By Melanie Alakkam, Business Standards Analyst
The Internet has become a universal source of information for millions
More than ever, consumers care and are worried about the privacy and security of their personal information. Consumers are aware that if sensitive data falls into the wrong hands, it could lead to fraud or identity theft. Businesses should understand the importance of being clear about what is done with consumer data and what data is being collected. Safeguarding personally identifiable data is quickly becoming an increasingly important role as a best business practice in today’s marketplace. Businesses with clear privacy policies can stand out against their competitors.
Failure to comply with Standard 7 of the BBB Code of Business Practices could lead to suspension or revocation of the accreditation status of a business. This standard requires the following:
7. Safeguard Privacy
Protect any data collected against mishandling and fraud, collect personal information only as needed, and respect the preferences of customers regarding the use of their information. An accredited business or organization agrees to:
A. Respect Privacy
Businesses conducting e-commerce agree to disclose on their website the following:
• what information they collect,
• with whom it is shared,
• how it can be corrected,
• how it is secured,
• how policy changes will be communicated, and;
• how to address concerns over misuse of personal data.
B. Secure Sensitive Data
Businesses that collect sensitive data online (credit card, bank account numbers, Social Security number, salary or other personal financial information, medical history or records, etc.) will ensure that it is transmitted via secure means. Businesses will make best efforts to comply with industry standards for the protection and proper disposal of all sensitive data, both online and offline.
C. Honor Customer Preferences
Businesses agree to respect customer preferences regarding contact by telephone, fax and e-mail, and agree to remedy the underlying cause of any failure to do so.
BBB is not a regulatory or law enforcement agency, but does recommend that business owners be aware of the FTC's stance on consumer privacy. An FTC report on consumer privacy in May 2012, Protecting Consumer Privacy in an Era of Rapid Change: Recommendations For Businesses and Policymakers, calls on businesses to implement best practices to protect consumers’ private information. The report goes on to say that the FTC is calling on Congress to consider enacting baseline privacy legislation and reiterates its call for data security legislation. At the same time, the FTC urges businesses to accelerate the pace of self-regulation.
For many businesses, collecting sensitive consumer information is a vital part of daily business. As more e-commerce transactions take place on the Internet, businesses are collecting, storing, and sharing more information about consumers than ever before. While businesses are providing service to consumers, they should not do so at the expense of consumer privacy.
Should you have questions about privacy policies and Standard 7 of the BBB Code of Business Practices, feel free to contact Phylissia Landix, Director of Ad Review, at firstname.lastname@example.org, or Melanie Alakkam, Business Standards Analyst, at email@example.com.