site privacy statements and seals

This page is under development. It looks at privacy trust marks (also known as web seals). It also considers the policy statements that appear on some sites to identify the site operator's stance on privacy.

In the interim, an introduction to key issues is provided by Mark Berthold's 2002 paper Website Privacy Policy Statements and the Changing Face of E-commerce regarding principles and practice for site statements.

     issues

In practice privacy is often 'negotiated' on a site by site basis by individual consumers. That negotiation reflects -

• the principle of informed consent (users of a site can choose to provide information)
• the uneveness of national privacy legislation
• questions about jurisdiction and
• the absence of international privacy protocols (for example there is no direct equivalent of the Berne Convention harmonising national copyright law)

It relies on formal privacy statements (which range from a general indication that the operator recognises that privacy is an issue to detailed contractual undertakings or exclusions from the provisions of national law) and trust marks.

Three starting points for considering the nature of trust in cyberspace are the detailed 1999 report from the US National Academy of Sciences on Trust In Cyberspace, the Informed Consent Online project (ICO) at Washington University and the 2001 Stanford Persuasive Technology Laboratory report (PDF) on factors that affect credibility.

     statements

In essence, the privacy statement on a site is founded on the principle of informed consent: individuals are free to provide information about themselves on the basis that they're aware of how the information is used (including scope for verification/correction of that data). Not all data identifies individuals - on this site for example we don't use cookies to track discrete visitors - and the level of detail may vary.

In principle statements should encompass

• what information is being collected, in particular data that identifies an individual or that through profiling might be used to identify an individual
• how it used, including provision to third parties
• how it is stored (and disposed of)
• arrangements for correction of personal information

     trust marks

As we've suggested in our Consumers guide, a seal or trustmark is an advisory, rather than a guarantee of performance. It is an indicator that the site operator has agreed to be bound by a code of practice, although the binding is often weak and certification problematic.

Some observers, for example, have criticised the process through which seals are acquired, in particular schemes based on self-assessment. Critics argue that self-assessment is inherently open to abuse by the unscrupulous or merely incompetent.

Others note the poor performance of certifying bodies, including prominent seal issuers such as TRUSTe, characterised as slow to respond to consumer concerns about abuses or lacking the resources to monitor compliance with their rules and ensure that the trustmark is removed from a site that breaches those rules.

Still others note the plethora of competing trustmark bodies, ranging from those that a restricted to a particular jurisdiction to those with global ambitions and a presence in all major markets. Our basic inventory of e-business trustmarks is here.

The longterm viability of several of those marks is poor, as they have not

• gained substantial endorsement by regulatory bodies
• secured a significant market share among retailers, service providers and other commercial entities
• established appropriate credibility among a sufficiently large number of consumers (whether individuals or businesses), either in differentiation from competitors or for trustmarks per se
• grown enough to enjoy economies of scale in marketing and promotion

A perspective is provided in Web Seals: A Review of Online Privacy Programs, a 2000 report by the Office of the Information & Privacy Commissioner in Ontario and the Australian Federal Privacy Commissioner. For a vision, which we find unconvincing, that consumers will embrace trustmarks and then seek "lovemarks" see the interview with Saatchi & Saatchi's Kevin Roberts.

     practical issues

In practice there are five concerns about privacy statements -

• they are disregarded by the site operator
• can't be readily found by a visitor to a site
• can't be readily accessed and copied by most users for study or later reference (eg comprise several pages of text that is presented within a small box on a page and cannot be printed)
• feature inappropriate exclusions
• are written in legalese and/or formatted to minimise use (eg very fine print, all upper case, no subheadings or paragraphs)

There's a useful demonstration of some of the practical issues in a study by the US Privacy Rights Clearinghouse (PRC), a consumer advocacy body. Lost in the Fine Print: Readability of Financial Privacy Notices examines business compliance with new legislation - the Financial Services Modernization Act (Gramm-Leach-Bliley Act) - that requires financial institutions to send consumers yearly notices on how their personal financial data is used.

The legislation's been strongly supported by consumers, consistent with the range of studies suggesting that people like to know what data's being collected and how it's handled. It's also gained broad supported from industry, particularly from those banks that perceive there's a competitive advantage in demonstrating best practice in the collection, use and disposal of personal data. Provisions in the legislation permitting data sharing between all entities under a corporate umbrella were an added incentive for the major financial groups.

By the end of June 2001 every account holder in every US financial institution was to receive a notice, under the new legislation, concerning the protection of their personal financial information. Most observers expect that institutions will still provide data to third parties, as that will be only be restricted if consumers actively opt out (ie formally notify the bank, credit union or other financial body).

Most of the notices were included with monthly account statements. That's a traditional delivery mechanism: in Australia financial service providers frequently notify changed terms & conditions in fine print with such statements or an accompanying glossy leaflet, most of which are reportedly thrown away unread.

That's been a concern to bodies such as the Australian Competition & Consumer Commission (ACCC) and Financial Services Consumer Policy Centre (FSCPC) at the University of New South Wales.

The PRC study examined the clarity of 17 financial privacy notices from major financial institutions. It's backed up by an information sheet as an aid for consumers assessing other notices.

The notices are supposed to be written in a 'clear and conspicuous' style with language that's 'reasonably understandable,' a term which is not defined. Overall, the study found that the privacy notices failed basic readability tests and would not be readily understood by most US consumers. The notices did not meet current US state readability requirements for other financial documents, such as insurance policies. We consider that readability is likely to be even lower when the information is presented online.

Problems are also illustrated by comparing the US and Canadian versions of statements by Yahoo! (here and here) and MSN (here and here). Which do you find more convincing?

The PRC study offers a useful encapsulation of key recommendations for increasing the readability of privacy documents.

In line with work noted in our Accessibility guide, it suggests that institutions should

1. present information in a clear and concise way
2. use short explanatory sentences or bullet lists
3. use concrete everyday words
4. use the active voice
5. avoid multiple negatives
6. avoid imprecise explanations
7. use plain-language headings to call attention to the statement and boldface for key words
8. use a typeface and type size that are easy to read
9. use wide margins and enough line spacing.
   

    next page (the media and privacy)