YOUR PRIVACY IS ASSURED—OF BEING INVADED:

WEB SITES WITH AND WITHOUT PRIVACY SEALS

Robert LaRose, Ph.D

Department of Telecommunication

Michigan State University

East Lansing, MI 48824

larose@msu.edu

 

Nora Rifon, Ph.D.

Department of Advertising

Michigan State University

East Lansing, MI 48824

rifon@msu.edu

ABSTRACT

Concerns about consumer privacy are a leading reason for non-participation in electronic commerce and other on-line activities. Privacy seals were developed as means of addressing those concerns through industry self-regulation. Their purpose is to assure consumers that certain basic privacy standards are being met by the Web sites they visit and two leading seal authorities, TRUSTe and BBBOnLine have emerged. The present research assessed whether the two seal authorities delivered what they promise and compared the privacy protection practices of sites that participate in the two programs with non-participating sites.  Privacy policy statements were interpreted as a form of persuasive communication that attempts to minimize the risks of providing personal information while emphasizing the benefits of personal disclosure.   Seal bearing sites were compared with a sample of comparable sites to determine if the privacy practices of unsealed sites differed. There were few differences in the privacy practices between seal authorities: TRUSTe and BBBOnLine participants offered about the same degree of privacy protection assurances and were equally invasive with regard to the amount of personal information they requested. However, unsealed sites offered nearly equal privacy assurances and were significantly less invasive than the sealed sites with respect to the amount of personal information requested. However, seal program participants did provide superior access to information and assurances of data security. Suggestions for the improvement of voluntary privacy seal programs are offered.

KEYWORDS

Internet, privacy, seals, content analysis

1.       INTRODUCTION

Privacy remains an important issue on the Internet.  Two-thirds of Internet users are concerned with the confidentiality of the Internet (NTIA, 2002; Cranor, Reagle & Ackerman, 1999; Hoffman, Novak & Peralta, 1999, Pew Research, 2000) and an equal number see the Internet as a threat to their privacy (Cole, 2001). Privacy threats may lower participation in commercial and social activities on line (Pew Research, 2000) and are of particular concern to new users and women (Pew Research, 2000) and to African-Americans (NTIA, 2000). Non-users see the Internet as a privacy threat (Cole, 2001; NTIA, 2002), suggesting that on-line privacy invasion is a deterrent to non-users as well.

     These concerns may be well-founded. A content analysis of leading e-commerce sites by the Federal Trade Commission found that only 20 percent met the agency’s standards (FTC, 2000).  These guidelines entail disclosure of privacy policies, providing consumers choice and consent, access to their data, and security of the data that is collected. Independent studies have revealed continuing gaps in on-line privacy practices (Culnan, 1999; 2000; Miyazaki & Fernandez, 2000; Miyazaki & Krishnamurthy, 2002).

      To address the on-line privacy problem, fair practice standards are sought (FTC, 2000; Milne & Rohm, 2000).  For consumers, clear explanations of information practices are a first step toward making a conscious decision to participate in a web site’s information practices (Han & Maclaurin, 2002). The on-line public also demands third party verification (Harris Interactive, 2002).  The problem for Web site proprietors is how to inform consumers without losing consumer trust and prompting avoidance behavior. 

      Elsewhere, notably the European Union (CEC, 1995), there are strong legal protections for consumers. These include the right to control the release of information to third parties and to inspect and correct private information.   However, government regulation has not proven to be an effective approach in the United States. With the exception of the Child Online Protection Act (COPA) provisions governing the privacy rights of children, efforts to pass consumer privacy legislation have been a failure. The USA Patriot Act, passed in the wave of fear following the September 11, 2001 terror attacks, has significantly “lowered the bar” for privacy protection by undermining basic Fourth Amendment concepts of probable cause and issuance of warrants and effectively gutting the Electronic Communications Privacy Act (EFF, 2001). Now, commercial interests are demanding powers similar in scope to anti-terror agencies, including the right to invade computer hard drives in search of copyright violations (in the Peer to Peer Piracy Prevention Act, H.R. 5211, Section 514).  In this climate, consumer privacy is endangered and protective legislation is unlikely.

       Instead, consumers, the Federal Trade Commission and industry leaders alike are all hopeful that voluntary third party seal programs will provide a self-regulatory solution. Several alternative seal programs have emerged, including TRUSTe, BBBOnLine, and HON. However, the Internet user’s desire for convenience or pleasure may overwhelm rational concerns about privacy. E-commerce sites in particular are laden with features that seem calculated to overwhelm the consumer self-control and trigger impulsive behavior (cf. LaRose, 2001).  The complexity and mixed messages (cf. Anton & Earp., 2001) of privacy disclosure statements and unfamiliarity with privacy self-protection techniques are further barriers to the effectiveness of privacy notifications. While users may be concerned about privacy, they may not understand on-line privacy disclosures, be unable to implement their own privacy protections, or be motivated by the blandishments of Web site proprietors to ignore their own privacy concerns.  Most Internet users routinely divulge personal information in return for access to “free” information or for the perceived benefits of having information personalized for them (Pastore, 1999a).  The promised rewards of incentive programs, coupons, discounts, and prizes may also motivate disclosures (Pastore, 1999b) and a trade-off between privacy and convenience is thought to be the crux of the on-line privacy issue (O’Neill, 2001). Customer relationship management—the science of building an exchange between Web site visitor and Web site customer—may also subvert privacy concerns (Luo, 2002). 

      The purpose of the present paper is to compare sites bearing the seals of the two leading privacy seal authorities with each other and with a comparable control group of sites. It updates and improves upon recent research comparing sealed and unsealed sites (i.e., Miyazaki et al., 2002) by expanding the sample size: the small (n=20) cell sizes in prior research may have lacked the power to detect distinctions between sealed and unsealed sites. In addition to assessing compliance with voluntary privacy guidelines as did past studies (Culnan, 1999; 2000; Miyazaki & Fernandez, 2000; Miyazaki & Krishnamurthy, 2002), the present research examines the consumer communication characteristics of privacy policy statements.

2.       A Comparative Analysis of Web site Privacy policies

2.1 Privacy Policy or Persuasion Attempt?

Thus, the content of privacy policies and the use of privacy seals may be viewed as a persuasion attempt on the part of Web site proprietors.  Proprietors may use privacy policy statements to persuade visitors to voluntarily disclose personal information necessary to complete transactions or to ignore involuntary monitoring activities conducted by the proprietor.

      This balancing of risks and rewards is consistent with a theory of privacy (Foddy, 1984) that describes competition between the desire to avoid personal disclosures and the desire to set up exchange relationships for mutual benefit (e.g. to complete an e-commerce transaction), to obtain desired stimulation (e.g. to register for an online game), or to compare oneself with others (e.g. to enter a chat room). Generally, the decision to make a disclosure depends upon the closeness of the relationship, the risk to benefit ratio involved in the disclosure, the situation, and reciprocity (Rosenfeld, 2000). Thus, Web site proprietors might  influence the disclosure decision by building a close on-going relationship, minimizing the perceived risks of disclosure with their privacy practices, emphasizing the benefits of disclosure, creating private situations with secure Web links, and reciprocating with additional information, services and completed transactions when personal disclosures are made.   In privacy theory, deception (e.g. using false on-line identities), equivocation (e.g. filling in ambiguous address information), and hints (e.g., providing incomplete information) are alternatives to full disclosure, strategies that are mirrored in the on-line context (Sheehan & Hoy, 1999). We site proprietors would like to persuade visitors to avoid these practices.

      In this light, privacy seals may be seen as a persuasion tool. For those who are not highly involved in privacy issues, they are an attempt at persuasion through the use of peripheral cues that are easily recognizable, familiar and attractive.  Familiar sources that are viewed as credible, that is, trustworthy, attractive and with expertise (Petty, Cacioppo & Schumann, 1983; Atkin & Block, 1983) are used heuristically to assess the meaning of the message.  Thus, source credibility closely parallels the concept of trust in Internet research (Luo, 2002; Chadwick, 2001) that is predicated on the familiarity of the source (built through repeated transactions or community relationships) and institutional affiliations (i.e. with certification services). If privacy is a high-involvement issue, then the privacy seal links to a detailed policy that elaborates arguments in favor of making personal disclosures.

2.1.1 Privacy Seal Practices

But what do privacy seals actually assure? The two leading seal authorities, TRUSTe and BBBOnLine both rely on voluntary compliance with privacy policy standards consistent with the FTC’s guidelines (disclosure, choice, and data security). There are differences. TRUSTe emphasizes procedures to assure the accuracy of information. BBBOnLine prohibits the release of personal information to third parties for marketing purposes even if consent is obtained and requires “opt in” privacy for health, financial, political preference, religious and other highly personal information. Both engage in ongoing monitoring.  TRUSTe conducts periodic privacy policy reviews, CPA audits of privacy policies, and “seeding” of private information to check compliance (TRUSTe, 2002). BBBOnLine monitors through random checks. Both offer on-line verification of their privacy seals so that consumers can “click through” the seal to verify the legitimacy of the seal.

      Both offer consumer complaint resolution although BBBOnLine’s, modeled on the Better Business Bureau approach, is considered superior by some (PerfectlyPrivate, 2003). BBBOnLine posts consumer complaints online and also the follow-ups to those complaints, with the threat of reporting violators to the FTC withdrawing their seal if the complaints are not satisfactorily resolved. TRUSTe requires that the consumer refer the complaint to the site and wait up to 30 days before submitting a complaint to the seal authority. TRUSTe does not publish a record of complaints or their resolution (TRUSTe, 2002).

      In practice, the seal assurance programs have been less than perfect (PerfectlyPrivate, 2003). TRUSTe was embarrassed to find it had violated its own standards by using (unwittingly, it claimed) a third party to track identifiable information on its own site. Two TRUSTe seal holders were found to be forwarding personal information to a marketing company and while TRUSTe vowed to investigate and the transfer was eventually terminated, the authority never published the result of its investigation. TRUSTe also failed to pursue complaints against Microsoft and RealNetworks on the premise that software glitches had inadvertently caused the breaches. Both authorities have been criticized for granting seals to companies who were under investigation by the FTC (GeoCities in the case of TRUSTe, Equifax in the case of BBBOnLine).

2.1.2 Examining Privacy Policies

Prior content analysis research (Culnan, 1999; 2000; Miyazaki & Fernandez, 2000; Miyazaki & Krishnamurthy, 2002) examined privacy seals from the perspective of the FTC guidelines and found gradual improvement in complying with those guidelines. However, compliance with the letter of the code authorities and FTC guidelines does not necessarily mean compliance with the spirit of consumer protection.  The context in which the seals are presented and the text of privacy policies might present mixed messages to the consumer, on the one hand warning about the dangers of yielding private information, on the other hand arguing that these concerns are unimportant or offset by other factors.  The purpose of the present study is to examine the seals as an act of persuasive communication as well as an artifact of voluntary self-regulation. That is, we examine how privacy seals may be part of a persuasive exchange process in which they serve as inducements to make disclosures of personal information.

      From this perspective, it is important to consider the context in which the seals appear.  For example, when seals appear prominently on the home page, next to the text of the privacy policy, and again on pages where personal information is requested, that could represent an invitation to forego reading of the text of the privacy policy and rely on the presence of the seal alone to assure privacy. In so doing, is the Web site proprietor “arguing” to low involvement visitors that they needn’t delve into privacy policies too deeply? Overall, is the appearance of the seal a “smoke screen” to obscure privacy intrusion?

      And if visitors delve more deeply, are revelations about privacy intrusions countermanded by verbal arguments that stress the trustworthiness of the site? Or do they remind visitors of the rewards for compliance, or the negative consequences of failure to comply.  For example, statements affirming the proprietor’s concern for the visitor’s privacy might be a verbalization of the same superficial trustworthiness “argument” that the seals themselves represent. Reminders of the additional services available when personal information is provided – or the ones that will be withheld if the information is not forthcoming—are attempts to convince the visitor of the benefits of supplying personal information.

      In analyzing privacy policies from the consumer’s perspective, distinctions between differing dimensions of privacy should be recognized. Lee and LaRose (1994) synthesized previous studies of privacy dimensions: Physical privacy, or solitude, is the freedom from the undesired observation and intrusion on one’s senses or person. Informational privacy, or anonymity, is control over the release of personal data. Reserve, or psychological privacy, is control over personal information to protect one’s thoughts and emotions. Intimacy, or interactional privacy, is relevant to small group relationships as it preserves meaningful communication among group members. The first two are especially pertinent here. Informational privacy relates to voluntary disclosures of personal information, the types of disclosures routinely requested during Web site registration procedures. Conventionally, physical privacy relates to intrusions on one’s person by unwanted sights and sounds or unwanted observation, such as the ring of a doorbell or telephone. In the information age that extends to intrusion upon one’s computer, including unwanted files, including cookies and unsolicited email.

2.1.3 Research Questions

We formulate these issues into the following research questions: 1. Is the there a difference between sealed and unsealed Web sites in their degree of  information disclosures they request and their intrusiveness? 2. Do sealed and unsealed sites vary with respect to their privacy practices? 3. Are there differences in requested disclosures, intrusiveness, and privacy practices between seal authorities? 4. Are disclosures and invasions related to the presence of verbal arguments in favor of disclosure?

2.2 Research Methods

A content analysis of 200 Web sites was conducted to compare sites with TRUSTe and BBBOnLine seals with similar sites that did not participate in the leading privacy seal programs.

2.2.1 Sampling

Fifty sites each were drawn at random from among the 1389 TRUSTe (www.truste.org) sites and the 747 BBBOnLine (www.bbbonline.org) sites listed at the time of the study. Comparison sites were drawn randomly from a list of the 4449 most visited Web sites supplied courtesy of NetRatings (www.netratings.com). BBBOnLine and TRUSTe sites drawn from the NetRatings sample were replaced. Adult sites and business-to-business web sites were excluded from the samples.

2.2.2 Operational Definitions

Content categories were built from prior studies (e.g., Culnan, 1999; 2000; Miyazaki & Fernandez, 2000; Miyazaki & Krishnamurthy, 2002) to reflect the basic FTC guidelines of notice, choice, access and security.  Notice included statements about general privacy assurances, what information was collected, how information was collected, how the information would be used, and child protection.   Choice entailed statements about conditions under which consumers could be recontacted or have their information shared with third parties. Suggestions for privacy protection were also noted.   Access included provisions for consumers to review or correct the information the site collected and to file a complaint.   Security related to protecting information during transmission and subsequent storage and whether an admission about the basic insecurity of Internet communication was present. 

      Consistent with the objectives of the present study, additional items relating to consumer communication and persuasion, such as the location and prominence of seal icons and the inclusion of statements about the benefits of information disclosure were added.    The position of the link to the privacy policy page, whether the link is tagged with the word “privacy”, its font size relative to the remainder of the home page, and whether the privacy seal was visible on the main page was coded. On the privacy policy page the position of privacy seal, the presence of site navigation and advertisements was noted.  

      The types of information requested of the consumer were recorded, including user name, personal password, last name, e-mail address, street address, telephone number, fax number, credit card number, social security number, demographics, and personal interests. A disclosure index was computed by counting the number of items of personal information requested by each site for voluntary disclosure (mean = 4.47, S.D. = 2.39, range 0-9). For this purpose, demographic and personal interest requests were treated as a single item even if multiple requests were made in those categories.

      An intrusiveness index was computed by totaling the number of involuntary privacy invasions (e.g. leaving cookies, recording IP information, sending email) each site admitted to in its privacy policy (mean= 4.48, S.D. = 2.52, range= 0-10). Likewise, a benefits index was computed by totaling the number of benefits of information disclosure mentioned in the privacy statement (mean= 1.31, S.D. = 1.16, range 0-4).

2.2.3 Procedure

The coding guide was pretested and modified to improve reliability and coders were trained in its use. Coders were provided with a spreadsheet containing the categories shown in Table 1 and a codebook describing the definitions of each item. To help coders identify key components of privacy policies, keywords were suggested (e.g. “children” when seeking policy statements about child protection policies). Ten coders were divided into teams of two, and each team member reviewed all of the Web sites assigned to their team.  Any responses that differed between the two were then reviewed by the coders as a team and a mutually agreed upon code was determined by referring back to the coding guide. 

2.2.4 Data Analysis

The results of content analysis were entered into the Statistical Package for the Social Sciences, version 10.1 (SPSS, 2000) for statistical analysis. Comparisons between sites registered with the two seal authorities and between sealed and unsealed sites were performed using chi-square analysis. The attributes analyzed at each site (e.g. the presence or absence of a privacy seal on the page containing the privacy policy statement) were dichotomized, resulting in a series of 2x2 tables.  Two sets of chi-squares were computed, one contrasted BBBOnLine registered sites with TRUSTe sites. The other compared unsealed sites with those bearing seals, combining sites from the two seal authorities.  On items where attributes of privacy policies were compared, only those sites that had policies posted were included (n=183). Fifteen of the “control group” sites but also one each of the BBBOnLine and TRUSTe sites had no privacy policies available. Pearson product-moment correlations were computed between indices of intrusiveness, invasiveness, and stated benefits.

2.2 Results

The results of content analysis are shown in Table 1. With respect to the amount of information requested (intrusiveness), unsealed sites were significantly less likely to request last names (65% of unsealed sites vs 78% for sealed sites), e-mail addresses (75% vs 87%), or credit card numbers (27% vs 49%). There was only one significant difference between sites participating in privacy seal programs and those not participating with respect to the privacy violations that were acknowledged: nonparticipating (unsealed) sites were more likely (77.6%) to acknowledge the placement of cookies than sealed sites, taken as a group (64.2%).

Table 1. Content Analysis Results

Item

No Seal

N=100

BBB

OnLine

N=50

TRUSTe

N=50

1. INFORMATION REQUESTED:

 

 

 

User Name/Screen Name

31.0

34.0

50.0

Personal Password

47.0

46.0

68.0*

Last Name

65.0**

82.0

74.0

E-mail address

75.0**

88.0

86.0

Street Address

53.0

70.0

58.0

Telephone Number

37.0

56.0

44.0

Fax Number

1.0

8.0

2.0

Credit Card Number

27.0**

50.0

48.0

Social Security Number

7.0

6.0

10.0

Demographics

26.0

28.0

32.0

Interests

3.0

4.0

2.0

2. OPTIONS FOR USING INFORMATION

 

 

 

For alerts

36.0

36.0

34.0

For market research

7.0

2.0

4.0

For third Parties

11.0

10.0

12.0

3.  PRIVACY POLICY PRESENTATION

 

 

 

Privacy policy linked from main menu

10.6**

22.4

18.4

Link tagged with "Privacy"

83.5

91.8

91.8

Normal font size used

39.3

38.8

40.8

Privacy seal visible on front page

1.2**

73.5

63.3

Seal visible on policy page

2.4**

73.5

93.8

Site Navigation Visible

74.1

65.3

77.6

Ads Visible

27.1

16.3

28.6

4. NOTICE

 

 

 

Notice of Types of Information Collected

80.0**

98.0

98.0

Notice of How Collected:

71.8**

83.7

87.8

   IP Information

45.9

20.4

59.2*

   Site Registration

68.2

67.3

83.7

   Leaves Own Cookies

77.6**

57.1

71.4

   Tracks In-Site Navigation

32.9

18.4

24.5

   Uses Web Beacons

11.8

16.3

8.2

   Third party cookies

37.6

24.5

30.6

Specifies Use of Data…

 

 

 

  To Send email

69.4

83.7

67.3

  For Marketing

56.4

51.0

46.9

  Target ads

35.3

30.6

30.6

5. BENEFITS OF DISCLOSURES  DESCRIBED?

47.1

63.3

53.1

General Assurance

74.1

93.9

67.3

Service Access

36.5

34.7

46.9

Saves time

15.3

24.5

24.5

Customization

21.2

28.6

36.7

Alerts Offered

43.5

44.9

46.9

Child Protection

43.5

49.0

36.7

6. ARE CHOICES OFFERED?

 

 

 

Recontact Choice

41.2

55.1

51.0

Privacy Protection Suggestions Offered:

17.6**

28.6

36.7

Cookie control

28.2

28.6

46.9

Choose to refuse

20.0

28.6

16.3

Protection Information Links Shown

9.4**

30.6

20.4

Third Party Disclosure Options

57.6

61.2

63.3

Aggregate Only

34.1

38.8

46.9

Disclosure Choice

35.3

40.8

36.7

Review Policy

32.9**

73.5

59.2

Corrections Policy

41.2**

85.7

87.8

Complaint Procedure

57.6**

87.8

85.7

7. SITE SECURITY

 

 

 

Transmission Security

31.8**

73.5

49.0*

Site Security

41.2**

77.6

71.4

Insecurity Statement

20.0

8.2

24.5*

 

Note: Table entries are percents based on the number of sites in each category.

*  Indicates significant differences between BBBOnLine and TRUSTe sites Pearson chi-square p < .05.

**Indicates significant differences between sealed and unsealed sites, Pearson chi-square, p < .05.

 

      Regarding the consumer communication characteristics, unsealed sites were far less likely to include their privacy statement as an option on their main navigation bar (10.6%) than were sites with privacy seals (20.4%). The presence of a link tagged with the word “privacy” was highly likely at both sealed (83.5%) and unsealed (91.8%) sites that had privacy policies. About three-fifths of all sites used smaller than normal fonts for the privacy links, however. Participants in seal programs usually displayed their seals on their front pages (73.5% of BBBOnLine sites, 63.3% of TRUSTe sites) or on the privacy policy page (73.5% and 93.8%, note that two of the control group sites participated in seal programs other than the two leading ones). However, potential distractions were also present. About three-fourths (72.7%) of all sites with privacy policies had their main navigation bars on the privacy policy page and a fourth (24.6%) carried ads on those pages.

      Comparing the content of privacy policies, unsealed sites and were less likely to include statements about the types (80% vs 98%) and methods (7.18% vs  85.8%) of information collection. Consumer protection information was also somewhat lacking, the unsealed sites were less likely (17.6% vs 32.6%) to offer specific suggestions about how consumers could protect their own privacy and seldom posted links to privacy protection links compared to sites participating in the two leading seal programs (9.4% vs 25.4%). The non-participating Web sites were also far less likely to state policies for reviewing (32.9% vs 66.3%) and correcting erroneous information (41.2% vs 86.8%), provided fewer assurances of security of data during transmission (31.8% vs 66.2%) and after (41.2% vs 79.5%) receipt of the information by the site’s proprietor, and were less likely to have a formal complaint procedure (57.6% vs 86.8%).

      Substantial numbers of sites used privacy policies to point out the benefits of providing personal information or ignoring the consequences of privacy invasion, and here there were no significant differences between sealed and unsealed sites. Over three-fourths (77.6%) of all sites with privacy policies offered comforting general assurances of concern about consumer privacy (and many of these are prominently displayed in the opening paragraph of the policy). About half (47%) of all sites with privacy policies made some reference to the benefits of information disclosure, specifically including access to service (38.8%), time savings (20.2%), customization (27.3%), and the alerts about new products or services (44.8%).

      Comparing TRUSTe sites and BBBOnLine sites, there were few differences. TRUSTe sites were more likely (68%) than BBBOnLine sites (46%) to request personal passwords, or to acknowledge that they recorded IP information (59.2% vs 20.4%). Sites with TRUSTe seals were less likely (49% vs 73.5%) to assure security during transmission and were more likely (24.5% vs 8.2%) to issue “insecurity statements” to the effect that no transaction completed over the Internet could be regarded as completely secure.  

      Comparing the occurrence of statements about the benefits of information disclosure, the number of arguments made favoring disclosure were unrelated to the amount of personal information requested (intrusiveness, r = -.098), but was moderately correlated to intrusiveness, as indicated by the number of different ways in which privacy was invaded (invasiveness, r = .506, p < .001).

2.3 Discussion

It is perhaps ironic that the Web sites that seek to publicize their concern for consumer privacy by displaying privacy seals were actually more likely to intrude on privacy, at least in terms of the amount of personal information that they requested from consumers. And, aside from a greater tendency to deposit cookies, the unsealed sites were no more likely to invade users’ physical privacy through involuntary intrusions on their computers.  Naïve consumers who view seals as a form of privacy protection may thus be disappointed.

      From the perspective of compliance with FTC guidelines, both sealed and unsealed sites were about equal in their assurances, with two key exceptions:  sites participating in privacy seal programs were more likely to offer assurances about the security of information both as it is collected and after it is collected. And, unsealed sites were less likely to reveal how data is collected.

      How effective were the seal authorities in encouraging compliance with FTC guidelines for notice, choice, access, and security? BBBOnLine sites were more likely to make assurances about secure transmission of information than TRUSTe sites. However, compliance with the guidelines was somewhat less than perfect in all key aspects. For example, while almost all of the seal program participants provided notice of the types of information collected, about an eighth did not reveal how information is collected, offer to correct errors, or maintain a complaint procedure. And, while most sealed (but also unsealed) sites informed consumers of their choices, many did not really offer any choice other than leaving the site or foregoing service.

      Of course, the seal authorities themselves make no promises about the levels of privacy offered by the sites bearing their seals. They only promise that disclosures about privacy practices will be monitored for accuracy and consumer complaints about privacy practices will be responded to. Judged on these, their own terms, the seal authorities were effective in that nearly all the sites bearing their seals of approval provided expected information about notice, choices, access, and security. Compliance was not perfect in any of these key respects, but this perhaps points to the complexity, ambiguity, and lack of standardization in privacy statements as much as the effectiveness of their enforcement. For example, a site that makes no explicit reference to a consumer complaint policy might point out that it collects no personal information and therefore needs no such policy or that its customer service policy covers the requirement.

      Are the FTC guidelines sufficient? Judged against the stricter standards of the European Community’s privacy directive (CEC, 1995), for example, neither seal program participants nor non-participants offer adequate protections. Only a tenth offered an option to restrict release of personal information to third parties on the information collection forms themselves and a sixth of the sites analyzed (16.5%) stated that they reserved the right to pass consumer information to third parties for marketing purposes.

      Moreover, it appears that certain Web site proprietors are pursuing something of a hidden agenda in their privacy policy statements as well as the manifest agenda of the FTC. While complying with the guidelines in “confessing” their privacy invasions, many Web site proprietors use the opportunity to convince consumers to make voluntary disclosures and to submit to involuntary forms of privacy invasion. The present study found a sizable correlation between the intrusiveness of Web sites, defined in terms of the number of different ways they obtained and re-used consumer information, and the number of persuasive arguments about the benefits of disclosure that were offered (e.g., to obtain free or customized information) to justify the privacy invasion. This could mean that Web proprietors are trying to diminish the perception of privacy risks by offering counterarguments about the benefits of personal disclosures.  Distraction is another issue, the majority of sites with privacy policies had the main site navigation bar visible along side the policy statement and about a quarter carried ads on their privacy policy pages.

      Assuming that the statements made by sealed sites are true, and that the silence of unsealed sites on certain issues at unsealed sites leaves consumers vulnerable, what comfort is offered by a privacy seal? Visitors to sealed sites receive superior assurances mainly in handling privacy complaints, including the ability to review and correct erroneous information and having an established complaint procedure. Sites with seals also take greater note of data security, both during the consumer’s transaction and after.

      The present results fall short of a definitive evaluation of privacy seals, of course. We also need to know whether the information is in fact more accurate at sealed than unsealed sites, whether they are more responsive to consumer complaints, and whether consumers are persuaded by the seals or even take much note of them. However, based on the current research we might begin to question whether the seal programs as currently constituted are useful for the consumer. Perhaps motivated by the same Federal Trade Commission guidelines that underlie the recommended practices of the privacy seal programs, the unsealed sites generally follow the same practices and offer the same assurances as the sealed ones do.

      The seal programs might improve their utility for the consumer by standardizing the ways in which the information is presented. For example, advertising and distracting graphics might be banished from pages containing privacy statements. Terms might be standardized and a glossary offered by the seal authorities. The content and sequence of sections of privacy statements might also be further specified. We found wide variations in the organization of privacy statements, making it difficult to locate and compare policies. Consumers are often referred to corporate or “property-level” policy statements that are not specific to the information that they have been asked to supply. It is often difficult to determine which aspects of the policies apply to which portions of the site in question. In other cases, visitors were referred to third party sites that may have differing, and unmonitored, privacy policies. Above all, the practice of “counter arguing,” using the privacy statements to convince consumers to yield personal information, should be evaluated. If the personal benefits of supplying information are mentioned, perhaps the negative consequences (e.g., “your identity could be stolen”) should also be spelled out.

      Future research should attempt to examine the perception of seals by consumers. Are they being (mis)interpreted as signals that privacy is protected, rather than assurances that privacy invasion practices are what they appear to be? Does the counterarguing, distraction, and obfuscation evident in privacy statements affect consumer behavior?  These questions should be answered in making the Internet a safer place.

3.       conclusion

Web sites continue to make progress toward compliance with Federal Trade Commission guidelines for consumer notice, access, choice, and security. The presence of a privacy seal from either one of the two leading seal authorities indicates that the consumer will find statements about access to information and data security more so than at sites without seals. Otherwise, there are minimal differences between the policy statements of sealed and unsealed sites. However, sites participating in seal programs are more likely to request personal information from the consumer than non-participating sites. Across both sealed and unsealed sites, Web site proprietors are taking advantage of privacy policies to present persuasive arguments in favor of yielding personal information and the more invasive the site, the more persuasive messages that are presented. In addition to specifying the topics that should be covered in privacy policy statement, additional standards governing the format and presentation of privacy information might be considered.

ACKNOWLEDGEMENT

The authors would like to acknowledge the assistance of the following students in the first author’s research methods class for acting as coders for this project: Pinjia Liao, Myoun-Hee Kim, Younsung Kwak, Goro Oba, Jen-Yu Yang, Sang Min Park, Jeremy Radvansky, Murad Habibi, Seng Jun, Sunny Rana.

REFERENCES

Anton,A.I.,andEarp,J.B.,2001,ATaxonomyforWebSitePrivacyRequirements. NCSU Technical Report TR-2001- 14, 18 December 2001. Retrieved from the World Wide Web February 21,  2001.  http://www.csc.ncsu.edu /faculty/anton/pubs/antonTSE.pdf.

Atkin, C. and Block, M., 1983, Effectiveness of Celebrity Endorsers. Journal of Advertising Research,  Vol.       23 February/March, pp 57-61.

CEC (Commission of the European Community), 1995. Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data. Official Journal, L 281, pp 31-50.

Center for Democracy and Technology, 1999, Behind the Numbers: Privacy Practices on the Web. Retrieved from the World Wide Web January 5, 2003:  http://www.cdt.org/privacy/990727privacy.pdf

Chadwick, S.A. 2001, Communicating Trust in E-commerce Interactions. Management Communication Quarterly, Vol. 14, pp 653-658.

Cole, J. I., 2001, Surveying the Digital Future: Year Two, Los Angeles, CA: UCLA Center for Communication Policy, Retrieved from the World Wide Web on January 29, 2002: http://www.ccp.ucla.edu/pages/internet-report-2001.pdf

Cranor, L. F., Reagle, J. and Ackerman, M.S., 1999, Beyond Concern: Understanding New Users’ Attitudes About Online Privacy. AT&T Labs-Research Technical Report TR 99.4.3. Retrieved from the World Wide Web on December 10, 2000: http://www.research.att.com/resources/trs/TRs/99/99.4.3/report.htm.

Culnan, M. J., 1999., Georgetown Internet Privacy Policy Survey: Report to the Federal Trade Commission. Retrieved from the World Wide Web July 27, 1999:  http://www.msb.edu/faculty/cuinanm/gippshome.html.

Culnan, M. J., 2000, Protecting Privacy Online: Is Self-Regulation Working? Journal of Public Policy and Marketing, Vol. 19, pp 20-26.

EFF (Electronic Frontier Foundation), 2001, EFF Analysis of the Provisions of the USA Patriot Act. Retrieved from the World Wide Web January 5, 2003: http://www.eff.org/Privacy/Surveillance/Terrorism_militias/ 20011031_eff_usa_patriot_analysis.html

FTC (Federal Trade Commission), 2000, Privacy Online: Fair Information Practices in the Electronic Marketplace: A Report to Congress. Retrieved from the World Wide Web on September 25, 2000: http://www.ftc.gov

Foddy, W. H., 1984, A Critical Evaluation of Altman’s Definition of Privacy as a Dialectical Process. Journal for the Theory of Social Behavior, 14, 297-307.

Han, P. Maclaurin, A., 2002, Do Consumers Really Care about Online Privacy? Marketing Management, Vol. 11, pp 35-38.

Harris Interactive, 2002, First Major Post-9/11 Privacy Survey Finds Consumers Demanding Companies Do More to Protect Privacy; Public Wants Company Privacy Policies to Be Independently Verified. Retrieved from the World Wide Web on February 20, 2002: http://www.harrisinteractive.com/news/

Hoffman, D. L., Novak, T.P. and Peralta, M., 1999, Building Consumer Trust Online. Association for Computing Machinery. Communications of the ACM, Vol. 42, pp 80-85.

LaRose, R. (2001). On the negative effects of e-commerce:  A sociocognitive exploration of unregulated on-line buying. Journal of Computer Mediated Communication, Vol. 6. No. 3. Retrieved January 15, 2002 from the World Wide Web:  http://www.ascusc.org/jcmc/vol6/issue3/larose.html

Lee, L. T., and  LaRose, R., 1994.  Caller ID and the Meaning of Privacy.   Information Society, Vol. 4, pp 247-265.

Luo, X., 2002, Trust Production and Privacy Concerns on the Internet: A Framework Based on Relationship Marketing and Social Exchange Theory. Industrial Marketing Management, Vol. 31, pp 111-118.

Milne, G. and Rohm, A. J., 2000, Consumer Privacy and Name Removal Across Direct Marketing Channels: Exploring Opt-in and Opt-out Alternatives.Journal of Public Policy and Marketing, Vol. 19, pp 238-249.

Miyazaki, A. D. and Krishnamurthy, S., 2002, Internet Seals of Approval: Effects on Online Privacy Policies and Consumer Perceptions. Journal of Consumer Affairs, Vol. 36, pp 28-49.

Miyazaki, A. D. and Fernandez, A., 2001, Consumer Perceptions of Privacy and Security Risks for Online Shopping. Journal of Consumer Affairs, Vol. 35, pp 27-44.

NTIA (National Telecommunications and Information Administration), 2000, Falling Through the Net: Toward Digital Inclusion. Retrieved May 12, 2001 from the World Wide Web: http://www.ntia.doc.gov /ntiahome/fttn00/contents00.html

NTIA (National Telecommunications and Information Administration, 2002, A Nation Online: How Americans are expanding their use of the Internet. Retrieved October 23, 2002 from World Wide Web: http://www.ntia. doc.gov/ntiahome/dn/html/anationonline2.htm.

O'Neil, D., 2001, Analysis of Internet Users’ Level of Online Privacy Concerns. Social Science Computer Review, Vol. 19, pp. 17-3l.

Pastore, M., 1999a, Consumers Will Provide Information for Personalization. Retrieved from the World Wide Web February 21, 2002: http://cyberatlas.internet.com/markets/advertising/article/0,,5941_236141,00.html.

Pastore, M., 1999b, Consumers Fear for Their Online Privacy. Retrieved from the World Wide Web January 5, 2003: http://cyberatlas.internet.com/markets/retailing/article/0,,6061_228341,00.html.

Perfectly Private, 2001, Privacy Seals Revealed. Retrieved from the World Wide Web January 5, 2003, http://www.perfectlyprivate.com/newsresources_seals.asp

Petty, R. E., Cacioppo, J. T. and Schumann, D., 1983, Central and Peripheral Routes to Advertising Effectiveness: The Moderating Role of Involvement. Journal of Consumer Research, Vol. 10, pp 135-146.

Pew Research Center, 2000, Trust and Privacy Online: Why Americans Want to Rewrite the Rules. Retrieved from the World Wide Web on February 20, 2001: http://www.pewinternet.org/reports/toc.asp?Report=19.

Rosenfeld, L. B., 2000, Overview of the Ways Privacy, Secrecy, and Disclosure are Balanced in Today’s Society, In S. Petronio Ed., Balancing the Secrets of Private Disclosures. Lawrence Erlbaum, Hillsdale, NJ. pp 3-17.

Sheehan, K. B. and Hoy, M.G., 1999, Flaming, Complaining, Abstaining: How Online Users Respond to Privacy Concerns. Journal of Advertising, Vol. 28, pp 37-51.

SPSS, Inc., 2000,  SPSS for Windows, Version 10.1. Chicago, IL: Author.

TRUSTe, 2002, Privacy Seal Program. Retrieved from the World Wide Web January 5, 2003: http://www. truste.org/ programs/pub_how.html