Caslon Analytics elephant logo title for Privacy guide
home | about | site use | resources | publications | timeline   spacer graphic   Ketupa




Aust law

EU law

New Zealand

Asia law

N America





other writing


















related pages icon


section heading icon     site privacy statements and seals

This page looks at privacy trust marks (also known as web seals). It also considers the policy statements that appear on some sites to identify the site operator's stance on privacy.

It covers -

The page is supplemented by a more detailed profile about trustmark principles, research and schemes.

subsection heading icon     issues

In practice privacy is often 'negotiated' on a site by site basis by individual consumers. That negotiation reflects -

  • the principle of informed consent (users of a site can choose to provide information)
  • the uneveness of national privacy legislation
  • questions about jurisdiction and
  • the absence of international privacy protocols (for example there is no direct equivalent of the Berne Convention harmonising national copyright law)

It relies on formal privacy statements (which range from a general indication that the operator recognises that privacy is an issue to detailed contractual undertakings or exclusions from the provisions of national law) and trust marks.

Three starting points for considering the nature of trust in cyberspace are the detailed 1999 report from the US National Academy of Sciences on Trust In Cyberspace, the Informed Consent Online project (ICO) at Washington University and the 2001 Stanford Persuasive Technology Laboratory report
(PDF) on factors that affect credibility.

subsection heading icon     statements

In essence, the privacy statement on a site is founded on the principle of informed consent: individuals are free to provide information about themselves on the basis that they're aware of how the information is used (including scope for verification/correction of that data). Not all data identifies individuals - on this site for example we don't use cookies to track discrete visitors - and the level of detail may vary.

In principle statements should encompass

  • what information is being collected, in particular data that identifies an individual or that through profiling might be used to identify an individual
  • how it used, including provision to third parties
  • how it is stored (and disposed of)
  • arrangements for correction of personal information

We've highlighted practical concerns regarding the shape of privacy statements at the end of this page. Research into the practice of of site owners suggests that some fail to meet commitments in the statements, that some statements are barely intelligible and that that statements are sometimes misinterpreted.

The 2003 Americans & Online Privacy: The System is Broken study (PDF) for example argues that

  • 57% of US adults who use the internet at home incorrectly believe that when a website has a privacy policy, it will not share their personal information with other websites or companies
  • 47% of adults who use the internet at home say privacy policies are "easy to understand" but 66% of those incorrectly believe that sites with a privacy policy won't share data
  • 86% believe that laws requiring use of a standard format for online privacy statements are highly desirable.

subsection heading icon     trust marks

As we've suggested in our Consumers guide and the profile on Trustmarks, a seal or trustmark is an advisory, rather than a guarantee of performance.

It is an indicator that the site operator has agreed to be bound by a code of practice, although the binding is often weak and certification problematic.

Some observers, for example, have criticised the process through which seals are acquired, in particular schemes based on self-assessment. Critics argue that self-assessment is inherently open to abuse by the unscrupulous or merely incompetent.

Others note the poor performance of certifying bodies, including prominent seal issuers such as TRUSTe, characterised as slow to respond to consumer concerns about abuses or lacking the resources to monitor compliance with their rules and ensure that the trustmark is removed from a site that breaches those rules. Three examples are Natalie Regoli's 2002 Indecent Exposures in an Electronic Regime paper (PDF) and Jennifer Sweeney's 2001 Can The Internet Really Police Itself? Self-governance and the 1998 Children's Online Privacy Protection Act paper.

Still others note the plethora of competing trustmark bodies, ranging from those that a restricted to a particular jurisdiction to those with global ambitions and a presence in all major markets. Our basic inventory of e-business trustmarks is here.

The longterm viability of several of those marks is poor, as they have not

  • gained substantial endorsement by regulatory bodies
  • secured a significant market share among retailers, service providers and other commercial entities
  • established appropriate credibility among a sufficiently large number of consumers (whether individuals or businesses), either in differentiation from competitors or for trustmarks per se
  • grown enough to enjoy economies of scale in marketing and promotion

A perspective is provided in Web Seals: A Review of Online Privacy Programs, a 2000 report by the Office of the Information & Privacy Commissioner in Ontario and the Australian Federal Privacy Commissioner, and by Anna Nöteberg's 1999 dissertation (PDF) Trusting the Web? Web Assurance Seals for an Improved Electronic Commerce Environment. The 2003 paper Your Privacy is Assured - Of Being Invaded: Web Sites With & Without Privacy Seals by Robert LaRose & Nora Rifon noted that

It is perhaps ironic that the Web sites that seek to publicize their concern for consumer privacy by displaying privacy seals were actually more likely to intrude on privacy, at least in terms of the amount of personal information that they requested from consumers. And, aside from a greater tendency to deposit cookies, the unsealed sites were no more likely to invade users’ physical privacy through involuntary intrusions on their computers.  Naïve consumers who view seals as a form of privacy protection may thus be disappointed.

We've highlighted other research regarding trustmarks in the supplementary profile for this page.

For a vision, which we find unconvincing, that consumers will embrace trustmarks and then seek "lovemarks" see the interview with Saatchi & Saatchi's Kevin Roberts. In practice it is likely that major brands such as IBM,, ColesMyer, Dell or LandsEnd have sufficient credibility (and recognition among consumers) to obviate the need for trustmarks.

subsection heading icon     practical concerns

In practice there are five concerns about privacy statements -

  • they are disregarded by the site operator
  • can't be readily found by a visitor to a site
  • can't be readily accessed and copied by most users for study or later reference (eg comprise several pages of text that is presented within a small box on a page and cannot be printed)
  • feature inappropriate exclusions
  • are written in legalese and/or formatted to minimise use (eg very fine print, all upper case, no subheadings or paragraphs)

There's a useful demonstration of some of the practical issues in a study by the US Privacy Rights Clearinghouse (PRC), a consumer advocacy body. Lost in the Fine Print: Readability of Financial Privacy Notices examines business compliance with new legislation - the Financial Services Modernization Act (Gramm-Leach-Bliley Act) - that requires financial institutions to send consumers yearly notices on how their personal financial data is used.

The legislation has been strongly supported by consumers, consistent with the range of studies suggesting that people like to know what data's being collected and how it's handled. It has also gained broad supported from industry, particularly from those banks that perceive there's a competitive advantage in demonstrating best practice in the collection, use and disposal of personal data. Provisions in the legislation permitting data sharing between all entities under a corporate umbrella were an added incentive for the major financial groups.

By the end of June 2001 every account holder in every US financial institution was to receive a notice, under the new legislation, concerning the protection of their personal financial information. Most observers expect that institutions will still provide data to third parties, as that will be only be restricted if consumers actively opt out (ie formally notify the bank, credit union or other financial body).

Most of the notices were included with monthly account statements. That is a traditional delivery mechanism: in Australia financial service providers frequently notify changed terms & conditions in fine print with such statements or an accompanying glossy leaflet, most of which are reportedly thrown away unread.

That's been a concern to bodies such as the Australian Competition & Consumer Commission (ACCC) and Financial Services Consumer Policy Centre (FSCPC) at the University of New South Wales.

The PRC study examined the clarity of 17 financial privacy notices from major financial institutions. It is backed up by an information sheet as an aid for consumers assessing other notices.

The notices are supposed to be written in a 'clear and conspicuous' style with language that is 'reasonably understandable,' a term which is not defined. Overall, the study found that the privacy notices failed basic readability tests and would not be readily understood by most US consumers. The notices did not meet current US state readability requirements for other financial documents, such as insurance policies. We consider that readability is likely to be even lower when the information is presented online.

The PRC study offers a useful encapsulation of key recommendations for increasing the readability of privacy documents.

In line with work noted in our Accessibility guide, it suggests that institutions should -

  • present information in a clear and concise way
  • use short explanatory sentences or bullet lists
  • use concrete everyday words
  • use the active voice
  • avoid multiple negatives
  • avoid imprecise explanations
  • use plain-language headings to assist navigation
  • use boldface for key words
  • use a typeface and type size that are easy to read
  • use wide margins and enough line spacing.

The US Federal Trade Commission, along with other regulators, has held organisations to commitments about privacy made on their site. One example is the PetCo settlement noted in discussion elsewhere on this site regarding corporate data losses through hacking and misplacement of unencrypted electronic customer records.

subsection heading icon     other

Ari Melber commented in 2008 that privacy problems regarding social network services, such as
Facebook, is to -

ensure that users can make informed choices. Taking a page from the consumer protection movement, Congress could simply require social networking sites to display their broadcasting reach prominently when new users post information. Just as the government requires standardized nutrition labels on packaged food, a privacy label would reveal the "ingredients" of social networking. For example, the label might tell users: "The photos you are about to post will become Facebook's property and be visible to 150,000 people--click here to control your privacy settings."

This disclosure requirement would push Facebook to catch up with its customers. After all, users disclose tons of information about themselves. Why shouldn't the company open up a bit, too?


icon for link to next page    next page (the media and privacy)

this site
the web



version of January 2008
© Bruce Arnold | caslon analytics