Joanne Furtsch, CIPP, CIPP/C
Policy & Product Architect
@privacygeek
If you’re an online publisher or an ecommerce site you may use a range of social networking tools to enhance your company’s marketing and brand-building efforts. Social tools likes those offered by Twitter, LinkedIn and Facebook enable people to rapidly share their activity on your site with their friends and they allow users to create a direct digital connection with your brand. However, there has been some concern recently around the potentially negative privacy impacts of these tools. TRUSTe recommends that you carefully consider privacy implications before integrating social networking functionality so you can both harness the power of these tools and build trust with your users.
Your privacy considerations should start with an understanding of how the social networking feature works, including what information your website passes to the social network and vice versa. We also advise that you test the feature from the point-of-view of a consumer, not just a marketer. Some questions you should ask include:
- Would your friend or family member understand what the feature does and how they can control the visibility of what they share on your website?
- Does the social networking feature collect information about a consumer only when they are logged into their account or does it also collect information when they are logged out?
- What data is collected by the social networking feature upon page load versus when a consumer actively interacts with the feature?
Also, make sure that the disclosures in your website privacy policy fully explain the functionality of the social networking feature on your website. This is especially important in cases where the social networking feature you use on your site collects consumer information. The privacy policy disclosure around social networking features should describe the type of feature used, the purpose of the feature, and what happens if the user chooses to use the feature versus simply visits a page that offers the feature. Depending on your privacy promises and the information being transferred (personal, sensitive, etc.) you may need to provide a specific opt-out or opt-in option for consumers to feel comfortable.
Privacy is founded on the principles of transparency, accountability and choice. It’s your responsibility to disclose new information collection & use activities to your visitors. They don’t like surprises when it comes to privacy.
If your website uses social networking features, it’s important to understand that these features:
- May be hosted by the social media company (e.g. Facebook, LinkedIn, Twitter etc.);
- May be integrated on your website via an iframe or a simple code;
- May capture the URL of the page the consumer is on, the consumer’s IP address, and social network ID if the consumer is logged into their account. The Facebook “like” button, for example, captures all of this information
- May automatically share the consumer’s action on your website with the consumer’s social network contacts
- Do not typically share information from your site.
Successfully implementing a social networking feature on your website requires understanding the feature’s functionality both when the page loads and when the consumer interacts with the feature. It requires carefully reviewing the feature’s privacy implications and clearly communicating with customers and consumers through the privacy policy.
If you have any questions, please contact TRUSTe or your Client Services Manager at TRUSTe.
