Before you enter your name, address or any other data in that form, STOP! Wait. Don’t enter anything yet. If you do, you may be giving away personal information to strangers, and you know what your mom said about talking to strangers.
Okay, back up a minute. You want to buy a new necklace for your wife at that great dot com you recently found. They require you to fill out a form first – your name, address, phone number and credit card information. They also want your email address, gender and income range.
So you know these people? Think about it for a minute. How many of your friends (even your best ones) have you told your true age or how much money you make. Have you divulged your credit card data to your co-workers at work? Perhaps you give your social security number to the kid at the McDonalds?
I didn’t think so. Then why do you insist on giving this data to a faceless computer? You don’t have any idea who is on the other side of the screen – yet every day you give away information that you would never dream of telling your parents or best friends.
Before typing in the information look around the site until you find a link named "privacy". Usually it is on the bottom of the home page (at least), and good sites will have a link to it from EVERY page. Click on the link and read the policy from start to finish. Make sure you understand it – if there are any words you do not understand pull out your handy dictionary and check them out. Once you are done, read it again. Slowly.
What’s so important about this that it requires all this work? Look, you are giving out personal data about yourself. The web site owners have an obligation to inform you how this data is going to be used.
How do you get in contact with the owners of the company?
How do you erase your private data or remove yourself from mailing lists?
Are they going to keep your information to themselves or sell it to third parties? If so, can you stop this and how?
What are they going to do with your credit card data? How do they keep it safe?
Why do they need the information? For example, our site asks each person who signs up for an award their age. Why? Because the COPPA law does not allow us to collect information from people under 13 years old. How else are you going to ensure you are in compliance with this kind of law except to ask?
Do they make use of your TCP/IP address and other similar information, and if so what is it used for? Virtually every site logs this data, but rarely is it used for anything except mass statistics and error checking.
If the site has third party advertisers, banners, web bugs, banners and so on, what similar information is available for how they use any information? This is most pertinent for cookies and TCP/IP data that is automatically logged. At the very least, their should be links to third party sites so you can look at their privacy policies also.
Are there any special relationships such as partners who use the information also? If so, how is that information shared and used? If the web site asks for information, how do they ensure that COPPA (a law which attempts to ensure that information is not gathered from minors without their parents permission) is adhered to.
Under what conditions will you receive mailings and how do you opt- in and out of them.
So now, go finish ordering new jewelry for your wife. That’s important.