Does Your Website Violate The GDPR?

By | Internet Lawyer, Website Lawyer, Website Legal Documents | No Comments

Does Your Website Violate The GDPR

British Airways is getting slammed with a $229 million fine for violating the European Union’s General Data Protection Regulation (GDPR). Although the penalty relates to a data breach, there are other ways to get fined under the GPDR.

Related Article: Privacy Policy 101 – What Every Website Owner Should Know

One of the best ways to limit your liability exposure under the GDPR, especially if your online business is based in the United States, is to have the right website legal documents on your site.

Related Article: Website Legal Protection For Businesses

If you haven’t updated your site’s legal docs (e.g. Website Privacy Policy) since the GDPR went into effect in 2018, it’s time to talk with an experienced website lawyer about what needs to be fixed to protect your business.

Should You Update Your Website Terms Of Use To Cover Terrorism?

By | Internet Lawyer, Website Lawyer, Website Legal Documents | No Comments

Update Website Terms Of Use To Cover TerrorismMajor tech companies have agreed to comply with the Christchurch Call to Action To Eliminate Terrorist and Violent Extremist Content Online (the “Christchurch Call”). This includes modifying their website Terms of Use:

“We commit to updating our terms of use, community standards, codes of conduct, and acceptable use policies to expressly prohibit the distribution of terrorist and violent extremist content. We believe this is important to establish baseline expectations for users and to articulate a clear basis for removal of this content from our platforms and services and suspension or closure of accounts distributing such content.” (PDF link).

Should You Following Their Lead And Change Your Website Terms Of Use?

Probably not. Here’s why…

As a practical matter, there’s no U.S. federal legal requirement to address terrorism as a specific issue in your website legal protection. In fact, the federal government rejects the Christchurch Call on the grounds that online free speech protection is more important.

Now most website Terms of Use already require visitors to obey applicable law. That’s true whether it’s bespoke website legal documents prepared by a Website Lawyer for an online business. Or website legal forms (e.g. Website Legal Forms Generator software).

And terrorism itself is already outlawed. So, to address terrorism as a legal issue is redundant. Or it’s a way to curb speech online a website owner dislikes that otherwise would be legal.

Three Situations Where You Might Adopt The Christchurch Call

Here are three scenarios where you may want to change your site’s Terms of Use because of this issue…

1. Your Website Terms Of Use doesn’t require compliance with applicable law – so you want to address legal compliance in general, not just terrorism.

2. You want to virtue signal on the issue even though there’s no legal requirement to do so.

3. There’s a legitimate business reason for making such a change.

Under the third scenario, it’s possible at some point the tech giants who have signed onto the Christchurch Call will require you to do so as well if you want to enter into or continue a business relationship with them. For example, in order to be an Amazon affiliate or participate in Google advertising, your site’s terms might someday have to address terrorism for economic reasons.

Child Privacy Online: Should Children Use Your Website?

By | Internet Lawyer, Website Lawyer, Website Legal Documents | No Comments

child privacy onlineWith new privacy laws and regulations, it’s time to review your website’s legal documents to make sure you’re protecting yourself from lawsuits and government investigations. Child privacy online is one of those issues you need to address.

By now, you may have heard about the European Union’s General Data Protection Regulation (GDPR)…and maybe know a little about the California Consumer Privacy Act of 2018. But they focus on consumers in general, not minors.

Children’s Online Privacy Protection Act

For now, in the United States, the primary law you should know about it is the Children’s Online Privacy Protection Act (COPPA) and related children’s privacy rule enforced by the U.S. Federal Trade Commission (FTC).

COPPA is designed to specifically protect minors under the age of 13 years. If your website is directly or indirectly targeting children this young, you should jump through all of the COPPA hoops to shield your business.

Website Privacy For Minors Over 12 Years Old

And if your website targets minors 13 to 17 years of age, you’ll still want to put in place privacy protections for these children that aren’t necessary for adult visitors.

For example, you may want to make it clear these teenagers can only use your site under the supervision of a parent or legal guardian. Or simply ban all minors under 18 from using your site.

What If Your Site Isn’t Intended For Children?

If your website doesn’t target minors, perhaps the easiest way to protect child privacy online is to make it clear in your site’s privacy policy and elsewhere that those under the age of 18 years shouldn’t use your site at all. And put safeguards into place to ensure you’re not collecting data from minors.

A good website lawyer can prepare a custom online privacy policy and other website legal documents designed to minimize your risks related to minors using your site. Of course, you’ve also got to follow your policy. It doesn’t help to say one thing about child privacy online in your website’s privacy statement and then do something else when it comes to collecting, protecting, and sharing minors’ data.

Do you need help with your site’s legal documents? You’ll want to set up a phone consultation with Attorney Young today.

Website Data Privacy Statement: What Is It And Do You Need One?

By | Internet Lawyer, Website Lawyer, Website Legal Documents | No Comments

Website Data Privacy Statement Policy

What Is A Website Data Privacy Statement?

A website data privacy statement is just another way of describing your website privacy policy. Although it’s more common to find this term used on European sites, you’ll occasionally find it on U.S. and Canadian business websites, particularly for North American subsidiaries of European ventures.

Related Article: Privacy Policy 101 – What Every Website Owner Should Know

Do You Need A Data Privacy Statement On Your Site?

Yes.

Whether you refer to this legal document as a privacy policy or a privacy statement, you should have it on your website to comply with applicable law. And to encourage your website visitors to trust you will do the right thing when it comes to their data you collect, store and use.

What To Include In Your Site’s Privacy Policy

Of course, what you’ll include in your site’s privacy statement will vary depending upon the type of business you have and the information you collect and use. For example, a medical doctor’s website that operates a patient portal will have Health Insurance Portability and Accountability Act of 1996 (HIPAA) and Health Information Technology for Economic and Clinical Health Act (HITECH Act) issues to address.

And if you collect data from European or California visitors (e.g. email addresses), you’ll want to consider whether the EU General Data Protection Regulation (GDPR) or the California Consumer Privacy Protection Act of 2018 should be addressed in your company’s website privacy statement.

Do You Need Help With Your Website’s Privacy Legal Protection?

Naturally, an experienced website lawyer can prepare a bespoke privacy statement for your site that’s designed to build visitor trust while reducing your legal liability exposure. If you need a new website privacy policy or want an existing policy revised, let’s talk. And be sure to check out our flat fee Website Legal Protection Package for businesses.

Does California Hate Your Website?

By | Internet Lawyer, Website Lawyer, Website Legal Documents | No Comments
California Consumer Privacy Act of 2018
Beware of the California Consumer Privacy Act of 2018

The tarnished “Golden State” has enacted the horrible California Consumer Privacy Act of 2018.

This law targets website owners by claiming to protect privacy rights.

So, what if your business website isn’t located in California?

You could still be liable under the Act.

Because it protects information you collect from California residents. This includes residents’ names, email addresses, and other personal information.

Now this means you could be fined up to $7,500 per violation — even if you run your online business in another state or country!

We’ve seen this type of idiocy at the national and multinational level. For example, international enforcement of U.S. spam laws and the European Union’s General Data Protection Regulation (GDPR).

But California’s attempt to regulate the online world takes it to a whole new level of nanny state scheming.

Is Your Website Covered By The California Consumer Privacy Act of 2018?

It looks like the law (for now) only targets large online businesses.

Yet it would take only a simple change to a definition in the law to put the screws to smaller businesses.


Are you operating a large ecommerce venture? Consult with a California privacy law expert about complying with this albatross.

What if you run a small or medium-sized business (SME)? You may want to make it clear the California Consumer Privacy Act of 2018 doesn’t apply to your site…and the reasons why it doesn’t.

Related Article: Privacy Policy 101 – What Every Website Owner Should Know


That’s the approach I’m taking in website legal documents for both…

With a little luck, the state legislature will gut or repeal the California Consumer Privacy Act. Or a court will strike it down as unconstitutional interference with interstate commerce.

But it’s possible the state law will stay on the books unless it’s preempted by Congress sometime in the future.