Ethical and Online Privacy Issues in Electronic Commerce

Eileen P, Kelly and Hugh C. Rowland

I n January 28, 1999, Intel Corporation, the w(Md's largest compute r chip maker, an- nounced that it wou ld change utility soft-

ware f<n its new Pent ium III chips to allow con- sumers t() pe rmanen t ly switch off" the user-identi- fication features built into those chips. Previously the software had let users switch off the identifi- catkin feature, but the technology wou ld turn it back on each time the compute r was restarted. By default, the chip wouM transmit its unique serial n u m b e r internally and to Web sites that reques led it t(~ help verify a user's identity.

lntel's c(mcession came only hours after a boycott was a n n o u n c e d in Washington by three privacy groups: Electronic Privacy Information Cemer, Junkbusters , and Privacy International. Intel de fended its user-identification chip on the gr~mnds that it enhanced security on compute r nenvorks. Critics, however, saw the technology as enatfling Web sites and merchants to compile electronic dossiers on customers and their trans- acl i(wis.

In another highly publicized controversy over online privacy, GeoCities entered a sett lement with the Federal Trade Commission (FTC) in August 1998 under which the c o m p a n y agreed to change the way it collects and distributes infor- mati~m about its more than two million custom- er,',, especially children under 13. The GeoCities sett lement represented the first enff)rcement of the t:TC's regulatory powers in the area of online privac}. According to Quick (1998), the FTC was prepar ing ~(~ sue GeoCities for unfair and decep- tive practices, alleging that it ga thered informa- tkm ()n its customers, including children, and subsequent ly divulged it to Web advertisers in vi()lation of its (~w'n stated privacy policies. Geo- Cities denied the allegations. The sett lement re- quired GeoCities to post a privacy notice indicat- ing l~ow and what informatkm is being collected on cuslomers, to w h o m it will be disclosed, and how customers can access and remove the data.

The Intel and GeoCities episodes . . . .,~ ~,,, ...~

sumers" growing fears ()ver online privacy and and electronic com- merce. The rapid a n pace of technological advances, coupled with the explosion of Web usage, provides an oppor tuni ty for

companies to gather t C O n " : personal information ~)n an unpreceden ted scale. Online privacy is an area ()f gr(~v,'ing c~n~ t e rn for consumers , nmrketers, and the g()vcrn ment. The advent of electronic commerce brings with it a host of ethical issues surrounding cus- tomer privacy. This article highlights the current stares of electronic commerce and informaticm- gathering techniques :lncl examines ethical c(m- t e rns regarding onlint, cus tomer privacy.

G r o w t h o f E l e c t r o n i c C o m m e r c e a n d I n f o r m a t i o n G a t h e r i n g

The online consumer market is growing quickly as more and more co~stuners access the "~LJb. According to surveys conducted by Nielsen Me- dia Research and Conm3erceNet. 58 million adults were online in the U.S. and Canada as of Septem- ber 1992 with some ] 0 million having made a purchase online. By June the following year. the numbers had increased to some 79 lnillion adults. Bridis (1999) notes that as of June 1999, some 92 million people in the [~.S. and Canad:t wcrc re~ por ted to be online.

The explosion in electronic commerce has been accompan ied by an ever-increasing ability of Web merchants to gather, compile, and sell personal information <)n c(msumers. In ()no ()f the

F.thic;fl and ()nline Privacy Issues in Electronic Commerce 5

most ambit ious efforts yet to do this, CMG Infor- mat ion Services of Andover, Massachusetts is working with some of the largest commercia l sites on the Web to compi le data about their

customers ' reading, shopping, and enter- ta inment habits. Ac- cording to Hansell (1998), CMG is al- ready tracking the moves of more than 30 mill ion Web users, often without their knowledge . Informa- t ion-gathering tech- n iques and the amount of individual- ized information gathered are varied, The info-gathering

and profiling techniques of onl ine booksel ler Amazon.corn are so refined that returning cus- tomers are given a suggested list of books and videos based on their previous buying habits and similar profiles built from other customers. In addit ion to Web merchants compil ing data about their own customers, Web-tracking and analysis services such as Media Metrix Inc. will soon offer a weal th of data about competitors as well.

H o w is I n f o r m a t i o n Being Gathered?

Web merchants employ a variety of techniques to gather information about customers and visitors to their sites. The fol lowing are a few examples .

Sel f -d ivulgence o f i n f o r m a t i o n for pur- chases . Customers may voluntarily provide per- sonally identifying information to Web merchants w h e n buying goods on line. Typical information provided wou ld include names, addresses, credit card numbers , phone numbers , and merchandise ordered. This information allows merchants to develop highly detailed, personal ized profiles on customers that can be used to aim promot ions at them in the future.

Sel f -d ivulgence o f i n f o r m a t i o n to access a W e b si te . Some Web sites require visitors to reg- ister in order to access the site. The information requested can vary widely from names, addresses, and te lephone numbers to more detai led ques- tions on customers ' ages, family income, gender, occupations, and personal tastes or preferences. User surveys and onl ine contests are other de- vices used to collect personal ly identifying infor- mation.

Sel f -d ivulgence o f i n f o r m a t i o n for free m e r c h a n d i s e . On February 8, 1999, a startup electronic commerce firm called Free-PC.corn a n n o u n c e d it would give away 10,000 personal computers to people in exchange for extensive

details on their personal lives and online activi- ties. Once online, Free-PC.com will track which Internet sites the recipients visit, the time spent at each site, and the ads viewed. In addition, ads will appear nons top on the computer screen. Free-PC earns revenue by selling on-screen ad- vertising space.

A n o n y m o u s prof'de data. Even first-time, a n o n y m o u s users to a Web site reveal a certain amount of information about themselves. A Web merchant can determine the types of browsers visitors are using, their operating systems, coun- tries of origin, and Internet Protocol (IP) ad- dresses, which betray the identity of the Internet Service Providers (ISPs), or the companies from which they access the Net. For individuals arriv- ing at sites by clicking on hypertext links on other sites, the originating Web site addresses are transmitted to the new site. The above informa- tion allows Web merchants to measure the num- ber of visitors to the different sections of a site, de termine what links drive the most traffic through, and make the site more useful to its visitors.

Cook ie s . Cookies are devices that track visits to Web sites by storing information on visitors' hard drives. Web sites subsequent ly use this in- formation to keep track of w h e n users visited the site before, what they viewed, and the amount of time they spent v iewing the site. Information collection via cookies is often not obvious to consumers. Notably, visitors are not personal ly identified through cookies unless they registered by name at the site before or otherwise person- ally identif ied themselves. However, if peop le have registered by name at Web sites, the servers can track their onl ine actions and use previously deposi ted cookies to link these data to their names and addresses. The information collected can then be sold by Web merchants to advertisers and other interested parties.

Obviously, cookies give Web merchants cer- tain advantages over bricks-and-mortar retailers. The information collected can be used to change the layout of a virtual store and target merchan- dise tailored to the previous preferences ex- pressed by Web visitors. Both Netscape and Microsoft Explorer Web browsers can be set to notify computer users when Web sites want to deposit cookies, and the users can accept or refuse.

M o n i t o r i n g n e w s g r o u p s and chat r o o m s . More surreptitious information-gathering devices include collecting e-mail addresses and IDs in newsgroup postings or chat rooms and creating demograph ic profiles based on participants ' onl ine habits and postings. Moreover, Web mer- chants can buy e-mail addresses and information on customer preferences from other merchants, much like direct marketers currently do.

4 Business Horizons / May-June 2000

Ethical Issues Raised in the FTC's Survey on Onl ine Privacy

Clearly, online commerce provides numerous benefits to consumers, including convenience, immediacy of transactions, tirne savings, informa- tion, and access to multiple venues. Nevertheless, Marshall (1998) reports that a survey sponsored by Privacy & American Business found that four out ~f five Internet users are vet T concerned about (reline privacy.

Serious ethical concerns regarding online privacy were brought to light on June 4, 1998, when the FTC issued "Privacy Online: A Report to Ctmgress." The report was the result of a com- prehensive assessment by the FTC on the effec- tiveness of self-regulation as a means of protect- ing consumer privacy on the Web. The Commis- skin n(~ted that although the Web is a burgeoning marketplace, many consumers remain hesitant because of concerns over online privacy.

l 'he FTC suweyed 1,4(12 commercial Web sites during a two-week t)erk)d in March 1998. In brief, iT concluded that the industw's efforts at self-regulation had fallen short ()f what is needed to protect o m s u m e r privacy. Smwey results re- vealed that upwards of 8S to 97 percent of com- mercial Wet~ sites in all samples surveyed col- lected pers(mal information from consumers. The tylx:S (~f infl)rmation collected most frequently included name, e-mail address, postal address, teleph(me number, {hx numl-~er, and credit card number. Of those sites collecting personal infor- mation, ~mly 14 percent provided any notice to c(msumers of information collection practices. Approximately 2 percent gave notice of their inlormation practices by means of a comprehen- si\'e privacy policy.

The FTC was particularly disturbed by the natttre and amount of information gathered from children. Of the 212 children's sites su~,eye(t, 89 percent collected pers(mally identifying informa- ti(,n directly fl-om the child, including such things as name, e-mail address, home address, tele- pllone ~'lulllber, social security number, and (late ot birth. Web sites use a variety of techniques to st)li~it pers(mal infl.>rmation from children, includ- ing registralion, eligibility to win prizes, using inm~inarv characters to solicit information, having theJ~ sign guest bo()ks, invitati(ms for electronic pen pal pr()grams, and frec home pages.

Of children's sites c(~llecting personally iden- tilying inf()rmati<m, ~4 percent provided some clis~tosure ~)[ their inR:)rmation practices. Only 23 l)t'rcen[ inslrucled children t() seek parental per- lnission bef()re providing information. Even more disttubing, (rely 7 percent n()tified parents of their inflnn~ation practices, while fewer than 1 percent required parental c(msent f()r the collec- ti(m and use ~)f irff()rmati()n bef(yre that informa-

tion was collected or l tsed. Further, only 8 per- cent took steps to provide security for pets(real information.

Based on its three-year study of industry guidelines and actual online practices, the FTC concluded that effecti\e indust W self-regulati()n with respect to the online collection, use, and dissernination of pers(~nal information has n.()t yet taken hold. In its rep(,rt, the FTC stated th:tt tin- tess the indust W could demonstrate that it could develop and implement broad-based and effec- tive self-regulatory pro)grams, additi(mal g(~vcrn- mental authority in the area would be necessary.

WHAT IS PRIVACY?

T he right to "privacy" can enc(m-lpass a wide variety (~f concepts. Perhaps the most famous definition was expressed hy

Justice Louis D. Brandeis, when he called the right to privacy the right to be left alone. In ~)tu relationship to the government, pri- vacy can encom- pass the security of our h(mles and possessions from unwarranted gov- ernmental search and seizure. In our personal lives. it can encolnpass our freedom of self-deternmmtion to live our lives the way wc want, w h e r e w e \ v a r l t ,

and with whom we want. It can include our reproductive rights an(l our right to raise our children.

In the workplace, privacy can include flec- dom from intrusive and offensive monitoring and surveillance by cmpl(~yers. In this digital are, it can include the right to control information and facts al-~out (~urselves Such informati(mal privacy is our focus here.

I)rawing ()n the work of Garrett and Kl()n()ski (1986), Velasquez (1992) identifies tv,() typcs ()f privacy--psych()logical and physical:

Psychological privacy is privacy witt~ respecl t() a persc~n's inner life. This in~ eludes the person's thoughts and plans, t)ersonal belieN ;in(t values, feelings and wants. These inner aspects ()f a pers~m are so intimately connected with the person that t() inx'a(le them is alm()st 3n invasion ()f the v<'ry person, l~hysical prix-acy is privacy witlt respect t() a person's physical activities. Since pc<>

EIhkal and ()nli[~e l 'rivacv lssucs in Elccu(mic (2ommercc -~

ple's inner lives are revealed by their physical activities and expressions, physi- cal privacy is important in part because it is a means for protecting psychological privacy.

Legal Sources o f Privacy Rights

Alderman and Kennedy (1995) point out that numerous legal sources for the right to privacy exist: the federal Constitution, state constitutions, federal and state statutes, and judicial decisions. It is beyond the scope of this article to present an in-depth discussion of these legal rights. But we can offer a brief overview of privacy rights in the United States.

Privacy rights are best delineated in a citi- zen's relationship with the government. Although the Constitution never explicitly uses the word "privacy," the Fourth Amendment has been inter- preted by the Supreme Court as protecting a citizen's privacy from unwarranted governmental searches and seizures. Further, in a series of deci- sions starting with 1967's Griswold v. Connecti- cut, the Supreme Court interpreted the Due Pro- cess Clause of the Fourteenth Amendment as protecting a fundamental right to privacy, includ- ing the area of reproductive freedom.

Whereas certain constitutional safeguards exist for privacy violations by the state, far less protection exists for private sector intrusions in the United States. In a seminal 1890 article, War-

ren and Brandeis set forth the rationale of an inva- sion of privacy tort that would be developed through case law and would recognize mental anguish. Four years later, Herbert S. Hadley pub- lished an article advocat- ing the right to privacy via statutory law and compensation for inwt- sion of privacy only when physical manifestation of harm is demonstrated. The position of Warren and Brandeis was subse- quently accepted by the

courts. Thus, private individuals could now be sued for an invasion of privacy.

The tort was further elaborated upon in yet another seminal article written by Dean William Prosser (1960). In that article, Prosser argued that the invasion of privacy tort actually consisted of four distinct but related torts: intrusion, public disclosure of private facts, placing an individual in a false light in the public eye (such as publicly and falsely attributing to the individual some

opinion or utterance), and appropriation. The courts generally accepted Prosser's four torts as the only causes of action for invasion of privacy. Nevertheless, Alderman and Kennedy point out that each state went its separate way in their application. Some state legislatures recognized the torts and wrote them into statutes, while oth- ers left it to the courts to decide which of the four torts would be recognized and under what circumstances.

No comprehensive privacy statute exists at the federal or state level. Instead, statutory pro- tection of privacy rights is a mishmash of state and federal laws directed at isolated areas of privacy. Privacy statutes usually follow a public outcry. One example is the Video Privacy Protec- tion Act of 1988, which limits the disclosure of video rental information without the customer's consent or a court order, and which was passed after the disclosure of Judge Bork's video rentals to the media. Moreover, privacy statutes are fre- quently loaded with exceptions that often render them meaningless. The Right to Financial Privacy Act of 1978 sets strict procedures and requires consumer notification when the federal govern- ment wants to scrutinize bank account records of customers. However, state agencies and private employers are statutorily exempted from the Act. The Fair Credit Reporting Act of 1970 forbids credit bureaus from disclosing credit information to anyone but authorized customers or those with a "legitimate business need." But the latter phrase is so broadly interpreted that all three of the ma- jor credit reporting agencies do a booming busi- ness in profiling customers into such broad cat- egories as high, average, or low spending power.

MORAL AND ETHICAL BASES FOR THE RIGHT TO PRIVACY

T he right to privacy is a growing concern for Americans. Why it is such a salient issue at the dawn of the twenty-first cen-

tury can be attributed to a convergence of tech- nological and societal trends. Technology has ew)lved to the point at which detailed, compre- hensive profiles of individuals can be created and disseminated at unprecedented levels. The links of various electronic databases and the ease with which longitudinal profiling of individuals can be performed create the potential for cradle-to-grave personal dossiers to be disseminated for commer- cial and other purposes. Moreover, technology has created the era of mass communication. Twenty-four-hour cable networks, Internet maga- zines, radios, newspapers, and magazines all clamor voraciously for information.

The moral and ethical bases for the right to privacy devolve from a number of sources. As discussed later, however, that right is not an abso-

6 Business Horizons / May-June 2000

lute one and inust be ba lanced against other indi- vklual rights and the c o m m o n good.

Natural Law and Natural Rights

McWhirter and Bible (.1992) assert that the con- cept of natural rights follows from the concept of natural law, wherein people have certain basic rights because they are human. In the United States, natural rights are recognized express ly in the l)eclaration of I n d e p e n d e n c e pronounce- ment: "'We hold these truths to be self-evident, that all men are created equal, that they are en- ct<)x~ed by their Creator with certain una l ienable Rigt/ts, that am(rag these are Lil-k ~, Liberty and the pursuit of Happiness."

.¢s noted earlier, the Supreme Court has inter- preted the right t~> liberty as inclctding a right to priv:lcy from governmental intrusion. Stipulated b{~ttl in the Declaration of Independence and the C~>nstilution, lhe concept of liberty nonethe less remains ro~)ted in natural law rather than creation by gox ernment. John Locke enuncia ted the con- cept of the natural state as one where in all power and jurisdicti<m are reciprocal, no one having more than another. From an ethical perspective, one c(~uld argue that abrogation of privacy rights grants extraordina W power to certain individuals, thereby d iminish ing the rights of others in society.

Moral Right to Privacy

Ac'o)rding t() Velasquez, a right is an individual 's enti t lement to something. Rights can be legal or m<)ral. The latter are universally appl icable and necessari ly impose a correlative duty on others toward the bearer of that right, such as the duties of r~(minterference or positive pertk)rmance. If an individual has a m()ral "right to privacy," argues Vel:~squcz, c)ther individuals and /or society then h:tv~' a duty not to interfere with that right. Un- like utilitarianism, moral rights express the re- quirenients of morality from an individual 's per- spective, rather than that of society as a whole. H~\vever, as n{~ted later, these moral rights may be ~verr idden for a greater c{~mmon good.

Vclasquez contends that privacy has both "pn >tect ive and enabl ing functions." Among its prolcctive i'uncti()ns, it ensures that others do not acqtiire injurk)us intk)rmatitm about us that could bc t tscd to shalne, ridicule, or blackmail us. It als(, all(>ws us t<) pursue our plans and interests vdtllout interference by those v,,'ho do not find theJn tasteful or share our value systems. Privacy protects pet)pte from self-incrimination through inv<)luntar)" disclosure. Among its enabl ing func- ti(ms, it fosters intimacy and trust among people, which wouM not be possible in the absence of pri\ ;icy. It also enables individuals to choose how t(~ present then>elves to the world.

The right to privacy can be based in Kant's categorical imperative, v,,'herein each individual should be treated as a free person equal t() ever}- one else. Velasquez notes that privacy is an inte- gral componen t of a free h u m a n being and a free society. The abrogatiorl of all privacy rights would be impossible to imagine in a free society. Every- one has the moral right to privacy. However, if that right conflicts with another human interest that can be shown to be of equal ()r greater im- portance, the right to pri\ 'acy can be limited.

Privacy Rights Not Absolute

The right to privacy has never been construed as an absohlte one. Invari:lbly in a free society, that right has been bal- anced against the common good, thus creating a tension be tween the tw<). Etzioni (1999) con- tends, "We must recall that both ethics and public policies often entail not :l choice be tween good and evil or right and wr(mg, but rather the much more daunt ing chal lenge of charting a course w h e n faced with two conflicting rights or g()ods.'" Which rights should take precedence is a subject of considerable debate :tnct myriad fact()rs. Where that balance is struck in a democratic society will wiry markedly Dora (,no that is not s().

The privacy rights c)f an individual, theref~)re, may often be relatively diminishecl in the face {)f a greater s~)cietal go<xl. For example , freed()m c)f the press is considered an integral c(m-~ponent of a democratic society. However. conflict can {~ccur be tween the First An~endment rights of the press and the privacy rights ~>f an individual. In most instances, the balancc' is t ipped in favor (>1 the press. Similarly, tin einployer 's use of electronic sulweillancc in the w~>rkplace or reading cmpl<)v- ees' e-mail may be perceived as a vi()lation (H: privacy rights by workers. Nonetheless, m(>st courts have permitted private sect~)r cmpl<)ycrs t(> engage in such activities within reas(mablc limits.

Ethical Basis of Informational Privacy

The tk)cus here is on informational privacy in electronic c<)mn-lerce---the right of individuals t() exercise control over information about them- selves. Inf()rmational privacy rights can be de- rived fl-om the general right to privacy discussed earlier. From the autl~ors' perspectives, there is

Elhk ;il and ()aline Privacy [ssues in Electronic Commerce -"

nothing inherently unjust or unethical in gather- ing information on customers when appropriate procedural justice safeguards are put into place to protect them. Data gathering has been prac- ticed since the dawn of commerce. A bricks-and- mortar store owner knew his regular customers and their personal tastes and preferences. A mer- chant may even have maintained records of cus- tomer preferences and purchase histories.

What has irrevocably altered this information- gathering process is the growth of sophisticated computer technology, which enables the collec- tion, dissemination, and combination of informa-

tion at previously un- precedented levels. Technology has sub- stantially altered the relationship between customers and mer- chants, and tipped the balance in favor of online merchants' con:- mercial interests versus the customers' privacy interests. This change leaves online consum- ers particularly vulner- able, subject to harm, their right to psycho-

logical and physical privacy compromised. Just as our legal conceptions of the right to privacy lag behind in adapting to rapid technological change, so do our ethical conceptions of privacy in con- temporary social conditions.

F r e e d o m o f C h o i c e

The days of the corner merchant keeping paper records of customers in file cabinets are rapidly disappearing. A key threat to privacy is the growth of largely unregulated, private sector databases. When making purchases online or visiting Web sites, customers do not surrender their rights to privacy in their personal lives. From their viewpoint, they are engaging in com- mercial transactions wherein they exchange pay- ment for goods or services. It is not self-evident that computerized, interlocking, massive cus- tomer databases serve the common good to the extent that the balance should be tipped further and further away from individual privacy in favor of merchants. Unlike databases of registered driv- ers, auto licenses, or criminals, commercial data banks serve private interests primarily of mer- chants and, to a lesser extent, customers.

Data mining effectively reduces the customer to a lucrative, salable commodity. Merchants now gain the ability to compile extremely detailed and revealing electronic dossiers on individuals with exacting details, such as their individual prefer-

ences, what drugs they use, or whether they read adult books. Customer information is increasingly being merged with information from public sources and information brokers. Sophisticated network technology gives companies the ability to use computers to analyze these massive amounts of data and fine-tune them into indi- vidual customer profiles.

In such an atmosphere, an individual's pri- vacy is seriously compromised when every move- ment is tracked, compiled, and sold without his consent and frequently without his knowledge. No one lives in a vacuum. We must interact with the world to survive. In today's world, it is not possible to simply opt out of the digital age. To maintain information privacy, one must never go online, visit a Web site, use a credit card, write a check, or make a phone call, because invariably one would be entered into a databank that would subsequently be sold and merged with other profiling data.

From an ethical perspective, it is unjust to violate the privacy rights of individuals to further private sector commercial interests if the most intimate details are revealed without the consent of the individuals. Given the security laxity that surrounds many computer systems, the existence of such profiles has the potential to harm indi- viduals. Clearly, a rebalancing is needed whereby consumers have the right to know what informa- tion is being collected on them. Specifically, con- sumers have a right to know how that informa- tion is being used, how to correct errors, what security safeguards are adequate, and how to opt out of the system if they don't want personally identifiable information used for any reason other than to close the transaction. Ethical concerns involving online privacy discussed below include the lack of background institutions, just contract and voluntariness, and procedural justice.

JUST BACKGROUND INSTITUTIONS AND ONLINE PRIVACY

B ackground institutions play a vital role in a just legal and political system. In the United States, although specific statutes

exist to protect certain classes of data, such as video rentals and fair credit reporting, few other legal restrictions currently exist on the compila- tion, dissemination, and sale of personal informa- tion. Constitutional rights to privacy apply only in relation to a citizen and the government. Thus, private sector companies are essentially free to share personalized data with other companies about their customers, With the advance of online technology and its integration into the world of electronic commerce, the proliferation of data mining and information brokers is only expected to grow. The paucity of just background

8 Business Horizons / MayOune 2000

institutions to protect customer information leaves consumers reliant on the goodwill and self-regu- lation of Web merchants who have a strong eco- nomic incentive to use consumer information. Thus, customers are left vulnerable to the exploit- ativc use of their personal data,

Proposed Legislation

The Clinton Administration has consistently pro- m~tcd self-regulation as the preferred means of dealing with online privacy concerns. Neverthe- less. the FTC's survey of Web sites reveals that industry efl~)rts to encourage voluntary adoption haw, not been successful. On September 23, 1998. FTC chairman Robert Pitofsky testified be- fore C(mgress in support of S.2326 "Children's Onli~e Privacy Protection Act of 1998," which was subsequently passed as part of S. 442 Internet "Fax Freedom Act.

Fhe legislation directs the FTC to prescribe regulations requiring commercial Web site opera- tors to obtain verifiable parental consent before collecting personal information from children trader 13, They must also provide opt-out options to parents, and maintain the confidentiality and sect~rity (ff collected data. Web site operators mus~ obtain verifiable prior parental notification and consent t~ use any information gathered for marketing purposes, or to list a child's name or e- mail address (m a home page, pen-pal service, message b~mrct, or chat room. President Clinton signed the "'Child Online Protection Act" at the cl{)sc (Jr 1998, imposing fines and/or imprison- ment (,n Web site operators who commercially disseminate information via the Web and fail to restrict access to material harmful to minors.

Industry Reaction

In response t<) pressure from the federal govern- ment, the Online Privacy Alliance was formed in June 1998. The alliance consists of more than 50 U.S. computer, media, and marketing companies and trade associations. Its goal is to develop c~m~prehensive privacy policies on the Internet. Ccmlpanies that comply with the group's guide- lines could display a "seal of approval."

Olher groups developing guidelines to certify c<)n~panies as compliant with privacy standards include the Council of Better Business Bureaus, TRI TS'I'e, the Electronic Frontier Foundation, and the Direct Marketing Association (DMA). Notably, the DMA (1994) has maintained a fair information practice policy in nonelectronic areas for many years. Moreover, both Microsoft and IBM have ann~mnced that they will not advertise online with businesses that tack posted privacy policies.

Critics charge that these measures fall far short (~f the level of enforcement needed to pro-

tect consumers' personal information. They con- tend that self-interest will preclude Web mer- chants from instituting adequate safeguards for customer privacy. Self-regulation has proven inef- fective. Most privacy policies established by Web merchants constitute little more than notice that information is being collected. Fev,: p~licies re- quire customer consent or limit the use of the customer information. Even fewer require mer- chant compliance, external review of mcrchan~ compliance, and enforcement mechanisms f l , breaches of compliance. (Notably, GeoCities was a member of both TRI JSTe and the Online Pri- vacy Alliance.)

European Union Directive

Not all countries treat information priwtcy with the laissez faire approach that the U.S. does. In the United States, the names, addresses, and other personally idenlit-}'ing information about citizens are widely available. In Europe, such databases are protected and regulated by national authorities, Unlike in the United States, information privacy is considered a funda- mental right in Eu- rope, and the right to privacy is legally codified. In October 1995, the European Parliament enacted guidelines on infor- mation privacy called the "European Com- munity Directive on Data Protection."* Member states must adopt national legisla- tion ensuring protection of personal inffmnation, and prohibit any company doing business in Europe from transmitting personal data to corm- tries that do not guarantee privacy protection. Currently, the U.S. is considered one of those countries. The EU directive prohibits the sharing of customer data witt~ other companies and pro- vides c(msumers witt~ a bill of rights. Leibowitz (1999) notes that consumers have "the right to be informed about the processing of personal data, such as where the data originated and the pur- pose for which information is processed; the right to access or review personal data and c{n- rect errors; and the right to deny use of the data."

*Editor's z~bte: William..qcbeibal and Julie Alpert Gladstone discuss the EU's new directive in depth i~z "Privacy on the .Net: Europe Changes the Rules. "the article immediately./bllou,ing this one.

Ethi~ al and Onl ine Privacy Issues in Electronic C o m m e r c e 9

JUST CONTRACT AND ONLLNE PRIVACY

V elasquez notes that traditionally, the ele- ments of a just contract have included the following ethical dimensions: (1) the

parties are knowledgeable about the terms and conditions of the contract, (121) neither party mis- represents the contractual situation, (3) the par- ties are not operating under duress or coercion, and (4) the contract does not bind the parties to an immoral act. As discussed previously, contrac- tual rights and duties presuppose the existence of just background institutions. Without the pres- ence of the latter, validity and enforceability of contractual rights becomes questionable.

Voluntary and In formed Consent

The use of online information-gathering tech- niques raises key philosophical and ethical ques- tions about the nature of freedom and voluntari- ness. A fundamental tension exists between the legitimate business needs of rnerchants to know their customers and the privacy interests of cus- tomers and Web site visitors. Marketers believe it is essential to use relational databases and other sophisticated computer technology to expand the scope and breadth of their consumer databases and serve their customers better. They believe the success of marketing is directly related to the amount and specificity of consumer information compiled. On the other hand, many individuals now feel they have lost all control over how personal information about them is used and circulated by companies.

One could argue that an implied contract is formed when a consumer visits a Web site. In its simplest form, the consumer provides informa- tion in exchange for access to a site provided by a merchant. Web merchants contend that this exchange is both voluntary and informed. At a bare minimum, from an ethical perspective, fair- ness and justice in market transactions require that the actors be both free and knowledgeable. Noting that a consumer is "free" to stay away from a site or a virtual store does not say any- thing about the justice of the contract provisions offered by the firm. Though an individual makes an active choice to visit a site, he nonetheless may not be aware that information is being col- lected on him as the basis of the exchange.

Lack of knowledge by consumers arises in several areas. First, the FTC report indicated that only 14 percent of commercial Web sites dis- closed to users any information about their col- lection of personal data. In these situations, con- sumers clearly lack the requisite knowledge to enter into a just contract. Second, when less ob- vious methods of data collection are involved, such as when cookies are downloaded into users'

computers, again, requisite knowledge is not present. Admittedly, technology permits consum- ers to modify their Web browsers to refuse to accept cookies. However, in an era when many consumers have problems programming their own VCRs, it is unrealistic to expect them to (a) know what cookies are, (b) know that they, the consumers, can modify their Web browsers, and (c) know how to modify the browsers. Similarly, although technology exists to encrypt e-mail mes- sages, this does little to assist a consumer trying to prevent data collection on them at a Web site.

Third, the ability of Web operators and mer- chants to conduct detailed consumer surveillance leaves consumers far more vulnerable than in traditional retailing concerns. Even given that consumers are on "notice" of providing informa- tion via an online registration form, they may still be unaware that their movements on the site are being monitored beyond the overt information provided. Fourth, Brenkert (1998) points out that knowledge is often not present at all when deal- ing with vulnerable consumers, such as children or the developmentally disabled. Indeed, misrep- resentation ensues in dealing with vulnerable consumers who are enticed to divulge informa- tion through imaginary characters and electronic pen pals.

A fair transaction should be founded on voluntariness and knowledge. Privacy policies should be clearly and prominently posted on Web sites so that consumers will be able to make an informed decision about whether to divulge personal information. The policies should clearly indicate what information is being collected and what will be done with it, including the potential sale of that information to third parties. Consum- ers should be given the choice to opt out of pro- viding information. Many Web sites will not per- mit access if a consumer refuses to accept cook- ies or divulge personal information.

At present, consumers still have many alter- natives available to them. However, as the Infor- mation Age accelerates, and if most firms adopt similar policies, consumers will be effectively forced into providing information or being frozen out of electronic access. Periodically, Web mer- chants should notify customers of their policies in collecting, renting, selling, or exchanging personal data lists. Whereas notice of privacy policies on company sites satisfies the requirement of in- formed consent for adults, special precautions and moral responsibilities are necessary for sites directed at children.

Managerial R e c o m m e n d a t i o n s

Increasingly, marketers are recognizing that past customer behavior, as recorded in actual business transactions, is by far the best indicator of future

10 Business Horizons/May-June 2000

buying patterns, In the Information Age, informa- tion is power. So the incentive to track customer behavior is a strong one. As noted earlier, Amazon.corn has compi led such a massive data- base of inft~rmation on its consumers that return visit(ns are greeted personal ly and given a cus- tomized list of r e c o m m e n d e d books based on their buying habits. Moreover, Amazon.corn has n()t ruled out selling that data. From a utilitarian perspective, an action is morally right if it pro- duces the most utility, both now and in the fore- seeaMe future, for all peop le affected by it. In the immedia te sense, unrest ra ined data compilat ion on individuals primarily benefits Web merchants and, to some lesser extent, customers. However, in the long run, unrestrained compilat ion can put fear inlo constimers who feel that Big Brother is operat ing in their onl ine transactions. The latter may lead t() c()nsumer reluctance to engage in electronic commerce and ultimately hurt both the merchant and the economy. It may also lead to a pub}it backlash and extensive government regu- lali(>n. It is in the Web m e r c h a n t s long-term best interest, therefore, to implement information praciices tin:it will mitigate consumer fears and lessen the need for regulato~ T oversight.

As noted earlier, from the authors' perspec- tives, there is nothing inherently unjust or unethi- cal in gathering information ()n customers w h e n appropriate procedural justice safeguards are put into place t() protect theln. Pr()cedural justice is a term tised I~) designate fktir-decision procedures, pracrices, or agreements . A n u m b e r of procedural iustk'e c()ncerns arise in relation to the collection of information from cust()mers ()nline in commer- cial I ransactions and venues. These must be ad- dressed for Wel~ merchants to secure the trust of con.sumers and lessen the chance of extensive g()vcrnment regulation.

Web merchants can take a number of steps to pr<)tcx't customers ' privacy while online:

1. The naiure and amount of information collected on c()nsumers should be limited to prcs~mlptively relevant data essential for market- mg l~urp~)scs.

2. Collection practices should be fully ex- pla ined to c~)nsumers, including the possibility of making custorner lists available to third parties.

3. Consumers shc)uld be given the opportt> niiy Io opt out of the collection process and /o r the ,<,:tie ()f that information to third parties.

t. Information gathered shouM be used only for ~ommercial or marketing purposes. Special care shouM be taken that personal ized informa- ti()n is not used to discriminate against people on such bases as religion, ethnicity, or genetic pre- disp~)siti(m t()\vard certain diseases.

"=,. C(msumers should have the right to correct inaccurate data compi led on. them. As the collec- tion and use of information have mushroomed,

so have the opportunit ies for mistakes, misuses, and abuse.

6. Web merchants have the responsibili ty tt) ensure the reliability ()f tile data collected, make certain the data are used for the in tended pur- pose, and prevent unauthor ized access t<) them. Prevention of unauth()rized :recess and adequate security are paramotmt in a society where a ff'~v key strokes can reveal the most intimate details of one's lifk,. One of tile fastest growing groups ()f firms that specialize in gathering confidential data on individuals is informatkm brokers. While many information brokers use legitimate means to gather data, many <)thers resort [() illicil and devious metl~()d s,

O nline ct)mmcrce is here t() stay. At this p()int, the Llnited States gt)vernlncnt is still pursing a policy of self-regulatum

with regard to onl ine privacy information. How- ever, in its priwlcy report, the FTC expressed clear reserwttions about the industtT's ability t() devel()p a w~)rkable privacy protection plan. Arc consumer privacy rigllts being adeqLmtcly pr<)- retted by existing tav, s and business practices? The era of governmenta l laissez faire toxvard infornmtion privacy may be coming to an end as e-ct)nllnerce expk)des and consumers grow in()re wary about their privacy being invaded, in this brave new cyberworkl, Concerns were trader- scored in the r e c e i l t ab{med attempt by online advertiser l)out-)leClick to merge data <)n <reline shopp ing habits with actual names and addresses.

Critics argue that self-regulation by the indus- try is :m oxymor(m: ultimately, economic fact(ms will outweigh privacy c()ncerns. Indeed, the FTC sent a clear warning t<) the online inclustr'~ with its report: Either come tip with effective self- regulation practices qtiickly, or the government will do so for y<m. If self-regulation ultimately proves inadequate, C~,ngress may step in witll more restrictive privacy regulatiori. F(}reseeable federal interventions ~ould include manctat(~rv disclosure of privacy policies, restricting the c~)l- lection of data {~n individuals, requiring c~nsent from them belk)re gatllering informati~)rl, a l lowing customers tt) opt out ,)f databases, pr()viding consumer access to c{)rrect informatkm in data- bases, and requiring security of th()se databases. It remains to be seen whether the industry will rise to the chal lenge and establish meaningful privacy policies. -I

References

E. Alderman and C. Kennedy, 7~,w RiRlot Io IJrit,acr (New York: Alfred A. K1~opf, 1995).

G. Brenkert, "Marketing to Inner-City Blacks: P<~wcr Master and Moral Responsibility," Business Ethics QTtarler[.l,, Janual.w 1998, pp. 1-18.

Ethical and Online Privacy lssues in Electronic Connnerce I1

T. Bridis, "Survey: 92M Use Net in U.S., Canada," Ithaca Journal, June 17, 1999, pp. lB.

CommerceNet and Nielsen Media Research, "Demo- graphic and Electronic Commerce Study," December 11, 1997: www.commerce, net/news/press/121197, html.

CommerceNet and Nielsen Media Research, "Number of Internet Users and Shoppers Surges in United States and Canada," August 24, 1998: v~ww. commerce, net/ news/press/19980824b.html.

Direct Marketing Association, Fair Information Prac- tices Manual.. A Direct Marketer's Guide to Efj&ctive Self-Regulatoo. , Action in the Use o l in format ion (New York: Direct Marketing Association, 1994).

A. Etzioni, The Limits c)fPrivacl, (New York: Basic Books, 1999).

T. Garrett and R. Klonoski, Business Ethics, 2nd ed. (Englewood Cliffs, NJ: Prentice Hall, 1986).

Griswold v. Connecticut, 381 U.S. 479 (1967).

H.S. Hadley, "The Right to Privacy," Northwestern Law Review, October 1894, pp. 1-21.

S. Hansell, "Big Web Sites to Track Steps of Their Us- ers," New York Times, August 16, 1998, p. A1.

L. Kaufman, "Playing Catch-up at the On-Line Mall," New York Times, February 21, 1999, Sec. 3, p. 1.

W. Leibowitz, "E.U. Extends Its Privacy Protection," National Law Journal, January 18, 1999, pp. B1-B2.

J. Marshall, "Keeping Consumer Data Private," USBanker, August 1998, p. 17.

D. McWhirter and J. Bible, Privacy as a Constitutional Right (New York: Quorum Books, 1992).

W.L. Prosser, "Privacy," California Law Review, August 1960, pp. 383-423.

R. Quick, "GeoCities Broke Privacy Rule, FTC De- clares," Wall St,wetJournal, August 14, 1998, p. B1.

M.G. Velasquez, Business Ethics: Concepts and Cases, 3rd ed. (Englewood Cliffs, NJ: Prentice Hall, 1992).

S.I). Warren and L.D. Brandeis, "The Right to Privacy," Harvard Law Review, December 15, 1890, pp. 193-220.

Eileen P. Kelly is a professor of manage- ment at Ithaca College, Ithaca, New York,, where Hugh C. Rowland is the asso- ciate dean of the School of Business.

12 Business Horizons / May-June 2000