Creating and running a professional website is a lot of work. Whether it is a site used to sell products or services or one that caters to members or followers only, designing the site and creating content that keeps your visitors returning requires considerable commitment and effort. While the Internet provides an excellent venue for doing business, providing information and facilitating communication, it also creates numerous privacy concerns for those that visit websites.
The Internet provides access to almost any type of product, service or information imaginable, and the bounds of the Web are virtually limitless. However, this broad type of access also enables hackers, immoral data miners and other unscrupulous groups or persons to potentially abuse privacy or otherwise harm Web users. Consequently, many users are wary when visiting sites about the type of information they wish to share.
If yours is like many other websites, you probably collect some type(s) of data when a visitor reaches your site. Whether it be the collection of biographical, contact or location information or use the of tracking software to make a site easier to use, there are few sites these days that don't collect at least minimal amounts of data from visitors. If your website does collect data from visitors, chances are good that you will be required to post policies regarding the collection of data and its dissemination. In most cases, you can satisfy requirements for this information through the posting of Cookie and Privacy policies.
What is a Cookie?
If you run a website, you may already know what a cookie is and how it functions. Just in case you don't know much about cookies, though, here is a brief overview:
A cookie (sometimes also referred to as a browser cookie, HTTP cookie, Internet cookie or Web cookie) is a small file sent from a Web server to your computer whenever you visit a website.) If you return to the website later, your Web browser sends the small file to the server to notify the website of any previous activity you engaged in on the site. Once you return to a website, the server can retrieve the cookie file from local computer to assist in expediting certain functions such as logging in and retrieving account or user data.
Cookies can serve many useful purposes, such as remembering items you had in a shopping cart, logging visited pages on the site and remembering login details so you don't have to enter them every time you visit the website. The most common types of cookies are authentication cookies, which servers use to determine whether a user is logged into a site or not.
What are Cookie and Privacy Policies?
Why Your Website Needs the Policies
Not all jurisdictions require the posting of Privacy or Cookie Policies; however, many do and more and more governments and agencies are requiring their use every year. Even if you don't live in a country or jurisdiction that requires the posting of Cookie or Privacy Policies, though, you may be required to post such documents on your site if it receives visitors from areas that do enforce such requirements.
Certain legal requirements notwithstanding, though, it is still a very good idea to post Cookie and Privacy Policies on any website you may operate or own. The reasons for this are very simple - posting such policies on your site promotes trust and respect for your website. Visitors always feel more secure when they know how sites and companies handle their personal data and information. Simply put, explaining how your site handles privacy concerns and data gives visitors more peace of mind.
Legal Requirements for Cookie and Privacy Policies
As mentioned above, there are still many countries, locales and jurisdictions that have no laws or requirements regarding the posting of Cookie and Privacy Policies on websites. Nevertheless, many prominent governments around the globe do have such laws, and the trend seems to indicate that more and more such laws will only become more prevalent.
While the United States Government does not have a Federal law regarding Cookie or Privacy Policies on websites, the State of California does have such a statute on the books and enforces it vigorously. To a lesser extent, Colorado, Connecticut, Delaware, Minnesota, Nebraska, Nevada, Tennessee and Utah also have laws regarding privacy policies - albeit not nearly as comprehensive as the one passed in California. Likewise, member countries of European Union have strict laws regarding the collection and use of personal information or computer data obtained from website visitors. Finally, many other countries are considering legislation similar that enacted in Europe and the United States to protect the privacy of citizens that use the Internet.
If your website sells to customers or accepts visitors from countries that do have laws regarding the posting of Cookie or Privacy Policies, you will be required to comply or risk losing access to visitors from those areas. In some cases, governments may impose fines or other penalties on you or your website for violations even if you have no physical presence or branch in those jurisdictions. Many recent international court decisions provide a lot of leniency and a wide berth for governments to protect their citizens from offending websites or Internet providers.
Even if governments cannot penalize a site owner directly, they may be able to penalize Internet Service Providers, telecommunications companies or others that assist in the hosting or support of a non-complying website. Since most high traffic websites are hosted in countries with online privacy laws, chances are good that your Internet Service Provider will close your site if you fail to comply with Cookie and Privacy Policies laws with your site.
Concerns Regarding Children
The type of information or data collected from children, whether it be from your server or website directly or from other third parties;
The name, address, email address and telephone number of any and all operators or organizations collecting or maintaining information or data on or from the website;
A description of whether the website allows children to decide if information is made public or accessible by others;
How the website or organization uses any data or information collected from children;
Instructions on how parents can view, edit or delete any information shared on the website by their children.
As you can see, requirements under COPPA are fairly strict and straightforward. In many cases, you can prevent hassles due to COPPA violations by simply refusing access to children under the age of 13, unless you have a good reason to do otherwise. While the above law applies primarily to children in the United States, other countries have passed similar legislation as well. Therefore, if you plan to direct content toward young children, it is wise to find out what the privacy laws are in your area regarding children users and visitors.
How We Can Help
If after reading the above, you think that crafting and implementing, legal, effective Cookie and Privacy Policies is difficult and requires a lot of work- you're right it is and it does. Writing legal and acceptable policies requires a lot of planning, research and attention to detail. Consequently, using online templates or auto-generated policies often create more problems than they solve. Each policy will differ from site to site depending on the location of the organization, the location of Web servers and the types of information, products or services the site provides. To think that there is a one-size-fits-all solution for Cookie and Privacy Policies is not only naive but legally reckless as well. Not paying close attention to the language and detail included in policies can leave you and your organization open to possible fines, penalties or even criminal liability.
Here at AllAboutCookies.Org, we understand the ins and outs of cookie and privacy legislation and can help you create comprehensive, yet easy to understand, policies for your website. Before crafting your individual policies, we will conduct audits of your site and existing policies, and then let you know how we can help you go about making the needed changes - so, that you comply with all applicable laws. After auditing your site and receiving your approval, we will commence to crafting privacy documents that will help you avoid any potential legal problems.