Is Online Privacy Dead or Alive?

April 15, 2010

In my role as President of the Safe Internet Alliance ( was recently asked to respond to a question posed by Lora Bentley of whether consumers had any privacy left for an article in ITBusinessEdge. Here’s what was published on their site, below you can see my full response.

I recommend reviewing the comments by the other 19 respondents; there are a wide spectrum of answers.

The health of online privacy today is fundamentally split between the ultra-wealthy who can afford to guard their privacy – and who therefore enjoy a fairly healthy level of privacy, and the average consumer for whom privacy is on life-support.

It is an irresponsible tradeoff when companies trade consumer privacy for profit. The Safe Internet Alliance has published two recent blogs raising concerns about consumer privacy, the first blog comments on the recent filing to the FCC by the Center for Digital Democracy, US PIRG and World Privacy Forum, FTC Asked to Review Stealth Collection of Consumer Data. The second takes aim at the unacceptable practices of some companies when notifying consumers (after the fact) that they’ve changed their privacy policies, and users’ privacy is the casualty, Privacy Policy Changes – Some Companies Get Notification Right.

The Alliance also provides position papers and comments to the FCC and FTC on the need to encourage innovation in building safer online products that respect consumer’s online experience and information, and is currently working with industry groups to define an Internet Users privacy and safety Bill of Rights.

If you are concerned about your privacy, I also recommend How Far is Too Far? When Companies Track Your Online Use, and Your Internet Safety and Privacy Bill of Rights.



Privacy Policy Changes – Some Companies Get Notification Right

April 9, 2010

It’s time to demand honest, clear notices that come well in advance of Privacy Policy changes to give consumers an opportunity to opt out, protest, or take some other course of action.

Facebook users learned last week that their privacy had received another ‘haircut’. This latest round of Privacy Policy changes gives Facebook the right to sell your information to other companies in a clear profit-trumps-privacy equation.

Adding insult to injury, the company chose to minimize the press coverage – and number of consumers who would hear of the changes – by delaying their notice until after press deadlines on a Friday – for more information on the latest changes see Facebook privacy changes would share user data with other sites.

These practices are unacceptable. It’s time to demand a change.

Most companies, including flagships Microsoft, AOL, and Yahoo!, go to great lengths to protect your privacy, have clearly understandable policies that don’t change every time you turn around, and clearly respect their users., a genealogy site, goes even further and embodies the proactive approach to policy changes. Not only do they make their privacy practices clear on their website, the following email was just sent to their users giving very clear, advance notice about changes to their privacy policy. It’s so impressive, I’ve attached the entire email; it is well worth your attention. Click the image to see in full size site richly deserves the accolades they’ve received from PC Magazine, TIME, and CNET for being a great website. Their advance notification of policy changes to each and every member (and they strengthened their privacy protections – what a thought!) has now earned them a far humbler, but rarely given, award – the LOOKBOTHWAYS seal of approval. Congratulations Geni on being a shining example of transparency and consumer respect.

We encourage all companies with a web presence to employ consumer safety and privacy best practices in every aspect of their development, testing, support, and within their consumer services.”

As a percentage of companies, those who exploit consumers are but a fraction, but the tremendous reach of Facebook, and others with less than stellar track records like Google, means that most of the US population  (and a significant number of global users) are adversely impacted by their actions.

Sending users an email notification of any upcoming policy changes is easy and ethical. Sites already store every registered user’s email address, and email provides an excellent opportunity to clearly explain changes – including graphic representations of complex concepts – and provide links to where they can learn more, or ask questions.

The Radicati Group estimated that the number of emails sent per day in 2008 were around 210 billion, so for most sites sending an email to all their users would barely be a blip. But for huge sites that feel sending several hundred million emails would be prohibitive, there is a clear alternative; use a notification screen in front of every user (once per user) at least one week in advance of the changes that requires their action, or the action of their parent, before proceeding. For those who did not log on during the notification week (or longer time period), the notification should be changed to inform them of the changes that did occur so they can take action at that time.

Will providing clear notification annoy some users? Of course, so do seatbelts but they protect consumers from clear risks.

You have the right to an informed online experience. You have the right to set your own terms for your online experience. You have the right to expect online products and services to guard your safety and privacy. Learn more about your rights in Your Internet Safety and Privacy Bill of Rights.

As consumers you can—and should—vote with your feet if the experience you’re having on a service doesn’t meet your expectations. Even Facebook has had to beat a retreat when enough consumers rioted.