The Privacy Debate: What Do Customers and Businesses Really Want?

(c) 2001 David Strom Inc. 1

The Privacy Debate: What Do Customers and Businesses Really Want?

David Strom

[email protected], (516) 944-3407

eBiz June 2001


Summary

• Examine your own behavior

• Customer privacy issues

• Best practices

• Notable eBusiness privacy failures

• Creating your own corporate privacy policy


My privacy parameters

• PrivacyX.com advisor

• “Middle initial” tracking of magazine subscriptions

• Not too upset by spam, usually

• Turned off my office fax number

• But have unlisted home phone


Examine your own surfing behavior

• What kinds of information do you routinely provide to web sites: email address, birthdates, zip codes, age/gender ID, etc.

• What kinds of corporate information do you routinely provide: business phone/address, company information, etc.

• Does information show up in your URLs?• How can you minimize this data flow?


But there are a lot of things you might not be aware of

• Monitoring your web surfing via how URLs are constructed

• Monitoring your emails via “wiretaps”

• Tracking you via third-party cookies


Web URL monitoring

• http://dps1.travelocity.com/airgetaisl.ctl?aln_code=US&dep_date=19921230&dep_arp_code=PHL&carrarp_code=BOS&flt_number=2386 ….

• Should your URL show all this information?


Email wiretapping

• Exploits HTML email to embed small Javascript programs that can monitor who opens email and where the email goes

• Can be prevented, with the appropriate security settings, but most people don’t take these precautions


Third party cookie tracking

• Ad servers like Engage, DoubleClick, and others put coding inside their ads to identify users

• But what if this information is tied to your email or IP address?

• And what if a third-party site obtains additional information about you this way?


Rate these privacy invasions

• Sending out a single piece of email with everyone's email address clearly visible in the header

• A web site that tries to make it easier for its customers to login and track their accounts

• A piece of software that records the IP address of the machine it is running on and reports back to headquarters


Privacy best practices

• What are your expectations?

• What info is collected?

• How are you informed of the collection process?

• How can you change your address and other ID information?

• What happens when the company is sold?


What kinds of information is considered private?

• Your IP address• Your Ethernet MAC address/Windows

GUID• Your purchase history with a web storefront

(or physical store)• Your address and phone• Your email address• Your credit card, banking account numbers


How do products inform you of their information collection practices?

• Before you download them in clear language on the web site

• At the time you download them

• With obscure privacy policies on their web site

• In a press release from the vendor after something bad happens


How can you change your ID?

• With the post office, credit history, and others, relatively simple

• With software, not so simple

• Many products don’t have any automated tools for making changes


Who shares this information?

• Do sites offer secure logins or are they in the clear?

• What about third-party cookies, who makes use of them?


What happens to this information when your company gets sold?

• Does a company have a legal right to hold on to its data?

• Does a customer have a legal right to expect a company to not sell its data?

• Do we need new consumer protection laws for these situations?

• Are individuals’ privacy data considered a corporate asset or a liability?


Case in point: eBay

• Changed its privacy practices 4/01 to specifically mention what happens if sold

• But hides this deep within their privacy policies


How do you protect your customer’s privacy data?

• Secure servers, careful data structures and policies

• Authorized employees with limited access

• Firewalls

• Do all of these things really work?


Privacy problems

• Email

• Web surfing

• eCommerce


Back to email issues

• Hidden HTML code inside many email messages these days, called “web bugs”

• Convey information on whether you open the email message or not, whether you click on this specific link, and if you want to unsubscribe

• Works even if you use just the preview pane in MS OE/Outlook

• Supposedly this information is just used in the aggregate, but can you be sure?


Bad boys of web site privacy

• Doubleclick

• Real Networks

• GoHip.com

• TiVO


DoubleClick

• Made the mistake of combining two businesses: banner ad serving and email marketing

• Is it a violation of privacy when you aggregate individual information?

• Third-party cookie issues


Real Networks

• Is it a violation of privacy when you automatically subscribe users to your service, and bury any opt-out information?

• Should Real record my music listening habits without my explicit permission?

• And store this data even when I am not connected to the Net?


GoHip.com

• Download an ActiveX control that makes numerous changes to your browser and email configuration, as well as Startup folders – but advertised as a “video player browser enhancement.”

• First the company didn’t explain these changes, but now they do – in very, very fine print.


TiVO

• Aggregates personal TV viewing habits of its users

• But doesn’t really make that clear

• And employees of the company could have access to your privacy data


eCommerce privacy mishaps

• ToySmart trying to sell its customer list

• Long list of break-ins to obtain customer credit cards and accounts from numerous web sites, including Ikea, Western Union


Microsoft’s many problems

• Hotmail break-ins galore

• Global ID transmitted inside Word docs

• Network collapse from poor DNS config

• Software updates that scan your disk


Browser enhancement tools study

• Privacy Foundation examined 12 different software utilities that work with web browsers, and found numerous privacy problems

• ALL products sent more data back “home” to vendors’ HQ than required or disclosed to end-users


Results: poor notification of privacy violations

• Poor placement of disclosure statements• Users have to return to privacy policy page on web

site to check for changes• Sites reserve the right to release information when

they want to• Privacy policies are clouded in technobabble and

jargon• Policies are vague or wrongly stated• Sites use seals of approval from TrustE and BBB to

certify their sites, but not any actual software


Creating a solid corporate privacy policy

• First, understand your own actions

• Examine standards efforts

• Policy creation software tools

• Learning from eBay’s example


If you develop software

• Tell the truth about who has access to customer data

• Have lawyers work with your engineers to review software’s actual privacy practices

• Design with privacy in mind from the start

• Use opt-in rather than opt-out

• Don’t monitor URLs


P3P

• W3C standards-based effort

• Major multi-vendor contributions

• Blesses various software tools that can generate privacy policies that are more machine-readable than by humans


TrustE’s model privacy statement

• Available at www.truste.com/webpublishers/pub_modelprivacystatement.html

• Can easily copy and modify accordingly

• More like a legal document than helpful to users

• A good place to start

http://www.truste.com/webpublishers/pub_modelprivacystatement.html

http://www.truste.com/webpublishers/pub_modelprivacystatement.html


PrivacyBot

• $30

• Browser-based

• Brief, clear, to the point• You can examine my own policy here: strom.com/privacypolicy.html


IBM’s Privacy Tool

• Free

• Java-based

• Again, machine-readable policies that can be verified by P3P standard checking software


eBay’s example

• Several different versions, charts, and pages

• Many different levels of detail, including information about spam, cookies, etc.

• Link from bottom of home page

• Note how they notify users when it changes


The fine print

“It is possible that eBay, its subsidiaries, its joint ventures, or any combination of such, could merge with or be acquired by another business entity. Should such a combination occur, you should expect that eBay would share some or all of your information in order to continue to provide the service. You will receive notice of such event…”


Questions?

• Copies of this presentation: strom.com/pubwork/privacy.ppt

• More information can be found: www.privacyfoundation.org/pdf/bea.pdf

The Privacy Debate: What Do Customers and Businesses Really Want?

Documents

Transcript of The Privacy Debate: What Do Customers and Businesses Really Want?