This Privacy Policy Provision Could Bankrupt You

James Chiodo, Certified Information Privacy Professional CIPP/US

With the entire buzz about laws requiring you to have a privacy policy for your website or blog, what many online operators fail to understand is that a poorly drafted privacy policy could be far more costly than a privacy policy that is not compliant with the new laws.

For most people, there is a strong temptation to grab a free privacy policy from the Internet to use on their website or blog. However, since most of these policies were not drafted by an attorney experienced in the Internet and privacy laws, they put the website owner at risk for possible fines and lawsuits.

Using a free privacy policy or one that has not been drafted by an attorney, is a bad idea and could cost you dearly, and even bankrupt you.

Your privacy policy is a contract with your visitors and customers and is required by law. Furthermore, you are required by law to back up the guarantees and promises you make in your privacy policy (privacy statement). And the (FTC) Federal Trade Commission, state regulatory agencies and customers can and will hold you accountable for not living up to the guarantees and promises you make in your privacy policy.

There are several provisions in your privacy policy that if not kept, can get you in trouble. However, there is at least one that could cause financial disaster to your business if not kept. Guaranteeing the security of your customer’s information and not living up to that guarantee.

Most website owners do not understand that by making this type of guarantee or promise and their website gets hacked, or there is a data breach exposing customer’s personal information, there is a list of government agencies and private parties that could possibly sue you into financial ruin. First on the list to come after you might be the FTC. And there is a long list of companies big and small who have felt their powerful enforcement actions. 

Here are a couple of privacy policy provisions guaranteeing your customers privacy information that could potentiality bankrupt you:

Your information is safe with us

Your information is stored to several servers to ensure guaranteed security. All information is backed up every day and stored in our security-focused data centers in numerous locations across the United States to protect your personal information.

We protect your billing data

We protect your credit card information using state-of-the-art encryption – the same level of encryption used by the leading financial institutions. All sensitive information is transmitted and stored on a PCI-compliant network that is scanned regularly for security by industry-leading experts.

Similar privacy and security provisions are currently being used by well-established Internet companies. These companies promise their customer’s information will be secure, and like any other contract, can be held accountable if those promises are not kept.

Unlike some fines for privacy violations which generally are not devastating to a business, if the companies using these types of provisions have a data breach by way of a hacker, employee, vendor or another person, they will likely be sued. The lawsuits can be filed by the FTC, an Attorney General from any state, customers, users or a combination thereof. And these types of lawsuits can bankrupt small-business owners.

Dangerous privacy provisions such as these are most commonly seen in the free privacy policies being given away on the Internet. See our blog post on “Your Free Privacy Policy Could Be Costly”

You can reduce your liability significantly by using a privacy policy and website terms and conditions that were drafted by a skilled Internet attorney.

Click here to see our attorney drafted privacy policy that complies with both state and federal laws.

New California & Nevada Privacy Laws Affect Website and Mobile App Owners ➞ Read More