Prying Eyes

Keeping the Faith

So with all the controversy swirling around the privacy debate, what's the best way for entrepreneurs to earn trust from customers, yet gather the information they want at the same time? For starters, experts say Web sites that collect personal information from or about consumers online should comply with the four widely accepted fair information practices: notice, access, choice and security.

That means you should write a privacy policy and disclose to consumers exactly what you intend to do with their information. Post the policy prominently on your site and provide those consumers not only access to their information, but the means to challenge data that's incorrect. Also, give customers the choice to opt out. Finally, be sure you protect the security of the information you collect. As long as you're upfront and do what you say you're going to do, customers will continue to trust and shop with you.

"Consumers don't mind giving information if they know it's going to be in the trusted hands of the company they're doing business with," says Silvana Gragossian, co-founder of DecorLine, an online retailer of original art and craft items. One of the first things this six-employee Encinitas, California, firm did when it opened in 1999 was construct a privacy statement.

Written with the help of a lawyer, the statement says DecorLine is committed to protecting the privacy of its customers and that the information collected on the site is used solely to process orders and enhance the shopping experience. DecorLine occasionally sends e-mail notices to customers, informing them of new services, products and special offers, so recipients are always given the chance to opt out. But few take DecorLine up on its offer. Gragossian, 37, says, "We rarely get a request for removal from a user." Inc., which owns, a wellness portal in San Francisco, takes a different approach to consumer privacy. The site offers members free health, beauty and fitness information, along with personalized horoscopes and astrological reports. In its privacy statement, says it not only uses demographic and profile data to personalize services to match customer interests, but it also shares the information with advertisers on an aggregate basis.

The statement further explains that might share personal information with other companies. "Our customers can check a box that says they would like to receive special offers from our partners," says Jeremiah Rosen of "If they don't want the offers, they don't have to check the box."

However, Rosen points out that even if members opt out of the offers, their information is still part of the site's database. The way he sees it, if consumers don't want their information shared, they can unsubscribe from the site. "We aren't trying to hide anything," he says. "It's clear that we sell advertising; how we do it is by selling information about our audiences." Given the site's 3 million monthly visitors, the model doesn't seem to deter customers.

" understands visitors want their privacy protected," says Eric Bonjour, 42, co-founder and CEO of "That's why is committed to fully disclosing what and how information is gathered from site visitors. Should users choose to examine our privacy policy, they will clearly understand how personal information is used-on an aggregate basis only."

But as times change, you may need to alter your privacy policy. Take a lesson from eBay: Recently, the online auction site changed its privacy policy to include a stipulation that stated it reserved the right to share customer information if the company merges or is acquired. EBay decided to do this after another online bankrupt last year and made headlines when it attempted to sell its customer database, even though its privacy policy had stated that it would never share that information. The FTC, as well as privacy advocates, contested the sale, and the list was ultimately destroyed.

Like eBay, you should explain that your policy may change from time to time. It's not a bad idea, especially considering the fact that laws may change. Customers should always be notified of any alterations and given the opportunity to notify you if they don't agree to the changes as described. Of course, that doesn't take away the need for customers-new or existing-to always be given the opportunity to opt out if they're not happy with the policy.

"You have to give customers a choice-it's their information," says Gragossian. "Customers come to your site and give you their information-so you just can't take that lightly."

Melissa Campanelli is a technology writer in Brooklyn, New York, who has covered technology for Mobile Computing & Communications and Sales & Marketing Management magazines. You can reach her at

Like this article? Get this issue right now on iPad, Nook or Kindle Fire.

This article was originally published in the September 2001 print edition of Entrepreneur with the headline: Prying Eyes.

Loading the player ...

Mark Cuban's 12 Rules for Startups

Ads by Google

Share Your Thoughts

Connect with Entrepreneur

Most Shared Stories