The low rate of privacy postings is an improvement over the 1998 findings of the Federal Trade Commission, which held that 85% of the 1,400 sites surveyed collected personal data but that only 14% of them informed consumers about their data-sharing policies.
"It's a gradual improvement, and now it's up to the industry to take the next step," said Timothy Kane, director of privacy at Enonymous.com, which conducted the survey. Enonymous.com in San Diego offers privacy-related products and services.
Among the 1,000 most heavily trafficked Web sites, 63% post some type of policy, the survey said. However, many of those sites don't offer a lot of protection. The survey rated sites on a four-star system, with only 6% earning the top two ratings.
Enonymous.com's findings come amid growing debate about Internet privacy, and they suggest Web sites may be taking consumers' concerns to heart.
"It's an informational site to raise product awareness," said Web production manager Ann-Marie Alves.
But the company's Internet e-commerce spin-off, Hifi.com, has had a privacy posting since it launched last fall, Alves said.
Sites that don't compile visitor data have all the more reason "to put up a policy anyway," Kane said.
Though more sites are posting their policies, the statements generally don't protect consumers' interests, privacy advocates said. Kane noted that "many sites" use "slippery language" to reserve their rights to share consumer data.
"The survey accurately reflects that privacy policies are not delivering a lot of privacy," said Jason Catlett, president of watchdog group Junkbusters Corp. in Green Brook, New Jersey.