Electronic Retailer - January 2012 - (Page 12)

INDUSTRY REPORTS FTC Forum Privacy: What’s Your Policy? BY LESLEY FAIR When was the last time you clicked that link on your website that says PRIVACY POLICY? If it’s been awhile, a recent Federal Trade Commission (FTC) law enforcement action offers a timely reminder that your site may be overdue for a privacy policy overhaul. ScanScout is a video ad network that places ads on websites for advertisers and, in the process, tracks people’s online browsing so that those ads line up with the person’s interests. To do that, ScanScout puts cookies on people’s browsers. ScanScout told people they used cookies to collect browsing data and explained that users could opt out by altering the settings on their browsers. To quote the company’s privacy policy, “You can opt out of receiving a cookie by changing your browser settings to prevent the receipt of cookies.” Claims about privacy are like any other representations you make about your products: They have to be truthful, not misleading, and supported by reliable evidence. The problem, according to the FTC’s complaint, is that for a two-year period ScanScout actually used Flash local shared objects — also known as “Flash cookies.” In some ways, cookies and Flash cookies are similar: They both can track a person’s browsing habits and serve up targeted ads. But there are important differences, too. ScanScout’s Flash cookies couldn’t be controlled through a computer’s browser. So even if people followed what ScanScout said in its privacy policy and changed their browsers’ settings to delete or block cookies, ScanScout’s Flash cookies were unaffected. ScanScout could still collect browsing data and serve targeted ads to people who thought they’d opted out. That, said the FTC, made the company’s cookie claims false and misleading. 12 What points should savvy retailers take from the FTC’s settlement with ScanScout? • Promises, promises. You may not think your company is making promises about privacy or data security, but you probably are – right in your privacy policy. Claims about privacy are like any other representations you make about your products: They have to be truthful, not misleading, and supported by reliable evidence. • Legal ease? Sure, it’s wise to work through your privacy policy with your attorney, but write it with your customers in mind. If there’s a phrase that’s not clear to you, chances are it could confuse them, too. Like your ads, your privacy policy should be easy to understand and to the point. • Words vs. deeds. Some online retailers pack their privacy policies with platitudes about how careful they are with customer information, but the reality doesn’t measure up to the lofty language. Bring your IT staff into the conversation to make sure your privacy policy is in accordance with what your company is actually doing with data. • Flash in the pan. While you’re meeting with your tech team, tell them about the ScanScout settlement and make sure your cookie practices aren’t causing your privacy promises to crumble. Share the Privacy & Security portal at business.ftc. gov. Lesley Fair is an attorney with the FTC’s Bureau of Consumer Protection. electronicRETAILER | January 2012 http://www.electronicretailermag.com

Table of Contents for the Digital Edition of Electronic Retailer - January 2012

Calendar of Events
Your Association, Your Bottom Line
Industry Reports
FTC Forum
eMarketer Research
IMS Retail Rankings
Jordan Whitney’s Top Categories
Lockard & Wechsler’s Clearance & Price Index
SENSAtional Marketing
When Words Can Hurt
‘Because They Can’t Afford to Get Sick’
Guest Viewpoint
Guest Viewpoint
Inventor’s Corner
Payment Processing
Member Spotlight
Advertiser Spotlight
Bulletin Board
Advertiser Index
Rick Petry

Electronic Retailer - January 2012