Sistema de Prestaciones de Salud

Privacy and security are two separate and distinct issues. As mentioned, privacy, in an informational context, concerns an individual right. Security is a process; it is the manner of assessing the threats and risks posed to information and taking the appropriate steps to protecting that information against unintended or unauthorized access, use, intrusion, or such other dangers as accidental loss or destruction.

In between the two is confidentiality, the obligation of a custodian to protect the personal information with which it has been entrusted. This is what privacy policies attempt to address. All three, however, are important.

Swire and Litan, in their book, None of Your Business, admit that greater security would likely increase consumer confidence and lead to an increase in business to

consumer electronic commerce. They site such technological advances as cryptography and secure electronic transfer protocols as solutions to consumer security concerns. They do not believe that regulated privacy policies are undoubtedly the correct answer for all consumer-to-business commerce.43

One respondent to this survey stated, “Security is more important than privacy. Business this day means conglomerates collect data on you from any source possible. Unless you are a hermit, they will find you. It would be better if I could use digital signatures and encryption far more often.” Would added security increase consumer confidence more than displayed privacy policies? This is a question that possibly necessitates further study.

Interestingly enough, my study’s findings show that users were less likely to provide salary information than medical information to a web site asking for that information (table 8). This result concurs with a 2000 survey conducted by Andersen

Consulting’s Institute for Strategic Change and the Owen School of Business at Vanderbilt University.44

A significant difference in willingness to provide information to a web site without a privacy policy was measured between over and under 35 age groups (table 13). It would be interesting to look into this significance further. In addition, one may want to complete a thorough investigation of motives that may cause younger people to be more likely to provide information to a web site without a privacy policy.

I conclude that people are concerned about privacy policies (as shown in table 5 by the response to the question, “I consider myself to be a private person.”). Many respondents, however, do not often read privacy policies (43.6% read online privacy policies “rarely” or “never”, table 4). A natural question that arises is, “Why not?”

A few of the comments provided by these subjects seem to offer an answer. Several of the respondents claimed that they did not understand the privacy policy, “(I) couldn't understand their table. It seemed they are collecting all that data and then selling it because it said ‘trading in personal data’.”

One study, conducted by Harris Interactive in 200145, concluded that although a large majority of Americans feel that privacy policies are important, most people find them too long and complicated. The survey’s key findings include:

• 77% of respondents favored a short, concise privacy policy

• 70% of respondents agreed that companies "should use the same summary or checklist for their privacy policies"

• More than half of respondents identified six separate categories of information that they said were "very important" or "important" elements to be considered for a privacy policy

• Only three percent of respondents reviewed online privacy notices carefully most of the time while nearly 64% did not read notices at all or have only glanced at them

• Only 12 percent reported reviewing financial notices carefully

• The top reasons cited for not reading privacy policies more carefully were a lack of time/interest and a high level of difficulty understanding the notices

"That consumers care deeply about privacy matters is a given," stated David Klaus, executive director of the Privacy Leadership Initiative. "What is new here is that for the first time we have a survey which quantifies growing consumer frustration as they wade through lengthy privacy notices."

"The first step to help consumers is development of short, clear privacy notices that consumers will read and trust," continued Klaus. "The next step is to educate

consumers on what privacy statements mean and how they can come to rely on them with confidence. Educating consumers is the mission of PLI, and this study should serve as a wakeup call to businesses to take the next step and educate consumers on matters of personal privacy."46

Consequently, another recommendation for further study, in addition to security research, would be to investigate the effects of shorter privacy policies on users’

willingness to read web site privacy policies. Various methods of displaying this data could be explored.

Notes

1

U.S Department of Commerce, United States Department of Commerce News, 20 February, 2002, 15 March 2002 <http://www.census.gov/mrts/www/ecom.pdf>.

2

Michael Pastore, "U.S. E-Commerce Spikes in Q4 2001," CyberAtlas. 20 February 2002, 15 March 2002 <http://cyberatlas.internet.com/markets/retailing/article/0,,6061_977751,00.html#>.

3

Roger Clarke, "Information Privacy on the Internet: Cyberspace Invades Personal Space," M ay/June 1998, 2 February 2002 <http://www.anu.edu.au/people/Roger.Clarke/DV/Iprivacy.html>.

4 _{Forrester Research, Inc., NRF/Forrester Online Retail Index, January 2000, 2 February 2002} <http://www.forrester.com/ER/Press/Release/0,1769,253,FF.html>.

5

"2001 UCLA Internet Report Finds Declines in E-Commerce: Major Concerns About Online Privacy and Credit Card Security," News, 29 November 2001, UCLA Center for Communication Policy, 15 March 2002 <http://www.ccp.ucla.edu/pages/NewsTopics.asp?Id=29>.

6

Federal Trade Commission, Self-Regulation and Privacy Online, A Report To Congress, July 1999, 1 March 2002 <http://www.ftc.gov/os/1999/9907/privacy99.pdf>.

7

Federal Trade Commission, Privacy Online: Fair Information Practices in the Electronic Marketplace, A Report To Congress, May 2000, 1 March 2002 <www.ftc.gov/reports/privacy2000/privacy2000.pdf>. 8

Federal Trade Commission, 2000 Report to Congress. 9

Lorrie Faith Cranor, Joseph Reagle, and Mark S. Ackerman, "Beyond Concern: Understanding Net Users' Attitudes About Online Privacy," AT&T Labs-Research Technical Report TR 99.4.3, 14 April 1999. 10 _{Directive 95/46/EC of the European Parliament and the Council, October 24, 1995, Official Journal of} the European Community, L281 23 November 1995, p. 31.

11

William J. Scheibal and Julia Alpert Gladstone, "Privacy on the Net: Europe Changes the Rules," Business Horizons, May-June 2000, p. 13.

12

Owen D. Kurtin and Beth Simone Noveck, "Financial Community Fixes on Online Data Privacy," The National Law Journal, 24 January 2000, c12.

13

Peter P. Swire and Robert E. Litan, None of Your Business (Washington D.C.: Brookings Institution Press, 1998) vii.

14

"CDT's Guide to Online Privacy," Center for Democracy and Technology, Chapter Two: Privacy Basics, 10 December 2001 <http://www.cdt.org/privacy/guide/basic/>.

15

Federal Trade Commission, Privacy Online, A Report To Congress, June 1998, 1 February 2002 <www.ftc.gov/reports/privacy3/ >.

16 _{CDT’s Guide to Online Privacy}

17 _{Federal Trade Commission 1999 Report to Congress.} 18

Federal Trade Commission 1999 Report to Congress. 19

Raphael Franze, "Privacy Standards for Web Sites: Web Seals," The Internet Law Journal 5 February 2001, 2 February 2002 <http://www.tilj.com/content/ecomarticle02050103.htm>.

20

"The TRUSTe Program: How It Protects Your Privacy," TRUSTe web site, 10 February 2002 <http://www.truste.com/consumers/users_how.html>.

21

Paola Benassi, "TRUSTe: An Online Privacy Seal Program," Communications of the ACM February 1999: 56.

22

“About TRUSTe,” TRUSTe web site, 10 February 2002 <http://www.truste.com/about/about_doubleclick.html>.

23 _{“About BBBOnline,” BBBOnline web site, 15 February 2002 <http://www.bbbonline.org/business/>.} 24 _{“About BBBOnline,” BBBOnline web site, 15 February 2002 <http://www.bbbonline.org/business/>.} 25 _{Privacy Bot <http://www.privacybot.com/>.}

26

CPA WebTrust <http://www.cpawebtrust.org/>. 27

BetterWeb Program <http://www.pwcbetterweb.com/>. 28

Sean Doherty, "Keeping Data Private," Network Computing 25 June 2001, 16 February 2002 <http://www.networkcomputing.com/1213/1213ws1.html>.

29

"FTC Announces Settlement With Bankrupt Website, Toysmart.com, Regarding Alleged Privacy Policy Violations," Press Release, Federal Trade Commission, 21 July 2000, 24 February 2002

<http://www.ftc.gov/opa/2000/07/toysmart2.htm>. 30

Tom Kirchofer,"Value of Web Privacy Seals Questioned," Boston Herald, 31 Jul 2000: B2. 31

Federal Trade Commission, 2000 Report to Congress.

32 _{Mary Culnan, Georgetown Internet Privacy Policy Survey: Report to the Federal Trade Commission,} June 1999, 22 February 2002 <http://www.msb.edu/faculty/culnanm/gippshome.html>.

33 _{Luc Hatlestad, “Online Privacy Matters,” Red Herring 18 January 2001, 15 February 2002} <http://www.redherring.com/industries/2001/0118/ind-mag-90-privacy011801.html>. 34

Greg Sandoval, "McCain -led group introduces Net privacy bill," CNET News.com

26 July 2000, 28 February 2002 <http://news.com.com/2100-1017-243708.html?legacy=cnet>. 35

Alfred Hermida, “U.S. U-turn on Online Privacy Laws,” BBC News Online, 4 October 2001. 2 February 2002 <http://news.bbc.co.uk/hi/english/sci/tech/newsid_1579000/1579545.stm>.

36

"Privacy on the Internet: 2001 Survey Results," Data Collected and Analyzed by Hanrick Associates, 22 February 2002 <http://www.ehanrick.com/products/privacy.pdf>.

37

"First Major Post-9/11 Privacy Survey Finds Consumers Demanding Companies Do More To Protect Privacy; Public Wants Company Privacy Policies To Be Independently Verified," Press Release, Harris Interactive survey, 20 February 2002, 20 March 2002

<http://www.harrisinteractive.com/news/allnewsbydate.asp?NewsID=429>. 38 _{Privacy on the Internet: 2001 Survey Results}

39

James S. Wilson, “The Use of Survey Data In Privacy Research,” Master's Paper, School of Information and Library Science, University of North Carolina at Chapel Hill, 2000: 48.

40

Wilson 55. 41

OECD Privacy Statement Generator 10 February 2002 <http://cs3- hq.oecd.org/scripts/pwv3/pwhome.htm>.

42

Flying Buffalo Inc. is a game company that was started in 1970 by Rick Loomis and Steve MacGregor. Their primary business is play by ma il. They act as the referee for multi-player, hidden-movement games that are played by the players sending their moves to Flying Buffalo every two weeks by postal mail, email, or fax. Their most popular play by mail game is the award-winning Starweb. Flying Buffalo Inc. P.O. 1467 Scottsdale, AZ 85252 <http://www.flyingbuffalo.com/>.

43 _{Peter P. Swire and Robert E. Litan, None of Your Business (Washington D.C.: Brookings Institution} Press, 1998) 82.

44

Lisa Roner, "Consumer Internet privacy concerns – hype or reality?" eyeforpharma, 10 October 2000, 15 April 2002 <http://www.eyeforpharma.com/index.asp?news=3145>.

45

“Privacy Notices Research Final Results” Conducted by: Harris Interactive, Inc., Total Respondents: 2,053 adults who are U.S. residents, age 18 and over, Study Number 15338

<http://www.ftc.gov/bcp/workshops/glb/supporting/harris%20results.pdf>. 46

“Privacy Notices Miss the Mark with Consumers. New Harris Poll: Consumers Value Privacy Policies, Seek Shorter, Easier to Read Notices," News Release, understandingprivacy.org, 3 December 2001, 1 February 2002 < http://www.understandingprivacy.org/content/newsroom/newsreleases/12_03_01.cfm>.

“2001 UCLA Internet Report Finds Declines in E-Commerce: Major Concerns About Online Privacy and Credit Card Security.” News. 29 November 2001. UCLA Center for Communication Policy. 15 March 2002

<http://www.ccp.ucla.edu/pages/NewsTopics.asp?Id=29>.

Albarran, Alan B., David H. Goff, eds. Understanding the Web: Social, Political, and Economic Dimensions of the Internet. Ames: Iowa State University Press, 2000. Alderman, Ellen, and Caroline Kennedy. The Right to Privacy. New York: Alfred A.

Knopf, 1995.

Ashley, Paul P. Say It Safely: Legal Limits in Journalism and Broadcasting. Seattle: University of Washington Press, 1956.

Barrett, William P. “Does the FBI Have a File on You?” Forbes 3 Oct. 1988: 184. Benassi, Paola. “TRUSTe: An Online Privacy Seal Program.” Communications of the

ACM February 1999: 56.

Branscomb, A.W. Who Owns Information? From Privacy to Public Access. New York: Basic Books, 1994.

Clarke, R. “Information Privacy on the Internet: Cyberspace Invades Personal Space.” May/June 1998. 2 February 2002

<http://www.anu.edu.au/people/Roger.Clarke/DV/Iprivacy.html>. Clarke, R. “Internet Privacy Concerns Confirm the Case for Intervention.”

Communications of the ACM February 1999:2.