One of the most important advances in the rapidly developing world of electronic commerce is the ability of companies to develop personalized relationships with their customers. Personalization empowers companies to better understand their customers’ wants and desires and improve customer service by tailoring offerings to the unique needs of individuals . At the same time, this has become a subject of hot controversy because the technology involves the extensive collection and use of personal data. Many, if not most, online shoppers and surfers are not aware of the extent of how much and what kind of info can be gathered about a person, even someone who is just visiting and not shopping or signing up for anything.
Through the use of the cookie technology, a person’s movement through the Web can be tracked to provide information. Using cookies a website assigns each individual a unique identifier (but not the actual identity), so that the he may be recognized in subsequent visits to the site. On each return visit, the site can call up user-specific information, which could include the consumer’s preferences or interests, as indicated by documents the consumer accessed in prior visits or items the consumer clicked on while in the site. Websites can also collect information about consumers through hidden electronic navigational software that captures information about site visits, including web pages visited and information downloaded, the types of browser used, and the referring websites’ Internet addresses. The result is that a website about gardening that Jane Doe that could sell not only her name to mail-order companies, but also the fact that she spent a lot of time one Saturday night last month reading about how to fertilize roses.
More disturbing scenarios along the same lines could be imagined. However, although concern about privacy and security has long been the biggest issue with online shoppersparticularly with the sanctity of their identification-related informationa majority do not mind their behavior being watched if it allows their shopping experience to be customized. According to the 1999 Personalized Marketing and Privacy on the Net: What Consumers Want survey conducted by the non-profit research firm Privacy and American Business, 61 percent of the 474 Internet users surveyed said that they would be positive toward receiving banner ads tailored to their personal interests rather than receiving random ads. This represents about 56 million adult users interested in such personalization.
In addition, 68 percent of the users also said that they would provide personal information in order to receive tailored banner ads, on the condition that notice and opt-out are provided . The study seems to back the e-commerce firms who are watching online behavior to provide customized shopping experiences, and not privacy advocates who say that this practice is an invasion of privacy. It is the purpose for gathering the information, it would seem, that is the key to drawing the line between acceptable personalization and invasion of privacy. This is why it is important to many shoppers that a site have a privacy policy that explains what information is gathered and how it is being used, before they relinquish their information. However, according to the 1999 Georgetown Internet Privacy Essay Policy Survey, 94% of the top 100 websites post privacy policies, and 66% of the overall websites post privacy policies . These figures sound reassuring but the exact definition of the privacy policies in themselves remains to be questioned.
The 1998 Federal Trade Commission report on Internet privacy, Privacy Online: A Report to Congress outlined five criteria by which a commercial website can be said to have a truly comprehensive privacy policy. Known as the Fair Information Practice Principles, they are notice/awareness, choice/consent, access/participation, integrity/security, and enforcement/redress . In other words, websites should notify consumers that they’re collecting personal information and that the consumers can choose whether to provide it. The report-the result of a three-year study of 1,400 websites targeted at consumers-also censured the e-commerce industry for not adequately protecting private information, stating that the vast majority of online businesses have yet to adopt even the most fundamental fair information practice. .
. . It also criticized the industry’s voluntary guidelines, stating that with limited exception, contain none of the enforcement mechanisms needed for an effective self-regulatory .