Does Your Privacy Policy Mean Anything?

  |  January 11, 2005   |  Comments

You assure customers their personal information is protected by a privacy policy. Is it?

These days, your company's privacy policy is a handy tool. It can placate worried consumers. A privacy policy assures them their personal data won't ever be used, shared, or abused. This also makes it a handy marketing tool.

But is the policy true? No, because your data aren't safe.

Sure, your corporate policy says you won't abuse the data. Fact is, it's easy for abuse to occur. You're at the mercy of your IT staff. They can prevent it from happening -- or make it happen.

Would your competitors like to have a list of your current customers? Has someone on your IT staff already sold it to them?

Would your suppliers like to know your thoughts about their latest pitches? How do you know your email hasn't already been forwarded to them?

If someone wants to abuse data, he must first obtain it. The key to obtaining it lies with someone who has access to it.

Could data abuse happen at your company?

Are your employees happy? Is there about to be a round of layoffs? Have you recently fired anyone? Do you have "disgruntled" workers? Are there other reasons some employees might want to share your data with others?

Any employee with access to your data can do with it as she pleases.

Computer Access

Data stored on someone's computer can be accessed by anyone with the password. Some companies use two-factor security systems. These require the user to enter both a personal password or identification number and a special number generated by a device the user carries when she want to access her computer. The device generates a new number every minute or so.

This two-step security system was used 20 years ago at a super-computer facility that ran simulation exercises for the Department of Defense. You can use a similar method to protect data. Though it won't solve all your safety issues, it can prevent someone from accessing data stored on a specific computer or using a computer to access important data.

Data Warehouse Access

Data stored in a data warehouse can be retrieved by anyone with direct access to the warehouse or an OBDC (define) connection to the warehouse. Different levels of security and access can be set up by the data warehouse administrator.

Is anyone logging or tracking what happens with the data? Do you monitor what data are accessed and by whom? Do you monitor where data files are sent? Do you know who has your data?

Most probably, you don't.

My bet is you have nothing in place to prevent someone from making a copy of your database and delivering it to your competitors or to a third party who might abuse the data.

Experience Speaking

I know these things because I've seen and heard plenty of examples of data being somewhere it shouldn't. I know CEOs whose email was read, then the information was shared with the wrong people.

I know people who have complete databases from pharmacies that contain customers' prescription records. I know people who could easily commit identity theft hundreds of times, using the names, addresses, and social security numbers they've acquired. In some cases, data warehouse administrators using "standard" data file extraction supplied the data. They just couldn't be bothered to write code to create the required file.

Maybe Important, Maybe Not

All the above may be very important to you, or not at all. It depends on your data's sensitivity. On an individual level, a consumer might think his medical records are extremely private and should never be shared with anyone. On a business level, customer names and addresses might be more valuable than the products those records represent.

Managers at companies that believe their data are valuable must regularly reexamine their privacy policies, whether data are used for marketing or can be shared or distributed.

ClickZ Live Chicago Join the Industry's Leading eCommerce & Direct Marketing Experts in Chicago
ClickZ Live Chicago (Nov 3-6) will deliver over 50 sessions across 4 days and 10 individual tracks, including Data-Driven Marketing, Social, Mobile, Display, Search and Email. Check out the full agenda and register by Friday, August 29 to take advantage of Super Saver Rates!

ABOUT THE AUTHOR

Brian Teasley Brian Teasley is the leader of Teasley, a consultancy that helpsadvertisers, marketers and advertising agencies use data and analysis toimprove their marketing campaigns. Brian has over 14 years experience inengineering and marketing, and has worked for numerous Fortune 100companies. Brian also teaches a marketing course at New York University. Heholds a M.S. degree in Applied Statistics from Iowa State University and aBA in Mathematics and a BA in Mathematics and Statistics from St. OlafCollege.

COMMENTSCommenting policy

comments powered by Disqus

Get the ClickZ Analytics newsletter delivered to you. Subscribe today!

COMMENTS

UPCOMING EVENTS

Featured White Papers

BigDoor: The Marketers Guide to Customer Loyalty

The Marketer's Guide to Customer Loyalty
Customer loyalty is imperative to success, but fostering and maintaining loyalty takes a lot of work. This guide is here to help marketers build, execute, and maintain a successful loyalty initiative.

Marin Software: The Multiplier Effect of Integrating Search & Social Advertising

The Multiplier Effect of Integrating Search & Social Advertising
Latest research reveals 68% higher revenue per conversion for marketers who integrate their search & social advertising. In addition to the research results, this whitepaper also outlines 5 strategies and 15 tactics you can use to better integrate your search and social campaigns.

Jobs

    • Sales Planner
      Sales Planner (Verve ) - New YorkAbout Verve   Verve is the leader in location powered mobile advertising. We manage one of the largest mobile...
    • Systems Analyst/Support
      Systems Analyst/Support (Agora Inc. ) - BaltimoreIRIS (Increased Revenue Intuitive Software ) is proprietary software that helps marketers...
    • Client Services Support Specialist
      Client Services Support Specialist (Agora Inc. ) - Delray Beach OVERVIEW:  This position requires a highly motivated and resourceful individual...