In my last post I covered a few basics and statistics regarding online privacy policies. We hope the post encouraged all readers to think more about online activities and privacy. As consumers, we need to assume responsibility for our data, but we also need the support from our government as well. Cue the fun fact!
The facts are a bit unsettling, but progress has been made, specifically this past year. The House of Representatives, Reps. Bobby Rush (D-IL) and Cliff Stearns (R-FL) have each introduced separate comprehensive bills. In the Senate, John Kerry (D-MA) and John McCain (R-AZ) recently introduced the “Commercial Privacy Bill of Rights.” (source)
1. What information needs to be collected? How confidential/identifiable is the information?
2. Why does the website need the information? Is it appropriate for the service promised/provided?
The above questions reminded me of a recent scenario, which I\’m sure is encountered by many. Have you ever registered to receive an email newsletter? Ever wonder why they bother asking for your full name (first, middle and last), address, phone, date of birth, age, etc.? I\’ve come across this and it is a major annoyance. It\’s an email newsletter, nothing more! Get the basics: my email, maybe my first name so you address the email appropriately. My age may also be necessary for the sake of market research, but a business should not collect or store my mailing address for an email notification or newsletter.
Here are more questions to keep in mind:
3. How is the data being collected? Are those measures of collection secure? Does the site maintain web logs? Does the site set cookies?
Tracking cookies are secretly installed on your computer without your consent. Websites use these to track your browsing habits and to acquire information about your search history. These are dangerous because they attempt to acquire personal information, unlike regular cookies, which only record website visits. Read more on how to spot tracking cookies and how to get rid of them here.
4. How is personal information used once it is collected? Is it ever used for purposes other than those for which a visitor has provided it? (If so, the visitor should be informed of the use.)
5. Has the visitor consented to it? Does the visitor have the option to prohibit such secondary use? Can a visitor prohibit it and still enjoy the website?
6. Does the site offer different kinds of service depending on user privacy preferences? Does a user have a choice regarding the type and quantity of personal information that the site collects? Does the site disadvantage visitors who exercise data collection choices?
7. Can users access information that has been collected about them? Are users able to correct inaccurate data?
8. How long is personal information stored? Is it kept any longer than necessary for the task at hand?
9. Whom can visitors contact?
If you have a question, take the time to reach out to a marketing manager or webmaster so that you understand the policy completely. It is your information after all, so do your part to keep it safe.
10. What laws govern the collection? Is it a Federal government site regulated by the Privacy Act? Is the entity collecting information regulated by another privacy law?
As mentioned before, only California, Connecticut, Nebraska, and Pennsylvania have specific privacy policies regarding websites. You can read about the policies here. Also, keep in mind that there is no Internet Privacy Act within the U.S. If you come across any website that lists this fictitious law, proceed with caution!
Author: Alejandra Gutierrez