Article: Bob Sonner

The Small Business Library

March 15, 2000

Tips:   What Is Your Privacy Policy?

The "Dot Com" division of a Fortune 500 company recently initiated an affiliate program and found itself inundated by the number of applications. Unfortunately, over 80% of those applications were rejected outright... not because the company didn't want the promotional power of all those sites, but because they lacked one vital ingredient - a Privacy Statement.

No site that collects any data on visitors should be without one. A Privacy Statement explains to the wary customer what data you are collecting, why you are collecting it, how you are going to use it, and how you are going to secure it. If your privacy practices are favorable to the customer, then the Privacy Statement becomes a selling point, garnering customer admiration and confidence. If not, or if you have no Privacy Policy at all, then don't be surprised if your customers look elsewhere for service.

Unfortunately, most site owners overlook publication of a Privacy Statement or see it as an inconvenience. You may argue that visitors donít even notice, much less read, privacy policies. That may have been true, but expectations and demands are changing. The Internet population is getting more savvy as high-profile incidents erode trust and consumers become more cautious.

Drafting and publishing a Privacy Statement need not be a daunting task. A good first step is to simply inspect the statements of big name sites and see what they are disclosing. You'll need to assess what information you are gathering, either overtly or from your server logs. You'll need to explain what information you collect, why you need that information and how it will be used. Don't forget to acknowledge or disclaim the data gathering of any third-party participants on your site such as ad-serving banners or hit counting services. If you (or they) use cookies, you must explain why and how they are being used.

And most importantly, if you collect personally identifiable or confidential information, you should explain how you will protect it from unintentional disclosure or with whom you will share it. You should also provide a way for users to correct errors or opt-out of any lists or databases.

Though customer data is highly valued currency on the Internet, if you respect the consumer's ultimate ownership of that data, then you are cultivating a lasting relationship that will prove more valuable over time.

You can find help creating a Privacy Statement with the tools and samples found at TrustE.Org, BBBOnline, SecureAssure.Com and Enonymous.Com.

You must realize that composing and publishing a Privacy Statement is not simply a perfunctory exercise. It's not just window dressing. The climate on the Web is shifting toward an increasing awareness of the privacy issue. Whether you are motivated by concern for your customer or by good business practices (concerns that are actually one in the same), be a part of the minority that recognizes the value of having a Privacy Policy.

Until the rest of the Web catches on, it might -- if nothing else -- distinguish you from your competitors.

Article by Bob Sonner  of WebVeil.  Bob, a former Naval Officer, has been a freelance Web programmer and Internet consultant for two years. WebVeil provides plain-talk advice to consumers and Web surfers looking for reasonable answers to their privacy concerns and will soon "unveil" a new service to assist users in achieving that privacy.