Slashdot Mirror
North American Corporate Privacy Comparison
Scooter[AMMO] writes "The Toronto Star has published an article on a study comparing the way companies protect the privacy of their customers, which is surely a topic of interest to most /.'ers. Choice quote: 'The study, the first to compare the corporate privacy practices of comparable Canadian and U.S. firms, found that Canadian businesses see their privacy practices as an opportunity to improve relations with customers, while their U.S. counterparts viewed privacy measures more as a way of complying with legislation and avoiding civil lawsuits.'"
As a student and part of business school is learning about ethical/privacy concerns. I go to a private, Catholic university that's good about ethics and doesn't over do the religion, so they very good about posing ethical/moral decisions on students. Part of the studies is to recognize international/other nation's attitudes and expectations. On what I've seen, Europe is a far more private and "American" than the U.S. The U.S. business attitude is "ok, we have to comply, but how far can we push this?" Not Europe's, "hmm, is this good for our consumers?"
Sad, really.
Bel, the mostly sane.. "Of course I can't see anything! I'm standing on the shoulders of idiots." -- Me
And what is bad about this? The vast amount of people I know simply don't care that some company knows what kind of toothpaste I buy, when I swipe my VISA card, or other minutiae.
If consumers don't care, why should corporations? If privacy was such a big factor in doing business with them, I'm sure corporations would make a bigger issue of it.
How many people actually take the time to view privacy statements and policies? I don't. As long as I know they have one, that's enough for me and most consumers.
Slashdot Moderation: From positive to terrible in 2 "insightful" posts.
Given the US's past (present and future) trend towards rampant, unbridled, unhindered, wanton capitalism, it should be entirely obvious why this is the case. Legislation that serves the public interest scarcely serves the corporate interest. Now, this would not be a problem if it weren't for one deciding factor that turns a capitalist into a member of the capitalistas: the stock market.
The stock market has corrupted the entire concept of free market and free trade, not supported it. It's a legalization of sleaze. Where else can somebody take an ethically deplorable action, such as firing thousands to inflate quarterly profits, and be rewarded with unimaginable riches by the shareholders?
Capitalism is great, but this neo-fascist capitalist-inspired plutocracy has got to go.
I wsa in a meeting with some marketing people about designing our ecommerce site. To make a long story short, the marketing guy says "We need to collect personal information from our customers."
Me: "Why? We're not doing any marketing studies."
Marketing guy: "Someday, we may need it."
A lot of this has do with the magical thinking that collecting as much information on your customers leads to better business decisions. Most of the time, I see these folks collecting so much data that they don't have a clue what to do with it.
Oddly enough, as soon as this happens, complying with the law suddenly becomes more important than even thinking about what the Right Thing might be, and Doing The Right Thing falls completely off the radar. Funny, that.
:)
Privacy: It's dead. You have none. Get over it.
In America.
As it points out in the article, in Canada we have a privacy act that does define legally what the private can and cannot do regarding personal data.
And yet, contrary to your theory, the Canadian companies surveyed are the ones doing the right thing, and the US ones are the ones who are worried about what they can get sued for.
So I guess we are just nicer up here
The thing is, the government here is actually pretty pro-active here when it comes to enforcing privacy rules (and a lot of other rules that are good for us, but might be ignored if simply left to the masses to enforce by "voting with their dollars"). So it doesn't matter if most people don't care - the government cares enough to ensure that it is done. And that way, I get my privacy even though most others may or may not care.
But that's COMMUNISM! We can't have that! The government meddling in private affairs.. that's the PATH OF EVIL!
Bah. I love this country, and I love what it does for its people. I'm an immigrant that came to the US in 1990. I lived for 9 years in the US, in many different areas (California, Ohio, Louisiana, Washington), and 5 years in Canada. There's a reason I became a Canadian citizen, and never attempted US citizenship.
-Laxitive
While I see your point about law stopping people from considering right and wrong, I take issue with the claim that there are market incentives to Do The Right Thing in the absence of law.
I think there are market incentives to get your market hooked and charge them repeatedly for no real reason. To form monopolies, and gouge customers for all the money you can.
Consider Microsoft. Not that I think the antitrust situation has been all that hard on them, but would they really be a pinnacle of morality if they didn't have anything to face up to? Consider Walmart. Last I checked, it wasn't a legal requirement to undercut everybody's prices until you're the only business in town. As such, it's probably market incentives that made them do it. Repeatedly.
While customers probably SHOULD get pissed off and leave companies that do this, customers are frequently far too short-sighted to look past the lowest current price, if they're even aware enough to look at it.
"It could be that (U.S. companies) feel what they're doing is more than adequate and just as protective of the customer."
with this passage from a MetLife insurance application (printed entirely in bold in the original, emphasis mine):
We may use what we know about you in order to offer you our other products and services. We may disclose this information (other than consumer reports and health information) to our affiliates so that they can offer their products and services, or ours, to you. By law, we don't have to let you prevent these disclosures. Our affiliates include life, car and home insurers, securities firms, broker-dealers, a bank, a legal plans company and financial advisors. In the future we may have affiliates in other businesses.
~~~~~~~
"You are not remembered for doing what is expected of you." - Atul Chitnis
I'm sure most people's main privacy concern is companies selling their information (primarily just name and number) to telesales firms. I have to wonder why they do this. Look at the numbers;
There are very few monthly services that cost less than $10 per month. Usually that's over a minimum 12 month term, so that means that for each customer,the company will make $120.
In addition to this, they can sell the customer information for about 1 cent per name. They might even be able to find 100 companies to sell it to. Is that dollar really worth it? Wouldn't a promise never to sell a customer's details be worth more to the customer?
I work in a library. It took me 2-3 months of constant bugging to get our privacy practices posted on the web. The first reponse we got back from legal council was that, and I quote, "The policy is somewhat that we don't post notices about the law." (the USA PATRIOT Act being the law in question)
Oh well, next up is getting us to admit to the public that we have video cameras installed....
Why do Canadians do things to distance ourselves from the US? We just don't agree all the time. That's acceptable, right? We didn't want to go to war, you guys did, so we each did our own thing. In Canada, the emphasis is on the community, not the individual - the greater group decided that we didn't want to go to war, so we didn't as a group. In the US, everything is geared towards individuals, so the people that wanted to go to war (i.e. politicans, soldiers) did, whereas the ones who didn't (i.e. Michael Moore ;) ) protested. They're just different systems, that's all. This is a gross generalistion, of course, but it gives you a basic idea.
Disclaimer: I am not a troll. Promise!
Condemnant quod non intellegunt.
The FBI can verify when/where he bought the needed supplies to start a home making bomb 'project'
His wife can find out that he bought a 12 pack of condoms at the time he was suppose to be at work...and she never saw these
These are things that should not be tracked, ever! We don't want someone going to jail over such 'evidence'!
MY privacy has been compromised! They know that I'm a drunken explosives expert adulterer!! The humanity!!
"Some things have to be believed to be seen." - Ralph Hodgson
When there's no law, there are market incentives to Do The Right Thing. (If you fail to Do The Right Thing, your customers get pissed off and leave.)
Ideally, yes. However, this assumes that the consumer cares or is even informed enough to make a judgement call about caring. A lot of times, this just isn't the case. Ideally again, laws help shore this up. But as you pointed out, law is far from being perfect. However, it DOES add another check point, and a very important one at that. I would trust the elaborate system of checks and balances for the law over the assumption that people will do the right thing.
As a Canadian I would like to help debunk the myth of Canadians as so much "nicer" than Americans.
We have a habitual need to publish smarmy, self-serving articles about our superiority to our chums down south. We pollute less (wrong), we're more environmentally aware (wrong), there's no racism (wrong), we don't have crime (wrong), we're clean (wrong - come to Toronto sometime and sample one of our many fine street corner garbage tornados, sewer reeks and impromptu construction debris dumps), our health care is great (wrong) , our brains are bigger, our dicks are smaller but they're magical so it doesn't matter, the sun shines out of our arseholes to warm the entire world, blah blah blah.
OK, with the context firmly in place, I've worked in two places since the recent privacy acts have some into force and I'm sorry, it's just a bogus bogus bogus self-serving, lie to state that Canadian companies are motivated more by a desire to have "better customer relationships" than by a desire to avoid litigation. Don't make a mistake, this is an opportunitiy for lawyers to scare companies into paying them consultant fees and that is exactly what is happening. Where I've worked (insurance industry) it's been jumping cats trying to avoid doing anything with personal info that could cause lawsuits. Shredders are working overtime. Policy and procedure documents are sprouting like mushrooms. All inititatives are led by lawyers and all the executives have to say is "don't get us sued". Not "we find this a tremendous opportunity to serve our beloved clients" but "We abuse our customers and they hate us. We can't give them a chance to sue us because they will. For god's sake, don't get us sued!!! Please!!!"
Just like in the US, the successful businesses in Canada are those which lie, cheat, and abuse their customers.
Look at how people react to invasions of privacy by the government ("It's for our protection!")
Who is 'they'? I know no one that would react to an honest-to-god "invasion of privacy by the government" in the manner you describe. So either you made up this reaction, or what you consider an invasion of privacy differs from most.
and by companies ("Hey, if I use this card who cares if they track my purchases, I saved $2!"). They just don't give a damn!
OK, I see it was the latter... you just have a different definition of "invasion of privacy."
If a company wants to offer someone discounts in exchange for tracking what groceries they buy, that is not an invasion of privacy, that is a business arrangement. Therefore I am not going to dismiss those people as "not giving a damn." They do give a damn -- they value discounts over the privacy of their grocery purchases.
Perhaps they, like I, don't give a shit if the local grocer knows that someone at my address buys cereal and milk twice a month.
If the tinfoil crowd would save their privacy rage for things that actually matter (such as financial institutions sharing your information), then maybe some of the boneheaded companies would Do The Right Thing.
As it is, there are plenty of American companies out there that are good citizens. However, the tinfoil crowd, and the Candians, are not going to focus on them because it doesn't sell papers.
Ironically, the word ironically is often used incorrectly.
This certainly describes Canada more than the U.S. The Canadian government meddles much more in private business affairs.
The reason American companies don't care about customer privacy is because consumers don't care. And consumers don't care because they expect the government to protect them from everything. If people wake up, realize that they need to make decisions rather than legislating everything and criticizing "evil big business", maybe businesses would actually have an opportunity to improve the bottom line by improving privacy standards. As of right now, that's a fallacy in the minds of the average slashdotter.
it takes time.
Imagine scenario when some outsourced personal data will surface on a website in some 3rd world country. It is only matter of time before it happens. Public outcry will be enormous.
I noticed Americans have been distancing themselves from Canadians since Canada said "No" to participating in the ousting of Saddam. Kinda like the way they felt about France, but not to the same degree.
;), and one of the first things he said was "No other country takes so much pride in not being American as Canada does." ;)
We're all Americans.
When Canadians say 'we're not Americans', it's not that we are saying that we're not "North Americans", but instead we're saying we're not United States AMERICANS. Not sure why, but Canadians have always made great effort to distance themselves from being American. Canadians take pride in not being Americans.
I was watching the Just for Laughs comedy festival in Montreal and some American comic came on stage. His skit was mainly comparing Canadians to Americans (Canadians love when Americans talk about us
Most companies aren't going to do anything about guarding privacy until they get bitten.
A former employer is in the data management business. The data consists of a global set of individuals & certain information about them, including, for some US individuals, their social security number, as well as address info. When I left we were not yet collecting credit card data, but the possibility of doing so in the future existed.
At a corporate level, and as far as clients know, data security / privacy is contractually guaranteed. But the reality is that servers & desktops with all their data are unsecured (physically). Sure, the production machines are all in a secure location, but the data also exists in testing databases, test plans (i.e. documentation), developer databases, developer hard drives, etc. There was absolutely no effort whatsoever to protect the privacy of the individuals' data. We had no visibility to what level of confidentiality our clients' promised their customers, so we made no effort to meet their privacy requirements - which I would presume to be more strict than ours, as some clients were non-US companies.
At one point, a potential client sent a security audit team to our facilities to verify that we met their requirements. For that day, we locked the door to the server room, but otherwise left it open for maximum airflow. (too many systems in a closet designed to house a phone system) In any case, all their data was on the harddrive in my development box anyway, a system sitting on the floor about 8 feet from the back door to the office. A setup that I imagine would hardly have passed their audit, had they asked. That hard drive contains hundreds of thousands of individuals, their addresses and clear-text user ids & passwords to some websites. Since we all know that most users are lazy and use the same password for multiple purposes, the information on that system could be extremely valuable to certain people.
In the face of all this, management expressed essentially no concern for privacy of those individuals, or the potential liability associated with the lack of security.
Coming out of working at a call center for B C&G Wireless(Name mispelled to protect the "innocent") This was precisely the case. We all busted ass working with constricting rules(calls had to be under 5 minutes and still result in x number of contract renewals, you couldn't say to the customer the truth about outages in both the wireless network and the systems[everything was was always "Updating"],jackhole policies each month[like sticking a Regulatory Programs Fee while still fighting Line Number Portability and then screwing that up], and last but not least, wonderful employee policies[we got a bonus every quarter and a value share bonus every year, and if you weren't actually employed on the day they give out the bonus, you are screwed.) I'm glad I did get out of there and now I try to warn away potential customers so they won't have to deal with the crap I had to shovel on people. Plus, alot of reps took the easy way out and just started lying(like most of the High Scoring Call Centers did.) Just my two cents.
"Do you suppose that's why God lives in the Heavens? Because he lives in fear of His creations?" - Steve Buscemi
>I think it is geo-specific. Fuck the customer
>in every way possible, and make sure they
>don't find out.
Tell me about it. I'm a Canadian and I was dealing with an American company last year. Then I started getting junk mail with the address munged in a way that only they did, so I know it was them.
No big deal, you say? They were my fucking *employer*. The address was just like it was on my pay stub envelopes. Bastards.
TO be specific, at Sprint all sensitive data was put in a "Shred Bin". This meant anything from customer address, phone numbers and info to detailed network drawings with server names, IP addresses and such. Going to a small company, we have invoices dating back a half dozen years with credit card numbers in an unlocked filing cabinet. How many small companies expose their customers' data through oversights like this? I would suspect the number is staggering. Most businesses really just don't think about it because they think, 'Well its been OK for years'. Kinda like leaving the front door unlocked. You may be OK for a dozen years but all it takes is one felon escapee jiggling your front door to change your world.
Now the small company I work for has policies in place. We shred sensitive data, lock up dead-tree with customer info, etc.
Just a different prespective I haven't seen someone post yet.
John