Respecting user privacy, Part 1

This article first appeared on IBM developerWorks.

Earn their trust with a clearly-written, straightforward policy

Peter Seebach <#author1> (

April 2001

Last time <> we talked about why it's dangerous to be overly dependent on JavaScript in your Web pages. This time, we'll look at why privacy is a much-abused buzzword. The e-commerce industry has failed miserably to produce consumer confidence; not because we haven't tried to do so, but because we've done it through dog-and-pony shows, rather than real respect for personal data. It is particularly crucial to note, in this context, that not everything that is legal is acceptable. We discuss the basic principles of an effective privacy policy: It must be short and readable, and the customer must like it.

In your face

What is privacy? Privacy is a big buzzword these days. Sites have long, involved privacy policies -- many of them 15 to 20 paragraphs long. The Federal Trade Commission is talking about a need for legislation to correct problems with online privacy.

The fact is, privacy is something that has great importance to most consumers, and negative importance to all too many marketers. The moment we agree not to call, not to fax, not to spam the customer into next week, we have given up "eyeballs." Marketing is all about eyeballs, all about buzz, all about getting in the consumer's face, right up close so they can see our pores.

Privacy is anathema to these in-your-face marketing models. Privacy means leaving customers alone, not selling everything we can to them. Privacy means not selling the "eyeballs" we have to our would-be marketing partners. Privacy, the way consumers' rights advocates go on about it, seems to imply a kind of distant, formal relationship -- not one where you can keep in touch.

This is simultaneously true and false. Modern marketing is surprisingly close to stalking. We collect data. We analyze it. We predict. One British grocery store chain experimentally sent out pamphlets to women reminding them that it was about time for them to stock up on feminine products; the campaign was dropped quickly. The fact is, the marketing instinct tells us we need to know about people, and we want to find out about them, whether the people tell us themselves or we collect the data from "partners." At the same time, we give those partners the juiciest tidbits we can find.

The end result is that consumers are, justifiably, terrified of us. They know that a phone number given "for questions about your order" will quickly turn into dinnertime sales pitches. They know that a street address given for shipping today will receive piles of glossy pamphlets next week. And they want it to stop. So, they avoid us -- because we're trying to get too close, without any concern for what they want. If we give them a little space, we may find we have closer, and more willing, relationships with them!

So, with this in mind, let me walk you through a few key points that may help you understand what privacy policies are really about, how to write a good one, and why it matters.

The finer things

The first order of business is this: People hate fine print. Really. They hate it. There's an urban legend about an insurance company that once put a paragraph on page 17 of a policy saying, "If you read this paragraph, call our corporate offices at (800 number) and we'll pay you $100.00." No one tried to collect. None of them read that far; the state law mandating the "full disclosure" was irrelevant. (This was, supposedly, why the insurance company put the paragraph there; they wanted to show that the law was irrelevant.)

What that means is that, if you have a truly comprehensive privacy policy, chances are that none of your customers have read it. So, anything you do that fails to meet their expectations will come as a shock. Companies get used to saying, "Well, our policy is just an industry norm," but many customers aren't aware of the "industry norm," and that means they won't be expecting it when you follow through on that policy.

Some companies try to capitalize on this: They hide the most odious terms near (but not quite at) the end of the document, and disguise them behind confusing double and triple negatives. They say things like, "If you decide that you no longer wish not to be excluded from our mailing list, you may send a request stating your preference to...". Most people don't notice -- and thus, are offended when you try something funny. The ones that notice will never trust you.

So, if your policy is going to do you any good, it must be short, and it must be in clear language. It has to be unambiguous, and it has to be easy to understand.

Warm fuzzies

Secondly, the policy actually has to be a good one. The reason we write such long, wordy policies is that /we know customers won't like it if they understand it/. As soon as we commit to writing a policy the customer can understand, we have committed to writing a policy the customer will like. Would you write a clear, comprehensible, policy, if you knew the customer would hate it?

Your policy, then, has to provide warm fuzzies. If you're writing in clear language, that means you have to make some promises that will probably terrify your marketing department. Promises like: "If you provide an e-mail address for order confirmation, it will be used only for correspondence related to your orders. It will not be used for marketing or promotional material, and it will not be shared with third parties unless you ask us to share it." Read that little passage again; it's a paraphrase of the policy that got me hooked on the bookstore I've used for all my online book shopping in the last few years (see Resources <#resources>). Having read that, wouldn't you feel safe handing out your real e-mail address, not just a throwaway Hotmail account, to this company, knowing that you won't be deluged with spam?

This week's action item: Read your company's entire privacy policy -- every paragraph. Talk about it with someone. See if there are any terms you aren't sure of. Do you redefine common terms in surprising ways? Does your policy contradict itself? Most do.


About the author

Peter Seebach has been having trouble navigating through badly designed pages since before frames and JavaScript existed. He continues to believe that, some day, pages will be designed to be usable, rather than being designed to look impressive. You can reach him at