How well-educated are you on privacy laws?
Your answer may run the gamut from “I know just enough to get by” to “Not much, because it’s too boring to pay attention to.” But if you own or manage a website, privacy compliance should be on your list of top five things to get familiar with!
This can be a challenge, however, because technology changes far more rapidly now than ever before — which means that laws are constantly evolving to try to stay on top of the tech we have available.
If you have any presence on the internet — even if you don’t run a website — you’re likely aware that your personal information is out there: out there for anyone to see and make use of. Which illustrates clearly why privacy laws are so important.
The more information is readily available, the easier it is for corporations and hackers alike to capitalize on those details.
As a general rule, we are more aware of this than ever before. There have been a host of information hacks in the past decade that make it very obvious how vulnerable our information is, and how important it is to keep things in check with updated, expanded privacy laws.
One example that was widely reported was the Cambridge Analytica case, in which the personal data from millions of Facebook accounts was harvested — without consent from the users. That information was then used for political advertising during the 2016 election. Largely due to highly publicized scandals like this, governments and other organizations are now stepping in to offer protection to internet users.
Throughout this article, we’ll take a look at what is currently being done to protect you and your site visitors, as well as what you are personally responsible for — and what tools there are to help you follow through on your privacy compliance obligations.
What Is Your Government Doing About Abuse Of Private Data?
As I mentioned, governments are starting to take more notice of privacy issues, though it’s difficult, if not downright impossible, for them to stay on top of every new threat.
Some governments have been more proactive about this than others. The European Union, for example, put the General Data Protection Regulation, or GDPR, in place starting May 2018. This regulation was intended to “harmonize privacy protection” across the EU, and requires strict reporting from companies of all sizes, regarding what information they collect and what is done with it. If you’ve noticed an uptick in websites requiring that you agree to their privacy policies or acknowledge that you were notified of them as you view the site, the GDPR is largely responsible for that.
In the meantime, the United States is working towards more effective measures regarding transparency from companies, including what data they collect, how they collect it, and what they do with it afterward. Some states have passed laws for the protection of residents, and several more are in the process of passing legislation.
While it is admirable that individual states are taking action more quickly than the federal government, it actually makes things even more complicated for website owners and maintainers who are trying to comply with privacy guidelines. This is because, lacking a blanket rule from the federal government, we now have to research and comply with laws from individual states, many of which differ.
And if and when our federal government does put a blanket guideline down for the entire country, there may be cases in which state laws take precedence over federal laws.
Things aren’t going to get any less confusing any time soon!
So what does all of this mean for you?
Privacy Compliance And Website Owners — What It Means To You
Even though privacy compliance can be complicated, that’s really no excuse for not following through on what is required. And in order to do that effectively, it’s important to know what is required.
Even if the state legislature of your home state doesn’t have specific privacy guidelines, the laws of other states may still apply to you — after all, the internet doesn’t have state borders. If your site is accessible to visitors from other states, many of the laws are worded in such a way that you are required to comply with the laws of that state.
Basically, for the purposes of privacy compliance, it’s best to think of yourself as a nation-wide operator, and look for applicable laws.
What Happens If You Are Non-Compliant?
Since the laws are different for every state, the penalties are different as well. But as an example, the California Consumer Privacy Act holds a penalty for non-compliance of up to $7500 per instance — not per site, not per page, but per every Californian who visits your site and comes under the influence of your site’s non-compliance.
Yes, even if your company doesn’t operate in California!
This is just one example, but it’s easy to extrapolate how expensive non-compliance can be, and how dangerous it potentially is to your business — and to your wallet.
Should Your Website Comply With Privacy Laws?
The short answer is, yes. If there are any privacy laws that affect your website, then you should definitely be in compliance with them.
But we already covered the wide range of “laws vs. no laws” that we are subject to in the United States. So what laws affect your website, and how do you know?
Unfortunately, there’s no simple answer, because different laws impact different types of websites. The safest thing is to assume that you are subject to privacy laws, and do your best to comply with them using tools that are built for the purpose — more on that later in the article.
Some laws are very clear. For example, if you use Google Analytics or run an eCommerce shop, there are laws governing the information that you gather. Even if you simply have a “Contact Us” section which enables your viewer to send you an email directly from your site, that constitutes information gathering, and there are laws that govern that as well.
This makes it pretty clear that most small business websites are subject to privacy laws, and need to make sure that they are compliant, for the safety of their business and their customers.
So how do you do this?
Is Your Website Compliant?
If you are not sure (or you’re sure they are not!) then you might be exposed to big fines and possibly lawsuits.
SIGN UP FOR AN AUDIT OF YOUR POLICY - IT'S FREE!
How To Comply With Privacy Laws
You’re likely familiar with Privacy Policy or Terms of Use documents. They’re the long, involved windows that pop up when you sign up for a new service or visit a new site. If you’re like most of us, you probably ignore them or click “I have read and agreed with the terms of service,” often without reading — and sometimes without agreement.
But that acknowledgment takes the weight off the site and puts the responsibility on you as the visitor or consumer.
In order to comply with privacy laws, your site will likely need a Privacy Policy, Terms of Use document, or Disclaimer that lists which portions of data you collect, how it is stored, what you do with it, and how individuals can opt-out or request that the information is erased.
The reason why we as consumers often ignore these documents is because they’re full of legal jargon that, quite frankly, is pretty boring. So it shouldn’t surprise you that these TOS documents and the like are usually drafted by lawyers who are well versed in the type of business you run, and who can tailor the language to cover your needs.
But lawyers are expensive, of course — wouldn’t it be nice if you could just buy a generic privacy policy which will cover all your bases?
Well, you can — but I heartily recommend that you don’t. There are plenty of generic options for privacy templates out there, but most of them don’t really “cover your bases” at all. Remember how we talked about the extensive range in laws, and how they are constantly being updated and altered to try and stay on top of new privacy needs caused by new technology tools?
That means that a generic TOS or disclaimer is highly unlikely to be accurate and base-covering enough to do any good.
What are your other options? You can hire a lawyer to draft your TOS, of course — but you should also keep them on retainer because the same issue will come into play. You’ll need to constantly update your privacy policy to maintain compliance.
That sounds incredibly expensive — and it probably is. A beginning policy could set you back a few thousand dollars, not to mention the cost of keeping it up to date.
So what else can you do? Isn’t there a cost-effective solution to remaining compliant?
A New Privacy Compliance Tool For Small Businesses
If you’re running a small business, you’re probably already worried about keeping within your budget. Especially in times like these, the last thing you need is either a large bill from your compliance lawyer, or an even larger fine for non-compliance.
Luckily, there are other solutions out there. For instance, let’s take a look at a tool called Termageddon.
This tool offers continuously up to date privacy compliance for any website, based on your needs, and including any format necessary — privacy policy, disclaimer, terms of use, terms of service, you name it. It has a monthly rate of just $10.
That’s definitely cost-effective, but how do you know that it will keep you in compliance?
Termageddon was actually created and founded by an attorney who specialized in privacy and technology. It was clear that there was a lack in the market, and Termageddon’s founder filled the gap. With that knowledge and know-how at your disposal, this tool can be a boon for a small business owner.
To use the service, a site owner simply needs to answer a few questions about the site and the data that is collected. The entire process takes less than five minutes, and generates a policy that fits your needs. After you’ve gone through the process, you’ll get a code to embed the policy on your site — which is key to how the entire tool maintains functionality. Because it works through an embedded code rather than a TOS file that is uploaded to the site, Termageddon is able to update the policy remotely, keeping you up to date and fully compliant.
If new laws are published that may or may not affect your site’s compliance, you’ll be contacted for a few further questions. But, by and large, that simple five minute Q and A is the only work that you will have to do on your disclaimers.
So, a tool that keeps track of all new changes to laws and revisions to compliance regulations, is able to instantly update your policy, and can do it all at a budget-friendly monthly rate? If that sounds too good to be true, you might want to take a look at all the positive customer reviews for the company.
Termageddon is a unique solution in complicated times, and the company is constantly growing and adapting to serve its customers even better. The innovative system is definitely worth a look for small business owners who want the relief of knowing that their sites are compliant — and that their businesses and customers are protected. We’ve been using them since November 2019 – check out our Privacy Policy and our Terms of Service.
How Can I Get Started?
You can go to Termageddon answer the questions and embed the code on your own, or we’d be happy to work with you directly, as an official Termageddon Agency Partner, to ensure your policy is input into the system (and appropriate for your website) as well as set up the pages and embed the policy codes for you (most business owners find this to be an easy solution).
Is Your Website Compliant?
If you are not sure (or you’re sure they are not!) then you might be exposed to big fines and possibly lawsuits.
SIGN UP FOR AN AUDIT OF YOUR POLICY - IT'S FREE!
Disclaimer: We are NOT attorneys and are not offering legal advice. This article was written to give you the knowledge you need to help protect your company. In all cases, it’s best for you to seek the advice of your attorney to ensure you are compliant. Jones & Jones Advertising, Inc. cannot guarantee your policy or this procedure will be 100% compliant. The links to Termageddon are affiliate links and will not increase your price but does help us out.