Avoiding the E-Commerce Danger Zone

Face it: If you shop online, your life is an openbook. In the Internet age, privacy is a thing of thepast.

But that does not mean users are helpless to control howtheir personal information is used online. They can take a number of steps to safeguard private data and avoid potential e-commerce danger zones.

Good Intentions

First of all, put away those conspiracy theories.According to David Martin, chief investigator at thePrivacyFoundation, most serious online privacy violationsoccur as a result of mistakes rather than malice.

“Consumers should know that when they volunteer anyinformation on the Web, it’s entering into a systemthat’s pretty immature but basicallywell-intentioned,” Martin told the E-Commerce Times.

In a recent study by HarrisInteractive, 83 percent of respondents said theywould stop doing business with a company if thecompany misused customer information.

“So, there is abuilt-in incentive for companies to do it right,” John Ford, chief privacy officer at Equifax, told the E-Commerce Times.

Provide the Bare Bones

The fact that a security breach may be an honestmistake is no consolation for those whose privatelives are out there for all the online world to see,though. So, what can consumers do to guard theirprivacy?

“When I go online, I want to make sure I only provide theinformation that is necessary to conduct thetransaction,” Ford said.

Credit-Card Theft

But a transaction requires a credit card number, and that isone of the things hackers may want to steal.According to a recent study by GartnerG2, morethan US$700 million in online sales, or 1.14 percentof total online sales, were lost to fraud in 2001. And of1,000 Web users surveyed in January, 5.2 percent hadexperienced credit-card fraud online.

To guard against credit card theft, GartnerG2 analystAvivah Litan said consumers are beginning to adoptsolutions like Visa’s Verified by Visa andMasterCard’s Universal Cardholder Authentication Field(UCAF) standard and Secure Payment Application (SPA).

Privacy Policy

Even when theft is not involved, many users do not wanttheir personal information shared or used formarketing purposes. For concerned consumers, the firststop on any Web site should be the section about privacy.

“Look to make sure there is a privacy policy. Read itand understand what data is going to be collected andhow it is going to be used,” Ford advised.

Even a cursory look is better than nothing.

“A consumer doesn’t have to read through allof the legal language to get a sense of what thecompany will do with personal information,” Forrester analyst Christopher Kelley told the E-Commerce Times.

“The key isto be aware of ambiguous language, often a sign thatthe company is trying to create loopholes for itselfregarding your personal information.”

Seal the Deal

Ford also recommended that users look for sites with a privacyseal, such as those offered by the Better BusinessBureau or Truste.

According to the Harris report, 62 percent of Webusers would not mind disclosing data at a Web site ifthe site were audited by a third party. A privacy seal indicates that such auditing is in place.

Users who have version 6.0 of Microsoft’s InternetExplorer browser can even do their own monitoring. Ifthey visit a site that does not meet their presetstandards, the browser will display a warning icon.”Consider it an early warning detection system,” Kelley said.

Tune In, Turn On, Opt Out

Another way to make sure personal information is notshared is to opt out on each site visited. “Pay attention toopt-out, opt-in boxes,” Kelley noted. “Frequently there will be two ofthese boxes, one for the retailer to send outmarketing e-mails and another for the retailer to’share’ information with third parties, which meanseven more marketing e-mail for the consumer.”

For users whose e-mail has slipped through the cracks or for those too busy to opt out on each individualWeb site, there is another option.

The Direct MarketingAssociation, which has long offered consumers away to remove their name from mass-mailing andtelemarketing lists, now offers an e-mail preferenceservice.

Consumers who signup will receive no unsolicited e-mail from DMAmembers. According to Ford, 99 percent of majormarketers are members of DMA and therefore must run their list of e-mail addresses through the DMA’sfilter.