Corporate IT: Be Alert Against Privacy Intrusion

Suppose that on a visit to a shopping mall, someone followed you with a video camera, capturing your every move - which store windows you looked into, which products you examined and what you bought.

You'd probably call the cops.

Why, then, is your company probably conducting a similar kind of surveillance of visitors to your Web site?

The emerging Digital Age is putting consumers on a collision course with corporate America - particularly dot-coms - over privacy. Big Brother government is sinister enough. But the myriad "Little Brothers" - commercial snoops that collect and trade people's most personal information - may turn out to be even more creepy, and dangerous.

Hardly a week goes by without an example of yet another invasion of privacy by an Internet company or the revelation of yet another egregious security flaw in PC software and e-commerce databases. Although the marketplace is spurring the development of privacy-enhancing software and other tools, self-regulation - industry's favored solution - is plainly not working.

Consumers have brought some of this intrusion on themselves. Americans claim they want to protect their personal data, but then they casually give it up to marketers. They also insist that information on the Web be free. So Web sites inevitably try to make money on the only things left to them: advertising and trading on customer data collected by monitoring cybersurfers' "click streams."

The collection and reselling of consumer data predates the Web. But where it once took skill and serious money to pull together profiles of individuals, the Net has made the process much simpler and cheaper.

Privacy abusers excuse their activities by saying they're providing a service: customized marketing that helps consumers find the products they want. Yet the marketers rarely ask people first - a process known as "opt-in" - if they want to be pitched this way. And they never tell the individual customer about the inherent privacy issues.

Many Web sites have privacy policies. But violations of those policies go unpunished. And organizations set up to monitor policies haven't shown any particular enforcement backbone, possibly because they're funded by the companies they monitor.

Indeed, the market will solve some of the worst abuses. The online equivalent of word of mouth - "word of mouse" - is much stronger than the real-world version, so companies that routinely violate privacy will become pariahs.

But the more subtle, pervasive manipulations will continue until they explode into public consciousness. That will lead to a call for government intervention that will be deafening and irresistible.

What all this means for IT organizations is that they should build privacy protections into their companies' systems from the start of projects, not bolt them on as an afterthought.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Show Comments