Privacy Ref Blog

“There is no privacy, get over it”

I am sure you have heard this several times since Scott McNealy, Sun’s CEO, first said it back in 1999, “You have zero privacy anyway. Get over it”. After 14 years it seems Americans haven’t gotten over it. A Pew Research study shows more people are concerned about the government’s surveillance than terrorism (Few See Adequate Limits on NSA Surveillance Program). The implication is that people are becoming more privacy aware. If this is the case, what does that mean for business?

Privacy awareness

I read an article that discussed a Forrester report to be released this week that backed the premise that more people were becoming privacy aware. According to the article,

…62 percent of respondents say they would be “not at all likely” to repeat a purchase from a company that shared their personal information with a data broker, and that 37 percent of them have bailed on an online transaction due to something they read in a company’s terms of service.

It was surprising to me that when asked to think about browser settings used for protecting privacy only 35% did nothing. Seems like we’re a long way from getting over it.

Listening to Dad

In my rebellious, teenage years I sometimes complained about how some company had policies I disagreed with or a TV station was taking a slanted look at the news. My Dad always reminded me that I had a choice to take my business elsewhere or to simply change the channel.

If there really is an increased awareness about privacy, will shoppers begin to change their buying habits due to a company’s privacy practices? From a business-to-business perspective, I suggest we are seeing it already.

B2B privacy requirements

Over the past few years I have reviewed an increasing number of B2B contracts that require privacy protection clauses. These are usually related to:

More frequently, these terms have become non-negotiable from the customer company (depending on the size of the contract or the companies involved) implying that if these requirements are not met they will take their business elsewhere.

What should a business do?

If you are a B2B company you may have already felt this impact, if not…it is coming. If you sell directly to consumers it is time to re-evaluate your privacy policy and associated notice, practices, and procedures to ensure they truly reflect your company’s posture in protecting your customers’ and employees’ personal information.

Privacy Ref provides consulting and assessment services to build and improve organizational privacy programs. For more information call Privacy Ref at (888) 470-1528 or email us at info@privacyref.com

Posted on July 31, 2013 by Bob Siegel
Tags: ,

« »

No Responses

Comments are closed.


« »

Subscribe to our mailing list

Please fill out the form below.

Required

Want to find out more?

Simply go to the contact page, fill out the form, and someone from Privacy Ref will be in touch with you. You can also send an email to info@privacyref.com or call (888) 470-1528.

News

April 16, 2018

IAPP Training Classes
Privacy Ref is proud to announce that we are an official training partner of the IAPP. You now have the opportunity to learn from one of our knowledgeable privacy professionals using the most respected training content in the industry. The robust interactive training offered, aids in the understanding of critical privacy concepts. The contents of the courses are integral to obtaining your privacy certifications and to educate your new team. Learn more here.

Latest Blog Posts

April 30, 2018

Defining GDPR for Non-Privacy People
During the IAPP’s most recent Privacy Summit, I was approached with an interesting question. “I am a privacy professional and I know why GDPR is important. I know about the fines and requirements for compliance, but few others at my company do. How do I explain GDPR to my colleagues effectively?” I responded with a quick and simple answer that probably did not cover all the bases, so I wanted to write up some deeper thoughts on the subject. Continue reading this post...

Breach Notification and Follow Up
Unfortunately, it is a given that as an organization you will receive a notice from a third party that they had an incident or breach that may have compromised personal or sensitive employee or customer information.  A majority of the breach laws require immediate notification or notification within a 24hr to 48hr timeframe, not including notification times from a contractual perspective. The question then becomes what does the third party need to provide, the level of assurance in order for an organization to re-establish connectivity and/or to use third-party moving forward. Continue reading this post...

Other Recent Posts

PRIVACY REF