Reset password:

Strategic insights
A Question of Privacy

Written by on September 19, 2007

The question of online privacy is a very hot topic. Many people have an opinion, many companies talk about it - but few really protect your privacy.

Let's look at what it takes to create a privacy policy.

What is personal information?

When we talk about online privacy and protecting your personal information we are really talking about 4 different things:

  1. Personal information specific to you as a person - like your name, address, phone number, age, your education, the name of your children, your gender, who you are married to (or if you are single), social security number, tax number etc.
  2. Information about your actions - what websites you have visited, what you have searched for, what products you like, what you bought at Amazon, how many times you went to the bathroom last week etc.
  3. Information that you supply to a website - like the things you post about yourself on your blog, what you post on Twitter and the comments you made on varies websites.
  4. Technical information that links you with any of the above - like your IP address, Mac address, unique cookie identifiers and encryption keys.

The important thing to remember is that everyone is collecting personal information, and most of it is not harmful. Your neighbor knows what time you drive to work or take out the trash. You local car dealer knows about your driving habits and you local grocery store knows what kind of bread you like - everyone knows something about you.

This is great. It is nice that you can say "I need new tires" to your car dealer - and then be assured that you get the right kind because he already knows what you need.

The problem with personal information on computers and especially online is that it allows people to collect much more information than they should - and even worse - combine information for their own advantage. For instance, while it is great that you car dealer knows about your driving habits, you don't really want him to know what kind of food you like, or what person you bought flowers for.

...and this is where a privacy policy comes into play.

What is a Privacy Policy about?

A Privacy Policy is not something you make in order to cover yourself legally, nor is it something you can use to get out of trouble just by saying "we violated you privacy, but you should know because we said we would do so".

A Privacy Policy is statement of respect and ethics. You make a privacy policy because you realize that people have a right to privacy. It is okay to collect essential information if it is to help the people who visit you - not if it is to further you own egocentric desires.

It is not okay to collect unrelated personal information just because you say you will in your privacy policy. It is certainly not okay to use that personal information to your own advantage or to share it with questionable companies.

You cannot own parts of other people's life and as such, privacy is a statement where you say "I do know something about you, but I also deeply respect you as a person".

5 elements of privacy

Most Privacy Policies only deals with how your personal information is shared. Most will say "We do not share your personal information with anyone - except our selected partners".

But, there is much more to a privacy policy - 5 things to be exact. It ranges from full privacy protection (green) to full violation of people's privacy (red). They are:


How much personal information do you collect?


What measures you have taken to protect people's personal information.


What level of control you allow people to have over the information you have about them.


How you use people's personal information.


In what way your personal information is shared with external sources.

Companies in Europe are actually legally required to protect people's right to privacy. You will be breaking the law if you have any red or yellow marks. Privacy laws in Asia and US is less severe. Even worse, most privacy laws only apply to companies - not individuals. Personal websites can basically get away with anything

(Note: a company blog is not a personal website)

But, again the purpose of creating a privacy policy is not to protect you legally - it is about ethics and trust. Having any kind of yellow or red marks is just wrong - no matter what website you have.

Also remember that if you do use external services to enhance you site - your level of privacy protection is affected by their actions. You do not respect people's personal information of you share it with people who violate it. It is not a problem to use external partners, if they are as responsible as you are.

Not everything is a privacy concern

While it is important to protect people's rights, it is also important to realize that many things do not invade people's privacy.

A person's privacy can only be violated if the information is used for specific and individual tracking. General website statistics is not a violation of people's privacy, nor is personalization.

Share on

Thomas Baekdal

Thomas Baekdal

Founder of Baekdal, author, writer, strategic consultant, and new media advocate.


Baekdal PLUS: Premium content that helps you make the right decisions, take the right actions, and focus on what really matters.

There is always more...