*** From the Archives ***

This article is from September 18, 2000, and is no longer current.

Notes from the Epicenter: Have You Read Your Site’s Privacy Policy Recently?

1

Editor’s note: We’ve asked Andrea Dudrow to expand her column to address the impact the Internet has on our lives. As she lives in San Francisco, the epicenter of the earthshaking movement that is the World Wide Web, she’ll also give us reports on the trends and styles of the creative people who work in this industry. Enjoy!

Thanks to this age of electronic databases and online transactions, we consumers have found ourselves in possession of an apparently valuable and much sought after commodity: our personal information. That’s everything from the URLs of Web sites we visit and ads we click to our credit card numbers, addresses, and even banking records. The problem is this: We still don’t have a reliable way to control the dissemination of that information.

According to the Associated Press, identity theft, which is now accomplished largely through deceptive online offers or straight-out hacking of corporate databases, now claims some 500,000 victims a year, making it one of the fastest growing crimes in the United States. Compound this with the confounding lack of Internet savvy one can find among many otherwise clever adults (a friend and I recently had a protracted argument over whether an offer from Victoria’s Secret promising a $50 gift certificate to whoever forwarded the message to nine friends was legit — it wasn’t.) and you’ve got yourself a problem.

Which is why I, and legions of privacy advocates, were dismayed to learn that Amazon.com has recently changed its privacy policy. The old, and somewhat standard, policy allowed for customers to ask the retailing behemoth not to share their personal data with third parties (other retailers, marketers, you name it) as well as making no provisions for the sale of that data by Amazon. The new policy prevents customers from blocking the transfer of their personal data to any of Amazon’s affiliates (such as third-party retailers who sell products through Amazon’s omnibus site), and abdicates all responsibility for what those retailers may do with customers’ personal information. The new policy also makes provisions for the transfer of Amazon’s vast store of personal data, in the event that the company is bought or sold. For a business that lost over $700 million last year, this prospect is a little too close for comfort.

Buyer Beware
Unfortunately, consumers don’t have so many choices if they want to use Amazon’s services but maintain control of their personal data. One option is to employ a service like PrivateBuy that will supply them with an anonymous name, address, and MasterCard number. The problem is, it’s kind of hard for Amazon to ship your purchases if you haven’t provided them with your actual address. Better solutions may be in the works, however. American Express recently announced that it will provide its cardholders with disposable credit card numbers for use when purchasing goods online.

But is simply listing a privacy policy enough protection for consumers? Amazon doesn’t even belong to a third-party consumer privacy protection group like TRUSTe or the Better Business Bureau Online. Organizations like this may not be necessary in the future however. Groups like the Electronic Privacy Information Center(EPIC) are pushing for laws that would standardize the way online retailers could deal with customers’ personal information, which would be a good thing for consumers, if you ask me. (EPIC issued a press release announcing that it had severed its book-selling relationship with Amazon as a result of its new policy). Many online shoppers simply don’t have the time or the gumption to delve into privacy policies or to employ workaround options like PrivateBuy.

The Federal Trade Commission this summer investigated the case of the online retailer Toysmart.com, which had filed for bankruptcy protection and promptly announced that it may sell its customer list. The FTC was able to block such a sale, basically because Toysmart’s original privacy policy didn’t allow for that eventuality. Amazon has neatly circumvented similar government action by spelling things out in its policy.

Protect and Serve
What frightens me most about this apparent erosion of consumer rights in the online world is how few consumers may actually realize it is happening. With otherwise intelligent people sending around chain e-mails promising free merchandise, the ever-increasing technical savvy of those interested in stealing personal information, and the increasing gall of companies like Amazon who would lay claim to information that cannot possibly be called their own, the potential for consumers to fall prey to unsafe privacy practices is becoming greater. The offline world has mechanisms in place to protect consumers and keep their private information private; shouldn’t the online world have the same protections? We shouldn’t have to jump through hoops to be sure we’re not being taken advantage of — we should just know.

Read more by Andrea Dudrow.

(Editor’s note: Creativepro.com values your privacy. Read our policy.)

  • anonymous says:

    to take the time to read all the fine print…you click, you surf, y’know? I mean, I feel that I move so fast on the Web that I don’t want to sit and read a bunch of legalese designed to confuse me.
    Re: Amazon – they’re also making news these days for “variable pricing policy;” which means that prices on the same products are different for different shoppers! Hmmm…I smell a rat.

    J.H.

  • >