Web sites in the United States tend to have more and better privacy information than European sites, according to a survey of 751 global sites conducted by Consumers International, a global federation of 263 consumer groups.
The survey, published in London last month, found that “the most popular sites within the U.S. were the most likely to have a privacy policy.” It also said more than 60 percent of them posted the policy “at the point where information was collected.”
“What we found,” said Anna Fiedler, a director at the group, “was that US sites do better in disclosing privacy than EU sites by an overall ratio of 50 to 30 percent.” She added, however, that EU sites are regulated by data protection law while US sites are not.
Still, the survey said U.S. sites were more likely “to give users a choice about being on the company's mailing list or having their names passed on.”
Overall, the survey was highly critical of privacy policies in the U.S. and Europe and called for stiffer regulations across the board.
“The main findings of the study reveal that existing measures put in place by various governments to protect people's privacy is not adequate. … (our) research clearly shows that many European and American sites aimed at consumers fall woefully short of international standards on data protection,” she said.
Other findings of the survey included:
· Two-thirds of sites collect some sort of personal information, and almost all of these sites asked for details that made it easy to identify and contact the person.
· The majority of sites gave users no choice about being on the site's own mailing list or having their names passed on to affiliates or third parties.
· Despite tight EU regulation, sites within the EU are not better at telling users how they use their data than sites in the US.
· Only 10 percent of sites targeting children asked them to get their parents' consent before giving personal information or to tell their parents afterward.
· The group used its findings to urge policy makers at the “national and international level” to adopt new laws and regulations ensuring the following:
· Give users control over collection, use and disclosure of personal data, and hold it only as long as needed “to fulfill the original purpose for collecting it.”
· Allow users to check, correct or delete data held on them and store it in a secure manner.
· Establish an “independent oversight body” to ensure compliance.
· European direct marketers warned that such consumer groups have real political clout and that European sites would do well to spruce up their privacy policies.
· They conceded that this was a tough sell since e-tailers feel the EU data protection directives provide all the privacy disclosures they need and are largely insensitive to the PR problems involved.
