PayPal announced that it is changing both its privacy and user agreement policies, adding tweaks to its customer identification program and the way it collects and stores its customers’ personal information. The changes will take effect on April 1.
Under the new policy, Paypal may collect information about the way customers use PayPal services from their mobile devices, including Paypal applications on Blackberry, Android or iPhone phones.
Paypal, which is owned by auction giant eBay, also clarified its use of cookies, specifying that session cookies, persistent cookies, flash cookies and pixel tags will all be used by the site.
Previously PayPal only used session cookies to detect whether users visited multiple pages while on the site.
PayPal also changed its policies, leaving room for the company to request further authentication from its users in the future, according to a new amendment to its user agreement. The company may ask users for their date of birth, a taxpayer identification number, or a driver’s license or “other identifying documents” at any time in order to verify the identity of its customers. If Paypal is unable to verify this information, they’ve announced that they reserve the right to close, suspend or limit the connected account.
The company reasoned last year that changes in the federal law allows them the right to this information, although this is the first time it’s being reflected in its user agreement. The new rules, courtesy of the IRS, allow PayPal to send tax Form 1099-K to users and the IRS when users’ payments received exceed $20,000 or if they receive over 200 payments each year.
While PayPal updated its user agreement a little more than a month ago, the privacy policy’s revision appears to be the site’s first since July 13, 2010.
Paypal and other online payments vendors and merchants have come under fire from privacy advocates and security researchers for loose or misleading practices. Spurred by calls from lawmakers and the Obama Administration for stricter privacy protections for consumers. Just a few days after the White House laid out is privacy agenda, the California attorney general announced an agreement with several major mobile platform providers, including Apple and Google, that will have the companies provide privacy statements for apps before users download them. The agreement with Apple, Google, HP, Amazon, Microsoft and RIM is designed to give users more information than they have now about what kind of information a specific app will collect and how it will use that data afterward. Under the agreement, companies that don’t comply with their stated privacy policies will be exposed to prosecution under California state laws.