Issues
Privacy For Business
Best Practices
Industry trade groups spend a lot of time thinking about what is appropriate and ethical with respect to privacy and marketing. There is a tension inherent to the privacy debate: the more information marketers have, the more accurately they can target solicitations to consumers who are actually interested in them. However, the more information business has about a customer, the more heightened the concern about privacy and how that information is used.
COPPA Compliance
In April 2000, the new federal Children’s Online Privacy Protection Act (COPPA) created comprehensive new rules that govern the online collection and management of children’s personal information. If you operate a website that collects any personal information, you need to review the requirements of COPPA to ensure that your business is in compliance with the law. COPPA rules spell out what a website operator must include in a privacy policy, when and how to seek verifiable consent from a parent, and what responsibilities your business has to protect children’s privacy and safety online. For a comprehensive review of business responsibilities, please review the FTC’s guidelines.
Database Privacy
Any discussion of privacy wouldn’t be complete without visiting the logical and physical storage place for all of that customer information: the database. Securing databases from internal and external snooping is critical to protecting both your customer data and one of your key competitive assets. Additionally, the database as an entity is a conceptual part of the privacy debate— one of the biggest ongoing controversies is DoubleClick’s effort to blend off-line and online customer information databases, an effort that is currently on hold after tremendous public outcry.
Privacy Seals
Industry has long argued for self-regulation with respect to privacy, and the various non-profit privacy seal programs are the cornerstone of industry’s efforts. The privacy seal programs require a website to undergo a thorough review of its privacy practices and to conform to a benchmark standard. As of last year, 8% of all websites participated in a seal program, and 45% of the top 100 sites were seal holders.
Privacy Statements
American businesses have moved fairly aggressively over the past few years to implement online privacy policies. Visit any major website (including cse.org) and you are almost certain to see a “Privacy Policy” link on the main page. This statement describes the information management practices for the site, and if you operate a commercial site you should certainly create your own privacy statement (the links below will help automate the task).
