What is privacy? Privacy is a big buzzword these days. Sites have long, involved privacy policies -- many of them 15 to 20 paragraphs long. The Federal Trade Commission is talking about a need for legislation to correct problems with online privacy.
The fact is, privacy is something that has great importance to most consumers, and negative importance to all too many marketers. The moment we agree not to call, not to fax, not to spam the customer into next week, we have given up "eyeballs." Marketing is all about eyeballs, all about buzz, all about getting in the consumer's face, right up close so they can see our pores.
Privacy is anathema to these in-your-face marketing models. Privacy means leaving customers alone, not selling everything we can to them. Privacy means not selling the "eyeballs" we have to our would-be marketing partners. Privacy, the way consumers' rights advocates go on about it, seems to imply a kind of distant, formal relationship -- not one where you can keep in touch.
This is simultaneously true and false. Modern marketing is surprisingly close to stalking. We collect data. We analyze it. We predict. One British grocery store chain experimentally sent out pamphlets to women reminding them that it was about time for them to stock up on feminine products; the campaign was dropped quickly. The fact is, the marketing instinct tells us we need to know about people, and we want to find out about them, whether the people tell us themselves or we collect the data from "partners." At the same time, we give those partners the juiciest tidbits we can find.
The end result is that consumers are, justifiably, terrified of us. They know that a phone number given "for questions about your order" will quickly turn into dinnertime sales pitches. They know that a street address given for shipping today will receive piles of glossy pamphlets next week. And they want it to stop. So, they avoid us -- because we're trying to get too close, without any concern for what they want. If we give them a little space, we may find we have closer, and more willing, relationships with them!
So, with this in mind, let me walk you through a few key points that may help you understand what privacy policies are really about, how to write a good one, and why it matters.
The first order of business is this: People hate fine print. Really. They hate it. There's an urban legend about an insurance company that once put a paragraph on page 17 of a policy saying, "If you read this paragraph, call our corporate offices at (800 number) and we'll pay you $100.00." No one tried to collect. None of them read that far; the state law mandating the "full disclosure" was irrelevant. (This was, supposedly, why the insurance company put the paragraph there; they wanted to show that the law was irrelevant.)
Some companies try to capitalize on this: They hide the most odious terms near (but not quite at) the end of the document, and disguise them behind confusing double and triple negatives. They say things like, "If you decide that you no longer wish not to be excluded from our mailing list, you may send a request stating your preference to...". Most people don't notice -- and thus, are offended when you try something funny. The ones that notice will never trust you.
So, if your policy is going to do you any good, it must be short, and it must be in clear language. It has to be unambiguous, and it has to be easy to understand.
Secondly, the policy actually has to be a good one. The reason we write such long, wordy policies is that /we know customers won't like it if they understand it/. As soon as we commit to writing a policy the customer can understand, we have committed to writing a policy the customer will like. Would you write a clear, comprehensible, policy, if you knew the customer would hate it?
Your policy, then, has to provide warm fuzzies. If you're writing in clear language, that means you have to make some promises that will probably terrify your marketing department. Promises like: "If you provide an e-mail address for order confirmation, it will be used only for correspondence related to your orders. It will not be used for marketing or promotional material, and it will not be shared with third parties unless you ask us to share it." Read that little passage again; it's a paraphrase of the policy that got me hooked on the bookstore I've used for all my online book shopping in the last few years (see Resources <#resources>). Having read that, wouldn't you feel safe handing out your real e-mail address, not just a throwaway Hotmail account, to this company, knowing that you won't be deluged with spam?