TRUSTe: Majority Of Small Businesses Have NO Privacy Policy

A new survey of small businesses found that close to 60% of the 1,700 businesses polled had no privacy policy whatsoever and, according to privacy verification company TRUSTe, many of the other businesses simply grabbed their privacy policy from online sources.

Keith Ferrell, Contributor

March 10, 2009

1 Min Read
Dark Reading logo in a gray background | Dark Reading

A new survey of small businesses found that close to 60% of the 1,700 businesses polled had no privacy policy whatsoever and, according to privacy verification company TRUSTe, many of the other businesses simply grabbed their privacy policy from online sources.The TRUSTe survey, performed last November, found that a formal and in-place privacy policy is nonexistent for 56% of the 1,743 small business owners surveyed.

The non-profit trustmark group also found that of those small businesses that do have a policy in-place, odds are it came from someplace else: A third of privacy policies were cut-and-pasted from the Web, according to TRUSTe.

Only a quarter of businesses with privacy policies wrote the policy themselves, which can also be a matter of some concern, considering the wide variations in definitions of privacy, and legal and regulatory privacy mandates. 30% of the survey participants didn't know if their businesses were PCI compliant.

Interestingly -- and in some ways amazingly -- 79% of the respondents were aware of trustmarks -- a seal of trustworthiness displayed on Web pages -- and fully half consider trustmarks to be important. And yet those same businesses, a large percentage of them anyway, don't practice proactive privacy policies.

In light of the growing awareness of consumer skittishness over untrustworthy sites (reflected in a wariness to purchase or even shop on sites they don't know and whose privacy isn't verified) the ongoing lack of privacy policies put in place, privacy procedures followed, privacy protected as vigorously as every other aspect of doing business, the lack of a coherent, externally verified privacy policy is a vulnerability that needs to be remedied now.

TRUSTe offers a simple privacy policy self-assessment quiz here.

Read more about:

2009

About the Author

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights