Is Online Privacy Getting Better?

jeffy124 writes: "It appears marketers are finding that there's little value in stockpiling the personal info of web users. Either that or they're responding to the negative feedback of users. In a survey of 400 commercial websites, when compared with figures from a 2000 FTC study, more sites have more prominent and explanatory privacy policies, less carry third-party cookies, less collect personal info, and more use opt-in collection. The study was performed by the Progress & Freedom Foundation, and the full report can be found here." Note that the Progress & Freedom Foundation is an industry-sponsored group which generally favors a non-regulated online marketplace.

Well DUH...

[Chester+K]

Marketing information just isn't as valuable when everyone and their dog.com already has it.

Boo

[anti-snot]

Those are still pretty pathetic statistics... every time my email address is demanded (although it will never be used, whats the point in asking for it then??) I get rather irate... and those were discounted in this figure...

Opt-out vs. Opt-In

[ari{Dal}]

The company I work for uses opt-in newsletters (thank god) with a good removal system.

The result: less time and money spent on irritated customers who were spammed with information they didn't want.

When it comes to real, corporate business environments (note the qualification.. i'm not talking about fly-by-nights) the cost of opt-out mailing systems is too high. Someone has to go through all the irate emails sent to customer service to see if any have a valid message in them. That costs them money in terms of manhours, bandwidth, and storage (granted, the storage is cheap, but in today's economy, every penny is counted twice).

As someone who's actually opted in to a few mailing lists from companies I like (glenmorangie whisky for one) to get relevent information, I can tell you right now that I'm going to read what they send me, and that's what counts. Businesses don't want stats on how many emails you sent out. They want to know how many people actually read what they have to say. It's the eyeballs that really count.

Anything coming from a business I didn't specifically sign up for gets either a) deleted or b) forwarded to abuse@ for handling. Smart businesses are realizing that consumers are becoming more web-savvy, and opt-out is just not a good marketing practice.

Re:Opt-out vs. Opt-In

[ImaLamer]

Ever seen those Don Lapre tapes on TV?

That guy is actually great at marketing because he is still buying commercials to this day and he uses the same tricks on TV.

Seriously - he says to never spend more money than you have to. Opt-in makes sense because you aren't throwing cash down the drain.

[[I never bought that course! I did however get a chance to read a competitors course and it was supposedly the same exact thing. You can learn something if you've got a business or starting one but you can't GRQ. The stuff in the course is similar to the commercials - "Call within the next 5 minutes" - and using codes or coupon numbers you can track when and where your show was watched.]]

Re:Opt-out vs. Opt-In

[Freaky-Monkey]

I work for an email discussion list publisher of B2B lists. We have always used double opt-in and single opt-out. It's the only way to go, yet it continually amazes me how many (mostly business-oriented) publishers use single opt-in.

These publishers are usually money-hungry types who fear that "double opt-in will prevent my potential subscribers from successfully subscribing". In other words, they perceive their readership to be so dim-witted that a confirmation email would stump them.

Single opt-in lists are considered spam generating machines by everyone who matters in the industry (just give the SPAM-L list a read sometime), yet so-called legitimate publishers are using it to help their bottom line.

I actually had one extremely well-known marketer tell me, in the midst of an argument about this very topic, that "If I changed my company's policy to double opt-in - which would reduce our new monthly opt-ins by perhaps 50% - I would then lose substantial revenues."

The marketer went on to expand on this rationale, saying "PLUS, about half my readers are so sophisticated that they use either aliases, special autofolders, or special other accounts to handle email opt-ins. Sometimes they don't check their issues for weeks."

For the life of me I still don't know what "special other autofolders" and "special other accounts" means. But good thing these key subscribers didn't have any double opt-in road blocks -- now they can safely store unread messages from this key marketer in unknown "autofolders".

Spam keeps getting worse, publishers keep getting snakier, and the legit ones keep trying to stay out of the slime. Sometimes it feels like I'm trying to paint my house in the middle of rioting and anarchy in my neighborhood, if you know what I mean.

Oh yeah -- the reason I posted. You said:

Businesses don't want stats on how many emails you sent out.
They want to know how many people actually read what
they have to say. It's the eyeballs that really count.

Ahh.. yes, the "open rates". The biggest crock of shit to ever land in a marketer's bag of tricks. Don't get me started...

Commercial dialogue...

[tongue]

[reporter] do you have a privacy policy?
[company A] why of course. It is the policy of this company that all personal and private information is jealously guarded with utmost secrecy from the time of collection *cough*until*cough*we*cough*cough*sellit*cough*hig hest*cough*bidder*.
[company B] we collect no personal information on our website. we've found its much easier to buy mailing lists and any personal info we need off russian hackers whenever we need new credit cards^h^h^h^h^h^h^h^h marketing prospects. besides, its quite simple to buy information from Company A Media Promotions, Inc.

Terms and conditions

[pubjames]

I love some on the terms and conditions you find on the Megacorps websites.

This from the Disney site:

If, at our request, you send certain specific submissions (e.g., postings to chat, boards, or contests)[...] (collectively, the "Submissions"), the Submissions shall be deemed, and shall remain, our property. [...] Without limitation of the foregoing, we shall exclusively own all now-known or hereafter existing rights to the Submissions of every kind and nature throughout the universe and shall be entitled to unrestricted use of the Submissions for any purpose whatsoever, commercial or otherwise, without compensation to the provider of the Submissions.

This is a gem: we shall exclusively own all now-known or hereafter existing rights to the Submissions...

And I love that throughout the universe bit.

Re:Terms and conditions

[PhxBlue]

And I love that "throughout the universe" bit.

But they didn't specify whether they meant their universe, or the universe that the rest of us live in.

Re:Terms and conditions

[nolife]

Think about this scenario..
You upload some secret insider information via a sites web form. By contract, you have transferred all of your rights and gave the web site operator sole and exclusive rights to the data.
The web site operator takes this newly acquired data, formats it in a method consistent with the rest of their web pages, and then exercises their exclusive rights to the data and posts it on their public web site for all to see. Who is now responsible for this data? You or the web site operator who is the sole owner and has the exclusive rights to distribute it, and chose to distribute it? You simply xfered the rights over, they published it, not you.
Substitute insider secrets for porn, mp3's, source code, links to web sites, etc...

They are voluntarily taking ANY input, claiming all rights to it, and then publish it. I do not see how they could ever claim it is not their data, by contract, when you submitted it to them they took exclusive rights. I see nothing in the contract that states it is ours until the shit hits the fan and then we xfer it back to you.

Lies, Damn Lies and Statistics

[Joe+U]

My company has a hard enough time collecting accurate information from people who buy things from us. I'm amazed when I see someone ordering from our store enter an obviously fake phone number (111-1111) and email (nomail@4u.com) address. Strangely, these are the same people who complain that we don't contact them when something is wrong with their order.

Hard to believe

[snakecoder]

If this is the case, why is the amount of spam mail I am receiving going through the roof? I have to believe that mail lists are being sold through loopholes. What about the folks who have their own mail servers so they can have address like expedia@mydomain, amazon@mydomain, etc... What do you guys see?

Let's see if I got this right...

Ok, so an industry-sponsored group reports that the industry is doing well in regards to privacy. Well, and to think I was SO WORRIED before...but it's ok now. Whew!

File this under "F" for fertilizer.

Also in the file:
-Microsoft commissions benchmark study which concludes Windows is faster than Linux!
-Microsoft Claims Open Source Doesn't Work / Is Dangerous / Is Anti-business / Causes Tooth Decay
-Osama Bin Laden's Mom Says "Deep down, he's a really great guy."

something to keep in mind....

[jeffy124]

most of the sites they probably surveyed are the honest type. Places like Amazon, NY Times, even slashdot who need trust in their customers to keep them coming back. It's expected that these types of organizations will provide good/honest practices or else some people wont do business with them. Ever see a dishonest spamming organization that refuses to remove you from a mailing list survive?

Forms

[Kizzle]

Since few people actualy put valid info when subscribing to free web stuff, I think we are going to start seeing banner ads targeting 60 year old woman with 12 kids that make $900,000 a year. So screw privacy, be truthful on online forms.

No. It's worse.

[Dr+Caleb]

Anyone concerned about personal privacy must take drastic steps to avoid all the bots and spiders that are out there. Spammers war-dialing email addresses and sending HTML emails with 1x1 gif's that set cookies, thereby stealing my info...did you know that Netscape mail doesn't pay attention to HTML settings - "Do Not Accept cookies" - for HTML email?

For example, a couple months ago I started getting emails from M$ - a monthly MS Office newsletter. To my default account that I've had for 10 years without spam! Not to one of the disposable spam aliases..How? I never signed up for it! I don't use/like Office! And I've never never published that address! So I tried to "unsubscribe". The link (cause I'll be dammed if I'm sending them an email to verify my address from!) told me "You do not have a passport account..." Duhhhh!

So another one arrives today. Here is the link, sent to me from "0_28145_1E184A2F-7C3F-D111-9D3F-0000F84121EB_CA@N ewsletters.Microsoft.com". It said "You can manage all your Microsoft.com communication preferences from this site."

Aren't these unsubscribe things supposed to work? Yea, Yea, I'm not stupid enough to click on them from spammers, but from Microsoft? With all the scrutiny they are under right now?

p.s. - after I previewed this story - the link automagically changed from microsoft.com/misc/unsubscribe.htm to microsoft.com/info/unsubscribe.htm!! Interesting!

Not suprising

[Erik+Fish]

Are we supposed to believe that this couldn't possibly be caused by the bottom dropping out of the ad banner market?

Also "more prominent and explanatory privacy policies" does not make "more privacy". For one thing nobody reads them, for another they can be changed at any time (just like any other policy). Oh yeah, and there's nobody actually ENFORCING these things either. Privacy policies aren't worth the bits they're taking up.

Opt-in is key to survival!

[MS]

One of the e-commerce companies I'm consulting, uses opt-in for their mailinglist. Their CEO often tried to buy some of those million-address-cds, but I was successful in convincing not to do so: "The ISP will cut your line, hackers will DoS your servers and You will be out of business in less than a week!" I told him. Well, it helped: they are still in business since 1997.

Using opt-in, you won't collect millions of e-mail adresses, but it is easy to collect a few thousand in a short period. A few thousand of interested people.

Here some stats out of my experience:

• we sent no more than 2 e-mails a month
• 2,6% of the subscribers use unworking e-mail adresses - we mark them as invalid
• 8,3% of the subscribers have unsubscribed
• after sending news about some promotion to our subscribers, orders triple for about 2 days
• if the promotion lasts for a week, most will order on the last day

My advice: use opt-in if you want to make real money.

ms

They have not found the right mix

[moankey]

They have the info but dont know what to do with it. Im sure eventually a smart company will come as the sheepherder and point them in the right direction.

Telemarketers, TV / Radio advertisers took some time to learn too but eventually got it down to a science. Im sure these online advertisers will too, its only a matter of time.

P3P

[5p1d3r]

With a 30% market share now IE 6.0 is another driving force behind this trend. At the high privacy level IE 6.0 will not accept cookies from any site without a compact P3P privacy policy. Locking out such a potentially large segment of users will make you hurry things up. I know a lot of our ECommerce clients are suddenly moving very quickly in this area because of IE 6.0.

Re:P3P

[ShadeEagle]

IMO, this is one of the good things about IE6... I already liked the fact that it has SOME features in this field... the fact that it is causing other businesses to stand up and take notice is a definite bonus. Good privacy policies benefit us all. (Course, we already KNEW that, but the point is businesses are realising this.)

Course, (and this will probably prompt some to spend some valuable mod points) I've had nothing but great experiences with IE6... the fact that it has a 'delete cookies' button was the first addition I noticed, and liked. IE6 is a really good browser, at least for the better part. Nothing's perfect, as we all know, but IMO, finally Microsoft's starting to get there with their browser.

(Yes, Mozilla has good features in this regard too. But Mozilla often crashes on my system. This is not Pro-IE Anti-Moz. I like Mozilla too. In this case, I just HAPPEN to prefer IE.) (sees more people using their mod points to silence this one ^_^)

I'd also like to note that I de-integrated IE from Windows... so my main thing is - hopefully they'll make Windows run as nice.

Just my $0.02CDN.

banner grammar

[realgone]

Twelve kids, each making $900,00 a year? Let's see... that's $10.8 million?!?! Hell, what company wouldn't want to target that 60-year-old woman with its banner ads?

I agree

[rhizome]

Privacy policies are not there to guarantee your privacy, they are used to tell you how little you have. The tone is invariably one of agression: "This is what we will do with your information, like it or lump it. P.S. We will change this if we want."

Problem solved

[3ryon]

Perhaps it's due to the torrent of SPAM mail we've already received over the past five years all internet users now have a larger penis, bigger breasts, five degrees, and are independently wealthy, oh and a gaggle of uninhibited teens who take it off 'just for me.'

Results are in

[4of12]

Direct marketing organizations, after years of probing and cross correlating data on consumers buying habits, etc. have come to the conclusion that predicting consumer behavior is like predicting which clump of grass a sheep will go after next.

"Most of the time we're pretty close to being right, but some of the time the consumer just raises his head says Baaaaa!"

It's just not providing the expected ROI.

No kidding

[0xA]

I always got a kick out of places that would try and collect you name adn address for no good reason. I guess some marketing dweeb actually looked at thier DB and decided that this wasn't valuable

Name: Freddy Fukerfaster
Address: l1234 Rodeo Drive
City: Beverly Hills
State: CA
Zip: 90210
Sex: Female
Age: 142
Phone: (111)222-3333

I know I'm not the only person that does this. When I had to sign up on Sun's site to d/l the JDK I actually entered "Scott McNealy" with Sun's Headquaters address and Phone #. The amount of work involved in weeding all the garbage in the DB makes it worthless.

Unless someone needs my address for billing or shipping they are not going to get it.

Privacy statements...

[dasmegabyte]

Are totally worthless. How many of them have a small clause at the bottom that says "this statement is not a guarantee, we reserve the right to change our minds and alter it at any time without telling you." How many simply say, in fancy legal language, "yeah we're still gonna sell everybody your email address, but it's private. like, we won't tell people on the street without them paying us first."

The only real privacy on the internet is the privacy we give ourselves through subterfuge, care, and lying outright.

Re:No. It's worse.

[Dr+Caleb]

That's what flames me! I never did subscribe to anything MS! How did they get the only address I've never published?!?

Especially following that link to try to sign up passport to remove yourself from passport, and it says "Upgrade your browser to something current". I have the most current version of Konquerer ;-).

Re:Yet MS...

[Moonshadow]

but giants such as MS are still collecting information.

...or, at least they would be if I wasn't blocking that information from leaving my computer with my firewall!

Re:No. It's worse.

[throwaway18]

You could try forging a bounce message from: Mailer-Daemon@yourdomain.

You can usually just change your email address in your mail client though there are a few ISP's don't allow outgoing email with a from line that isn't the users assigned mailbox.

Alternativly just deliver it straight to port 25, as per example;

RFC2821
me@vax:~ > host -t MX Newsletters.Microsoft.com
Newsletters.Microsoft.com mail is handled (pri=10) by Newsletters.Microsoft.com
me@vax:~ > telnet Newsletters.Microsoft.com 25
Connected to Newsletters.Microsoft.com.
220 newsletters.microsoft.com Microsoft ESMTP MAIL Service, Version: 5.0.2195.4905
HELO mydomain.com
250 newsletters.microsoft.com Hello [62.64.219.7]
MAIL FROM: Mailer-Daemon@mydomain.com
250 2.1.0 Mailer-Daemon@mydomain.com....Sender OK
RCPT TO: 0_28145_1E184A2F-7C3F-D111-9D3F-0000F84121EB_CA@Ne wsletters.Microsoft.com
250 2.1.5 0_28145_1E184A2F-7C3F-D111-9D3F-0000F84121EB_CA@Ne wsletters.Microsoft.com
data
354 Start mail input; end with .
Subject: Mail delivery failed: returning message to sender

This message was created automatically by mail delivery software (Exim).

A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed:

username@mydomain.com
SMTP error from remote mailer after RCPT TO::
host mydomain [192.100.1.81]: 550 Unknown local user 'username'
.

note the empty line to seperate the subject from the body.