[Previous]
[Next]
[Title]
Website privacy policy statements and the changing face of e-commerce
Mark Berthold
Parts 1 and 2 appear in this issue, Part 3 in the
next.
E-commerce and its challenge to privacy is hardly a decade old. Only
during that period has cyberspace become generally navigable, through the
introduction of hyperlinks and browser software. Before then, the documents
stored on individual computers were not readily accessible from other devices
by non-specialists. The development of the World Wide Web has been accompanied
by ubiquitous and initially mysterious clickstream technologies deployed to
collect personal data with unprecedented efficiency. As a result, the
exponential growth in e-commerce has been accompanied by a corresponding
increase in the trade in the personal data of website visitors. But the
element of surprise is almost spent. Regulators and the consumers they
represent are regrouping. Websites are now accountable for their practices.
In Australia no less than elsewhere in the global economy, creating and
implementing a website privacy policy has become both a business and legal
necessity. Factors include:
- Extensively documented consumer demand for credible assurances of the
online protection of personal information. This demand is accompanied by a
shift in the balance of power online from the merchant to the consumer.
- The incremental extension of the Privacy Act to Australian businesses from
21 December 2001. From that date large Australian businesses that have
previously ignored the e-commerce imperative to adopt and implement
privacy policies risk contravening the new law. Smaller businesses have an
additional year to comply.
- The proactive approach adopted by the Australian Competition and Consumer
Commission in promoting website standards of fair conduct.
- Insistence by the European Union on adherence to its strict privacy
standards by all businesses outside the EU that process the personal
information of EU citizens.
Website privacy policy statements (`privacy
notices') play a key role whether online `privacy' is considered a human right,
as a tradeable commodity, or as an issue that needs to be addressed if
e-commerce is to flourish. Not posting a website privacy notice is only an
option for the indeterminate number of small businesses which will not be
subject to the Privacy Act and which wish to ignore consumer concerns. Once
uploaded, not only the Privacy Act but also the fair trading requirements of
the Trade Practices Act and common law duties come into play in requiring
adherence to the privacy policies the website proclaims.
[Previous]
[Next]
[Title]