A few months ago, I received an email from Facebook regarding updates to its “Data Use Policy,” which explains “how Facebook collects and uses data when people use Facebook,” and its “Statement of Rights and Responsibilities,” which explains the “terms governing use of Facebook’s services.” Just this month, I received a similar email from Instagram regarding updates to its Terms of Service and Privacy Policy. This past week, some client disclosures prompted me to review how Pinterest deals with legal liability for copyright infringement via the company’s online Terms of Use.
As entreVIEW readers probably know, all of these companies have recently experienced negative publicity and complaints relating to the policies they have in place governing the interplay between the company, its users, and content posted to the site (see my blog post from last month regarding the Facebook “furor,” this New York Times article about the Instragram “uproar,” and this TechCrunch article about the “trouble brewing” with Pinterest).
But as we’ve also recently seen, not having these policies in place could cause even more of a headache. Last month, the California attorney general office announced that it is suing Delta for Delta’s failure to include a privacy policy with its mobile application. This is the first of such type of legal action under the state’s privacy laws, but it seems a sure bet it won’t be the last.
Online data privacy – and the way companies deal with the continually growing mass of rules and regulations related to this issue – has been climbing higher and higher on many businesses’ priority lists. We have seen this trend reflected in our own high-tech practice here at Gray Plant Mooty, as more and more clients are bringing up these issues at an earlier stage and asking us to draft documents that help mitigate their legal risks in this area.
So what do these documents look like and how can they help your business? The two most common documents used by companies today are a statement of Terms of Use (or Terms of Service) and a Privacy Policy.
Terms of Use. This document sets forth the rules for a user’s interaction with a company’s site or service. It puts the burden on the user to agree and comply with the Terms (either implicitly by using the site, or by clicking a box), and helps a company control and police its site. Some of the standard provisions typically included in this type of document are:
• Rules for accessing the site or service and account security;
• Guidance on intellectual property rights and infringement;
• Prohibited uses and user contribution standards; and
• Company disclaimers of warranty and limitations on liability.
Privacy Policy. In contrast to the Terms of Use, which focus more on user responsibilities, this document sets forth the rules related to how the business handles the data it collects from and about its users. Companies must be sure to represent their data collection and use practices accurately, or they could be subject to legal liability. Some of the information typically found in this type of document includes:
• An outline of the information the site collects about its users, both voluntarily (such as a form submission or post) and involuntary (i.e., through cookies, IP addresses, or global positioning technology);
• How the company uses and may disclose this information; and
• How the company secures this information.
As we’ve learned through witnessing the growing pains of the highly successful social media sites mentioned above, the issues addressed in these types of legal documents are issues that consumers are highly passionate about, and issues to which the law is paying more and more attention. While no amount of documentation can fully shield a business from complaints or problems that may arise in connection with these issues, as Delta – and many of our clients – have learned, it is better to protect yourself than to fly solo in this department. Sorry for the hideous pun.
A Post by Karen Wenzel, Guest Blogger
No comments :
Post a Comment