One of the most important advances in the rapidly developing world of electronic commerce is the ability of companies to develop personalized relationships with their customers. Personalization empowers companies to better understand their customers’ wants and desires and improve customer service by tailoring offerings to the unique needs of individuals . At the same time, this has become a subject of hot controversy because the technology involves the extensive collection and use of personal data.
Many, if not most, online shoppers and surfers are not aware of the extent of how much and what kind of info can be gathered about a person, even someone who is just visiting and not shopping or signing up for anything. Through the use of the “cookie” technology, a person’s movement through the Web can be tracked to provide information. Using cookies a website assigns each individual a unique identifier (but not the actual identity), so that the he may be recognized in subsequent visits to the site.
On each return visit, the site can call up user-specific information, which could include the consumer’s preferences or interests, as indicated by documents the consumer accessed in prior visits or items the consumer clicked on while in the site. Websites can also collect information about consumers through hidden electronic navigational software that captures information about site visits, including web pages visited and information downloaded, the types of browser used, and the referring websites’ Internet addresses.
The result is that a website about gardening that Jane Doe that could sell not only her name to mail-order companies, but also the fact that she spent a lot of time one Saturday night last month reading about how to fertilize roses. More disturbing scenarios along the same lines could be imagined. However, although concern about privacy and security has long been the biggest issue with online shoppersparticularly with the sanctity of their identification-related informationa majority do not mind their behavior being watched if it allows their shopping experience to be customized.
According to the 1999 Personalized Marketing and Privacy on the Net: What Consumers Want survey conducted by the non-profit research firm Privacy and American Business, 61 percent of the 474 Internet users surveyed said that they would be positive toward receiving banner ads tailored to their personal interests rather than receiving random ads. This represents about 56 million adult users interested in such personalization. In addition, 68 percent of the users also said that they would provide personal information in order to receive tailored banner ads, on the condition that notice and opt-out are provided .
The study seems to back the e-commerce firms who are watching online behavior to provide customized shopping experiences, and not privacy advocates who say that this practice is an invasion of privacy. It is the purpose for gathering the information, it would seem, that is the key to drawing the line between acceptable personalization and invasion of privacy. This is why it is important to many shoppers that a site have a privacy policy that explains what information is gathered and how it is being used, before they relinquish their information.
However, according to the 1999 Georgetown Internet Privacy Policy Survey, 94% of the top 100 websites post privacy policies, and 66% of the overall websites post privacy policies . These figures sound reassuring but the exact definition of the privacy policies in themselves remains to be questioned. The 1998 Federal Trade Commission report on Internet privacy, “Privacy Online: A Report to Congress” outlined five criteria by which a commercial website can be said to have a truly comprehensive privacy policy.
Known as the “Fair Information Practice Principles”, they are notice/awareness, choice/consent, access/participation, integrity/security, and enforcement/redress . In other words, websites should notify consumers that they’re collecting personal information and that the consumers can choose whether to provide it. The report-the result of a three-year study of 1,400 websites targeted at consumers-also censured the e-commerce industry for not adequately protecting private information, stating that “the vast majority of online businesses have yet to adopt even the most fundamental fair information practice….
It also criticized the industry’s voluntary guidelines, stating that “with limited exception, contain none of the enforcement mechanisms needed for an effective self-regulatory regime. “4 Only 924 of the 1,400 websites surveyed was found to have privacy policies. 87 percent of these notified customers that they collect information, and 77 percent offered customers refusal rights. However, only 40 percent gave customers access to their information; 46 percent promised security; and 49 percent provided contact information. There is also the question of how much these privacy promises are enforced.
In June 1998, AdAge. com had transferred user information-including log-on names and passwords-to theGlobe. com, an unrelated site. Registered AdAge. com users had no idea that the site had done so until they received an e-mail note that welcomed them to theGlobe. com and contained their AdAge. com passwords. This incident provoked outrage from some AdAge. com users and embarrassed both companies.
Although AdAge. com later apologized to its users, explaining that the data transfer was part of a community partnership between the sites and was designed to allow AdAge. com users easy access to theGlobe. m’s community features, this is a glaring example of what can happen despite privacy promises.
The lack of effective privacy protection is widely believed to be stunting the growth of e-commerce. Survey after survey has shown that more people would embrace e-commerce if they had better assurances about their privacy. Big business and small businesses have to realize that trust is necessary to build long-term, profitable customer relationships. Trust fosters customer loyalty, referrals and repeat business, so commercial enterprises that make privacy protection a priority will reap the returns from their customers.