Friday, December 16, 2016

Data Privacy: Is It On Your Holiday Wish List?

The holiday season is upon us! And with the familiar Christmas music and winter wonderland decorations comes the holiday shopping season. Holiday marketing campaigns enjoy a rich history dating back at least 150 years. Some of the most memorable include: 

  • Macy’s Holiday Window display (1874);
  • The Budweiser Christmas Clydesdales (1931);
  • Campbell’s Soup “Breeze Through the Holidays” (1948); 
  • Starbucks Red Cups (1997); and
  • American Express “Small Business Saturday” (2010).
With online shopping on the rise, these marketing campaigns have transitioned to the Internet and have come to have a serious impact on where consumers shop and what they buy. Although online marketing provides many benefits, businesses offering online retail services must be aware of the host of data privacy issues that go along with e-commerce, including the need for a clear and accurate website privacy policy. 
Consumers are increasingly aware of the importance of protecting their information online. Privacy policies promote the practice of being transparent with consumers about what information a website gathers, how that information will be used, and who will have access to it. While there isn’t a single federal law that requires U.S. companies to post a privacy policy on their website, a myriad of federal and state laws suggest that every business with an online presence should.

For example, The California Online Privacy Protection Act of 2003 (CalOPPA) requires operators of commercial websites and mobile applications that collect personally identifiable information from California residents to post a privacy policy on the home page that meets certain requirements regarding the kinds of information gathered by the website, how the information may be shared, and the process for reviewing and making changes to stored information. Every website that reaches California residents (so, virtually every website) must comply with CalOPPA. 

In addition, tFederal Trade Commission (FTC) may sanction or fine companies that do not disclose their privacy practices accurately or otherwise mislead users of a website or mobile application. 

The Children's OnlinePrivacy Protection Act (COPPA) protects the privacy of children under 13 by requiring website operators collecting information from children under 13 years of age to obtain verifiable parental consent, among other things. COPPA applies to: (1) operators of websites or online services, including mobile apps, directed to children under 13 years of age; and (2) operators of websites or online services, including mobile apps, that have actual knowledge that they are collecting personal information online from a child under 13 years of age. Even if you do not intend to direct your site or service at children, it may attract a substantial number of children under 13 and thus COPPA compliance may be required. Consider factors such as your service’s subject matter, visual content, character choices, music and language in determining whether COPPA compliance could be triggered. 

As businesses push to drive consumers to their websites in an effort to capitalize on the holiday shopping season, it is crucial for them to make sure their privacy practices are appropriately disclosed. If you are in need of a starting point, check out the Data Privacy page of our website, where we have made available a customizable website privacy policy template. 

No comments :

Post a Comment