Defining a Privacy Statement

Previous page
Table of content
Next page

Defining a Privacy Statement

A privacy statement is an essential document for your Web site. It informs visitors to your site that you are concerned about their privacy and are willing to tell them how you are handling their data. Visit several Web sites especially the Web sites of your competitors and view their privacy statements. Check for their Platform for Privacy Preferences Project (P3P) integration. (We will describe P3P later in the chapter.) The discussions that follow provide step-by-step guidelines on how to create a privacy statement.

Anatomy of a Privacy Statement

Several major sections should exist in a privacy statement. Of course, the structure of different privacy statements will vary based on their audience, the product or service represented, and the type of data collected.

Introduction

Usually a privacy statement will begin with a sentence or two about your company s commitment to protecting its customers privacy. For example:

At [company], we are committed to protecting your privacy.

The privacy statement should then identify the specific site, service, or product the statement covers:

This privacy statement explains data collection and use practices of [insert name of site, service, or product]; it does not apply to other online or offline company sites, products, or services.

Also, a privacy statement must have language that clearly establishes that by using the site, service, or product, the user consents to the relevant data collection and use. Place language similar to the following near the top of the privacy statement for example, at the end of the introductory paragraph:

By using this site, you consent to the data practices described in this statement.

Include similar language in your site s user interface where data is collected, near the Submit button.

Details About the Personal Information Collected

Because this section of the privacy statement specifically describes the information the site or service collects, it will vary significantly from statement to statement. Still, it is among the most important sections of the privacy statement.

This section requires a clear and detailed statement outlining the data that is being collected. Although the focus is on personal information, the statement should also briefly describe any other data collection, including unique identifiers or globally unique identifiers (GUIDs), IP addresses, site or product usage data, and machine data. The statement should disclose whether any of this data will be tied to the user s personal data or whether this other data will remain anonymous.

If the privacy statement is for a Web site that uses cookies, clear GIFs, and/or similar tracking technologies, the statement must disclose this fact and clearly explain how these technologies are used. We will give an example of how cookies can be described later in this section.

How the Personal Information Will Be Used

This section should describe how a customer s personal data will be used in relation to the product or service provided on the Web site. This section should explain why the information described in the previous section is being collected. Although the description should be as specific as possible, some general statements about usage are often included in this section. For example, although this likely would not suffice as a complete description of the site s use of the information collected from customers, some or all of the following language might be appropriate:

The personal information we collect will be used to provide the service(s) or carry out the transaction(s) you have requested or authorized. This may include using the personal information to provide you with important information about the product or service that you are using, including critical updates and notifications; to improve the product or service; and to provide you with more effective customer service. We also use the information we collect to make the site or service easier to use by eliminating the need for you to repeatedly enter the same information or by customizing the site or service to your particular preferences or interests.

Your privacy statement should also convey that you do not consider your company s subsidiaries and controlled affiliates to be third parties for the purpose of data transfers, and that data therefore might be shared within your subsidiaries and affiliates. This is important because in large companies, you might have integrated data systems in which it is impossible to keep subsidiaries from accessing data. One way to convey this is to include language such as the following.

Except as otherwise described in this statement, personal information you provide on this site will not be shared outside of [company] and its controlled subsidiaries and affiliates without your permission.

Some groups at your company on occasion might contract with one or more third-party agents to provide some back-end service in the operation of your site or some aspect of the service you are offering the customer. And sometimes these third-party agents need to obtain access to customer information to provide this service. Thus, the privacy statement should disclose the use of such agents:

We occasionally hire other companies to provide limited services on our behalf, such as handling the processing and delivery of mailings, providing customer support, or performing statistical analysis of our services. We will provide those companies only the personal information they need to deliver that service. These companies are required to maintain the confidentiality of that information and are prohibited from using that information for any other purpose.

Your company might be forced to disclose personal customer information without providing notice to customers and without the consent of the customer if required by law. Thus, the privacy statement should have a disclaimer such as the following:

[Company] may access and/or disclose personal information if required to do so by law or in the good faith belief that such action is necessary to conform to the edicts of the law or comply with legal process served on our company or the site; protect and defend the rights or property of our company and its family of Web sites; or act in urgent circumstances to protect the personal safety of our employees, users, or the public.

Finally, the privacy laws of some countries have restrictions regarding the transfer of customer data outside those countries borders. One way to permit international transfers of data is to show that the user consented to the transfer. Having a notice in the privacy statement that the data will be stored in the United States is not a complete remedy for this issue, but it is nevertheless important. Additionally, the privacy statement should indicate whether your company is a participant in the US-EU Safe Harbor Agreement. For example:

Personal information collected on this site may be stored and processed in the United States or any other country in which our company or its affiliates, subsidiaries, or agents maintain facilities, and by using this site, you consent to any such transfer of information outside of your country. Our company abides by the safe harbor framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of data from the European Union.

The Choices Available to Users

A fundamental privacy requirement of a Web site is that users must be given a choice regarding any secondary uses or transfers of personal information about them. The privacy statement must describe the ways users can exercise these choices. One common choice mechanism is a setting on the page where users submit personal information giving them the opportunity to consent to secondary marketing uses of their data. Another choice mechanism might be a central location on the site where users can go to enter or update their preferences on the use of their personal data.

For more on choice mechanisms for Web site users, see the discussion of opt-in and opt-out choices in the section titled The Safe Harbor Principles in Chapter 28, Understanding the Importance of Privacy.

Additionally, it is a good idea to specify that the choices users make about the use of the data they submitted via your site might not affect the use of any data they provided to your company in other contexts. For example:

Please be aware that this privacy statement and the choices you make on this site will not necessarily apply to personal information you may have provided to [company] in the context of other, separately operated company products or services.

How Users Can Access Their Personal Information

Another fundamental privacy principle is that users must have the ability to access the personal information about them being stored by your company and be able to correct, amend, or delete any information that is inaccurate. Thus, the privacy statement must address how users can obtain such access.

Statement on Security

The privacy statement should include a description of the security measures that will be taken to protect users personal information. For example:

[Company] is committed to protecting the security of your personal information. We use a variety of security technologies and procedures to help protect your personal information from unauthorized access, use, or disclosure. For example, we store your personal information on computer servers that are located in controlled facilities and have restricted access. Additionally, when we transmit sensitive personal information (such as a credit card number) over the Internet, we protect it through the use of encryption techniques, such as the Secure Sockets Layer (SSL) protocol.

Changes to the Privacy Statement

Include a short section in your site s privacy statement that explains how readers can learn about updates made to the statement:

We may occasionally update this privacy statement. When we do, we will also revise the last updated date at the top of the privacy statement. For material changes to this privacy statement, we will notify you either by placing a prominent notice on the home page of our Web site or by directly sending you a notification. We encourage you to periodically review this privacy statement to stay informed about how we are protecting the personal information we collect. Your continued use of the service constitutes your agreement to this privacy statement and any updates to it.

The Remedy Available to Users

If a privacy statement is for a Web site that is a licensee of a third-party privacy organization, the statement should describe the enforcement (or remedy) process available through that organization. (We will discuss using third-party privacy organizations in a moment, when we look at the TRUSTe organization.) At a minimum, the remedy section of the privacy statement must include contact information for users who want to provide feedback on the statement. For example:

[Company] welcomes your comments regarding this privacy statement. If you believe that our company has not adhered to this statement, please contact us by e-mail or postal mail, and we will use commercially reasonable efforts to promptly determine and remedy the problem.

[Company address]

Click here to send e-mail.

To find contact details for one of our subsidiaries or affiliates in your country or region, see the [Contact Us/Affiliates/Subsidiaries] page of our Web site [Web site name].

You will need to set up a mail stop and an e-mail address that will route customer questions or comments to the person in your organization who handles privacy inquiries. For more on this topic, see the Formulating an Enterprise Privacy Strategy section in Chapter 28.

Key Privacy Statement Considerations

Some Web sites will be involved in special programs or have special features, including the following:

  • Enlisting a third-party privacy organization such as TRUSTe

  • Using Microsoft .NET Passport as an authentication mechanism

  • Collecting personal information from children

  • Using cookies, clear GIFs, or similar technologies

Gaining Approval from TRUSTe

When creating a privacy statement for a Web site, you might want to consider having an evaluation by TRUSTe, an independent, nonprofit organization that promotes the use of fair information practices on the Internet. If approved by TRUSTe, the privacy statement should contain language such as the following:

TRUSTe Certification

[Company] is a licensee of the TRUSTe Privacy Program. TRUSTe is an independent, nonprofit organization whose mission is to build trust and confidence in the Internet by promoting the use of fair information practices. Because [site or company name] wants to demonstrate its commitment to your privacy, we have agreed to publish our information practices and have our privacy practices reviewed for compliance by TRUSTe.

If you have questions regarding this statement, you should first contact our company using the contact information at the bottom of this Statement. If you do not receive acknowledgment of your inquiry or your inquiry has not been satisfactorily addressed, you should then contact TRUSTe at their Web site, http://www.truste.org/users/users_watchdog.html. TRUSTe will serve as a liaison with [site or company name] to resolve your concerns.

Using .NET Passport as an Authentication Mechanism

If your Web site uses .NET Passport as an authentication tool, the privacy statement should have a short explanation of .NET Passport, with a link to the full .NET Passport privacy statement (http://www.passport.com/Consumer/PrivacyPolicy.asp). For example:

This Web site uses the .NET Passport service. When you sign in to this site using .NET Passport, you will be asked to provide your e-mail address and a password. This same .NET Passport sign-in allows you to access many other participating .NET Passport Web sites. To learn more about the .NET Passport service and how .NET Passport uses and protects your personal information, please read the .NET Passport privacy statement at http://www.passport.com/Consumer/PrivacyPolicy.asp.

Collecting Personal Information from Children

Web sites that collect information from children under the age of 13 must abide by the Children s Online Privacy Protection Act (COPPA). If your site is likely to be subject to COPPA, the privacy statement should have some specific language on children s privacy and the COPPA compliance mechanism that the site uses.

Using Cookies, Clear GIFs, or Similar Technologies

If you are creating a privacy statement for a Web site that uses cookies, clear GIFs, or similar tracking technologies, the privacy statement must disclose this fact and give a clear explanation of how these technologies are used. (A clear GIF, also known as a Web beacon, is an image usually no larger than 1 pixel by 1 pixel that you place on a Web page or in an e-mail message to monitor the behavior of a user visiting your Web site or sending an e-mail message.) This description in the privacy statement should disclose whether data collected via these means is in any way linked to personally identifiable information (as opposed to anonymous customization or tracking). Following the description of how cookies are used on the site, it is a good idea to provide a brief description of what cookies are and how users can decline them. For example:

A cookie is a small text file that is placed on your hard disk by a Web page server. Cookies cannot be used to run programs or deliver viruses to your computer. Cookies are uniquely assigned to you and can be read only by a Web server in the domain that issued the cookie to you.

One of the primary purposes of cookies is to provide a convenience feature to save you time. For example, if you personalize a Web page or navigate within a site, a cookie helps the site to recall your specific information on subsequent visits. This simplifies the process of delivering relevant content, eases site navigation, and so on. When you return to the Web site, the information you previously provided can be retrieved, so you can easily use the site s features that you customized.

You have the ability to accept or decline cookies. Most Web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. If you choose to decline cookies, you may not be able to fully experience the interactive features of this or other Web sites you visit.

Other Rules for Creating and Posting a Privacy Statement

This section describes some extra tips to guide you through the creation of a comprehensive privacy statement.

Tagging Collected Data

Always make sure that your back-end systems can support every claim you make in your privacy statement. It is critical that you fully understand where the data flows. You must make sure that the data is adequately tagged so that its use will be limited to the purposes stated in the privacy statement and the choices exercised by the user. These tags must remain with the data if it is transferred to other storage systems, and you must make sure that these storage systems can recognize and comply with the use restrictions the tags reflect.

Additionally, you must make sure that a mechanism is in place that allows users to access and correct data as described in the privacy statement. You also must make sure that adequate security measures are in place to protect the data. For example, you could use access controls or encryption to accomplish this.

Ensuring Consistency Between Your Statement and Other Web Pages

Always make sure that your Web site s privacy statement is consistent with any claims you make in the forms that collect data or in any other pages of your site. For example, if the form says something along the lines of, Please fill out this form so that we can contact you about updates to this site/product, you have told the user why the data is being collected and how it will be used. Therefore, you should not have a different or additional use of personal data listed in the site s privacy statement.

Ensuring a Consistent P3P Implementation

The Platform for Privacy Preferences Project, or P3P, was defined by the World Wide Web Consortium (W3C) to warn users when a Web site they are visiting has questionable privacy practices or no privacy statement whatsoever. A Web site s P3P implementation consists of three versions of a company s privacy statement: the full statement, the XML version of the statement, and the P3P compact policy. These pieces should be consistent with one another and should be modified at the same time. For more information on P3P, see the next section.

Using a Unique Privacy Statement for Each Product and Service

This consideration specifically applies to large Web sites or companies with multiple Web sites. Avoid labeling your privacy statement the corporate privacy statement. It is difficult to maintain a single privacy statement for all your sites. This is because no privacy statement can be that all-encompassing and because individual company branches or sites might change policies without the others knowing. Furthermore, you should never give the impression that your privacy statement extends beyond the specific products or services for which it was written.

Making Privacy Statements Easy to Find

Always make a Web site s privacy statement or its link to the privacy statement clear and conspicuous. The link to the privacy statement should be included in the standard footer along with the copyright notice and the terms of use that appear on all pages of the Web site. At a minimum, the link must appear on the home page and on any page that collects information from the user or the user s machine, including passive collection through the use of cookies or clear GIFs.

Additionally, on Web pages or screens where the user is asked to submit personal information, the privacy statement link should be elevated and made more prominent. For example, above the Submit button, you should have text that tells users that the information they submit is subject to the [company/product name] privacy statement. This text should also state that by submitting this information, users agree to the terms of the privacy statement, including any updates. Moreover, this text should provide a link to the privacy statement.

Conducting a Formal Review

In the United States, your company can be held liable by the U.S. Federal Trade Commission (FTC) or your customers for the content of your privacy statement. In addition, a poorly worded privacy statement can cause users to avoid your site. Therefore, do not release privacy statements before they are reviewed. Always have your legal department and corporate privacy group review each privacy statement.


Previous page
Table of content
Next page
Microsoft Windows Security Resource Kit
Microsoft Windows Security Resource Kit
ISBN: 0735621748
EAN: 2147483647
Year: 2003
Pages: 189
Authors: Ben Smith, Brian Komar
BUY ON AMAZON
ADO.NET 3.5 Cookbook (Cookbooks (OReilly))
Java I/O
VBScript Programmers Reference
The CISSP and CAP Prep Guide: Platinum Edition
Visual Studio Tools for Office(c) Using C# with Excel, Word, Outlook, and InfoPath
User Interfaces in C#: Windows Forms and Custom Controls
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy