Signature service for online customers today involves the creation of the personal online shopping experience. Just as a good salesperson in a brick-and-mortar store can help a shopper find needed merchandise quickly and easily while subtly introducing related items, personalization software allows Internet sites to target shoppers individually and remember not only who they are, but what they seem to like.
Millions know that this kind of personalized shopping certainly has its advantages. Customers can create profiles that include their buying and shipping information, so that they need not bother to reenter that information each time they purchase from the site. Once they've registered and surfed, the site can direct them to areas they seem to prefer, bypassing others that appear to spur no interest. One of the early leaders in such direction was Amazon.com.
However, personalization continues to have its drawbacks. With growing concerns being voiced over privacy issues on the Internet, and the broader issue of identity theft, personalization has drawn the unwanted spotlight of public and even governmental scrutiny. Because personalization involves tracking a customer both by identifiable and nonidentifiable information, privacy becomes a very real issue for e-commerce sites.
Invasion of Privacy
Personalization as it was originally conceived was simply meant to be a way of altering information given to online customers to match their individual interests. While there doesn't appear to be anything amiss with that approach, other extensions from the concept began to appear.
Companies that stored personally identifiable information, or PII, such as names, addresses, phone numbers, credit card numbers, and even Social Security numbers, began to sell or share that information with other companies, allowing those third parties access to customers who had not requested their services. Spam e-mails began to proliferate, but even that seemed minor compared to the more troubling vision of credit card numbers being abused, either within a company or by hackers.
Not surprisingly, customers who were bombarded with spam e-mails or credit card bills with unauthorized charges became concerned and angry over what they viewed as an invasion of their privacy. Even if they'd authorized the originating company to use that information, many felt they hadn't been informed -- and in many cases, they hadn't -- of how that information would be used.
Bridging the Gap
Bonnie Lowell, once a co-chair of the Personalization Consortium's Privacy Committee, and a longtime advocate of responsible personalization, has said that companies wanting to balance personalization with privacy should, first and foremost, be clear about the privacy policies on their sites. "Disclosure is commonly done in the form of a privacy policy posted at the e-business site," she says. "However, there are new software services aimed at promoting online privacy by offering intelligent, managed disclosure methods, including the ability to make a privacy policy interactive through a new technology standard called P3P."
P3P, or Platform for Privacy Preferences, is technology designed to simplify the user's process of understanding a site's privacy policy. P3P would collect the user's privacy preferences and screen through a privacy policy, flagging any discrepancies between the user's preferences and the site's stated actions.
Another important consideration, according to Lowell, is participation management. Using a combination of opt-in and opt-out will allow customers control over the personalization experience, and keeping the customer informed of that control is important as well. "The ultimate goodwill an e-business can provide their customers with is a combination of opt-in and opt-out that is clearly disclosed in a privacy policy," says Lowell.
Do's -- and a Don't
Lowell provides a list of suggestions for sites trying to bridge the gap between privacy and personalization:
- Do understand your customer base and desired results. Without this knowledge, it's difficult to select from the different categories of available personalization software.
- Do provide the best method of disclosure possible; always have an up-to-date, clearly accessible privacy policy.
- Do provide the best method of program participation possible. A combination of opt-in and opt-out is optimal.
- Do only take the customer PII that is absolutely required to perform a business process, such as credit and shipping information. Most information required to personalize a customer is not personally identifying -- such as travel and restaurant preferences -- and doesn't need to be tied back to their identity.
- Do educate your entire company, not just the team doing the personalization implementation, about PII handling practices. A fair amount of PII exposure happens from the mishandling of printed information within a company.
- Do plan and implement methods of access to any PII stored about your customers.
- Don't sell your customers’ PII (including e-mail addresses) unless they have consented and you are providing them with a value for it. Web surfers hate spam and are often aware of its origins, making sure they avoid the offenders and pass their names along to friends, family, and co-workers.
The Future of Privacy and Personalization
Following Lowell's recommendations to assuage privacy fears is only the beginning. As personalization techniques become more sophisticated and intelligent, companies will need to increase their privacy measures to keep increasingly savvy consumers from clicking away from what they see as a high risk.
But if e-commerce sites think "out of the box" and find different ways to use existing technology, privacy issues may fade and recede, says Michael Ponder, formerly the Internet Research Manager for JCPenney and now an Internet researcher and consultant. "Privacy and personalization doesn't have to be an 'either/or' question," he says. "The question has always been how that information is used."
The future Ponder sees for the Internet requires the retooling of current personalization concepts. "Why create profiles of a customer's past?" he says. "At least one-third of the time, customers are not shopping for themselves, so at least thirty-three percent of a customer's profile is just plain wrong."
Instead, he suggests Web businesses focus on serving the need, not the profile. "The technology exists today to serve the customer's current needs," he says. "When you go into a brick-and-mortar store, you expect the salesperson to help you find what you need that minute, not what you needed the last time you shopped there. Web sites should do the same thing: focus on what the immediate need is, not the past history."
By doing that, Ponder believes that privacy issues can be reduced considerably. "Don't try to steer or force sales, just try to help the customer," he says. "There's no privacy issue if the control of the technology is in the viewer's hands. 'Collaborative' will be the key word."
But Ponder acknowledges that focusing on the immediate needs of the customer still requires the e-tailer to back off from traditional marketing practices of selling information and engaging in spam e-mail. "Some say those names are worth money," he says. "But they're becoming less and less worthwhile, especially as customers become more and more hostile. People are not demographic blocks. They need to be seen as units needing help, not names on a list to be sold. People don't want to be 'marketed at' -- it's the unwanted stuff they get that annoys them and drives them away."
|
