Fair Information Principles of Brazilian Companies online privacy policies

Abstract

This research aims to present the Fair Information Principles in the privacy policies of the websites of major Brazilian companies (according to the 2014 Forbes Magazine list). The check and analysis were supported by a checklist compiled from documents issued by the Federal Trade Commission and the Organization for Economic Co-operation and development. The study selected fourteen companies from a universe of twenty-five, considering the immediacy criterion of access to the privacy policy on their websites. The security (safeguards) principle is the most widespread foundation at the privacy policies of the companies selected (existing in eight of the fourteen analyzed policies); and the principle of responsibility receives less adhesion due to the fact that it is not covered in any of the examined online privacy policies. The Sabesp Company presents the most complete privacy policy, considering the compliance with the Fair Information Principles when compared to the others perused, while WEG does not present any of the principles identified in the documental survey. As for e-commerce, the number of companies that assume some of the Principles is further reduced. For the selected universe the adherence to the Fair information Principles is still incipient, althought its use is not mandatory. An open discussion of the proposed Brazilian law about personal data protection should play an important role in creating further guidance on the subject. Additional studies in this subject should involve the perception of users, as well as a cutout of companies which target e-commerce, considering that an effective alignment with these principles and other guidelines are required in order to protect the user’s privacy and personal data in the web environment.