Not All Shoppers Brave the Malls
Whistleblowers at Work Changing State Law
Corrections or additions?
These articles by Caroline Calogero, Michael Schumacher, and Lynn
Robbins were prepared for the December 13, 2000 edition
of U.S. 1 Newspaper. All rights reserved.
Internet Privacy? New P3P Guidelines
Getting to know you, getting to know all about you might
have been a fine idea for Anna in Siam, but such attempts by websites
cause many to recoil against this invasion of privacy. Lorrie Faith
Cranor of AT&T Labs-Research will discuss privacy concerns raised
by current online data collection practices at the Princeton Joint
Chapter of the ACM and IEEE Computer Society meeting on Thursday,
December 14, at 8 p.m. at the Sarnoff Corporation. Entitled
“Online Privacy: What are People So Concerned About and What is
Being Done About It,” the meeting is free and refreshments are
served. A pre-meeting dinner is at 6 p.m. at the Rusty Scupper. For
reservations, call 609-924-8704.
Cranor confirms our worst suspicions — proprietors of websites
have unprecedented opportunities to amass data about their users.
“The capabilities of companies to gather large amounts of
information on people easily and to correlate it and build profiles
are improving,” she says.
But such opportunities are part and parcel of what distinguishes a
web-based transaction from its physical world counterpart. “If
all my interactions with businesses are done on line, it’s much easier
to capture the information about what I’m doing. When I go into a
physical bookstore, you don’t know which books I pick up and browse.
You only know the ones I purchase. In an online bookstore, you can
see which ones I browse as well.”
Cranor has a doctorate in engineering and policy from Washington
University
in St. Louis. She has been with AT&T Labs-Research for the past four
years (www.research.att.com/~lorrie/). A hybrid who can talk the talk
with both techies and policy wonks, her presentation will review the
technical mechanisms that companies use to track people on line. She
will also cover recent initiatives to help protect privacy including
anonymity tools, privacy seal programs, legislation, and P3P.
P3P, or the Platform for Privacy Preferences Project, is an effort
of the World Wide Web Consortium (W3C) to produce a standard format
for web users to express privacy preferences and websites to declare
data gathering intentions.
Cranor explains that P3P is not software itself but rather a set of
instructions for software developers. “P3P is a specification.
It’s the recipe that tells somebody who is building a web browser
how to put the privacy standard into their web browser.”
P3P aims at enabling the user to set up Web browser software with
personal privacy preferences and information exchange limits. P3P
also allows websites to state their privacy policies in a standardized
format.
With P3P, when web browser meets website, a checking process begins.
Users are notified if there is a mismatch in goals. “You get to
decide what your personal threshold is, and, then, what you want your
browser to do,” she says.
When there is a mismatch in objectives — say if a website declares
it can’t function without knowing net worth or pharmacological
history,
and the user is a rather private person — flashing lights and
noises may sound the alarm.
But P3P guidelines are sophisticated enough not to limit users to
only black and white policy statements. P3P-enhanced browsers will
be able to selectively block cookies based on what the website intends
to do with the information. Access to certain private bits of
information
might be permitted only when an order is being placed, as long it
is not sold to other companies.
Websites adhering to P3P guidelines will encode their privacy policy
into a standard format. Variables will include the kind of data
collected,
what is done with the data, and how the data is shared.
P3P-enhanced browsers will complement other privacy protection
strategies.
When browsing leads to buying and anonymity tools or pseudonyms reach
the limit of their usefulness, P3P would take over.
Blast off for the P3P guidelines is near. Cranor anticipates the W3C
will act very soon to officially issue a preliminary recommendation
that the standard is ready for implementation. Cranor has been on
the project since the beginning, the fall of 1996. She now heads the
W3C working group that is drafting technical specifications for P3P.
Cranor says Microsoft is among the companies building software using
P3P and that its product will be released next spring. AT&T is also
considering involvement. “AT&T has tried to be a leader in
protecting
customer privacy. We’re looking into the possibility of whether it
would be useful to provide some software just to get P3P started,”
she says.
Her approach to protecting her own privacy on line is “not a whole
lot. I actually do try to read privacy policies at websites, and I
am very cautious about providing personal information,” she says.
She will avoid sites with invasive policies and does use fake names
when possible.
Nevertheless, Cranor finds anonymity tools cumbersome and does not
use one. She has used tools that block cookies but those tools also
have drawbacks: “On many websites I really want to use cookies
because I don’t want to remember passwords.”
She is currently working on a book about P3P, which she hopes will
reach both the digitally dexterous and the hopelessly analog. “My
attempt is to target a mixed audience. What I’ve found is that there
are a lot of non-technical people who would like some background in
some of the technology at a level they can understand. There are also
technical people who would like the background about privacy
laws.”
That Cranor’s graduate work focussed on electronic voting leads to
a final question on a somewhat different issue — the post-election
miasma. She seconds the instincts of many Americans not associated
with Florida boards of elections. “Unfortunately there’s no one
magic answer here. There are some things that they did that clearly
asked for trouble, and using punch card ballots was the first
problem.”
— Caroline Calogero
Top Of PageNot All Shoppers Brave the Malls
Trepidation is in the air this holiday season as
traditional
brick and mortar retailers brace themselves for the onslaught of
business
they won’t receive. That’s because an estimated $11.6 billion will
be spent this month in Internet purchases, as projected by the
Manhattan-based
consulting firm Jupiter Research. That figure is up from $7 billion
last year. And the number of individuals purchasing online this year
is anticipated to be 35 million Americans compared with 20 million
in 1999.
“I expect to do 80 to 100 percent of my holiday shopping online
this year,” says Laura Grigni, a financial marketing
professional
at First Union. “That’s almost twice as much as last year for
me.” Like so many others, Grigni is lured by the convenience of
shopping online, but also adds, “I prefer to shop from home rather
than deal with the crowds at the malls, where too often merchandise
has already been picked over and boxes are torn. At least online,
the items are neatly packed and better suited for gift-giving.”
The impact of sentiments such as Grigni’s will attract business owners
and marketing professionals to the two-day seminar “E-strategy:
How to Build Your E-marketing and E-business Strategies,” held
Thursday and Friday, December 14 and 15, from 9 a.m. to 4:30 p.m.
at Rutgers’ University Inn and Conference Center at 178 Ryders Lane
in New Brunswick. Cost: $995. Call 732-932-8274, or E-mail:
“Any business owner who is not currently thinking and addressing
their business from an `E-approach’ is making a mistake,” says
seminar leader Bill Hendricks. The learning curve is steep,
he admits, “and the investment of time is as significant as the
financial investment.”
E-commerce is more than making money and selling something on the
Internet. Instead, says Hendricks, ask the broader question: “Do
I need better and more effective ways to develop relationships with
my customers?”
Hendricks, a consultant in the E-business sector for over 15 years,
was contracted as seminar presenter by the New York-based Orion
Development
Group. He earned a BA in education from the University of Northern
Iowa in 1971, followed by a master’s in divinity from Asbury Seminary
and a doctorate from the University of Dubuque. He has worked as a
management consultant for Mobil GIS, Shell Chemical, and the insurance
company CGU. Hendricks is also a certified Myers-Briggs Personality
Type Indicator and a deBono Creativity Instructor and lives in
Overland
Park, Kansas.
“Basically, there are two groups trying to capitalize on the
Internet
and E-commerce opportunities,” says Hendricks. “Both are
struggling
to make sense of the maze of information and mastering the technology
is nearly overwhelming for both.” The key is very different for
each of these two groups:
1. Established businesses with an existing customer base.”Their question is financial and their solution is to approachE-commerce from a customer perspective.” Because they have a solidbusiness foundation, they must build a return on investment that takesinto consideration the value of the customer and the opportunityavailablethrough the Internet. A genuine customer-centric approach will calmsome of the fears and help this group remain well directed as theylearn the Internet and discover which aspects of E-commerce make goodbusiness sense.2. Those trying to start up a business. “The lureand promise of tapping into a captive market using the Internet canbe very tempting and a very costly mistake!” says Hendricks.”Itis easy to be led astray and naively think that the world is justwaiting to click on your new site. For this group of business people,the strategy is to go slow: crawl before you walk, walk before yourun and when you have a clear sense of your market run —fast!”The two-day program will cover the gamut of electronic commercefrom the definition of electronic commerce and the basics of Internetmarketing to the more complex “Integrated E-strategy Thinking”and “Building An E-strategy Scorecard.” Hendricks says theworkshop will provide not only awareness of E-strategies, but alsoconcrete business solutions. “If you have a problem, bring it!The two questions I expect people to ask are `So what?’ and `Whocares?’”When asked how small businesses can compete with larger ones on theInternet, Hendricks says that the power of the Internet and E-commerceis that it is a great equalizer. “Small companies and megacorporationsare all competing for the same `click of the mouse.’ The ability tosell online is not expensive. If you compare the advertising powerof Amazon.com versus a local bookstore, then there is a great gap.But that exists regardless of the Internet.”He lists challenges for those building an effective E-commercebusiness:Capital. It takes money to market a business, anybusiness.The misconception that anyone can jump into this market and make akilling is hurting good companies. Most people who provide a qualityproduct or a good service are in the business for the long haul. Getthe stars out of your eyes and invest in a long-term, slow-growthplan.Service first. Develop an internal system that lives andbreathes customer service. Word of mouth has always been the bestmarketing tool, and the web exacerbates both positive and negativecustomer experiences.Think community. The Internet allows a business to amassa group of individuals from across the globe around common needs andissues. Too frequently websites focus on what “we offer”ratherthan “what customers do.” Building client relationships anddeveloping a knowledge base of what a customer does with your businessis a great differentiator.Scorecard. It is easy to capture tons of data and knowvery little. Develop an E-commerce scorecard that aligns with theoverall business direction.Keep it simple. Many businesses over-complicate things.If it can’t be done easily, it is probably wrong.Know your audience. Remember that the majority of thepeople connected to the Internet are not operating on the latest andfastest equipment. Many are still creeping along and excited withthe chance to see what they are seeing. If you design for the fivepercent of the world that is really “wired” you may miss yourmarket.Remember the human factor. The clicks and hits youexperienceon your site represent people. Never forget that it is people whobuy products and consume services. Always direct your attention tothe human factor.According to Jupiter Group analysts, “today’s Internetaudiencestill largely consists of newbies (24 percent) and intermediate users(49 percent), with many people using the web to windowshop and thengoing out to purchase on the high street. By 2002, over half (51percent)the online population will have become veterans, and their likelihoodto shop online as well as their spending will increaseaccordingly.”That doesn’t leave much time for those businesses not yet in the frayto gear up. Those prepared to take the leap should arrive at theRutgersseminar with a sense of what they want to do, suggests Hendricks.”Bring every piece of customer information you can, and from thefirst moments in the seminar, keep asking me to provide answers, notjust theory.”— Michael SchumacherTop Of PageWhistleblowers at Work Changing State LawMore than ever, employers need to understand NewJersey’swhistleblower law, officially termed the Conscientious EmployeeProtectionAct (CEPA), cautions Earl M. Bennett of the Carnegie Center-basedlaw firm, Saul Ewing LLC.Employees who complain of employers’ perceived wrongdoings are likelyto get increasing protection against retaliatory action, thanks toseveral recent Supreme Court rulings. So when an employee makes acomplaint related to your business, you need to know what to do andnot do, how to avoid mistakes that could constitute retaliatoryaction,and how to protect yourself against false claims.Bennett and his colleague, Catherine B. Rinaldi, will givepracticalsuggestions and case examples in a seminar titled “Retaliationin the Workplace: The Changing Contours of New Jersey WhistleblowerLaw” on Thursday, December 14, at 8 a.m. at Saul Ewing’s officesat 214 Carnegie Center, Suite 202. Cost: $40. Call 609-452-3159(E-mail:ebennett@saul.com).Under CEPA, an employer cannot take retaliatory actions against anemployee because he or she complains either within or outside thecompany about alleged misconduct. The employee is also protected ifhe testifies in an investigation or refuses to participate in anyactivity he believes is unlawful, fraudulent, or is a threat to thewelfare of the public or the environment.This New Jersey whistleblower law dates back to 1980 when the SupremeCourt ruled that employers could not terminate employees for refusingto engage in activities that violate the law (Pierce v. OrthoPharmaceuticalCorp). The 1986 CEPA law further protects employees not only fromtermination, suspension or demotion, but also from any action thatadversely affects an employee’s working conditions. Since then, theSupreme Court has expanded the statute in several rulings.As an employer, here’s what you need to know:Your employee does not need to prove the alleged misconducthe reports. The court ruled against Mobil Oil Corporation in thelandmark case involving Princeton resident and ex-Mobil employee MyronMehlman, who said he was terminated for opposing the sale ofgasolinewith too much benzene content. This 1993 ruling said that an employeeneed not prove misconduct as long as he has reasonable belief andis acting in good faith. In other words, says Bennett, “anobjectingemployee is not expected to be a lawyer.”Your employee is protected if he complains about anotherworker, even if you don’t condone that worker’s behavior. In 1999,Higgins v. Pascack Valley Hospital, CEPA was expanded to include anemployee’s complaints against co-workers, even if the employer isnot complicit in the co-worker’s conduct.Your employee is protected even if the alleged misconductdoes not victimize the public. Earlier this year, in Roach v. TRWInc, the court decided that an employee is protected againstretaliatoryaction even if the misconduct victimizes only the employer. Examplescould include complaints about a co-worker or supervisor cheatingon an expense report, coming to work late, or taking excessive coffeebreaks.Your employee has the right to testify. Also this year,In DeLisa v. County of Bergen, the court decided that CEPA protectsemployees who participate in investigations or testify before publicbodies.Your employee is not required to follow your company’s reportingpolicy . On June 7 of this year, in a case involving a nurse whowas fired by Correctional Healthcare Solutions Inc., the Supreme Courtdecided that employees cannot be fired for going over theirsupervisor’shead, acknowledging that sometimes an employee must break the chainof command when objecting to a serious problem.Seminar leaders Bennett and Rinaldi are members of Saul Ewing’sLabor and Employment Law Department in its Carnegie Center office.Rinaldi went to Saint Joseph’s University and Seton Hall Law School.Bennett has his undergraduate degree from Harvard and his law degreefrom Rutgers.To prevent problems resulting from employee complaints, Bennettadvises:Think prevention. Adopt a written policy that addresses employeeconcernsabout wrongdoing. If an employee does complain, establish aninvestigativeteam of at least two people. Interview the plaintiff and witnesses.Prepare a written report and clearly state that no retaliatory actionwill be taken if the complaint has been made in good faith.What if an employee does accuse you of retaliatory action? Bennettcautions that the employer must show the court evidence that itsactionsrelated to the employee were not based on retaliation. The employermust have documentation showing why the employee was terminated,disciplined,or otherwise acted upon. If the employer has accurate and soliddocumentation,the burden of proof rests with the employee.— Lynn RobbinsNext StoryCorrections or additions?This page is published by PrincetonInfo.com— the web site for U.S. 1 Newspaper in Princeton, New Jersey.
