You are here: Articles --> 2002 -->
Privacy means never having to say you're sorry
Vous êtes ici : Essais --> 2002 --> Privacy means never having to say you're sorry
by Geoff Hart
Previously published as: Hart, G. 2002. Privacy means never having to say youíre sorry. http://www.techwr-l.com/techwhirl/magazine/usersadvocate/usersadvocate_privacy.html
For those of us who regularly visit certain Web sites, the value of identifying ourselves to those sites grows quickly and painfully obvious: accepting cookies from a Web site could potentially eliminate endlessly retyping our personal information, memorizing yet another login password, repeatedly re-customizing how a site responds to us, and enduring irrelevant information such as untargeted banner ads. Yet even those of us who appreciate the value of sharing personal information with Web sites and their designers have grown increasingly uncomfortable with the potential for abuse inherent in having confidential information about our identities and preferences broadly available. Even if a site isn’t cracked and our private information stolen—always a risk on the Web—the site owner is bound to sell the information to commercial mailing lists, thereby guaranteeing us a lifetime supply of junk mail. Worst of all, we won’t even be able to burn that junk on cold winter nights to stay warm.
Outside the computer community, the issue of privacy has received considerable—and largely unfavorable—attention. Though many of the concerns raised by commentators are valid, the press’s scaremongering has led a great many readers to consider the Internet to be the worst threat to privacy since the government in George Orwell’s 1984. It's hard to overcome such fears, particularly when they’re ill-informed, and relying solely on logic to make the case that a site will protect confidential information ignores the fact that privacy violations are an emotional issue, not a purely rational one. Keeping that in mind when we work on a Web development team provides important insights into how to create and maintain a reputation for integrity. That job, of course, requires precisely the skills we can offer.
First, let’s look at how we create that reputation. Start by honing that empathy I mentioned in the previous paragraph, because once you understand your own fears about privacy, you’ll understand your audience’s concerns about providing confidential information to your site. That understanding provides the starting point for developing and implementing solutions that will ease those concerns. As in any other project, this process requires two-way communication: you must ensure that you fully understand the user’s concerns, and users must understand what you're trying to achieve by asking for their personal information. The most common concerns involve the sale of information to other companies without prior approval, using the information to send out unsolicited and unwanted information, leaving mysterious (and thus, worrisome) cookies on a hard drive, and letting crackers obtain compromising information.
With large or complex sites, the teamwork required to do this job right poses a sizeable challenge and holds many traps for the unwary. There are too many potential concerns to list here, and these concerns depend strongly on the nature of your site. The way to find out what those concerns actually are begins with your personal analysis of the concerns of users of your site. You can broaden your understanding by visiting your competitors’ Web sites to identify any issues they thought of that you missed. But in the end, you’re still going to have to talk to your own site’s visitors to find out what everyone has missed.
Once you understand the concerns, create a policy that addresses them. Explain precisely what you plan to do with the information you're collecting and how that usage benefits them—assuming that it does. Ask typical visitors to review your policy to confirm that it's really as clear and comprehensive as you believe. Typical policies, such as the one provided by Yahoo (http://privacy.yahoo.com/privacy/us/) run for multiple screens, and while the contents surely keep the lawyers happy, they don’t do much for those of us (users, site developers, and technical communicators) who must understand the policy. Consider, for example, the statement that “This policy does not apply to the practices of companies that Yahoo does not own or control”. How do I know which companies those are when I’m accessing sites via Yahoo? How can I find out what those sites plan to do with the information? Later, Yahoo’s policy notes that “Yahoo also automatically receives and records information on our server logs from your browser”. What information? Can I stop this?
Let me be clear about one thing: I don’t mean to pick on Yahoo, since their policy is actually better than most that I’ve seen, but even Yahoo could surely do better.
My advice: Create a policy simple enough that it fits on a single screen and clear enough that nobody fails to understand it. For example:
“We won’t share any information we collect on you with anyone. Period. Promise! We’ll safeguard your data as if it were our own dirty secrets. We’ve provided a list of links [click here] to other sites whose services might interest you. Check out their policies, and if you like what you see, sign up for their services. We get paid for referring you, but heck, everyone’s got to make a living, right? And anyway, you’re the one who decides whether to sign up: we won’t provide confidential information on your behalf.”
This approach, implemented with a little less “attitude”, lets you make money from the data you collect (by an approach widely known as an “affiliate program”), yet you’re not the one responsible for revealing private information. Placing the power of decision in the user’s hands satisfies their need to decide how and where their private information will be used and minimizes the risk of failing to follow your own policy: if you don’t give out the information, you can’t violate your policy.
Once you’ve earned a reputation for respecting privacy, you must maintain it. To do so, take on the role of user’s advocate and regularly monitor whether your site continues to live up to the established policy. One enormous benefit of making your policy clear enough for visitors to understand is that the site’s developers can also understand and comply with it. The longer the policy, the more likely that some well-intentioned programmer or designer will misunderstand it or miss a section and inadvertently violate the policy. Those who frame the privacy policies for your Web site must work closely with those who implement the policies to ensure correct implementation. There's no easier way to lose your audience’s trust than to say one thing but do something else entirely—even if it’s a perfectly innocent mistake.
It can be difficult to reconcile the conflicting needs for efficiency, customization, and the desire to earn a profit with the potential for abuse of the personal information that lets you meet these needs. It may not even be fully possible. But often all you really need to do is work closely enough with your audience to establish a reputation for honest responsiveness to their needs. The credibility you gain can allay their fears, and privacy becomes less of an issue with people who trust you. Spend some time thinking about how to establish and maintain that trust.
©2004–2013 Geoffrey Hart. All rights reserved