Privacy Protection on the Internet. (Technology)
Larson, Linda Lee, Larson, Robert K., Greenlee, Janet, Strategic Finance
It's Saturday morning, and you're looking forward to a leisurely weekend when you receive an urgent call from the office. Your company has been charged in a $500 million class-action lawsuit for violating customer privacy by selling the names (and other information) of those who have bought goods on your website. Your attorneys say the plaintiffs have a good chance of winning. And you may have even bigger problems with your European Union (EU) customers because of the strict privacy rules in the EU Privacy Directive. Besides penalties, the EU may prevent your organization from even transferring customer data from your own operations in Europe to the U.S.
Sound far-fetched? Well, in the past few years, several organizations have had significant lawsuits filed against them by customers claiming that their privacy was violated. Consumers are becoming increasingly angry when their personal information is used or released without their permission. As a result, new laws and regulations are being introduced that prohibit companies from releasing customer information to third parties without the consumer's express consent.
Security: Consumers are afraid that businesses and their websites aren't adequately protected against outsiders. In 2000, someone calling himself Maxus hacked his way into the CD Universe website and stole 300,000 credit card numbers. When his attempts to blackmail CD Universe for $100,000 failed, Maxus posted 25,000 of these credit card numbers on his website, leading to untold lost business and mass cancellation of credit cards. The website was promptly shut down.
HOW IS PRIVACY PROTECTED?
United States. In the U.S., the protection of an individual's information is governed by laws, court rulings, and self-regulation. While laws now cover financial institutions, in practice, a consumer's privacy is protected primarily by the goodwill of businesses. Most recent privacy concerns have centered on the Internet.
To address privacy on the Web, several organizations have set up website certifications and privacy seals, and many businesses have posted one or more of these seals on their websites. TRUSTe is by far the most popular Web privacy seal. At year-end 2002, the websites of more than 1,500 organizations displayed the TRUSTe seal, including Netscape, IBM, Yahoo!, Microsoft, AOL Time Warner, Adobe, and Disney. Another popular program is the Better Business Bureau's (BBB) Online Privacy Program (with seals on 706 company sites as of April 2003). The AICPA also has an Online Privacy Program (and Principle) as part of its WebTrust seal program. (See "Voluntary Privacy Seals.")
But critics have pointed out that organizations sponsoring these privacy seals are largely self-regulated. For example, both RealNetworks and U.S. Bancorp had posted privacy seals on their sites. Although TRUSTe did conduct an audit of RealNetworks once the violations were reported, certifying organizations rely on members' self-compliance. …