Which law(s) in the U.S. say you have to have a privacy statement. I need to prove we are obligated to have a privacy statement to sell things online and.or collect personal info online.
I've been doing research but just can't seem to find the law, except for specialty laws like COPPA (kids privacy) and the one for financial institutions . . .
Are you asking about actual US "laws" or in regards to the "requirements" that a particular bank is requesting for processing transactions?
ETA... This *may* help...
http://www.informationshield.com/usprivacylaws.html
Dave
Yes, my bank is the party that requires it. Even in the absence of a credit card transaction, you still must take reasonable steps when collecting, creating, maintaining, using and disclosing certain information (aka Personally Identifiable Information) - in contracts law (and check the state that you are in), this is what most people would refer to as an implied covenant. In certain circumstances, the state you are in may expressly require non-disclosure of information by statute {think medical conditions, pharmacies, etc}. The reverse is also true where there are certain circumstances where the state will require disclosure {think envirronmental conditions where a business will have a duty to report an environmental hazard to a state/federal EPA}
Craig Walenta on Google+
There is no law that requires you to have a privacy policy in order to sell products online as far as I know.
One issue is the law for someone in one country may differ than those in other countries so that needs to be considered firstly.
Next anyone can find a payment processor who could care little for what policies a site may have, and will gladly help a business process transactions to an unnamed bank account.
Now there are some companies which as a matter of Terms of Service require your site to have a privacy policy clearly spelled out to do business with them. For example Google Adwords wants to see a privacy policy page on a website being advertised, otherwise they will often assign a low quality score which penalizes the advertiser to pay a higher cost per click, than their competitors.
Amazon and E-bay on the other hand, do not require affiliates to have a privacy policy in order to sell their products and services.
I am not sure why you would 'need' to prove anything...in life there is what is known as common sense, using it will often yield positive results. If it makes sense to use a privacy policy, then use it......last I checked they are not much of an expense to implement.
;->
Privacy Policy's are also placed on site that don't really need it but it gives the visitor a comfy feeling knowing that you care about their privacy. Consumers are just very concerned about giving away personal information.. funny, they have no problem clicking just about any link in an email giving away something that actually attacks their computers.. pfft!
Overall I think it's just good business practice to have one.
10% TemplateMonster Discount - Everyday! * Visit the Snerdey Blog
Ecommerce l CMS Templates | Wordpress | Dynamic Photo Gallery
It also helps to keep in mind that there are browser addons that will automatically block cookies and links if they don't find something about a privacy policy on the page, or if the site doesn't have a compact privacy policy attached.
Do you refer to your merchant acquirer?Originally Posted by cw1865
If so, are you referring to requirements over and above any imposed by the card associations themselves?
Well I just know that if children under 13 fill out your contact form that request personal info and you don't have a COPPA complant privacy policy you're in violation of COPPA.
I just thought there was a similar law that covered sites that were collecting financial info for a purchase of goods or services.
Maybe this is why I can't find it, because there isn't one?
The mere fact that a child under the age of 14 can and does fill out such a form is not sufficient to trigger COPPA.
Per Federal Trade Commission - COPPA ,
"The Rule applies to:
- Operators of commercial websites or online services directed to children under 13 that collect personal information from children;
- Operators of general audience sites that knowingly collect personal information from children under 13; and
- Operators of general audience sites that have a separate children's area and that collect personal information from children. "
Don't forget that besides the requirement, many customers won't do business with you or be skeptical to enter their information on your website if you don't have a privacy policy.
You'll love this free traffic site...now it's getting me 2,000 targeted hits every day.
http://www.traffficswarm.com/wpw.html
Posting Permissions
Submit Your Article
Forum Rules
Reply With Quote