Presentation is loading. Please wait.

Presentation is loading. Please wait.

Copyright, 1987-2006 1 A Pilot Study of the Effectiveness of Privacy Policy Statements Roger Clarke Xamax Consultancy Pty Ltd, Canberra Visiting Professor,

Similar presentations


Presentation on theme: "Copyright, 1987-2006 1 A Pilot Study of the Effectiveness of Privacy Policy Statements Roger Clarke Xamax Consultancy Pty Ltd, Canberra Visiting Professor,"— Presentation transcript:

1 Copyright, 1987-2006 1 A Pilot Study of the Effectiveness of Privacy Policy Statements Roger Clarke Xamax Consultancy Pty Ltd, Canberra Visiting Professor, U.N.S.W., Uni. of Hong Kong & ANU http://www.anu.edu.au/people/Roger.Clarke/....../DV/PPSE0601 {.html,.ppt} Bled eCommerce Conf. – June 2006

2 Copyright, 1987-2006 2 Privacy Policy Statements Themes 1.Privacy as a Trust Factor 2.Privacy Protection Mechanisms 3.Privacy Policy Statements 4.Research Design 5.The Pilot Survey 6.Implications

3 Copyright, 1987-2006 3 Trust as a Factor in B2C eCommerce The Theory of Reasoned Action (TRA) of Ajzen & Fishbein (1980) postulates that Trust is a major determinant of attitude towards purchasing, and hence of intention to purchase In Internet-based B2C eCommerce, Trust is usefully defined as: confident reliance by Consumers about the behaviour of relevant Business Enterprises

4 Copyright, 1987-2006 4 Important Factors in Consumer Trust Dependability Security of Tradable Items and Funds Transparency of Marketspace Processes Fairness of Terms / Consumer Protections Recourse when things go wrong Privacy, and Anonymity / Pseudonymity

5 Copyright, 1987-2006 5 A History of Marketer Abuses of Consumer Trust 1994-95 – The Web as New Advertising Medium (billboards on the information superhighway) 1995-97 – Closed Electronic Communities 1996-98 – Push Technology (web-casting) 1996-98 – Info-Mediaries 1998-... – Portals 2000-... – Consumer Data Trails...

6 Copyright, 1987-2006 6 Privacy as a Trust Factor The interest that individuals have in sustaining a 'personal space', free from interference by other people and organisations Dimensions of Privacy Privacy of the Person Privacy of Personal Behaviour Privacy of Personal Communications Privacy of Personal Data

7 Copyright, 1987-2006 7 Personal Data Privacy and Consumers Consumer Expectations Privacy is a 'fundamental human right' Excited by abuses, and numbed by them Excited by advocates and the media Particularly Serious Concerns Consumer behaviour data Anti-discrimination categories Taxation and financial data Health data Household data Location data for persons-at-risk

8 Copyright, 1987-2006 8 Privacy Policy Statements (PPS) What PPS Are Not Privacy Impact Statements (cf. EIS) Privacy Impact Assessment (PIA cf. EIA) What PPS Are 'privacy policies' 'privacy statements' 'privacy notices' 'information practice statements'

9 Copyright, 1987-2006 9 Objectives of the PIA Process Clearly define: business needs stakeholder groups privacy impacts and implications Enable understanding and assessment of the proposal Enable mutual understanding of stakeholder perspectives Ensure reflection of stakeholder perspectives in the outcomes Enable: maximisation of positive impacts avoidance or amelioration of negative impacts Maximise the likelihood of stakeholder support Avoid new requirements emerging late Earn public confidence Raise awareness, educate Anticipate and avoid misinformation campaigns

10 Copyright, 1987-2006 10 Privacy Impact Assessment (PIA) A sophisticated process that surfaces and examines potential impacts and implications of privacy-invasive proposals A primitive form of unilateral report by an organisation about what the organisation does with personal data Privacy Policy Statement (PPS)

11 Copyright, 1987-2006 11 Privacy Protection Mechanisms Technological Measures Organisational Measures Legal Measures Privacy Statutes Data Protection Statutes Contract Law Tort of Misrepresentation

12 Copyright, 1987-2006 12 Privacy Enhancing Technologies (PETs) Counter-PITs Cookie-Managers, Firewalls,... Savage PETs Anonymous Remailers, Web-Surfing,... Gentle PETs Pseudonymous Remailers, Web-Surfing,... Pseudo-PETs MetaBrands (TRUSTe, Better Business Bureau)

13 Copyright, 1987-2006 13 Organisational Protections Business Processes Consumer Marketing Principles Information Choice Consent Fair Conditions Recourse

14 Copyright, 1987-2006 14 The OECDs 1980 Principles plus Public Access and Accountability Principles

15 Copyright, 1987-2006 15 Alternative Regulatory Approaches to Privacy Protection Hard Regulation Statutory Impositions, Criminal Prosecution Self-Regulation Wolves self-regulate for the good of themselves and the pack, not the deer No country accepts self-regulation alone, except the U.S.A. Co-Regulation Education, Changes to Procedures, Complaints Processes, Back-Ended by Damages Provisions and Criminal Sanctions

16 Copyright, 1987-2006 16 The Role of PPS in the Alternative Regulatory Contexts Hard Regulation Little or no real role Self-Regulation The key feature that is meant to create the impression that consumers have some kind of protection Co-Regulation Possible role, as an adjunct to minimum requirements or as a means of interpreting the law

17 Copyright, 1987-2006 17 The Research Question 'How effective are Privacy Policy Statements in encouraging consumer trust of B2C vendors? Operational Formulation: 'Do the Privacy Policy Statements found on vendors' web-sites measure up to the requirements expressed in a specific normative Privacy Statement Template'?

18 Copyright, 1987-2006 18 Privacy Policy Statement Template http://www.anu.edu.au/people/Roger.Clarke/DV/SPT.html Comprehensive Based on consumer need and practicality Not constrained by: OECD Gs 1970s View of Technology Business-Bias of the US Safe Harbor Designed to provide guidance for all, including corporations, business associations, govt agencies, individuals, public interest reps and advocates

19 Copyright, 1987-2006 19 Researc h Model

20 Copyright, 1987-2006 20 Population Segmentation Dimension 1 – The Business Pure Internet B2C Clicks-and-Mortar Dimension 2 – The Company Leaders Aggressive Marketers Marketers of Sensitive Products Regional Marketers Ethical Marketers / Not- For-Profits

21 Copyright, 1987-2006 21 Sample for the Pilot Survey Leaders: Amazon Google Aggressive Marketers: Sears, Roebuck & Co. Marketers of Sensitive Products: Adultshop.com Regional Marketers: Autoteile-Meile.de (German online supplier of tyres and automotive spare parts) 'Ethical' Marketers: National Geographic (worlds largest nonprofit scientific and educational institution)

22 Copyright, 1987-2006 22 Procedure Determine the segmentation Determine the sampling frames Determine the sample Conduct the assessment find the organisations web-site find the PPS on that web-site assess it against the template summarise compare among the sample draw inferences

23 Copyright, 1987-2006 23 Results Google terrible Amazon worse Sears & Roebuck worse again Adultshop.com positive National Geographic appalling Autoteile-Meile Google-like and irrelevant

24 Copyright, 1987-2006 24 Implications for Practice Caution: very limited external validity! Descriptive value: Many PPS are valueless to consumers Explanatory value: Current PPS undermine consumer Trust Predictive value: Fragility if and when things go wrong Self-Regulation doesnt work Hard or Co-Regulation is essential

25 Copyright, 1987-2006 25 Implications for Research Segmentation needs refinement: Organisational Size is a factor Home Jurisdiction cf. Global The Normative Template needs refinement The design appears to be: Practicable Useful A representative sample can be assessed, and results capable of being generalised from can be achieved, with limited resources

26 Copyright, 1987-2006 26 A Pilot Study of the Effectiveness of Privacy Policy Statements Roger Clarke Xamax Consultancy Pty Ltd, Canberra Visiting Professor, U.N.S.W., Uni. of Hong Kong & ANU http://www.anu.edu.au/people/Roger.Clarke/....../DV/PPSE0601 {.html,.ppt} Bled eCommerce Conf. – June 2006


Download ppt "Copyright, 1987-2006 1 A Pilot Study of the Effectiveness of Privacy Policy Statements Roger Clarke Xamax Consultancy Pty Ltd, Canberra Visiting Professor,"

Similar presentations


Ads by Google