Strictly regulating websites does not deter ethically challenged operators, a recent University of Alberta study shows.

In fact, the worst websites for privacy and security are in Britain, where a large bureaucracy monitors their actions, according to a study by Alberta School of Business professor Karim Jamal.

"We found that the unregulated websites in the U.S. function just as securely and privately as the regulated sites in (Britain)," said Mr. Jamal.

After comparing the 100 most visited business sites in Britain and the United States, he found most operators were honest and did a good job of protecting user information. A small percentage in both countries were cheaters, with the worst sites in Britain, said Mr. Jamal, whose research appears in the Business Ethics Quarterly publication.

"It seems that in a regulated system, the people who cheat will cheat big. They won't sell your information to a few people, they'll sell it to thousands of people. I guess they figure if they're going to cheat, they might as well make it worth their while."

For the study, Mr. Jamal's group created a Web crawler that followed how a site tracked people who entered it, and how that compared to its stated privacy policy. They also had fake customers do transactions on sites, and then tracked how many third-party contacts they got, either by e-mail, snail mail or phone.

Interestingly, although getting a British phone number is usually quite difficult, Mr. Jamal was able to do it easily by using a telemarketing company.

"Telemarketing firms will give you a hundred phone numbers, and set up either an answering machine or a real person to take calls. They'll even have someone answer in the local accent so it sounds legitimate."

Mr. Jamal said the e-commerce world has done a good job of self-regulation by creating seals of approval or other signals that separated the better companies from the scammers.

Sites with some kind of a seal generally had good disclosure of how they treated your information, the study showed.