Negotiating Privacy Decisions: Roadblocks and Detours on the Information Highway
September 13, 2005
• HOW WE MAY MODIFY THIS CONTRACT.
We may change this contract at any time. You must review this contract on a regular basis. You can find the most recent version of the contract at http://messenger.msn.com/Help/Terms.aspx. The changed contract is in effect right away. If you do not agree to changes in the contract, then you must stop using the Service. If you do not stop using the Service, then your use of the Service will continue under the changed contract.
Changes to this Statement
We will occasionally update this Privacy Statement to reflect changes in our services and customer feedback. When we posts changes to this Statement, you will see the word "updated" next to the MSN Privacy Statement link on the front page of MSN. If there are material changes to this Statement or in how Microsoft will use your personal information, we will prominently post such changes prior to implementing the change. We encourage you to periodically review this Statement to be informed of how Microsoft is protecting your information.
This last issue is particularly difficult to navigate, and represents a real tension between marketers and consumers. Obviously, for marketers the point is to have ongoing access to your information, and to retain the right to market to you. Web sites want your information now, and they want to continue to have access to that information in the future. From their perspective, if you say ‘no’ to information release, it hurts them:
"Whenever a customer unsubscribes from future marketing messages, it has a measurable impact on the bottom line. Losing permission limits your ability to market your products or services to the customer. It also limits your ability to manage the relationship with this customer. We call this dynamic "permission churn.""
Lyons, D., & Fletcher, W. (2002, June). Ask for permission and keep your customers. Customer Inter@ction Solutions. 20(12), 40-44.
They respond by making privacy policies complex and difficult to understand, by assuming consent and requiring consumers to ‘opt out’ in order to protect information, and by making it difficult to revoke consent once offered.
In some cases, initial consent is assumed, and consumers are required to ‘opt out’ if they want their private information protected. In the U.S., for example, the Financial Services Privacy Act requires that consumers have the option of ‘opting out’ of the sale of their personal information to other parties. Financial institutions, however, want to maintain this right, and there are explicit strategies for doing so:
“DO include unsubscribe information in every communication you send. HOWEVER, this information does not have to be a direct hyperlink, nor should you feel you need to make it too easy to opt-out. It's a fine line you walk here - you don't want folks opting-out on a whim, just because they got up on the wrong side of the bed that morning. By the same token, you must make it possible for them to say "Thanks, but no thanks." One or two extra steps to the opt-out procedure are acceptable”
It is no surprise that organizations such as the Privacy Rights Clearinghouse have taken the step of creating information sheets such as ‘Financial Privacy: How to Read Your Opt-Out Notices’ – opt-out notices are not written to be clear, understandable, and easily executable. They are written to minimize opt-out. It gets worse, of course. Not only do companies make it difficult to exercise an ‘opt out’ option, they may in fact share the information they collect from you for the purpose of opting out.
In the vast majority of cases, privacy policies, opt-out procedures, and procedures for revoking consent are designed to be difficult to understand and, in the latter two cases, difficult to implement. It isn’t that the problems couldn’t be resolved – in fact, just the opposite. Marketers are using their knowledge of consumer motivation and psychology to design policies that maximize information release – consumers need to get into the act and demand policies that make it easier both to understand what their consent means, and to withdraw that consent if they wish.
Thanks to Melissa Cheater and Jackie Strandberg for their research assistance.