A Question of Privacy.

By Thomas Baekdal | Wednesday, September 19, 2007 | Section: insights

The question of online privacy is a very hot topic. Many people have an opinion, many companies talk about it - but few really protect your privacy.

Let's look at what it takes to create a privacy policy.

What is personal information?

When we talk about online privacy and protecting your personal information we are really talking about 4 different things:

  1. Personal information specific to you as a person - like your name, address, phone number, age, your education, the name of your children, your gender, who you are married to (or if you are single), social security number, tax number etc.
  2. Information about your actions - what websites you have visited, what you have searched for, what products you like, what you bought at Amazon, how many times you went to the bathroom last week etc.
  3. Information that you supply to a website - like the things you post about yourself on your blog, what you post on Twitter and the comments you made on varies websites.
  4. Technical information that links you with any of the above - like your IP address, Mac address, unique cookie identifiers and encryption keys.

The important thing to remember is that everyone is collecting personal information, and most of it is not harmful. Your neighbor knows what time you drive to work or take out the trash. You local car dealer knows about your driving habits and you local grocery store knows what kind of bread you like - everyone knows something about you.

This is great. It is nice that you can say "I need new tires" to your car dealer - and then be assured that you get the right kind because he already knows what you need.

The problem with personal information on computers and especially online is that it allows people to collect much more information than they should - and even worse - combine information for their own advantage. For instance, while it is great that you car dealer knows about your driving habits, you don't really want him to know what kind of food you like, or what person you bought flowers for.

...and this is where a privacy policy comes into play.

What is a Privacy Policy about?

A Privacy Policy is not something you make in order to cover yourself legally, nor is it something you can use to get out of trouble just by saying "we violated you privacy, but you should know because we said we would do so".

A Privacy Policy is statement of respect and ethics. You make a privacy policy because you realize that people have a right to privacy. It is okay to collect essential information if it is to help the people who visit you - not if it is to further you own egocentric desires.

It is not okay to collect unrelated personal information just because you say you will in your privacy policy. It is certainly not okay to use that personal information to your own advantage or to share it with questionable companies.

You cannot own parts of other people's life and as such, privacy is a statement where you say "I do know something about you, but I also deeply respect you as a person".

5 elements of privacy

Most Privacy Policies only deals with how your personal information is shared. Most will say "We do not share your personal information with anyone - except our selected partners".

But, there is much more to a privacy policy - 5 things to be exact. It ranges from full privacy protection (green) to full violation of people's privacy (red). They are:

Collecting

How much personal information do you collect?

Protection

What measures you have taken to protect people's personal information.

Control

What level of control you allow people to have over the information you have about them.

Usage

How you use people's personal information.

Sharing

In what way your personal information is shared with external sources.

Companies in Europe are actually legally required to protect people's right to privacy. You will be breaking the law if you have any red or yellow marks. Privacy laws in Asia and US is less severe. Even worse, most privacy laws only apply to companies - not individuals. Personal websites can basically get away with anything

(Note: a company blog is not a personal website)

But, again the purpose of creating a privacy policy is not to protect you legally - it is about ethics and trust. Having any kind of yellow or red marks is just wrong - no matter what website you have.

Also remember that if you do use external services to enhance you site - your level of privacy protection is affected by their actions. You do not respect people's personal information of you share it with people who violate it. It is not a problem to use external partners, if they are as responsible as you are.

Not everything is a privacy concern

While it is important to protect people's rights, it is also important to realize that many things do not invade people's privacy.

A person's privacy can only be violated if the information is used for specific and individual tracking. General website statistics is not a violation of people's privacy, nor is personalization.

Comments

blog comments powered by Disqus

There is always more...

Digital Outperforming Traditional at a Rapid Pace »

There where two interesting stories this week about emerging digital markets. First, we heard from Amazon that the sale of ebooks has now surpassed the sale of hardcover books.


Social, Mobile Internet, Friends and Summer »

It is not unusual for many websites to lose 20-50% of their traffic during the hot summer months. It happens every year, because people rather want to be outside with their friends, having fun barbecuing, than sit inside in front of a computer.


Gatorade's Social Command Center »

Gatorade has released a video of their social command center. It is quite impressive, and ultra-geeky. It looks more like something from Norad, than anything you would expect from a soft-drink company.


Compete and The Rumored Death of Digg »

You might have heard the stories about Digg losing 50% of its traffic in just one month, based on data from Compete.com. They are all asking the same question. Is Digg dead? (no it isn't)


Mixing Talks With Infographics to Create a Story »

I was watching several of video from the Royal Society for the encouragement of Arts, Manufactures and Commerce - or simply the RSA. Besides having a YouTube channel filled with interesting content, they have created some of the best story telling videos I have ever seen.


Social Media, Starting Early And Taking Risks »

Traditional marketing is pretty simple. You ask your graphic designer to create a beautiful presentation of your product. Next, you give a magazine a handful of money to buy exposure to a certain amount of people. That’s it. You create an ad, pay money, and get exposure.


Understanding How To Respond To Change »

Isn't it odd that so many companies fight change instead of embracing it? Shouldn't we welcome it with open arms? See it as huge opportunity to get ahead of our competition?


It's Always About The Story »

Companies are constantly trying to come up with something new and exciting, but most of the time they to tend to focus on the wrong thing. Instead of creating a story, they make a book. Instead of creating interesting articles, they created a printed magazine. Instead of making remarkable products, they design a new website.


The First Rule of Privacy »

Privacy is a big topic online, and there are many different opinions about it. But all the privacy problems can be summed up into one simply rule that cannot be broken.


Security in a Social World »

Not a day goes by without someone talking about security issues on Facebook and Twitter - and how scary that world is for companies. Recently, we heard about a phishing attack on Twitter, and Sophos posted a graph showing Facebook to be a really scary place.


Share on:

Share via Facebook

Share on Buzz

Submit to Digg

Post to Stumbleupon

Send via email