Privacy Notices Term Paper

Download this Term Paper in word format (.doc)

Note: Sample below may appear distorted but all corresponding word document files contain proper formatting

Excerpt from Term Paper:


By law, majority of business institutions are required to provide their customers with information regarding their privacy policies on an annual basis. Business institutions are prohibited from sharing nonpublic personally identifiable customer information with non- affiliated third parties, unless consumers are clearly provided with an opportunity to opt-out. However, there have been concerns among people, as the opt-out process is time consuming for many individuals and in some cases privacy notices have been found too difficult to understand. Customers also indicate that current privacy notices are too long, contain too much legal jargon, or are too hard to read.

The privacy notices that business firms traditionally send to their customers are not new, however, with the growing explosion of the information systems and the Internet, the federal agencies have begun to question whether the traditional types of the privacy notices are adequate or there is a need to revamp the notices given to the consumers. But executives at banks, thrifts, and credit unions argue that their institutions have already invested time and money in creating notices that comply with the law and therefore changing the format of privacy notices now would render that work irrelevant and add cost to the consumers. They argue that change in the privacy notice would be a waste of time and money.

Examples of Privacy Notices

State agencies generally regulate rules on privacy law. Because of the different kinds of privacy notices that are delivered to consumers, there has been a push toward the uniformity. Presently, the complaint is that most of the privacy notices are long and require the customer to fill the form or call a telephone number for opting out. This has created too many variations in the privacy notices. Toward this end, state agencies are claiming that uniformity in the notices makes it easier to compare and monitor privacy policies. State agencies have suggested three formats: first, the use a simple format in which a business would list a data-sharing practice and indicate with a "yes" or "no" whether it engages in that practice. A second suggestion relies on the use of a template, in which a bank could describe its practices and specify what information is collected and how it is shared, and how a consumer can contact the department that oversees privacy. The third model tells consumers that they can ask their companies not to share their data with other companies and would offer them two "opt-out" options: One would bar the organization from sharing information with outside companies, and another would bar it from sharing with affiliates. However, many consumer advocates argue that each of the suggestions has a fatal flaw: They encourage customers to opt out. And this is a big shortcoming, because majority of consumers do not pay any attention to privacy notices, and even if they read, they forget to contact their companies because often the number provided by these companies are either busy or none is available to record their choice on the opt out (Linder, 2004).

Though the Financial Services Modernization Act, also known as the Gramm-Leach-Bliley Act of 1999, opened the door for financial services companies to merge and create partnerships with each other and other types of businesses. In response to consumer criticism and numerous lawsuits alleging serious privacy violations, the act included a provision aimed at protecting consumer privacy. This provision was supposed to allow consumers to bar these companies from sharing their names, addresses, social security numbers, account balances and other personal information (Lee, 2002).

Certainly, companies are working hard to comply with a bewildering array of fast-changing regulations that are under the preview of state, federal, international and industry-specific privacy rules. Writing a standard privacy notice that summarizes all regulatory and legal requirements can be a huge challenge for the companies. Privacy notices, which are required in every state, spell out clearly company's policies for handling personal data. Several laws require companies to clearly articulate what they can or can't do with confidential information. But differing requirements make it hard to draft a standard policy. For instance, many states still use privacy provisions from a 1982 information practice act that requires insurance companies to use specific phrases -- relating to how information might be shared for law enforcement purposes. Some other states require that companies include opt-in policies in their privacy statements. Opt-in policies require companies to seek and receive a user's permission to collect and use personal data.

To comply with private data, companies are required to establish a detailed inventory of all sensitive data everywhere in the corporation, review all controls relating to the use of that data and set up controls and procedures to protect the data. For example, several companies have built a database that consolidates customer information from multiple applications and production systems. Each customer record in the database has an embedded "privacy indicator" that describes in detail that customer's privacy preferences (Vijayan, 2004).

The goal is to make sure that a customer's privacy preferences are always respected, regardless of which application is accessing the customer data. However, the laws on the privacy issue are vague. For example, companies in many states are required to "encrypt" data, but it doesn't specify the level of encryption required. Similarly, the law requires companies to inform customers of any "unauthorized access" to their data but doesn't define what constitutes unauthorized access. As a result, companies may decide to do the very minimum and comply with the letter of the law to provide the protection that the spirit of the law was meant to address.


As privacy is often defined as the ability of individuals to exercise control over the disclosure and subsequent uses of their personal information, privacy notice is fundamental to the individual's ability to protect his or her privacy. The representations that organizations make about their information collection and sharing practices provide the basis for consumers to make informed decisions about whether or not to disclose their personal information. The use of notice alone does not insure that an organization abides by its policy or observes fair information practices, or that individuals can pursue a complaint against the organization (Vijayan, 2004). It is nonetheless the key anchor of the fair information practices of notice, choice, access, security and enforcement, as without notice, individuals have no knowledge about the organization's information practices and no basis for deciding whether or not to interact with the organization.

Benefits and Present Environment

With the heavy use of the Internet, companies doing business electronically are required to fill Web-based self-assessment forms that show how they are going to use privacy practices and sort them into separate risk categories. Depending on the sensitivity of the information being handled, the companies are required to implement stronger privacy policies. Each company also needs to submit to regular privacy audits.

There are several advantages to the companies by using the privacy notices. First, the companies can create powerful trust with their customers. The use of the trust has been a useful catalyst for increasing the business with the customers. In some situations, trust has also been found to create long-term relationships with the customers. When customers become certain that their private information is safe and it would be not shared with others, they become more confident of the company's lawful practices, which, in turn, may lead loyalty between the company and the customers.

It is true that with the advent of the Internet, there have been several attempts to hack the private information, it, nevertheless, does not mean that consumers should not take the advantage of convenience of doing business electronically. Certainly, the federal rules are required be enforced vigorously and those companies that violate the customer trust should be brought to the justice as mandated by federal government under the liability suits. However, at the same time, when customers begin to trust companies and willingly share their preferences and interests to the companies, they can gain the advantages of customization. This is useful not only to companies as they can track the customer interests and preferences to suit their choices in products and services, but also becomes useful to customers as they can gain the advantages of the convenience.

With the use of the extensive use of the Internet, it has become much more critical for the companies that they post their privacy policy on their websites. As it has been found that since the advent of the dot-companies, almost half of companies don't have privacy policies. The leaders in providing privacy protection are taking aggressive steps to turn their policies into strategic advantages, and they're looking at technology to take a far more important role. So a market is emerging for software, which is focusing on privacy management and monitoring of customer data (McKim, 2001).

In a technological environment, the first step for a business is to build links among the business units' databases to create a consolidated view of its customers across the different divisions. The second step…[continue]

Cite This Term Paper:

"Privacy Notices" (2004, April 11) Retrieved December 5, 2016, from

"Privacy Notices" 11 April 2004. Web.5 December. 2016. <>

"Privacy Notices", 11 April 2004, Accessed.5 December. 2016,

Other Documents Pertaining To This Topic

  • Privacy Law One Such Privacy Law That

    Privacy Law One such privacy law that has been enacted is the Health Insurance Portability and Accountability Act (HIPAA). It has provisions that govern data use and privacy among healthcare providers, insurers, and employers. There are stringent measures put in place to govern recording and sharing of communication between financial services providers and their clients (Mills, 2009). Outside the United States territory, there are legislations put in place that guarantee once

  • Privacy Rights in the Case

    Layne', in December 1994, the Office of the Information and Privacy Commissioner received a compliant that the Vancouver Police Department had taken a decision to block out the faces of those person who were being interviewed by the police in the program, "To Serve and to Protect." The complainant was KF Media Inc., of Vancouver B.C. KF Media Inc. who was the producer of the program, and it generally

  • HIPAA Discussing Most Important Aspects HIPAA Privacy

    HIPAA Discussing Most Important Aspects HIPAA Privacy Security Law Critiquing Effect Regarding Protection Security Personal Health Information (PHI) HIPAA is an acronym for the Health Insurance Portability Accountability Act. This is an act signed into law by President Bill Clinton on August 21st, 1996. The maim aspects of this law is protection and provision of privacy to a patient's medical history The U.S. Department of Health & Human Services, 2003. This law

  • Privacy for High School Students

    Internet: Privacy for High School Students An Analysis of Privacy Issues and High School Students in the United States Today In the Age of Information, the issue of invasion of privacy continues to dominate the headlines. More and more people, it seems, are becoming victims of identity theft, one of the major forms of privacy invasion, and personal information on just about everyone in the world is available at the click of

  • Privacy Protection Commenting on the

    Confab, however, is an architecture that is able to bypass these limitations and combine both approaches. It is limited, though, and a true pervasive environment calls for complex preferences that can be easily manipulated by the end user. Moreover, all these approaches are not completely sufficient in meeting the challenges mentioned in section 3.2. For instance, PETs and privacy models do not explicitly contribute in a reduction of data collection, nor

  • Privacy and Legal Issues to Consider for a Database System

    Private and Legal Issues in Database Privacy and legal issues to consider for a database system An essential component in the success of managing database is that management should be concerned with ethical and legal issues associated with both the creation and use of those data in the databases. The use of the database technology provides access to all kind of information about customers, employees, and subjects. However, it has often become

  • Employee Privacy Torts

    Employee Privacy Torts History of Employee Privacy Changing Trends of Employee Privacy Impact of Innovative Technology on Employee Privacy Role of Social Media towards Employee Privacy Impact of Changing Community/Society on Employee Privacy Adaptation to the new Environment pertaining to Employee Privacy Employee Monitoring and Surveillance Laws and Employer Policies for Text Messaging and Social Media Electronic Communication Privacy Act Monitoring of Employee Conversations over Telephone & Email Recommendations for creating Effective Policies Future Implications of Employee Privacy As years have passed and

Read Full Term Paper
Copyright 2016 . All Rights Reserved