Online Privacy – Do You Know How Much We Know?

In a speech in 2006, online security expert Steve Rambam argued that, with regard to the Internet, “Privacy is dead, get over it.” There are many who believe this statement to be true, even those who hope it to be so. But does the average consumer understand what is happening online to information about them and how it is used?


  • Harmless, even friendly-sounding cookies track your travels across the web and identify you when you return to a website and sometimes when you have been to a competitor site.
  • Facebook and other social networks offer volumes of detailed and personal information on us. Which is then accessible to people in and sometimes out of your social circle, and to the great intelligence engines that will then use it to profile you further.
  • More recently, you may have noticed that your Facebook profile picture appears at the bottom of seemingly unrelated websites, how did that get there?
  • Search engines are able to build detailed profiles of supposedly anonymous individuals from their search queries. It does not stay very anonymous for very long, when its reckoned that people search for themselves sometimes more than once a week.
  • As photo-tagging and geo-tagging become more popular, you might find your searchable name and a precise location and time on a picture posted by a buddy. If at that moment in time, you happened to have your arm round a stripper that might be problem.
  • Members willingly submit their entire career to websites like LinkedIn, which is then accessible at varying degrees to your connections, other members, and non-members, including your past and future employers and recruiters.
  • Huge increases in computing power and technology have made the harvesting of disparate public data sources (marriages, credit records, court data, etc.)  into a single profile a reality.

Much of what people submit and is captured online is arguably in the public domain already, perhaps not ‘secret’, but the sheer efficiency of the Internet to suck in, sort, analyse, redistribute, and sometimes sell that data takes the issue well beyond the imagination and understanding of the typical consumer.

Consumers are only vaguely conscious of the concept of trading some privacy for some sort of benefit: a more personalised proposition; better targeted ads; greater convenience; or access to better content.

They are even less aware of the extent to which this personal data is being hovered up and stored. With online privacy policies being long, confusingly legally written, and often times inflexible about opt-out choices. It is sometimes impossible for a customer to give ‘informed consent’ where they truly understand the data they are submitting and how it is going to be used, and they have agreed.

If a hotel were to start to exploit the information it knew about a guest after a visit, his other room guests, the fact that he ate too much, or drank too much, he would very likely be outraged. And probably would not patronise that hotel again. So should we expect a different standard when we interact with that hotel via its website? Surely not.

It can be argued that online companies only exist to trade on data and thus a different model applies. Maybe so, however, most brands exist online and offline and they need to apply a common and consistent standard to both worlds. This means a higher standard.

Using data to enrich a relationship and serve up a better more profitable proposition to customers is a good thing. But brands need to demonstrate that they respect their customers; that they take privacy seriously, and they make it easy for customers to understand and control how data about them is used.

Some privacy starters for companies on how to build sustainable trusting relationships with their customers:

  • Clearly articulate what data is collected about customers, why it is needed, and explain how it might be used.
  • Make your privacy policies simple and easy to read and easy to understand, this takes careful writing, and have more references/links to privacy on main pages of your sites.
  • Make it easier for customers to review and change their privacy preferences, by degree rather than the more common all or nothing approach.
  • Regularly re-communicate matters relating to privacy; people have short memories, particularly where you are changing the way that you do things.
  • Don’t collect what you don’t use, data is incredibly valuable but it is also a liability.

Openness and honesty works. For years now, we have established that brands that are open, direct, and flexible on matters relating to data privacy earn the trust of their customers. Who in turn are comfortable with the idea that their data is used by the brand to offer better marketing, better service, or creating greater knowledge.

Given that we are essentially talking about the same customers online and offline, the same approach applies. They will not accept or understand different standards in both worlds. Respectfully exploiting data is a great thing; it has the potential to bring customers and brands closer together, but it must be done in a way that builds trust, respect, and confidence.

Related reading

Overhead view of a row of four business people interviewing a young male applicant.