Inside: Free checking account | High yield savings account


Online privacy policies rarely protect
Web visitors from having their info sold
By Lucy Lazarony • Bankrate.com

Online privacyWant to find out how a Web site plans to use your personal information?

It won't be easy. You'll need to wade through a long, murky privacy policy first. Many policies drone on for several pages and say remarkably little.

"They're long and god-awful to read," says Tim Kane, founder and director of privacy at Enonymous.com, a site that studies and rates the privacy policies of more than 30,000 Web sites.

"Some policies say so much and yet they're silent on the subject of sharing and selling information."

Consumers call privacy an "intrinsic right"
And that's precisely what many people are concerned about when they hop online. Eighty percent of Net users want an online privacy policy that prohibits the sale of their information to anyone, according to a study by Forrester Research. Ninety percent of consumers want to have control of their information once it's released on the Web.

"Consumers feel privacy on the Internet is this intrinsic right," says Christopher Kelley, an associate analyst at Forrester.

Most online businesses disagree. Few online companies give consumers any control over their personal information.

- advertisement -

Enonymous.com awards a four-star privacy rating to a Web site that never shares a customer's personal information with a third party and never contacts a customer unless the customer has opted-in for such a service. Few Web sites make the cut.

In April, only 85 of the top 1,000 most visited Web sites, or 8.5 percent, earned a four-star rating. Worse still, 37 percent of the top 1,000 sites had no privacy policy, and 30 percent had a privacy policy that allowed them to share customer information without consent.

Buried in legalese
So at this point, when it comes to a customer's personal information, most of the rights belong to business. A typical privacy policy is chock-full of legalese and aimed at protecting the company, not the customer.

"Most read as privacy disclosures rather than privacy warranties," says Jason Catlett, president of Junkbusters.

"They usually give the company the latitude to do whatever they want with your information."

One quick way to gauge how safe your personal information is on a particular Web site is to look for a privacy seal. Privacy seals are awarded to sites by organizations such as TRUSTe and the Better Business Bureau's BBBOnLine.

To earn a seal, an online company signs a contract agreeing to adhere to the privacy standards of a particular organization. These standards vary from organization to organization.

To receive a privacy seal from BBBOnLine, a company must complete a lengthy questionnaire detailing its information practices and then pass a compliance review. BBBOnLine has awarded 500 privacy seals since March 1999.

"If you're getting more than 1,000 applications and less than half are getting seals, what does that mean?" says Gary Laden, director of BBBOnLine. "It means bad apples aren't getting in the door."

The meaning of the seal
Because standards for seals vary, it's important to learn what that seal on the front of your favorite Web site means. It's also a good idea to check out a site's privacy policy on your own.

"When companies get seals, that may mean that they meet a certain criteria, but that may be a lower level of privacy than you require," says Deborah Pierce, staff attorney for the Electronic Frontier Foundation, a consumer advocacy group based in San Francisco.

Dave Steer, a spokesman for TRUSTe, adds, "We constantly emphasize to users to read the privacy policy. You, yourself, are in the best position to judge if you want to be on a site or not."

It's also important to realize that a privacy seal comes with a price tag. An online company pays to participate. This makes many privacy advocates skeptical of seal organizations' enforcement standards. They point out that no company has ever had a privacy seal revoked.

"Obviously, these organizations aren't going to bite the hands that feed them," Catlett says.

"Empty promises"
Andrew Shen, policy analyst at the Electronic Privacy Information Center, calls privacy seals "empty promises."

"Privacy seals don't mean anything because companies never show any teeth in enforcing them," Shen says. "A privacy policy is only what a company says it's doing with your personal information. What it's actually doing is another matter entirely."

Such comments irk those in the seal business.

"We take compliance of our program standards very seriously," Laden says. "Our name is all we have. We're not going to put our name on something that doesn't cut the mustard. If someone sees the BBB Online seal, they should know it's a safe place to go."

Constant changes in policies
Keeping tabs on a Web site's privacy policy is no mean feat. Changes are common.

Enonymous.com uses a computer program to monitor the privacy policies of the top 1000 sites and any site with a four-star privacy rating every 24 hours. Any change sends out an alert.

"We have about five of those a day -- sometimes as many as 20," Kane says. "Sometimes it's a comma. Sometimes there's a children's privacy statement. There's a constant churn."

Even policies that do offer consumer some protections give themselves the right to change their mind. More and more sites are saying things like "We reserve the right to change this policy at any time."

"When you leave yourself a back door, it negates the promises that you've made," Kane says.

So what can consumers do?

  • Get into the habit of reading and re-reading the privacy policies of sites you visit frequently. It may be boring, but at least this way you'll know what a site plans to do with your information.
  • Only do business with online companies that you trust.
  • Limit the number of sites on which you disclose personal information.

Online advice for safe Web surfing
Tips for savvy Web surfing are available from the Privacy Rights Clearinghouse, the Electronic Frontier Foundation and the Federal Trade Commission. A guide to practical privacy tools is available on the EPIC Web site. Many of the products are free.

Avoid sites that don't post privacy policies. Sites without privacy policies can be reported to the watchdog program at The Center for Democracy and Technology.

"We think people should be writing to those sites and telling them why they won't shop there," says Ari Schwartz, policy analyst at the Center for Democracy and Technology.

"It's very important to get feedback out there -- to encourage sites to be more responsible."

-- Posted: May 17, 2000

 

top of page
See Also
Clinton proposes privacy protections for consumers
How to keep your privacy when online
Following the rules can increase personal security
How to get rid of unwanted "cookies"
Online banking glossary
More online banking stories

Print   E-mail
 

Checking and Savings
Compare today's rates
NATIONAL OVERNIGHT AVERAGES
Interest checking 0.53%
MMA 0.49%
$10K MMA 0.53%



RELATED CALCULATORS
  How long will your savings last  
  How to reach a savings goal -- with scheduled payments  
  Watch your savings grow with regular deposits  
VIEW ALL 
BASICS SERIES
Checking Basics
Manage your account in a fee-friendly way.
What's the best checking
account for me?
ABCs of ATMs
What are all these fees?
Is online banking secure?

MORE ON BANKRATE
Banking glossary  
News archive  
Keep an eye on the leading rates  
Find a high-yielding CD


- advertisement -
 
- advertisement -
About us
Advertise with Bankrate
Partners
Press Room
Investor Relations
Contact Us
Sitemap
Site Tour
Understanding Bankrate's rate averages
© 2012 Bankrate, Inc. All Rights Reserved.
Privacy Policy/Your California Privacy Rights
Terms of Use