Why and What is Privacy for e-Commerce Customers and Companies?

The ecommerce companies, both big and small, want to provide the best customer experience to bring customers back again and again.

Think of all the information that is being collected from you when you buy products on-line.
Even before you login, you start looking at products you want. At that very moment a search history is created for an IP address and websites start showing you what you might be interested into.

You go ahead, select some products and add them to your shopping cart. Even though you do not go ahead with the shopping, the next time you login you see your selections right there. The cart is being saved for you already.

Now you look at your cart, make some alterations and go ahead with the checkout. You give your identity details, address for shipping and your credit card details. You do this as a guest or use your login credentials to avoid the hassle of entering details every time you make a purchase. This is the step you are the most aware of your privacy and safety, the credit card credentials need to be handled safely. Companies use secure channels to handle the transactions. Usually, third party processors like paypal handle the credit card information and they have well equipped safety measures to take care of the customer data. Companies use SSL certificates to add extra layers of security for checkout and login pages. Your transaction is now safe but what about privacy?

The question that comes to mind is, do I really care about anything more? As a customer, do people really read the privacy pages on e-commerce websites?

How do I care, if my login and checkout is secure and my shopping arrives on time. Every time you do shopping from a website, you create a shopping history, which helps the companies improve your “shopping experience”. Now imagine, collecting this data for millions of customers, you are now looking at Big Data.

What can someone learn from your shopping history?

Can I learn your behavior or personality from this data? Are you an impulsive buyer or you research all the options before your buy? Do you love deals and shop around and come back? And other not so obvious things like who is in your family? Do you have kids? Are you a religious person? Do you invest a lot in shopping during festivals? Is there something in particular you are looking forward to buy? Can the company offer different prices to different people based on their profiles?

Can the company collecting this data share this with any other company or individual?

How does the company protect your private data from its own employees? Do the people working in the company get a restricted view of your data depending on their authentication levels? Is the data saved in an encrypted format?

For the company collecting the data, they need to be aware and think about:

  • How much to collect? Do you keep collecting whatever you can like browsing habits including time and duration of browsing? Is there a plan for the collected data?

  • How long to save the data? Last one/two/three years? Why keep unnecessary data forever?

  • Who can see what? Can an employee shipping a current part of an order from the warehouse see the rest of the order? Does the analytics team look at aggregates or can drill down to individuals? How do we handle frauds?

  • And lastly the privacy laws in each country the company operates in. There can be different and stringent privacy laws which need to handled in different parts of the world. Is the company equipped to handle that without any major redesign? For instance, the Electronic Communications Privacy Act (ECPA), which some privacy advocates have argued prohibits the use of cookies without prior consent.