Be careful with the secrets you reveal to online retailers. You just don’t know where your personal data could end up and how it might be used.This was the warning issued by Ottawa-based Canadian Policy and Public Interest Clinic following its release of a survey that showed “widespread noncompliance with federal privacy laws.”Funded by the Privacy Commission of Canada, the survey, titled “Compliance with Canadian Data Protection Laws: Are Retailers Measuring Up?” questioned 64 online retailers on their observance of legal requirements for accountability, openness and consent in collecting customer data.It also polled 72 online and offline retailers on their compliance with “individual access”—the PIPEDA requirement to inform individuals of the existence, use and disclosure of their personal information upon request, and to give individuals access to that information. The survey’s findings are hardly encouraging.While 94 percent of retailers surveyed did have privacy policies, these tended to be lengthy, ranging from 1,000 to 2,000 words. In most cases, policies were not conspicuously visible to consumers. The survey also found 48 percent of the retailers share information with other companies for purposes beyond those necessary for the transaction or service originally sought by the customer. Furthermore, only one of these companies restricted data sharing to its affiliates. Yet 34 percent did not offer consumers a choice regarding this practice during the registration or ordering process.Some 78 percent of the sample companies rely on opt-out methods to obtain consumer consent to secondary use or disclosure of their personal information.In at least 18 cases, the assessors were not sure whether consent to secondary use or disclosure was mandatory because the privacy policy was either unclear or nonexistent. Thus, 39 percent of the companies were found in violation of PIPEDA’s rules.-Nestor E. Arellano, CIO Canada (June 2006)Check out our CIO News Alerts and Tech Informer pages for more updated news coverage. Related content opinion The Importance of Identity Management in Security By Charles Pelton Nov 28, 2023 5 mins Cybercrime Artificial Intelligence Data Management brandpost Sponsored by Rocket Software Why data virtualization is critical for business success Data is your most valuable resource—but only if you can access it fast enough to address present challenges. Data virtualization is the key. By Milan Shetti, CEO of Rocket Software Nov 28, 2023 4 mins Digital Transformation brandpost Sponsored by Rocket Software The hybrid approach: Get the best of both mainframe and cloud Cloud computing and modernization often go hand in hand, but that doesn’t mean the mainframe should be left behind. A hybrid approach offers the most value, enabling businesses to get the best of both worlds. By Milan Shetti, CEO Rocket Software Nov 28, 2023 4 mins Digital Transformation brandpost Sponsored by Rimini Street Dear Oracle Cloud…I need my own space Access results from a recent Rimini Street survey about why enterprises are rethinking their Oracle relationship and cloud strategy. By Tanya O'Hara Nov 28, 2023 5 mins Cloud Computing Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe