The E-volution of E-commerce Part VIII:
Privacy Protection

“Technology now makes it possible for online businesses and advertisers to turn the Internet into a realm where activities and habits are monitored and recorded, largely without consumer knowledge or consent. Unless businesses can protect privacy, the erosion of trust could seriously harm e-commerce as well as cause the public to become wary about using the Internet…” ~ New York Times Editorial Staff, February 22, 2000

E-commerce has done much more than spur the economy, alter business models and worry investors. It’s impact and ability to reach millions, especially into their pockets, has many clamoring to regulate its reach. The results of a number of surveys in the U.S. and Europe indicate that consumers are highly concerned with privacy, particularly in terms of retaining control the use of personal information and preventing abusive or criminal use of that data.

Organizations such as the National Consumers League (NCL) argue that consumer protection laws should not be regarded as barriers to electronic commerce but as “means of providing confidence in this new medium.”

In a survey conducted in August 1999, NCL found that 41% of all respondents said their biggest fear about online shopping was that their credit card numbers would be stolen if they provided them online (even if 67% said that credit card would be the most preferred method of payment for online purchases). 24% of respondents said that their greatest concern was possible abuse of other personal information. 10% cited potentially fraudulent merchants as their greatest fear. And one in five online shoppers reported having a problem with a transaction in the previous twelve months, ranging from misrepresentation to non-delivery to unauthorized charges.

The NCL survey also showed that consumers were confused about their protection in e-commerce. 69% incorrectly believed that it was safer to pay for an online purchase by check or money order than by credit card. 47% erroneously thought that they had three business days to cancel online purchases. And nearly one-third (30%) were under the false assumption that businesses must go through a screening process to ensure that they are legitimate before they can put Web sites up on the Internet.

Despite consumer fears many companies vigilantly argue that any intervention outside industry self-regulation will seriously impede the growth of the Internet and subsequently the economy.

Boston Consulting Group's director, Martin Naville, told The Wall Street Journal that “privacy concerns are significantly slowing growth in e-commerce,” and estimated that e-commerce growth could prospectively be one-third more substantial if consumers had more trust in the protection of their online privacy.

Assuring online privacy is undoubtedly a hot-ticket item when it comes to winning consumer’s trust and dollars. Three recent surveys convey the weight of this issue. The IBM-commissioned Harris Interactive 1999 Survey found an overwhelming 94% Americans are concerned about possible misuse of their personal information; a March @plan Internet Poll found that over 84% of online users felt that online information privacy is the most important issue with Internet use; and last year Forrester found that 90% of consumers would prefer to have control of how others use their personal information.

And the fear is seemingly valid. One of the more controversial and public mishaps of recent news concerned DoubleClick, the Internet’s largest supplier of advertising banners, which admitted to it’s plans for matching anonymous data collected online with personal data collected offline by a company it recently purchased, Abacus Direct (Abacus has a database of millions with personal data gathered by the nation’s largest direct-mail catalogues). This acknowledgement sparked furor amongst privacy advocates and led the company not only to announce a new privacy initiative including privacy audits by PricewaterhouseCoopers, but also to eventually revoke its plans to link anonymous user activity with personally identifiable data.

Marc Rotenberg, Executive Director of the Electronic Privacy Information Center (EPIC) summarized the results of their survey privacy practices of the top 100 on-line shopping sites by stating “On balance, we think that consumers are more at risk today than they were in 1997, when we first examined privacy practices on the Web.”

Furthermore, the Federal Trade Commission (FTC) reinforced these fears with a report released this May recommending to Congress that new legislation be adopted to protect consumer’s privacy online because the industry’s calls for self-regulation are not working. FTC Chairman Robert Pitofsky stated “a majority of the Commission finds that self-regulation alone, without some legislation, is unlikely to provide online consumers with the level of protection they seek and deserve.” FTC’s own survey of 100 major e-commerce Web sites found that merely 20% completely met the agency’s standards for protecting consumer privacy.

The Federal Trade Commission’s “Fair Information” Principles include:

Notice/Awareness: Does the site post a privacy policy or openly notify users that data is being collected?
Choice/Consent: Can Consumers control how their information is used and pick-and-choose what data can be shared with third-parties?
Access/Participation: Can consumers view and correct inaccurate information collected about them?
Security/Integrity: Is the storage and transmission of information safe from theft or “hacking?”

In addition to the establishing standards, FTC established an Advisory Committee on Online Access and Security to “provide advice and recommendations to the Commission regarding implementation of certain fair information practices by domestic commercial Web sites.” The Committee recently submitted an extensive report on privacy issues to the Commission on May 15, 2000.

Part VIII: E-Commerce Guidelines and Global Guidance Next



Copyright © 2000
Lorenzo D. Domínguez. All Rights Reserved.
These pages are protected by international copyright laws