Privacy Policies

Even at the turn of the 17th century, Francis Bacon had it right: knowledge is power. Today, we are in the midst of the information age and, in relation to customer management and relationships, in the beginning stages of an age of invention. The challenges of managing your business include knowing your customer. Knowledge is gathering data, turning it into meaningful information and mining the data to create a competitive advantage.

The recently launched “Google Analytics” program provides a plethora of valuable information about your visitors and your site performance. But, these tools don’t use personally identifiable information to evaluate specific customer performance. There is still much to be developed and made available to the masses in terms of customer relationship analytics at the personal user level.

Database marketing a forerunner

Back in 1994, my first ecommerce company focused on developing data-capture systems and analytics for the banking industry, a technique that would become known as “database debt collecting.” The forerunner was “database marketing,” developed by Capital One in the early 1990s, which involved the use of advanced data analyses to more effectively target, acquire and manage credit-card customers. It would be years before the traditional credit-card issuers would figure it out, and inaction led to their ultimate demise. Today, some online merchants have mastered the use of information to drive business to new heights. Others are sitting on the sidelines, unaware of the competitive edge they are losing as every day passes.

The most misunderstood website legal document

This brings us to the subject of this month’s article: the privacy policy. It is probably the most misunderstood website legal document. Perhaps the name itself is to blame. Policies are defined as “courses of action or guiding principles.” Your privacy policy, however, is a legally binding contract with your website users. It is a privacy contract. And what you agree to do in your privacy policy can have long-standing implications. For example, take a look at your privacy policy: Consider the use of the Google Analytics cookie, understand that the information on your site is being transferred to a third party and then ask yourself if you might be breaching your privacy agreement. Can you even fix it? If you change your policy today to permit the use of third-party cookies and the transfer of the information to Google, can it apply retroactively to cover your existing customers or registrants?

Federal privacy-policy legislation likely in years ahead

I expect there will be federal legislation requiring datausage privacy-policy disclosures in the years to come. California requires certain disclosures today for those doing business on the web. You have to make a lot of decisions to balance the need to provide privacy assurances with your desire to use your information. Even if you publish a privacy policy that accurately represents your present use, have you taken care to anticipate the future? Do you understand the value of the data, and appreciate that even more advanced tools than the existing Google Analytics program will become commonplace in the years ahead? Do you have a privacy policy that will be flexible enough to evolve with the times? Have you instead bound yourself with a contract that will not allow you to monetize a major asset – your customer information?

Writing a privacy policy requires a broad understanding of information, analytics and technology. It’s a team effort to get it right. I suggest you not make promises you don’t keep and not make promises you won’t want to keep in the future, because it’s an area that is ripe for legislation and, unfortunately, litigation.

The information in this article is not intended to be legal advice. Always consult your attorney when faced with legal issues.

John W. Dozier, Jr.
John W. Dozier, Jr.
Bio   •   RSS Feed