Savvy business owners know that a website for their business is a great tool for attracting potential customers or clients. But fewer are familiar with the legal risks of not having privacy policies and terms and conditions tailored to their audiences and business practices. The risk cannot be overstated: if you have a website for your business, do not merely publish words from a template, forget about them, and assume you’re covered.
The answer is because lawmakers and federal regulators are increasingly sensitive to the needs and vulnerabilities of private citizens who now regularly enter into transactions over the web and send important personal information across the cyber-world.
This legislation has created new categories of specially-protected information. Federal statutes target the collection of online medical information, financial information, and information about children younger than thirteen who use the web.
What’s the bottom line?
If you are a business owner, one of the worst things you can do is what we warned you against in the very beginning: Do NOT assume terms and conditions or privacy policies are one-size-fits-all remedies that can be easily published once and forgotten about while you go about the realwork of running your business. This assumption is plain wrong and potentially dangerous. The fact is that building and maintaining a legally-sound website requires active engagement from you, the business owner.
So where do you begin?
Next, consider whether you collect any specially-protected information—be it medical, financial, or provided by minors or foreign residents of other states or countries—and engage an attorney to determine how to best protect you from potential liability. Even if you do not intend to collect any specially-protected information, just collecting an email address qualifies. Therefore, your site should be tailored to ensure that it fits your purposes and your audience.
It is important also that you consider the very design of your website—and not think of your site’s terms as merely just words on a page. Your site must be designed to give the user sufficient notice of the terms and a genuine opportunity to consent to the terms of the deal; what is sufficient is up to the courts. In recent years, courts have held that certain disclosures were not prominent enough, or that a user must affirmatively click through in order to agree to certain terms.
Most importantly, be ready to commit to the terms you set. Courts have come down hard on business owners who effectively say they’ll do one thing, but do another.
Doesn’t this seem like overkill?
No. No matter how short and simple the website terms and conditions of some pages you visit on the internet may seem, the fact is that what protects them may not protect you, for the reasons we discussed above—not to mention that there are plenty of bad practices out there.
Privacy experts reference what is called the “life cycle” of data, which includes: collection, use, disclosure, storage, and disposal. Each of these discrete phases demands your attention and contains potential pitfalls along the way.
We have seen a tremendous increase in awareness and concern about these issues and we can help you avoid pitfalls. We encourage our clients to look at their websites with heightened scrutiny. The attorneys at McMillan Metro, P.C. would be happy to provide a review of your website and address any issues.