Privacy Policies and FTC Enforcement Actions

Privacy Lawyer

Various large website privacy policies have been scrutinized in the media lately, including those from Google, Reddit, and Facebook. No court has addressed at length whether a privacy policy constitutes an enforceable contract, but, under existing precedent related to clickwrap and browsewrap agreements, it is safe to presume that some privacy policies may be considered to be enforceable contracts and, consequently, serve as evidence of the legal relationship between the website and the end user.

Further, under US law, privacy policies are not required unless a website targets children and falls under the mandates of the Children’s Online Privacy Protect Act. Even though US law does not require privacy policies, the Federal Trade Commission recommends them and views failure to comply with a privacy policy a deceptive trade practice. Implementing a privacy policy also reduces potential liability for trade deception-based claims by disclosing to end-users how the website collects and uses personal or personally identifiable information.

For example, the FTC has penalized websites that do not transparently disclose their use of personal or personally identifiable information. In In re GeoCities, GeoCities collected personal information from visitors to its website, including education and income level information, which it claimed would not be shared with third parties. GeoCities then shared this information with third party advertisers.

The FTC filed suit against GeoCities for its practices. The Court ultimately ordered that GeoCities had misrepresented to consumers that it would not share personal or personally identifiable information with third parties. Further, the Court ordered GeoCities to clearly display an accurate privacy policy on each page of its website and provide members with an opportunity to have their information deleted from GeoCities’ website and third party databases.

The terms of a privacy policy may also help protect against deceptive competitive trade practices. In FTC v. ReverseAuction.com, ReverseAuction scraped email addresses, user IDs, and feedback ratings of eBay users by logging into the eBay website to obtain this data. After mining this data, ReverseAuction sent emails to eBay users claiming that their account would soon expire and, therefore, they should sign up for ReverseAuction’s services.

Subsequent to these actions, the FTC took action against ReverseAuction. The FTC found that ReverseAuction deceptively sent its emails to third parties after wrongfully obtaining their information from eBay in violation of eBay’s privacy policy. In short, the FTC used ReverseAuction’s violation of eBay’s privacy policy as justification (in part) for its enforcement action.

These actions evidence that, though law in the United States, except in limited cases, does not require privacy policies, they are incredibly useful and help companies avoid liability. Consequently, it is important to implement a well drafted and custom privacy policy tailored to your business’s needs.

Extra, Extra!
Recent Posts

Esports Intellectual Property Lawyers: Gaming Law

Esports Intellectual Property Lawyers: Gaming Law

Internet Law

Like any business, esports businesses must protect their various forms of intellectual property (“IP”). IP can be valuable. Indeed, with some esports businesses, the largest component of their business valuation is their IP, including trademarks, copyrights, patent rights, domain name registrations, and trade secrets. IP can also include various assignments, licenses, and other permission-granting contractual […]

Read more about Esports Intellectual Property Lawyers: Gaming Law

E-Commerce Acquisition Lawyers

E-Commerce Acquisition Lawyers

Internet Law

Revision Legal is a law firm focusing on e-commerce and internet law with deep experience in providing legal services with respect to mergers and acquisitions of e-commerce businesses. E-commerce is, of course, businesses that make money online. But that “online” aspect presents unique legal and practical challenges for e-commerce acquisitions. Any business acquisition requires a […]

Read more about E-Commerce Acquisition Lawyers

Quality Control Requirements for Trademark Licensing

Quality Control Requirements for Trademark Licensing

Trademark

Trademark licensing can create valuable revenue streams for your business. Licensing has the advantage that your business retains possession of the trademark and can create more than one licensing regime over the life of your business. Licensing is also a method of expanding the reach (and value) of your trademark without the need to invest […]

Read more about Quality Control Requirements for Trademark Licensing

Put Revision Legal on your side