U.S. privacy laws apply to both Internet marketing and other forms of commerce. The laws limit the amount and type of information a company can collect about a consumer and also specify how that information can be used or shared. In the EU, the types of data a company can collect are fewer, and the sharing of information is far more restricted. For example, a company cannot share information about customers in one division with another division. (Sending out unsolicited e-mails to potential buyers is also restricted in Europe.)
The Gramm-Leach-Bliley Act of 1999 requires financial institutions to provide written notice of their privacy policies. Privacy policies are statements regarding how a company will use and protect a consumer’s private data. The law was broadened in 2003 to apply to a wider array of companies and consumer information.
What kind of data do companies want on you? (Think back to Chapter 3 "Consumer Behavior: How People Make Buying Decisions" and Chapter 5 "Market Segmenting, Targeting, and Positioning".) They want to know where you live so they can apply PRIZM or VALS data to know you better and create marketing messages more likely to persuade you to buy something. They want to know how much you make to see if you can afford a higher-priced product. They want to know about the other things you buy, because that will likely affect what you buy in the future. If you own a boat, for example, you’re more likely to buy fishing gear in the future. If you buy fishing gear, you’re more likely to buy clothes from Columbia. And so on. The more they know, the more they can create offers tailored to fit your lifestyle and to entice you to buy.
Some organizations also have data, such as your social security number, that criminals could use to steal your identity. For example, think about how much information your university has on you. They not only have your social security number, but they may also have your financial information (through financial aid), your health information (through the campus health center), and your vehicle information (through parking fees). Protecting that information so you aren’t harmed is a huge responsibility for the university.
Privacy policies and privacy laws apply to both business customers and individual consumers. As we explained in Chapter 8 "Using Marketing Channels to Create Value for Customers", many business buyers require vendors to sign nondisclosure agreements (NDAs) that specify what information is proprietary, or owned by the customer, and how, if at all, the seller can use that information. NDAs are not an online tool specifically but are often used in the normal course of business.
What about the offering itself? When you buy something online, you don’t get to see it first, so how do you know it is what the seller says it is, and what can you do if it isn’t? The Uniform Commercial Code (UCC) (first mentioned in Chapter 13 "Professional Selling") is a group of laws that govern commercial practices in the United States. The UCC defines many aspects of sales, such as when a sale actually takes place and what warranties buyers can expect.