A report from New York-based Jupiter Media Metrix Inc. suggests that while both businesses and consumers claim they want privacy protection, neither does a lot about it.
The report, authored by Jupiter Research analyst Rob Leathern and released yesterday, concluded that businesses don’t spend enough to ensure privacy and that consumers can be enticed to give away large amounts of personal data.
For example, Leathern found that:
— Seventy percent of the more than 2,000 consumers surveyed said privacy was important to them, but only 40 percent read privacy statements.
— Eighty-two percent of online customers would provide personal information in exchange for a US$100 sweepstakes entry.
— Fifty-three percent of consumers use the same usernames and passwords on multiple sites. Leathern also criticized both business and consumers for their lack of attention to privacy policies.
Consumers tend not to read them, he said, and businesses tend to take wording drawn up by legal departments without getting input from IT, sales and marketing departments, so the policies doesn’t fit overall corporate strategies.
Leathern’s assertions have drawn criticism from both business and privacy advocates, however. Staples Inc., Amazon.com Inc. and America Online Inc. defended their privacy policies. Privacy advocates also took exception to some of Leathern’s conclusions.
“Most consumers don’t read online privacy statements because all experience has shown that consumers cannot trust online privacy statements,” said Jason Catlett, president of Green Brook, N.J.-based Junkbusters Corp.
That sentiment was shared by Chris Hoofnagle, legislative counsel for the Washington-based Electronic Privacy Information Center. Hoofnagle said a lot of studies try to show that consumers are apathetic to privacy because they don’t read a company’s privacy policy. But he called this “a false indicator.” The studies assume “that privacy policies protect privacy, but we all know they don’t,” Hoofnagle said.
The privacy advocates said companies will change their policies to suit their immediate needs. They said the public knows this, and the result is that privacy policies are meaningless. The advocated cited companies such as BestBuy.com Inc., Yahoo Inc. and Amazon.com, which have changed their privacy policies over time.
Although three companies didn’t agree with Hoofnagle and Catlett, they also disagreed with some of what Leathern wrote.
Representatives from AOL, Amazon.com and Staples said their companies are committed to protecting the privacy of their customers and that they spend a significant amount of money to ensure it.
If you look at the overall revenue a company makes from the sale of its products and services and then compare that to how much gets spent on privacy, it’s a very small percentage, Leathern said.
Andrew Weinstein, a spokesman for Dulles, Va.-based AOL, countered, however, that AOL has a team dedicated to privacy issues. Weinstein said he couldn’t go into the details for proprietary reasons, but he said the company is committed to protecting users’ privacy.
Patty Smith, a spokeswoman for Seattle-based Amazon.com, said the online retailer has a proven track record of telling consumers how it uses their information and how the Web site collects information using cookies.
Deborah Hohler, a spokeswoman for Framingham, Mass.-based Staples, also defended her company’s privacy policy and said the retailer spends a lot of time and resources to protect privacy.
Leathern’s conclusions found allies in Catlett and Hoofnagle, though, regarding the amount of information companies collect on their customers.
“The default business model so far has been, ‘Let’s collect extra information in case we can use it later,'” Leathern said. “I think that is going to be the wrong approach.”
Hoofnagle agreed, saying that by collecting more information than they need, companies create situations where abuses can occur.
“It’s a ripe situation for secondary use,” Hoofnagle said. “Your business fails, or you want to make more money, and you are sitting on this pile of information, and then the marketing department gets a hold of it.” Soon, companies are looking for ways to sell the information, and the privacy policy gets rewritten or goes by the board altogether, he said.
Leathern said companies that want to leap ahead of their competitors should take privacy concerns more seriously. Those companies that do will distinguish themselves in the marketplace and build loyalty among customers that other companies won’t have, he said.
Visit Jupiter Media at http://www.jmm.com/
