When you're starting an e-commerce business, there's a lot of data to sift through. Crafting a good privacy policy probably isn't at the top of your list of fun things to do or exciting things to spend your limited budget on. It's tempting to search for a privacy policy to cut and paste onto your website instead of paying money to have your terms of services drafted by a lawyer. However, using a generic privacy policy rather than creating terms of services that match your business model can have devastating consequences on your E-commerce business. Countries around the world are clamping down on privacy and protection laws, especially in the online sphere, and violating these laws can cause businesses to amass hefty legal fees. Here are some important things to consider when drafting your website's privacy policy and terms of service.

The Importance of Privacy Online

When the internet was first invented, people weren't talking about internet privacy. Today's conversations about the internet are a lot more complicated by things like the Facebook-Cambridge Analytica Data Scandal or the YouTube child privacy scandal. Companies are paying millions of dollars for violating privacy, and customers are asking, more and more, how the personal information they give to companies online is being used and protected.

As an online retailer, you have access to tons of information about your customers, including their names, phone numbers, addresses, email addresses, and even their credit card information. What you do with this information after you obtain it and how you protect it affects your relationships with your customers. Privacy scandals don't just upset the Federal Trade Commission and result in fees: they also result in the loss of business from customers who are upset with your company for violating their privacy.

Laws at Work

When you look up privacy regulations, you may find information addressing the fact that, in contrast to other countries, the United States doesn't have federal privacy regulations yet. While this is true, it doesn't mean that companies are free to spread information about their customers as they wish without repercussions. United States laws, including HIPAA, COPPA, and the Fair Credit Reporting Act govern how you use certain information. Additionally, depending on which areas your online business serves, you may need to comply with the laws of other states and even other countries in order to sell to customers in those areas. Here's a little bit of information about some of the biggest laws at work when it comes to online privacy.

HIPAA

HIPAA refers to the Health Insurance Portability and Accountability Act of 1996 and is a policy that was put into place to safeguard medical information. The purpose of HIPAA is to help workers retain insurance coverage when they lose or change jobs and to reduce the cost of healthcare, all while protecting private medical information. Additional guidelines were published in 2016 that clarified that cloud service providers are also required to follow HIPAA guidelines.  

COPPA

The Children's Online Privacy Protection Act (COPPA) was passed by congress in 1998 and requires certain information about children under the age of 13 to be protected by online websites and services. The most recent YouTube scandal, which is costing Google hundreds of millions of dollars, is a result of a COPPA violation.

Fair Credit Reporting Act

The Fair Credit Reporting Act is a law that regulates how companies collect credit information and access to customers' credit reports. It ensures that customers' information is private and that it remains accurate because companies can't affect their customers' credit without cause.

Keeping Your Business Compliant

Clearly, there is a lot to know and understand about privacy in online businesses. This guide only touches upon a few of the many online privacy concerns your E-commerce business needs to be aware of. The best way to keep your business compliant and prevent expensive litigations is to speak with an attorney and have a privacy policy drafted that is specific to your business and makes sense for you. Ensure that your lawyer explains the policy to you so that you can conduct business legally and fairly.