U.S. Markets closed

10 Online Retailers Who Respect Your Privacy

Matt Brownell

These days, it’s not enough for an online retailer to sell you merchandise – now it feels the need to gather intelligence on you while you’re there, and then follow you out of the virtual store to beg you to come back.

Online retailers are among the many websites that gather their users’ personal data and track browsing habits for their own purposes, and most also make use of third-party tracking software that uses your browsing habits on one website to create targeted ads on another. When it comes to retail, that often takes the form of “retargeting” – a tracker on a retail site will set a cookie when you leave the site, and suddenly ads for that website will appear everywhere you go. (In some cases the ads will be product-specific – do a search for flash drives on the site, and suddenly you’ll see ads all over the Web encouraging you to go back to the website and buy some flash drives.)

But every website, retail or otherwise, is different: Some have more consumer-friendly privacy policies than others, and some use third-party tracking software that does a better job of keeping user data anonymous and honoring opt-out requests. To keep them all straight, a new site, privacyscore.com, has devised a metric to rate hundreds of websites across the Web on 0-100 scale.

Each website’s 0-100 score is divided into two components: The first half is comprised of the site’s own privacy policy, with a possible 50 points to be earned based on whether a site shares its users’ personal data, whether it notifies users if the government requests that data, whether user data is deleted as soon as a user deletes his or her account, and whether service providers who have access to that data are also required to keep it confidential. The other half of the equation concerns third-party trackers. Privacyscore rates each of the third-party tracking programs found on each site, then calculates its contribution to the final score based on how often each third-party tracker shows up on the site’s pages.

Here are the major online retailers that attained the best scores based on privacyscore’s methodology.

The Most Respectful Online Retailer: Lowes.com
Privacy Score: 95

Lowe’s does use a couple of third-party trackers, but they show up very rarely and the biggest presence belongs to Google. As such, it gets a perfect 50 on that side of the calculation. On the privacy policy side, the site gets 45 out of 50 possible points, only losing 5 points because it doesn’t promise to alert users in the event of a government data request.

Interestingly, that’s an area where even the best websites tend to fall short – it seems that very few sites will tell you if the government wants a peek at your data.

“We think it's reasonable for users to expect to be told if the government comes asking for personal data,” says Jim Brock, founder of privacyscore parent company PrivacyChoice. “Of course, a user can't expect a site to violate the law in doing so, but a site can and should promise to keep them informed when they can do so legally.”

2nd Most Respectful: Etsy.com
Privacy Score: 90

Like Zazzle, Etsy is another site aimed at creative types, serving as a marketplace for art and other homemade wares. According to privacyscore, it does not appear to use third-party trackers to gather users’ browsing data, earning it a coveted perfect 50 on that end of the equation.

[Also see: Cool New Toys for 2012]

3rd Most Respectful: Zazzle.com
Privacy Score: 89

Zazzle.com, a custom apparel site, gets 45 out of 50 possible points for its privacy policy, and most of its tracking is done by Google, which has a perfect privacy score.

4th Most Respectful: Kay.com
Privacy Score: 87

The jewelry merchant turns in a solid performance on both sides of the football, so to speak: It gets 40 out of 50 points for its privacy policy and uses its only third-party tracker rather sparingly.

5th Most Respectful: RadioShack.com
Privacy Score: 86

RadioShack uses a dozen different trackers on its site, but only one, Media Innovation Group, is a very prominent presence. Fortunately, MIG is one of the good guys, itself receiving 49 out of 50 possible points in privacyscore’s assessment of the company.

6th Most Respectful: AutoPartsWarehouse.com
Privacy Score: 85

Like Costco, there’s very little in the way of third-party tracking on this site. Only two trackers, SpecificMedia and Google Display Network, showed up in the privacyscore scans, and neither was a prominent presence on the site. And given that both services get high marks for their data practices, AutoPartsWarehouse.com gets a perfect 50 on that side of the equation.

7th Most Respectful: Costco.com
Privacy Score: 83

Costco distinguishes itself by doing very little in the way of third-party tracking. Only one company, CoreMetrics, was found to be engaging in such tracking on Costco.com. And while CoreMetrics gets middling grades from privacyscore for holding onto data for more than 48 months and not being subject to industry oversight, its presence isn’t felt much on the site: It showed up just 9% of the time in privacyscore’s tests.

8th Most Respectful: BestBuy.com
Privacy score: 83

While it loses some points for failing to confirm vendor confidentiality (that is, promising that their service providers will behave when they have access to your data), BestBuy.com makes up for it by sticking primarily with consumer-friendly third-party trackers like the Google Display Network.

[Also see: Best Times to Go Shopping]

9th Most Respectful: Gap.com
Privacy score: 81

The Gap actually scores worse than Ralph Lauren on the privacy policy end of things, as privacyscore dings the website for apparently holding onto the data of users who cancel their accounts. But it makes up for it with its third-party tracker rating, where it scores 46 out of 50 possible points.

One third-party tracking service, Akamai, shows up on 99% of the website’s pages. But the service gets high marks across the board: It protects user anonymity, gives consumers the option to opt out, retains data for just 12 months, and adheres to the privacy guidelines of both the Network Advertising Initiative and the Digital Advertising Alliance. In other words, the third-party trackers on the Gap.com generally go about their business in a responsible way.

10th Most Respectful: RalphLauren.com
Privacy score: 80

RalphLauren.com scores 45 out of 50 possible points on the privacy policy end of the equation. Its only shortcoming on this metric, according to privacyscore, is that its privacy policy does not say that it will notify users in the event of a government data request.

Dishonorable Mention

On the other end of the spectrum were a few online retailers who failed to make the grade when it comes to their privacy and third-party tracking policies. Some of the worst offenders were Brookstone.com (privacy score: 34), with a privacy policy that leaves open the possibility that it will share your personal data with unaffiliated companies, and JCrew.com (privacy score: 31), which gets punished for its use of poorly rated trackers like Baynote and Proclivity. The worst of the worst, though, was Ikea.com (privacy score: 25), which earned zero points for its privacy policy.