• Do You Follow Your Posted Online Terms and Conditions?
  • October 24, 2012 | Author: Donna Ray Berkelhammer
  • Law Firm: Sands Anderson PC - Raleigh Office
  • There are dozens of federal statues and regulations that govern consumer privacy. They regulate what data a company can collect and how you must protect it once you have it. One of the best ways to mess up in e-commerce is not to follow your own guidelines.

    The Federal Trade Commission, which enforces unfair trade practices, can bring federal action against companies that do not comply with their stated privacy policies or violate other consumer protection laws. It has brought 32 suits to date. Violation of your own stated policy can be a violation of Section 5 of the Federal Trade Commission Act, and in North Carolina, an unfair trade practice allows a plaintiff to ask for triple damages and punitive damages.

    Privacy law as it related to consumer protection comes from multiple sources and varies based on the industry. Highly regulated industries such as medical or financial firms have significantly higher regulation and oversight of their information policies and practices. So do companies that might attract children to their web site.

    An online privacy policy is a statement that discloses the ways you gather, use, disclose and manage a customer information gathered via your website. It often goes hand in hand with disclaimers or terms and conditions that explain what your website does or doesn’t do, and what remedies a customer has if there is a problem.

    The privacy policy should state clearly:

    • What information is collected;
    • Whether personal information is stored separately by individual account or aggregated for statistical/analytical purposes;
    • Whether it is kept confidential;
    • What security measures are employed; and
    • Whether it shared with partners, or sold to other companies.

    Before your web site goes live, make sure your privacy policies adequately represent what your company does with the data, and that you are prepared to actually follow you policy. Your terms and conditions should be appropriate to your business, e-commerce level and data collection.