When it comes to privacy, "there is a trust gap between consumers and marketers," he said. And despite many companies' efforts to implement sound privacy polices, "customers still think that we are just going to go ahead and share or trade their information about them with third-party [companies]."
· Let customers exercise choice regarding how their information may be used.
· Eliminate jargon, technical terms and legalese.
· Think about presentation and format.
Smith also said that companies expecting visitors from outside the United States should remind them that they are on a U.S. site, which implies that U.S. privacy policies prevail.
Smith presented a "what-not-to-do case study" highlighting designer clothing and accessory marketer Guess Inc. and its Web site Guess.com. This summer, Guess agreed to settle Federal Trade Commission charges that it exposed consumers' personal information, including credit card numbers, to commonly known attacks by hackers.
The agency alleged that Guess didn't use reasonable or appropriate measures to prevent consumer information from being accessed at Guess.com. The settlement required that Guess implement a comprehensive information security program for Guess.com and its other Web sites.
This case illustrates another best practice, Smith said: Companies have to do what they say they are going to do when it comes to privacy policies.