|
||
Research and retrieval of news articles by: SPECIAL NOTE TO ALL VISITORS: |
WEB'S PRIVACY PROTOCOL NEEDS BIG-NAME BOOSTSource: Toronto StarPosted on January 5, 2003 A new study out of the United States claims you do. Well, actually, it claims that Americans do, but since when have Americans made the distinction? According to the study -- a joint effort by the Conference Board, NFO WorldGroup and Forrester Research -- about a quarter of Web surfers feel their personal information will be safe with businesses they interact with and buy stuff over the Internet. That's up 3 percentage points from a year ago. Not a huge jump, mind you, but the Conference Board is quick to point out that it's a meaningful move in the right direction. "This trust barrier is beginning to erode," said one spokesperson. I'm always fascinated with studies of this sort, ones that focus on consumer perception and not whether consumers' personal information is truly safer than it was 12 months ago. An improvement in perception is good to see, but can it really be sustained over time if it's not backed by action? Granted, many companies have put a substantial amount of effort into better respecting how they collect and use customer information. They're the exception, not the norm, and those that have taken action shouldn't rest on their laurels. I think the general perception of "trust" has improved because our collective concerns have moved -- more accurately, they have been guided -- away from privacy and toward security. It started with jets flying into skyscrapers and anthrax threats in the mail, and exists today as some nebulous war on terrorism that has become more of a permanent state of being than an event with any foreseeable conclusion. One result is that privacy, as a consumer issue, as a business issue and as a technology issue, is becoming dangerously stagnant. As well, our scrutiny has shifted, rather than expanded, to government practices. This means the spotlight is no longer on the private sector, which has been more hush on the topic of consumer privacy. Take P3P, or Platform for Privacy Preferences, a Web site design protocol that the standards-setting World Wide Web Consortium (W3C) has high hopes will empower consumers by warning them what online businesses do with your personal data -- be it medical, financial or lifestyle information. Early last year, the W3C released its P3P recommendations after a five-year development phase. Internet giants Microsoft Corp. and America Online responded by building elements of the technology into their respective Web browsers. This created a mild industry buzz. In a nutshell, P3P creates a way for Web sites to codify their privacy policies into a machine-readable language, making it possible for P3P-enabled browsers to scrutinize the Web sites users visit based on their preset preferences. If the user's preferences match the Web site's privacy policy, then the browser proceeds to the site. If they conflict, then the browser alerts what is now a more informed consumer, who would probably be inclined take his business elsewhere. The goal is to make it easier for consumers to judge a site by not having to read what are normally lengthy and jargon-filled privacy policies written by legal types who tend to care more about potential lawsuits than the way consumer information is treated. For online businesses that wanted to impress consumers with their privacy practices, P3P gives them a way to reach out and distinguish themselves from the pack. While there was interest when P3P was first introduced -- Web founder Tim Berners-Lee visited Toronto last June to promote it -- the standard has lost a lot of momentum. With privacy taking a backseat to security and more studies touting that consumers have more trust in the companies they deal with online, why wouldn't the operator of a Web site question the need for P3P? After all, making a Web site P3P-compatible can be time-consuming and costly for complex Web sites, and intimidating for smaller sites. Where's the incentive to make the move? "We continually promote P3P to our partners," Richard Purcell, corporate privacy officer at Microsoft, told me a couple of months ago. "We've considered making it a requirement in certain partnering relationships. And that's not an easy sell." Microsoft, eager to clean up the perception that it's not privacy friendly, has been an early and valuable advocate of P3P. When it put P3P features in Internet Explorer 6, some Web sites discovered that, by default, the browser was blocking Internet cookies they used to enhance the e-commerce capabilities -- such as shopping carts -- of their Web sites. This made many Web operations stand up and at least take notice. "The question is how do we create a landscape or environment on the Web of P3P compliance so that it becomes more effective across all Web sites?" says Purcell, whose intentions are genuine, even if the intentions of his firm aren't as clear. One suggestion he had was to get a company like Google or Yahoo to create an ability for Web users to search only P3P-compliant Web sites, with the added feature of fine tuning that search based on an individual's privacy preferences. "Wouldn't it be cool if one of the big search engines allowed an individual to specify that they only wanted the results of their search to be returned if there is a resulting URL that satisfies the privacy requirements that the individual has requested?" Purcell asks. "That way I can be sure when I go to that Web site I'm going to a safe privacy-sensitive business as opposed to one that doesn't care." Definitely cool. But as Purcell adds: "It's a chicken-and-egg question. If there's not enough P3P-compliant Web sites, what's the use?" Ultimately, it will be companies like Microsoft and America Online that will need to push the industry to accept this standard, by building the technology deeper into their own software. If Purcell really wants to make a change, this is one place he could devote his energies. Likewise, if Bill Gates wants to promote "Trustworthy Computing," the term he touted in his now-famous memo nearly a year ago, then using Microsoft's huge industry influence to give P3P some added clout of its own is one way of fulfilling that goal. That way, the industry can back up "perceptions" of trust with measurable examples of true change.
E-Commerce Alerts are issued by Bennett Gold LLP, Chartered Professional Accountants as situations develop. Bookmark this site and check back often. Our e-mail address is: info@BennettGold.ca In accordance with United States Code, Title 17, Section 107 and Article 10 of The Berne Convention on Literary and Artistic Works, the news clippings on this web site are made available without profit for research and educational purposes. |
ALERT WebTrust Is Your Best Defense Against Privacy Breaches. Get WebTrust Working For Your Site. |