The Future of Privacy Policies: A Privacy Nutrition Label Filled with Fair Information Practices, 26 J. Marshall J. Computer & Info. L. 1 (2008) (pdf)

Article PDF cannot be displayed. You can download it here:

https://repository.jmls.edu/cgi/viewcontent.cgi?article=1649&context=jitpl

The Future of Privacy Policies: A Privacy Nutrition Label Filled with Fair Information Practices, 26 J. Marshall J. Computer & Info. L. 1 (2008)

The John Marshall Journal of Information Technology & Privacy Law Volume 26 Issue 1 Journal of Computer & Information Law - Fall 2008 Article 1 Fall 2008 The Future of Privacy Policies: A Privacy Nutrition Label Filled with Fair Information Practices, 26 J. Marshall J. Computer & Info. L. 1 (2008) Corey A. Ciocchetti Follow this and additional works at: http://repository.jmls.edu/jitpl Part of the Computer Law Commons, Consumer Protection Law Commons, Internet Law Commons, Marketing Law Commons, Privacy Law Commons, and the Science and Technology Law Commons Recommended Citation Corey A. Ciocchetti, The Future of Privacy Policies: A Privacy Nutrition Label Filled with Fair Information Practices, 26 J. Marshall J. Computer & Info. L. 1 (2008) http://repository.jmls.edu/jitpl/vol26/iss1/1 This Article is brought to you for free and open access by The John Marshall Institutional Repository. It has been accepted for inclusion in The John Marshall Journal of Information Technology & Privacy Law by an authorized administrator of The John Marshall Institutional Repository. \\server05\productn\S\SFT\26-1\SFT101.txt unknown Seq: 1 21-MAY-09 7:48 ARTICLES THE FUTURE OF PRIVACY POLICIES: A PRIVACY NUTRITION LABEL FILLED WITH FAIR INFORMATION PRACTICES COREY A. CIOCCHETTI* I. INTRODUCTION E-commerce is here to stay.1 Since the late twentieth century, the World Wide Web has proven a profitable conduit for businesses to sell almost anything to almost anyone located almost anywhere across the globe. In the United States alone, online retail sales exceeded $33 billion for the first quarter in 2008.2 Although this figure represents just over three percent of national retail sales, the ratio of e-commerce sales to total sales continues to rise steadily.3 Despite the tendency of the financial community to look askance at economic figures in this range, it is important to remember that $33 billion changing hands is still $33 billion changing hands. Experts predict that online retail sales will top a non-trivial $300 billion per year within the next five years.4 Additionally, the major players in the sector, companies such as Amazon.com and E-Bay are well-known, global entities that provide valuable services effi* Corey Ciocchetti (J.D. Duke 2002, M.A. 1999 University of Denver) is an Assistant Professor of Business Law and Ethics at Daniels College of Business, Univeristy of Denver. Please feel free to contact Professor Ciocchetti at . 1. See, e.g., Jody Yen, E-Commerce is Here to Stay, FORBES, Aug. 16, 2002, available at http://www.forbes.com/2002/08/16/0816sf.html. 2. See Quarterly Retail E-Commerce Sales: 1st Quarter 2008, U.S. CENSUS BUREAU NEWS, May 15, 2008, available at http://www.census.gov/mrts/www/data/pdf/08Q1.pdf (providing a chart which places the ratio of e-commerce retail sales to total retail sales (adjusted for seasonal and holiday variations) at approximately .07% in the first quarter of 2000 and approximately 3.4 % in the third quarter of 2007 with steady growth in between). 3. Id. 4. See Linda Rosencrance, Online Retail Sales in the U.S. to Hit $204 Billion in ‘08, COMPUTERWORLD, Apr. 8, 2008, available at http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9075759 (stating that “[o]nline retail sales are projected to hit $204 billion in 2008, up from $175 billion in 2007, and should top $300 billion over the next five years, according to a Shop.org study conducted by Forrester Research Inc.“). 1 \\server05\productn\S\SFT\26-1\SFT101.txt 2 unknown Seq: 2 JOURNAL OF COMPUTER & INFORMATION LAW 21-MAY-09 7:48 [Vol. XXVI ciently via the click of a mouse.5 Businesses tap this growing market by enhancing e-transaction capabilities and offering a diverse array of products and services online.6 In the process, e-commerce websites collect vast amounts of information from their visitors.7 Much of the collected data is non-identifying and merely discloses computer and network-specific information such as a visitor’s Internet Protocol (“IP”) address and browser type.8 The remainder of the data collected, however, is more sensitive and includes personalized information such as names, addresses and phone numbers. This information – known as personally identifying information (“PII”) – is rather innocuous in pieces but poses serious threats upon aggregation into a customer profile or “digital dossier.”9 5. See Amazon.com, Inc., Quarterly Report (Form 10-Q), at 4, available at http://library.corporate-ir.net/library/97/976/97664/items/290167/AMA_10Q.pdf (showing net sales of $4.135 billion and net income of $143 million from January 2008 through March 2008). See also E-Bay Inc., Amended Quarterly Report (Form 10-Q/A), at 3, available at http:// investor.ebay.com/secfiling.cfm?filingID=891618-08-231 (showing net revenues of $2.19 billion and net income of $459 million from January 2008 through March 2008). 6. See, e.g., Kim Leonard, Retailers In Step With Trend Shift Focus to Web Commerce, PITTSBURGH TRIB. REV, June 29, 2008, available at http://www.pittsburghlive.com/x/pittsburghtrib/news/breaking/s_575113.html. Retailers struggling in a weak economy are looking to boost Internet sales. Sometimes, they’re closing stores, delaying store openings or simply paying less attention to them. Some national chains, such as technology retailer CompUSA, have shuttered dozens of bricks-and-mortar outlets to cut overhead and refocus efforts online. Smaller, local retailers with special niche products are part of the trend. Id. 7. See, e.g., Google.com, Google Privacy Center, http://www.google.com/intl/en/privacypolicy.html (last visited Feb. 9, 2008) [hereinafter Google Privacy Policy]. See also Fed. Trade Comm’n, History and Overview, June 1998, available at http://www.ftc.gov/reports/ privacy3/history.shtm [hereinafter Privacy Online 1998]. The World Wide Web is an exciting new marketplace for consumers. This information-rich medium also serves as a source of vast amounts of personal information about consumers. Commercial websites collect personal information explicitly through a variety of means, including registration pages, user surveys, and online contests, application forms, and order forms. Websites also collect personal information through means that are not obvious to consumers, such as “cookies. 8. This type of collection is referred to as “passive” information collection because a website collects this information on its own and a visitor does not enter this information via a web form or other information transaction. See, e.g., Speedtowin.com,, Speed to Win Privacy Policy, http://www.speedtowin.com/privacy.htm (last visited Aug. 2, 2008). Discussing the company’s policy on passive collection: As you navigate through this site, certain anonymous information may be passively collected (that is, gathered without your actively providing the information) using various technologies. . . For example, your Internet browser automatically t (...truncated)