Is Weight Watchers a Threat to Privacy?
Looking over the TRUSTe 2007 Most Trusted Companies for Privacy announcement this morning, I was surprised to see Weight Watchers listed at #22 -- the very bottom -- of their consumer survey results.
Lower than Google (#11), a company literally in possession of a goldmine of personal information that Privacy International calls "hostile" to privacy and the Electronic Privacy Information Center contends fails to "take adequate steps to safeguard the personal data that is collected" through search queries and through the routine operation of its many other online services.
Lower than Bank of America (#20), which Privacy Rights Clearinghouse reports had five separate data breach incidents between June 29, 2005, and April 12, 2007.
Lower than America Online (#4), a company that in 2006 accidentally posted to the Web 20 million search queries entered by 658,000 individuals using AOL's client software. This incident drew a class action lawsuit, which I checked on just now. The case, Ramkissoon v. AOL LLC, No. 06-cv-5866 (N.D. Calif., complaint filed Sept. 22, 2006), was dismissed in early 2007 for improper venue.
Lower than a slew of other, giant data-processing companies.
Americans, Weight Watchers is not watching our weight.
Weight Watchers does not record what we eat or when we eat it. Until the day comes when our bathroom scales have IP addresses, Weight Watchers has no ability to monitor and record our weight. Their mission seems considerably more benign. According to David Kirchhoff, President, Weight Watchers International, "Our singular mission as an organization is to help people lose weight in a sustainable way by helping them adapt a healthier lifestyle and a healthier relationship with food and activity."
I trust David on this one. When it comes to privacy, I worry more about Google than Weight Watchers.
Another reason for Weight Watcher's relatively low performance in the TRUSTe game might be that the study does not actually measure which companies provide the most robust privacy protection. Instead, it measures a company's reputation for privacy protection. Two different notions entirely. Because in the United States there is no universally acknowledged set of information privacy rights or a shared concept of privacy harms, companies are free to shape the public's perception of what privacy looks like (for example, the presence of a privacy policy on the Web site, or a privacy seal, or the hiring of a privacy officer), and then work assiduously to cultivate a reputation for privacy that aligns with this definition. Moreover, companies with sterling reputations in other aspects of their business -- such as customer service or product quality -- are able to transfer those positive brand reputations to their privacy practices. The TRUSTe survey acknowledges this point:
Based on previous consumer studies we have conducted, we have found that consumer perceptions about privacy and trust can be influenced by a number of factors. In fact, the consumer ratings may not reflect at all the actual privacy practices of the company and its good effort to protect the personal information of its customers and employees.
Leaving aside the goofiness of scoring Weight Watchers lower than Google or any number of other companies in the report, TRUSTe's essential insight is valuable. Having a reputation for privacy is as good for business as providing strong privacy protections. Right now, in the United States at least, when it comes to privacy, form is more valuable than substance.
Here is TRUSTe's complete list, with the highest-ranking companies at the top:
Most Trusted Companies for Privacy
Consumer Survey Results March 2007
American Express
Charles Schwab
IBM
America Online
Amazon
Johnson & Johnson
U.S. Postal Service
E-Bay
Procter & Gamble
Nationwide
Google
E-Loan
WebMD
Dell
Countrywide
USAA
Disney
Hewlett-Packard
U.S. Bank
Bank of America
Intuit
Weight Watchers
Comments