The race is on to protect privacy on the Internet.
From ISPs to airlines, private companies are taking steps to regulate themselves so the government won’t have to. Many fear government intervention and legislation could hamper, even seriously harm, online business.
“We feel industry and consumers can deal with these issues without having government intervention because, usually, they aren’t aware of all the nuances of how consumer information is gathered,” says Scott Martin, president of the Personalization Consortium.
The Personalization Consortium is releasing a new set of privacy principles aimed at protecting consumers and promoting e-business. The consortium, an international alliance of major companies, claims what it is proposing is different from other attempts at self-regulation.
“Until now, the path to managing privacy verification has been vague,” Martin says. “This . . . is clearly a model that will help change the direction of consumers’ skepticism around the industry’s ability to manage information responsibly.”
That consumer skepticism is high. According to a recent Gallup Organization survey of Internet-savvy Canadians, 80 per cent are concerned about the privacy of their personal information online.
Derivion Corp., the Ontario-based e-billing technology supplier that commissioned the survey, says the technology does exist to protect consumer privacy online. It seems for consumers, however, the concern is with how companies are applying those safeguards.
“Consumers are getting very wary of companies asking them for information, then failing to care for it properly,” says Dr. Tom Keenan, dean of continuing education at the University of Calgary. “There have been a lot of high-profile cases where confidential information like credit-card numbers has been compromised.”
To protect everything from credit-card numbers to sexual preference and health records, the Consortium is proposing third-party privacy audits. Member companies must first agree to the privacy policy — which includes collecting only information that is relevant; obtaining consent for gathering or sharing information; and allowing consumers to access and possibly even alter their online information.
An external audit will then test the business’s actual privacy practices against these privacy principles.
“In the privacy policies and seals that exist today, there is no recourse for the consumer,” Martin explains. “So what we want to do is establish a framework . . . for consumers to have some form of recourse that’s credible.”
But do consumers agree?
According to the Gallup survey, 40 per cent of respondents said they didn’t trust companies to honour their own privacy policies.
“There is some value in companies making promises like this, but the real proof is in their behaviour,” says Keenan. “Since good security costs effort and money, a lot of companies are taking shortcuts,” he says.
“The only way I would take this stuff seriously is if a company, say, offered me a cash reward if they ever failed to properly protect my privacy.”
While the Personalization Consortium is not going that far, the group says consumers can take faith in their privacy policies, knowing that they are backed by industry-leading member companies including PricewaterhouseCoopers and American Airlines.
“The bottom line of this entire thing is that it fosters trust,” Martin says. “There hasn’t been trust and, just like any other relationship, you need trust.
“The currency of the future is our own information.”
