Despite recent high-profile breaches of customer data and the growing concerns of online buyers, many companies are still neglecting customer privacy, according to a recent report.
In a recent survey of 464 major corporate Web sites, the Customer Respect Group, based in Ipswich, Mass., found that only 26% of companies are asking permission before using customer data for ongoing marketing. That's not the only area where companies are falling short.
The online protection of customer privacy has been slow to catch on with organizations. For example, of the companies surveyed, only 42% scored "good" for their policies toward sharing collected personal data and 73% scored "poor" for their policies toward reusing personal data for marketing purposes.
"One of the factors is it's very hard internally to have policies to maintain and manage customer data," said Terry Golesworthy, president of the Customer Respect Group. "If you let users edit data or delete their data, which is what the customer wants, that's a large investment in the back-end system."
The end result is a widening separation between the "good guys" and the "bad guys" when it comes to valuing customer privacy, Golesworthy said. There is no middle ground.
Companies that are progressive with customer data, like the 23% with policies that allow users to destroy their own information stored on corporate databases, started investing in back-end system controls two years ago, Golesworthy said.
"This requires a philosophical change," he said. "Even if you say we're not going to share data, how do you stop a distant department?"
That very problem has kept firms from making privacy promises they can't keep. For example, the industry that scored the worst in the Customer Respect Group's study was pharmaceutical and healthcare, which scored low for its lack of transparency. That may be a legal issue with language and accidental data sharing, Golesworthy said.
The travel and airlines industry performed the best in the study. E-business sites that measure their revenue from casual users tend to pay more attention to privacy, Golesworthy said. It is difficult to determine ROI from privacy, but with sites like Expedia and Orbitz, where there isn't a long-term relationship and customers will switch back and forth, it can make a difference.
"At some point, companies realize they have to do something because it's the price of doing business," Golesworthy said. "Corporations are starting to see it as a market differentiator."
The Customer Respect Group hopes to provide a benchmark for customer privacy policies and will follow up with more surveys in the future.
The companies rated highest for privacy were Intel Corp., Expedia, E-Loan, Verizon Wireless, Estee Lauder, Marriott International Inc., Con-Way Transportation Services Inc., IBM and Medco Health Solutions.