370 likes | 554 Vues
The Privacy Debate: What Do Customers and Businesses Really Want?. David Strom david@strom.com, (516) 944-3407 eBiz June 2001. Summary. Examine your own behavior Customer privacy issues Best practices Notable eBusiness privacy failures Creating your own corporate privacy policy.
E N D
The Privacy Debate: What Do Customers and Businesses Really Want? David Strom david@strom.com, (516) 944-3407 eBiz June 2001 (c) 2001 David Strom Inc.
Summary • Examine your own behavior • Customer privacy issues • Best practices • Notable eBusiness privacy failures • Creating your own corporate privacy policy (c) 2001 David Strom Inc.
My privacy parameters • PrivacyX.com advisor • “Middle initial” tracking of magazine subscriptions • Not too upset by spam, usually • Turned off my office fax number • But have unlisted home phone (c) 2001 David Strom Inc.
Examine your own surfing behavior • What kinds of information do you routinely provide to web sites: email address, birthdates, zip codes, age/gender ID, etc. • What kinds of corporate information do you routinely provide: business phone/address, company information, etc. • Does information show up in your URLs? • How can you minimize this data flow? (c) 2001 David Strom Inc.
But there are a lot of things you might not be aware of • Monitoring your web surfing via how URLs are constructed • Monitoring your emails via “wiretaps” • Tracking you via third-party cookies (c) 2001 David Strom Inc.
Web URL monitoring • http://dps1.travelocity.com/airgetaisl.ctl?aln_code=US&dep_date=19921230&dep_arp_code=PHL&carrarp_code=BOS&flt_number=2386 …. • Should your URL show all this information? (c) 2001 David Strom Inc.
Email wiretapping • Exploits HTML email to embed small Javascript programs that can monitor who opens email and where the email goes • Can be prevented, with the appropriate security settings, but most people don’t take these precautions (c) 2001 David Strom Inc.
Third party cookie tracking • Ad servers like Engage, DoubleClick, and others put coding inside their ads to identify users • But what if this information is tied to your email or IP address? • And what if a third-party site obtains additional information about you this way? (c) 2001 David Strom Inc.
Rate these privacy invasions • Sending out a single piece of email with everyone's email address clearly visible in the header • A web site that tries to make it easier for its customers to login and track their accounts • A piece of software that records the IP address of the machine it is running on and reports back to headquarters (c) 2001 David Strom Inc.
Privacy best practices • What are your expectations? • What info is collected? • How are you informed of the collection process? • How can you change your address and other ID information? • What happens when the company is sold? (c) 2001 David Strom Inc.
What kinds of information is considered private? • Your IP address • Your Ethernet MAC address/Windows GUID • Your purchase history with a web storefront (or physical store) • Your address and phone • Your email address • Your credit card, banking account numbers (c) 2001 David Strom Inc.
How do products inform you of their information collection practices? • Before you download them in clear language on the web site • At the time you download them • With obscure privacy policies on their web site • In a press release from the vendor after something bad happens (c) 2001 David Strom Inc.
How can you change your ID? • With the post office, credit history, and others, relatively simple • With software, not so simple • Many products don’t have any automated tools for making changes (c) 2001 David Strom Inc.
Who shares this information? • Do sites offer secure logins or are they in the clear? • What about third-party cookies, who makes use of them? (c) 2001 David Strom Inc.
What happens to this information when your company gets sold? • Does a company have a legal right to hold on to its data? • Does a customer have a legal right to expect a company to not sell its data? • Do we need new consumer protection laws for these situations? • Are individuals’ privacy data considered a corporate asset or a liability? (c) 2001 David Strom Inc.
Case in point: eBay • Changed its privacy practices 4/01 to specifically mention what happens if sold • But hides this deep within their privacy policies (c) 2001 David Strom Inc.
How do you protect your customer’s privacy data? • Secure servers, careful data structures and policies • Authorized employees with limited access • Firewalls • Do all of these things really work? (c) 2001 David Strom Inc.
Privacy problems • Email • Web surfing • eCommerce (c) 2001 David Strom Inc.
Back to email issues • Hidden HTML code inside many email messages these days, called “web bugs” • Convey information on whether you open the email message or not, whether you click on this specific link, and if you want to unsubscribe • Works even if you use just the preview pane in MS OE/Outlook • Supposedly this information is just used in the aggregate, but can you be sure? (c) 2001 David Strom Inc.
Bad boys of web site privacy • Doubleclick • Real Networks • GoHip.com • TiVO (c) 2001 David Strom Inc.
DoubleClick • Made the mistake of combining two businesses: banner ad serving and email marketing • Is it a violation of privacy when you aggregate individual information? • Third-party cookie issues (c) 2001 David Strom Inc.
Real Networks • Is it a violation of privacy when you automatically subscribe users to your service, and bury any opt-out information? • Should Real record my music listening habits without my explicit permission? • And store this data even when I am not connected to the Net? (c) 2001 David Strom Inc.
GoHip.com • Download an ActiveX control that makes numerous changes to your browser and email configuration, as well as Startup folders – but advertised as a “video player browser enhancement.” • First the company didn’t explain these changes, but now they do – in very, very fine print. (c) 2001 David Strom Inc.
TiVO • Aggregates personal TV viewing habits of its users • But doesn’t really make that clear • And employees of the company could have access to your privacy data (c) 2001 David Strom Inc.
eCommerce privacy mishaps • ToySmart trying to sell its customer list • Long list of break-ins to obtain customer credit cards and accounts from numerous web sites, including Ikea, Western Union (c) 2001 David Strom Inc.
Microsoft’s many problems • Hotmail break-ins galore • Global ID transmitted inside Word docs • Network collapse from poor DNS config • Software updates that scan your disk (c) 2001 David Strom Inc.
Browser enhancement tools study • Privacy Foundation examined 12 different software utilities that work with web browsers, and found numerous privacy problems • ALL products sent more data back “home” to vendors’ HQ than required or disclosed to end-users (c) 2001 David Strom Inc.
Results: poor notification of privacy violations • Poor placement of disclosure statements • Users have to return to privacy policy page on web site to check for changes • Sites reserve the right to release information when they want to • Privacy policies are clouded in technobabble and jargon • Policies are vague or wrongly stated • Sites use seals of approval from TrustE and BBB to certify their sites, but not any actual software (c) 2001 David Strom Inc.
Creating a solid corporate privacy policy • First, understand your own actions • Examine standards efforts • Policy creation software tools • Learning from eBay’s example (c) 2001 David Strom Inc.
If you develop software • Tell the truth about who has access to customer data • Have lawyers work with your engineers to review software’s actual privacy practices • Design with privacy in mind from the start • Use opt-in rather than opt-out • Don’t monitor URLs (c) 2001 David Strom Inc.
P3P • W3C standards-based effort • Major multi-vendor contributions • Blesses various software tools that can generate privacy policies that are more machine-readable than by humans (c) 2001 David Strom Inc.
TrustE’s model privacy statement • Available at www.truste.com/webpublishers/pub_modelprivacystatement.html • Can easily copy and modify accordingly • More like a legal document than helpful to users • A good place to start (c) 2001 David Strom Inc.
PrivacyBot • $30 • Browser-based • Brief, clear, to the point • You can examine my own policy here: strom.com/privacypolicy.html (c) 2001 David Strom Inc.
IBM’s Privacy Tool • Free • Java-based • Again, machine-readable policies that can be verified by P3P standard checking software (c) 2001 David Strom Inc.
eBay’s example • Several different versions, charts, and pages • Many different levels of detail, including information about spam, cookies, etc. • Link from bottom of home page • Note how they notify users when it changes (c) 2001 David Strom Inc.
The fine print “It is possible that eBay, its subsidiaries, its joint ventures, or any combination of such, could merge with or be acquired by another business entity. Should such a combination occur, you should expect that eBay would share some or all of your information in order to continue to provide the service. You will receive notice of such event…” (c) 2001 David Strom Inc.
Questions? • Copies of this presentation: strom.com/pubwork/privacy.ppt • More information can be found: www.privacyfoundation.org/pdf/bea.pdf (c) 2001 David Strom Inc.