Online privacy and more specifically disclosing to consumers if and how their visitor data is being tracked is now an important matter for all website owners.
As of January 1, 2014, there are specific requirements to provide ‘enhanced’ privacy notices about the tracking practices you use. This holds true whether you are the one doing the tracking, or some other entity is involved.
Online privacy is now a very hot button topic for consumers. We’ve developed a strong sense of concern about what happens with our private information following the recent security breaches at Target and other large retailers. Alarms raised over the tracking of personal data by the NSA have also given us a wake up call.
The Two Major Compliance Issues Affecting Your Treatment of Online Privacy
OBA uses information gathered from multiple unaffiliated web sites to predict a user’s preferences, and display ads most likely to interest consumers. The Better Business Bureau began auditing and enforcing their accountability program on January 1, 2014.
2) There is a new amended California Internet Privacy Law, which requires operators of a commercial Internet website or online service (including mobile apps) that collect personally identifiable information (PII) about consumers residing in California who use or visit its website or service to disclose how it responds to “do not track” signals or other mechanisms that provide consumers a choice regarding the tracking of their online activities, and to disclose whether others may collect PII when they use the operator’s website or online service. The legalese is long, I know, but you get the drift.
In other words, if your website can or does collect information about California residents, then you need to be in compliance with the new law by adding the disclosures. A case in point, as highlighted in this article, would be if you allow a third party to place ads on your site and the advertiser places “cookies” on the user’s browser to allow them to track that user’s movements across domains, you would likely need to disclose that fact to your users.
About the ‘Do not Track’ Online Privacy Provision
‘Do not track‘ is intended to work in much the same way as the more familiar ‘do not call’ request for opting out of unwanted calls, except it asks whatever sites you visit not to track your movements for the purpose of delivering ‘like it or not’ ad content. But unlike ‘do not call’, there’s no current requirement that the site receiving your ‘do not track’ signal has to honor your request. It just has to disclose its policy about how the requests are handled in plain view.
About the Third Party Online Privacy Disclosure
In the past, website owners tended to rely on whatever advertising network they subscribed to for sharing specific tracking details to consumers. With the new law, the responsibility falls directly on the owner of the individual website. The California law is the first in the United States to impose disclosure requirements on website publishers that track consumers’ online behavior.
Who the Online Privacy Regulations Affect
Generally, the new rules apply to you if:
- You use any kind of advertising network (including those WordPress plugins that feature posts from around the web on your site in exchange for showing your content on other sites)
- You have affiliate links on your site
- You host AdSense ads on your site
- You use Google Analytics that track your visitor’s activity on your site or blog
- You capture personal identifying information through forms handled by third parties on your site or blog
- Your site places cookies on your visitor’s computer
How to Comply with the 2014 Online Privacy Regulations
I’ve read a good amount of information on this subject, and there doesn’t seem to be a universal standard for complying with these new changes. As best as I can determine, here’s what you can do in the near term to keep the Better Business Bureau away from your door.
If your site ignores ‘do not track’ signals (and most do because they are fairly new), you need to make that obvious to your site visitors. If you do happen to honor them, you need to also clarify how you do that to be in compliance.
If you are a network or affiliate marketer, or you allow third party advertising on your site or blog, you need to let your site visitors know that you’re using online behavioral tracking technology.
If you have affiliate links on your pages or posts, it should be clear that you will receive compensation if someone buys through one of your links.
If you writing about a product that you received a sample or review copy of, you need to mention it.
If your site creates cookies, you should say so prominently and explain how they are used. The Pillsbury Law site does a very neat job of this by adding a statement at the very top of their web pages.
Well, It looks like we’ve got some work to do. How do you feel about the new online privacy regulations? Were you aware of them before? Add your comment below.
Dawn Lanier is the author of this post about online privacy. Please feel free to share it, if you found it helpful to your business. Thanks for visiting!