Slashdot Mirror
North American Corporate Privacy Comparison
Scooter[AMMO] writes "The Toronto Star has published an article on a study comparing the way companies protect the privacy of their customers, which is surely a topic of interest to most /.'ers. Choice quote: 'The study, the first to compare the corporate privacy practices of comparable Canadian and U.S. firms, found that Canadian businesses see their privacy practices as an opportunity to improve relations with customers, while their U.S. counterparts viewed privacy measures more as a way of complying with legislation and avoiding civil lawsuits.'"
Most American companies are too thick to treat the consumer with respect as a route to profit, rather than squeeze them for all they have.
It's an attitude thing, OK maybe not geo-specific, but it's prevailant in a profit driven world.
In the United States, "It's all about complying with the law, which may or may not have any bearing to people," said Ponemon. "In Canada, I got the sense that they thought it was just the right thing to do."
Isn't that exactly why we have laws in the first place, to set up penalties for not doing the 'right thing?'
The privacy issue of customers and employees alike takes an interesting spin when you factor in outsourcing. Suddenly, all of your personal data is in someone's database overseas. That's ok, until there's a political problem. When you have a government who doesn't give a rat's butt about privacy laws in other countries, and someone decides to sell your data, you're screwed.
Be excellent to each other. And... PARTY ON, DUDES!
Indeed, 61 per cent of surveyed Canadian companies linked "good privacy practices" to customer trust and brand loyalty, compared to only 17 per cent of U.S. companies.
Maybe it's different in Canada, but there's a reason only 17% of US companies think that - because people around here just don't care! Sure, we complain about spam and junk mail, but how many people do you know (that don't read Slashdot!) actually care about their privacy at all? I'd say less than 10%. Look at how people react to invasions of privacy by the government ("It's for our protection!") and by companies ("Hey, if I use this card who cares if they track my purchases, I saved $2!"). They just don't give a damn!
Is it possible that Canadian citizens care more about privacy, making it make more sense for Canadian corporations to value privacy more?
As a student and part of business school is learning about ethical/privacy concerns. I go to a private, Catholic university that's good about ethics and doesn't over do the religion, so they very good about posing ethical/moral decisions on students. Part of the studies is to recognize international/other nation's attitudes and expectations. On what I've seen, Europe is a far more private and "American" than the U.S. The U.S. business attitude is "ok, we have to comply, but how far can we push this?" Not Europe's, "hmm, is this good for our consumers?"
Sad, really.
Bel, the mostly sane.. "Of course I can't see anything! I'm standing on the shoulders of idiots." -- Me
When your medical/financial records are sent to god knows where for whatever reason, your: Name, DOB, SSN, and address are sent along with it. Everything a crook/terrorist needs to steal your identity and cause havoc.
There was this study that most identity thefts are an inside job. Mostly from financial and medical firms. Identity Theft
This is a classic example of where laws regarding corporations are only abided by because breaking them is illegal, not because they feel compelled to be honest like most hard working people.
Canada has laws against using aluminum to distribute consumable products like FOOD. Aluminum pans are not used in Canda. This is all due to research done years ago linking the build up of aluminum in the human brain to neurological problems like Alzheimers.
But then again, Canadians benefit from socialized medecine. It just doesnt make sense for their government to allow companies to distribute aluminum with food because they will only have to pay for the medical bills and medications of those adversly affected in the long run. Or is it because they are nice?
No laws like that here. Hell you buy enough different kinds of food that comes in aluminum containers to last you a lifetime if thats all you ate. You'd probably be a blithering idiot by the time you were 45, but who cares? Just get someone to stand in line for you at the medicare office, and take up a part time job at McDonalds to pay for the rest of the expenses.
Something is really really wrong with this picture. In a day and age where corporate rule and well being in "the greatest country in the world" is held is such high regard over the well being of the general populace, its a small wonder that nothing short of apathy sweeps the minds of those who stumble upon someone so informed and opinionated.
"I cant change this by myself and all I want to do is make a good life for my family and live another day.." is by and large the mantra of working heads of households. But this is under the guise that tomorrow there will be the right to do what you can for your families. Slowly but surely everything from what you eat and how you eat it to where you live and what you see on the internet is under less and less of your own control.
Welcome to America, take a number and sit the fuck down.
You are about to give someone a piece of your mind, something which you can ill afford...
Given the US's past (present and future) trend towards rampant, unbridled, unhindered, wanton capitalism, it should be entirely obvious why this is the case. Legislation that serves the public interest scarcely serves the corporate interest. Now, this would not be a problem if it weren't for one deciding factor that turns a capitalist into a member of the capitalistas: the stock market.
The stock market has corrupted the entire concept of free market and free trade, not supported it. It's a legalization of sleaze. Where else can somebody take an ethically deplorable action, such as firing thousands to inflate quarterly profits, and be rewarded with unimaginable riches by the shareholders?
Capitalism is great, but this neo-fascist capitalist-inspired plutocracy has got to go.
I just tried to call the number and it was busy. Certainly feel free to verify any information regarding this. (Google cache of State of NJ website listing this and other methods). I only wish that I could end "CAR RT SORT" mail from getting to me. All I do is toss out dozens of circulars per week. A waste of paper and time.
Small potatoes make the steak look bigger.
I do not believe the average American consumer believes any company is going to "do the right thing" without some sort of legal force behind it. And even then, it will be a question of risk vs. benefit.
So the Canadian company that believes having some extensive privacy statement and following it closely will net them better customer relations is deluding themselves. Similarly, an American company that does not have as extensive a committment to privacy - and perhaps actually does not provide as much "real privacy" to customers is likely operating in an environment where spending more dollars on "improving privacy" is a waste of time and money. In either case, the majority is likely to assume whatever they say, they are lying. What ever they claim to be doing, they are doing whatever they need to do. Period.
Now, it would be nice if there was some organization that actually investigated privacy practices and reported on them. Unfortunately, what we have is membership-based organizations where you pay a fee and get to put a logo on your web page. Does this come with any follow through, education, training or publicity? No. You have a logo on your web page. This pretty much tells the consumer nothing but it does look nice.
I'm afraid that my experience of American companies means that I don't trust them any more. Sorry, but that's the case. Three times now I've been involved in deals with American companies where the American company has betrayed one of their European partners, just to make a fast buck, including one case which financially ruined one of my clients.
You should do the right thing just because it is the right thing to do, not because it's the law or so you don't lose customers.
I wsa in a meeting with some marketing people about designing our ecommerce site. To make a long story short, the marketing guy says "We need to collect personal information from our customers."
Me: "Why? We're not doing any marketing studies."
Marketing guy: "Someday, we may need it."
A lot of this has do with the magical thinking that collecting as much information on your customers leads to better business decisions. Most of the time, I see these folks collecting so much data that they don't have a clue what to do with it.
Yes. It borders Canada.
I'm in the hole of the broadband donut.
"It could be that (U.S. companies) feel what they're doing is more than adequate and just as protective of the customer."
with this passage from a MetLife insurance application (printed entirely in bold in the original, emphasis mine):
We may use what we know about you in order to offer you our other products and services. We may disclose this information (other than consumer reports and health information) to our affiliates so that they can offer their products and services, or ours, to you. By law, we don't have to let you prevent these disclosures. Our affiliates include life, car and home insurers, securities firms, broker-dealers, a bank, a legal plans company and financial advisors. In the future we may have affiliates in other businesses.
~~~~~~~
"You are not remembered for doing what is expected of you." - Atul Chitnis
I'm sure most people's main privacy concern is companies selling their information (primarily just name and number) to telesales firms. I have to wonder why they do this. Look at the numbers;
There are very few monthly services that cost less than $10 per month. Usually that's over a minimum 12 month term, so that means that for each customer,the company will make $120.
In addition to this, they can sell the customer information for about 1 cent per name. They might even be able to find 100 companies to sell it to. Is that dollar really worth it? Wouldn't a promise never to sell a customer's details be worth more to the customer?
No science plus lots of anecdotal evidence leads people to very, very wrong conclusions. And, in places where the "Greens" have more political clout you get laws passed that codify bad science into rules that people think are grounded in something. In nearly all cases this is made-up nonsense from purely anecdotal hearsay.
I work in a library. It took me 2-3 months of constant bugging to get our privacy practices posted on the web. The first reponse we got back from legal council was that, and I quote, "The policy is somewhat that we don't post notices about the law." (the USA PATRIOT Act being the law in question)
Oh well, next up is getting us to admit to the public that we have video cameras installed....
Why do Canadians do things to distance ourselves from the US? We just don't agree all the time. That's acceptable, right? We didn't want to go to war, you guys did, so we each did our own thing. In Canada, the emphasis is on the community, not the individual - the greater group decided that we didn't want to go to war, so we didn't as a group. In the US, everything is geared towards individuals, so the people that wanted to go to war (i.e. politicans, soldiers) did, whereas the ones who didn't (i.e. Michael Moore ;) ) protested. They're just different systems, that's all. This is a gross generalistion, of course, but it gives you a basic idea.
Disclaimer: I am not a troll. Promise!
Condemnant quod non intellegunt.
As a Canadian I would like to help debunk the myth of Canadians as so much "nicer" than Americans.
We have a habitual need to publish smarmy, self-serving articles about our superiority to our chums down south. We pollute less (wrong), we're more environmentally aware (wrong), there's no racism (wrong), we don't have crime (wrong), we're clean (wrong - come to Toronto sometime and sample one of our many fine street corner garbage tornados, sewer reeks and impromptu construction debris dumps), our health care is great (wrong) , our brains are bigger, our dicks are smaller but they're magical so it doesn't matter, the sun shines out of our arseholes to warm the entire world, blah blah blah.
OK, with the context firmly in place, I've worked in two places since the recent privacy acts have some into force and I'm sorry, it's just a bogus bogus bogus self-serving, lie to state that Canadian companies are motivated more by a desire to have "better customer relationships" than by a desire to avoid litigation. Don't make a mistake, this is an opportunitiy for lawyers to scare companies into paying them consultant fees and that is exactly what is happening. Where I've worked (insurance industry) it's been jumping cats trying to avoid doing anything with personal info that could cause lawsuits. Shredders are working overtime. Policy and procedure documents are sprouting like mushrooms. All inititatives are led by lawyers and all the executives have to say is "don't get us sued". Not "we find this a tremendous opportunity to serve our beloved clients" but "We abuse our customers and they hate us. We can't give them a chance to sue us because they will. For god's sake, don't get us sued!!! Please!!!"
Just like in the US, the successful businesses in Canada are those which lie, cheat, and abuse their customers.
The reason American companies don't care about customer privacy is because consumers don't care. And consumers don't care because they expect the government to protect them from everything. If people wake up, realize that they need to make decisions rather than legislating everything and criticizing "evil big business", maybe businesses would actually have an opportunity to improve the bottom line by improving privacy standards. As of right now, that's a fallacy in the minds of the average slashdotter.
"Europeans think 100 miles is a long distance
Americans think 100 years is a long time"
Most companies aren't going to do anything about guarding privacy until they get bitten.
A former employer is in the data management business. The data consists of a global set of individuals & certain information about them, including, for some US individuals, their social security number, as well as address info. When I left we were not yet collecting credit card data, but the possibility of doing so in the future existed.
At a corporate level, and as far as clients know, data security / privacy is contractually guaranteed. But the reality is that servers & desktops with all their data are unsecured (physically). Sure, the production machines are all in a secure location, but the data also exists in testing databases, test plans (i.e. documentation), developer databases, developer hard drives, etc. There was absolutely no effort whatsoever to protect the privacy of the individuals' data. We had no visibility to what level of confidentiality our clients' promised their customers, so we made no effort to meet their privacy requirements - which I would presume to be more strict than ours, as some clients were non-US companies.
At one point, a potential client sent a security audit team to our facilities to verify that we met their requirements. For that day, we locked the door to the server room, but otherwise left it open for maximum airflow. (too many systems in a closet designed to house a phone system) In any case, all their data was on the harddrive in my development box anyway, a system sitting on the floor about 8 feet from the back door to the office. A setup that I imagine would hardly have passed their audit, had they asked. That hard drive contains hundreds of thousands of individuals, their addresses and clear-text user ids & passwords to some websites. Since we all know that most users are lazy and use the same password for multiple purposes, the information on that system could be extremely valuable to certain people.
In the face of all this, management expressed essentially no concern for privacy of those individuals, or the potential liability associated with the lack of security.
I work for a large multi-national financial services company, and we have long been aware how much more stringent the laws are in other jurisdictions. (This is not exactly news.) However, the interesting thing is that there has been a clear trend over the last few years towards increasingly stringent regulations in other countries too. So, the net effect is that the US is slowly being surrounded by laws that are more privacy friendly than those in the US. (Hard to be *less* privacy friendly than the US, generally speaking.)
As companies like mine get more and more forced to adopt practices that conform to the most restrictive of these various bits of legislation, we are tending more and more to say "To Hell with what you can do in the US, we'll just go with something much more like Germany's". Of course, this tendency is only exerting leverage on multi-nationals, but that is a significant chunk of the companies that we all do business with, so who knows?...
"The time is always now" - Victor