Many businesses have a privacy policy of some kind or another. These policies are very important, because they explain to customers or employees how their personal information will be disclosed and to what parties are disclosed.

Any person who runs a business, whether online or offline needs to have a privacy policy written in a formal manner that discloses to customers and employees will have and will not have their personal information disclosed.

A Brief History of the Privacy Policy

The history of privacy policies is quite interesting when you see how they actually came about. Privacy policy statements began in the United States and the EU as technology began to become sophisticated enough that information could be transmitted within minutes.

The first idea of a privacy policy of some sort was actually conceived by the Council of Europe in 1968. Though at the time, computer technology was in its infancy, members of the European Council realized that as computer technology would advance in the coming decades, personal information could be at risk. At the time, the internet already existed, but not for the general population, as it does now. The internet was actually pioneered and used by the US and Allied militaries for top-secret communications in the late 1960s, furthermore, Europe had a form of the internet already functioning for the general civilian population in the 1980s. The French developed a basic form of the internet which was accessed by connecting a small computer with monitor to the standard house phone. This system was known as the Minitelle. The French Minitelle operated in a similar fashion as the internet of today does. Though the graphics and fancy websites were not supported on the small monochrome screen of the Minitelle, people could access all kinds of different information, some of which was very personal.

If you had a Minitelle connected to your phone in France in the 1980s, you could access such information, such as people’s criminal records, financial records, and more. You could even discover your or someone else’s ancestry on the Minitelle. This type of technology was exactly what many members of the European Council were worried about in 1968 and 1969, just a mere 15 years before the Minitelle was introduced to the many households in France.

Protection of personal information was actually enacted into law by some of the European countries in early 1970s. The first European country to enact a law requiring businesses to have a privacy policy was Sweden, which enacted a privacy protection law in 1973. This was then followed by Germany with its own privacy protection law in 1977. France followed suit as the Minitelle was being developed for civilian use in 1978, just a mere four years before the first Minitelle was purchased and installed in an average French household.

America too was working on protecting personal information at that time and by 1974 the Privacy Act was enacted a year after the US Department of Health and Human Services developed a code of rules and regulations which called for fair use of information.

The Fair Information Practice was a code of regulations that the Federal Trade Commission enacted to protect sensitive personal information. Under this law, any entity who collects personal information for whatever reason must disclose to the consumer why they are collecting their information. Furthermore, the Fair Information Practice also allows consumers to have a choice whether they want to give out their personal information or not.

The Importance of a Privacy Policy

Facebook privacy policy. Image Source.

In today’s age is paramount as it is grounded in our daily lives. You will find a privacy policy anywhere you go these days. When you go to the doctor’s office, for example, you have to sign a privacy policy. The policy at the doctor’s office will let you know what sensitive health information your doctor might share with other parties, such as other physicians, nurses, lab technicians, etc.

The retail industry also has privacy policies, whether you are applying for a credit card, making a purchase with a credit card, or purchasing a big ticket item, you will have to sign a privacy policy. Likewise, when applying for employment in the retail industry, you will have to sign a privacy policy for your employer, as he might disclose some of your personal information for various reasons, such as running a criminal background check, checking your credit, etc.

How Are Different Privacy Policies Formatted?

The format of different privacy policies can vary depending on where you go. Some of the common privacy policies that you will run into include the following:

• The doctor’s office will have you sign a privacy policy that will have you consent to having some sensitive information disclosed about your health. There are several reasons why physicians might disclose your health information to different entities. Your health insurance might want to know about your health and whatever medical conditions you might have to adjust the deductible or other payments you might have to make with your policy. If you have a serious health issue, your doctor might want to refer you to a specialist and therefore, he will have to send your health information to that specialist, so he knows how best to treat your condition.
• Credit card companies and other lenders will often have you sign a privacy policy for you to consent your personal financial information to be sent to the three credit reporting agencies. The reason is because creditors and credit card companies often use information from the three credit reporting agencies to obtain your credit score, credit history, and other information about your income and debts you have. Lenders often use this information about you to determine the interest rates you will have to pay for the loan or whether to give you the loan at all.
• Retailers and merchants primarily use privacy policies for marketing purposes. Many merchants, big and small, have mailing lists, emailing lists, calling lists, etc. They need to have your consent before they can send any advertising or marketing materials to you personally. Though retailers often use target marketing for many of their customers with interactive advertisements. You may have noticed this every time you log onto your email, facebook, etc. You notice that you will see items you purchase on a regular basis appear in the advertisement. When you click your mouse on one of these images, you go directly to their site. Email marketing and telemarketing, on the other hand, marketers need your permission to send you emails or call you. If you are on a ‘do not call’ list, they are required by law not to call you for marketing purposes. Many people do not like to be bothered by telemarketers, so retailers need to make it clear in their privacy policies why they need your contact information.

There are many other offices and businesses that will have you sign a privacy policy. These range from attorneys to insurance companies, etc.

Your Online Store Privacy Policy

Well, it is highly recommended that you have a privacy policy on your online store. Basically, a privacy policy is a legal document that tells your customers that you will disclose some of their personal information to third parties. The parties could get your information for several purposes. They can get it for marketing purposes, service purposes, etc. A good online merchant often has a mailing list for his customers. Typically, an online merchant is required to have permission from his customers before sending emails, otherwise his marketing emails might be labeled as spam. Here are some things to think about before deciding whether you need a privacy policy.

• Collection of personal information for marketing purposes is the biggest reason why you should have an online privacy policy for your online store. In this case, having a privacy policy can be even more important than the security you have for your shopping cart (the electronic payment system most online stores have. Many customers will want to know why their personal data is to be collected.
• When making your privacy policy, you need to clearly explain why personal information about your customers needs to be collected. It may be needed for service related issues, or you may want some of their personal information to market new products or merchandise to them.
• Besides explaining why you are collecting personal information, you need to explain how this personal information is collected. Many websites use a system known as cookies, which are kind of like mini-programs which your website will download on any given visitor’s computer to allow the website to keep appearing at the last setting the visitor left the website. Cookies are the most common way online merchants collect personal information from visitors to their website. Cookies can also be used to specifically target marketing to specifically tailored to a particular visitor. One example is if you have a website that sells popular casual sneakers. A visitor was browsing your selection of Converse shoes. The cookies on your website will then have ads from your website focusing on Converse shoes to that particular visitor every time he or she is on Facebook, Twitter, or some other social media site or online email provider, such as Gmail or Yahoo.
• Third party merchants can by far be the most important reason why you would need to have an online privacy policy. Many online merchants often use third party merchants and drop shippers to deliver their products to customers. Many third party merchants are likely to be affiliated with major corporations and they have requirements that you might be bound to if you use a third party merchant.

Certain states in the United States and international laws, such as laws from the EU, may have certain requirements for privacy policies. California is one example of different laws regarding privacy policies that you might encounter when opening your online store. Things to consider should be as follows:

• Is Your Website Targeted To a Local Audience? – Suppose you own a small mom & pop store in a small town as many small business owners do. You simply intend your website to be targeted to a local market within the small town your business is or within the entire county or region. In this case, you need only to know what the local laws are in your state together with Federal laws. Your local governments, such as your municipal and county governments may have their laws you may have to follow also.

• Are You Going Nationwide? – If you are a simple online entrepreneur and want to have an easy way to make a lot of money and stay home, then you may be building an online store that works together with a third party or a drop shipper. In this case, you will need to know what the laws regarding a privacy policy are in all 50 states. As mentioned in the above paragraph, California is a state that has many different regulations which other states typically do not have. What makes California stand out from other states is that its regulations can be more rigorous than those of other states. California is one state that does require you to have a privacy policy with no ifs, ands, or buts.

• Are You Looking To Take Your Website International? – Having an international business can be very challenging. When running an international online business, you will have to know the laws of many different countries. The biggest sticklers to privacy policies outside of the United States are the countries that make up the EU, Switzerland, Canada, and some others. Special attention needs to be taken to these laws, especially since you may need to gather extra information from your international customers for customs purposes.

How Can a Privacy Policy Benefit You?

The benefits of having a privacy policy can be phenomenal, even if it is not required. Let’s face it, a privacy policy is a good thing to have. Think of it as an insurance policy. Like anything else, when you have a business, there are legalities and there is always someone out there who will want to sue you for whatever the reason. A privacy policy is a great document to have, as it can protect you from unnecessary lawsuits which can get very costly. When you have that privacy policy posted, there is nothing a visitor can do. He can either consent to it or not. Typically, when you have a website, if a visitor chooses to sign on to a mailing list or participate in a part of your website, your privacy policy should automatically pop up and a visitor must click a check box to agree or disagree with the privacy policy. If the visitor agrees, legally he cannot sue you and you’re in the clear.

What are Federal Requirements for Privacy Policies?

There are several laws on the books that dictate the use of privacy policies and why they are needed some of these laws include the following:

• Children’s Online Privacy Protection Act of 1998 is one law on the books that affects how websites are viewed by children who are 13 years of age and under. This law as enacted while the internet was still a jungle and people were only beginning to use it. This law dictates that certain guidelines must be followed in protecting children’s personal information when doing online business in any state or territory of the United States as well as websites who also operate both in the United States and internationally. This law basically states that when collecting the personal information of a child, parental consent must be verified before information is collected. When there is a privacy policy on a children’s website, the operator of that site to have a button that a parent can verify the consent of gathering his or her child’s information.
• The John Kerry and John McCain Privacy Bill of Rights is another set of laws that practically require you to have a privacy policy and regulates how personal information can be collected. Though this may not yet be on the books, it soon will be. Some of the clauses in the John Kerry and John McCain Privacy Bill of Rights include protection for the consumer and ensures that consumers and online shoppers will be able to share their personal and sensitive information needed for making purchases in a safe and respectful environment. Some of the clauses of the bill include how information is to be collected and stored. The bill also indicates that merchants must also disclose what personal information is collected for.

Conclusion

In conclusion, there are many good reasons why a smart businessperson should have a privacy policy. These reasons include protection from lawsuits, compliance with several laws on the books about data collecting, and keeping you within the law in the future when more strict laws may be enacted. Although a privacy policy is not required everywhere in the US, it is still a good idea, as it makes it clear to the consumer why you are collecting his or her personal information. It also gives the consumer an option to knowingly give his or her personal information or to decline from giving his or her personal information.