Verified Document

Privacy Notices Term Paper

Privacy By law, majority of business institutions are required to provide their customers with information regarding their privacy policies on an annual basis. Business institutions are prohibited from sharing nonpublic personally identifiable customer information with non- affiliated third parties, unless consumers are clearly provided with an opportunity to opt-out. However, there have been concerns among people, as the opt-out process is time consuming for many individuals and in some cases privacy notices have been found too difficult to understand. Customers also indicate that current privacy notices are too long, contain too much legal jargon, or are too hard to read.

The privacy notices that business firms traditionally send to their customers are not new, however, with the growing explosion of the information systems and the Internet, the federal agencies have begun to question whether the traditional types of the privacy notices are adequate or there is a need to revamp the notices given to the consumers. But executives at banks, thrifts, and credit unions argue that their institutions have already invested time and money in creating notices that comply with the law and therefore changing the format of privacy notices now would render that work irrelevant and add cost to the consumers. They argue that change in the privacy notice would be a waste of time and money.

Examples of Privacy Notices

State agencies generally regulate rules on privacy law. Because of the different kinds of privacy notices that are delivered to consumers, there has been a push toward the uniformity. Presently, the complaint is that most of the privacy notices are long and require the customer to fill the form or call a telephone number for opting out. This has created too many variations in the privacy notices. Toward this end, state agencies are claiming that uniformity in the notices makes it easier to compare and monitor privacy policies. State agencies have suggested three formats: first, the use a simple format in which a business would list a data-sharing practice and indicate with a "yes" or "no" whether it engages in that practice. A second suggestion relies on the use of a template, in which a bank could describe its practices and specify what information is collected and how it is shared, and how a consumer can contact the department that oversees privacy. The third model tells consumers that they can ask their companies not to share their data with other companies and would offer them two "opt-out" options: One would bar the organization from sharing information with outside companies, and another would bar it from sharing with affiliates. However, many consumer advocates argue that each of the suggestions has a fatal flaw: They encourage customers to opt out. And this is a big shortcoming, because majority of consumers do not pay any attention to privacy notices, and even if they read, they forget to contact their companies because often the number provided by these companies are either busy or none is available to record their choice on the opt out (Linder, 2004).

Though the Financial Services Modernization Act, also known as the Gramm-Leach-Bliley Act of 1999, opened the door for financial services companies to merge and create partnerships with each other and other types of businesses. In response to consumer criticism and numerous lawsuits alleging serious privacy violations, the act included a provision aimed at protecting consumer privacy. This provision was supposed to allow consumers to bar these companies from sharing their names, addresses, social security numbers, account balances and other personal information (Lee, 2002).

Certainly, companies are working hard to comply with a bewildering array of fast-changing regulations that are under the preview of state, federal, international and industry-specific privacy rules. Writing a standard privacy notice that summarizes all regulatory and legal requirements can be a huge challenge for the companies. Privacy notices, which are required in every state, spell out clearly company's policies for handling personal data. Several laws require companies to clearly articulate what they can or can't do with confidential information. But differing requirements make it hard to draft a standard policy. For instance, many states still use privacy provisions from a 1982 information practice act that requires insurance companies to use specific phrases -- relating to how information might be shared for law enforcement purposes. Some other states require that companies include opt-in policies in their privacy statements. Opt-in policies require companies to seek and receive a user's permission to collect and use personal data.

To comply with private data, companies are required to establish a detailed inventory of all sensitive data everywhere in the corporation,...

For example, several companies have built a database that consolidates customer information from multiple applications and production systems. Each customer record in the database has an embedded "privacy indicator" that describes in detail that customer's privacy preferences (Vijayan, 2004).
The goal is to make sure that a customer's privacy preferences are always respected, regardless of which application is accessing the customer data. However, the laws on the privacy issue are vague. For example, companies in many states are required to "encrypt" data, but it doesn't specify the level of encryption required. Similarly, the law requires companies to inform customers of any "unauthorized access" to their data but doesn't define what constitutes unauthorized access. As a result, companies may decide to do the very minimum and comply with the letter of the law to provide the protection that the spirit of the law was meant to address.

Significance

As privacy is often defined as the ability of individuals to exercise control over the disclosure and subsequent uses of their personal information, privacy notice is fundamental to the individual's ability to protect his or her privacy. The representations that organizations make about their information collection and sharing practices provide the basis for consumers to make informed decisions about whether or not to disclose their personal information. The use of notice alone does not insure that an organization abides by its policy or observes fair information practices, or that individuals can pursue a complaint against the organization (Vijayan, 2004). It is nonetheless the key anchor of the fair information practices of notice, choice, access, security and enforcement, as without notice, individuals have no knowledge about the organization's information practices and no basis for deciding whether or not to interact with the organization.

Benefits and Present Environment

With the heavy use of the Internet, companies doing business electronically are required to fill Web-based self-assessment forms that show how they are going to use privacy practices and sort them into separate risk categories. Depending on the sensitivity of the information being handled, the companies are required to implement stronger privacy policies. Each company also needs to submit to regular privacy audits.

There are several advantages to the companies by using the privacy notices. First, the companies can create powerful trust with their customers. The use of the trust has been a useful catalyst for increasing the business with the customers. In some situations, trust has also been found to create long-term relationships with the customers. When customers become certain that their private information is safe and it would be not shared with others, they become more confident of the company's lawful practices, which, in turn, may lead loyalty between the company and the customers.

It is true that with the advent of the Internet, there have been several attempts to hack the private information, it, nevertheless, does not mean that consumers should not take the advantage of convenience of doing business electronically. Certainly, the federal rules are required be enforced vigorously and those companies that violate the customer trust should be brought to the justice as mandated by federal government under the liability suits. However, at the same time, when customers begin to trust companies and willingly share their preferences and interests to the companies, they can gain the advantages of customization. This is useful not only to companies as they can track the customer interests and preferences to suit their choices in products and services, but also becomes useful to customers as they can gain the advantages of the convenience.

With the use of the extensive use of the Internet, it has become much more critical for the companies that they post their privacy policy on their websites. As it has been found that since the advent of the dot-companies, almost half of companies don't have privacy policies. The leaders in providing privacy protection are taking aggressive steps to turn their policies into strategic advantages, and they're looking at technology to take a far more important role. So a market is emerging for software, which is focusing on privacy management and monitoring of customer data (McKim, 2001).

In a technological environment, the first step for a business is to build links among the business units' databases to create a consolidated view of its customers across the different divisions. The second step is to improve communications with customers, such as XML-based versions of privacy policies that comply with…

Sources used in this document:
References

Lee, W.A (2002). Biggest Banks Not the Most Trusted For Privacy. American Banker, 167 (204): 7-8.

Linder, Craig (2004). Banks to Regulators: Leave Privacy Notices Alone. American Banker, 169 (66): 3-4.

McKim, Robert (2001). Privacy Notices: What They Mean And How Marketers Can Prepare For Them. Journal of Database Management, 9 (1): 79-85.

Vijayan, Jaikumar (2004). Privacy Potholes. Computerworld, 38 (11): 36-38.
Cite this Document:
Copy Bibliography Citation

Related Documents

Privacy Risks and Principles
Words: 842 Length: 2 Document Type: Essay

Part A My website of choice in this case will be eBay (https://www.ebay.com/). In essence, eBay is “a ‘virtual marketplace’ allowing eMerchants, located anywhere in the world, who have registered with eBay to trade within this ‘virtual world’” (Bardopoulos, 2015, p. 51). Some of the site’s product categories include, but they are not limited to, health and beauty products, toys and videogames, sporting goods, computers and consumer electronics, clothing, cell phones,

Privacy Protection in E-Commerce Websites: Information Integrity
Words: 3550 Length: 9 Document Type: Essay

Integrity: Privacy Protection in e-Commerce Websites Privacy Protection in e-Commerce Websites Back in the 90s, websites were more or less digital brochures that did little more than serve their registered users with monthly electronic newsletters. Today, however, websites are powerful and complex information platforms that not only store and process data, but also allow for the sharing of information across a wide range of online platforms. We share personal data on

Privacy Rights in the Case
Words: 6316 Length: 15 Document Type: Term Paper

Layne', in December 1994, the Office of the Information and Privacy Commissioner received a compliant that the Vancouver Police Department had taken a decision to block out the faces of those person who were being interviewed by the police in the program, "To Serve and to Protect." The complainant was KF Media Inc., of Vancouver B.C. KF Media Inc. who was the producer of the program, and it generally

Privacy Law One Such Privacy Law That
Words: 626 Length: 2 Document Type: Research Paper

Privacy Law One such privacy law that has been enacted is the Health Insurance Portability and Accountability Act (HIPAA). It has provisions that govern data use and privacy among healthcare providers, insurers, and employers. There are stringent measures put in place to govern recording and sharing of communication between financial services providers and their clients (Mills, 2009). Outside the United States territory, there are legislations put in place that guarantee once

Privacy Abuse and Protection
Words: 3618 Length: 13 Document Type: Chapter

Privacy and Abuse Protection Efforts of Businesses Facts Many workforces in most nations all over the world are increasingly becoming global. These workforces cooperate, communicate, and link up in multinationals and global marketplaces via web-based applications across countries and territories. The phenomenon of globalization has removed quite a number of differences amongst peoples and nations both in workplaces and in other areas[footnoteRef:2]. However, some questions have been raised on the origins of

HIPAA Discussing Most Important Aspects HIPAA Privacy
Words: 990 Length: 3 Document Type: Essay

HIPAA Discussing Most Important Aspects HIPAA Privacy Security Law Critiquing Effect Regarding Protection Security Personal Health Information (PHI) HIPAA is an acronym for the Health Insurance Portability Accountability Act. This is an act signed into law by President Bill Clinton on August 21st, 1996. The maim aspects of this law is protection and provision of privacy to a patient's medical history The U.S. Department of Health & Human Services, 2003. This law

Sign Up for Unlimited Study Help

Our semester plans gives you unlimited, unrestricted access to our entire library of resources —writing tools, guides, example essays, tutorials, class notes, and more.

Get Started Now