Just Click Submit: The Collection, Dissemination and Tagging of Personally Identifying Information

Vanderbilt Journal of Entertainment and Technology Law, Vol. 10, No. 3, pp. 553-642, 2008

65 Pages Posted: 21 Feb 2008 Last revised: 11 Jun 2009

See all articles by Corey Ciocchetti

Corey Ciocchetti

University of Denver - Daniels College of Business - Department of Business Ethics & Legal Studies

Date Written: 2008

Abstract

As the twenty-first century bustles forward, the e-commerce arena becomes an ever more dangerous place. On a daily basis, websites collect vast amounts of personally identifying information (PII) and mine it in sophisticated databases to discover consumer trends and desires. This process provides many benefits - such as tailored websites and relevant marketing - that few Web surfers would care to do without. However, serious threats lurk in cyberspace and are enhanced by consumers who continue to submit vast amounts of information in a state of relative unawareness. Not wanting to miss out on their Web surfing experience, visitors submit their personal information without glancing at a company's privacy policy. In 2008, for example, 100% of the most highly trafficked websites in the United States collect PII while just over 60% have privacy polices that clearly explain PII practices. Instead, of offering explanations, e-commerce companies obfuscate and exacerbate the serious threats surrounding PII collection and dissemination. This occurs most often via inconspicuously posted privacy policies written in small font and filled with legalese and loopholes. The United States legal system allows such obfuscation unless a company breaks a privacy promise.

This article argues for a federal PII Tagging law where companies face a choice. They must: (1) post a clear and conspicuous privacy policy drafted in plain English or (2) associate (tag) their name to each piece of data they disseminate. Over time, consumers will tire of solicitations beginning with the required phrase Hi, I represent company X and we purchased your telephone number, etc. from company Y. Such social pressure will lead companies to take the simple and nearly costless step of drafting and posting better privacy policies. At the end of the day, Tagging legislation represents a middle-ground solution that protects PII without excessively hindering e-commerce efficiency.

Keywords: online privacy, information privacy, privacy policies, collection and dissemination of PII, data trade, consumer protection, Internet Law

JEL Classification: K1, K19, K20

Suggested Citation

Ciocchetti, Corey, Just Click Submit: The Collection, Dissemination and Tagging of Personally Identifying Information (2008). Vanderbilt Journal of Entertainment and Technology Law, Vol. 10, No. 3, pp. 553-642, 2008, Available at SSRN: https://ssrn.com/abstract=1096053

Corey Ciocchetti (Contact Author)

University of Denver - Daniels College of Business - Department of Business Ethics & Legal Studies ( email )

2101 S. University Blvd
Denver, CO 80208-8921
United States

HOME PAGE: http://www.coreyspeaks.com

Do you have negative results from your research you’d like to share?

Paper statistics

Downloads
81
Abstract Views
3,492
Rank
547,434
PlumX Metrics