Tuesday, May 29, 2007
Blogvertising: Ethics in advertising for bloggers
Many blogs are using pay-per-click ads to generate revenue and as long as the ads don’t get in the way of the content, most readers don’t really mind. Many bloggers, however, are now providing advertising in the form of paid blog posts that are often disguised as spontaneous product reviews. For the reader, this can be misleading, particularly if the writer doesn’t provide a clear statement to indicate that they are providing a paid review.For the uninitiated, services such as Pay-Per-Post, Review Me and Sponsored Reviews offer pay to bloggers to post product reviews on their blogs. While it isn’t stated explicitly, the expectation certainly appears to be that the paid posts will be largely positive in tone. Bloggers with high traffic ratings will be paid most, as they obviously have a wider audience. The intent of advertisers is to do more than create good “word of mouth” for their products; they are also looking to drive traffic to their own websites, thereby increasing their own ranking on search engines and thus, ensuring a better hit rate at their point of sale.
So, where’s the harm? I don’t have any issue with bloggers trying to generate revenue through their sites. Blogging can be hard work and time-consuming, so a small pay-off for the time and effort seems fair. It becomes harmful when the blogger has developed a trust relationship with readers and then violates it by not being explicit about the intention of their sponsored posts.
Many bloggers use a disclosure policy and badge, such as those provided at disclosurepolicy.org to inform readers that they earn revenue from advertisers and that they may endorse products in their writing. But this kind of “blanket” disclosure policy is not sufficient if readers have no way of knowing which post is an authentic, unpaid and therefore, unbiased commentary and which is a paid, and probably biased product review.
The ethical approach for bloggers is three-fold:
1. If you are planning to introduce advertising and paid reviews to your blog, write a post about it so you inform your readers up-front. If you have been developing a following and a trusted relationship with your readers, you owe it to them to be honest.If you’re an interesting blogger with a reputation for being honest with your readers, they will tolerate the occasional paid post, as long as you’re up-front about it. If you’re not, readers will eventually get wise and move on.
2. Post a disclosure policy. If your approach to revenue generation changes, be sure to update your policy accordingly.
3. Provide a disclosure statement at the start of each and every paid post, such as “This is a paid review”. It is unethical to omit the statement and very misleading to leave it as a “gotcha!” at the end of the post.
Wednesday, April 18, 2007
Was your privacy breached today?
Consider these scenarios:- Your new husband’s ex-wife, who works for a medical office, looks up your medical records.
- The mail delivery cart in a government office is left unattended in a public area while the mail clerk takes a coffee break.
- You drop by your boss’s office to update her on your project and notice a disciplinary report on her desk, with the name of a fellow manager showing prominently on the front page
- You open your annual pension plan update and discover someone else’s report is in the envelope instead of your own
- A major retailer discovers that their network has been hacked, with potentially hundreds of thousands of customer credit card numbers accessed
- Your friend in the benefits department tells you at lunch that a co-worker and mutual friend has been submitting claims for visits to a psychiatrist for the past several months.
Which of these scenarios would you consider to be a privacy breach? If you answered all of them, you would be right. According to Canadian privacy legislation, data that is collected or disclosed without authorization is considered a privacy breach. It doesn’t matter that the breach was overt, inadvertent or accidental; the consequences and implications are equally severe.
Security is a means to achieve privacy. Security is established through rigid policies and procedures, a code of ethics and regular training for staff. Security is also established on the information technology side by restricting data access to only those who need it. For example, the government health minister, responsible for overseeing policy direction for his jurisdiction does not require access to citizen health records to do his job, while a clerk responsible for verifying medical claims does require access to those records. While one might expect the health minister to understand the importance of ensuring the privacy of medical records, it is the staff member who actually accesses the records who is in most need of training. And often, these front-line staff are the least-trained in the organization, yet they have the greatest potential to cause a security breach, the majority of which will be accidental or inadvertent.
Organizations need to ensure that the staff who assume the greatest risk through their exposure to confidential information receive annual training about their obligations with respect to privacy legislation and the potential consequences of a privacy breach. Organizations also need a clear set of policies and procedures for dealing with privacy breaches.
Organizations need to ensure that their I.T. departments have adequate budgets to ensure regular upgrades to hardware and software, as well as regular training for their staff.
Governments also need to strengthen privacy legislation to ensure that organizations are accountable to the public in the event of a privacy breach. In the case of the recent TJ Maxx hacking, for example, most U.S. states and Canadian provinces had no legal requirement for the retailer to inform customers that their credit card data had been compromised. Monday's session at the Prairie health information privacy conference highlights the ongoing challenge that privacy breaches, inadvertent or otherwise, present to the public and private sector.
So think back on where you were today – where you work, where you shop, where you ate lunch, where you live – do you know if your privacy was breached today?
