Privacy concerns cool holiday spirit

Even as the ranks of online shoppers swell, persistent concerns about security and privacy are still making many consumers shy about spending their money online this holiday season.

Although Web sales still represent a fraction of overall business, some retailers are looking to capitalize on the high-stakes shopping season with Web site design and privacy policy changes that reassure consumers, particularly in the wake of several dot-com e-tailer mishaps and failures.

According to Jupiter Research as many as 15 million more people will be potential online gift shoppers this year. But nearly one-third of Internet users do not purchase online because of worries over the privacy and security of credit card and personal information, according to a recent survey.

“I think privacy policies may be getting worse,” said Jason Catlett, president of Junkbusters, in Green Brook, N.J., a company that provides consumers with ways to cut down on junk e-mail and advertising. “They’re getting longer, more difficult to understand, and filled with more loopholes.”

Those changes to many e-tailer privacy policies have come in the wake of the Federal Trade Commission’s settlement with in July. The online seller of toys had promised in its policy never to sell the customer information it had collected.

However, when the company went bankrupt, one of the assets for sale was its customer database.

Since then many online retailers, most notably, have revised their privacy policies, taking out the word never.

With 630 stores nationwide, Circuit City, based in Richmond, Va., has taken pains to reflect an online image as a trusted spot to shop on the Web – to the point of including its “privacy and security guarantee” on every page.

“By design, it’s at the bottom of every page. No matter what page you go to you always see privacy and security and price protection,” said company spokesman Bill Cimino. “I think it’s important our customers are aware and they shop on a site they can trust.”, based in Boston, approaches its Web customer base as first-time buyers nervous about an online shopping experience. The store has a rigid policy never to sell its customer names or e-mail addresses, even with partner vendors.

“We’ve taken it to the extreme,” said Scott Savitz, president and co-founder of “It’s our responsibility to be building confidence, and the customers are really nervous as it is. Still, many people think that buying on the Internet is like buying in the store and don’t expect [that] the next day they’ll be inundated with information from other companies using their information.”

Savitz said that the growing list of sagging dot-coms has had the reverse effect on those left standing, prompting greater consumer interest in those left to choose from. “The survivors are getting so much attention [that] there’s basically nobody left [in online shoe pure-plays]. Some aren’t present anymore at all,” Savitz said.

Some “bricks-and-clicks” are banking on their longevity this holiday season and taking advantage of pure-play dot-coms for whom customer trust has fallen on hard times.

“We have a very strong existing brand that has been around for 14 years,” said Debbie Hohler, spokeswoman for Framingham, Mass.-based “[Customers] know we’re not here today and gone tomorrow.”

Increasingly, companies are creating the position of chief privacy officer. E-tailers are also raising the bar in their privacy policies. “We do not sell, rent, or loan any personal information,” said Katrina Peters, a spokeswoman for eToys.

But simply because a company posts a privacy policy doesn’t mean it’s any good, consumer privacy advocates warn.

“You only have to see one privacy policy to realize it doesn’t have a lot of teeth to it,” said Alex Fowler, senior director of policy and advocacy at Montreal-based privacy software vendor Zero Knowledge. “People are discouraged to learn that retailer privacy policies don’t protect their privacy. They just tell you how the retailer will use the information.”