Perhaps the most prominent issue in the retail and systems industries is balancing security versus privacy. The debate can get quite heated, sometimes even emotional. The crux of the issue is about forfeiting certain rights (mainly involving personal privacy) in the name of security, so those on both sides of the fence are passionate in their approach.
The issue has gained momentum in the past few years and is often in the media spotlight. Public opinion has dramatically changed, even more so in the wake of Sept. 11, 2001. Since then, we have become more serious about reevaluating our security methods and techniques.
Security measures and practices that once seemed like science fiction are now popping up everywhere, with more acceptance by society as a whole. In fact, a recent Harris Poll shows that 86 percent of those surveyed are in favor of using biometric facial surveillance to enhance security. Additionally, that same poll noted 81 percent of respondents favored closer monitoring of both banking and credit card transactions.
The privacy factor
Using some form of security has been a common business practice for many years now. It is the additional element of privacy that throws the equation off balance. It’s not the technology that is in question, but rather a question of how we use the technology.
Retailers have to deal with the potential problem of customer privacy on various levels, such as dressing room, store surveillance and data gathering. Even though these functions seem to be somewhat independent, they are all rooted in security. Some of these practices—especially regarding video surveillance—have always caused concern. In actuality, retailers have been coping with the privacy factor by being required to post notices in their establishments, for example, alerting shoppers to the use of such surveillance.
Retailers are in a unique position that allows them access to ample amounts of customer information. They need to practice tried and true marketing strategies; in the past, such customer information served as the basis for many of these types of functions. If they offer in-store financing or a store-sponsored credit card, they have even more personal, more sensitive information, all of which needs to be protected from both the inside and out. In the past, it was easy to manipulate this data, use it for sales and marketing purposes; and that would be the extent of it. Times have changed. Customers are more protective of their personal information and there is also the growing, realistic threat of identity theft.
Enter the watchdog
With the ever-increasing popularity of e-business, the retail industry has been faced with new concerns regarding the use of the Internet’s World Wide Web and privacy and security. According to a January 2003 poll conducted by BizRate.com, 82 percent of e-shoppers do stop to review their privacy statements on-line, indicating more awareness in this area as well.
Enter the influential watchdog group known as TRUSTe (www.truste.org). This organization is an independent, non-profit group that assists and aids e-tailers in their privacy and security endeavors. Most is accomplished through voluntary participation in their privacy certification program.
Established in 1997, the group has in excess of 1,500 participants, including heavy hitters such as eBay, Amazon and Eddie Bauer participating in their program. In addition, companies such as Microsoft, America Online, AT&T Wireless and Intuit are among the list of well-known sponsors.
Participants agree to abide by and agree to follow the following set of rules:
• Publicly disclose their information gathering and dissemination practices.
• Give their customers an opportunity to choose to limit the secondary uses of their personal information.
• Provide access to the customer and permit the ability to review and correct any inaccuracies to their personal information if they find any discrepancies.
• Take reasonable security measures so that all collected, personal information is protected.
In recent years, the federal government has been thrust into a position of leading the charge. The government has set precedents in this area by passing revolutionary laws aimed at establishing guidelines in this area.
Some of the most notable, albeit sometimes controversial, include HIPAA, SARBOX and GLBA (see box on page 58 for more information). But the granddaddy of them all dates back to the U.S. Privacy Act of 1974. This was the first attempt at establishing guidelines on individual’s rights regarding privacy.
Staying abreast of changes in security system offerings is not enough anymore, although it is still a necessary function. To truly be vigilant about the subject, businesses now need to keep other issues, such as privacy, in mind so that everyone is safe, secure and protected.
STONG-MICHAS, a freelance writer, lives in central Pennsylvania. She can be reached at JenLeahS@msn.com.