October 20, 2021

Volume XI, Number 293

Advertisement
Advertisement

October 19, 2021

Subscribe to Latest Legal News and Analysis

October 18, 2021

Subscribe to Latest Legal News and Analysis
Advertisement

7 Key Elements of Effective Terms of Use: Privacy Policies

Before our recent two-month hiatus, we were discussing that most effective Terms of Use (or Terms of Service (TOS)) include seven key concepts:  (1) permitted use – that is, the specific uses to which the website may be put and any restrictions on use imposed by the website operator; (2) the treatment of user-created content; (3) a disclaimer of warranties; (4) the limitation, in whole or in part, of the website operator’s liability; (5) a privacy policy; (6) governing law and choice of forum; and (7) how the Terms of Use may be modified.

Before our break, we touched on the first four elements, which leads us to:

5.    Privacy Policies.  A privacy policy is a statement that discloses the ways in which a website operator gathers, uses, discloses, and maintains a user’s data.  Such statements are legally required where the website is directed to children under the age of thirteen, knowingly collects personal information from children under the age of thirteen,[i] or interacts with users living in one of the states that has passed a law requiring website operators to publish privacy policies.

The privacy policy should be a separate document, drafted and published so as to comply with the requirements of the most restrictive privacy laws which might apply to the relationship.  Often, the most restrivice domestic privacy law is the California Online Privacy Protection Act of 2003 (OPPA).  Under OPPA, “privacy policies must contain certain information, including the following:  personally identifying information collected, the categories of parties with whom this personally identifying information may be shared, and the process for notifying users of material changes to the applicable privacy policy.”[ii]

Website operators with users in countries other than the United States must also ensure that their privacy policies comply with the law of those foreign countries from which their users visit the website. Often, at a minimum, such compliance requires the website to comply with the EU Data Proection Directive, adopted by the European Union on October 24, 1995, or the "Safe Harbor" framework negotiated by the United States Government.


[i] See Jonathan D. Frieden, Charity M. Price & Leigh M. Murray, Putting the Genie Back in the Bottle:  Levering Private Enforcement to Improve Internet Privacy, 37 Wm. Mitchell L. Rev. 1671, 1683-84 (2011) [hereinafter “Internet Privacy”] (available at http://open.wmitchell.edu/cgi/viewcontent.cgi?article=1429&context=wmlr).

[ii] Internet Privacy, at 1690-91.

© 2021 Odin, Feldman & Pittleman, P.C.National Law Review, Volume IV, Number 267
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement

About this Author

Jonathan D. Frieden, Odin Feldman Law Firm, E-commerce Attorney
Shareholder

A degree in systems engineering and a background in computer coding have helped inform Jon Frieden’s approach to successfully handling a broad range of matters for his technology clients. As a self-described “early adopter,” Jon was one of the first attorneys in Northern Virginia to focus on Internet law and e-commerce.

With a practice centered on complex Internet- and technology-related commercial disputes and transactions, Jon brings a two-pronged approach to helping clients achieve success. Jon’s litigation experience helps structure deals for his clients that avoid potential...

703-218-2125
Advertisement
Advertisement
Advertisement