPORTANT SOMEWHAT IMPORTANT VERY IMPORTANT
6. Six Factors in Choosing an E-Commerce Site Source: Consumer WebWatch 2 4 18 76 The site’s privacy policy 2 2 14 81 The email address, street address or telephone number where you can reach the site’s staff about any problems 2 1 8 88 A statement of the site’s policies for returning unwanted items or canceling reservations 1 1 9 89 An explanation of when you can expect delivery of your products or confirmation of your reservations 1 1 4 93 A statement of how the site will use your name, address, credit card number and other personal information you provide 1 0 3 95 A statement of fees that you will be charged for using the site, including shipping costs, transaction fees and handling fees NOT AT ALL IMPORTANT NOT TOO IMPORTANT SOMEWHAT IMPORTANT VERY IMPORTANT
7. Six Factors in Choosing News/Information Sites Source: Consumer WebWatch 10 24 42 22 The financial relationships the site has with other sites or other businesses 10 22 37 30 A page that lists the editor or people responsible for the content on the site, like the masthead on a print publication 6 13 45 34 A prominently displayed page for corrections and clarifications 7 16 39 36 Email addresses for the editor or people responsible for the content on the site 4 10 25 59 Advertising is clearly labeled as advertising and distinguished from news and information on the site 4 8 22 65 The site’s privacy policy NOT AT ALL IMPORTANT NOT TOO IMPORTANT SOMEWHAT IMPORTANT VERY IMPORTANT
8. Comparison of Importance Users Place on Various Factors and How Much They View Policies Source: Consumer WebWatch
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19. Online Privacy Resources and Certifying Organizations TRUSTe www.truste.org Better Business Bureau www.bbbonline.org
Collection, enhancement, and aggregation… Companies must realize that technology is merely an enabler. The application of technology—based on understanding the impact of each and every dialogue has on the total customer relationship—is quickly becoming the highest priority within corporations Information can be collaborated… Corporations face the challenge of making appropriate information available at all customer touch points while protecting privacy at the same time Expectations of consumers are shifting… Having basic permission and privacy policies, for example an opt-in policy, is becoming just the price of entry for marketers as opposed to the differentiator it used to be Privacy and customer permission… Business must walk a fine line between customer wants and business needs The business community must recognize the need to protect consumer privacy, but it also depends on consumer information to facilitate many transactions
Four in five users say that being able to trust the information on a site is very important to them and 14 percent say it is somewhat important Only 4 percent say it is not too important or not important at all This puts credibility right up with ease-of-use at the top of users’ list There is not much variation by age, race, income or education in these statistics 82 percent of those age 18-42 say trusting information is very important, compared with 75 percent of those age 50 and older 81 percent of whites, the same percentage of African-Americans and 77 percent of Hispanics say trusting information is very important Trusting content also rates as more important among those who use a credit card online (83%) than those who do no (75%)
Only 3 in 10 (29%) say they trust e-commerce sites either ‘just about always’ or ‘most of the time’ while more than six in ten (64%) trust them ‘only some of the time’ or ‘never’ Internet users show a similar degree of skepticism towards consumer advice sites Just over three in ten (33%) trust them and six in ten (59%) express low levels of trust Compare these ratings of Web sites with those of other organizations 68% say they trust small businesses 58% trust newspapers and television news 55% trust financial companies such as banks, insurance companies and stockbrokers 54% trust charities and other non-profit organizations 47% trust the federal government
The Internet industry is built on trust between businesses and their customers – and privacy is the number one ingredient is trust Real-life example of what causes consumer’s privacy concerns: In 1999, Internet advertising company DoubleClick announced plans to purchase direct marketing company Abacus Direct, which housed the nation’s largest catalog database The purchase would have allowed DoubleClick to marry information about consumers’ online habits (clickstream data) with Abacus’ information, thereby creating personally identifiable online profiles and allowing DoubleClick’s customers to better target online ads to consumers In March 2000, DoubleClick backed away from its plans
93% of those online believe a statement of how the site will use personal and credit card information is very important Slightly more of those who use their credit card online (95%) find this very important compared to those who don’t (90%) Not surprisingly, those users who read most privacy policies find them more important (91%) than those who look at only some or none of them (68%)
About three-quarters of online users (73%) say that they have visited news and information sites within the past several months Expectations for a news and information site are different from those of an e-commerce site
Internet users say they want privacy policies, credit card protection policies, and access to important facts about who runs a site Do they actually look at the information that sites provide? For many users, yes. Almost six in ten (57%) read all or most of these policies Another two in ten (23%) read some of the policies Predictably, those who use a credit card on the Internet read these policies more often (91% at least most of the time) that those who don’t use a credit card online (59%) About as many users report reading privacy pages of sites (83%) as report reading credit card privacy pages (80%)
Cable Communications Policy Act Cable TV operators must inform their subscribers annually about the nature of data collected, data disclosure practices, and subscriber rights to inspect and correct errors in such data Census Confidentiality Statute Prohibits use of census data for other than the original statistical purpose Children’s Online Privacy Protection Act Requires web sites directed at children under the age of 13 to obtain ‘verifiable parental consent’ before collecting personal information online Customer Proprietary Network Information Restricts private sector access and use of customer data Driver’s Privacy Protection Act Prohibits State DMVs from releasing ‘personal information’ from drivers’ licenses and motor vehicle registration records Electronic Communications Privacy Act Prohibits persons from tampering with computers or accessing certain computerized records without authorization Freedom of Information Act Provides individuals with access to many types of records that are exempt from access under the Privacy Act, including many categories of personal information Gramm-Leach-Bliley Act Regulates the privacy of personally identifiable, nonpublic financial information disclosed to non-affiliated third parties by financial institutions Privacy Act Mandates that personal data be collected as much as possible directly from the record subject Generally prohibits collection of information about an individual’s exercise of First Amendment rights Requires Federal agencies to: Keep an accounting of extra-agency disclosures Instruct record management personnel in the requirements of the Act and the rules for its implementation ‘ Establish appropriate administrative, technical, and physical safeguards to insure the security and confidentiality of records Telephone Consumer Protection Act Requires entities who use the telephone to solicit individuals, to provide such individuals with the ability to prevent future telephone solicitations
U.S. companies must voluntarily… Customers must be informed of the identity of the entity collection the data, the purposes for the processing, and the recipients of the data collected, as well as any rights they may have Fewer than 75 U.S. companies… Recently pledged to provide European-grade privacy protection to their customers in the U.S. and around the world, even though no law requires them to do so.
Adoption and Implementation of a Privacy Policy Organization has a responsibility to adopt and implement a policy for protecting the privacy of individually identifiable information Organization should also take steps to foster the adoption of effective privacy policies by the orgs with which they interact Notice and Disclosure Privacy policy must be easy to find, read and understand Must be available prior to or at the time that the individually identifiable information is collected or requested Policy must state clearly: What information is being collected Use of information Choices available regarding collection, use and distribution of information Statement of an orgs commitment to data security Steps the org takes to ensure data quality and access Policy should also disclose consequences, if any, of an individual’s refusal to provide information Choice/Consent Individuals must be given opportunity to exercise choice regarding how information collected may be used when such use is unrelated to the purpose for which the information was collected Minimum: individuals must be given option to opt-out Data Security Orgs should take appropriate measures to assure data reliability and should take reasonable precautions to protect it from loss, misuse or alteration Data Quality and Access Orgs should take reasonable steps to assure that the data are accurate, complete and timely for the purposes for which they are to be used Appropriate processes or mechanisms so that inaccuracies may be corrected Reasonable and appropriate consumer access and correction must also be planned for
TRUSTe TRUSTe is an independent, non-profit privacy initiative dedicated to building users' trust and confidence on the Internet and accelerating growth of the Internet industry. We've developed a third-party oversight "seal" program that alleviates users' concerns about online privacy, while meeting the specific business needs of each of our licensed Web sites. The TRUSTe program is backed by a multi-faceted assurance process that establishes Web site credibility, thereby making users more comfortable when making online purchases or providing personal information. TRUSTe Privacy Statement Trust Mark The trustmark is awarded only to sites that adhere to our established privacy principles of disclosure, choice, access and security. Furthermore, Web sites that display the TRUSTe privacy seal agree to comply with ongoing TRUSTe oversight and our alternative dispute resolution process. TRUSTe Kids Privacy Statement Trust Mark The TRUSTe Children's Privacy Seal Program offers companies a solution for addressing children's privacy issues. The Children's Privacy Seal Program is compliant with the Children's Online Privacy Protection Act (COPPA) and as such has been approved by the FTC as an authorized COPPA safe harbor. TRUSTe eHealth Privacy Statement Trust Mark TRUSTe has teamed up with the American Accreditation Health Care Commission (URAC) to provide a certification program for companies that provide health services and information on the Internet. TRUSTe EU Privacy Statement Trust Mark Allows companies that do business with Europe and wish to comply with the Safe Harbor Privacy Framework set forth by the U.S. Department of Commerce. Better Business Bureau A wholly owned subsidiary of the Council of Better Business Bureaus, BBB OnLine 's mission is to promote trust and confidence on the Internet through the BBB OnLine Reliability and Privacy Seal Programs. BBB OnLine 's web site seal programs allow companies with web sites to display the seals once they have been evaluated and confirmed to meet the program requirements. BBB Reliability Program The BBB OnLine Reliability Seal confirms a company is a member of their local Better Business Bureau, has been reviewed to meet truth in advertisement guidelines and follows good customer service practices. BBB Privacy Program The BBB OnLine Privacy Seal confirms a company stands behind its online privacy policy and has met the program requirements regarding the handling of personal information that is provided through its web site.