Privacy and Online Shopping
By Hannah Hilst | Legally reviewed by Melissa Bender, Esq. | Last reviewed April 25, 2024
This article has been written and reviewed for legal accuracy, clarity, and style by FindLaw’s team of legal writers and attorneys and in accordance with our editorial standards.
The last updated date refers to the last time this article was reviewed by FindLaw or one of our contributing authors. We make every effort to keep our articles updated. For information regarding a specific legal issue affecting you, please contact an attorney in your area.
In some ways, online shopping might give you more privacy than in-store shopping. People are less likely to see what you buy and spend. Yet, the overall privacy risks are much higher online.
Shopping online leaves a digital footprint. Hackers, scammers, and even legitimate companies may want to follow this data trail. Countless prying eyes may want to see your shopping history or passwords.
Very few things in life are truly private anymore. But you can better control your privacy by understanding how your data could become exposed in the first place. You can also learn about your consumer protection rights after an online shopping scam or data breach.
How Do Cookies and Tracking Affect Online Shopping?
Online merchants use technology to improve your shopping experience. The easier it is for you to find relevant products and pay online, the more sales the business can make. But the efficiency trade-off means the seller intrudes on your privacy in some ways.
When you return to a website where you may have done business in the past, even just to browse, it often remembers your last session. It uses "cookies," or pieces of code left on your computer's browser, that track your shopping and other habits.
Online retailers may use different categories of cookies for purposes such as:
- Remembering your credit card and other payment information for fast checkout
- Measuring which links you click and products you view
- Anticipating what other products you may like to buy to recommend them as you shop
- Timestamping when you shop to remind you to revisit products later
Cookies can also let companies show you targeted advertisements on unrelated websites. These cookies closely track search engine inquiries and your other purchases. For example, Googling a pair of sneakers once could lead to seeing sneaker ads across social media and other websites for several weeks.
Turning Cookies On and Off
You might not want businesses and third parties to know what you shop for before buying it, particularly for sensitive products like medical items. Privacy advocates also worry that companies may use targeted ads to build marketing profiles of online shoppers. Such profiles may reveal too much, including personally identifiable data.
Disabling cookies can be helpful if you're worried about your privacy while online shopping. But you'll have to reenter passwords, and you might not be used to the lack of shopping personalization without cookies.
You may turn off cookies in your web browser privacy settings. You can also reject cookies on most websites through popup and banner prompts.
Sharing Information With Sellers and Websites
As a rule of thumb, reveal only the necessary information to complete your order. There are some details about yourself that no online retailer needs to know.
Retailers sometimes try to collect additional data, such as annual household income or favorite types of entertainment. These extra details can sometimes lead to spam, telemarketing calls, or worse.
Certain types of information must stay private when making online purchases. Fake websites and emails spoofing genuine retailers may ask you to share unnecessary information. Your Social Security number (SSN) is a good example. Details like your address and birth date were likely already part of a prior data breach. Anyone who also has your SSN can steal your identity more easily.
Also, share information only when you have a secure connection. Learn about online shopping security strategies to ensure that any information you send will stay private.
Protect Your Password for Shopping Accounts
Even the world's best online security technology is no match for a compromised password. Entering a password tells the server you have clearance to see privileged information.
Choosing a strong password is essential to protecting your online privacy. Also, don't use the same password for every site. Once you've chosen a password, don't write it down or make it vulnerable to third parties.
Public computers, such as library devices, often save or "cache" browsing history. They can even save your login information. Logging out of all sites visited and emptying the cache is one way to protect your privacy. Even better, limit your online shopping to a home computer or other secure device if you can.
Some computer viruses or spyware may capture keystrokes and otherwise compromise your password. Keeping software up to date and using up-to-date antivirus software on a computer can help safeguard your device. But remember, even "low tech" methods of interception, such as peering over a person's shoulder as they type in a password, can result in a privacy breach.
About Website Privacy Policies
Many checkout screens and popups ask you to check a box confirming that you've read and understood the company's privacy policy. The policy could belong to the retailer itself or the payment service you're using, such as PayPal or Apple Pay. Often, both apply.
While most online shoppers immediately click "agree," few actually read these online privacy policies. Privacy disclosures are often full of “legalese," leaving shoppers unaware of what they really mean.
Privacy policies generally address the following areas:
- Information collected: Explains all customer data collected and how it may be used, particularly for personally identifiable information such as your phone number
- Tracking and cookies: Lists what technical data the company is requesting to monitor user activity, how it logs the data, and how it uses this data
- Mandatory and optional data: Describes which information is required for completing a transaction and which is optional (plus how the business will use this optional information)
- Sharing of information: Explains whether the business will share any information you provide with third parties and to what extent
Privacy and online shopping may sometimes be at odds. Proper precautions can help you avoid compromising your most sensitive information.
Online Retailers Must Protect Shopper Privacy
Online businesses and payment services must comply with consumer privacy laws. There are limits to how they can use customer data. Their business practices must also meet data security requirements.
For example, services that accept credit cards must follow payment card industry data security standards (PCI DSS). They must routinely test their cybersecurity practices. They must also fix any weaknesses that could risk exposing customer data.
Online marketplaces that host other sellers, such as Amazon, must follow the INFORM Consumers Act. Marketplaces are the intermediary between sellers and consumers. So, they must prevent fraud. Under this Act, they need to verify the identities of high-volume sellers. The Act also requires marketplaces to manage data for both parties safely.
Many other federal laws focus on protecting shoppers' data. Regulatory agencies respond when online sellers fail to comply with these laws. For example, the Federal Trade Commission (FTC) and state attorney general's offices often investigate shopping-related consumer complaints. Sometimes, shoppers sue online retailers directly.
An Attorney Can Help With Privacy Issues
A data breach or scam can spell disaster for your financial information and personal privacy. Report fraud and identity theft if you suspect that a shopping spree exposed your information.
In some cases, you may hold the online seller or company accountable for the damage they caused. A consumer law attorney can help you understand data privacy laws and your rights.
Can I Solve This on My Own or Do I Need an Attorney?
- Consumer legal issues typically need an attorney's support
- You can hire an attorney to enforce your rights for safe products, fair transactions, and legal credit, banking and related financial matters
Legal cases for identify theft, scams, or the Equal Credit Opportunity Act can be complicated and slow. An attorney can offer tailored advice and help prevent common mistakes.
Stay up-to-date with how the law affects your life
Learn more about FindLaw’s newsletters, including our terms of use and privacy policy.