Clicking Through: A Survival Guide for Bringing Your Company Online, by Jonathan Ezor   Click here to buy Clicking Through from Amazon.com

See Why Library Journal Called "CLICKING THROUGH" One of the Best Business Books of 1999!

Home

The ELIST

Excerpt from 
CLICKING THROUGH

Reviews of
CLICKING THROUGH

Buy 
CLICKING THROUGH
  and Related Materials

Links and Related Articles

Essential Tips for Web Site Contracts 

Author Bio and Appearances

Industry Praise for
CLICKING THROUGH

CLICKING THROUGH
Table of Contents

Webliography:
Sites Discussed in CLICKING THROUGH

ClickThroughList
Newsletter Archives

Excerpt  from Chapter 2 of
Clicking Through: A Survival Guide for Bringing Your Company Online
(for more excerpts and reviews, click here)

PROTECTING PRIVACY (IF YOU HAD TO ASK...)                                

PRIVACY MEANS DIFFERENT THINGS TO DIFFERENT PEOPLE

    Invasion of privacy can be as mundane as the student whose curious eyes wander to a classmate's paper or as sinister as the camera-toting voyeur peering in an unsuspecting person's window. In the business world, issues of privacy usually involve compliance with applicable laws and cultural norms, which can vary from location to location. Privacy on the Internet embodies two major concepts:

        Tracking of an individual user's online behavior.

        Use and disclosure of "personally identifiable information"

    Personally identifiable information consists of any data which, when taken together, can definitively lead to a particular individual. Obviously, information like a name, address, telephone number, or e-mail address, and particularly any combination of these elements, would be considered personally identifiable information, but these are not the exclusive types of information about which you need to be concerned for privacy protection. Consider a user profile of a female, an accountant, with two children (a boy aged seven and a girl aged twelve), who lives in Roanoke, Virginia. With just these facts, an investigator may be able to positively identify the user. For example, someone could call local schools and say: "I am moving to the area and plan on sending my seven-year-old son to your school in the fall. He's very attached to his twelve-year-old sister, and concerned that he'll never get to see her. Do you have any families in the school with similarly aged children with whom I could speak?" Trade associations and other business listing sources could also be used for information: "I'm doing an article on female accountants who have to balance family and business responsibilities. I was wondering whether you could put me in touch with anyone in the Roanoke area who might consent to be interviewed." Remember, too, that personally identifiable information can be gleaned by combining different databases of otherwise anonymous information. Two collections of survey answers, one about occupation and the other about family status, could be linked via a common identifier (such as a Social Security number) for the nameless respondents, leading to the same amount of usable information as in the previous example.

 

    The problem with the collection and distribution of personally identifiable information is that such data can easily be misused or at least used in a way the individual never envisioned or expected. Even governments, which may have access to much of the same information from other sources, can take advantage of personally identifiable information gathered via a company's Web site, since the information may be matched and focused in a way otherwise unavailable to the governmental agencies collecting broadbased data.  Unfortunately, history has shown that corrupt governments can utilize personal information to categorize, discriminate against, and intimidate their citizens, making responsible management of this information vital.

 

    If the protection of users' identities is a critical element of personal privacy, so too is the use of information regarding their online activities. No matter the context, from the text of a private chat to an item purchased in an online mall to the path taken by a user through a Web portal, a site owner can collect a tremendous amount of behavioral data. Sites may offer additional features such as personalization (the site changes based on stated and observed user preferences, so it's more attractive and efficient for each person) or faster repeat purchases in exchange for tracking activity. There are many potential problems, particularly if the information is associated with other information available about the user (such as a name and address) and used for marketing or more malicious purposes.

 

    Both governments and industry associations have spent a great deal of time trying to come up with rules and policies for the management of private information in cyberspace. Some of these rules, dating back to the pre-Internet period, are concerned with local collection of information and very much driven by the cultural and legal expectations of the particular country. The U.K. Data Protection Act, which places sharp limitations on the types and amount of personal information that can be collected and kept, mandates registration with the government by anyone compiling such data, and requires users to have access to their information.....

(Continued in Chapter 2)

 

From CLICKING THROUGH by Jonathan Ezor. © 2000 by Jonathan Ezor. Published by arrangement with Bloomberg Press
Available wherever books are sold.

 

Copyright © 2000-2005 Jonathan Ezor. All rights reserved.