A new certification program aims to make websites more transparent about sharing users' personal data.
(CNN) -- There's a lack of trust between Internet users and the websites that collect their private data.
These sites aren't going
to stop gathering personal information anytime soon, but one company
hopes to make the exchange less mysterious when people sign on to a site
using a social-media profile.
Logging in to third-party
sites or commenting systems with Facebook, Twitter, Yahoo, Google+ and
other social profiles is common -- 53% of people have done it, according
to a recent study by Gigya, which handles these social logins for major
sites such as Pepsi, CBS and Verizon. But Gigya is more interested in
the other 47% who don't use social logins and what it can do to change
In theory, signing in to a
third-party site with an existing social-media account should make life
a bit easier. There are no forms to fill out, no new passwords and
login names to memorize. Just enter two bits of information you're
already intimately familiar with from checking Facebook or Twitter a
million times. Once logged in, you might even like how easy it is to
share content on your profile, or enjoy seeing what your friends bought,
read, listened to or watched.
In exchange for these
benefits, you give that company access to personal information telling
them who you are, such as your age, gender, location, e-mail address,
list of friends and what your interests are. That data is extremely
valuable, and is used to tailor the site or app experience to individual
visitors. People who log in with a social-network profile are better
customers. They stick around longer and are more engaged.
The holdouts who avoid
signing in with social profiles don't want to give third-parties the
keys to their personal data. They believe companies will take their
profile information and sell it, spam their friends or post to their
social networks without permission, according to the Gigya survey.
"There's a real question
of transparency and trusting, and confusion as to what's happening,"
said Gigya CEO Patrick Salyer. He believes much of it is a "perception
issue" and that increased transparency between companies and customers
would be mutually beneficial.
That's where the Gigya's new SocialPrivacy Certification program
comes in. In exchange for publicly promising to use data responsibly,
sites can sport a seal proclaiming that they are certified as
trustworthy. The companies must follow these rules: they will not sell
your data or your friends' data, spam you with e-mails, post on your
social networks or contact your friends without permission.
Gigya is training a team
of 35 employees in its client-services department to audit companies to
ensure they adhere to the criteria. The companies are vetted when they
first request certification and audited regularly after they're signed
up to make sure they're still sticking to the rules. Gigya has not
settled on a price for the certification yet. Any site can apply for the
program, and Gigya plans to develop a similar code of conduct for apps
in the future.
In theory the
certification will assuage consumers' fears, and in turn boost the usage
of social logins across the web. To increase the program's credibility,
Gigya consulted privacy experts and collaborated on the final product
with the Future of Privacy Forum, a privacy think tank in D.C. supported by companies such as Google, Amazon and Facebook.
Currently there aren't
any laws regulating what sites and apps can do with your personal
information, and companies are hoping to stave off any government
regulation by taking matters into their own hands with initiatives like
"There's no obligation
to be a good privacy citizen unless it's health or banking information,"
said Jules Polonetsky, director and co-chair of the Future of Privacy
Facebook, Twitter and
some other networks have guidelines for developers that prohibit some of
these behaviors, including bans on selling data. But by taking it one
step further and publicly declaring it won't misuse personal data, a
site can suddenly be held accountable for any violations by a group with
a bit more power: the Federal Trade Commission.
"The FTC can sue you for
making a deceptive statement to users who relied on that when they
signed onto your site," said Polonetsky.
Certification program is launching with a handful or partners, including
Martha Stewart and the Toronto Globe and Mail. Until it becomes
standard across the industry, its usefulness will be limited. But as
long as people remain paranoid and hesitant to share their information,
sites that want that data will be motivated to be more transparent.