As an internet marketer, you\u2019ve known that growing your online business requires growing the email marketing list. This is why a landing page and capturing visitors\u2019 contact information was one of your first and highest priorities.\u00a0<\/span><\/p>\n
What many business owners do not know is that their greatest asset \u2013 their email list or contact database \u2013 is also their greatest source of legal liability. The liability is so great that it could shut down your business overnight.\u00a0 In some states, this list also includes a customer\u2019s driver\u2019s license number.\u00a0<\/span> The privacy protections mandated by COPPA are only a start, with additional restrictions involved if the website is collecting information on minors under the age of 13, processes financial information like bank account numbers or hosts medical records.\u00a0<\/span> Failure to comply with these privacy regulations can result in fines from the FTC and California\u2019s state equivalent, as well as leave vendors open to lawsuits.\u00a0<\/span> If your privacy policy says that it won\u2019t be shared and then it is changed, you must give your customers a chance to opt out or ask to be removed from the mailing list.\u00a0<\/span> If you say someone must give their consent before you share their information, you must follow your own guideline.\u00a0<\/span>Given the seriousness and significant restrictions on collecting information on minors, include clear procedures in your privacy statement on how a parent can remove a minor\u2019s contact information from your database as well as your right to delete the accounts of anyone who is suspected of being a minor.\u00a0<\/span> Be careful about using boilerplate privacy policies. They may make statements that don\u2019t apply to you, while they may also neglect to address the sharing of information many internet marketers want to utilize. You should work with an attorney to craft a privacy policy that meets your specific needs and intended marketing practices.\u00a0<\/span> The most important thing you can do after crafting a privacy policy is follow it. Don\u2019t do what you said you wouldn\u2019t, and do what you said you would.<\/span><\/p>\n By now it should be clear how important it is for you to be FTC compliant. But how can you do that without spending $7,500-$8,000 or more on Internet Attorneys?<\/p>\n Smart business owners around the world are doing it with the help of FTC Guardian.<\/p>\n FTC Guardian is a service that is 100% focused on helping to keep you get and stay FTC compliant and fully protected.\u00a0And right now, we are offering a free training to give you the knowledge, information, and guidance that you need to stay out of trouble with the Federal Trade Commission.<\/a><\/p>\n![](\"https:\/\/s3.amazonaws.com\/ftcguardian\/images\/728x90-Un-vjy-FTC-GUARDIAN-banner-2.gif\")
<\/a><\/p>\n
Warning: You must put as much care into protecting clients\u2019 privacy as you do maintaining the mailing list. Today\u2019s privacy regulations require it.\u00a0<\/span>
How Privacy Regulations Came Into Being<\/span><\/strong>
The Federal Trade Commission considers some information so private that its protection is almost sacred.\u00a0<\/span>
Modern privacy regulations were born in California in 2004 with the California Online Privacy Protection Act or COPPA. COPPA went into effect July 1, 2004.<\/span>
What does COPPA Say?\u00a0<\/span><\/strong>
All websites that collect personally identifiable information or PII of California residents must post a privacy policy. Since few websites want to exclude on the largest states in the nation and many were hosted in California in the 2000s, virtually all websites had to comply.\u00a0<\/span>
COPPA defines personally identifiable information as:\u00a0<\/span><\/p>\n\n
Privacy protection is mandatory if the customer\u2019s data is linked to other personal information such as:\u00a0<\/span><\/p>\n\n
After COPPA went into effect, websites started posting privacy polices that were compliant with the regulation. Some of them did this because they didn\u2019t want to lose out on California\u2019s population. Others did so because they didn\u2019t think they could screen out Californians with enough certainty that they could avoid violating the law. It was thus better to become compliant with California\u2019s law than risk a lawsuit in California\u2019s courts.\u00a0<\/span>
The end result of COPPA is that it became the de facto national standard of privacy policies.\u00a0<\/span>
What other national statutes and regulations on privacy should you know about?\u00a0<\/span><\/strong><\/p>\n\n
\n
\n
\n
\n
![\"\"](\"\/images\/button_banner-Big_Data_Report.png\")
<\/a>
\nSocial Media and Privacy Protected Information\u00a0<\/span><\/strong>
Privacy protection is far more than ensuring that you don\u2019t carbon copy everyone else on the marketing list so that they all see each other\u2019s email or accidentally publicly post the names and phone numbers of all your contacts.\u00a0<\/span>
Privacy protection is an ongoing battle, in part because of the rise of professional hackers and the government\u2019s endless alterations of privacy regulations. For example, location based services now allow marketers to determine where someone is and tailor advertisements to them. In 2011, the FTC added physical location data to the list of private information. You can still send ads to those in your vicinity based on their search results, but you cannot share the consumer\u2019s location with other groups. The FTC also told Google that its BUZZ service couldn\u2019t share screen names and consumer contact lists.\u00a0<\/span>
Mobile Apps and Privacy<\/strong>\u00a0<\/span>
Apps are an amazing way to stay connected with your customer base. Instead of waiting for them to check their email or look for mobile coupons, you can regularly reach out to them via your apps.\u00a0<\/span>
Unfortunately, apps have been found to erode overall privacy. For example, one social networking app was discovered to have uploaded the user\u2019s mobile phone contact list without his permission. Twitter admitted to doing the same. Due to these concerns, in February, 2012, California\u2019s Attorney General announced that COPPA applied to information collected through apps as well as through websites. The FTC jumped on the bandwagon in August, 2012.<\/span>
What does this mean for mobile marketers? It means that the data collected through apps must be protected the same way personal information collected through websites must be protected. It also means that you can\u2019t use an app to harvest all of the contacts on a consumer\u2019s smart phone, monitor their mobile web surfing or save their location history, no matter what the NSA may be doing.\u00a0<\/span>
The FTC formalized its privacy protections required for mobile apps in the document \u201cMarketing Your Mobile App: Get It Right from the Start\u201d. In this document, it stipulates that:\u00a0<\/span><\/p>\n\n
What You Should Do about the Collection and Use of Protected Information<\/strong>\u00a0<\/span>
Create a privacy policy for your website and any apps you\u2019ve developed. Clearly state when the privacy policy goes into effect, the type of information collected, and how users can change their private information.\u00a0<\/span>
Your privacy policy must state how consumers will be notified of changes to the privacy policy, even if the privacy policy says they should simply check the privacy policy page for changes.\u00a0<\/span>
Your privacy policy is treated like an advertisement when it comes to the FTC. For example, the privacy policy cannot be \u201cdeceptive\u201d.\u00a0<\/span>
If your privacy policy says you will not share it with third parties, you run afoul of state and federal laws if you turn around and share your mailing lists with a third party. You cannot share private information with subsidiaries or vendors with related products and services unless your privacy policy clearly states that it may be shared with third parties.<\/span><\/p>\n
The deceptive practices definition and privacy polices leads to a Cardinal Rule. If you say you won\u2019t do something, don\u2019t do it or the FTC can sue you for deceptive practices. If you say you will do something and don\u2019t do it, you are as liable to an FTC claim as you would for lying about the performance of a product.\u00a0<\/span>
Does the FTC actually punish those who violate the Cardinal Rule? Let\u2019s look at some recent FTC cases.\u00a0<\/span><\/p>\n\n
\n
\n
If the FTC is willing to go after giants like Twitter and Google, you know they\u2019ll go after your business if you violate your own privacy policy.\u00a0<\/span>
Recommendations\u00a0<\/span><\/strong>
Maintaining antivirus and malicious software protection on your server so that the credit card numbers of your customers and affiliates is an under-appreciated but critical form of privacy protection. However, you need to be careful not to state that you adhere to the highest industry standards for data security. Unless you are a large defense firm with intrusion detection software, active monitoring of your network and good hackers working on your behalf, you cannot meet the highest industry standards for data security. Simply state that you will provide reasonable and adequate security of personal information.\u00a0<\/span>
If your website says we will never sell or rent your personal information, you\u2019ve painted yourself into a corner. Now you can never do this without opening yourself up to some sort of liability. If you change the privacy policy to state that you may share consumer information in the future, you must make sure all customers know this and have months if not years to opt out of your mailing lists.\u00a0<\/span><\/p>\n
Clearly state that consumers should not post personally identifiable information on your website such as in user forums or testimonials. Include a statement on your privacy policy that you can shut down the accounts of those who share too much personal information or post the personal information of others.\u00a0<\/span><\/p>\n
Conclusion\u00a0<\/span><\/strong>
Privacy policies are not a privacy matter; they are public record and subject to state and national regulations. Privacy regulations affect the value of your email marketing list and the survival of your business. Mishandle your privacy policy, and the FTC\u2019s deceptive advertising claim against your firm could be the next thing the public reads about your firm.<\/span><\/p>\n![\"FTC](\"http:\/\/www.ftcguardian.com\/articles\/wp-content\/uploads\/2014\/07\/Learn_More.jpg\")
<\/p>\n<\/h2>\n
Here\u2019s How To Make Sure You,\u00a0Your Business & Website Is FTC Compliant<\/h2>\n