TRUSTe is an independent, non-profit privacy organization whose mission is to build users’ trust and confidence on the Internet by promoting privacy policy disclosure, informed user consent and consumer education. The TRUSTe privacy program is based on a branded online seal, the TRUSTe "trustmark," which bridges the gap between users’ concerns over privacy and Web sites’ desire for self-regulated information disclosure standards. The seal is awarded to Web sites that adhere to established privacy principles and agree to comply with TRUSTe’s oversight and consumer resolution process. A displayed trustmark signifies to online users that the Web site will openly share, at a minimum, what personal information is being gathered, how it will be used, with whom it will be shared, and whether the user has an option to control its dissemination. Other trustmark programs include the Children’s Privacy Seal Program, for Web sites directed at children under 13; EU Safe Harbor Program, for companies that do business with European companies; and E-Health Seal Program, for health Internet Web sites.

In this article Computer Economics, a research firm, says that banks and finance organizations are most likely to experience online privacy management problems. The research firm has created a privacy problem susceptibility index to rate sectors in terms of their likelihood to experience problems in relation to customer data in the next year. Factors affecting online privacy management include the speed at which sectors adopt e-commerce and online customer service, and the level of privacy protection that has been established within sectors. Customer privacy is considered compromised when customer data is mismanaged, when a firm’s Web site or internal systems are hacked, or when organizations do not follow internal privacy policies or external legal requirements in relation to customer privacy. Other sectors that ranked high in the susceptibility index include transportation, wholesale and retail. Those at the bottom included health care, insurance and federal government.

“This site has security measures in place to protect the loss, misuse and alteration of the information under our control, including, but not limited to: the use of VeriSign SSL certificate, firewall servers, network monitoring and secure database servers.” The site uses cookies for placing customer orders only. With the order form the site collects contact information (e-mail address) and financial information (credit card numbers), which is used only to fulfill its customer orders. Big Daddy Rx’s medical staff uses medical information to approve or decline orders for specific medications.

GIPPS is a research project designed to assess the extent to which U.S. consumer-oriented Web sites disclose their information practices and policies. The sample consisted of 351 dot-com Web sites visited by consumers at home. The survey addresses three questions. First, does the Web site collect any personally identifiable or demographic information from surfers? Second, has the Web site posted any privacy disclosures, either a privacy policy notice or any information practice statements or both? Third, the survey asks which of the following elements of fair information practices are contained in the privacy policy notice or information practice statement(s): notice, choice, access, and security.

This site is a member of the TRUSTe Privacy Program. Information provided for personal GO Network and ESPN.com accounts is shared among the GO Network and ESPN.com sites, but it is not shared with third parties without visitors’ consent. IP addresses are used to gather info about users’sessions. Cookies are used to determine preferences and track user trends and patterns. GO Network and ESPN.com share aggregate information about their users with advertisers, business partners, sponsors and other third parties. “You may occasionally get cookies from our advertisers. GO Network and ESPN.com do not control these cookies.” Information provided at the time of registration or submission from a guest 13 years of age or over may be used for marketing and promotional purposes by GO Network and ESPN.com and its affiliates or companies that have been prescreened by GO Network and ESPN.com. Guests can opt out of having their info used in certain ways. Teens are required to provide the e-mail address of a parent or guardian. A notification message is sent to the parent or guardian of all guests who are 13 to 17 old, which identifies the information supplied at registration and allows the parent or guardian to be aware of and participate in the guest’s online experience. “Unfortunately, no data transmission over the Internet can be guaranteed to be 100% secure.” When credit card information is transmitted, GO Network and ESPN.com use SSL (secure socket layer) encryption.

Hochhauser, a readability of written information consultant, explains why he decided to quit shopping at Amazon.com and what happened when he tried to cancel his account with the online company.

Some Pfizer Inc. Web sites use cookies to determine how and when pages in a site are visited and by how many people. This technology does not collect personal identifiable information but rather an aggregate, non-identifiable form. Pfizer collects personally identifiable information, such as names, addresses, e-mail addresses and the like only when voluntarily provided by a Web site visitor. Pfizer will notify the visitor as to the uses it intends to make of that information.

McDonald’s uses cookies only to obtain non-personal information to track the total number of visitors to its site on an anonymous aggregate basis. McDonald’s only gathers personally identifiable data, such as first and last names, addresses, and e-mail addresses when voluntarily submitted by a visitor. McDonald’s does not send unsolicited e-mail but responds to e-mail it receives. It offers links to other sites and warns visitors that if they visit a linked site, they should review their privacy policy and other policies. With respect to children 12 and under, McDonald’s offers features, like games and coloring books, which don’t require a child to provide any personal information, perhaps maybe an e-mail address, “but we promptly delete the e-mail address from our system.” “Personal information collected from children on this site is used solely by McDonald’s or other entities that provide technical or fulfillment services to McDonald’s for internal purposes like improving the site, or to fulfill requests; it is not sold or transferred to third parties.” Visitors can submit a form asking to review any personal information McDonald’s has about their child or asking to have that information deleted or not used.

The PRIVACY Forum includes a moderated e-mail digest and archive of those documents for the discussion and analysis of issues relating to privacy, personal and collective, in the information age. Topics include telecommunications, information and database collection and sharing, and a wide range of other privacy issues, as pertains to the privacy concerns of individuals, groups, businesses, government, and society at large.

Ticketmaster uses guests’ IP addresses to help diagnose server problems and administer its Web site. IP addresses are used to help identify and gather broad demographic information about guests. Demographic info is shared with advertisers “only on an aggregate basis so that they can tailor their advertisements to the appropriate audience.” Ticketmaster uses cookies to track guests’ purchases, to deliver content specific to guests’ interests and “for other purposes relating to your transactions on the site.” Guest contact information is provided to the venues and selected promoters of concerts and events for which guests purchase tickets. Ticketmaster also “uses customer contact information we collect in order to send you information and offers from our company and promotional material from some of our partners. We carefully select the information we send and make sure that it offers real value to you, such as discounts, exclusive offers or special event information.” It won’t share financial or unique identifier information with third parties without guests’ prior consent.

With respect to children under 12, Disney only collects information for online contests and games ­ child’s first name, birthdate and parents’ e-mail address. It may also collect personal information like a pet’s name, to help guests remember their Log-in Name and Password if they forget them. No information collected from guests 12 and younger is used for any marketing or promotional purposes, either inside or outside Disney’s sites. Disney says it allows parents to request at any time that the information collected about their child be removed from its database. Any time children 12 and younger register, Disney sends an e-mail notification to their parent or guardian. In addition, it requires parents give express permission before Disney will allow their children to use e-mail, message boards and other features where personally identifiable information can be made public to the Internet and shared with users of all ages. Disney also give parents 48 hours to refuse any registrations kids make in order to play games and contests. If Disney doesn’t hear back, it assumes it’s all right for a child to be registered.

When registering, Napster asks for a user name, password, e-mail address and the guest’s computer connection speed (part of each guest’s Personally Identifiable Information). Optional are age, income, education level, gender, postal code and country of residence (not part of PII). It may use aggregate info obtained to describe the makeup of the Napster community to third parties. Guests can have their hard drive scanned to share material with other Napster users, and select which directories they want scanned. If Napster’s plans regarding your Personally Identifiable Information change, it will post a notice on its Web site, giving guests an opportunity to delete their PII from its records. Each time someone logs in to Napster, Napster records the date and time of their login and collects the user name, connection speed and identification information on the files they’ve chosen to make available. All of this information is publicly displayed and/or available to any user of the Napster service, and may be recorded by any other user who chooses to do so, or by Napster. Napster also gathers and displays information on the number of files you are currently sharing and transferring, and the length of time you have been online. It currently doesn’t associate the files you transfer, the files you share, or the searches you perform with your Personally Identifiable Information.

Personal information is not collected unless willingly provided by a user. Any personal information provided is held confidential and is used for the purpose of filling orders or otherwise for the purpose for which the guest provided it. Nevada Bell may also use such information to offer other products or services of interest to you. This site may automatically collect information about Web site usage, such as how much time a visitor spends on a Web page. This information is not personally identifiable with the user and may be used (only in the aggregate) to improve our Web sites.

Sierra Pacific collects personal information only with informed consent. It uses collected information for personalization, identification, communication and in the conduct of business at its request. It does not sell or distribute personal information without express consent from the visitor. Visitors always have the right to request that their personal information be removed.

Although there was a link for “Privacy Policy” on the Web site, it was a dead link.

Verizon collects personal information such as name, address and e-mail address, when guests’ knowingly provide it. Its Web servers automatically collect statistical information about guests’ visits such as pages visited and which browsers are used to visit our site. It uses cookies to deliver Web content specific to your interests, to keep track of your online order and to control access to our premium content. When guests use Verizon’s Web site to order services, Verizon may use the info to publish your name, address and phone number in its directories; evaluate guests’ service needs and contact them regarding additional services. If the way we use personally identifiable information changes, Verizon will contact guests via e-mail notifying them of this change and provide the opportunity to opt out of such use. “In order to improve your experience with us, we may decide to improve our site’s ability to obtain information about users. We will update this privacy statement continually to ensure that you are aware of developments in this area.” Verizon doesn’t sell or give info to non-Verizon companies except: If you provide individually identifiable information at an event Verizon sponsors with another company, or if you register on a co-sponsored Web site, you may be providing the individually identifiable information to the co-sponsor.

The Privacy Rights Clearinghouse is a nonprofit consumer information and advocacy program, which offers consumers an opportunity to learn how to protect their personal privacy. The PRC was established in 1992 with funding from the Telecommunications Education Trust, a program of the California Public Utilities Commission. From 1992 through October 1996, the PRC was administered by the Center for Public Interest Law of the University of San Diego School of Law. It offers a hotline for consumers to report privacy abuses and request information on ways to protect their privacy; a series of fact sheets on privacy issues, available in English and Spanish; articles and other information.

RGJ may collect and store information, personal or otherwise, that users voluntarily supply. It also collects and store information that’s generated automatically as users navigate through its Web site. Unless the user informs RGJ otherwise, RGJ.com reserves the right to use and to disclose or sell to third party vendors or RGJ’s provider partners user information (e.g., user name and e-mail address) for purposes such as providing users with information about products and services. RGJ uses cookies to help deliver advertisements and identify unique browsers that visitors use and to track usage throughout its site. Some of its business affiliates and advertisers use cookies, which can be used to tell when your computer has contacted a Web site. “Please also note that as our business grows, we may buy or sell various assets. In the unlikely event that we, the bulk of our assets or one or more of our sites is acquired by another company, information on our users would be among the transferred assets.”

This article discusses the problems with online privacy policies, which began showing up on the Web in about 1996. Privacy policies are “ponderous, full of jargon or written so as to leave many surfers scratching their heads,” said Mark Hochhauser, psychologist and linguistics expert. Every policy studied is written at a college level or higher, he says. And in a nation in which most people read at the 10th-grade level or below, that means a minority will understand the policies. A single sentence in the policy of HealthCentral, for instance, has 174 words. Robert Pitofsky, chairman of the Federal Trade Commission, which monitors privacy online, said, “Some sites bury your rights in a long page of legal jargon so it’s hard to find them and hard to understand them once you find them. “Self-regulation that creates opt-out rights that cannot be found (or) understood is really not an acceptable form of consumer protection.” Visitors have to re-read policies every time they visit a Web site.

The article discusses a study by the Washington-based Electronic Privacy Information Center wherein it scrutinized privacy policies on 100 of the most popular online shopping sites and compared them with a set of basic privacy principles that have come to be known as “fair information practices.” The group found that none of the 100 sites met all of the basic criteria for privacy protection, which include giving notice of what information is collected and how it is used, offering consumers a choice over whether the information will be used in certain ways, allowing access to data that give consumers a chance to see and correct the information collected, and instituting the kind of security measures that ensure that the information won’t fall into the wrong hands. It found that 35 of the sites feature profile-based advertising, and 87 percent use cookies. All but 18 of the top shopping sites did display a privacy policy, but that did not satisfy the privacy group. The group concluded that the policies that were posted “are typically confusing, incomplete, and inconsistent.”

“Clients may rest assured in the complete security of all information transmitted over the Internet, during their dealings with Casino Internationale Curaçao. This includes both financial information and game details. The CryptoLogic Ecash system utilizes the CryptoLogic proprietary security system, to protect all information sent over the Internet. All transaction information is encrypted and decrypted using CryptoLogic’s proprietary security algorithm, which employs a symmetric key algorithm with key lengths several times longer than DES and full key management (which secures each transaction from third-party access).”

The e-mail addresses provided when purchasing tickets online or to subscribe to Southwest Airlines e-mail updates will not be shared with any third parties. Personal, billing and payment information provided to purchase tickets online will not be shared with or sold to anyone outside of Southwest Airlines nor to any third party. Southwest Airlines uses cookies to recognize guests’ browsers and remember their passenger names and billing information for guests. This information except guests’ credit card numbers is saved to guests’ hard drive by the Southwest Airlines Web server and can only be accessed by the Southwest Airlines Web server. Southwest Airlines also uses cookies to track the effectiveness of online advertising. This info is not shared with anyone outside of Southwest Airlines. 

The study reports the extent to which the Top 100 commercial Web sites have posted privacy disclosures based on fair information practices. Results showed that 98% of the Top 100 collected at least one type of personal identifying information ­ name, e-mail address, postal address; 75% collected at least one type of demographic information ­ gender, preferences, zip code; 74% collected both. Only one site collected no personal information. As for the disclosure of privacy policies, 93% of the 100 posted at least one type, a privacy policy notice or an information practice statement. The content of all privacy disclosures were analyzed for four elements of fair information (notice, choice, access and security) and whether or not they posted contact information for consumers to ask questions or complain about privacy. Of the 93 sites that posted a privacy disclosure, 93.5% included one survey item for notice, 83.1% offered at least one form of choice, 50.5% of the sites contained at least one survey item for access, 51.6% contained at least one survey item for security and 59.1% contained at least one survey item for contact information.

UNR logs server information to identify: usage levels of specific areas of our site; origin of our site’s audience; and browser and operating system of site visitors. It doesn’t associate IP addresses with individuals. UNR logs search terms entered into the UNR search engine; this data isn’t associated with individual visitors. Other than information provided by visitors, the UNR Web site does not collect personally identifiable information (e.g., name, email, address.) It will not sell, exchange or otherwise distribute personally identifiable information without the visitor’s consent, except to the extent required by law. UNR Web sites may use cookies to track the date of last visit to a specific page or to identify a session at a particular Web site. The site has security measures in place to protect the loss, misuse and alteration of data collected.