InformationWeek

July 17, 2000

Privacy Evaluation: United Airlines

By James Grady, associate analyst with Giga Information Group.

United Airlines places a link to its privacy policy on every page of its Web site, so even a customer who never clicks the link and reads the policy knows that United considers privacy to be important and it's policy to be superior. The font is small but readable, and the contrasting colors make sure it gets noticed. It's also important to note that the privacy policy has been separated from the Terms and Conditions clause, another legal clause that most Web sites need. The temptation is to combine these policies on one page, but separation is advisable.

The privacy policy begins by stating that personal information is only authorized for booking services with United, which is a recommended business practice. (It also re-emphasizes the point by ending with that assertion.) The subsequent headings are intuitive, addressing credit-card security, traveler profiles, E-mail, and so on. While these are the right topics, their coverage is cursory. For example, more explicit details could have been offered on what constitutes a "traveler's profile." Also, a natural question that springs to mind after reading the policy is how closely aligned the traveler's profile is to credit-card information and E-mail addresses.

The one area where the privacy policy does go in depth is on United's use of cookies, a subject many Web sites ignore. Most online customers don't know how cookies work, but they recognize the term and know that cookies collect information about individuals online and they will look for cookies to be addressed. What's good then about United's cookie policy is that it takes the time to describe how cookies work and why United uses them. Again though, as with the rest of this policy, more detail would be appreciated.

A policy is very much about outlining practices and explaining what should happen in certain situations, and the way to improve this privacy policy would be to increase the explanation.

United's Response:

At United Airlines, we take the privacy and security of our customers' information very seriously. We believe that customers should have access to the privacy policy throughout the site. We are currently in the process of updating and expanding our privacy policy statement on our Web site, including the addition of an Online Privacy Seal. We decided to first perform an internal audit to validate the security and privacy of information collected on United.com. With this effort complete, we will soon be posting a new policy on the Web site. We are also closely following the evolution of the European Union and Safe Harbor principles being drafted for sharing and use of information across international borders.

What we have found consistently in research with consumers is that they will share information if they understand how the sharing will improve their life. We are creating a privacy policy that communicates the use of customer-supplied information in ways that improve the customer's experience on United.com or that adds value to their relationship with us. Use of the customer supplied profile information on the site, for example, helps expedite the purchase process on United.com by pre-filling some of the fields. For our Mileage Plus members, to whom miles are very important, we offer ways for them to accumulate mileage faster though partner offers. United's goals and the customers' goals related to privacy are in parallel--use customer information to the benefit of customers so they have a better travel experience.

Back to the Privacy Workshop page
Send Us Your Feedback
Top of the Page